- dracut: modules.d: 99kiwi-lib: add bash shebangs and dependency
The scripts in the kiwi-lib module use bash-specific syntax like
`function`, which causes the script to fail if another shell (like dash
or busybox) is used to interpret the scripts. Specifically set the shebang
to use bash as the shell interpreter and add bash as a dependency to the
dracut module to fix this.
This resolves the following errors which are printed at boot when
busybox tries to interpret the scripts:
/bin/dracut-pre-mount: 3: /lib/kiwi-filesystem-lib.sh: function: not found
/bin/dracut-pre-mount: 15: /lib/kiwi-filesystem-lib.sh: Syntax error: "}" unexpected
Signed-off-by: Isaac True <isaac.true@canonical.com>
- Do not depend on dnf for SUSE ALP
- Added appx-util as WSL requires for Fedora/RHEL
Make sure the kiwi-systemdeps-containers-wsl meta package
pulls in the required tools for Fedora/RHEL when building
WSL containers. This is a followup to #2286
- Add cpio to core systemdeps requires list
- Bump version: 9.24.59 → 9.24.60
- Allow to create plain cpio archives
Allow to create plain cpio archives to serve the idea
of the mkosi initrd concept
- Fix restoration of grub2-install (bsc#1210948)
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=228
- Adding a comment to explain the s390 specific path
Signed-off-by: David Cassany <dcassany@suse.com>
- Use parted only in s390 arch
This commit ensures parted is only called in dracut-kiwi-lib for s390
arch. It also fixes the spec to only require parted for
s390 builds.
In addition parted requirement has been removed from dracut-kiwi-live
package since parted is not used in any other dracut module beyond
kiwi-lib.
Signed-off-by: David Cassany <dcassany@suse.com>
- Expand DASD partition table with parted
Signed-off-by: David Cassany <dcassany@suse.com>
- Fixed evaluation of custom start sector
In case an alternative partition table start sector is
configured, the check to effectively apply it should be
based on the partition table type not on the firmware
name
- Add parted dependency for s390
Signed-off-by: David Cassany <dcassany@suse.com>
- Bump version: 9.24.57 → 9.24.58
- Build leap btrfs test without root as snapshot
So far no btrfs integration test without root as snapshot existed
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=227
- Allow squashfscompression for plain squashfs
The schematron rule to limit the squashfscompression attribute
to certain image types did not allow it for a plain squashfs
filesystem build. This commit fixes that limitation.
This Fixes#2241
- Use rsync defaults to sync the initrd root-tree
This commits makes use of rsync default options to sync
the root-tree of the boot image for custom initrds.
Fixes bsc#1207128 where it was noted hardlinks
were not preserved inside the initrd.
Signed-off-by: David Cassany <dcassany@suse.com>
- Fixed wrong test assertions
Former versions of pytest did ignore invalid assertions.
Now they are reported as an error and show the mistakes
of the past
- Added 90-brd.conf for test-image-disk-ramdisk
By default the brd ramdisk module is no longer added to the
initrd. For ramdisk deployments this is required though.
This Fixes#2230
- Delete CentOS v7 build tests
CentOS v7 is EOL for kiwi image build tests
- Allow to specify fixed size for the root partition
So far the last partition (typically root) in the partition table
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=226
- Allow to pass credentials as file reference
- Fixed handling of container archive compression
In kiwi we support handling of the container archive compression
via a runtime configuration setting of the following form, eg
in /etc/kiwi.yml
```yaml
container:
# Specify compression for container images
# Possible values are true, false, xz or none.
- compress: true
```
However, this setting was only taken into account in the kiwi
bundler. Meaning if the user calls 'kiwi result bundle ...'
after the container image has been created the result bundler
will take the compression setting into account. From my perspective
this behavior is misleading and also prevents users from
creating compressed container archives without a subsequent
result bundler call. Therefore this commit moves the place to
handle the compression setting into the container classes.
The bundler code for containers will no longer operate on it
and just takes what it gets, which can be either compressed
or not. The default setting was "No compression" and this
was not changed. This Fixes#2217
- Add type hints for OCI and APPX classes
- Bump version: 9.24.53 → 9.24.54
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=225
- Bump version: 9.24.48 → 9.24.49
- Fixed test-image-vagrant
virtualbox-guest-tools obsoletes virtualbox-guest-x11
- ignore the type check on the Result class
With an update of mypy the bound TypeVar is no longer allowed.
In newer versions of python we could use the "Self" type or
import annotations from the future module. Unfortunately in
older python versions which we still support (3.6) there is
no non intrusive change which allows us to handle that type
annotation. Thus this commit ignores the return type spec
for Result.load() for the moment.
- Stop copying /dev files statically into the OCI container
In containers (nspawn) where part of the /dev filesystem is bind-mounted
from outside system, kiwi fails to do the rsync (in creation of the
nodes).
There is no reason to actually copy whole tree inside so let's just
not do it (as it does not seem to be needed at all).
- List riscv64 as a valid architecture in the schemas
This is needed so that architecture filters on riscv64 specifics can
be defined.
- Support DM integrity legacy options
Add a new attribute integrity_legacy_hmac="true|false" which
allows to use old flawed HMAC calculation (does not protect superblock).
Add a new attribute integrity_legacy_padding="true|false" which
allows to use inefficient legacy padding. Do not use these attributes
OBS-URL: https://build.opensuse.org/request/show/1031379
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=102
- Fixed test-image-vagrant
virtualbox-guest-tools obsoletes virtualbox-guest-x11
- ignore the type check on the Result class
With an update of mypy the bound TypeVar is no longer allowed.
In newer versions of python we could use the "Self" type or
import annotations from the future module. Unfortunately in
older python versions which we still support (3.6) there is
no non intrusive change which allows us to handle that type
annotation. Thus this commit ignores the return type spec
for Result.load() for the moment.
- Stop copying /dev files statically into the OCI container
In containers (nspawn) where part of the /dev filesystem is bind-mounted
from outside system, kiwi fails to do the rsync (in creation of the
nodes).
There is no reason to actually copy whole tree inside so let's just
not do it (as it does not seem to be needed at all).
- List riscv64 as a valid architecture in the schemas
This is needed so that architecture filters on riscv64 specifics can
be defined.
- Support DM integrity legacy options
Add a new attribute integrity_legacy_hmac="true|false" which
allows to use old flawed HMAC calculation (does not protect superblock).
Add a new attribute integrity_legacy_padding="true|false" which
allows to use inefficient legacy padding. Do not use these attributes
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=224
- Support URIs with credentials in solver plugin
check if the URI string contains credentials and
extract/trim them from the uri object. The urlparse
class does not recognize this information as a valid
URI and throws an exception
- Fixed test-image-disk-legacy
Increase size of embedded EFI fat image needed for EFI
bootable install ISO. Due to the increased size of the
custom kiwi initrd the default size for the FAT image
is too small
- Support custom size for embedded EFI FAT image
For ISO images (live and install) the EFI boot requires an embedded
FAT image. As of now a fixed size of 20M was used which leads to a
problem if the EFI image or the initrd or the kernel is bigger than
20M. With the new attribute:
efifatimagesize="nonNegativeInteger"
we can now set a different value for the FAT image. Please note the
value must be aligned to the also customizable efipartsize value
which allows to configure the size of the EFI partition
- Fixed linter complaints after flake update
flake now complains about E275 missing whitespace
after keyword for the way 'del' is used. This commit
fixes it
- Added a NOTE: section to explain the finer points of adding tools to a
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=221
- Umount device before cloning
In case a clone should be created from a partition we need
to make sure to umount the device after sync and prior cloning.
Otherwise the clone operation is not safe because the rsynced
data might still be in memory and not synced out to the block
device.
- Fixed custom disk start sector setup
The attribute disk_start_sector allows to specify a custom
start sector for the first partition of the disk. On GPT
tables everything works nicely, on DOS tables the used tools
fdisk/sfdisk are not able to manage the start/end values of
subsequent partitions if the first partition doesn't start
with the tooling default. This patch allows to set the
start sector after the partition table has been created
- Fixed CentOS-8 repo setup
- Bump version: 9.24.43 → 9.24.44
- Make sure to rebuild rpm database
For rpm based distributions make sure to call
rpm --rebuilddb unconditionally prior using rpm
with the chroot. This Fixes#2165
- github: Refresh issue template to cover more operating scenarios
KIWI is often used for cross-distribution image builds, so we
should ask for that information when appropriate.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=220
- Fix helper method to detect dracut outfile format
The method _get_boot_image_output_file_format_from_dracut_code
is used in kiwi to match parts of the dracut code for the used
output file format. Beginning with dracut-056 the code part
checked has changed syntactically such that the match did
no longer work. This commit increases the scope of the match
and replace pattern and Fixes#2149
- Fixed handling of signing_keys in cmdline options
When passing signing_keys with the --add-repo|--set-repo
commandline options the delimiter to separate the single
key information is a colon(:). However, this is stupid when
kiwi expects the signing key to be references as an URI
format like file://... Therefore this patch changes the
delimiter from colon(:) to semicolon(;)
- Bump version: 9.24.39 → 9.24.40
- Setup SELinux on every system prepare / build (#2148)
Setup SELinux on every system prepare / build such that all image types benefit from it not only the disk (oem) type
- Install all of QEMU to Ubuntu arm integration test
- rename user to ubuntu for Ubuntu integration test
- Bump version: 9.24.38 → 9.24.39
- Move to sphinx>=5.0.0
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=219
- Subformats should also not be compressed when encryption is enabled (#2138)
Subformats should also not be compressed when encryption is enabled
This is a follow on change to bdba953. When the filesystem is encrypted the
resulting image should not be compressed. Also explain why we ignore the
compression seeting in the user configuration for encrypted images.
- Add support for prebuilt bootstrap package for apt
When using the apt packagemanager kiwi required the use of
debootstrap to create the initial rootfs. This works as long
as there is always a main distribution repository available
which follows the structure of the official debian mirrors.
However if such a main distribution is not present or an
alternative layout like e.g OBS repos is used, debootstrap
will refuse to work. To allow for an alternative and without
the dependency to debootstrap kiwi supports using a prebuilt
bootstrap package providing the mini rootfs to serve as
the bootstrap result. As all other package managers properly
supports installation into an empty new root, this feature
was only added when using the apt packagemanager
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=218
- Allow more repo params to be set on the cmdline
The repository parameters for signing keys, the component
list the main distribution name for debian repositories and
also the repository_gpgcheck could not be set via the
commandline options --add-repo and/or --set-repo. This
commit adds support for them and also updates the manual
page accordingly
- Update ubuntu integration tests
Build them against latest release (jammy).
This Fixes#2128
- Add support for partition cloning
Support creating block level clones of certain partitions
used in the image. Clones can be created from the root, boot
and any partition listed in the <partitions> element.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=217
- Follow up fix for isolinux-config
isolinux-config is called to update the search path inside
of the isolinux binary. isolinux/syslinux is exclusive to
the ix86 architecture and to BIOS firmware. Therefore the
condition to actually call it should reflect this.
- Bump version: 9.24.32 → 9.24.33
- Fixed runtime check
Fixed check_dracut_module_for_disk_overlay_in_package_list. The
check complains if the dracut-kiwi-overlay module is not installed
but overlay support was requested. This is correct but should only
be done if the selected initrd system is dracut.
- Add option to set LUKS type to luks1 (#2126)
Add option to set LUKS type to luks1
So far the LUKS type could be set to luks and luks2. However, what luks
version the value 'luks' evaluates to depends on how the distributor has
packaged luks. Thus it's possible that 'luks' is either luks1 or luks2. To
also have the opportunity to explicitly specify luks1 this commit adds
the opportunity in the schema.
- Update devel packages helper
Added trang as needed when working on the schema
- Add support for dm integrity with secret key
Allow to protect the opening of the integrity data map and
journal through a keyfile. For setting the key file two new
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=216
- Bump version: 9.24.30 → 9.24.31
- Fix LABEL detection (#2112)
When only "root=" is specified on the kernel command line the match is
located in the first group. Loop through the groups upon mtach to find
what we are looking for.
- Preserve LABEL setting (#2108)
Preserve the LABEL= setting when the grub config file is re-generated.
the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and
not in any SUSE distribution. Set the grub setting such that LABEL
is preserved on SUSE distros. (bsc#1197616)
- Fix test_setup_default_grub_empty_kernelcmdline
The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT
is not set depending on the provided cmdline. The test exists
for reasons explained in Issue #1650
- Don't compress .appx containers (#2106)
The container is actually inside and already compressed.
- Added new CloneDevice class
Added CloneDevice class to the storage interface.
The class allows to create clone(s) from a given source
block device into a list of target block devices.
The target block devices are clones of the source but
prevents device naming conflicts for unique identifiers
like the UUID. This is requires to still allow to boot
from images containing device clones and needs to be
handled by tools that might work on top of the cloned
OBS-URL: https://build.opensuse.org/request/show/969537
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=95
- Fix LABEL detection (#2112)
When only "root=" is specified on the kernel command line the match is
located in the first group. Loop through the groups upon mtach to find
what we are looking for.
- Preserve LABEL setting (#2108)
Preserve the LABEL= setting when the grub config file is re-generated.
the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and
not in any SUSE distribution. Set the grub setting such that LABEL
is preserved on SUSE distros. (bsc#1197616)
- Fix test_setup_default_grub_empty_kernelcmdline
The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT
is not set depending on the provided cmdline. The test exists
for reasons explained in Issue #1650
- Don't compress .appx containers (#2106)
The container is actually inside and already compressed.
- Added new CloneDevice class
Added CloneDevice class to the storage interface.
The class allows to create clone(s) from a given source
block device into a list of target block devices.
The target block devices are clones of the source but
prevents device naming conflicts for unique identifiers
like the UUID. This is requires to still allow to boot
from images containing device clones and needs to be
handled by tools that might work on top of the cloned
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=215
- Don't bind mount /run during build time
In commit #9512318 a new bind mount of /run into the root tree
during build time was introduced. The bind mount was done because
in my tests running podman from config.sh it did not work without
/run bind mounted. However, it turned out that I was wrong because
along with the provided methods to prepare cgroups and a custom
runtime configuration method; setupContainerRuntime() it is not
needed to have /run bind mounted. Thus this commit deletes the
bind mount of /run and therefore Fixes#2067
- Fix github action running obs service refresh
The curl command to send the POST request for running the
obs remote service uses the --fail-with-body option.
Unfortunately the ubuntu-latest container used to run the
action comes with a curl version that does not support the
option. Thus this commit removes the use of the option
- Style changes in container docs
Reformulate the container building guide a bit
- Update schema docs
Signed-off-by: David Cassany <dcassany@suse.com>
- Provide schema version v7.5 in spec
- Update descriptions to schema v7.5
- Update cron for security scorecard
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=214
- Fixed name of secret variable
The ci-update-build-tests action used a wrong variable
name which does not exist in the github secrets. This
commit fixes it and uses the correct variable name
- Bump version: 9.24.21 → 9.24.22
- Revert "Revert "Fixed MicroOS build test""
This reverts commit 8c4464b8ff2af2642439ce92e1e2be497f2b0f4d.
snapper default config has moved from /etc to /usr/share
now hopefully for the last time
- Fixed unit tests
The pytest interface setup() method call has changed
in a way that an additional parameter is passed to
the method which leads to a python error at invocation
time if the setup method does not define it.
- build-tests: Update CentOS 8 test appliance to CentOS Stream 8
CentOS Linux 8 is now EOL, so switch over to CentOS Stream 8.
- Fixed handling of oem reboot settings
There are oem settings called oem-reboot, oem-reboot-interactive
as well as oem-shutdown and oem-shutdown-interactive. When used
the information is passed along to the profile but not evaluated
by any initrd code. I don't know where on the way we lost the
code that actually works with these settings but this commit
makes them effective. This Fixes#2056
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=213
- Bump version: 9.24.20 → 9.24.21
- Fixed UUID used in grub early boot script
In case the system is luks encrypted the UUID of the root
partition was used in the grub early boot script. However,
this condition is only correct if in addition to the luks
encryption the boot area is on crypto too. If boot is not
on crypto the UUID must be the boot partition and not root.
Only if root AND boot is on crypto the kiwi created early
boot script includes the grub cryptomount calls.
- Bump version: 9.24.19 → 9.24.20
- Followup fix for force deleting debian packages
The force uninstall deletes pre scripts prior removal
because if they fail the package will not be removed.
For a force uninstall we consider this ok. However,
the deletion of the scripts did not happen in the
image root. This patch fixes it
- Followup fix for force deleting debian packages
Pass --force-depends to allow uninstall even if the
dependency checker complains
- Fix use of xattrs for container sync
when syncing data for containers only a subset of xattr
attributes can be applied. This Fixes#2009
- Bump version: 9.24.18 → 9.24.19
OBS-URL: https://build.opensuse.org/request/show/951342
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=92
- Fixed UUID used in grub early boot script
In case the system is luks encrypted the UUID of the root
partition was used in the grub early boot script. However,
this condition is only correct if in addition to the luks
encryption the boot area is on crypto too. If boot is not
on crypto the UUID must be the boot partition and not root.
Only if root AND boot is on crypto the kiwi created early
boot script includes the grub cryptomount calls.
- Bump version: 9.24.19 → 9.24.20
- Followup fix for force deleting debian packages
The force uninstall deletes pre scripts prior removal
because if they fail the package will not be removed.
For a force uninstall we consider this ok. However,
the deletion of the scripts did not happen in the
image root. This patch fixes it
- Followup fix for force deleting debian packages
Pass --force-depends to allow uninstall even if the
dependency checker complains
- Fix use of xattrs for container sync
when syncing data for containers only a subset of xattr
attributes can be applied. This Fixes#2009
- Bump version: 9.24.18 → 9.24.19
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=212
- Bump version: 9.24.15 → 9.24.16
- Fixed regression in compression detection
The change from 282529de8f612dee32d54ee868c2365dcd829220
Introduced a bad regression. The assumption was made that the
xz tool could be used to detect if a file is compressed or not.
However, this requires the file to be locally present. In the
scope of the method call is_compressed() and within a remote
deployment e.g PXE this is not the case. Therefore the former
way to "detect" the compression according to the .xz postfix
of the source filename was restored. In addition the function
name was changed to is_xz_compressed() because that's what the
method can do and not more. This Fixes#2015
- Added debug option --debug-run-scripts-in-screen
Instead of running scripts in screen if the --debug switch is
set, we allow to explicitly switch on this behavior via
a new option. This Fixes#2010
- Change packages target for bootincludes
Packages marked with bootinclude="true" will be added to the
referenced kiwi boot image description if the initrd_system
is set to "kiwi" instead of "dracut". The package marked was
primarily added to the type="image" section and got only
added to the type="bootstrap" section if no image type section
existed. However, it has turned out that this approach has
the disadvantage that packages which must be installed as
part of the bootstraping (e.g certificates) cannot be handled.
This commit changes the behavior of the bootinclude to include
the package always to the type="bootstrap" section.
OBS-URL: https://build.opensuse.org/request/show/946017
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=89
- Disable intersphinx
intersphinx is a doc extension which links to the documentation of
objects in other projects whenever Sphinx encounters a cross-reference
that has no matching target in the current documentation set, it
looks for targets in the documentation sets configured in the
intersphinx_mapping. However, the kiwi docs do not use this feature
thus it can be disabled.
- Compress container images in builder class
This commit changes the stage at which container images are compressed
to match the criteria applied to other image types. Instead of
compressing the image in OCI devoted classes now it is happening
in builder class by setting Result instance properties.
Fixes#1996
Signed-off-by: David Cassany <dcassany@suse.com>
- Revert "Fixed MicroOS build test"
This reverts commit 52c38f9ec22aef484efaf0a570dc78eea529deec.
The TW people moved to an older version of libsnapper, no
idea what these guys are doing
- kiwi-repart: Fix spelling error in source code comment
- Fix multiple minor spelling errors in documentation
- Added support for setting up release version
Currently the release version is not set or set to '0'
for package managers which requires a value to operate.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=210
- Added documentation about sharing backends
The kiwi boxbuild plugin supports several sharing
backends. Details about them and eventual pre-setup
steps prior use are mentioned in this document
- Fixed MicroOS build test
snapper default config has moved from /etc to /usr/share
- Bump version: 9.24.8 → 9.24.9
- Bump version: 9.24.7 → 9.24.8
- Added support for reading metalink in info module
For resolver operations through libsolv the 'kiwi image info'
module exists. So far it could not read the repos from
metalink repo definitions. This Fixes#1890
- Force key attribute from signing element to be treated as a URI
Signed-off-by: David Cassany <dcassany@suse.com>
- Pass signing keys from the XML to the repositories
This commits makes sure signing keys are passed to
repositories setup in build task.
Signed-off-by: David Cassany <dcassany@suse.com>
- Move static sle15 integration test to git
- Bump version: 9.24.6 → 9.24.7
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=209
- Followup fix for debootstrap called only once
A recent change skipped calling debootstrap if the allow-existing-root
flag was passed in combination with apt as the package manager.
However this is not enough. If you say allow-existing-root but
the existing root is empty or not valid to continue with chroot
and apt the debootstrap phase should not be skipped. This commit
checks if apt works in the chroot such that we can assume
debootstrap has done its job and can be skipped
- Bump version: 9.24.4 → 9.24.5
- Fixed include processing
This commit fixes several issue connected with the use of
the <include> directive:
First and foremost the XSLT chain was broken in a way that
the include XSLT in combination with the PrettyPrinter XSLT
were called not in the chain of stylesheets but together.
This results in XML descriptions which duplicated the content
and went invalid
Another change is, when the include XSLT is called in the chain.
This commit moves it to become the very first processing
instruction such that the included data is part of all subsequent
XSLT stylesheets. This also allows to use older schema versions
in included XML data and they get automatically converted through
the chain of XSLT stylesheets.
Last change is the evaluation of the from= attribute value. This
value is now interpreted as an URI. Currently only local URIs are
supported. The reason to do this is because XSLT when processing
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=208
- Make sure embedded test exposes the kernel
- Fixed use of LUKS encrypted images with empty pass
For initial provisioning of LUKS encrypted disk images an
empty passphrase key is handy to avoid interaction in the
deployment process. However, the dracut kiwi modules were
lacking the information that the luks keyfile could be an
empty passphrase key which must not be opened with the
potential risk to get prompted for input. This commit
introduces a new profile environment variable evaluated
by the dracut kiwi lib code to open the LUKS pool and
allows to distinguish the situation on key files with
or without a passphrase
- Fixed type annotations for LuksDevice class
- Fixed repo setup for test-image-embedded
Use obsrepositories
- Added a build test for no-initrd / no-bootloader
It's allowed to configure an image building without an
initrd and/or bootloader setup. These are settings mostly
used in the embedded world and this build test makes sure
images of that kind can be build
- Add support for portable result data (#1949)
In addition to the serialized Result instance kiwi.result
file this commit also creates a portable version of this
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=207
- Add support for toplevel include directive(s)
On the toplevel of an image description you can now
specify include directive(s) like in the following
example
<image ...>
...
<include from="filename_a.xml"/>
...
<include from="filename_b.xml"/>
</image>
At the place of their occurrence the include statement
will be replaced with the contents of the given filename.
The implementation is based on a XSLT stylesheet and
applies very early in the process. The stylesheet reads
the contents of the given file as XML document().
Thus only valid XML documents gets accepted by this
include concept. This Fixes#1929 and is related to
Issue #1918
- Bump version: 9.23.62 → 9.23.63
- Fixed error reporting for stateful description
Errors due to missing or no type definitions were reported
provding the internal object reference of the XML parse
result. This is useless information for users and needs
to be done better. This commit fixes the error message to
avoid showing object references and includes information
about the applied profiles used for this XML state.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=206
- Bump version: 9.23.53 → 9.23.54
- Fixed condition for GRUB_DISABLE_LINUX_UUID="true"
The grub config parameter GRUB_DISABLE_LINUX_UUID must only
be set if the device persistence setting is not UUID. However,
in kiwi UUID device names are the default and doesn't have to
be expressed explicitly. Therefore the condition to check
for different than 'by-uuid' is wrong for the default case were
no device persistence setting exists. This results in a wrong
grub option to be set. This commit fixes it in a way to disable
UUID device names in grub if the only other device persistency
setting in kiwi named: 'by-label' is explicitly configured.
This Fixes#1842
- Added force_trailing_slash argument to sync_data
A speciality of the rsync tool is that it behaves differently
if the given source_dir ends with a '/' or not. If it ends
with a slash the data structure below will be synced to the
target_dir. If it does not end with a slash the source_dir
and its contents are synced to the target_dir. For example:
source
└── some_data
1. $ rsync -a source target
target
└── source
└── some_data
2. $ rsync -a source/ target
target
└── some_data
The parameter force_trailing_slash in the DataSync::sync_data
OBS-URL: https://build.opensuse.org/request/show/917454
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=82
- Only wipe bundle dir when required
The given result bundle dir must only be wiped if the
request to turn the result files into an rpm was given.
Only in this case the given bundle dir must start empty
- Fixed uninstall handling via dnf, microdnf, zypper
The above package managers supports uninstall instructions
like 'iwl*'. In kiwi there was code checking via rpm if
the packages given to uninstall actually exists. That code
does not work if the given package to uninstall is an
instruction that matches a pattern. Therefore if we use
the uninstall section in the kiwi image description, just
pass the provided information to the package manager and
don't try to be clever in kiwi itself.
- Allow to set --logfile for result namespace
Setting a logfile for e.g 'kiwi-ng result bundle ...'
is useful and should be possible
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=205
- Added support for building rpm package from bundle
With the new option --package-as-rpm it is possible to
call the kiwi result bundler such that the image build
results gets packaged into an rpm. I think this is a
handy feature to transport image builds via repositories
- Fixed MicroOS integration test
With ignition/combustion in place it's not allowed
to use tmp as a subvolume
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=204
- Fixed condition for GRUB_DISABLE_LINUX_UUID="true"
The grub config parameter GRUB_DISABLE_LINUX_UUID must only
be set if the device persistence setting is not UUID. However,
in kiwi UUID device names are the default and doesn't have to
be expressed explicitly. Therefore the condition to check
for different than 'by-uuid' is wrong for the default case were
no device persistence setting exists. This results in a wrong
grub option to be set. This commit fixes it in a way to disable
UUID device names in grub if the only other device persistency
setting in kiwi named: 'by-label' is explicitly configured.
This Fixes#1842
- Added force_trailing_slash argument to sync_data
A speciality of the rsync tool is that it behaves differently
if the given source_dir ends with a '/' or not. If it ends
with a slash the data structure below will be synced to the
target_dir. If it does not end with a slash the source_dir
and its contents are synced to the target_dir. For example:
source
└── some_data
1. $ rsync -a source target
target
└── source
└── some_data
2. $ rsync -a source/ target
target
└── some_data
The parameter force_trailing_slash in the DataSync::sync_data
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=203