- Fix activation of luks pool in the initrd
kiwi called systemd-cryptsetup directly which does not take
the settings available in /etc/crypttab into account. This
commit changes the activation procedure in a way that the
generator created unit file systemd-cryptsetup@... is used
This Fixes bsc#1219009
- Set default output console to gfxterm for grub
If no console setting is done in the image description for grub
the default output console is set to: gfxterm and the default
input console is set to: console. This Fixes bsc#1219074
- Allow terminal emulation setup from the cmdline
Using rd.kiwi.term will export the TERM variable into the initrd
environment. In case the default value for the terminal emulation
is not appropriate rd.kiwi.term can be used to overwrite the default.
The environment is also passed to the systemd unit which calls
dialog based programs in kiwi dracut code, such that the TERM
setting will be effective there too. For example:
OBS-URL: https://build.opensuse.org/request/show/1153889
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=111
kiwi called systemd-cryptsetup directly which does not take
the settings available in /etc/crypttab into account. This
commit changes the activation procedure in a way that the
generator created unit file systemd-cryptsetup@... is used
This Fixes bsc#1219009
- Allow terminal emulation setup from the cmdline
Using rd.kiwi.term will export the TERM variable into the initrd
environment. In case the default value for the terminal emulation
is not appropriate rd.kiwi.term can be used to overwrite the default.
The environment is also passed to the systemd unit which calls
dialog based programs in kiwi dracut code, such that the TERM
setting will be effective there too. For example:
rd.kiwi.term=vt100
This is related to bsc#1218095
- Followup fix for .profile.extra
Allow to source .profile.extra such that it is possible to
read and act on e.g cmdline parameters. This is related to
bsc#1218095
- Add support for reading .profile.extra in initrd
If there is the file /.profile.extra available in the
initrd, kiwi will import this additional environment file
after the import of the standard /.profile file.
This is related to bsc#1218095
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=236
If no console setting is done in the image description for grub
the default output console is set to: gfxterm and the default
input console is set to: console. This Fixes bsc#1219074
- Follow up fix for drop of hybrid boot snippets
The following is left over code from the drop of the hybrid
boot templates.
- Drop hybrid boot snippets from the GRUB 2 configuration template
Sometime between GRUB 2.04 and GRUB 2.06, it became no longer
necessary to use "linuxefi"+"initrdefi" for UEFI boot. The
standard "linux"+"initrd" stanzas work for both legacy BIOS boot
and modern UEFI boot.
Some distributions no longer support "linuxefi"+"initrdefi" at all
anymore, so let's just use "linux"+"initrd" for everything now.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=235
The commit used a wrong e-mail address which should not
land in the created changes file for the packaging
- Apply changelog fixes by glob
Does not require Makefile changes when maintaining branches
- Add changelog fix file for commit deb6ca
The commit used a wrong e-mail address which should not
land in the created changes file for the packaging
Signed-off-by: David Cassany <dcassany@suse.com>
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=234
- Disable workflow runs from master
The following github actions will be disabled from master
because they are expected to run from main:
- ci-publish-pages.yml
- ci-publish-to-pypi.yml
- ci-update-build-tests.yml
- Bump version: 9.25.21 → 9.25.22
- Fixed regression in GRUB_SERIAL_COMMAND setup
The condition to write the serial line setup was broken.
This commit fixes it. Related to Issue #2419
- Fixed grub terminal setup
The grub terminal setup is divided into the setting for the output
and the input console. For both settings different parameters exists.
So far kiwi did not differentiate between the two parts of the
console setup and that could lead to a wrong setting if only one
value is provided in kiwi's console= attribute which lead to the
grub setting, GRUB_TERMINAL=value. If value is set to e.g gfxterm
grub takes this for both input and output and it's obviously
wrong for the input. To make this less error prune the kiwi code
changes with this commit to set GRUB_TERMINAL_INPUT and
GRUB_TERMINAL_OUTPUT rather than GRUB_TERMINAL and also runs sanity
checks on the provided values if they are applicable. The information
for setting up the console in the schema stays untouched though.
That's because it's used for all bootloaders and also because grub
supports multiple values for the console in/out setting in one
GRUB_TERMINAL variable even though kiwi does no longer use it.
To make this clear for the users also the documentation for the
OBS-URL: https://build.opensuse.org/request/show/1140588
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=109
The following github actions will be disabled from master
because they are expected to run from main:
- ci-publish-pages.yml
- ci-publish-to-pypi.yml
- ci-update-build-tests.yml
- Bump version: 9.25.21 → 9.25.22
- Fixed regression in GRUB_SERIAL_COMMAND setup
The condition to write the serial line setup was broken.
This commit fixes it. Related to Issue #2419
- Fixed grub terminal setup
The grub terminal setup is divided into the setting for the output
and the input console. For both settings different parameters exists.
So far kiwi did not differentiate between the two parts of the
console setup and that could lead to a wrong setting if only one
value is provided in kiwi's console= attribute which lead to the
grub setting, GRUB_TERMINAL=value. If value is set to e.g gfxterm
grub takes this for both input and output and it's obviously
wrong for the input. To make this less error prune the kiwi code
changes with this commit to set GRUB_TERMINAL_INPUT and
GRUB_TERMINAL_OUTPUT rather than GRUB_TERMINAL and also runs sanity
checks on the provided values if they are applicable. The information
for setting up the console in the schema stays untouched though.
That's because it's used for all bootloaders and also because grub
supports multiple values for the console in/out setting in one
GRUB_TERMINAL variable even though kiwi does no longer use it.
To make this clear for the users also the documentation for the
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=232
- Update test-image-MicroOS
Incorporate latest changes from upstream MicroOS and
also add an encrypted profile build for testing
- Bump version: 9.25.18 → 9.25.19
- Fix typo in workflow overview doc section
- Add missing documentation for oem-unattended-id
- Allow install disk overwrite from cmdline
Add rd.kiwi.oem.installdevice=DEVICE. Configures the disk device
that should be used in an OEM installation. This overwrites any
other oem device setting, e.g device filter or maxdisk and just
continues the installation on the given device. However, the
device must exist and must be a block special.
This Fixes jira#PED-7180
- Update mailmap
- Replace the regex-based loader entry fix with string parsing (#2388)
A user building RHEL images ran into issues with the initrd.
It turns out that RHEL uses some patches that mean the
initrd/linux files in RHEL are not installed to /boot, which trips
up the original regex. The new fix doesn't rely on matching the
path in boot, instead just finding the initrd/linux files and rewriting
them in place.
This change also adds the pre-and-post fix loader entries to the debug logs.
Reference: https://bugzilla.suse.com/1208701
Fixes suse bsc#1208701
OBS-URL: https://build.opensuse.org/request/show/1132074
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=108
Incorporate latest changes from upstream MicroOS and
also add an encrypted profile build for testing
- Bump version: 9.25.18 → 9.25.19
- Fix typo in workflow overview doc section
- Add missing documentation for oem-unattended-id
- Allow install disk overwrite from cmdline
Add rd.kiwi.oem.installdevice=DEVICE. Configures the disk device
that should be used in an OEM installation. This overwrites any
other oem device setting, e.g device filter or maxdisk and just
continues the installation on the given device. However, the
device must exist and must be a block special.
This Fixes jira#PED-7180
- Update mailmap
- Replace the regex-based loader entry fix with string parsing (#2388)
A user building RHEL images ran into issues with the initrd.
It turns out that RHEL uses some patches that mean the
initrd/linux files in RHEL are not installed to /boot, which trips
up the original regex. The new fix doesn't rely on matching the
path in boot, instead just finding the initrd/linux files and rewriting
them in place.
This change also adds the pre-and-post fix loader entries to the debug logs.
Reference: https://bugzilla.suse.com/1208701
Fixes suse bsc#1208701
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=231
- Bump version: 9.25.16 → 9.25.17
- Fixed argument processing of config.bootoptions
Instead of adding an extra space to make the subsequent reading
to work, use an awk script that does it without nasty workarounds
- Allow test-image-disk-ramdisk to be build locally
- Bump version: 9.25.15 → 9.25.16
- Fixed doc search field
The search in the documentation is broken with the rtd
schema and latest sphinx. Stick with sphinx 5.0.0 for the
moment which fixes the issue
- Bump version: 9.25.14 → 9.25.15
- Make codacy happy
- Support release version in signkey URLs
Using one of the $releasever/${releasever} variable placeholders
in an URL as part of a <signing key="..."/> element did not replace
the placeholder with the value of the <release-version> element.
This commit fixes this and also makes sure that the result list
for downloading signing keys is unique. This Fixes#2381
- Bump version: 9.25.13 → 9.25.14
- Update pypi release to trusted workflow
OBS-URL: https://build.opensuse.org/request/show/1118210
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=107
- Fixed argument processing of config.bootoptions
Instead of adding an extra space to make the subsequent reading
to work, use an awk script that does it without nasty workarounds
- Allow test-image-disk-ramdisk to be build locally
- Bump version: 9.25.15 → 9.25.16
- Fixed doc search field
The search in the documentation is broken with the rtd
schema and latest sphinx. Stick with sphinx 5.0.0 for the
moment which fixes the issue
- Bump version: 9.25.14 → 9.25.15
- Make codacy happy
- Support release version in signkey URLs
Using one of the $releasever/${releasever} variable placeholders
in an URL as part of a <signing key="..."/> element did not replace
the placeholder with the value of the <release-version> element.
This commit fixes this and also makes sure that the result list
for downloading signing keys is unique. This Fixes#2381
- Bump version: 9.25.13 → 9.25.14
- Update pypi release to trusted workflow
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=230
- Bump version: 9.25.11 → 9.25.12
- Fix double grub entries in hybrid ISO images
As consequence of using the "source" grub command instead
of the "configfile" command to load the grub config we now
see double loading of the same file on ISO media. The reason
here is that kiwi ISO media is always hybrid which means it
embeds an MBR into the ISO for which the "source" command now
can read the same file through two different device paths.
This does not happen with the "configfile" grub command.
Thus this patch uses "configfile" if we produce an ISO image
and "source" for all other image types. The commit also fixes
the custom grub template used for ISO images in a way that
we only set the "serial" command if there is a serial
configuration provided along with the image description.
- Update x86/tumbleweed/test-image-systemd-boot
systemd package has been splitted and provides
systemd-boot in an extra package now
- Limit scope of grub _fix method
Only apply _fix_grub_to_support_dynamic_efi_and_bios_boot for
the x86_64 or ix86 architectures. This Fixes#2343
OBS-URL: https://build.opensuse.org/request/show/1103984
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=106
- Fix double grub entries in hybrid ISO images
As consequence of using the "source" grub command instead
of the "configfile" command to load the grub config we now
see double loading of the same file on ISO media. The reason
here is that kiwi ISO media is always hybrid which means it
embeds an MBR into the ISO for which the "source" command now
can read the same file through two different device paths.
This does not happen with the "configfile" grub command.
Thus this patch uses "configfile" if we produce an ISO image
and "source" for all other image types. The commit also fixes
the custom grub template used for ISO images in a way that
we only set the "serial" command if there is a serial
configuration provided along with the image description.
- Update x86/tumbleweed/test-image-systemd-boot
systemd package has been splitted and provides
systemd-boot in an extra package now
- Limit scope of grub _fix method
Only apply _fix_grub_to_support_dynamic_efi_and_bios_boot for
the x86_64 or ix86 architectures. This Fixes#2343
- Bump version: 9.25.10 → 9.25.11
- remove trailing whitespace
- rpm spec: add missing requires of typing_extensions for python < 3.8
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=229
- dracut: modules.d: 99kiwi-lib: add bash shebangs and dependency
The scripts in the kiwi-lib module use bash-specific syntax like
`function`, which causes the script to fail if another shell (like dash
or busybox) is used to interpret the scripts. Specifically set the shebang
to use bash as the shell interpreter and add bash as a dependency to the
dracut module to fix this.
This resolves the following errors which are printed at boot when
busybox tries to interpret the scripts:
/bin/dracut-pre-mount: 3: /lib/kiwi-filesystem-lib.sh: function: not found
/bin/dracut-pre-mount: 15: /lib/kiwi-filesystem-lib.sh: Syntax error: "}" unexpected
Signed-off-by: Isaac True <isaac.true@canonical.com>
- Do not depend on dnf for SUSE ALP
- Added appx-util as WSL requires for Fedora/RHEL
Make sure the kiwi-systemdeps-containers-wsl meta package
pulls in the required tools for Fedora/RHEL when building
WSL containers. This is a followup to #2286
- Add cpio to core systemdeps requires list
- Bump version: 9.24.59 → 9.24.60
- Allow to create plain cpio archives
Allow to create plain cpio archives to serve the idea
of the mkosi initrd concept
- Fix restoration of grub2-install (bsc#1210948)
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=228
- Adding a comment to explain the s390 specific path
Signed-off-by: David Cassany <dcassany@suse.com>
- Use parted only in s390 arch
This commit ensures parted is only called in dracut-kiwi-lib for s390
arch. It also fixes the spec to only require parted for
s390 builds.
In addition parted requirement has been removed from dracut-kiwi-live
package since parted is not used in any other dracut module beyond
kiwi-lib.
Signed-off-by: David Cassany <dcassany@suse.com>
- Expand DASD partition table with parted
Signed-off-by: David Cassany <dcassany@suse.com>
- Fixed evaluation of custom start sector
In case an alternative partition table start sector is
configured, the check to effectively apply it should be
based on the partition table type not on the firmware
name
- Add parted dependency for s390
Signed-off-by: David Cassany <dcassany@suse.com>
- Bump version: 9.24.57 → 9.24.58
- Build leap btrfs test without root as snapshot
So far no btrfs integration test without root as snapshot existed
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=227
- Allow squashfscompression for plain squashfs
The schematron rule to limit the squashfscompression attribute
to certain image types did not allow it for a plain squashfs
filesystem build. This commit fixes that limitation.
This Fixes#2241
- Use rsync defaults to sync the initrd root-tree
This commits makes use of rsync default options to sync
the root-tree of the boot image for custom initrds.
Fixes bsc#1207128 where it was noted hardlinks
were not preserved inside the initrd.
Signed-off-by: David Cassany <dcassany@suse.com>
- Fixed wrong test assertions
Former versions of pytest did ignore invalid assertions.
Now they are reported as an error and show the mistakes
of the past
- Added 90-brd.conf for test-image-disk-ramdisk
By default the brd ramdisk module is no longer added to the
initrd. For ramdisk deployments this is required though.
This Fixes#2230
- Delete CentOS v7 build tests
CentOS v7 is EOL for kiwi image build tests
- Allow to specify fixed size for the root partition
So far the last partition (typically root) in the partition table
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=226
- Allow to pass credentials as file reference
- Fixed handling of container archive compression
In kiwi we support handling of the container archive compression
via a runtime configuration setting of the following form, eg
in /etc/kiwi.yml
```yaml
container:
# Specify compression for container images
# Possible values are true, false, xz or none.
- compress: true
```
However, this setting was only taken into account in the kiwi
bundler. Meaning if the user calls 'kiwi result bundle ...'
after the container image has been created the result bundler
will take the compression setting into account. From my perspective
this behavior is misleading and also prevents users from
creating compressed container archives without a subsequent
result bundler call. Therefore this commit moves the place to
handle the compression setting into the container classes.
The bundler code for containers will no longer operate on it
and just takes what it gets, which can be either compressed
or not. The default setting was "No compression" and this
was not changed. This Fixes#2217
- Add type hints for OCI and APPX classes
- Bump version: 9.24.53 → 9.24.54
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=225
- Bump version: 9.24.48 → 9.24.49
- Fixed test-image-vagrant
virtualbox-guest-tools obsoletes virtualbox-guest-x11
- ignore the type check on the Result class
With an update of mypy the bound TypeVar is no longer allowed.
In newer versions of python we could use the "Self" type or
import annotations from the future module. Unfortunately in
older python versions which we still support (3.6) there is
no non intrusive change which allows us to handle that type
annotation. Thus this commit ignores the return type spec
for Result.load() for the moment.
- Stop copying /dev files statically into the OCI container
In containers (nspawn) where part of the /dev filesystem is bind-mounted
from outside system, kiwi fails to do the rsync (in creation of the
nodes).
There is no reason to actually copy whole tree inside so let's just
not do it (as it does not seem to be needed at all).
- List riscv64 as a valid architecture in the schemas
This is needed so that architecture filters on riscv64 specifics can
be defined.
- Support DM integrity legacy options
Add a new attribute integrity_legacy_hmac="true|false" which
allows to use old flawed HMAC calculation (does not protect superblock).
Add a new attribute integrity_legacy_padding="true|false" which
allows to use inefficient legacy padding. Do not use these attributes
OBS-URL: https://build.opensuse.org/request/show/1031379
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=102
- Fixed test-image-vagrant
virtualbox-guest-tools obsoletes virtualbox-guest-x11
- ignore the type check on the Result class
With an update of mypy the bound TypeVar is no longer allowed.
In newer versions of python we could use the "Self" type or
import annotations from the future module. Unfortunately in
older python versions which we still support (3.6) there is
no non intrusive change which allows us to handle that type
annotation. Thus this commit ignores the return type spec
for Result.load() for the moment.
- Stop copying /dev files statically into the OCI container
In containers (nspawn) where part of the /dev filesystem is bind-mounted
from outside system, kiwi fails to do the rsync (in creation of the
nodes).
There is no reason to actually copy whole tree inside so let's just
not do it (as it does not seem to be needed at all).
- List riscv64 as a valid architecture in the schemas
This is needed so that architecture filters on riscv64 specifics can
be defined.
- Support DM integrity legacy options
Add a new attribute integrity_legacy_hmac="true|false" which
allows to use old flawed HMAC calculation (does not protect superblock).
Add a new attribute integrity_legacy_padding="true|false" which
allows to use inefficient legacy padding. Do not use these attributes
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=224
- Support URIs with credentials in solver plugin
check if the URI string contains credentials and
extract/trim them from the uri object. The urlparse
class does not recognize this information as a valid
URI and throws an exception
- Fixed test-image-disk-legacy
Increase size of embedded EFI fat image needed for EFI
bootable install ISO. Due to the increased size of the
custom kiwi initrd the default size for the FAT image
is too small
- Support custom size for embedded EFI FAT image
For ISO images (live and install) the EFI boot requires an embedded
FAT image. As of now a fixed size of 20M was used which leads to a
problem if the EFI image or the initrd or the kernel is bigger than
20M. With the new attribute:
efifatimagesize="nonNegativeInteger"
we can now set a different value for the FAT image. Please note the
value must be aligned to the also customizable efipartsize value
which allows to configure the size of the EFI partition
- Fixed linter complaints after flake update
flake now complains about E275 missing whitespace
after keyword for the way 'del' is used. This commit
fixes it
- Added a NOTE: section to explain the finer points of adding tools to a
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=221
- Umount device before cloning
In case a clone should be created from a partition we need
to make sure to umount the device after sync and prior cloning.
Otherwise the clone operation is not safe because the rsynced
data might still be in memory and not synced out to the block
device.
- Fixed custom disk start sector setup
The attribute disk_start_sector allows to specify a custom
start sector for the first partition of the disk. On GPT
tables everything works nicely, on DOS tables the used tools
fdisk/sfdisk are not able to manage the start/end values of
subsequent partitions if the first partition doesn't start
with the tooling default. This patch allows to set the
start sector after the partition table has been created
- Fixed CentOS-8 repo setup
- Bump version: 9.24.43 → 9.24.44
- Make sure to rebuild rpm database
For rpm based distributions make sure to call
rpm --rebuilddb unconditionally prior using rpm
with the chroot. This Fixes#2165
- github: Refresh issue template to cover more operating scenarios
KIWI is often used for cross-distribution image builds, so we
should ask for that information when appropriate.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=220
- Fix helper method to detect dracut outfile format
The method _get_boot_image_output_file_format_from_dracut_code
is used in kiwi to match parts of the dracut code for the used
output file format. Beginning with dracut-056 the code part
checked has changed syntactically such that the match did
no longer work. This commit increases the scope of the match
and replace pattern and Fixes#2149
- Fixed handling of signing_keys in cmdline options
When passing signing_keys with the --add-repo|--set-repo
commandline options the delimiter to separate the single
key information is a colon(:). However, this is stupid when
kiwi expects the signing key to be references as an URI
format like file://... Therefore this patch changes the
delimiter from colon(:) to semicolon(;)
- Bump version: 9.24.39 → 9.24.40
- Setup SELinux on every system prepare / build (#2148)
Setup SELinux on every system prepare / build such that all image types benefit from it not only the disk (oem) type
- Install all of QEMU to Ubuntu arm integration test
- rename user to ubuntu for Ubuntu integration test
- Bump version: 9.24.38 → 9.24.39
- Move to sphinx>=5.0.0
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=219
- Subformats should also not be compressed when encryption is enabled (#2138)
Subformats should also not be compressed when encryption is enabled
This is a follow on change to bdba953. When the filesystem is encrypted the
resulting image should not be compressed. Also explain why we ignore the
compression seeting in the user configuration for encrypted images.
- Add support for prebuilt bootstrap package for apt
When using the apt packagemanager kiwi required the use of
debootstrap to create the initial rootfs. This works as long
as there is always a main distribution repository available
which follows the structure of the official debian mirrors.
However if such a main distribution is not present or an
alternative layout like e.g OBS repos is used, debootstrap
will refuse to work. To allow for an alternative and without
the dependency to debootstrap kiwi supports using a prebuilt
bootstrap package providing the mini rootfs to serve as
the bootstrap result. As all other package managers properly
supports installation into an empty new root, this feature
was only added when using the apt packagemanager
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=218
- Allow more repo params to be set on the cmdline
The repository parameters for signing keys, the component
list the main distribution name for debian repositories and
also the repository_gpgcheck could not be set via the
commandline options --add-repo and/or --set-repo. This
commit adds support for them and also updates the manual
page accordingly
- Update ubuntu integration tests
Build them against latest release (jammy).
This Fixes#2128
- Add support for partition cloning
Support creating block level clones of certain partitions
used in the image. Clones can be created from the root, boot
and any partition listed in the <partitions> element.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=217
- Follow up fix for isolinux-config
isolinux-config is called to update the search path inside
of the isolinux binary. isolinux/syslinux is exclusive to
the ix86 architecture and to BIOS firmware. Therefore the
condition to actually call it should reflect this.
- Bump version: 9.24.32 → 9.24.33
- Fixed runtime check
Fixed check_dracut_module_for_disk_overlay_in_package_list. The
check complains if the dracut-kiwi-overlay module is not installed
but overlay support was requested. This is correct but should only
be done if the selected initrd system is dracut.
- Add option to set LUKS type to luks1 (#2126)
Add option to set LUKS type to luks1
So far the LUKS type could be set to luks and luks2. However, what luks
version the value 'luks' evaluates to depends on how the distributor has
packaged luks. Thus it's possible that 'luks' is either luks1 or luks2. To
also have the opportunity to explicitly specify luks1 this commit adds
the opportunity in the schema.
- Update devel packages helper
Added trang as needed when working on the schema
- Add support for dm integrity with secret key
Allow to protect the opening of the integrity data map and
journal through a keyfile. For setting the key file two new
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=216
- Bump version: 9.24.30 → 9.24.31
- Fix LABEL detection (#2112)
When only "root=" is specified on the kernel command line the match is
located in the first group. Loop through the groups upon mtach to find
what we are looking for.
- Preserve LABEL setting (#2108)
Preserve the LABEL= setting when the grub config file is re-generated.
the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and
not in any SUSE distribution. Set the grub setting such that LABEL
is preserved on SUSE distros. (bsc#1197616)
- Fix test_setup_default_grub_empty_kernelcmdline
The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT
is not set depending on the provided cmdline. The test exists
for reasons explained in Issue #1650
- Don't compress .appx containers (#2106)
The container is actually inside and already compressed.
- Added new CloneDevice class
Added CloneDevice class to the storage interface.
The class allows to create clone(s) from a given source
block device into a list of target block devices.
The target block devices are clones of the source but
prevents device naming conflicts for unique identifiers
like the UUID. This is requires to still allow to boot
from images containing device clones and needs to be
handled by tools that might work on top of the cloned
OBS-URL: https://build.opensuse.org/request/show/969537
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=95
- Fix LABEL detection (#2112)
When only "root=" is specified on the kernel command line the match is
located in the first group. Loop through the groups upon mtach to find
what we are looking for.
- Preserve LABEL setting (#2108)
Preserve the LABEL= setting when the grub config file is re-generated.
the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and
not in any SUSE distribution. Set the grub setting such that LABEL
is preserved on SUSE distros. (bsc#1197616)
- Fix test_setup_default_grub_empty_kernelcmdline
The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT
is not set depending on the provided cmdline. The test exists
for reasons explained in Issue #1650
- Don't compress .appx containers (#2106)
The container is actually inside and already compressed.
- Added new CloneDevice class
Added CloneDevice class to the storage interface.
The class allows to create clone(s) from a given source
block device into a list of target block devices.
The target block devices are clones of the source but
prevents device naming conflicts for unique identifiers
like the UUID. This is requires to still allow to boot
from images containing device clones and needs to be
handled by tools that might work on top of the cloned
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=215
- Don't bind mount /run during build time
In commit #9512318 a new bind mount of /run into the root tree
during build time was introduced. The bind mount was done because
in my tests running podman from config.sh it did not work without
/run bind mounted. However, it turned out that I was wrong because
along with the provided methods to prepare cgroups and a custom
runtime configuration method; setupContainerRuntime() it is not
needed to have /run bind mounted. Thus this commit deletes the
bind mount of /run and therefore Fixes#2067
- Fix github action running obs service refresh
The curl command to send the POST request for running the
obs remote service uses the --fail-with-body option.
Unfortunately the ubuntu-latest container used to run the
action comes with a curl version that does not support the
option. Thus this commit removes the use of the option
- Style changes in container docs
Reformulate the container building guide a bit
- Update schema docs
Signed-off-by: David Cassany <dcassany@suse.com>
- Provide schema version v7.5 in spec
- Update descriptions to schema v7.5
- Update cron for security scorecard
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=214
- Fixed name of secret variable
The ci-update-build-tests action used a wrong variable
name which does not exist in the github secrets. This
commit fixes it and uses the correct variable name
- Bump version: 9.24.21 → 9.24.22
- Revert "Revert "Fixed MicroOS build test""
This reverts commit 8c4464b8ff2af2642439ce92e1e2be497f2b0f4d.
snapper default config has moved from /etc to /usr/share
now hopefully for the last time
- Fixed unit tests
The pytest interface setup() method call has changed
in a way that an additional parameter is passed to
the method which leads to a python error at invocation
time if the setup method does not define it.
- build-tests: Update CentOS 8 test appliance to CentOS Stream 8
CentOS Linux 8 is now EOL, so switch over to CentOS Stream 8.
- Fixed handling of oem reboot settings
There are oem settings called oem-reboot, oem-reboot-interactive
as well as oem-shutdown and oem-shutdown-interactive. When used
the information is passed along to the profile but not evaluated
by any initrd code. I don't know where on the way we lost the
code that actually works with these settings but this commit
makes them effective. This Fixes#2056
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=213
- Bump version: 9.24.20 → 9.24.21
- Fixed UUID used in grub early boot script
In case the system is luks encrypted the UUID of the root
partition was used in the grub early boot script. However,
this condition is only correct if in addition to the luks
encryption the boot area is on crypto too. If boot is not
on crypto the UUID must be the boot partition and not root.
Only if root AND boot is on crypto the kiwi created early
boot script includes the grub cryptomount calls.
- Bump version: 9.24.19 → 9.24.20
- Followup fix for force deleting debian packages
The force uninstall deletes pre scripts prior removal
because if they fail the package will not be removed.
For a force uninstall we consider this ok. However,
the deletion of the scripts did not happen in the
image root. This patch fixes it
- Followup fix for force deleting debian packages
Pass --force-depends to allow uninstall even if the
dependency checker complains
- Fix use of xattrs for container sync
when syncing data for containers only a subset of xattr
attributes can be applied. This Fixes#2009
- Bump version: 9.24.18 → 9.24.19
OBS-URL: https://build.opensuse.org/request/show/951342
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=92
- Fixed UUID used in grub early boot script
In case the system is luks encrypted the UUID of the root
partition was used in the grub early boot script. However,
this condition is only correct if in addition to the luks
encryption the boot area is on crypto too. If boot is not
on crypto the UUID must be the boot partition and not root.
Only if root AND boot is on crypto the kiwi created early
boot script includes the grub cryptomount calls.
- Bump version: 9.24.19 → 9.24.20
- Followup fix for force deleting debian packages
The force uninstall deletes pre scripts prior removal
because if they fail the package will not be removed.
For a force uninstall we consider this ok. However,
the deletion of the scripts did not happen in the
image root. This patch fixes it
- Followup fix for force deleting debian packages
Pass --force-depends to allow uninstall even if the
dependency checker complains
- Fix use of xattrs for container sync
when syncing data for containers only a subset of xattr
attributes can be applied. This Fixes#2009
- Bump version: 9.24.18 → 9.24.19
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=212
- Bump version: 9.24.15 → 9.24.16
- Fixed regression in compression detection
The change from 282529de8f612dee32d54ee868c2365dcd829220
Introduced a bad regression. The assumption was made that the
xz tool could be used to detect if a file is compressed or not.
However, this requires the file to be locally present. In the
scope of the method call is_compressed() and within a remote
deployment e.g PXE this is not the case. Therefore the former
way to "detect" the compression according to the .xz postfix
of the source filename was restored. In addition the function
name was changed to is_xz_compressed() because that's what the
method can do and not more. This Fixes#2015
- Added debug option --debug-run-scripts-in-screen
Instead of running scripts in screen if the --debug switch is
set, we allow to explicitly switch on this behavior via
a new option. This Fixes#2010
- Change packages target for bootincludes
Packages marked with bootinclude="true" will be added to the
referenced kiwi boot image description if the initrd_system
is set to "kiwi" instead of "dracut". The package marked was
primarily added to the type="image" section and got only
added to the type="bootstrap" section if no image type section
existed. However, it has turned out that this approach has
the disadvantage that packages which must be installed as
part of the bootstraping (e.g certificates) cannot be handled.
This commit changes the behavior of the bootinclude to include
the package always to the type="bootstrap" section.
OBS-URL: https://build.opensuse.org/request/show/946017
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=89