forked from pool/ignition
- Update to version 2.20.0:
* Features * Support partitioning disk with mounted partitions * Support Proxmox VE * Support gzipped Akamai user_data * Changes * The Dracut module now installs partx * Mark the 3.5.0 config spec as stable * No longer accept configs with version 3.5.0-experimental * Create new 3.6.0-experimental config spec from 3.5.0 * Bug fixes * Fix network race when phoning home on Equinix Metal * Fix Akamai Ignition base64 decoding on padded payloads * Fix Makefile GOARCH for loongarch64 (#1942) - Drop go build bugfix again, fixed upstream - Adapting 0002-allow-multiple-mounts-of-same-device.patch to new 3.6.0 spec OBS-URL: https://build.opensuse.org/package/show/devel:kubic:ignition/ignition?expand=0&rev=131
This commit is contained in:
commit
69f59feb61
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
36
0001-ignore-missing-qemu-blockdev.patch
Normal file
36
0001-ignore-missing-qemu-blockdev.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From: Ignaz Forster <iforster@suse.com>
|
||||
Date: Thu, 9 Feb 2023 16:05:27 +0100
|
||||
Upstream: Ticket opened [gh#coreos/ignition#1556]
|
||||
|
||||
Continue with empty config on missing QEMU device
|
||||
|
||||
The two QEMU provider implementations (fwcfg for platforms with
|
||||
native support and blockdev for the others) have slightly different
|
||||
behaviour: If fwcfg doesn't contain any configuration, it will just
|
||||
skip ("QEMU firmware config was not found. Ignoring..."). The blockdev
|
||||
provider would error out if it can't read the configuration.
|
||||
|
||||
Change the behavior of the blockdev provider to match the fwcfg one
|
||||
and continue with an empty configuration if the device is not there.
|
||||
|
||||
diff --git a/internal/providers/qemu/qemu_blockdev.go b/internal/providers/qemu/qemu_blockdev.go
|
||||
index 911eb973..11739f3e 100644
|
||||
--- a/internal/providers/qemu/qemu_blockdev.go
|
||||
+++ b/internal/providers/qemu/qemu_blockdev.go
|
||||
@@ -22,7 +22,6 @@ package qemu
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
- "fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"time"
|
||||
@@ -83,7 +83,7 @@ func fetchConfigFromBlockDevice(logger *log.Logger) ([]byte, error) {
|
||||
return nil, err
|
||||
}
|
||||
case <-time.After(blockDeviceTimeout):
|
||||
- return nil, fmt.Errorf("timed out after %v waiting for block device %q to appear", blockDeviceTimeout, ignitionBlockDevicePath)
|
||||
+ logger.Info("timed out after %v waiting for block device %q to appear. Ignoring...", blockDeviceTimeout, ignitionBlockDevicePath)
|
||||
}
|
||||
|
||||
return bytes.TrimRight(data, "\x00"), nil
|
92
0002-allow-multiple-mounts-of-same-device.patch
Normal file
92
0002-allow-multiple-mounts-of-same-device.patch
Normal file
@ -0,0 +1,92 @@
|
||||
From: Ignaz Forster <iforster@suse.com>
|
||||
Date: Wed Jan 14 17:57:52 2020 +0100
|
||||
Upstream: Ticket opened [gh#coreos/ignition#890]
|
||||
|
||||
Implement poor man's solution for mounting a device multiple times,
|
||||
e.g. to mount several subvolumes from a Btrfs device or bind mounting
|
||||
the device to multiple places, by also adding the path to the key.
|
||||
|
||||
Index: ignition-2.20.0/config/v3_1/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_1/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_1/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
||||
Index: ignition-2.20.0/config/v3_2/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_2/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_2/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
||||
Index: ignition-2.20.0/config/v3_3/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_3/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_3/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
||||
Index: ignition-2.20.0/config/v3_4/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_4/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_4/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
||||
Index: ignition-2.20.0/config/v3_5/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_5/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_5/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
||||
Index: ignition-2.20.0/config/v3_6_experimental/types/filesystem.go
|
||||
===================================================================
|
||||
--- ignition-2.20.0.orig/config/v3_6_experimental/types/filesystem.go
|
||||
+++ ignition-2.20.0/config/v3_6_experimental/types/filesystem.go
|
||||
@@ -23,6 +23,9 @@ import (
|
||||
)
|
||||
|
||||
func (f Filesystem) Key() string {
|
||||
+ if (f.Path != nil) {
|
||||
+ return f.Device + *f.Path
|
||||
+ }
|
||||
return f.Device
|
||||
}
|
||||
|
30
0003-Move-the-GPT-header-on-resized-disks.patch
Normal file
30
0003-Move-the-GPT-header-on-resized-disks.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From: Ignaz Forster <iforster@suse.com>
|
||||
Date: Tue, 22 Aug 2023 16:13:07 +0200
|
||||
Subject: [PATCH] Move GTP header to the end on resized disk images
|
||||
|
||||
Fedora CoreOS is handling the GPT move by putting flags into the disk's
|
||||
GUID (see also [gh#coreos/ignition#839]) and then adjusting the root disk
|
||||
in
|
||||
https://github.com/coreos/fedora-coreos-config/blob/testing-devel/overlay.d/05core/usr/lib/dracut/modules.d/35coreos-ignition/coreos-gpt-setup.sh.
|
||||
We are not using the CoreOS Assembler and have no reason to change the
|
||||
UUID, so introducing a dracut service just to possibly move the GPT seems
|
||||
like overkill. Just do so when creating new partitions.
|
||||
---
|
||||
internal/sgdisk/sgdisk.go | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/internal/sgdisk/sgdisk.go b/internal/sgdisk/sgdisk.go
|
||||
index 29915809..9be5a9e6 100644
|
||||
--- a/internal/sgdisk/sgdisk.go
|
||||
+++ b/internal/sgdisk/sgdisk.go
|
||||
@@ -138,6 +138,7 @@ func (op Operation) buildOptions() []string {
|
||||
}
|
||||
|
||||
for _, p := range op.parts {
|
||||
+ opts = append(opts, "--move-second-header")
|
||||
opts = append(opts, fmt.Sprintf("--new=%d:%s:+%s", p.Number, partitionGetStart(p), partitionGetSize(p)))
|
||||
if p.Label != nil {
|
||||
opts = append(opts, fmt.Sprintf("--change-name=%d:%s", p.Number, *p.Label))
|
||||
--
|
||||
2.41.0
|
||||
|
@ -0,0 +1,34 @@
|
||||
From: Fabian Vogt <fvogt@suse.de>
|
||||
Date: Thu, 17 Aug 2023 13:51:24 +0200
|
||||
Subject: [PATCH] Order ignition-disks.service before systemd-fsck-root.service
|
||||
|
||||
firstboot-detect.service needs initrd-root-device.target but has to be before
|
||||
any ignition units, so ignition units can't use
|
||||
Before=initrd-root-device.target. Use systemd-fsck-root.service and
|
||||
dracut-pre-mount.service instead, which fits the comment above more anyway.
|
||||
---
|
||||
dracut/30ignition/ignition-disks.service | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
Index: ignition-2.16.2/dracut/30ignition/ignition-disks.service
|
||||
===================================================================
|
||||
--- ignition-2.16.2.orig/dracut/30ignition/ignition-disks.service
|
||||
+++ ignition-2.16.2/dracut/30ignition/ignition-disks.service
|
||||
@@ -9,7 +9,7 @@ Before=ignition-complete.target
|
||||
After=ignition-fetch.service
|
||||
Before=ignition-mount.service
|
||||
|
||||
-# This stage runs between `basic.target` and `initrd-root-device.target`,
|
||||
+# This stage runs between `basic.target` and `systemd-fsck-root.service`,
|
||||
# see https://www.freedesktop.org/software/systemd/man/bootup.html
|
||||
# Make sure to run before the file system checks, as sgdisk will trigger
|
||||
# udev events, potentially resulting in race conditions due to disappearing
|
||||
@@ -18,7 +18,7 @@ Before=ignition-mount.service
|
||||
# Note that CL runs this before `local-fs-pre.target` to allow for configs that
|
||||
# completely wipe the rootfs. Though we're not there yet. But we still run
|
||||
# before `sysroot.mount` on principle.
|
||||
-Before=initrd-root-device.target
|
||||
+Before=systemd-fsck-root.service dracut-pre-mount.service
|
||||
Before=sysroot.mount
|
||||
|
||||
OnFailure=emergency.target
|
41
README.SUSE
Normal file
41
README.SUSE
Normal file
@ -0,0 +1,41 @@
|
||||
Changes for openSUSE / SLE:
|
||||
|
||||
* ignition-mount-initrd-fstab.service / ignition-umount-initrd-fstab.service:
|
||||
Upstream Ignition will only mount partitions or subvolumes explicitly
|
||||
mentioned in the Ignition configuration. A default SUSE system, however,
|
||||
is split over several subvolumes, and most users won't want to define
|
||||
all the partitions again. On the other hand a lot of core functionality (e.g.
|
||||
configuring a SSH certificate for the root user or adding a configuration
|
||||
file) requires access to those subvolumes.
|
||||
For better usability in addition to Ignition's own mount / umount stage all
|
||||
files systems tagged for being mounted in the initrd ("x-initrd.mount" mount
|
||||
flag) will automatically be mounted / umounted.
|
||||
* ignition-setup-user.service / ignition-setup-user.sh:
|
||||
The user configuration can be stored on a device with the label "ignition"
|
||||
(e.g. by attaching a USB flash drive with that name) instead of using the
|
||||
platform specific configuration storage mechanism.
|
||||
* ignition-userconfig-timeout*.conf:
|
||||
Set timeout for Ignition device so boot will just continue if no physical
|
||||
Ignition configuration device is attached (e.g. when using platform
|
||||
specific configuration).
|
||||
* ignition-rmcfg-suse.conf:
|
||||
Adapt systemd service to match our own packaging: We do not support
|
||||
ConditionFirstBoot, and additionally support auto-detection of the platform
|
||||
(see ignition-suse-generator), so the detection whether the stage should be
|
||||
called has to be done via shell script.
|
||||
* ignition-touch-selinux-autorelabel.conf:
|
||||
Trigger SELinux autorelabel after Ignition runs; Ignition would support
|
||||
SELinux itself, however this is a compile time option, so it can't be
|
||||
used here.
|
||||
* ignition-suse-generator:
|
||||
Replaces the upstream generator by making use of firstboot.target provided
|
||||
by combustion and hooking up the services provided by this module.
|
||||
Additionally it will try to autodect the platform if it is not set on the
|
||||
kernel command line.
|
||||
* ignition-enable-network.service / ignition-enable-network.sh:
|
||||
Ignition supports detection whether the configuration requires networking
|
||||
to avoid having to boot with networking enabled even when it isn't
|
||||
necessary; the actual implementation to start the network is left to the
|
||||
distribution.
|
||||
* ignition-kargs-helper:
|
||||
Distribution specific helper script to implement kernel argument support.
|
14
_service
Normal file
14
_service
Normal file
@ -0,0 +1,14 @@
|
||||
<services>
|
||||
<service name="tar_scm" mode="disabled">
|
||||
<param name="version">2.20.0</param>
|
||||
<param name="revision">v2.20.0</param>
|
||||
<param name="url">https://github.com/coreos/ignition</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
</service>
|
||||
<service name="recompress" mode="disabled">
|
||||
<param name="compression">xz</param>
|
||||
<param name="file">*.tar</param>
|
||||
</service>
|
||||
<service name="set_version" mode="disabled"/>
|
||||
</services>
|
6
_servicedata
Normal file
6
_servicedata
Normal file
@ -0,0 +1,6 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://github.com/coreos/ignition</param>
|
||||
<param name="changesrevision">a204f429f13194ae379be9401d49e5241439660b</param>
|
||||
</service>
|
||||
</servicedata>
|
BIN
ignition-2.19.0.tar.xz
(Stored with Git LFS)
Normal file
BIN
ignition-2.19.0.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
3
ignition-2.20.0.tar.xz
Normal file
3
ignition-2.20.0.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:a71ebbe8c836a1a2845d362512f28330c415509a800765f90b97066f042961e4
|
||||
size 2974712
|
23
ignition-enable-network.service
Normal file
23
ignition-enable-network.service
Normal file
@ -0,0 +1,23 @@
|
||||
[Unit]
|
||||
Description=Start network if needed
|
||||
ConditionPathExists=/etc/initrd-release
|
||||
DefaultDependencies=false
|
||||
After=basic.target
|
||||
|
||||
# Triggering conditions for cases where we need network
|
||||
ConditionPathExists=|/run/ignition/neednet
|
||||
|
||||
# Creates /run/ignition/neednet
|
||||
After=ignition-fetch-offline.service
|
||||
# Needs networking
|
||||
Before=ignition-fetch.service
|
||||
|
||||
# See hack in coreos-enable-network, as well as coreos-copy-firstboot-network.service;
|
||||
# adapted for SUSE / wicked use
|
||||
After=dracut-cmdline.service
|
||||
Before=dracut-initqueue.service nm-initrd.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
ExecStart=/usr/sbin/ignition-enable-network
|
18
ignition-enable-network.sh
Normal file
18
ignition-enable-network.sh
Normal file
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
|
||||
. /lib/dracut-lib.sh
|
||||
|
||||
if [ -f /run/ignition/neednet ] && ! getargbool 0 'rd.neednet'; then
|
||||
echo "rd.neednet=1" > /etc/cmdline.d/40-ignition-neednet.conf
|
||||
|
||||
# Re-trigger generation of network rules and apply them
|
||||
if [ -e /lib/dracut/hooks/pre-udev/60-net-genrules.sh ]; then
|
||||
# Wicked
|
||||
. /lib/dracut/hooks/pre-udev/60-net-genrules.sh
|
||||
udevadm control --reload
|
||||
udevadm trigger --subsystem-match net --action add
|
||||
else
|
||||
# NetworkManager
|
||||
. /lib/dracut/hooks/cmdline/99-nm-config.sh
|
||||
fi
|
||||
fi
|
79
ignition-kargs-helper
Normal file
79
ignition-kargs-helper
Normal file
@ -0,0 +1,79 @@
|
||||
#!/bin/bash
|
||||
# Based on Ignition's examples/ignition-kargs-helper
|
||||
|
||||
set -euxo pipefail
|
||||
|
||||
grubcfg="/sysroot/etc/default/grub"
|
||||
|
||||
# Mount root file system. Note that we mount /boot but we don't unmount it
|
||||
# because we are run in a systemd unit with MountFlags=slave so it is unmounted
|
||||
# for us.
|
||||
. /dracut-state.sh
|
||||
mount "${root#block:}" "${NEWROOT}"
|
||||
# Also mount x-initrd.mount flagged mounts to get the current /etc state
|
||||
awk '$4 ~ /x-initrd.mount/ { system("findmnt /sysroot" $2 " >/dev/null || mount -t " $3 " -o " $4 " " $1 " /sysroot" $2) }' /sysroot/etc/fstab
|
||||
|
||||
orig_kernelopts="$(grep GRUB_CMDLINE_LINUX_DEFAULT "${grubcfg}")"
|
||||
orig_kernelopts="${orig_kernelopts#*=}"
|
||||
# trim the leading and trailing quote
|
||||
orig_kernelopts="${orig_kernelopts:1:-1}"
|
||||
|
||||
# add leading and trailing whitespace to allow for easy sed replacements
|
||||
kernelopts=" $orig_kernelopts "
|
||||
|
||||
while [[ $# -gt 0 ]]
|
||||
do
|
||||
key="$1"
|
||||
|
||||
case $key in
|
||||
--should-exist)
|
||||
arg="$2"
|
||||
# don't repeat the arg
|
||||
if [[ ! "${kernelopts[*]}" =~ " ${arg} " ]]; then
|
||||
kernelopts="$kernelopts$arg "
|
||||
fi
|
||||
shift 2
|
||||
;;
|
||||
--should-not-exist)
|
||||
kernelopts="$(echo "$kernelopts" | sed "s| $2 | |g")"
|
||||
shift 2
|
||||
;;
|
||||
*)
|
||||
echo "Unknown option"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# trim the leading and trailing whitespace
|
||||
kernelopts="$(echo "$kernelopts" | sed -e 's,^[[:space:]]*,,' -e 's,[[:space:]]*$,,')"
|
||||
|
||||
# only apply the changes & reboot if changes have been made
|
||||
if [[ "$kernelopts" != "$orig_kernelopts" ]]; then
|
||||
combustiondir="/run/combustion/mount/combustion"
|
||||
# The Combustion script may be located on an external device; if so the
|
||||
# device is guaranteed to mounted here already:
|
||||
# combustion-prepare: Before=dracutinitqueue.service
|
||||
# ignition-fetch: After=basic.target
|
||||
# Unmount the device, as the new Combustion script will be put at the
|
||||
# same location below.
|
||||
if findmnt "${combustiondir}"/.. >/dev/null; then
|
||||
umount "${combustiondir}"/..
|
||||
fi
|
||||
mkdir -p "${combustiondir}"
|
||||
# escape escapes to survive the multiple shell invocations
|
||||
kernelopts="${kernelopts//\\/\\\\\\\\}"
|
||||
kernelopts="${kernelopts//$/\\\$}"
|
||||
cat << EOF > "${combustiondir}/script"
|
||||
sed -i "s|^\(GRUB_CMDLINE_LINUX_DEFAULT=\).*|\1\"$kernelopts\"|" /etc/default/grub
|
||||
/usr/sbin/grub2-mkconfig > /boot/grub2/grub.cfg
|
||||
EOF
|
||||
SYSTEMD_OFFLINE=1 combustion
|
||||
|
||||
# Reset health-checker to prevent an unintended rollback
|
||||
echo "Clearing GRUB flag"
|
||||
chroot /sysroot grub2-editenv - set health_checker_flag=0 || true
|
||||
|
||||
systemctl reboot --force
|
||||
fi
|
||||
|
20
ignition-mount-initrd-fstab.service
Normal file
20
ignition-mount-initrd-fstab.service
Normal file
@ -0,0 +1,20 @@
|
||||
[Unit]
|
||||
Description=Mount initrd fstab entries for Ignition
|
||||
DefaultDependencies=false
|
||||
Before=ignition-complete.target
|
||||
|
||||
# Make sure ExecStop= runs before we switch root
|
||||
Before=initrd-switch-root.target
|
||||
|
||||
After=initrd-root-fs.target
|
||||
After=ignition-remount-sysroot.service
|
||||
|
||||
# Run only after Ignition's mount stage - mount points configured by Ignition
|
||||
# itself will be skipped below, just mount the rest.
|
||||
Requires=ignition-mount.service
|
||||
After=ignition-mount.service
|
||||
Before=ignition-files.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -e -c 'eval $(awk '"'"'$4 ~ /x-initrd.mount/ && $1 !~ /^#/ {print "if ! findmnt /sysroot" $2 " >/dev/null; then mount -t " $3 " -o " $4 " " $1 " /sysroot" $2 "; fi;" }'"'"' /sysroot/etc/fstab)'
|
21
ignition-remove-reconfig_system.service
Normal file
21
ignition-remove-reconfig_system.service
Normal file
@ -0,0 +1,21 @@
|
||||
[Unit]
|
||||
Description=Disable firstboot wizard if ignition ran
|
||||
|
||||
# Make sure ignition completed
|
||||
After=ignition-complete.target
|
||||
# Don't race with combustion
|
||||
After=combustion.service
|
||||
|
||||
# Make sure /sysroot/etc and var are available
|
||||
After=initrd-parse-etc.service
|
||||
RequiresMountsFor=/sysroot/etc
|
||||
RequiresMountsFor=/sysroot/var
|
||||
|
||||
ConditionPathExists=/sysroot/etc/.ignition-result.json
|
||||
ConditionPathExists=/sysroot/var/lib/YaST2/reconfig_system
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
# Use grep to avoid pulling in jq
|
||||
ExecStart=/bin/sh -ec 'if grep -q "\\"userConfigProvided\\":.*true" /sysroot/etc/.ignition-result.json; then rm /sysroot/var/lib/YaST2/reconfig_system; fi'
|
9
ignition-rmcfg-suse.conf
Normal file
9
ignition-rmcfg-suse.conf
Normal file
@ -0,0 +1,9 @@
|
||||
[Unit]
|
||||
ConditionFirstBoot=
|
||||
ConditionKernelCommandLine=
|
||||
ConditionKernelCommandLine=|ignition.firstboot
|
||||
|
||||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=/bin/bash -c 'if [ "${PLATFORM_ID}" = virtualbox -o "${PLATFORM_ID}" = vmware ]; then /usr/sbin/ignition-rmcfg --platform=${PLATFORM_ID}; fi'
|
||||
|
21
ignition-setup-user.service
Normal file
21
ignition-setup-user.service
Normal file
@ -0,0 +1,21 @@
|
||||
[Unit]
|
||||
Description=Ignition User Config Setup
|
||||
Documentation=https://build.opensuse.org/package/view_file/devel:kubic:ignition/ignition/README.SUSE?expand=1
|
||||
ConditionPathExists=/etc/initrd-release
|
||||
DefaultDependencies=false
|
||||
|
||||
# We run before config fetch because we may copy in new/different configs
|
||||
# for Ignition to consume.
|
||||
Before=ignition-fetch-offline.service
|
||||
|
||||
OnFailure=emergency.target
|
||||
OnFailureJobMode=isolate
|
||||
|
||||
Wants=dev-disk-by\x2dlabel-ignition.device
|
||||
After=dev-disk-by\x2dlabel-ignition.device
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
MountFlags=slave
|
||||
ExecStart=/usr/sbin/ignition-setup-user
|
39
ignition-setup-user.sh
Normal file
39
ignition-setup-user.sh
Normal file
@ -0,0 +1,39 @@
|
||||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
copy_file_if_exists() {
|
||||
src="${1}"; dst="${2}"
|
||||
if [ -f "${src}" ]; then
|
||||
echo "Copying ${src} to ${dst}"
|
||||
cp "${src}" "${dst}"
|
||||
else
|
||||
echo "File ${src} does not exist.. Skipping copy"
|
||||
fi
|
||||
}
|
||||
|
||||
# systemd v256 now runs the initrd with ProtectSystem=yes, which makes /usr
|
||||
# read-only. Just remount it rw until we have:
|
||||
# https://github.com/coreos/ignition/issues/1891
|
||||
if [ ! -w /usr ]; then
|
||||
mount -o rw,remount /usr
|
||||
fi
|
||||
|
||||
destination=/usr/lib/ignition
|
||||
mkdir -p $destination
|
||||
|
||||
if command -v is-live-image >/dev/null && is-live-image; then
|
||||
# Live image. If the user has supplied a config.ign via an appended
|
||||
# initrd, put it in the right place.
|
||||
copy_file_if_exists "/config.ign" "${destination}/user.ign"
|
||||
else
|
||||
# We will support a user embedded config in the boot partition
|
||||
# under $bootmnt/ignition/config.ign. Note that we mount /boot
|
||||
# but we don't unmount boot because we are run in a systemd unit
|
||||
# with MountFlags=slave so it is unmounted for us.
|
||||
bootmnt=/mnt/boot_partition
|
||||
mkdir -p $bootmnt
|
||||
if [ -e /dev/disk/by-label/ignition ]; then
|
||||
mount /dev/disk/by-label/ignition $bootmnt
|
||||
fi
|
||||
copy_file_if_exists "${bootmnt}/ignition/config.ign" "${destination}/user.ign"
|
||||
fi
|
53
ignition-suse-generator
Normal file
53
ignition-suse-generator
Normal file
@ -0,0 +1,53 @@
|
||||
#!/bin/bash
|
||||
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
||||
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
||||
|
||||
set -e
|
||||
|
||||
# Generators don't have logging right now
|
||||
# https://github.com/systemd/systemd/issues/15638
|
||||
exec 1>/dev/kmsg; exec 2>&1
|
||||
|
||||
UNIT_DIR="${1:-/tmp}"
|
||||
|
||||
cmdline=( $(</proc/cmdline) )
|
||||
cmdline_arg() {
|
||||
local name="$1" value="$2"
|
||||
for arg in "${cmdline[@]}"; do
|
||||
if [[ "${arg%%=*}" == "${name}" ]]; then
|
||||
value="${arg#*=}"
|
||||
fi
|
||||
done
|
||||
echo "${value}"
|
||||
}
|
||||
|
||||
add_requires() {
|
||||
local name="$1"; shift
|
||||
local target="$1"; shift
|
||||
local requires_dir="${UNIT_DIR}/${target}.requires"
|
||||
mkdir -p "${requires_dir}"
|
||||
ln -sf "../${name}" "${requires_dir}/${name}"
|
||||
}
|
||||
|
||||
add_requires ignition-complete.target firstboot.target
|
||||
add_requires ignition-diskful.target ignition-complete.target
|
||||
# TODO: Add support for ignition-subsequent.target, when needed?
|
||||
|
||||
echo "PLATFORM_ID=$(cmdline_arg ignition.platform.id)" > /run/ignition.env
|
||||
|
||||
. /run/ignition.env
|
||||
|
||||
add_requires ignition-mount-initrd-fstab.service ignition-files.service
|
||||
add_requires ignition-umount-initrd-fstab.service ignition-files.service
|
||||
add_requires ignition-enable-network.service ignition-fetch.service
|
||||
|
||||
if [ -z "${PLATFORM_ID}" ]; then
|
||||
platform="$(systemd-detect-virt || true)"
|
||||
case "${platform}" in
|
||||
*vmware*) platform="vmware" ;;
|
||||
*oracle*) platform="virtualbox" ;;
|
||||
*kvm*|*qemu*) platform="qemu" ;;
|
||||
*) platform="metal" ;;
|
||||
esac
|
||||
echo "PLATFORM_ID=${platform}" > /run/ignition.env
|
||||
fi
|
2
ignition-touch-selinux-autorelabel.conf
Normal file
2
ignition-touch-selinux-autorelabel.conf
Normal file
@ -0,0 +1,2 @@
|
||||
[Service]
|
||||
ExecStart=/bin/sh -c 'if [ -e /sysroot/etc/selinux/.relabelled ]; then >> /sysroot/etc/selinux/.autorelabel; fi'
|
12
ignition-umount-initrd-fstab.service
Normal file
12
ignition-umount-initrd-fstab.service
Normal file
@ -0,0 +1,12 @@
|
||||
[Unit]
|
||||
Description=Unmount initrd fstab entries for Ignition
|
||||
DefaultDependencies=false
|
||||
Before=ignition-complete.target
|
||||
After=ignition-files.service
|
||||
# Make sure not to unmount the real sysroot-*.mount units
|
||||
Before=initrd-parse-etc.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
ExecStart=/bin/sh -e -c 'if [ -f /sysroot/etc/systemd/system-preset/20-ignition.preset ]; then while read line; do systemctl --root=/sysroot $line; done < /sysroot/etc/systemd/system-preset/20-ignition.preset; fi'
|
||||
ExecStart=/bin/sh -e -c 'eval $(awk '"'"'$4 ~ /x-initrd.mount/ && $1 !~ /^#/ {print "if findmnt /sysroot" $2 " >/dev/null; then umount -R /sysroot" $2 "; fi;" }'"'"' /sysroot/etc/fstab)'
|
2
ignition-userconfig-timeout-arm.conf
Normal file
2
ignition-userconfig-timeout-arm.conf
Normal file
@ -0,0 +1,2 @@
|
||||
[Unit]
|
||||
JobTimeoutSec=20
|
2
ignition-userconfig-timeout.conf
Normal file
2
ignition-userconfig-timeout.conf
Normal file
@ -0,0 +1,2 @@
|
||||
[Unit]
|
||||
JobTimeoutSec=10
|
1629
ignition.changes
Normal file
1629
ignition.changes
Normal file
File diff suppressed because it is too large
Load Diff
141
ignition.spec
Normal file
141
ignition.spec
Normal file
@ -0,0 +1,141 @@
|
||||
#
|
||||
# spec file for package ignition
|
||||
#
|
||||
# Copyright (c) 2024 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
Name: ignition
|
||||
Version: 2.20.0
|
||||
Release: 0
|
||||
Summary: First boot installer and configuration tool
|
||||
License: Apache-2.0
|
||||
Group: System/Management
|
||||
URL: https://github.com/coreos/ignition
|
||||
Source: %{name}-%{version}.tar.xz
|
||||
Source1: ignition-mount-initrd-fstab.service
|
||||
Source2: ignition-umount-initrd-fstab.service
|
||||
Source3: ignition-suse-generator
|
||||
Source4: module-setup.sh
|
||||
Source7: README.SUSE
|
||||
Source8: ignition-setup-user.sh
|
||||
Source9: ignition-setup-user.service
|
||||
Source10: ignition-enable-network.service
|
||||
Source11: ignition-enable-network.sh
|
||||
Source12: ignition-kargs-helper
|
||||
Source13: ignition-remove-reconfig_system.service
|
||||
Source14: ignition-touch-selinux-autorelabel.conf
|
||||
Source15: ignition-rmcfg-suse.conf
|
||||
Source20: ignition-userconfig-timeout.conf
|
||||
Source21: ignition-userconfig-timeout-arm.conf
|
||||
Patch1: 0001-ignore-missing-qemu-blockdev.patch
|
||||
Patch2: 0002-allow-multiple-mounts-of-same-device.patch
|
||||
Patch3: 0003-Move-the-GPT-header-on-resized-disks.patch
|
||||
Patch4: 0004-Order-ignition-disks.service-before-systemd-fsck-roo.patch
|
||||
BuildRequires: dracut
|
||||
BuildRequires: libblkid-devel
|
||||
BuildRequires: systemd-rpm-macros
|
||||
BuildRequires: update-bootloader-rpm-macros
|
||||
BuildRequires: golang(API) >= 1.20
|
||||
# combustion provides firstboot.target and ignition-kargs-helper calls combustion
|
||||
Requires: combustion >= 1.2
|
||||
Requires: dracut
|
||||
Recommends: %{_sbindir}/groupadd
|
||||
Recommends: %{_sbindir}/sgdisk
|
||||
Recommends: %{_sbindir}/useradd
|
||||
Recommends: %{_sbindir}/usermod
|
||||
Recommends: /sbin/mkfs.btrfs
|
||||
Recommends: /sbin/mkfs.ext4
|
||||
Recommends: /sbin/mkfs.vfat
|
||||
Recommends: /sbin/mkfs.xfs
|
||||
Recommends: /sbin/mkswap
|
||||
Recommends: /sbin/udevadm
|
||||
Suggests: /sbin/mdadm
|
||||
Provides: ignition-dracut = 0.0+git20200722.98ed51d
|
||||
Obsoletes: ignition-dracut < 0.0+git20200722.98ed51d
|
||||
# Not provided because the mechanism is different
|
||||
Obsoletes: ignition-dracut-grub2 < %{version}-%{release}
|
||||
%{update_bootloader_requires}
|
||||
|
||||
%description
|
||||
Ignition is an utility to manipulate disks and configuration files
|
||||
during the initramfs. This includes partitioning disks, formatting
|
||||
partitions, writing files (regular files, systemd units, etc.), and
|
||||
creating users.
|
||||
On first boot, Ignition reads its configuration from a source of truth
|
||||
(remote URL, network metadata service, hypervisor bridge, etc.) and
|
||||
applies the configuration.
|
||||
|
||||
%prep
|
||||
%autosetup -p1
|
||||
|
||||
mkdir -p dracut/30ignition-microos grub systemd_suse/ignition-delete-config.service.d
|
||||
chmod +x %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE12}
|
||||
cp %{SOURCE1} %{SOURCE2} %{SOURCE3} %{SOURCE4} %{SOURCE8} %{SOURCE9} %{SOURCE10} %{SOURCE11} %{SOURCE13} %{SOURCE14} dracut/30ignition-microos/
|
||||
%ifarch aarch64 %{arm}
|
||||
cp %{SOURCE21} dracut/30ignition-microos/ignition-userconfig-timeout.conf
|
||||
%else
|
||||
cp %{SOURCE20} dracut/30ignition-microos/ignition-userconfig-timeout.conf
|
||||
%endif
|
||||
cp %{SOURCE15} systemd_suse/ignition-delete-config.service.d/
|
||||
cp %{SOURCE7} .
|
||||
cp %{SOURCE12} dracut/30ignition/ignition-kargs-helper.sh
|
||||
|
||||
%build
|
||||
sed -i -e 's|go build -ldflags|go build -buildmode=pie -ldflags|g' build
|
||||
VERSION=%{version} GLDFLAGS='-X github.com/coreos/ignition/v2/internal/distro.selinuxRelabel=false -X github.com/coreos/ignition/v2/internal/distro.writeAuthorizedKeysFragment=false ' ./build
|
||||
|
||||
%check
|
||||
VERSION=%{version} ./build_blackbox_tests
|
||||
|
||||
%install
|
||||
make -o all install DESTDIR=%{buildroot}
|
||||
|
||||
install -d %{buildroot}%{_sysconfdir}/grub.d
|
||||
install -d %{buildroot}%{_unitdir}/ignition-delete-config.service.d
|
||||
install -p -m 0644 systemd_suse/ignition-delete-config.service.d/* %{buildroot}%{_prefix}/lib/systemd/system/ignition-delete-config.service.d
|
||||
install -d %{buildroot}%{_sbindir}/
|
||||
mv %{buildroot}/usr/libexec/* %{buildroot}/%{_sbindir}/
|
||||
rmdir %{buildroot}/usr/libexec
|
||||
|
||||
%pre
|
||||
%service_add_pre ignition-delete-config.service
|
||||
|
||||
%post
|
||||
%{?regenerate_initrd_post}
|
||||
%service_add_post ignition-delete-config.service
|
||||
|
||||
%preun
|
||||
%service_del_preun ignition-delete-config.service
|
||||
|
||||
%postun
|
||||
%service_del_postun_without_restart ignition-delete-config.service
|
||||
|
||||
%posttrans
|
||||
%{?regenerate_initrd_posttrans}
|
||||
|
||||
%files
|
||||
%license LICENSE
|
||||
%doc README.md README.SUSE docs/*.md
|
||||
# Paths are hardcoded in the Makefile
|
||||
/usr/lib/dracut/modules.d/30ignition
|
||||
/usr/lib/dracut/modules.d/30ignition-microos
|
||||
/usr/bin/ignition-validate
|
||||
/usr/lib/systemd/system/ignition-delete-config.service
|
||||
%{_sbindir}/ignition-apply
|
||||
%{_sbindir}/ignition-rmcfg
|
||||
%dir %{_unitdir}/ignition-delete-config.service.d
|
||||
%{_unitdir}/ignition-delete-config.service.d/ignition-rmcfg-suse.conf
|
||||
|
||||
%changelog
|
52
module-setup.sh
Normal file
52
module-setup.sh
Normal file
@ -0,0 +1,52 @@
|
||||
#!/bin/bash
|
||||
# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
|
||||
# ex: ts=8 sw=4 sts=4 et filetype=sh
|
||||
|
||||
check() {
|
||||
# Omit if building for this already configured system
|
||||
if [[ $hostonly ]] && [ -e "${dracutsysrootdir}/etc/machine-id" ]; then
|
||||
return 255
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
depends() {
|
||||
echo combustion crypt dm firstboot ignition
|
||||
}
|
||||
|
||||
install_ignition_unit() {
|
||||
local unit="$1"; shift
|
||||
local target="${1:-ignition-complete.target}"; shift
|
||||
local instantiated="${1:-$unit}"; shift
|
||||
inst_simple "$moddir/$unit" "$systemdsystemunitdir/$unit"
|
||||
# note we `|| exit 1` here so we error out if e.g. the units are missing
|
||||
# see https://github.com/coreos/fedora-coreos-config/issues/799
|
||||
systemctl -q --root="$initdir" add-requires "$target" "$instantiated" || exit 1
|
||||
}
|
||||
|
||||
install() {
|
||||
inst_simple "$moddir/ignition-enable-network.service" \
|
||||
"$systemdsystemunitdir/ignition-enable-network.service"
|
||||
inst_simple "$moddir/ignition-mount-initrd-fstab.service" \
|
||||
"$systemdsystemunitdir/ignition-mount-initrd-fstab.service"
|
||||
inst_simple "$moddir/ignition-umount-initrd-fstab.service" \
|
||||
"$systemdsystemunitdir/ignition-umount-initrd-fstab.service"
|
||||
inst_simple "$moddir/ignition-userconfig-timeout.conf" \
|
||||
"$systemdsystemunitdir/dev-disk-by\x2dlabel-ignition.device.d/ignition-userconfig-timeout.conf"
|
||||
inst_simple "$moddir/ignition-touch-selinux-autorelabel.conf" \
|
||||
"$systemdsystemunitdir/ignition-files.service.d/ignition-touch-selinux-autorelabel.conf"
|
||||
inst_simple "$moddir/ignition-suse-generator" \
|
||||
"/etc/systemd/system-generators/ignition-generator"
|
||||
inst_script "$moddir/ignition-enable-network.sh" \
|
||||
"/usr/sbin/ignition-enable-network"
|
||||
inst_script "$moddir/ignition-setup-user.sh" \
|
||||
"/usr/sbin/ignition-setup-user"
|
||||
inst_multiple awk systemd-detect-virt cryptsetup
|
||||
install_ignition_unit ignition-remove-reconfig_system.service initrd.target
|
||||
install_ignition_unit ignition-setup-user.service
|
||||
}
|
||||
|
||||
installkernel() {
|
||||
# Make sure we can read configuration from ISO image and vfat formated USB drives
|
||||
hostonly='' instmods iso9660 vfat =fs/nls
|
||||
}
|
Loading…
Reference in New Issue
Block a user