diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 627cd65f..5a834b9e 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -40,6 +40,7 @@ * [#498](https://github.com/suse-edge/edge-image-builder/issues/498) - Fix kernelArgs issue with Leap Micro 6.0 * [#543](https://github.com/suse-edge/edge-image-builder/issues/543) - Kernel cmdline arguments aren't honoured in SL Micro 6.0 for SelfInstall ISO's * [#550](https://github.com/suse-edge/edge-image-builder/issues/550) - PackageHub inclusion in RPM resolution silently errors on SLE Micro 6.0 +* [#565](https://github.com/suse-edge/edge-image-builder/issues/565) - K3S SELinux uses an outdated package --- diff --git a/config/artifacts.yaml b/config/artifacts.yaml index d6bf4718..48a04c55 100644 --- a/config/artifacts.yaml +++ b/config/artifacts.yaml @@ -9,3 +9,10 @@ endpoint-copier-operator: elemental: register-repository: https://download.opensuse.org/repositories/isv:/Rancher:/Elemental:/Staging/standard system-agent-repository: https://download.opensuse.org/repositories/isv:/Rancher:/Elemental:/Staging/standard +kubernetes: + k3s: + selinuxPackage: k3s-selinux-1.6-1.slemicro.noarch + selinuxRepository: https://rpm.rancher.io/k3s/stable/common/slemicro/noarch + rke2: + selinuxPackage: rke2-selinux + selinuxRepository: https://rpm.rancher.io/rke2/stable/common/slemicro/noarch \ No newline at end of file diff --git a/pkg/eib/eib.go b/pkg/eib/eib.go index d6f1d8a4..f574f605 100644 --- a/pkg/eib/eib.go +++ b/pkg/eib/eib.go @@ -62,12 +62,12 @@ func appendKubernetesSELinuxRPMs(ctx *image.Context) error { log.AuditInfo("SELinux is enabled in the Kubernetes configuration. " + "The necessary RPM packages will be downloaded.") - selinuxPackage, err := kubernetes.SELinuxPackage(ctx.ImageDefinition.Kubernetes.Version) + selinuxPackage, err := kubernetes.SELinuxPackage(ctx.ImageDefinition.Kubernetes.Version, ctx.ArtifactSources) if err != nil { return fmt.Errorf("identifying selinux package: %w", err) } - repository, err := kubernetes.SELinuxRepository(ctx.ImageDefinition.Kubernetes.Version) + repository, err := kubernetes.SELinuxRepository(ctx.ImageDefinition.Kubernetes.Version, ctx.ArtifactSources) if err != nil { return fmt.Errorf("identifying selinux repository: %w", err) } diff --git a/pkg/image/context.go b/pkg/image/context.go index 40190a27..6d8e0c0b 100644 --- a/pkg/image/context.go +++ b/pkg/image/context.go @@ -39,4 +39,14 @@ type ArtifactSources struct { RegisterRepository string `yaml:"register-repository"` SystemAgentRepository string `yaml:"system-agent-repository"` } `yaml:"elemental"` + Kubernetes struct { + K3s struct { + SELinuxPackage string `yaml:"selinuxPackage"` + SELinuxRepository string `yaml:"selinuxRepository"` + } `yaml:"k3s"` + Rke2 struct { + SELinuxPackage string `yaml:"selinuxPackage"` + SELinuxRepository string `yaml:"selinuxRepository"` + } `yaml:"rke2"` + } `yaml:"kubernetes"` } diff --git a/pkg/kubernetes/selinux.go b/pkg/kubernetes/selinux.go index 135bcf3a..7f9d9cc8 100644 --- a/pkg/kubernetes/selinux.go +++ b/pkg/kubernetes/selinux.go @@ -10,35 +10,26 @@ import ( "github.com/suse-edge/edge-image-builder/pkg/image" ) -func SELinuxPackage(version string) (string, error) { - const ( - k3sPackage = "k3s-selinux" - rke2Package = "rke2-selinux" - ) +func SELinuxPackage(version string, sources *image.ArtifactSources) (string, error) { switch { case strings.Contains(version, image.KubernetesDistroK3S): - return k3sPackage, nil + return sources.Kubernetes.K3s.SELinuxPackage, nil case strings.Contains(version, image.KubernetesDistroRKE2): - return rke2Package, nil + return sources.Kubernetes.Rke2.SELinuxPackage, nil default: return "", fmt.Errorf("invalid kubernetes version: %s", version) } } -func SELinuxRepository(version string) (image.AddRepo, error) { - const ( - k3sRepository = "https://rpm.rancher.io/k3s/stable/common/slemicro/noarch" - rke2Repository = "https://rpm.rancher.io/rke2/stable/common/slemicro/noarch" - ) - +func SELinuxRepository(version string, sources *image.ArtifactSources) (image.AddRepo, error) { var url string switch { case strings.Contains(version, image.KubernetesDistroK3S): - url = k3sRepository + url = sources.Kubernetes.K3s.SELinuxRepository case strings.Contains(version, image.KubernetesDistroRKE2): - url = rke2Repository + url = sources.Kubernetes.Rke2.SELinuxRepository default: return image.AddRepo{}, fmt.Errorf("invalid kubernetes version: %s", version) }