- Bump version: 10.2.31 → 10.2.32
- fix: resize for raid device, ensure vars like kiwi_RaidDev are loaded before setting disk variable
- Do not clobber initialize method
There was a method named initialize defined and implemented
differently in the dracut modules kiwi-lib and kiwi-repart.
kiwi-lib is expected to be shared code across all kiwi dracut
modules. However if one module redefines a method of the
same name which is used in another module and expected to
work differently there, this is evil. This commit cleans
up the name conflict and names the kiwi library init function
as lib_initialize. All dracut code that is expected to make
use of this method has been adopted too.
- Skip kiwi-repart module in install ISOs
In case the kiwi-repart module is explicitly requested in a
dracut.conf file and the image is also configured to build an
install ISO image this leads the install ISO to contain the
kiwi-repart module as well which is unwanted. This commit
explicitly omits the kiwi-repart when creating the initrd
for the install image
- Skip repart when booting install/live iso
- Update leap test-image-disk integration test
Add test for alternative volume ID in install ISO
- Bump version: 10.2.30 → 10.2.31
OBS-URL: https://build.opensuse.org/request/show/1298900
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=140
- fix: resize for raid device, ensure vars like kiwi_RaidDev are loaded before setting disk variable
- Do not clobber initialize method
There was a method named initialize defined and implemented
differently in the dracut modules kiwi-lib and kiwi-repart.
kiwi-lib is expected to be shared code across all kiwi dracut
modules. However if one module redefines a method of the
same name which is used in another module and expected to
work differently there, this is evil. This commit cleans
up the name conflict and names the kiwi library init function
as lib_initialize. All dracut code that is expected to make
use of this method has been adopted too.
- Skip kiwi-repart module in install ISOs
In case the kiwi-repart module is explicitly requested in a
dracut.conf file and the image is also configured to build an
install ISO image this leads the install ISO to contain the
kiwi-repart module as well which is unwanted. This commit
explicitly omits the kiwi-repart when creating the initrd
for the install image
- Skip repart when booting install/live iso
- Update leap test-image-disk integration test
Add test for alternative volume ID in install ISO
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=302
- Consolidate device lock into its own method
Add set_device_lock method which uses udevadm lock preferable
but also supports an flock fallback in case there is no lock
command provided via systemd/udev
- Fix bug in shell condition
The shell code test ... || warn A; warn B will always
print the warning for B despite the test result. This lead
to the warning message "Settings from the kiwi description will be ignored"
to be printed always. This commit fixes it with a clean if/then
condition
- Fix documentation rendering
There was an indentation bug which caused the docs to
render wrong. This commit fixes it
- solver/repository: Handle zstd-compressed metadata files
`_create_solvables` assumes metadata files are gzip-compressed,
but modern Fedora ones are not, they are zstd-compressed.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
- uri: If we fail to resolve the metalink URI, log it
It's rather useful to know *what* the URI is when something goes
wrong, after all.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=301
- Bump version: 10.2.29 → 10.2.30
- Fix repartitioning with parted
parted does locking itself already. Wrapping it in udevadm lock results
in a deadlock, breaking boot.
- Update test-image-disk-simple integration test
Update slfo/test-image-disk-simple. Add more space for
flake testing and add a user to test flakes for non root
- Catch potential exceptions from pathlib.Path.mkdir
Creating a directory can fail, we should catch this error
instead of ending up in a stack trace
OBS-URL: https://build.opensuse.org/request/show/1296359
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=139
- Fix repartitioning with parted
parted does locking itself already. Wrapping it in udevadm lock results
in a deadlock, breaking boot.
- Update test-image-disk-simple integration test
Update slfo/test-image-disk-simple. Add more space for
flake testing and add a user to test flakes for non root
- Catch potential exceptions from pathlib.Path.mkdir
Creating a directory can fail, we should catch this error
instead of ending up in a stack trace
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=300
- Bump version: 10.2.28 → 10.2.29
- Fix return from repart stage
If we return from the repart stage it's important to wait
for the root device to appear. This is because the device
setup from udev might still be held back due to a former
lock on the device. This means if we return fast after
locking for example when check_repart_possible() quickly
finds out that it's not possible, then udev has not yet
got the time to create the device nodes.
This Fixes#2863
OBS-URL: https://build.opensuse.org/request/show/1295613
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=138
- Fix return from repart stage
If we return from the repart stage it's important to wait
for the root device to appear. This is because the device
setup from udev might still be held back due to a former
lock on the device. This means if we return fast after
locking for example when check_repart_possible() quickly
finds out that it's not possible, then udev has not yet
got the time to create the device nodes.
This Fixes#2863
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=299
- Bump version: 10.2.27 → 10.2.28
- Fix dracut code to be POSIX compliant
The redirect type "< <(...)" is not POSIX complians and leads
to a syntax error in dracut which calls bash as "sh" leading
it to be restricted to POSIX only
- Extend test-image-lvm integration test
For testing a bit more complex resize procedure, update
the lvm integration test to run more resize actions
with required device locking
- Apply proper udev locking
Several commands during repart, resize and other actions
require a proper lock to be set for udev such that other
events knows about the locked state of a device and do
not mess with it until the command for which the lock
persists has completed. This commit applies proper udev
locks to all commands that requires it. In addition
incorrect code that was expected to prevent such race
conditions got dropped from the implementation.
This is related to bsc#1242987
- relocate GPT at the end of disk using sfdisk
Using sfdisk for relocation and verification makes this
part more consistent. We also want to move away from gdisk.
This is related to #2851
- Do not strictly require config.partids in repart
The kiwi-repart implementation requires a metadata file
OBS-URL: https://build.opensuse.org/request/show/1294365
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=137
- Fix dracut code to be POSIX compliant
The redirect type "< <(...)" is not POSIX complians and leads
to a syntax error in dracut which calls bash as "sh" leading
it to be restricted to POSIX only
- Extend test-image-lvm integration test
For testing a bit more complex resize procedure, update
the lvm integration test to run more resize actions
with required device locking
- Apply proper udev locking
Several commands during repart, resize and other actions
require a proper lock to be set for udev such that other
events knows about the locked state of a device and do
not mess with it until the command for which the lock
persists has completed. This commit applies proper udev
locks to all commands that requires it. In addition
incorrect code that was expected to prevent such race
conditions got dropped from the implementation.
This is related to bsc#1242987
- relocate GPT at the end of disk using sfdisk
Using sfdisk for relocation and verification makes this
part more consistent. We also want to move away from gdisk.
This is related to #2851
- Do not strictly require config.partids in repart
The kiwi-repart implementation requires a metadata file
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=298
There is no package named iprutils
- Fix centos/test-image-live-disk-v10
Update package names
- Added centos/test-image-live-disk-v10 build test
- Fix tumbleweed/test-image-gce integration test
Drop obsolete growpart
- Followup fix to support older apt versions for bootstrap
There are apt versions that do not create missing state files.
Make sure the intermediate bootstrap state file is created in
any case. This Fixes#2857
- Fixed integration test builds
Next round of fixes for integration tests. Missing
or wrong service activations
- Fix arm/tumbleweed/test-image-rpi
Fix snapper setup for this integration test
- Fixed test-image-live-disk
Added missing openssh-server package
- Fixed test-image-azure
Add missing python-azure-agent-config-default package
- Fixed debian integration test builds
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=297
- Bump version: 10.2.26 → 10.2.27
- Fix regression in get_partition_node_name
backwards compat for lsblk before 2.38
if START column not supported, fall back to default sort
- Add global option --setenv
Allow to set environment variables in the caller environment
via the commandline, e.g --setenv SOURCE_DATE_EPOCH=42
- Seed filesystem UUIDs with SOURCE_DATE_EPOCH
For reproducible builds the calculation of the filesystem UUID
should be persistent with each rebuild of the image. To achieve
this the UUID is calculated using the SOURCE_DATE_EPOCH from
the environment plus a char-number representation of the filesystem
label name as random seed. In kiwi every filesystem is created
with a label, thus only in case there is no SOURCE_DATE_EPOCH
available we continue to create the UUID as random data.
This Fixes#2761
- Add label attribute for <partition> section
Allow to specify a filesystem label as part of a <partition>
definition. So far the label was set by the name of the
partition. With the new label attribute, a filesystem label
different from the partition name can be set. This commit
also updates/fixes the documentation in this regard.
- Improve log message in SystemIdentifier
Add some scope information such that we know from where
this log information originates from.
- Add rd.kiwi.install.devicepersistency
Allow to specify which type of persistent device name should
be used to build up the list of installation disk devices.
For example rd.kiwi.install.devicepersistency=by-path would
use the by-path representations for the available disk
devices. The default (by-id) stays untouched. In case an
invalid or not present device representation is selected, kiwi
falls back to the non persistent unix node names.
- Make mbr-id deterministic
Log the value of SDE so it is available to review,
even if the build system does not tell about it.
Update the tests to cover the new code-path.
Co-Authored-By: Marcus Schäfer <marcus.schaefer@gmail.com>
- Ensure dracut initrd is reproducible
This helps a bit with issue #2358
Add reproducible flag for UKI too
Update tests accordingly
Co-Authored-By: Marcus Schäfer <marcus.schaefer@gmail.com>
OBS-URL: https://build.opensuse.org/request/show/1291451
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=136
- Fix regression in get_partition_node_name
backwards compat for lsblk before 2.38
if START column not supported, fall back to default sort
- Add global option --setenv
Allow to set environment variables in the caller environment
via the commandline, e.g --setenv SOURCE_DATE_EPOCH=42
- Seed filesystem UUIDs with SOURCE_DATE_EPOCH
For reproducible builds the calculation of the filesystem UUID
should be persistent with each rebuild of the image. To achieve
this the UUID is calculated using the SOURCE_DATE_EPOCH from
the environment plus a char-number representation of the filesystem
label name as random seed. In kiwi every filesystem is created
with a label, thus only in case there is no SOURCE_DATE_EPOCH
available we continue to create the UUID as random data.
This Fixes#2761
- Add label attribute for <partition> section
Allow to specify a filesystem label as part of a <partition>
definition. So far the label was set by the name of the
partition. With the new label attribute, a filesystem label
different from the partition name can be set. This commit
also updates/fixes the documentation in this regard.
- Improve log message in SystemIdentifier
Add some scope information such that we know from where
this log information originates from.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=296
- Bump version: 10.2.25 → 10.2.26
- Fix shim lookup for arm on SUSE
Add missing search path for shim binary on arm based SUSE
systems. Also update the tumbleweed/test-image-live-disk
integration test for arm to build with secure boot enabled
to actually test a secure boot enabled ISO build.
This Fixes#2842
- Add container_import template test
- Add support for container-snap as a container-image engine
With this commit, we can now pre-load images using container-snap directly
during the kiwi image build
OBS-URL: https://build.opensuse.org/request/show/1288814
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=135
- Fix shim lookup for arm on SUSE
Add missing search path for shim binary on arm based SUSE
systems. Also update the tumbleweed/test-image-live-disk
integration test for arm to build with secure boot enabled
to actually test a secure boot enabled ISO build.
This Fixes#2842
- Add container_import template test
- Add support for container-snap as a container-image engine
With this commit, we can now pre-load images using container-snap directly
during the kiwi image build
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=295
- Bump version: 10.2.24 → 10.2.25
- Fixed get_partition_node_name
The function get_partition_node_name takes the disk device
and the partition index as arguments to match against the
respective device node for this partition index. The partition
index is the position of the partition in the partition table
according to their start offset. For the code to function
properly it is required that the list of partitions provided
by lsblk is ordered according to the start address of the
partitions in the table. The way lsblk was called did not
enforce this ordering. This commit enforces the order to
be done against the start offset and fixes bsc#1245190
- Update test-image-MicroOS for local build
Fix bootstrap setup such that micro-os patterns can resolve
- Fix logging of stderr data in command calls
The stderr data was presented as one blob without line
breaks. Hard to read and smells like a bug. This commit
fixes the output to become readable
- Update test-image-MicroOS/disk.sh
Add a findmnt for / to check if there is a proper root
device reference
- Fix mount system for root_is_snapper_snapshot
If root is a snapper snapshot we have to tell the
chroot a proper root mount point which can be achieved
by a bind mount pointing to itself. This Fixes
OBS-URL: https://build.opensuse.org/request/show/1288533
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=134
- Fixed get_partition_node_name
The function get_partition_node_name takes the disk device
and the partition index as arguments to match against the
respective device node for this partition index. The partition
index is the position of the partition in the partition table
according to their start offset. For the code to function
properly it is required that the list of partitions provided
by lsblk is ordered according to the start address of the
partitions in the table. The way lsblk was called did not
enforce this ordering. This commit enforces the order to
be done against the start offset and fixes bsc#1245190
- Update test-image-MicroOS for local build
Fix bootstrap setup such that micro-os patterns can resolve
- Fix logging of stderr data in command calls
The stderr data was presented as one blob without line
breaks. Hard to read and smells like a bug. This commit
fixes the output to become readable
- Update test-image-MicroOS/disk.sh
Add a findmnt for / to check if there is a proper root
device reference
- Fix mount system for root_is_snapper_snapshot
If root is a snapper snapshot we have to tell the
chroot a proper root mount point which can be achieved
by a bind mount pointing to itself. This Fixes
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=294
In a btrfs based design, allow to put /boot as subvolume.
This required a small fix in the mount order in a way that
boot/efi gets mounted after the subvolume mounts are done.
The respective integration test has been updated to test
this functionality. This Fixes#2824
- Use f-strings where feasible
This is a slightly shorter and easier to read syntax
- Log warning message for disabled runtime checks
Complete type hints for RuntimeConfig class and log
a warning message for each disabled runtime check
- Fix static type argument int vs. str
- Move it inside the context that actually uses it
also rename it to "supported" as that seems to closer match
what it resembles
- Add overlayfs as supporting xattr/ACLs as well
- Fix disk_type validation for zipl loader
If the targettype is set to GPT in combination with plain
zipl as loader, the code to validate the targettype against
the targetgeometry was not effective and zipl failed.
This Fixes#2821
- Fixup overlay unit enablement
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=293
- Cleanup build metadata
Make sure the final image rootfs does not contain unneeded
metadata files used during build time. The respective cleanup
call is performed after the root sync and after all initrd/boot
processing has been done. This is because up to that point it's
still possible that the information is required. This means
when building images with a read-only rootfs, it might not be
possible that the metadata can be deleted due to a chicken&egg
situation. Furthermore the cleanup is applied to the disk
builder only as other builders do not really suffer from
this data and for the container builder the metadata can
also be used for the stackbuild feature when building images
derived from containers. This Fixes#2668
- bootloader setup without overlay write partition
If overlayroot_write_partition="false" is set, no system
indicator was stored. This cause the bootloader setup to
be skipped completely which is not required for e.g.
systemd-boot.
- Make sure to create overlay directories
Create overlay directories even if rd.root.overlay.readonly
is set. This allows individual fstab overlays mounts to be
performed
- Fixed rd.root.overlay.readonly overlay mode
When booting an overlayroot image with rd.root.overlay.readonly
set, the system will boot with only the read-only root mounted.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=292
- Add support for <initrd> section as part of <type>
Extend scope and content of the <initrd> section to be allowed
as part of the <type> section. This allows to specify custom
call options and modules for the dracut tool. In particular
this commit implementes support for passing the uefi option
to dracut to enable building an UKI EFI binary as follows:
<initrd action="setup">
<dracut uefi="true"/>
</initrd>
This Fixes#2809 and Fixes#2408
- Fix systemd-boot loader setup
To make sure only loader entries from /boot/efi/loader/entries
kiwi deleted eventually existing entry files from /boot/loader.
However that is a problem for read-only systems and should actually
also not performed by kiwi. This Fixes#2805
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=291
- Apply security context on writable root only
Make sure to perform setfiles only on a writable target. In case
of a read-only root it is expected that the security context set
by kiwi in an earlier stage is complete. As there is no way to
modify data when root is read-only, there is also no way to change
the security context of any file such that we skip setfiles
in this case. Should there be a read-only system that has writable
partitions such as /boot and their content changes while the rest
of the root system is read-only it is in the responsibility of
the author of the image description to call setfiles only on
the affected and still writable files via a custom disk.sh
script. Along with the fix the respective integration test was
modified to enable selinux such that this change is actually
integration tested. This Fixes#2805
- Docs: fix typo in users.rst
- Docs: minor punctuation and grammar fixes
- Give test-image-overlayroot enough space
- Allow ext2/ext3 as valid build target
stat reports the value 'ext2/ext3' which is a valid target
- Added check_target_dir_on_unsupported_filesystem
Add runtime check to make sure the selected target directory
for the image and/or the image rootfs lives on a filesystem
that provides all required features like extended permissions,
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=290
- Add dkms to test-image-embedded integration test
- Fixed access issue to etc/kernel for sdboot
In case of an overlayroot setup we have to make sure
that etc/kernel is writable. This is done by a bind
mount of the ESP
- Update test-image-overlayroot
Add another build using grub instead of systemd-boot and use
btrfs as write partition instead of xfs. Please note this test
requires a boot partition because grub cannot read from erofs
and unlike systemd-boot grub does not read all boot data from
the ESP.
- Fixed get_volume_management
If a volume capable filesystem like btrfs is requested, there
must also be a volume definition available to report that
the volume management is actively used. Just the request of
the filesystem can also mean it's being used without volumes
like it could be the case for an overlayroot setup that
requests btrfs as write partition.
- Update test-image-overlayroot
Move to systemd-boot as bootloader, activate secure boot
and drop the extra boot partition. Use XFS for the write
space
- Allow initrd updates on read-only devices
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=289
- Fixed targettype setup in zipl.conf
The special targettype set to GPT still indicates SCSI for
the zipl.conf but tells kiwi to create a GPT disk layout
- Fixed s390 integration test
targettype attribute in wrong section
- Add support for GPT targettype on s390
Allow to build s390 images using GPT instead of the old DOS
partition table. zipl has added support to read from GPT.
This Fixes#2694
- Add --no-compress option to bundler
Allow to skip the compression for bundle files marked
to become compressed. This Fixes#2736
- Rawhide (F43) has removed basesystem package
The basesystem package was retired with rawhide (F43).
https://src.fedoraproject.org/rpms/filesystem/pull-request/20
- rawhide install shadow-utils for usermod
Using `kiwi-ng` version 10.2.18 (EL9)
Currently with:
```
sudo kiwi-ng system build \
--description kiwi/build-tests/x86/fedora/test-image-docker
--set-repo http://ftp.fau.de/fedora/linux/development/rawhide/Everything/x86_64/os/ \
--target-dir /tmp/myimage1
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=287
- Fix setup of use_disk_password for random secret
When using luks="random" in combination with use_disk_password="true"
the resulting cryptomount call in grub is wrong. This commit fixes it
- Drop copying GRUB2 modules to /boot with Secure Boot UEFI images
Copying the modules creates a situation where future updates
applied to a running system can cause GRUB to crash due to mixed
modules and GRUB EFI binaries.
It is not needed anyway since GRUB EFI binaries for Secure Boot have
all modules compiled into the binaries.
Fixes: https://github.com/OSInside/kiwi/issues/2790
- Make sure editbootinstall runs offline
editbootinstall expects the system to be umounted
- Make sure post sync actions are in scope
- Follow up fix for overlayroot builds for EFI path
Only perform the boot overlay if there is an extra boot partition
- Only remove entries from exclude list if present
- Fix overlayroot builds for EFI path
make sure to keep boot/efi mountpoint directories
in the read-only area as they can't be created later
- doc: overview: Add list of supported Linux distributions
These are the Linux distributions that are developed and actively
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=286
- Fix gh-pages deployment
poetry install was not called, thus sphinx was not present
- Bump version: 10.2.13 → 10.2.14
- Drop use of travis-sphinx
According to the documentation of peaceiris/actions-gh-pages
the sphinx-build output can be directly consumed to publish
to github pages
- Allow stderr data in CommandProcess
Enhance poll_show_progress() method to allow polling on
stderr data too. The new parameter with_stderr is used
together with the dnf5 package manager. dnf5 has changed
in a way that a lot of useful information during the
install of packages is printed to stderr. From my perspective
a clear regression to former behavior but we can fix this
in kiwi to poll on both channels. This Fixes#2748
- Support arch attribute for <users> section
Allow to setup users per arch. This Fixes#2737
- Add Debian_12_update repo for testing with typer
Even though we will add support for the typer Cli with kiwi-11
I want our integration test images to be able to build with the
open PR #2751. Debian 12 is the only target in the support matrix
which uses a too old veryion of typer. Therefore to be able to
test this target I built a newer version of typer in an update
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=284
- Bump version: 10.2.11 → 10.2.12
- Fix profile env variable name regression
In the effort of adapting to the latest snapper in Issue #2697
we overlooked the after effect of a different variable name
in the profile environment with regards to $kiwi_btrfs_root_is_snapshot
and $kiwi_btrfs_root_is_snapper_snapshot. Image builds that
references the former variable name would be broken by the change.
This commit makes sure no regression is introduced by providing
both variants. This Fixes bsc#1237772
- Fix grub mkimage call for the ppc platform
The list of modules used to create a grub platform image for
ppc was the same list as used for the x86 bios platform.
This commit fixes this and also cleans up the inconsistency
and misleading names used for creating platform specific
output. This Fixes#2738
- Bump version: 10.2.10 → 10.2.11
- Update box plugin documentation
Add chapter about new container build feature. The
box plugin can now also run the build in containers
- The ubuntu 20.04 github runner is closing down
Make sure to move to another runner for workloads which
still uses ubuntu 20.04
OBS-URL: https://build.opensuse.org/request/show/1248862
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=131
- Fix profile env variable name regression
In the effort of adapting to the latest snapper in Issue #2697
we overlooked the after effect of a different variable name
in the profile environment with regards to $kiwi_btrfs_root_is_snapshot
and $kiwi_btrfs_root_is_snapper_snapshot. Image builds that
references the former variable name would be broken by the change.
This commit makes sure no regression is introduced by providing
both variants. This Fixes bsc#1237772
- Fix grub mkimage call for the ppc platform
The list of modules used to create a grub platform image for
ppc was the same list as used for the x86 bios platform.
This commit fixes this and also cleans up the inconsistency
and misleading names used for creating platform specific
output. This Fixes#2738
- Bump version: 10.2.10 → 10.2.11
- Update box plugin documentation
Add chapter about new container build feature. The
box plugin can now also run the build in containers
- The ubuntu 20.04 github runner is closing down
Make sure to move to another runner for workloads which
still uses ubuntu 20.04
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=282
- Bump version: 10.2.9 → 10.2.10
- Poetry build sdist timestamps set to epoch 0
Newer versions of poetry set the timestamp for all source
files to epoch 0. Such sources are not accepted by e.g
Debian FTP servers and in general I don't like when tools
changes their behavior just like that. This commit forces
an older version of poetry for the purpose of creating the
sdist tarball which then gets published on pypi. The
argumentation for reproducible builds by forcing source
files to a certain timestamp doesn't fly for me. I'm open
for any better solution though. This Fixes#2730
OBS-URL: https://build.opensuse.org/request/show/1245598
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=130
- Poetry build sdist timestamps set to epoch 0
Newer versions of poetry set the timestamp for all source
files to epoch 0. Such sources are not accepted by e.g
Debian FTP servers and in general I don't like when tools
changes their behavior just like that. This commit forces
an older version of poetry for the purpose of creating the
sdist tarball which then gets published on pypi. The
argumentation for reproducible builds by forcing source
files to a certain timestamp doesn't fly for me. I'm open
for any better solution though. This Fixes#2730
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=281
chkstat is a distribution specific tool. If it is
present we use it, if not we don't but it's not worth
a warning. This Fixes#2711
- Allow to run setfiles multi threaded
Use option -T0 for newer setfiles version.
This Fixes#2719
- Add rd.kiwi.dialog.timeout option
Allow to configure the timeout value for dialogs displayed
by the kiwi dracut code. By default the timeout is set to
60 seconds. With the special value "off" the dialog will
never timeout. This Fixes#2718
- Make sure copy actions does not drop context
Use shutil.copy2 to copy files preserving their
attributes in the grub BootLoader space.
This Fixes#2709
- Improve unit test for archive target_dir
Add a test case with absolute path in the target_dir
to make sure we never unpack the archive to the host
system. The actual issue was resolved together with
the implementation in #1953 and commit
78238a993c966d1229cd2fc1f5923673a90de14d
This Fixes#2701
- Fixed profiled overlay imports
When building an image for profile: SOME and providing
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=279
- Bump version: 10.2.7 → 10.2.8
- Increase size for agama integration test build
Agama needs more space to build now
- Fixed agama integration test
rubygem-byebug and rubygem-agama-yast seems to
no longer exist
- Update TW integration tests
Package nscd was dropped from TW
- Fix documentation regarding URI styles
In reference to commit 760a65558f9e2e91d3eaa3a2f9503ff596984b48
the support for iso:// URI types was dropped some time ago.
However, the documentation was not properly updated. This
commit fixes it
- Fix return value of grub helper methods
The grub helper methods to find grub tools returns a
None value if the tool cannot be found. This None value
could be used later in a Command call where it will be
used in a join() command to log the resulting commandline.
This join() call then fails and raises an unhandled error
causing a stack trace in the application. This commit
fixes it
- Added disk validation for duplicate installs
Installing the same image to different storage disks on the
same machine creates device conflicts with unexpected side
OBS-URL: https://build.opensuse.org/request/show/1240498
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=128
- Increase size for agama integration test build
Agama needs more space to build now
- Fixed agama integration test
rubygem-byebug and rubygem-agama-yast seems to
no longer exist
- Update TW integration tests
Package nscd was dropped from TW
- Fix documentation regarding URI styles
In reference to commit 760a65558f9e2e91d3eaa3a2f9503ff596984b48
the support for iso:// URI types was dropped some time ago.
However, the documentation was not properly updated. This
commit fixes it
- Fix return value of grub helper methods
The grub helper methods to find grub tools returns a
None value if the tool cannot be found. This None value
could be used later in a Command call where it will be
used in a join() command to log the resulting commandline.
This join() call then fails and raises an unhandled error
causing a stack trace in the application. This commit
fixes it
- Added disk validation for duplicate installs
Installing the same image to different storage disks on the
same machine creates device conflicts with unexpected side
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=278
- Update system files setup for containers
The attribute provide_system_files creates a meta file in the
root tree named 'systemfiles'. The contents of this file were
produced by just a dump of the package database so far. For
a more generic use of this data some adaptions were needed.
First we allow to skip packages matching a pattern from being
part of the system files. Next we do not put ghost and doc
files into account. And last we handle library files in a different
file named 'systemfiles.libs' where we do not add symlink targets
if the target path is also part of the package. The consumer
of this information is flake-pilot which syncs that library system
files from the host via --copy-links. This allows a more generic
use with regards to versioned libraries e.g. libc
- Drop /dev/pts from bind mount locations
This has created havoc in the Fedora build environments by
fully unmounting /dev/pts and breaking the builders for
subsquent tasks.
This is a partial revert of commit daf1323c5ded7e4e7783205f5e30457b40eb322f.
- Don't take ghost files into account
When creating the system files information do not
take ghost files and artifact files into account
- xorriso: respect efiparttable and gpt_hybrid_mbr
This should make the xorriso-based ISO build path respect the
'efiparttable' and 'gpt_hybrid_mbr' settings when building a
UEFI-compatible image, making it write a GPT disk label by default
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=276
- Bump version: 10.2.2 → 10.2.3
- Update STYLEROOT to SUSE 2022
- Fix broken links in the documentation
- Fix legacy_bios_mode detection
The code in this method does not work correctly if the
firmware is set to 'bios'. In bios only mode the method
returned a false value which is incorrect as it should
return a true value in this case. Without this patch
ISO images will fail to boot because no loader gets
configured.
- Added /dev/pts to bind mount locations
During runtime several kernel filesystems are bind mounted into
the image root system such that programs expecting it can work.
/dev/pts was not needed so far but seems to be a good addition
to the list to make tools like sudo to work properly when called
e.g. from a config.sh script. This Fixes#2686
- Added provide/require system files for containers
Added the attributes provide_system_files and require_system_files
to control the provider and requester of system files in
container image builds. systemfiles is a metadata file which
contains all files from the package database at call time.
It is used in flake-pilot to provision the systemfiles data
from the host into the container instance. One possible use
case for this data is a flake registration which uses a
base container that is derived from a runtime container but
OBS-URL: https://build.opensuse.org/request/show/1228733
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=126
- Update STYLEROOT to SUSE 2022
- Fix broken links in the documentation
- Fix legacy_bios_mode detection
The code in this method does not work correctly if the
firmware is set to 'bios'. In bios only mode the method
returned a false value which is incorrect as it should
return a true value in this case. Without this patch
ISO images will fail to boot because no loader gets
configured.
- Added /dev/pts to bind mount locations
During runtime several kernel filesystems are bind mounted into
the image root system such that programs expecting it can work.
/dev/pts was not needed so far but seems to be a good addition
to the list to make tools like sudo to work properly when called
e.g. from a config.sh script. This Fixes#2686
- Added provide/require system files for containers
Added the attributes provide_system_files and require_system_files
to control the provider and requester of system files in
container image builds. systemfiles is a metadata file which
contains all files from the package database at call time.
It is used in flake-pilot to provision the systemfiles data
from the host into the container instance. One possible use
case for this data is a flake registration which uses a
base container that is derived from a runtime container but
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=275
- Fixed use of fscreateoptions for iso type
The information for fscreateoptions was not passed along to the
tooling if a custom filesystem attribute was specified.
This Fixes#2681
- Allow to derive from multiple containers
Add support for multi inheritance to the derived_from attribute
In the order of a comma seperated list of docker source URI's
a base tree is created. This was possible only with one container
so far and Fixes#2680 as well as jira#OBS-354
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=273
- Add selinux test build to TW
Also update derived docker integration test to latest Leap
- kiwi/schema: Fix allowed value type for ISO publisher and application ID
According to the spec, this should be constrained to 128 characters
but also allow quite a few other special characters (as well as spaces).
We didn't allow spaces in application ID, but allowed too much for Publisher.
Now we set up both correctly.
- Fix setup of kiwi environment variables
Some kiwi env vars are initialized with an empty value
and not overwritten if another value is provided. For
the selected variables an empty value setting is not
allowed because the schema also enforces the value to
be set at least once. In addition a helpful option
named --print-kiwi-env was added to the 'image info'
command which allows to print the environment variables
and their values.
- Add random key support for LUKS encryption
Allow to pass luks="random". In random mode use the
generated keyfile as the only key to decrypt. This is
only secure if the generated initrd also gets protected
e.g. through encryption like it is done with the secure
linux execution on zSystems
- Added development group in pyproject setup
generateDS and other tools are needed and were forgotten
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=272
Move the actions done by the tox target into the
build target and call them there in a clean and easy
to spot sequence. There is no need to call tox to
prepare for the package submission, instead the
checks and poetry runs to prepare for the package
target should be called directly as part of the
build target. In the future we might get rid of
tox completely.
- Bump version: 10.1.17 → 10.1.18
- Fixed zipl caller environment
zipl gets confused with an active sysfs mount inside
the root tree at call time of zipl. This commit
umounts the /sys bind mount in the image tree prior
calling zipl
- Fix s390 test-image-disk build
Add missing kernel links used by suse tools
- Bump version: 10.1.16 → 10.1.17
- Fix coloring of build_status.sh flags
Depending on the place of the status flag the color
setup might fail. This commit fixes it
- Add pytest-container as optional dependency
The pyproject.toml listed pytest-container as dependency
but it is used only to run the container based integration
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=271
- Bump version: 10.1.15 → 10.1.16
- Fix erofs requires in spec
erofs-utils for SUSE only exists in Tumbleweed. The
former conditon would also add the requirement for ALP
and SLFO which is wrong. This commit fixes it
- Add vagrantconfig rule for vagrant format
If the format="vagrant" attribute is set, a vagrantconfig
section becomes mandatory. This commit enforces this rule
on the schema. This Fixes#2666
OBS-URL: https://build.opensuse.org/request/show/1217317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=124
- Fix erofs requires in spec
erofs-utils for SUSE only exists in Tumbleweed. The
former conditon would also add the requirement for ALP
and SLFO which is wrong. This commit fixes it
- Add vagrantconfig rule for vagrant format
If the format="vagrant" attribute is set, a vagrantconfig
section becomes mandatory. This commit enforces this rule
on the schema. This Fixes#2666
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=270
- Bump version: 10.1.14 → 10.1.15
- Fixed sphinx_rtd_theme setup
Delete obsolete display_version attribute
- Evaluate eficsm everywhere
Fixed _supports_bios_modules() to take an eventually
provided eficsm setup into account. The grub config still
searches for i386 grub modules even if eficsm="false"
is set.
- Fixed debian bootstrap script calls
Run scripts as commands with their native shebang and not
through bash. Not all debian package scripts uses bash, some
of them uses sh which can be a link to dash or other
interpreters. This Fixes#2660
- Update TW integration tests
The package x86info was dropped from TW
- Turn DiskFormat into an ordinary class
- it does not need to be an abstract base class
- use f-strings where applicable instead of format()
- change return type of _custom_args_for_format from list to tuple
- Add new containers section
Allow to specify references to OCI containers in the
image description like in the following example:
<containers source="registry.suse.com" backend="podman">
<container name="some" tag="some" path="/some/path"/>
OBS-URL: https://build.opensuse.org/request/show/1216728
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=123
- Fixed sphinx_rtd_theme setup
Delete obsolete display_version attribute
- Evaluate eficsm everywhere
Fixed _supports_bios_modules() to take an eventually
provided eficsm setup into account. The grub config still
searches for i386 grub modules even if eficsm="false"
is set.
- Fixed debian bootstrap script calls
Run scripts as commands with their native shebang and not
through bash. Not all debian package scripts uses bash, some
of them uses sh which can be a link to dash or other
interpreters. This Fixes#2660
- Update TW integration tests
The package x86info was dropped from TW
- Turn DiskFormat into an ordinary class
- it does not need to be an abstract base class
- use f-strings where applicable instead of format()
- change return type of _custom_args_for_format from list to tuple
- Add new containers section
Allow to specify references to OCI containers in the
image description like in the following example:
<containers source="registry.suse.com" backend="podman">
<container name="some" tag="some" path="/some/path"/>
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=269
- Revert "Install usrmerge for Debian integration test"
This reverts commit 95ac861741f14c4f35611c16328384c18e53dcfb.
Solution needs to be provided in code
- Install usrmerge for Debian integration test
- Support older apt versions for bootstrap
This Fixes#2660
- Run package scripts in apt bootstrap phase
The bootstrap procedure based on apt only runs a manual
collection of package scripts. This commit refactors the
code that unpacks the bootstrap packages to a python
implementation and adds a method to run the bootstrap
scripts from all packages resolved by apt.
- Bump version: 10.1.12 → 10.1.13
- Fix bundle extension for vagrant type
When bundling result files that uses a vagrant type,
kiwi creates them with the extension .vagrant.virtualbox.box
or .vagrant.libvirt.box. The bundler code renames them using
only the .box suffix which is too short as it is missing
the subformat information. This commit fixes it and keeps
this information in the result bundle file name.
This Fixes#2656
- Use simple quotas (squota) for volumes
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=268
- Bump version: 10.1.10 → 10.1.11
- doc: Add login information test build test images
- Bump version: 10.1.9 → 10.1.10
- bootloader: Fix up ppc64 bootinfo again
To make the code look pretty extra newline is inserted at the start of
bootinfo file. This appears to break boot on Power9 PowerVM LPARs.
- Add support for erofs
erofs is an alternative readonly filesystem that can be
used as alternative to squashfs. This Fixes#2633
- Fixed enclave integration test
The SELinux policy of Fedora Rawhide when running completely in
an initrd is not suitable to let the system boot up. Thus the
current solution is to boot in permissive mode. A better solution
for the future would probably be a selinux policy for enclaves
- limit eif_build requires to fedora >= 42
- Bump version: 10.1.8 → 10.1.9
- Added sshd to nitro-enclave integration test
- Fixed container sync options
Do not exclude/filter any security/xattr capabilities.
- Update container integration test
OBS-URL: https://build.opensuse.org/request/show/1200859
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-kiwi?expand=0&rev=122
- bootloader: Fix up ppc64 bootinfo again
To make the code look pretty extra newline is inserted at the start of
bootinfo file. This appears to break boot on Power9 PowerVM LPARs.
- Fixed enclave integration test
The SELinux policy of Fedora Rawhide when running completely in
an initrd is not suitable to let the system boot up. Thus the
current solution is to boot in permissive mode. A better solution
for the future would probably be a selinux policy for enclaves
- limit eif_build requires to fedora >= 42
- Bump version: 10.1.8 → 10.1.9
- Added sshd to nitro-enclave integration test
- Fixed container sync options
Do not exclude/filter any security/xattr capabilities.
- Update container integration test
Add getcap to check on filesystem capabilities
- Add new build type provides for enclave
Add a provides tag (read by the open buildservice) for the new
enclave builder. Also add a recommends to eif_builder in
the systemdeps-core meta package
- Update enclave documentation
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=266
- Fixed enclave documentation
Path to the build test was not correct
- Update test-image-nitro-enclave package list
Fixup package list to match Fedora rawhide
- Move test-image-nitro-enclave to rawhide
- Fix ppc64 chrp bootinfo generation
- Fixed documentation header
Fixed double H1 headers from the boxbuild tweaks chapter.
- Add new builder for enclaves
Add new EnclaveBuilder class which allows to build initrd-only
image types. The first enclave implementation covers aws-nitro
images produced via the eif_build tooling.
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=265
- Move EXEC log message to the right place
The log information of the command execution was not printed
directly before the actual command invocation. There are other
actions after the log information (e.g Path.which) which itself
produce log information prior the real subprocess execution.
This is very misleading when reading the log file and fixed
in this commit.
- Add support for architectures in deb source file
When apt resolves packages on a multiarch repo it can happen
that dependencies for packages from other architectures are
pulled into the solver process but are not provided by any
repository. To overcome this behavior the repository can
be setup to serve packages only for a specified architecture
or list of architectures. This is related to
OSInside/kiwi-descriptions#102
OBS-URL: https://build.opensuse.org/package/show/Virtualization:Appliances:Builder/python-kiwi?expand=0&rev=264
2024-09-09 13:36:51 +00:00
5 changed files with 2945 additions and 34 deletions
oid sha256:ec894bb91174a5cd11ab84f36aff35129dca7bdab59621f7b0417fea0fa849a8
size 1031837
oid sha256:8554d07439c102551945784686a7485a6a50d68e68a561b597ba525e334a55ec
size 1080299
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
