rpms/osbuild-composer
8
0
Fork 2
Code Issues Pull Requests Releases Activity
a30cf2074f
osbuild-composer/SOURCES/1005-Increase-support-for-OCI-images.patch
eabdullin a30cf2074f Import from OL
2025-04-25 13:47:34 +03:00

672 lines
23 KiB
Diff
Raw Blame History

From 9d37003d5386667d8797beaaf38e4976d6c72feb Mon Sep 17 00:00:00 2001
From: Josue David Hernandez Gutierrez <josue.d.hernandez@oracle.com>
Date: Thu, 31 Oct 2024 01:02:28 +0000
Subject: [PATCH 5/8] Increase support for OCI images
Add support for OCI images:
- Support for OCI hybrid images
- Add selinux auto-relabeling during first boot
- Support dnf variables inside OCI built images
Signed-off-by: Josue David Hernandez Gutierrez <josue.d.hernandez@oracle.com>
Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
---
.../osbuild/images/pkg/distro/image_config.go | 2 +
.../images/pkg/distro/rhel/distribution.go | 10 +-
.../osbuild/images/pkg/distro/rhel/images.go | 5 +
.../images/pkg/distro/rhel/rhel8/distro.go | 3 +-
.../images/pkg/distro/rhel/rhel8/qcow2.go | 200 +++++++++++++++++-
.../images/pkg/distro/rhel/rhel9/distro.go | 3 +-
.../images/pkg/distro/rhel/rhel9/qcow2.go | 196 ++++++++++++++++-
.../osbuild/images/pkg/manifest/os.go | 14 ++
8 files changed, 418 insertions(+), 15 deletions(-)
diff --git a/vendor/github.com/osbuild/images/pkg/distro/image_config.go b/vendor/github.com/osbuild/images/pkg/distro/image_config.go
index 8cee15e..a7b06fd 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/image_config.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/image_config.go
@@ -45,6 +45,7 @@ type ImageConfig struct {
Modprobe []*osbuild.ModprobeStageOptions
DracutConf []*osbuild.DracutConfStageOptions
SystemdUnit []*osbuild.SystemdUnitStageOptions
+ SystemdUnitCreate []*osbuild.SystemdUnitCreateStageOptions
Authselect *osbuild.AuthselectStageOptions
SELinuxConfig *osbuild.SELinuxConfigStageOptions
Tuned *osbuild.TunedStageOptions
@@ -67,6 +68,7 @@ type ImageConfig struct {
Files []*fsnode.File
Directories []*fsnode.Directory
+ Hostonly *bool
// KernelOptionsBootloader controls whether kernel command line options
// should be specified in the bootloader grubenv configuration. Otherwise
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/distribution.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/distribution.go
index 4e55c18..90e88b9 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/distribution.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/distribution.go
@@ -140,14 +140,14 @@ func NewDistribution(name string, major, minor int) (*Distribution, error) {
}
case "ol":
rd = &Distribution{
- name: fmt.Sprintf("ol-%d.%d", major, minor),
- product: "Oracle Linux",
- osVersion: fmt.Sprintf("%d.%d", major, minor),
+ name: fmt.Sprintf("ol-%d.%d", major, minor),
+ product: "Oracle Linux",
+ osVersion: fmt.Sprintf("%d.%d", major, minor),
releaseVersion: fmt.Sprintf("%d", major),
modulePlatformID: fmt.Sprintf("platform:el%d", major),
- vendor: "redhat",
+ vendor: "redhat",
ostreeRefTmpl: fmt.Sprintf("ol/%d/%%s/edge", major),
- runner: &runner.RHEL{Major: uint64(major), Minor: uint64(minor)},
+ runner: &runner.RHEL{Major: uint64(major), Minor: uint64(minor)},
}
default:
return nil, fmt.Errorf("unknown distro name: %s", name)
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go
index 884ff24..945fa05 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/images.go
@@ -68,6 +68,10 @@ func osCustomizations(
osc.ExcludeDocs = *imageConfig.ExcludeDocs
}
+ if imageConfig.Hostonly != nil {
+ osc.Hostonly = *imageConfig.Hostonly
+ }
+
if !t.BootISO {
// don't put users and groups in the payload of an installer
// add them via kickstart instead
@@ -246,6 +250,7 @@ func osCustomizations(
osc.Modprobe = imageConfig.Modprobe
osc.DracutConf = imageConfig.DracutConf
osc.SystemdUnit = imageConfig.SystemdUnit
+ osc.SystemdUnitCreate = imageConfig.SystemdUnitCreate
osc.Authselect = imageConfig.Authselect
osc.SELinuxConfig = imageConfig.SELinuxConfig
osc.Tuned = imageConfig.Tuned
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/distro.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/distro.go
index 0d72b54..223eff2 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/distro.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/distro.go
@@ -98,7 +98,7 @@ func newDistro(name string, minor int) *rhel.Distribution {
},
},
mkQcow2ImgType(rd),
- mkOCIImgType(rd),
+ mkOCIImgType(rd, true),
)
ec2X86Platform := &platform.X86{
@@ -152,6 +152,7 @@ func newDistro(name string, minor int) *rhel.Distribution {
},
},
mkQcow2ImgType(rd),
+ mkOCIImgType(rd, false),
)
aarch64.AddImageTypes(
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go
index 12a4a07..df712e6 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel8/qcow2.go
@@ -1,9 +1,12 @@
package rhel8
import (
+ "os"
"github.com/osbuild/images/internal/common"
+ "github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/subscription"
"github.com/osbuild/images/pkg/distro"
+ "github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/distro/rhel"
"github.com/osbuild/images/pkg/rpmmd"
)
@@ -31,13 +34,13 @@ func mkQcow2ImgType(rd *rhel.Distribution) *rhel.ImageType {
return it
}
-func mkOCIImgType(rd *rhel.Distribution) *rhel.ImageType {
+func mkOCIImgType(rd *rhel.Distribution, isX86_64 bool) *rhel.ImageType {
it := rhel.NewImageType(
"oci",
"disk.qcow2",
"application/x-qemu-disk",
map[string]rhel.PackageSetFunc{
- rhel.OSPkgsKey: qcow2CommonPackageSet,
+ rhel.OSPkgsKey: OCIqcow2CommonPackageSet,
},
rhel.DiskImage,
[]string{"build"},
@@ -45,8 +48,23 @@ func mkOCIImgType(rd *rhel.Distribution) *rhel.ImageType {
[]string{"qcow2"},
)
- it.DefaultImageConfig = qcowImageConfig(rd)
- it.KernelOptions = "console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 crashkernel=auto"
+ it.DefaultImageConfig = &distro.ImageConfig{
+ DefaultTarget: common.ToPtr("multi-user.target"),
+ Hostonly: common.ToPtr(true),
+ SELinuxForceRelabel: common.ToPtr(true),
+ Files: []*fsnode.File{earlySetupFile(isX86_64)},
+ EnabledServices: []string{"oci-repo-installer.service"},
+ SystemdUnitCreate: []*osbuild.SystemdUnitCreateStageOptions {
+ ociRepoServiceInstaller(),
+ },
+ }
+
+ if isX86_64 {
+ it.KernelOptions = "console=tty0 console=ttyS0,115200n8 no_timer_check rd.net.timeout.dhcp=10 rd.net.timeout.carrier=5 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 net.ifnames=1 nvme_core.shutdown_timeout=10 ipmi_si.tryacpi=0 ipmi_si.trydmi=0 libiscsi.debug_libiscsi_eh=1 loglevel=4 crash_kexec_post_notifiers"
+ } else {
+ it.KernelOptions = "ro crashkernel=auto LANG=en_US.UTF-8 console=ttyAMA0 console=ttyAMA0,115200 rd.net.timeout.carrier=5 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 net.ifnames=1 nvme_core.shutdown_timeout=10 ipmi_si.tryacpi=0 ipmi_si.trydmi=0 libiscsi.debug_libiscsi_eh=1 loglevel=4 ip=dhcp,dhcp6 rd.net.timeout.dhcp=10 crash_kexec_post_notifiers"
+ }
+
it.Bootable = true
it.DefaultSize = 10 * common.GibiByte
it.BasePartitionTables = defaultBasePartitionTables
@@ -54,6 +72,104 @@ func mkOCIImgType(rd *rhel.Distribution) *rhel.ImageType {
return it
}
+func earlySetupFile(isX86_64 bool) *fsnode.File {
+ arch := "aarch64"
+ if isX86_64 {
+ arch = "x86_64"
+ }
+ file, err := fsnode.NewFile("/sbin/early-oci-setup", common.ToPtr(os.FileMode(0700)), "root", "root", []byte(`#!/usr/bin/env bash
+arch=` + arch + `
+
+imds_domain=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.realmDomainComponent')
+imds_region=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.regionIdentifier')
+imds_realm=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.realmKey')
+
+function retry_command() {
+
+ retry_attempts=5
+ retry_interval_sec=2
+ while [[ "$retry_attempts" -gt 0 ]]; do
+ command_success=true
+ "$@" || { command_success=false; }
+ if [[ "$command_success" == false ]]; then
+ (( retry_attempts-- ))
+ logger -t earlyocisetup "Error occurred running command $@. Will retry in $retry_interval_sec seconds"
+ sleep $retry_interval_sec
+ else
+ break
+ fi
+ done
+
+ if [[ "$command_success" == false ]]; then
+ logger -t earlyocisetup "ERROR: failed to execute command '$@' (Retried $retry_attempts times)"
+ exit 1
+ fi
+}
+
+if [[ -n "$imds_realm" ]]; then
+ domain="oci.$imds_domain"
+ region="$imds_region"
+ ociregion=".$region"
+ reponame="oci_install"
+ repourl="https://yum$ociregion.$domain/repo/OracleLinux/OL8/oci/included/$arch/"
+else
+ logger -t earlyocisetup 'Running out of OCI region'
+ exit 1
+fi
+
+echo $region > /etc/dnf/vars/region
+echo $domain > /etc/dnf/vars/ocidomain
+echo $ociregion > /etc/dnf/vars/ociregion
+
+cat <<EOF > /etc/yum.repos.d/oci-install.repo
+[$reponame]
+name=Install OCI repo ($arch)
+baseurl=$repourl
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
+gpgcheck=1
+enabled=1
+EOF
+
+retry_command yum install -y oci-included-release-el8
+retry_command yum install -y oci-linux-config
+retyr_command yum install -y python36-oci-sdk
+
+if $(yum repolist |grep -q "$reponame"); then
+ rm -f /etc/yum.repos.d/oci-install.repo
+fi
+
+mkdir -p /var/lib/oci-repo-installer
+touch /var/lib/oci-repo-installer/oci-repo-installed
+
+rm -f /usr/lib/systemd/system/oci-repo-installer.service /sbin/early-oci-setup
+`))
+ if err != nil {
+ panic(err)
+ }
+ return file
+}
+
+func ociRepoServiceInstaller() *osbuild.SystemdUnitCreateStageOptions {
+ return &osbuild.SystemdUnitCreateStageOptions{
+ Filename: "oci-repo-installer.service",
+ Config: osbuild.SystemdServiceUnit{
+ Unit: &osbuild.Unit{
+ Description: "First-boot service for installing oci repository once OCI image has booted",
+ ConditionPathExists: []string{"!/var/lib/oci-repo-installer/oci-repo-installed"},
+ Requires: []string{"network-online.target"},
+ },
+ Service: &osbuild.Service{
+ Type: osbuild.Oneshot,
+ RemainAfterExit: false,
+ ExecStart: []string{"/usr/bin/bash /sbin/early-oci-setup"},
+ },
+ Install: &osbuild.Install{
+ WantedBy: []string{"network-online.target"},
+ },
+ },
+ }
+}
+
func mkOpenstackImgType() *rhel.ImageType {
it := rhel.NewImageType(
"openstack",
@@ -76,6 +192,82 @@ func mkOpenstackImgType() *rhel.ImageType {
return it
}
+func OCIqcow2CommonPackageSet(t *rhel.ImageType) rpmmd.PackageSet {
+ ps := rpmmd.PackageSet{
+ Include: []string{
+ "@core",
+ "authselect-compat",
+ "iscsi-initiator-utils",
+ "chrony",
+ "cloud-init",
+ "cloud-utils-growpart",
+ "cockpit-system",
+ "cockpit-ws",
+ "dhcp-client",
+ "dnf",
+ "dnf-utils",
+ "dosfstools",
+ "dracut-norescue",
+ "net-tools",
+ "NetworkManager",
+ "nfs-utils",
+ "oddjob",
+ "oddjob-mkhomedir",
+ "psmisc",
+ "python3-jsonschema",
+ "qemu-guest-agent",
+ "redhat-release",
+ "rsync",
+ "tar",
+ "tcpdump",
+ "yum",
+ "jq",
+ },
+ Exclude: []string{
+ "aic94xx-firmware",
+ "alsa-firmware",
+ "alsa-lib",
+ "alsa-tools-firmware",
+ "biosdevname",
+ "dracut-config-rescue",
+ "fedora-release",
+ "fedora-repos",
+ "firewalld",
+ "fwupd",
+ "iprutils",
+ "ivtv-firmware",
+ "iwl1000-firmware",
+ "iwl100-firmware",
+ "iwl105-firmware",
+ "iwl135-firmware",
+ "iwl2000-firmware",
+ "iwl2030-firmware",
+ "iwl3160-firmware",
+ "iwl3945-firmware",
+ "iwl4965-firmware",
+ "iwl5000-firmware",
+ "iwl5150-firmware",
+ "iwl6000-firmware",
+ "iwl6000g2a-firmware",
+ "iwl6000g2b-firmware",
+ "iwl6050-firmware",
+ "iwl7260-firmware",
+ "langpacks-*",
+ "langpacks-en",
+ "langpacks-en",
+ "libertas-sd8686-firmware",
+ "libertas-sd8787-firmware",
+ "libertas-usb8388-firmware",
+ "nss",
+ "plymouth",
+ "rng-tools",
+ "udisks2",
+ },
+ }.Append(distroSpecificPackageSet(t))
+
+ return ps
+}
+
func qcow2CommonPackageSet(t *rhel.ImageType) rpmmd.PackageSet {
ps := rpmmd.PackageSet{
Include: []string{
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/distro.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/distro.go
index 4445204..9fb03d1 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/distro.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/distro.go
@@ -100,7 +100,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution {
},
},
mkQcow2ImgType(rd),
- mkOCIImgType(rd),
+ mkOCIImgType(rd, true),
)
x86_64.AddImageTypes(
@@ -122,6 +122,7 @@ func newDistro(name string, major, minor int) *rhel.Distribution {
},
},
mkQcow2ImgType(rd),
+ mkOCIImgType(rd, false),
)
ppc64le.AddImageTypes(
diff --git a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go
index dcf1193..84b434a 100644
--- a/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go
+++ b/vendor/github.com/osbuild/images/pkg/distro/rhel/rhel9/qcow2.go
@@ -1,9 +1,12 @@
package rhel9
import (
+ "os"
"github.com/osbuild/images/internal/common"
+ "github.com/osbuild/images/pkg/customizations/fsnode"
"github.com/osbuild/images/pkg/customizations/subscription"
"github.com/osbuild/images/pkg/distro"
+ "github.com/osbuild/images/pkg/osbuild"
"github.com/osbuild/images/pkg/distro/rhel"
"github.com/osbuild/images/pkg/rpmmd"
)
@@ -31,13 +34,13 @@ func mkQcow2ImgType(d *rhel.Distribution) *rhel.ImageType {
return it
}
-func mkOCIImgType(d *rhel.Distribution) *rhel.ImageType {
+func mkOCIImgType(d *rhel.Distribution, isX86_64 bool) *rhel.ImageType {
it := rhel.NewImageType(
"oci",
"disk.qcow2",
"application/x-qemu-disk",
map[string]rhel.PackageSetFunc{
- rhel.OSPkgsKey: qcow2CommonPackageSet,
+ rhel.OSPkgsKey: OCIqcow2CommonPackageSet,
},
rhel.DiskImage,
[]string{"build"},
@@ -45,8 +48,23 @@ func mkOCIImgType(d *rhel.Distribution) *rhel.ImageType {
[]string{"qcow2"},
)
- it.DefaultImageConfig = qcowImageConfig(d)
- it.KernelOptions = "console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0"
+ it.DefaultImageConfig = &distro.ImageConfig{
+ DefaultTarget: common.ToPtr("multi-user.target"),
+ Hostonly: common.ToPtr(true),
+ SELinuxForceRelabel: common.ToPtr(true),
+ Files: []*fsnode.File{earlySetupFile(isX86_64)},
+ EnabledServices: []string{"oci-repo-installer.service"},
+ SystemdUnitCreate: []*osbuild.SystemdUnitCreateStageOptions {
+ ociRepoServiceInstaller(),
+ },
+ }
+
+ if isX86_64 {
+ it.KernelOptions = "console=tty0 console=ttyS0,115200n8 no_timer_check rd.net.timeout.dhcp=10 rd.net.timeout.carrier=5 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 net.ifnames=1 nvme_core.shutdown_timeout=10 ipmi_si.tryacpi=0 ipmi_si.trydmi=0 libiscsi.debug_libiscsi_eh=1 loglevel=4 crash_kexec_post_notifiers"
+ } else {
+ it.KernelOptions = "ro LANG=en_US.UTF-8 console=ttyAMA0 console=ttyAMA0,115200 rd.net.timeout.dhcp=10 rd.net.timeout.carrier=5 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi rd.iscsi.param=node.session.timeo.replacement_timeout=6000 net.ifnames=1 nvme_core.shutdown_timeout=10 ipmi_si.tryacpi=0 ipmi_si.trydmi=0 libiscsi.debug_libiscsi_eh=1 loglevel=4 crash_kexec_post_notifiers crashkernel=2G-8G:256M,8G-512G:1G,512G-:3G"
+ }
+
it.DefaultSize = 10 * common.GibiByte
it.Bootable = true
it.BasePartitionTables = defaultBasePartitionTables
@@ -54,6 +72,105 @@ func mkOCIImgType(d *rhel.Distribution) *rhel.ImageType {
return it
}
+func earlySetupFile(isX86_64 bool) *fsnode.File {
+ arch := "aarch64"
+ if isX86_64 {
+ arch = "x86_64"
+ }
+ file, err := fsnode.NewFile("/sbin/early-oci-setup", common.ToPtr(os.FileMode(0700)), "root", "root", []byte(`#!/usr/bin/env bash
+arch=` + arch + `
+
+imds_domain=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.realmDomainComponent')
+imds_region=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.regionIdentifier')
+imds_realm=$(curl -H "Authorization:Bearer Oracle" -sfm 25 http://169.254.169.254/opc/v2/instance/ 2>/dev/null | jq -r '.regionInfo.realmKey')
+
+function retry_command() {
+
+ retry_attempts=5
+ retry_interval_sec=2
+ while [[ "$retry_attempts" -gt 0 ]]; do
+ command_success=true
+ "$@" || { command_success=false; }
+ if [[ "$command_success" == false ]]; then
+ (( retry_attempts-- ))
+ logger -t earlyocisetup "Error occurred running command $@. Will retry in $retry_interval_sec seconds"
+ sleep $retry_interval_sec
+ else
+ break
+ fi
+ done
+
+ if [[ "$command_success" == false ]]; then
+ logger -t earlyocisetup "ERROR: failed to execute command '$@' (Retried $retry_attempts times)"
+ exit 1
+ fi
+}
+
+if [[ -n "$imds_realm" ]]; then
+ domain="oci.$imds_domain"
+ region="$imds_region"
+ ociregion=".$region"
+ reponame="oci_install"
+ repourl="https://yum$ociregion.$domain/repo/OracleLinux/OL9/oci/included/$arch/"
+else
+ logger -t earlyocisetup 'Running out of OCI region'
+ exit 1
+fi
+
+echo $region > /etc/dnf/vars/region
+echo $domain > /etc/dnf/vars/ocidomain
+echo $ociregion > /etc/dnf/vars/ociregion
+
+cat <<EOF > /etc/yum.repos.d/oci-install.repo
+[$reponame]
+name=Install OCI repo ($arch)
+baseurl=$repourl
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-oracle
+gpgcheck=1
+enabled=1
+EOF
+
+retry_command yum install -y oci-included-release-el9
+retry_command yum install -y oci-linux-config
+retry_command yum install -y python39-oci-sdk
+
+if $(yum repolist |grep -q "$reponame"); then
+ rm -f /etc/yum.repos.d/oci-install.repo
+fi
+
+mkdir -p /var/lib/oci-repo-installer
+touch /var/lib/oci-repo-installer/oci-repo-installed
+
+rm -f /usr/lib/systemd/system/oci-repo-installer.service /sbin/early-oci-setup
+
+`))
+ if err != nil {
+ panic(err)
+ }
+ return file
+}
+
+func ociRepoServiceInstaller() *osbuild.SystemdUnitCreateStageOptions {
+ return &osbuild.SystemdUnitCreateStageOptions{
+ Filename: "oci-repo-installer.service",
+ Config: osbuild.SystemdServiceUnit{
+ Unit: &osbuild.Unit{
+ Description: "First-boot service for installing oci repository once OCI image has booted",
+ ConditionPathExists: []string{"!/var/lib/oci-repo-installer/oci-repo-installed"},
+ Requires: []string{"network-online.target"},
+ },
+ Service: &osbuild.Service{
+ Type: osbuild.Oneshot,
+ RemainAfterExit: false,
+ ExecStart: []string{"/usr/bin/bash /sbin/early-oci-setup"},
+ },
+ Install: &osbuild.Install{
+ WantedBy: []string{"network-online.target"},
+ },
+ },
+ }
+}
+
func mkOpenstackImgType() *rhel.ImageType {
it := rhel.NewImageType(
"openstack",
@@ -79,6 +196,77 @@ func mkOpenstackImgType() *rhel.ImageType {
return it
}
+func OCIqcow2CommonPackageSet(t *rhel.ImageType) rpmmd.PackageSet {
+ ps := rpmmd.PackageSet{
+ Include: []string{
+ "@core",
+ "authselect-compat",
+ "iscsi-initiator-utils",
+ "chrony",
+ "cloud-init",
+ "cloud-utils-growpart",
+ "cockpit-system",
+ "cockpit-ws",
+ "dnf-utils",
+ "dosfstools",
+ "nfs-utils",
+ "oddjob",
+ "oddjob-mkhomedir",
+ "psmisc",
+ "python3-jsonschema",
+ "qemu-guest-agent",
+ "redhat-release",
+ "rsync",
+ "tar",
+ "tuned",
+ "tcpdump",
+ },
+ Exclude: []string{
+ "aic94xx-firmware",
+ "alsa-firmware",
+ "alsa-lib",
+ "alsa-tools-firmware",
+ "biosdevname",
+ "dnf-plugin-spacewalk",
+ "dracut-config-rescue",
+ "fedora-release",
+ "fedora-repos",
+ "firewalld",
+ "iprutils",
+ "ivtv-firmware",
+ "iwl1000-firmware",
+ "iwl100-firmware",
+ "iwl105-firmware",
+ "iwl135-firmware",
+ "iwl2000-firmware",
+ "iwl2030-firmware",
+ "iwl3160-firmware",
+ "iwl3945-firmware",
+ "iwl4965-firmware",
+ "iwl5000-firmware",
+ "iwl5150-firmware",
+ "iwl6000-firmware",
+ "iwl6000g2a-firmware",
+ "iwl6000g2b-firmware",
+ "iwl6050-firmware",
+ "iwl7260-firmware",
+ "langpacks-*",
+ "langpacks-en",
+ "libertas-sd8787-firmware",
+ "nss",
+ "plymouth",
+ "rhn-check",
+ "rhn-setup",
+ "rhnsd",
+ "dnf-plugin-spacewalk",
+ "rng-tools",
+ "udisks2",
+ },
+ }.Append(distroSpecificPackageSet(t))
+
+ return ps
+}
+
func qcow2CommonPackageSet(t *rhel.ImageType) rpmmd.PackageSet {
ps := rpmmd.PackageSet{
Include: []string{
diff --git a/vendor/github.com/osbuild/images/pkg/manifest/os.go b/vendor/github.com/osbuild/images/pkg/manifest/os.go
index 7d6181b..0c3bff6 100644
--- a/vendor/github.com/osbuild/images/pkg/manifest/os.go
+++ b/vendor/github.com/osbuild/images/pkg/manifest/os.go
@@ -105,6 +105,7 @@ type OSCustomizations struct {
Modprobe []*osbuild.ModprobeStageOptions
DracutConf []*osbuild.DracutConfStageOptions
SystemdUnit []*osbuild.SystemdUnitStageOptions
+ SystemdUnitCreate []*osbuild.SystemdUnitCreateStageOptions
Authselect *osbuild.AuthselectStageOptions
SELinuxConfig *osbuild.SELinuxConfigStageOptions
Tuned *osbuild.TunedStageOptions
@@ -140,6 +141,7 @@ type OSCustomizations struct {
Files []*fsnode.File
FIPS bool
+ Hostonly bool
// NoBLS configures the image bootloader with traditional menu entries
// instead of BLS. Required for legacy systems like RHEL 7.
@@ -524,6 +526,10 @@ func (p *OS) serialize() osbuild.Pipeline {
pipeline.AddStage(osbuild.NewSystemdUnitStage(systemdUnitConfig))
}
+ for _, systemdUnitCreateConfig := range p.SystemdUnitCreate {
+ pipeline.AddStage(osbuild.NewSystemdUnitCreateStage(systemdUnitCreateConfig))
+ }
+
if p.Authselect != nil {
pipeline.AddStage(osbuild.NewAuthselectStage(p.Authselect))
}
@@ -662,6 +668,14 @@ func (p *OS) serialize() osbuild.Pipeline {
pipeline.AddStage(osbuild.NewUdevRulesStage(p.UdevRules))
}
+ if p.Hostonly {
+ pipeline.AddStage(osbuild.NewDracutStage(&osbuild.DracutStageOptions{
+ Kernel: []string{p.kernelVer},
+ EarlyMicrocode: true,
+ Reproducible: true,
+ }))
+ }
+
if pt := p.PartitionTable; pt != nil {
kernelOptions := osbuild.GenImageKernelOptions(p.PartitionTable)
kernelOptions = append(kernelOptions, p.KernelOptionsAppend...)
--
2.43.5
Reference in New Issue View Git Blame Copy Permalink