From bda9c0d35993bf82ecb7b6bf83a3f21874602173 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Mart=C3=ADn?= Date: Tue, 3 Sep 2024 07:39:14 +0200 Subject: [PATCH 1/4] os: disable dracut for ostree based systems on rpm installation Installing the `minimal-environment` RPM group implies the installation of `dracut-config-rescue` which makes `org.osbuild.ostree.preptree` to fail because `rpm-ostree` detects multiple kernels within the tree (the usual one and the rescue one). Disabling dracut during the rpm installation prevents the rescue kernel/initrd to be generated and makes `rpm-ostree` to finish the compose succesfully. `rpm-ostree` runs dracut on his own during the compose so this doesn't seem to affect the final result. Resolves: #624 --- pkg/manifest/os.go | 1 + 1 file changed, 1 insertion(+) diff --git a/pkg/manifest/os.go b/pkg/manifest/os.go index 7d6181bdf..0a627cd55 100644 --- a/pkg/manifest/os.go +++ b/pkg/manifest/os.go @@ -424,6 +424,7 @@ func (p *OS) serialize() osbuild.Pipeline { if p.OSTreeRef != "" { rpmOptions.OSTreeBooted = common.ToPtr(true) rpmOptions.DBPath = "/usr/share/rpm" + rpmOptions.DisableDracut = true } pipeline.AddStage(osbuild.NewRPMStage(rpmOptions, osbuild.NewRpmStageSourceFilesInputs(p.packageSpecs))) From 62273ea1d824d28ae327fe5c9d284b3e46dc87dc Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Tue, 3 Sep 2024 10:32:22 +0200 Subject: [PATCH 2/4] test: test edge-ami with ostree commit with @minimal-environment The @minimal-environment rpm group includes 'dracut-config-rescue' which, by default, will create a rescue kernel configuration. With ostree-based images, this will fail, since rpm-ostree requires that only one kernel exists in an image. We now disable dracut when installing packages for ostree commits, so this should no longer be a problem. Adding a configuration pair to test that the image builds and boots. The configs include: 1. An edge-container built with the @minimal-environment rpm group, which will pull in the dracut-config-rescue package. This is built for all RHEL 9 versions. 2. An edge-ami built using the new edge container as input. The config includes a user so that the image can be booted in CI. --- test/config-map.json | 16 ++++++++++++ .../edge-ostree-pull-user-minimalenv.json | 25 +++++++++++++++++++ test/configs/minimal-environment.json | 10 ++++++++ 3 files changed, 51 insertions(+) create mode 100644 test/configs/edge-ostree-pull-user-minimalenv.json create mode 100644 test/configs/minimal-environment.json diff --git a/test/config-map.json b/test/config-map.json index 48cfc0405..225b7daea 100644 --- a/test/config-map.json +++ b/test/config-map.json @@ -91,6 +91,22 @@ "edge-ami" ] }, + "./configs/minimal-environment.json": { + "image-types": [ + "edge-container" + ], + "distros": [ + "rhel-9*" + ] + }, + "./configs/edge-ostree-pull-user-minimalenv.json": { + "image-types": [ + "edge-ami" + ], + "distros": [ + "rhel-9*" + ] + }, "./configs/embed-containers-2.json": { "image-types": [ "edge-container" diff --git a/test/configs/edge-ostree-pull-user-minimalenv.json b/test/configs/edge-ostree-pull-user-minimalenv.json new file mode 100644 index 000000000..ea18d9552 --- /dev/null +++ b/test/configs/edge-ostree-pull-user-minimalenv.json @@ -0,0 +1,25 @@ +{ + "name": "edge-ostree-pull-user-minimalenv", + "blueprint": { + "customizations": { + "user": [ + { + "groups": [ + "wheel" + ], + "key": "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNebAh6SjpAn8wB53K4695cGnHGuCtl4RdaX3futZgJUultHyzeYHnzMO7d4++qnRL+Rworew62LKP560uvtncc= github.com/osbuild/images", + "name": "osbuild" + } + ] + } + }, + "depends": { + "config": "minimal-environment.json", + "image-type": "edge-container" + }, + "options": { + "ostree": { + "url": "http://example.com/repo" + } + } +} diff --git a/test/configs/minimal-environment.json b/test/configs/minimal-environment.json new file mode 100644 index 000000000..bc5c27e12 --- /dev/null +++ b/test/configs/minimal-environment.json @@ -0,0 +1,10 @@ +{ + "name": "minimal-environment", + "blueprint": { + "groups": [ + { + "name": "minimal-environment" + } + ] + } +} From e5dd3cbf0fcc45ab596f66e763dde81b6c400c74 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Tue, 3 Sep 2024 10:41:51 +0200 Subject: [PATCH 3/4] manifest: add comment about disabling dracut for ostree --- pkg/manifest/os.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pkg/manifest/os.go b/pkg/manifest/os.go index 0a627cd55..d4b1569c4 100644 --- a/pkg/manifest/os.go +++ b/pkg/manifest/os.go @@ -424,6 +424,12 @@ func (p *OS) serialize() osbuild.Pipeline { if p.OSTreeRef != "" { rpmOptions.OSTreeBooted = common.ToPtr(true) rpmOptions.DBPath = "/usr/share/rpm" + // The dracut-config-rescue package will create a rescue kernel when + // installed. This creates an issue with ostree-based images because + // rpm-ostree requires that only one kernel exists in the image. + // Disabling dracut for ostree-based systems resolves this issue. + // Dracut will be run by rpm-ostree itself while composing the image. + // https://github.com/osbuild/images/issues/624 rpmOptions.DisableDracut = true } pipeline.AddStage(osbuild.NewRPMStage(rpmOptions, osbuild.NewRpmStageSourceFilesInputs(p.packageSpecs))) From 3ff0c0b88c9a049b6fedb396ffa6457b8e8b4f94 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Tue, 3 Sep 2024 14:10:11 +0200 Subject: [PATCH 4/4] test/generate-ostree-build-config: fix podman stop command The podman stop command was passing the list of container IDs as a single argument with spaces in it, which is wrong. The arguments need to be separate, so we should expand the list of IDs instead. This was never an issue because we never had multiple containers in a distro's ostree build config until now. --- test/scripts/generate-ostree-build-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/scripts/generate-ostree-build-config b/test/scripts/generate-ostree-build-config index 578591db0..e774f6f83 100755 --- a/test/scripts/generate-ostree-build-config +++ b/test/scripts/generate-ostree-build-config @@ -280,7 +280,7 @@ def setup_dependencies(manifests, config_map, distro, arch): finally: if container_ids: print("📦 Stopping containers") - out, _ = testlib.runcmd(["sudo", "podman", "stop", " ".join(container_ids)]) + out, _ = testlib.runcmd(["sudo", "podman", "stop", *container_ids]) print(out.decode())