diff --git a/Makefile b/Makefile index d51dd752..c9593d1a 100644 --- a/Makefile +++ b/Makefile @@ -32,6 +32,7 @@ git-diff-check: @git diff --cached --exit-code ## Package building +SRCDIR ?= $(abspath .) COMMIT = $(shell (cd "$(SRCDIR)" && git rev-parse HEAD)) RPM_SPECFILE=rpmbuild/SPECS/otk-$(COMMIT).spec RPM_TARBALL=rpmbuild/SOURCES/otk-$(COMMIT).tar.gz @@ -55,3 +56,15 @@ rpm: git-diff-check $(RPM_SPECFILE) $(RPM_TARBALL) rpmbuild -bb \ --define "_topdir $(CURDIR)/rpmbuild" \ $(RPM_SPECFILE) + +# XXX: strawman target name +.PHONY: externals +IMAGES_REF ?= github.com/osbuild/images +externals: + mkdir -p "$(SRCDIR)/externals" + for otk_cmd in gen-partition-table \ + make-fstab-stage \ + make-partition-mounts-devices \ + make-partition-stages; do \ + GOBIN="$(SRCDIR)/externals" go install "$(IMAGES_REF)"/cmd/otk-$${otk_cmd}@latest ; \ + done diff --git a/example/centos/centos-9-x86_64-ami.yaml b/example/centos/centos-9-x86_64-ami.yaml index c68f1a1f..5e8a22f7 100644 --- a/example/centos/centos-9-x86_64-ami.yaml +++ b/example/centos/centos-9-x86_64-ami.yaml @@ -1,37 +1,139 @@ otk.version: "1" -otk.define.default: - default: - language: "en_US.UTF-8" - -otk.define.centos-9-x86_64-ami: - architecture: "x86_64" - version: "9" - kernel_opts_list: - - "rd.blacklist=nouveau" - - "nvme_core.io_timeout=4294967295" - sshd_password_authentication: true - modfication: - language: "en_US.UTF-8" - timezone: "UTC" - enabled_services: - - sshd - - NetworkManager - - nm-cloud-setup.service - - nm-cloud-setup.timer - - cloud-init - - cloud-init-local - - cloud-config - - cloud-final - - reboot.target - - tuned - # todo: should this go into centos-9-common.yaml ? and we customize via normal "otk.defines" ? +otk.define: + # XXX: de-dup + distro: centos + version: 9 + kernel_commandline: "console=tty0 console=ttyS0,115200n8 net.ifnames=0 nvme_core.io_timeout=4294967295" filesystem: - # this will expand to "root: ...\nboot: \n"etc (i.e. a real file-systems) and "kernel_opts_list: - # [list_item1, list_item2, ..]" - # (i.e. define the partition table as a map of root/boot/boot_efi vars) - # *and* it needs to undstand modifications (e.g. adding extra parititions somehow, size contraints) - otk.external.osbuild.create_partition_table_defines: - total_size: 10G + modifications: + filename: "image.raw" +otk.include: "common/gen-partition-table-x86_64.yaml" -otk.include.centos-9-x86_64: "common/centos-9.yaml" +otk.target.osbuild: + pipelines: + - otk.include: "pipeline/build.yaml" + - name: os + build: name:build + stages: + - otk.include: "fragment/kernel-cmdline.yaml" + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: en_US.UTF-8 + - type: org.osbuild.keymap + options: + keymap: us + x11-keymap: + layouts: + - us + - type: org.osbuild.timezone + options: + zone: UTC + - type: org.osbuild.chrony + options: + servers: + - hostname: 169.254.169.123 + minpoll: 4 + maxpoll: 4 + iburst: true + prefer: true + leapsectz: "" + - type: org.osbuild.sysconfig + options: + kernel: + update_default: true + default_kernel: kernel + network: + networking: true + no_zero_conf: true + network-scripts: + ifcfg: + eth0: + bootproto: dhcp + device: eth0 + ipv6init: false + onboot: true + peerdns: true + type: Ethernet + userctl: true + - type: org.osbuild.systemd-logind + options: + filename: 00-getty-fixes.conf + config: + Login: + NAutoVTs: 0 + - type: org.osbuild.cloud-init + options: + filename: 00-rhel-default-user.cfg + config: + system_info: + default_user: + name: ec2-user + - type: org.osbuild.modprobe + options: + filename: blacklist-nouveau.conf + commands: + - command: blacklist + modulename: nouveau + - type: org.osbuild.modprobe + options: + filename: blacklist-amdgpu.conf + commands: + - command: blacklist + modulename: amdgpu + - type: org.osbuild.dracut.conf + options: + filename: sgdisk.conf + config: + install_items: + - sgdisk + - type: org.osbuild.dracut.conf + options: + filename: ec2.conf + config: + add_drivers: + - nvme + - xen-blkfront + - type: org.osbuild.systemd.unit + options: + unit: nm-cloud-setup.service + dropin: 10-rh-enable-for-ec2.conf + config: + Service: + Environment: + - key: NM_CLOUD_SETUP_EC2 + value: "yes" + - type: org.osbuild.authselect + options: + profile: sssd + - type: org.osbuild.sshd.config + options: + config: + PasswordAuthentication: false + - otk.external.otk-make-fstab-stage: + ${filesystem} + - otk.include: "fragment/grub2.yaml" + - type: org.osbuild.systemd + options: + enabled_services: + - sshd + - NetworkManager + - nm-cloud-setup.service + - nm-cloud-setup.timer + - cloud-init + - cloud-init-local + - cloud-config + - cloud-final + - reboot.target + - tuned + default_target: multi-user.target + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + - otk.include: "pipeline/image.yaml" + sources: + org.osbuild.curl: diff --git a/example/centos/centos-9-x86_64-qcow2.yaml b/example/centos/centos-9-x86_64-qcow2.yaml index 4cd5d428..e4f0a332 100644 --- a/example/centos/centos-9-x86_64-qcow2.yaml +++ b/example/centos/centos-9-x86_64-qcow2.yaml @@ -1,20 +1,66 @@ otk.version: "1" -otk.define.centos-9-x86_64-qcow2: - architecture: "x86_64" - version: "9" - kernel_opts_list: [] - sshd_password_authentication: true - modfication: - language: "C.UTF-8" - timezone: "America/New_York" - enabled_services: [] +otk.define: + # XXX: dedup + distro: centos + version: 9 + kernel_commandline: "console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0" filesystem: - # this will expand to "root: ...\nboot: \n"etc (i.e. a real file-systems) and "kernel_opts_list: - # [list_item1, list_item2, ..]" - # (i.e. define the partition table as a map of root/boot/boot_efi vars) - # *and* it needs to undstand modifications (e.g. adding extra parititions somehow, size contraints) - otk.external.osbuild.create_partition_table_defines: - total_size: 10G + modifications: + # empty +otk.include: "common/gen-partition-table-x86_64.yaml" -otk.include.centos-9-x86_64: "common/centos-9.yaml" +otk.target.osbuild: + pipelines: + - otk.include: "pipeline/build.yaml" + - name: os + build: name:build + stages: + - otk.include: "fragment/kernel-cmdline.yaml" + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: C.UTF-8 + - type: org.osbuild.timezone + options: + zone: America/New_York + - type: org.osbuild.sysconfig + options: + kernel: + update_default: true + default_kernel: kernel + network: + networking: true + no_zero_conf: true + - otk.external.otk-make-fstab-stage: + ${filesystem} + - otk.include: "fragment/grub2.yaml" + - type: org.osbuild.systemd + options: + default_target: multi-user.target + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + - otk.include: "pipeline/image.yaml" + - name: qcow2 + build: name:build + stages: + - type: org.osbuild.qemu + inputs: + image: + type: org.osbuild.files + origin: org.osbuild.pipeline + references: + name:image: + file: ${filesystem.const.filename} + options: + # XXX: provide a way to derive the name from the filesystem one? + filename: disk.qcow2 + format: + type: qcow2 + compat: "1.1" + sources: + org.osbuild.curl: diff --git a/example/centos/common/centos-9.yaml b/example/centos/common/centos-9.yaml deleted file mode 100644 index 7bffae74..00000000 --- a/example/centos/common/centos-9.yaml +++ /dev/null @@ -1,114 +0,0 @@ -otk.define.common: - source_epoch: 1715673600 - # called "modification" by convention but we could/should add policy around it to disallow "user" - # modifications outside of "modfication.*" - # TODO: we probably want a common-common.yaml or modification.yaml with otk.include - modfication: - keymap: "us" - chrony: - servers: - hostname: "168.254.169.123" - minpoll: 4 - maxpoll: 4 - iburst: true - prefer: true - leapsectz: "" - cloud_init_user: "ec2-user" - kernel_opts_list: - otk.op.join: - values: - - - "console=tty0" - - "console=ttyS0,115200n8" - - "net.ifnames=0" - - ${filesystem.kernel_opts_list} - - ${kernel_opts_list} - packages: - build: - docs: false - weak: true - packages: - include: - # duplicated entries can be removed - # only added due to functionality of the current implementation - - "coreutils" - - "dosfstools" - - "glibc" - - "grub2-pc" - - "platform-python" - - "policycoreutils" - - "python3" - - "python3-pyyaml" - - "qemu-img" # only needed for the qcow pipeline but for simplicity have a common buildroot - - "rpm" - - "selinux-policy-targeted" - - "systemd" - - "xfsprogs" # conditionally added depending on the target filesystem - - "xz" - os: - docs: false - weak: true - packages: - include: - otk.op.join: - values: - - - "@core" - - "NetworkManager-cloud-setup" - - "authselect-compat" - - "chrony" - - "cloud-init" - - "cloud-utils-growpart" - - "dhcp-client" - - "dosfstools" - - "dracut-config-generic" - - "efibootmgr" - - "gdisk" - - "grub2" - - "grub2-efi-x64" - - "grub2-pc" - - "kernel" - - "langpacks-en" - - "redhat-release" - - "redhat-release-eula" - - "rsync" - - "selinux-policy-targeted" - - "shim-x64" - - "tar" - - "tuned" - - "xfsprogs" - - "yum-utils" - - "dracut-config-generic" - # TODO: define common set of packages and then split them into common.yaml and specifics - - ${non_base_packages} - exclude: - otk.op.join: - values: - - - "aic94xx-firmware" - - "alsa-firmware" - - "alsa-tools-firmware" - - "biosdevname" - - "dracut-config-rescue" - - "firewalld" - - "iprutils" - - "ivtv-firmware" - - "iwl100-firmware" - - "iwl1000-firmware" - - "iwl105-firmware" - - "iwl135-firmware" - - "iwl2000-firmware" - - "iwl2030-firmware" - - "iwl3160-firmware" - - "iwl3945-firmware" - - "iwl4965-firmware" - - "iwl5000-firmware" - - "iwl5150-firmware" - - "iwl6000-firmware" - - "iwl6000g2a-firmware" - - "iwl6000g2b-firmware" - - "iwl6050-firmware" - - "iwl7260-firmware" - - "libertas-sd8686-firmware" - - "libertas-sd8787-firmware" - - "libertas-usb8388-firmware" - - "plymouth" - - "qemu-guest-agent" - - ${non-base-excludes} diff --git a/example/centos/common/gen-partition-table-x86_64.yaml b/example/centos/common/gen-partition-table-x86_64.yaml new file mode 100644 index 00000000..0944731d --- /dev/null +++ b/example/centos/common/gen-partition-table-x86_64.yaml @@ -0,0 +1,43 @@ +# merge with fedora partition table +otk.define: + filesystem: + otk.external.otk-gen-partition-table: + modifications: + ${filesystem.modifications} + properties: + create: + bios_boot_partition: true + esp_partition: true + esp_partition_size: "200 MiB" + type: gpt + bios: true + default_size: "10 GiB" + uuid: D209C89E-EA5E-4FBD-B161-B461CCE297E0 + partitions: + - name: boot + mountpoint: /boot + label: boot + size: "1 GiB" + type: "xfs" + # XXX: make default if empty + fs_mntops: defaults + # XXX can we derive this? + part_type: BC13C2FF-59E6-4262-A352-B275FD6F7172 + # XXX: yes we use hardcoded uuids + part_uuid: CB07C243-BC44-4717-853E-28852021225B + - name: root + mountpoint: / + label: root + type: "xfs" + # XXX: can/should we be able to leave this empy? + size: "5 GiB" + # XXX: make default if empty + fs_mntops: defaults + # XXX: can we derive this? + part_type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + # XXX: yes we use hardcoded uuids + part_uuid: 6264D520-3FB9-423F-8AB8-7A0A8E3D3562 + # XXX: find a better way + fs_options: + otk.external.otk-make-partition-mounts-devices: + ${filesystem} diff --git a/example/centos/fragment/authselect.yaml b/example/centos/fragment/authselect.yaml deleted file mode 100644 index 20fa58a1..00000000 --- a/example/centos/fragment/authselect.yaml +++ /dev/null @@ -1,3 +0,0 @@ -- type: org.osbuild.authselect - options: - profile: sssd diff --git a/example/centos/fragment/chrony.yaml b/example/centos/fragment/chrony.yaml deleted file mode 100644 index 5c639825..00000000 --- a/example/centos/fragment/chrony.yaml +++ /dev/null @@ -1,5 +0,0 @@ -otk.op.if-set: - what: modfication.chrony - then: - - type: org.osbuild.chrony - options: ${modfication.chrony} diff --git a/example/centos/fragment/cloud-init.yaml b/example/centos/fragment/cloud-init.yaml deleted file mode 100644 index 57962a21..00000000 --- a/example/centos/fragment/cloud-init.yaml +++ /dev/null @@ -1,7 +0,0 @@ -type: org.osbuild.cloud-init -options: - filename: "00-rhel-default-user.cfg" - config: - system_info: - default_user: - name: "${cloud_init_user}" diff --git a/example/centos/fragment/dracut.yaml b/example/centos/fragment/dracut.yaml deleted file mode 100644 index 68485e36..00000000 --- a/example/centos/fragment/dracut.yaml +++ /dev/null @@ -1,13 +0,0 @@ -- type: org.osbuild.dracut.conf - options: - filename: "sgdisk.conf" - config: - install_items: - - sgdisk -- type: org.osbuild.dracut.conf - options: - filename: ec2.conf - config: - add_drivers: - - nvme - - xen-blkfront diff --git a/example/centos/fragment/files.yaml b/example/centos/fragment/files.yaml deleted file mode 100644 index e59a848b..00000000 --- a/example/centos/fragment/files.yaml +++ /dev/null @@ -1,15 +0,0 @@ -otk.op.loop: - item: ${modfication.files} - foreach: - - otk.external.osbuild.embed_file: - text: ${item.text} - path: ${item.path} - - type: org.osbuild.chmod - options: - path: ${item.path} - mode: ${item.mode} - - type: org.osbuild.chown - options: - path: ${item.path} - user: ${item.user} - group: ${item.group} diff --git a/example/centos/fragment/fix-bls.yaml b/example/centos/fragment/fix-bls.yaml deleted file mode 100644 index e0720589..00000000 --- a/example/centos/fragment/fix-bls.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# BLS - Boot Loader Specification -- type: org.osbuild.fix-bls - options: - # its empty if there is a boot partition *and* it's /boot (otherwise /boot if there is no boot - # partition) this has to be known by the USER we could also generate it in otk.external based - # on $partitiontable - prefix: "" diff --git a/example/centos/fragment/grub2-inst.yaml b/example/centos/fragment/grub2-inst.yaml new file mode 100644 index 00000000..11e82c9f --- /dev/null +++ b/example/centos/fragment/grub2-inst.yaml @@ -0,0 +1,19 @@ +type: org.osbuild.grub2.inst +options: + filename: ${filesystem.const.filename} + # XXX: get via define + platform: i386-pc + # XXX: get via define + location: 2048 + core: + type: mkimage + # get via define + partlabel: gpt + # get via define + filesystem: xfs + prefix: + type: partition + partlabel: gpt + # XXX: get via define + number: 2 + path: /grub2 diff --git a/example/centos/fragment/grub2.yaml b/example/centos/fragment/grub2.yaml index 44bcd8bd..795a8269 100644 --- a/example/centos/fragment/grub2.yaml +++ b/example/centos/fragment/grub2.yaml @@ -1,14 +1,15 @@ -- type: org.osbuild.grub2 - options: - root_fs_uuid: ${filesystem.root.uuid} - boot_fs_uuid: ${filesystem.boot.uuid} - kernel_opts: '{{ " ".join(kernel_opts_list) }}' +type: org.osbuild.grub2 +options: + root_fs_uuid: ${filesystem.const.partition_map.root.uuid} + boot_fs_uuid: ${filesystem.const.partition_map.boot.uuid} + kernel_opts: ${kernel_commandline} legacy: i386-pc uefi: + # XXX: use name? vendor: centos unified: true - # TODO: expose this somehow from the depsolve (could also be ${depsolve.kernel...}) - saved_entry: "ffffffffffffffffffffffffffffffff-${kernel-core.version}" + # XXX: get from rpm stage + saved_entry: ffffffffffffffffffffffffffffffff-5.14.0-496.el9.x86_64 write_cmdline: false config: default: saved diff --git a/example/centos/fragment/kernel-cmdline.yaml b/example/centos/fragment/kernel-cmdline.yaml index 05bf5dce..95c50a07 100644 --- a/example/centos/fragment/kernel-cmdline.yaml +++ b/example/centos/fragment/kernel-cmdline.yaml @@ -1,12 +1,4 @@ -- type: org.osbuild.kernel-cmdline - options: - root_fs_uuid: ${filesysteem.root.uuid} - # seems consensus is to *not* use jinja2 for now (unless we have a better use-case than - # '" ".join(kernle_opts_list)') - # TODO: consider a small subset of "filters" inspired by jinja2 "${ kernel_opts_list | join }" ? - kernel_opts: - otk.op.string.join: # ?? - otk.op.join.as_string: - delimiter: " " # call it "seperator"? - values: # maybe "items" ? - ${kernel_opts_list} +type: org.osbuild.kernel-cmdline +options: + root_fs_uuid: ${filesystem.const.partition_map.root.uuid} + kernel_opts: ${kernel_commandline} diff --git a/example/centos/fragment/keymap.yaml b/example/centos/fragment/keymap.yaml deleted file mode 100644 index 31df45e5..00000000 --- a/example/centos/fragment/keymap.yaml +++ /dev/null @@ -1,9 +0,0 @@ -otk.op.if-set: - what: modfication.keymap - then: - - type: org.osbuild.keymap - options: - keymap: ${modfication.keymap} - x11-keymap: - layouts: - - ${modfication.keymap} diff --git a/example/centos/fragment/locale.yaml b/example/centos/fragment/locale.yaml deleted file mode 100644 index 59ae4d1f..00000000 --- a/example/centos/fragment/locale.yaml +++ /dev/null @@ -1,6 +0,0 @@ -otk.op.if_set: - what: ${modfication.locale} - then: - - type: org.osbuild.locale - options: - locale: ${modfication.locale} diff --git a/example/centos/fragment/modprobe.yaml b/example/centos/fragment/modprobe.yaml deleted file mode 100644 index 9edf4011..00000000 --- a/example/centos/fragment/modprobe.yaml +++ /dev/null @@ -1,12 +0,0 @@ -- type: org.osbuild.modprobe - options: - filename: "blacklist-nouveau.conf" - commands: - - command: "blacklist" - modulename: "nouveau" -- type: org.osbuild.modprobe - options: - filename: "blacklist-amdgpu.conf" - commands: - - command: "blacklist" - modulename: "amdgpu" diff --git a/example/centos/fragment/selinux.yaml b/example/centos/fragment/selinux.yaml deleted file mode 100644 index 100ae533..00000000 --- a/example/centos/fragment/selinux.yaml +++ /dev/null @@ -1,3 +0,0 @@ -- type: org.osbuild.selinux - options: - file_contexts: etc/selinux/targeted/contexts/files/file_contexts diff --git a/example/centos/fragment/sshd.yaml b/example/centos/fragment/sshd.yaml deleted file mode 100644 index 1067ea9b..00000000 --- a/example/centos/fragment/sshd.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- type: org.osbuild.sshd_config - options: - config: - PasswordAuthentication: ${sshd_password_authentication} diff --git a/example/centos/fragment/sysconfig.yaml b/example/centos/fragment/sysconfig.yaml deleted file mode 100644 index 547480a0..00000000 --- a/example/centos/fragment/sysconfig.yaml +++ /dev/null @@ -1,18 +0,0 @@ -type: org.osbuild.sysconfig -options: - kernel: - update_default: true - default_kernel: "kernel" - network: - networking: true - no_zero_conf: true - network-scripts: - ifcfg: - eth0: - bootproto: "dhcp" - device: "eth0" - ipv6init: false # TODO: ami only? should this be a var? - onboot: true - peerdns: true - type: "Ethernet" - userctl: true diff --git a/example/centos/fragment/systemd-logind.yaml b/example/centos/fragment/systemd-logind.yaml deleted file mode 100644 index 30e3459e..00000000 --- a/example/centos/fragment/systemd-logind.yaml +++ /dev/null @@ -1,6 +0,0 @@ -- type: org.osbuild.systemd-logind - options: - filename: "00-getty-fixes.conf" - config: - Login: - NAutoVTs: 0 diff --git a/example/centos/fragment/systemd-unit.yaml b/example/centos/fragment/systemd-unit.yaml deleted file mode 100644 index deb409c1..00000000 --- a/example/centos/fragment/systemd-unit.yaml +++ /dev/null @@ -1,9 +0,0 @@ -- type: org.osbuild.systemd.unit - options: - unit: nm-cloud-setup.service - dropin: 10-rh-enable-for-ec2.conf - config: - Service: - Environment: - - key: NM_CLOUD_SETUP_EC2 - value: "yes" diff --git a/example/centos/fragment/systemd.yaml b/example/centos/fragment/systemd.yaml deleted file mode 100644 index de3e1246..00000000 --- a/example/centos/fragment/systemd.yaml +++ /dev/null @@ -1,4 +0,0 @@ -- type: org.osbuild.systemd - options: - enabled_services: ${enabled_services} - default_target: multi-user.target diff --git a/example/centos/fragment/user.yaml b/example/centos/fragment/user.yaml deleted file mode 100644 index 9355b690..00000000 --- a/example/centos/fragment/user.yaml +++ /dev/null @@ -1,5 +0,0 @@ -otk.op.if-set: - what: modfication.user - then: - - type: org.osbuild.users - options: ${modfication.user} diff --git a/example/centos/pipeline/build.yaml b/example/centos/pipeline/build.yaml index 0f5b4062..6fdd0f6d 100644 --- a/example/centos/pipeline/build.yaml +++ b/example/centos/pipeline/build.yaml @@ -1,21 +1,11 @@ + name: build -# source-epoch will support reproducible builds: -# https://reproducible-builds.org/docs/source-date-epoch/ -source-epoch: ${source_epoch} -runner: "org.osbuild.centos9" +runner: org.osbuild.${distro}${version} stages: - - otk.external.osbuild_depsolve_dnf4: - architecture: ${architecture} - releasever: ${version} - module_platform_id: platform:el${version} - docs: ${packages.build.docs} - weak: ${packages.build.weak} - repositories: ${packages.repositories} - gpgkeys: ${packages.keys} - packages: ${packages.buildroot.packages} + # XXX: fill rpm + - type: org.osbuild.rpm - type: org.osbuild.selinux options: file_contexts: etc/selinux/targeted/contexts/files/file_contexts labels: /usr/bin/cp: system_u:object_r:install_exec_t:s0 - /usr/bin/tar: system_u:object_r:install_exec_t:s0 diff --git a/example/centos/pipeline/image.yaml b/example/centos/pipeline/image.yaml index 76b6617c..5806178d 100644 --- a/example/centos/pipeline/image.yaml +++ b/example/centos/pipeline/image.yaml @@ -1,36 +1,27 @@ name: image -build: "name:build" - +build: name:build stages: - - otk.external.osbuild_partition_table.gen_truncate_stage: - from: filesystems - - otk.external.osbuild_partition_table.gen_sfdisk_stage: - from: filesystems - - otk.external.osbuild_partition_table.gen_mkfs_stages: - from: filesystems - - type: org.osbuild.copy - options: - paths: - from: input://root-tree/ - to: mount://-/ - devices: - otk.external.osbuild.partition_table.gen_devices: - from: filesystems - mounts: - otk.external.osbuild.partition_table.gen_mounts: - from: filesystems - # TODO drop this stage conditionally on legacy boot support (or not) [is this our use-case for conditionals?] - - type: org.osbuild.grub2.inst - options: - filename: image.raw - platform: i386-pc - location: 2048 - core: - type: mkimage - partlabel: gpt - filesystem: xfs - prefix: - type: partition - partlabel: gpt - number: 2 - path: /grub2 + otk.op.join: + values: + - otk.external.otk-make-partition-stages: + ${filesystem} + - - type: org.osbuild.copy + inputs: + root-tree: + type: org.osbuild.tree + origin: org.osbuild.pipeline + references: + - name:os + options: + paths: + - from: input://root-tree/ + to: mount://-/ + # XXX: fugly, can we do better? + # we cannot just do + # otk.external.otk-make-partition-mounts-devices: + # here because "otk.external." does not allow siblings + mounts: + ${fs_options.mounts} + devices: + ${fs_options.devices} + - otk.include: "../fragment/grub2-inst.yaml" diff --git a/example/centos/pipeline/os-ostree.yaml b/example/centos/pipeline/os-ostree.yaml deleted file mode 100644 index 116563d1..00000000 --- a/example/centos/pipeline/os-ostree.yaml +++ /dev/null @@ -1,44 +0,0 @@ -name: os -build: "name:build" - -stages: - # Install RPMs - - otk.external.osbuild_depsolve_dnf4: - architecture: ${architecture} - releasever: ${version} - module_platform_id: platform:el${version} - docs: ${packages.os.docs} - weak: ${packages.os.weak} - repositories: ${packages.repositories} - gpgkeys: ${packages.keys} - packages: ${packages.os.packages} - - # Disk bits - - otk.external.osbuild.partition_table.gen_fstab_stage: - source: ${filesystem} - - # Boot bits - - otk.include: fragment/kernel-cmdline.yaml - - otk.include: fragment/dracut.yaml - - otk.include: fragment/fix-bls.yaml - - otk.include: fragment/grub2.yaml - - # General bits, could probably be split out further - - otk.include: fragment/locale.yaml - - otk.include: fragment/keymap.yaml - - otk.include: fragment/timezone.yaml - - otk.include: fragment/chrony.yaml - - otk.include: fragment/sysconfig.yaml - - otk.include: fragment/systemd-logind.yaml - - otk.include: fragment/cloud-init.yaml - - otk.include: fragment/modprobe.yaml - - otk.include: fragment/authselect.yaml - - otk.include: fragment/sshd.yaml - - otk.include: fragment/systemd-unit.yaml - - otk.include: fragment/systemd.yaml - - - otk.include: fragment/users.yaml - - otk.include: fragment/oscap.yaml - - # Always - - otk.include: fragment/selinux.yaml diff --git a/example/centos/pipeline/os.yaml b/example/centos/pipeline/os.yaml deleted file mode 100644 index 45f284dd..00000000 --- a/example/centos/pipeline/os.yaml +++ /dev/null @@ -1,48 +0,0 @@ -name: os -build: "name:build" - -stages: - # Install RPMs - - otk.external.osbuild_depsolve_dnf4: - architecture: ${architecture} - releasever: ${version} - module_platform_id: platform:el${version} - docs: ${packages.os.docs} - weak: ${packages.os.weak} - repositories: ${packages.repositories} - gpgkeys: ${packages.keys} - packages: ${packages.os.packages} - - # Disk bits - - otk.external.osbuild.partition_table.gen_fstab_stage: - source: ${filesystem} - - # Boot bits - - otk.include: fragment/kernel-cmdline.yaml - - otk.include: fragment/dracut.yaml - - otk.include: fragment/fix-bls.yaml - - otk.include: fragment/grub2.yaml - - # General bits, could probably be split out further - - otk.include: fragment/locale.yaml - - otk.include: fragment/keymap.yaml - - otk.include: fragment/timezone.yaml - - otk.include: fragment/chrony.yaml - - otk.include: fragment/sysconfig.yaml - - otk.include: fragment/systemd-logind.yaml - - otk.include: fragment/cloud-init.yaml - - otk.include: fragment/modprobe.yaml - - otk.include: fragment/authselect.yaml - - otk.include: fragment/sshd.yaml - - otk.include: fragment/systemd-unit.yaml - - otk.include: fragment/systemd.yaml - - # Custom bits - - otk.include: fragment/directories.yaml - - otk.include: fragment/files.yaml - - - otk.include: fragment/users.yaml - - otk.include: fragment/oscap.yaml - - # Always - - otk.include: fragment/selinux.yaml diff --git a/example/fedora/common/gen-partition-table-x86_64.yaml b/example/fedora/common/gen-partition-table-x86_64.yaml new file mode 100644 index 00000000..d41bf9d0 --- /dev/null +++ b/example/fedora/common/gen-partition-table-x86_64.yaml @@ -0,0 +1,41 @@ +# XXX: merge with the centos partition table +otk.define: + filesystem: + otk.external.otk-gen-partition-table: + modifications: + ${filesystem.modifications} + properties: + create: + esp_partition: true + esp_partition_size: "200 MiB" + type: gpt + bios: true + start_offset: "8 MiB" + uuid: D209C89E-EA5E-4FBD-B161-B461CCE297E0 + partitions: + - name: boot + mountpoint: /boot + label: boot + size: "1 GiB" + type: ext4 + # XXX: make default if empty + fs_mntops: defaults + # XXX: derive? + part_type: BC13C2FF-59E6-4262-A352-B275FD6F7172 + # XXX: yes we use hardcoded uuids + part_uuid: CB07C243-BC44-4717-853E-28852021225B + - name: root + mountpoint: / + label: root + type: ext4 + size: "2 GiB" + # XXX: make default if empty + fs_mntops: defaults + # XXX: derive? + part_type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + # XXX: yes we use hardcoded uuids + part_uuid: 6264D520-3FB9-423F-8AB8-7A0A8E3D3562 + # XXX: find a better way + fs_options: + otk.external.otk-make-partition-mounts-devices: + ${filesystem} diff --git a/example/fedora/fedora-40-x86_64-minimal_raw.yaml b/example/fedora/fedora-40-x86_64-minimal_raw.yaml new file mode 100644 index 00000000..a007fb2b --- /dev/null +++ b/example/fedora/fedora-40-x86_64-minimal_raw.yaml @@ -0,0 +1,115 @@ +otk.version: "1" + +otk.define: + distro: fedora + version: 40 + kernel_commandline: "ro" + filesystem: + modifications: + # empty + +otk.include: "common/gen-partition-table-x86_64.yaml" + +otk.target.osbuild: + pipelines: + - otk.include: "../centos/pipeline/build.yaml" + - name: os + build: name:build + stages: + - otk.include: "../centos/fragment/kernel-cmdline.yaml" + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: en_US + - type: org.osbuild.hostname + options: + hostname: localhost.localdomain + - type: org.osbuild.timezone + options: + zone: UTC + - otk.external.otk-make-fstab-stage: + ${filesystem} + # cannot use "fragment/grub2.yaml" because "timeout"/'legacy': 'i386-pc' + # are set/unset in fedora/centos + - type: org.osbuild.grub2 + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + boot_fs_uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + kernel_opts: ro + uefi: + vendor: fedora + unified: true + saved_entry: ffffffffffffffffffffffffffffffff-6.10.6-200.fc40.x86_64 + write_cmdline: false + config: + default: saved + timeout: 5 + - type: org.osbuild.copy + inputs: + file-5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e: + type: org.osbuild.files + origin: org.osbuild.source + references: + - id: sha256:5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e + options: + paths: + - from: input://file-5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e/sha256:5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e + to: tree:///root/anaconda-ks.cfg + remove_destination: true + - type: org.osbuild.chown + options: + items: + /root/anaconda-ks.cfg: + user: root + group: root + - type: org.osbuild.systemd + options: + enabled_services: + - NetworkManager.service + - firewalld.service + - initial-setup.service + - sshd.service + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + # cannot include "pipeline/images.yaml" this one odes not use grub2-inst + - name: image + build: name:build + stages: + otk.op.join: + values: + - otk.external.otk-make-partition-stages: + ${filesystem} + - - type: org.osbuild.copy + inputs: + root-tree: + type: org.osbuild.tree + origin: org.osbuild.pipeline + references: + - name:os + options: + paths: + - from: input://root-tree/ + to: mount://-/ + mounts: + ${fs_options.mounts} + devices: + ${fs_options.devices} + - name: xz + build: name:build + stages: + - type: org.osbuild.xz + inputs: + file: + type: org.osbuild.files + origin: org.osbuild.pipeline + references: + name:image: + file: disk.img + options: + filename: disk.raw.xz + sources: + org.osbuild.curl: diff --git a/example/fedora/minimal-40-aarch64.yaml b/example/fedora/minimal-40-aarch64.yaml deleted file mode 100644 index 49446dfd..00000000 --- a/example/fedora/minimal-40-aarch64.yaml +++ /dev/null @@ -1,44 +0,0 @@ -otk.version: 1 - -otk.define: - version: 40 - architecture: "aarch64" - isolabel: Fedora-${version}-${architecture} - - packages: - # Repositories to fetch packages from - # GPG keys to verify packages with - # These packages are used in the buildroot - buildroot: - docs: false - weak: false - # These packages are used for the operating system tree which is what ends - # up in the outputs. - tree: - docs: false - weak: false - filesystem: - root: - uuid: "6e4ff95f-f662-45ee-a82a-bdf44a2d0b75" - vfs_type: "ext4" - path: "/" - options: "defaults" - boot: - uuid: "0194fdc2-fa2f-4cc0-81d3-ff12045b73c8" - vfs_type: "ext4" - path: "/boot" - options: "defaults" - boot_efi: - uuid: "7B77-95E7" - vfs_type: "vfat" - path: "/boot/efi" - options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" - passno: 2 - -otk.target.osbuild.qcow2: - otk.include: "repository/${version}/repositories.yaml" - pipelines: - # otk.include: "osbuild/buildroot.yaml" - # otk.include: "osbuild/pipeline/tree.yaml" - - otk.include: "osbuild/pipeline/raw.yaml" - - otk.include: "osbuild/pipeline/xz.yaml" diff --git a/example/fedora/minimal-40-x86_64.yaml b/example/fedora/minimal-40-x86_64.yaml deleted file mode 100644 index be9e692a..00000000 --- a/example/fedora/minimal-40-x86_64.yaml +++ /dev/null @@ -1,44 +0,0 @@ -otk.version: 1 - -otk.define: - version: 40 - architecture: "x86_64" - isolabel: Fedora-${version}-${architecture} - - packages: - # Repositories to fetch packages from - # GPG keys to verify packages with - # These packages are used in the buildroot - buildroot: - docs: false - weak: false - # These packages are used for the operating system tree which is what ends - # up in the outputs. - tree: - docs: false - weak: false - filesystem: - root: - uuid: "6e4ff95f-f662-45ee-a82a-bdf44a2d0b75" - vfs_type: "ext4" - path: "/" - options: "defaults" - boot: - uuid: "0194fdc2-fa2f-4cc0-81d3-ff12045b73c8" - vfs_type: "ext4" - path: "/boot" - options: "defaults" - boot_efi: - uuid: "7B77-95E7" - vfs_type: "vfat" - path: "/boot/efi" - options: "defaults,uid=0,gid=0,umask=077,shortname=winnt" - passno: 2 - -otk.target.osbuild.qcow2: - otk.include: "repository/${version}/repositories.yaml" - pipelines: - # otk.include: "osbuild/buildroot.yaml" - # otk.include: "osbuild/pipeline/tree.yaml" - - otk.include: "osbuild/pipeline/raw.yaml" - - otk.include: "osbuild/pipeline/xz.yaml" diff --git a/example/fedora/packages/40/_buildroot.yaml b/example/fedora/packages/40/_buildroot.yaml deleted file mode 100644 index 8893a317..00000000 --- a/example/fedora/packages/40/_buildroot.yaml +++ /dev/null @@ -1,3 +0,0 @@ -include: - - "@core" -exclude: [] diff --git a/example/fedora/packages/40/iot.yaml b/example/fedora/packages/40/iot.yaml deleted file mode 100644 index b6d5b78d..00000000 --- a/example/fedora/packages/40/iot.yaml +++ /dev/null @@ -1,101 +0,0 @@ -include: - - "NetworkManager" - - "NetworkManager-wifi" - - "NetworkManager-wwan" - - "aardvark-dns" - - "atheros-firmware" - - "attr" - - "authselect" - - "basesystem" - - "bash" - - "bash-completion" - - "brcmfmac-firmware" - - "chrony" - - "clevis" - - "clevis-dracut" - - "clevis-luks" - - "clevis-pin-tpm2" - - "container-selinux" - - "containernetworking-plugins" - - "coreutils" - - "cracklib-dicts" - - "criu" - - "cryptsetup" - - "curl" - - "dbus-parsec" - - "dnsmasq" - - "dosfstools" - - "dracut-config-generic" - - "dracut-network" - - "e2fsprogs" - - "efibootmgr" - - "fdo-client" - - "fdo-owner-cli" - - "fedora-iot-config" - - "fedora-release-iot" - - "firewalld" - - "fwupd" - - "fwupd-efi" - - "fwupd-plugin-modem-manager" - - "fwupd-plugin-uefi-capsule-data" - - "glibc" - - "glibc-minimal-langpack" - - "gnupg2" - - "greenboot" - - "greenboot-default-health-checks" - - "gzip" - - "hostname" - - "ignition" - - "ignition-edge" - - "ima-evm-utils" - - "iproute" - - "iputils" - - "iwd" - - "iwlwifi-mvm-firmware" - - "kernel-tools" - - "keyutils" - - "less" - - "libsss_sudo" - - "linux-firmware" - - "lvm2" - - "netavark" - - "nss-altfiles" - - "openssh-clients" - - "openssh-server" - - "openssl" - - "parsec" - - "pinentry" - - "podman" - - "policycoreutils" - - "policycoreutils-python-utils" - - "polkit" - - "procps-ng" - - "realtek-firmware" - - "rootfiles" - - "rpm" - - "screen" - - "selinux-policy-targeted" - - "setools-console" - - "setup" - - "shadow-utils" - - "skopeo" - - "slirp4netns" - - "ssh-key-dir" - - "sssd-client" - - "sudo" - - "systemd" - - "systemd-resolved" - - "tar" - - "tmux" - - "tpm2-pkcs11" - - "traceroute" - - "usbguard" - - "util-linux" - - "vim-minimal" - - "wireless-regdb" - - "wpa_supplicant" - - "xfsprogs" - - "xz" - - "zezere-ignition" - - "zram-generator" -exclude: [] diff --git a/example/fedora/packages/40/minimal.yaml b/example/fedora/packages/40/minimal.yaml deleted file mode 100644 index abb66f3f..00000000 --- a/example/fedora/packages/40/minimal.yaml +++ /dev/null @@ -1,9 +0,0 @@ -include: - - "@core" - - "initial-setup" - - "libxkbcommon" - - "NetworkManager-wifi" - - "brcmfmac-firmware" - - "realtek-firmware" - - "iwlwifi-mvm-firmware" -exclude: [] diff --git a/example/fedora/repository/40/keys.yaml b/example/fedora/repository/40/keys.yaml deleted file mode 100644 index bd4f7673..00000000 --- a/example/fedora/repository/40/keys.yaml +++ /dev/null @@ -1,2 +0,0 @@ -- "a" -- "b" diff --git a/example/fedora/repository/40/repositories.yaml b/example/fedora/repository/40/repositories.yaml deleted file mode 100644 index e5b765b7..00000000 --- a/example/fedora/repository/40/repositories.yaml +++ /dev/null @@ -1,5 +0,0 @@ -otk.define: - packages: - repositories: - - id: "fedora" - metalink: https://mirrors.fedoraproject.org/metalink?repo=fedora-${version}&arch=${architecture} diff --git a/src/otk/external.py b/src/otk/external.py index 2c43b1e6..5790b98b 100644 --- a/src/otk/external.py +++ b/src/otk/external.py @@ -45,6 +45,8 @@ def path_for(exe): "/usr/libexec/otk/external", "/usr/local/lib/otk/external", "/usr/lib/otk/external", + # local developer case + "./externals", ] env = os.getenv("OTK_EXTERNAL_PATH", None) diff --git a/src/otk/transform.py b/src/otk/transform.py index ada960d2..150d5f8c 100644 --- a/src/otk/transform.py +++ b/src/otk/transform.py @@ -190,7 +190,6 @@ def process_defines(ctx: Context, state: State, tree: Any) -> None: # for any other type, just set the value to the key ctx.define(state.define_subkey(key), value) - def process_include(ctx: Context, state: State, path: pathlib.Path) -> dict: """ Load a yaml file and send it to resolve() for processing. diff --git a/test/data/images-ref/centos/centos-9-x86_64-ami.yaml b/test/data/images-ref/centos/centos-9-x86_64-ami.yaml new file mode 100644 index 00000000..f4136737 --- /dev/null +++ b/test/data/images-ref/centos/centos-9-x86_64-ami.yaml @@ -0,0 +1,298 @@ +# generated via the image repo +# +# $ go build ./cmd/build/ && OSBUILD_TESTING_RNG_SEED=0 ./cmd/build/build -config config.json -distro centos-9 -type qcow2 +# $ $GOPATH/bin/yq -P < centos_9-x86_64-ami-/manifest.json > centos_9-x86_64-ami-/manifest.yaml +# mange UUIDs as the generate code creates different ones from images (but +# still predictable) +# +# and stripping out the "inputs" and "curl" pieces +version: "2" +pipelines: + - name: build + runner: org.osbuild.centos9 + stages: + - type: org.osbuild.rpm + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + labels: + /usr/bin/cp: system_u:object_r:install_exec_t:s0 + - name: os + build: name:build + stages: + - type: org.osbuild.kernel-cmdline + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 nvme_core.io_timeout=4294967295 + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: en_US.UTF-8 + - type: org.osbuild.keymap + options: + keymap: us + x11-keymap: + layouts: + - us + - type: org.osbuild.timezone + options: + zone: UTC + - type: org.osbuild.chrony + options: + servers: + - hostname: 169.254.169.123 + minpoll: 4 + maxpoll: 4 + iburst: true + prefer: true + leapsectz: "" + - type: org.osbuild.sysconfig + options: + kernel: + update_default: true + default_kernel: kernel + network: + networking: true + no_zero_conf: true + network-scripts: + ifcfg: + eth0: + bootproto: dhcp + device: eth0 + ipv6init: false + onboot: true + peerdns: true + type: Ethernet + userctl: true + - type: org.osbuild.systemd-logind + options: + filename: 00-getty-fixes.conf + config: + Login: + NAutoVTs: 0 + - type: org.osbuild.cloud-init + options: + filename: 00-rhel-default-user.cfg + config: + system_info: + default_user: + name: ec2-user + - type: org.osbuild.modprobe + options: + filename: blacklist-nouveau.conf + commands: + - command: blacklist + modulename: nouveau + - type: org.osbuild.modprobe + options: + filename: blacklist-amdgpu.conf + commands: + - command: blacklist + modulename: amdgpu + - type: org.osbuild.dracut.conf + options: + filename: sgdisk.conf + config: + install_items: + - sgdisk + - type: org.osbuild.dracut.conf + options: + filename: ec2.conf + config: + add_drivers: + - nvme + - xen-blkfront + - type: org.osbuild.systemd.unit + options: + unit: nm-cloud-setup.service + dropin: 10-rh-enable-for-ec2.conf + config: + Service: + Environment: + - key: NM_CLOUD_SETUP_EC2 + value: "yes" + - type: org.osbuild.authselect + options: + profile: sssd + - type: org.osbuild.sshd.config + options: + config: + PasswordAuthentication: false + - type: org.osbuild.fstab + options: + filesystems: + - uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + vfs_type: xfs + path: / + options: defaults + - uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + vfs_type: xfs + path: /boot + options: defaults + - uuid: 7B77-95E7 + vfs_type: vfat + path: /boot/efi + options: defaults,uid=0,gid=0,umask=077,shortname=winnt + passno: 2 + - type: org.osbuild.grub2 + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + boot_fs_uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + kernel_opts: console=tty0 console=ttyS0,115200n8 net.ifnames=0 nvme_core.io_timeout=4294967295 + legacy: i386-pc + uefi: + vendor: centos + unified: true + saved_entry: ffffffffffffffffffffffffffffffff-5.14.0-496.el9.x86_64 + write_cmdline: false + config: + default: saved + - type: org.osbuild.systemd + options: + enabled_services: + - sshd + - NetworkManager + - nm-cloud-setup.service + - nm-cloud-setup.timer + - cloud-init + - cloud-init-local + - cloud-config + - cloud-final + - reboot.target + - tuned + default_target: multi-user.target + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + - name: image + build: name:build + stages: + - type: org.osbuild.truncate + options: + filename: image.raw + size: "10737418240" + - type: org.osbuild.sfdisk + options: + label: gpt + uuid: D209C89E-EA5E-4FBD-B161-B461CCE297E0 + partitions: + - bootable: true + size: 2048 + start: 2048 + type: 21686148-6449-6E6F-744E-656564454649 + uuid: FAC7F1FB-3E8D-4137-A512-961DE09A5549 + - size: 409600 + start: 4096 + type: C12A7328-F81F-11D2-BA4B-00A0C93EC93B + uuid: 68B2905B-DF3E-4FB3-80FA-49D1E773AA33 + - size: 2097152 + start: 413696 + type: BC13C2FF-59E6-4262-A352-B275FD6F7172 + uuid: CB07C243-BC44-4717-853E-28852021225B + - size: 18460639 + start: 2510848 + type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + uuid: 6264D520-3FB9-423F-8AB8-7A0A8E3D3562 + devices: + device: + type: org.osbuild.loopback + options: + filename: image.raw + lock: true + - type: org.osbuild.mkfs.fat + options: + volid: 7B7795E7 + devices: + device: + type: org.osbuild.loopback + options: + filename: image.raw + start: 4096 + size: 409600 + lock: true + - type: org.osbuild.mkfs.xfs + options: + uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + label: boot + devices: + device: + type: org.osbuild.loopback + options: + filename: image.raw + start: 413696 + size: 2097152 + lock: true + - type: org.osbuild.mkfs.xfs + options: + uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + label: root + devices: + device: + type: org.osbuild.loopback + options: + filename: image.raw + start: 2510848 + size: 18460639 + lock: true + - type: org.osbuild.copy + inputs: + root-tree: + type: org.osbuild.tree + origin: org.osbuild.pipeline + references: + - name:os + options: + paths: + - from: input://root-tree/ + to: mount://-/ + devices: + '-': + type: org.osbuild.loopback + options: + filename: image.raw + start: 2510848 + size: 18460639 + boot: + type: org.osbuild.loopback + options: + filename: image.raw + start: 413696 + size: 2097152 + boot-efi: + type: org.osbuild.loopback + options: + filename: image.raw + start: 4096 + size: 409600 + mounts: + - name: '-' + type: org.osbuild.xfs + source: '-' + target: / + - name: boot + type: org.osbuild.xfs + source: boot + target: /boot + - name: boot-efi + type: org.osbuild.fat + source: boot-efi + target: /boot/efi + - type: org.osbuild.grub2.inst + options: + filename: image.raw + platform: i386-pc + location: 2048 + core: + type: mkimage + partlabel: gpt + filesystem: xfs + prefix: + type: partition + partlabel: gpt + number: 2 + path: /grub2 +sources: + org.osbuild.curl: diff --git a/test/data/images-ref/centos/centos-9-x86_64-qcow2.yaml b/test/data/images-ref/centos/centos-9-x86_64-qcow2.yaml new file mode 100644 index 00000000..f476c14c --- /dev/null +++ b/test/data/images-ref/centos/centos-9-x86_64-qcow2.yaml @@ -0,0 +1,221 @@ +# generated via the image repo +# +# $ go build ./cmd/build/ && OSBUILD_TESTING_RNG_SEED=0 ./cmd/build/build -config config.json -distro centos-9 -type qcow2 +# +# and stripping out the "inputs" and "curl" pieces +version: "2" +pipelines: + - name: build + runner: org.osbuild.centos9 + stages: + - type: org.osbuild.rpm + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + labels: + /usr/bin/cp: system_u:object_r:install_exec_t:s0 + - name: os + build: name:build + stages: + - type: org.osbuild.kernel-cmdline + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + kernel_opts: console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: C.UTF-8 + - type: org.osbuild.timezone + options: + zone: America/New_York + - type: org.osbuild.sysconfig + options: + kernel: + update_default: true + default_kernel: kernel + network: + networking: true + no_zero_conf: true + - type: org.osbuild.fstab + options: + filesystems: + - uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + vfs_type: xfs + path: / + options: defaults + - uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + vfs_type: xfs + path: /boot + options: defaults + - uuid: 7B77-95E7 + vfs_type: vfat + path: /boot/efi + options: defaults,uid=0,gid=0,umask=077,shortname=winnt + passno: 2 + - type: org.osbuild.grub2 + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + boot_fs_uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + kernel_opts: console=tty0 console=ttyS0,115200n8 no_timer_check net.ifnames=0 + legacy: i386-pc + uefi: + vendor: centos + unified: true + saved_entry: ffffffffffffffffffffffffffffffff-5.14.0-496.el9.x86_64 + write_cmdline: false + config: + default: saved + - type: org.osbuild.systemd + options: + default_target: multi-user.target + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + - name: image + build: name:build + stages: + - type: org.osbuild.truncate + options: + filename: disk.img + size: "10737418240" + - type: org.osbuild.sfdisk + options: + label: gpt + uuid: D209C89E-EA5E-4FBD-B161-B461CCE297E0 + partitions: + - bootable: true + size: 2048 + start: 2048 + type: 21686148-6449-6E6F-744E-656564454649 + uuid: FAC7F1FB-3E8D-4137-A512-961DE09A5549 + - size: 409600 + start: 4096 + type: C12A7328-F81F-11D2-BA4B-00A0C93EC93B + uuid: 68B2905B-DF3E-4FB3-80FA-49D1E773AA33 + - size: 2097152 + start: 413696 + type: BC13C2FF-59E6-4262-A352-B275FD6F7172 + uuid: CB07C243-BC44-4717-853E-28852021225B + - size: 18460639 + start: 2510848 + type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + uuid: 6264D520-3FB9-423F-8AB8-7A0A8E3D3562 + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + lock: true + - type: org.osbuild.mkfs.fat + options: + volid: 7B7795E7 + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 4096 + size: 409600 + lock: true + - type: org.osbuild.mkfs.xfs + options: + uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + label: boot + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 413696 + size: 2097152 + lock: true + - type: org.osbuild.mkfs.xfs + options: + uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + label: root + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 2510848 + size: 18460639 + lock: true + - type: org.osbuild.copy + inputs: + root-tree: + type: org.osbuild.tree + origin: org.osbuild.pipeline + references: + - name:os + options: + paths: + - from: input://root-tree/ + to: mount://-/ + devices: + '-': + type: org.osbuild.loopback + options: + filename: disk.img + start: 2510848 + size: 18460639 + boot: + type: org.osbuild.loopback + options: + filename: disk.img + start: 413696 + size: 2097152 + boot-efi: + type: org.osbuild.loopback + options: + filename: disk.img + start: 4096 + size: 409600 + mounts: + - name: '-' + type: org.osbuild.xfs + source: '-' + target: / + - name: boot + type: org.osbuild.xfs + source: boot + target: /boot + - name: boot-efi + type: org.osbuild.fat + source: boot-efi + target: /boot/efi + - type: org.osbuild.grub2.inst + options: + filename: disk.img + platform: i386-pc + location: 2048 + core: + type: mkimage + partlabel: gpt + filesystem: xfs + prefix: + type: partition + partlabel: gpt + number: 2 + path: /grub2 + - name: qcow2 + build: name:build + stages: + - type: org.osbuild.qemu + inputs: + image: + type: org.osbuild.files + origin: org.osbuild.pipeline + references: + name:image: + file: disk.img + options: + filename: disk.qcow2 + format: + type: qcow2 + compat: "1.1" +sources: + org.osbuild.curl: diff --git a/test/data/images-ref/fedora/fedora-40-x86_64-minimal_raw.yaml b/test/data/images-ref/fedora/fedora-40-x86_64-minimal_raw.yaml new file mode 100644 index 00000000..60dc8f11 --- /dev/null +++ b/test/data/images-ref/fedora/fedora-40-x86_64-minimal_raw.yaml @@ -0,0 +1,211 @@ +version: "2" +pipelines: + - name: build + runner: org.osbuild.fedora40 + stages: + - type: org.osbuild.rpm + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + labels: + /usr/bin/cp: system_u:object_r:install_exec_t:s0 + - name: os + build: name:build + stages: + - type: org.osbuild.kernel-cmdline + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + kernel_opts: ro + - type: org.osbuild.rpm + - type: org.osbuild.fix-bls + options: + prefix: "" + - type: org.osbuild.locale + options: + language: en_US + - type: org.osbuild.hostname + options: + hostname: localhost.localdomain + - type: org.osbuild.timezone + options: + zone: UTC + - type: org.osbuild.fstab + options: + filesystems: + - uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + vfs_type: ext4 + path: / + options: defaults + - uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + vfs_type: ext4 + path: /boot + options: defaults + - uuid: 7B77-95E7 + vfs_type: vfat + path: /boot/efi + options: defaults,uid=0,gid=0,umask=077,shortname=winnt + passno: 2 + - type: org.osbuild.grub2 + options: + root_fs_uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + boot_fs_uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + kernel_opts: ro + uefi: + vendor: fedora + unified: true + saved_entry: ffffffffffffffffffffffffffffffff-6.10.6-200.fc40.x86_64 + write_cmdline: false + config: + default: saved + timeout: 5 + - type: org.osbuild.copy + inputs: + file-5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e: + type: org.osbuild.files + origin: org.osbuild.source + references: + - id: sha256:5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e + options: + paths: + - from: input://file-5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e/sha256:5ef477a297674dc16b6d212f37875f579a51370d9794a36e57cf0ad91562774e + to: tree:///root/anaconda-ks.cfg + remove_destination: true + - type: org.osbuild.chown + options: + items: + /root/anaconda-ks.cfg: + user: root + group: root + - type: org.osbuild.systemd + options: + enabled_services: + - NetworkManager.service + - firewalld.service + - initial-setup.service + - sshd.service + - type: org.osbuild.selinux + options: + file_contexts: etc/selinux/targeted/contexts/files/file_contexts + - name: image + build: name:build + stages: + - type: org.osbuild.truncate + options: + filename: disk.img + size: "4515168256" + - type: org.osbuild.sfdisk + options: + label: gpt + uuid: D209C89E-EA5E-4FBD-B161-B461CCE297E0 + partitions: + - size: 409600 + start: 18432 + type: C12A7328-F81F-11D2-BA4B-00A0C93EC93B + uuid: 68B2905B-DF3E-4FB3-80FA-49D1E773AA33 + - size: 2097152 + start: 428032 + type: BC13C2FF-59E6-4262-A352-B275FD6F7172 + uuid: CB07C243-BC44-4717-853E-28852021225B + - size: 6293471 + start: 2525184 + type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + uuid: 6264D520-3FB9-423F-8AB8-7A0A8E3D3562 + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + lock: true + - type: org.osbuild.mkfs.fat + options: + volid: 7B7795E7 + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 18432 + size: 409600 + lock: true + - type: org.osbuild.mkfs.ext4 + options: + uuid: dbd21911-1c4e-4107-8a9f-14fe6e751358 + label: boot + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 428032 + size: 2097152 + lock: true + - type: org.osbuild.mkfs.ext4 + options: + uuid: 9851898e-0b30-437d-8fad-51ec16c3697f + label: root + devices: + device: + type: org.osbuild.loopback + options: + filename: disk.img + start: 2525184 + size: 6293471 + lock: true + - type: org.osbuild.copy + inputs: + root-tree: + type: org.osbuild.tree + origin: org.osbuild.pipeline + references: + - name:os + options: + paths: + - from: input://root-tree/ + to: mount://-/ + devices: + '-': + type: org.osbuild.loopback + options: + filename: disk.img + start: 2525184 + size: 6293471 + boot: + type: org.osbuild.loopback + options: + filename: disk.img + start: 428032 + size: 2097152 + boot-efi: + type: org.osbuild.loopback + options: + filename: disk.img + start: 18432 + size: 409600 + mounts: + - name: '-' + type: org.osbuild.ext4 + source: '-' + target: / + - name: boot + type: org.osbuild.ext4 + source: boot + target: /boot + - name: boot-efi + type: org.osbuild.fat + source: boot-efi + target: /boot/efi + - name: xz + build: name:build + stages: + - type: org.osbuild.xz + inputs: + file: + type: org.osbuild.files + origin: org.osbuild.pipeline + references: + name:image: + file: disk.img + options: + filename: disk.raw.xz +sources: + org.osbuild.curl: diff --git a/test/test_image_ref.py b/test/test_image_ref.py new file mode 100644 index 00000000..bb43f23a --- /dev/null +++ b/test/test_image_ref.py @@ -0,0 +1,32 @@ +import json +import os +import pathlib +import yaml + +import pytest + +from otk.command import run + + +@pytest.mark.parametrize("ref_yaml", + [str(path) for path in (pathlib.Path(__file__).parent / "data/images-ref").glob("*/*.yaml")]) +def test_images_ref(tmp_path, ref_yaml): + os.environ["OSBUILD_TESTING_RNG_SEED"] = "0" + + ref_yaml_path = pathlib.Path(ref_yaml) + with ref_yaml_path.open() as fp: + ref_manifest = yaml.safe_load(fp) + + src_yaml = pathlib.Path("example") / ref_yaml_path.parent.name / ref_yaml_path.name + print("src",src_yaml) + manifest_json = tmp_path / "manifest.json" + run(["compile", + "-o", os.fspath(manifest_json), + os.fspath(src_yaml), + ]) + with manifest_json.open() as fp: + manifest = json.load(fp) + # XXX: filter rpm/curl stage before comparing + + assert manifest == ref_manifest +