diff --git a/.github/workflows/build-image.yml b/.github/workflows/build-image.yml index c3c2ac68..c7fe5fe0 100644 --- a/.github/workflows/build-image.yml +++ b/.github/workflows/build-image.yml @@ -18,8 +18,6 @@ jobs: version: stream9 - os: centos version: stream10 - - os: fedora - version: 40 steps: - name: Update podman @@ -35,6 +33,8 @@ jobs: - name: Checkout repository uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + with: + submodules: recursive - name: Build run: | diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 86a04628..586e0f63 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -13,5 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3 + with: + submodules: recursive - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 - uses: pre-commit/action@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd # v3.0.1 diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 00000000..6edc3abc --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "fedora-bootc"] + path = fedora-bootc + url = https://gitlab.com/fedora/bootc/base-images diff --git a/fedora-bootc b/fedora-bootc new file mode 160000 index 00000000..27ead1f8 --- /dev/null +++ b/fedora-bootc @@ -0,0 +1 @@ +Subproject commit 27ead1f82a993e2734cb8100f80eb67b7c9375bd diff --git a/fedora-bootc-config.json b/fedora-bootc-config.json deleted file mode 100644 index f5429f9b..00000000 --- a/fedora-bootc-config.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "Labels": { - "containers.bootc": "1", - "bootc.diskimage-builder": "quay.io/centos-bootc/bootc-image-builder", - "redhat.id": "fedora", - "redhat.version-id": "40" - }, - "StopSignal": "SIGRTMIN+3" -} diff --git a/fedora-bootc.yaml b/fedora-bootc.yaml deleted file mode 100644 index bef362d6..00000000 --- a/fedora-bootc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -releasever: 40 -variables: - distro: "fedora" - -repos: - - fedora - - updates - -metadata: - name: fedora-boot-tier1 - summary: Fedora Bootable Tier 1 - -include: - - tier-1/manifest.yaml - - tier-1/kernel.yaml diff --git a/fedora-eln-bootc.yaml b/fedora-eln-bootc.yaml deleted file mode 100644 index c3a89fab..00000000 --- a/fedora-eln-bootc.yaml +++ /dev/null @@ -1,15 +0,0 @@ -releasever: 39 -variables: - distro: "eln" - -repos: - - eln-baseos - - eln-appstream - -metadata: - name: fedora-boot-tier1 - summary: Fedora Bootable Tier 1 - -include: - - tier-1/manifest.yaml - - tier-1/kernel.yaml diff --git a/fedora-eln.repo b/fedora-eln.repo deleted file mode 100644 index c2dcb6c6..00000000 --- a/fedora-eln.repo +++ /dev/null @@ -1,408 +0,0 @@ -# These packages are untested and still under development. This -# repository is used for development of new releases. -# -# This repository can see significant daily turnover and major -# functionality changes which cause unexpected problems with other -# development packages. Please use these packages if you want to work -# with the Fedora developers by testing these new development packages. -# -# # https://admin.fedoraproject.org/mailman/listinfo/test (Subscription -# Required) is available as a discussion forum for -# testing and troubleshooting for development packages in conjunction -# with new test releases. -# -# More information is available at http://fedoraproject.org/wiki/Testing -# -# Reproducible and reportable issues should be filed at -# http://bugzilla.redhat.com/. -# -# Product: Fedora -# Version: eln - -[eln-baseos] -name=Fedora - ELN BaseOS - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/BaseOS/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=1 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-baseos-debuginfo] -name=Fedora - ELN BaseOS - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/BaseOS/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-baseos-source] -name=Fedora - ELN BaseOS - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/BaseOS/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-appstream] -name=Fedora - ELN AppStream - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/AppStream/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=1 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-appstream-debuginfo] -name=Fedora - ELN AppStream - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/AppStream/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-appstream-source] -name=Fedora - ELN AppStream - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/AppStream/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-crb] -name=Fedora - ELN CRB - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/CRB/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=1 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-crb-debuginfo] -name=Fedora - ELN CRB - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/CRB/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-crb-source] -name=Fedora - ELN CRB - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/CRB/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-extras] -name=Fedora - ELN Extras - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/Extras/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=1 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-extras-debuginfo] -name=Fedora - ELN Extras - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/Extras/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-extras-source] -name=Fedora - ELN Extras - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/Extras/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-ha] -name=Fedora - ELN HighAvailability - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/HighAvailability/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-ha-debuginfo] -name=Fedora - ELN HighAvailability - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/HighAvailability/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-ha-source] -name=Fedora - ELN HighAvailability - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/HighAvailability/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-rs] -name=Fedora - ELN ResilientStorage - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/ResilientStorage/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-rs-debuginfo] -name=Fedora - ELN ResilientStorage - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/ResilientStorage/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-rs-source] -name=Fedora - ELN ResilientStorage - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/ResilientStorage/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-rt] -name=Fedora - ELN RT - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/RT/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-rt-debuginfo] -name=Fedora - ELN RT - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/RT/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-rt-source] -name=Fedora - ELN RT - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/RT/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-nfv] -name=Fedora - ELN NFV - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/NFV/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-nfv-debuginfo] -name=Fedora - ELN NFV - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/NFV/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-nfv-source] -name=Fedora - ELN NFV - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/NFV/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-sap] -name=Fedora - ELN SAP - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAP/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-sap-debuginfo] -name=Fedora - ELN SAP - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAP/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-sap-source] -name=Fedora - ELN SAP - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAP/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - - - -[eln-saphana] -name=Fedora - ELN SAPHANA - Developmental packages for the next Enterprise Linux release -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAPHANA/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln&arch=$basearch -enabled=0 -countme=1 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-saphana-debuginfo] -name=Fedora - ELN SAPHANA - Debug -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAPHANA/$basearch/debug/tree -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-debug&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False - -[eln-saphana-source] -name=Fedora - ELN SAPHANA - Source -baseurl=https://odcs.fedoraproject.org/composes/production/Fedora-ELN-20240402.2/compose/SAPHANA/source/tree/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=eln-source&arch=$basearch -enabled=0 -metadata_expire=6h -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-40-primary -skip_if_unavailable=False diff --git a/fedora-tier-0-40.yaml b/fedora-tier-0-40.yaml deleted file mode 100644 index 7840d563..00000000 --- a/fedora-tier-0-40.yaml +++ /dev/null @@ -1,15 +0,0 @@ -releasever: 40 -variables: - distro: "fedora" - -repos: - - fedora-devel - - fedora-updates - -metadata: - name: fedora-boot-tier0 - summary: Fedora Bootable Tier 0 - -include: - - tier-0/manifest.yaml - - tier-0/kernel.yaml diff --git a/fedora-tier-0-eln.yaml b/fedora-tier-0-eln.yaml deleted file mode 100644 index e51d49d4..00000000 --- a/fedora-tier-0-eln.yaml +++ /dev/null @@ -1,11 +0,0 @@ -releasever: 39 -variables: - distro: "eln" - -repos: - - eln-baseos - - eln-appstream - -include: - - tier-0/manifest.yaml - - tier-0/kernel.yaml diff --git a/fedora-tier-0-rawhide.yaml b/fedora-tier-0-rawhide.yaml deleted file mode 100644 index ba0e9e2e..00000000 --- a/fedora-tier-0-rawhide.yaml +++ /dev/null @@ -1,14 +0,0 @@ -releasever: rawhide -variables: - distro: "fedora" - -repos: - - rawhide - -metadata: - name: fedora-boot-tier0 - summary: Fedora Bootable Tier 0 - -include: - - tier-0/manifest.yaml - - tier-0/kernel.yaml diff --git a/fedora.repo b/fedora.repo deleted file mode 100644 index 373d78ca..00000000 --- a/fedora.repo +++ /dev/null @@ -1,102 +0,0 @@ -# Note we use baseurl= here because using auto-selected mirrors conflicts with -# change detection: https://github.com/coreos/fedora-coreos-pipeline/issues/85. - -[fedora] -name=Fedora $releasever - $basearch -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/releases/$releasever/Everything/$basearch/os/ - https://dl.fedoraproject.org/pub/fedora-secondary/releases/$releasever/Everything/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch -enabled=1 -#metadata_expire=7d -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False - -[fedora-updates] -name=Fedora $releasever - $basearch - Updates -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/updates/$releasever/Everything/$basearch/ - https://dl.fedoraproject.org/pub/fedora-secondary/updates/$releasever/Everything/$basearch/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f$releasever&arch=$basearch -enabled=1 -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -metadata_expire=6h -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False - -[fedora-updates-testing] -name=Fedora $releasever - $basearch - Test Updates -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/updates/testing/$releasever/Everything/$basearch/ - https://dl.fedoraproject.org/pub/fedora-secondary/updates/testing/$releasever/Everything/$basearch/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-f$releasever&arch=$basearch -enabled=1 -gpgcheck=1 -metadata_expire=6h -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False - -[fedora-modular] -name=Fedora Modular $releasever - $basearch -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/releases/$releasever/Modular/$basearch/os/ - https://dl.fedoraproject.org/pub/fedora-secondary/releases/$releasever/Modular/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-modular-$releasever&arch=$basearch -enabled=1 -#metadata_expire=7d -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-$basearch -skip_if_unavailable=False - -[fedora-updates-modular] -name=Fedora Modular $releasever - $basearch - Updates -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/updates/$releasever/Modular/$basearch/ - https://dl.fedoraproject.org/pub/fedora-secondary/updates/$releasever/Modular/$basearch/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-modular-f$releasever&arch=$basearch -enabled=1 -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -metadata_expire=6h -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-$basearch -skip_if_unavailable=False - -[fedora-updates-testing-modular] -name=Fedora Modular $releasever - $basearch - Test Updates -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/updates/testing/$releasever/Modular/$basearch/ - https://dl.fedoraproject.org/pub/fedora-secondary/updates/testing/$releasever/Modular/$basearch/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-f$releasever&arch=$basearch -enabled=1 -gpgcheck=1 -metadata_expire=6h -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False - -[rawhide] -name=Fedora - Rawhide - Developmental packages for the next Fedora release -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/development/$releasever/Everything/$basearch/os/ - https://dl.fedoraproject.org/pub/fedora-secondary/development/$releasever/Everything/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch -enabled=1 -#metadata_expire=7d -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False - -[fedora-devel] -name=Fedora $releasever - $basearch -baseurl=https://dl.fedoraproject.org/pub/fedora/linux/development/$releasever/Everything/$basearch/os/ - https://dl.fedoraproject.org/pub/fedora-secondary/development/$releasever/Everything/$basearch/os/ -#metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch -enabled=1 -#metadata_expire=7d -repo_gpgcheck=0 -type=rpm -gpgcheck=1 -gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary -skip_if_unavailable=False diff --git a/tier-0 b/tier-0 new file mode 120000 index 00000000..a41360e0 --- /dev/null +++ b/tier-0 @@ -0,0 +1 @@ +fedora-bootc/tier-0 \ No newline at end of file diff --git a/tier-0/autoupdates.yaml b/tier-0/autoupdates.yaml deleted file mode 100644 index a416699b..00000000 --- a/tier-0/autoupdates.yaml +++ /dev/null @@ -1,9 +0,0 @@ -# Enable automatic updates by default -postprocess: - - | - #!/usr/bin/env bash - set -euo pipefail - target=/usr/lib/systemd/system/default.target.wants - mkdir -p $target - set -x - ln -s ../bootc-fetch-apply-updates.timer $target diff --git a/tier-0/basic-fixes.yaml b/tier-0/basic-fixes.yaml deleted file mode 100644 index d9fe059f..00000000 --- a/tier-0/basic-fixes.yaml +++ /dev/null @@ -1,29 +0,0 @@ -# Fix general bugs - -postprocess: - # See also https://github.com/openshift/os/blob/f6cde963ee140c02364674db378b2bc4ac42675b/common.yaml#L156 - # This one is undoes the effect of - # # RHEL-only: Disable /tmp on tmpfs. - #Wants=tmp.mount - # in /usr/lib/systemd/system/basic.target - # We absolutely must have tmpfs-on-tmp for multiple reasons, - # but the biggest is that when we have composefs for / it's read-only, - # and for units with ProtectSystem=full systemd clones / but needs - # a writable place. - - | - #!/usr/bin/env bash - set -xeuo pipefail - mkdir -p /usr/lib/systemd/system/local-fs.target.wants - if test '!' -f /usr/lib/systemd/system/local-fs.target.wants/tmp.mount; then - ln -sf ../tmp.mount /usr/lib/systemd/system/local-fs.target.wants - fi - - # See https://github.com/containers/bootc/issues/358 - # basically systemd-tmpfiles doesn't follow symlinks; ordinarily our - # tmpfiles.d unit for `/var/roothome` is fine, but this actually doesn't - # work if we want to use tmpfiles.d to write to `/root/.ssh` because - # tmpfiles gives up on that before getting to `/var/roothome`. - sed -ie 's, /root, /var/roothome,' /usr/lib/tmpfiles.d/provision.conf - # Because /var/roothome is also defined in rpm-ostree-0-integration.conf - # we need to delete /var/roothome - sed -ie '/^d- \/var\/roothome /d' /usr/lib/tmpfiles.d/provision.conf diff --git a/tier-0/bootc-config.yaml b/tier-0/bootc-config.yaml deleted file mode 100644 index e69de29b..00000000 diff --git a/tier-0/bootc.yaml b/tier-0/bootc.yaml deleted file mode 100644 index a862e6c3..00000000 --- a/tier-0/bootc.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# The bootc components. -packages: - - systemd - - bootc - # Required by bootc install today, though we'll likely switch bootc to use a Rust crate instead of sgdisk - - gdisk xfsprogs e2fsprogs dosfstools - -exclude-packages: - # Exclude kernel-debug-core to make sure that it doesn't somehow get - # chosen as the package to satisfy the `kernel-core` dependency from - # the kernel package. - - kernel-debug-core diff --git a/tier-0/bootupd.yaml b/tier-0/bootupd.yaml deleted file mode 100644 index 7d3ebf31..00000000 --- a/tier-0/bootupd.yaml +++ /dev/null @@ -1,31 +0,0 @@ -# Integration with https://github.com/coreos/bootupd and bootloader logic -# xref https://github.com/coreos/fedora-coreos-tracker/issues/510 -packages: - - bootupd - -# bootloader -packages-aarch64: - - grub2-efi-aa64 efibootmgr shim -packages-ppc64le: - - grub2 ostree-grub2 -packages-s390x: - # On Fedora, this is provided by s390utils-core. on RHEL, this is for now - # provided by s390utils-base, but soon will be -core too. - - /usr/sbin/zipl -packages-x86_64: - - grub2 grub2-efi-x64 efibootmgr shim - - microcode_ctl - -conditional-include: - - if: basearch != "s390x" - # And remove some cruft from grub2 - include: grub2-removals.yaml - -postprocess: - - | - #!/bin/bash - set -xeuo pipefail - # Until we have https://github.com/coreos/rpm-ostree/pull/2275 - mkdir -p /run - # Transforms /usr/lib/ostree-boot into a bootupd-compatible update payload - /usr/bin/bootupctl backend generate-update-metadata diff --git a/tier-0/group b/tier-0/group deleted file mode 100644 index 2fd197cb..00000000 --- a/tier-0/group +++ /dev/null @@ -1,46 +0,0 @@ -root:x:0: -bin:x:1: -daemon:x:2: -sys:x:3: -adm:x:4: -tty:x:5: -disk:x:6: -lp:x:7: -mem:x:8: -kmem:x:9: -wheel:x:10: -cdrom:x:11: -mail:x:12: -man:x:15: -sudo:x:16: -dialout:x:18: -floppy:x:19: -games:x:20: -tape:x:33: -video:x:39: -ftp:x:50: -lock:x:54: -audio:x:63: -nobody:x:99: -users:x:100: -ssh_keys:x:999: -systemd-journal:x:190: -polkitd:x:998: -etcd:x:997: -dip:x:40: -cgred:x:996: -avahi-autoipd:x:170: -sssd:x:993: -dockerroot:x:986: -rpcuser:x:29: -nfsnobody:x:65534: -kube:x:994: -chrony:x:992: -tcpdump:x:72: -ceph:x:167: -input:x:104: -systemd-timesync:x:991: -systemd-network:x:990: -systemd-resolve:x:989: -systemd-bus-proxy:x:988: -cockpit-ws:x:987: diff --git a/tier-0/grub2-removals.yaml b/tier-0/grub2-removals.yaml deleted file mode 100644 index f4800ddd..00000000 --- a/tier-0/grub2-removals.yaml +++ /dev/null @@ -1,8 +0,0 @@ -remove-from-packages: - # The grub bits are mainly designed for desktops, and IMO haven't seen - # enough testing in concert with ostree. At some point we'll flesh out - # the full plan in https://github.com/coreos/fedora-coreos-tracker/issues/47 - - [grub2-tools, /etc/grub.d/08_fallback_counting, - /etc/grub.d/10_reset_boot_success, - /etc/grub.d/12_menu_auto_hide, - /usr/lib/systemd/.*] diff --git a/tier-0/initramfs.yaml b/tier-0/initramfs.yaml deleted file mode 100644 index de653336..00000000 --- a/tier-0/initramfs.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# Configuration for the initramfs -postprocess: - - | - #!/usr/bin/env bash - mkdir -p /usr/lib/dracut/dracut.conf.d - cat > /usr/lib/dracut/dracut.conf.d/20-bootc-base.conf << 'EOF' - # We want a generic image; hostonly makes no sense as part of a server side build - hostonly=no - dracutmodules+=" kernel-modules dracut-systemd systemd-initrd base ostree " - EOF - cat > /usr/lib/dracut/dracut.conf.d/22-bootc-generic.conf << 'EOF' - # Extra modules that we want by default that are known to exist in the kernel - dracutmodules+=" virtiofs " - EOF - cat > /usr/lib/dracut/dracut.conf.d/49-bootc-tpm2-tss.conf << 'EOF' - # We want this for systemd-cryptsetup tpm2 locking - dracutmodules+=" tpm2-tss " - EOF diff --git a/tier-0/kernel-rt.yaml b/tier-0/kernel-rt.yaml deleted file mode 100644 index cdcff10d..00000000 --- a/tier-0/kernel-rt.yaml +++ /dev/null @@ -1,10 +0,0 @@ -repos: - - rt - - nfv - -# Enable the "realtime" AKA soft-realtime AKA latency-optimized kernel. -packages: - - kernel-rt-core kernel-rt-modules kernel-rt-modules-extra kernel-rt-kvm - -exclude-packages: - - kernel-rt-debug-core diff --git a/tier-0/kernel.yaml b/tier-0/kernel.yaml deleted file mode 100644 index 0dd777d1..00000000 --- a/tier-0/kernel.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# Enable the Linux kernel; see also kernel-rt. -packages: - - kernel - -exclude-packages: - - kernel-debug diff --git a/tier-0/manifest.yaml b/tier-0/manifest.yaml deleted file mode 100644 index 8da4235b..00000000 --- a/tier-0/manifest.yaml +++ /dev/null @@ -1,70 +0,0 @@ - -# Modern defaults we want -boot-location: modules -tmp-is-dir: true -# https://github.com/CentOS/centos-bootc/issues/167 -machineid-compat: true -# Be minimal -recommends: false - -ignore-removed-users: - - root -ignore-removed-groups: - - root -etc-group-members: - - wheel - - sudo - - systemd-journal - - adm - -# Default to `bash` in our container, the same as other containers we ship. -container-cmd: - - /sbin/init - -# Note that the default for c9s+ is sqlite; we can't rely on rpm being -# in the target (it isn't in tier-0!) so turn this to host here. This -# does break the "hermetic build" aspect a bit. Maybe eventually -# what we should do is special case this and actually install RPM temporarily -# and then remove it... -rpmdb: host - -check-passwd: - type: "file" - filename: "passwd" -check-groups: - type: "file" - filename: "group" - -automatic-version-prefix: "${releasever}." -mutate-os-release: "${releasever}" - -remove-from-packages: - # Generally we expect other tools to do this (e.g. Ignition or cloud-init) - - [systemd, /usr/lib/systemd/system/sysinit.target.wants/systemd-firstboot.service] - # We don't want auto-generated mount units. See also - # https://github.com/systemd/systemd/issues/13099 - - [systemd-udev, /usr/lib/systemd/system-generators/systemd-gpt-auto-generator] - # Drop some buggy sysusers fragments which do not match static IDs allocation: - # https://bugzilla.redhat.com/show_bug.cgi?id=2105177 - - [dbus-common, /usr/lib/sysusers.d/dbus.conf] - -include: - - bootc.yaml - - ostree.yaml - - initramfs.yaml - - autoupdates.yaml - - basic-fixes.yaml - -packages: - # Even in tier-0, we have this. If you don't want SELinux today, you'll need - # to build a custom image. - - selinux-policy-targeted - # And we want container-selinux because trying to layer it on later currently causes issues. - - container-selinux - # Needed for tpm2 bound luks - - tpm2-tools - -# See https://github.com/coreos/bootupd -arch-include: - x86_64: bootupd.yaml - aarch64: bootupd.yaml diff --git a/tier-0/ostree.yaml b/tier-0/ostree.yaml deleted file mode 100644 index 6f308617..00000000 --- a/tier-0/ostree.yaml +++ /dev/null @@ -1,17 +0,0 @@ -packages: - - ostree nss-altfiles - -# We want content lifecycled with the image -opt-usrlocal: "root" - -postprocess: - # Set up default root config - - | - #!/usr/bin/env bash - mkdir -p /usr/lib/ostree - cat > /usr/lib/ostree/prepare-root.conf << EOF - [composefs] - enabled = yes - [sysroot] - readonly = true - EOF diff --git a/tier-0/passwd b/tier-0/passwd deleted file mode 100644 index ea84802c..00000000 --- a/tier-0/passwd +++ /dev/null @@ -1,32 +0,0 @@ -adm:x:3:4:adm:/var/adm:/usr/sbin/nologin -avahi-autoipd:x:170:170:Avahi IPv4LL Stack:/var/lib/avahi-autoipd:/usr/sbin/nologin -bin:x:1:1:bin:/bin:/usr/sbin/nologin -ceph:x:167:167:Ceph daemons:/var/lib/ceph:/usr/sbin/nologin -chrony:x:994:992::/var/lib/chrony:/usr/sbin/nologin -cockpit-ws:x:988:987:User for cockpit-ws:/:/usr/sbin/nologin -daemon:x:2:2:daemon:/sbin:/usr/sbin/nologin -dbus:x:81:81:System Message Bus:/:/usr/sbin/nologin -dockerroot:x:997:986:Docker User:/var/lib/docker:/usr/sbin/nologin -etcd:x:998:997:etcd user:/var/lib/etcd:/usr/sbin/nologin -ftp:x:14:50:FTP User:/var/ftp:/usr/sbin/nologin -games:x:12:100:games:/usr/games:/usr/sbin/nologin -halt:x:7:0:halt:/sbin:/sbin/halt -kube:x:996:994:Kubernetes user:/:/usr/sbin/nologin -lp:x:4:7:lp:/var/spool/lpd:/usr/sbin/nologin -mail:x:8:12:mail:/var/spool/mail:/usr/sbin/nologin -nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/usr/sbin/nologin -nobody:x:99:99:Kernel Overflow User:/:/usr/sbin/nologin -operator:x:11:0:operator:/root:/usr/sbin/nologin -polkitd:x:999:998:User for polkitd:/:/usr/sbin/nologin -root:x:0:0:Super User:/root:/bin/bash -rpc:x:32:32:Rpcbind Daemon:/var/lib/rpcbind:/usr/sbin/nologin -rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/usr/sbin/nologin -shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown -sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/usr/sbin/nologin -sssd:x:995:993:User for sssd:/:/usr/sbin/nologin -sync:x:5:0:sync:/sbin:/bin/sync -systemd-bus-proxy:x:989:988:systemd Bus Proxy:/:/usr/sbin/nologin -systemd-network:x:991:990:systemd Network Management:/:/usr/sbin/nologin -systemd-resolve:x:990:989:systemd Resolver:/:/usr/sbin/nologin -systemd-timesync:x:993:991:systemd Time Synchronization:/:/usr/sbin/nologin -tcpdump:x:72:72::/:/usr/sbin/nologin diff --git a/tier-1 b/tier-1 new file mode 120000 index 00000000..3db18634 --- /dev/null +++ b/tier-1 @@ -0,0 +1 @@ +fedora-bootc/tier-1 \ No newline at end of file diff --git a/tier-1/autoupdates.yaml b/tier-1/autoupdates.yaml deleted file mode 120000 index 9c9cbd14..00000000 --- a/tier-1/autoupdates.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/autoupdates.yaml \ No newline at end of file diff --git a/tier-1/basic-fixes.yaml b/tier-1/basic-fixes.yaml deleted file mode 120000 index d3d038c2..00000000 --- a/tier-1/basic-fixes.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/basic-fixes.yaml \ No newline at end of file diff --git a/tier-1/bootable-rpm-ostree.yaml b/tier-1/bootable-rpm-ostree.yaml deleted file mode 100644 index 4a1f2438..00000000 --- a/tier-1/bootable-rpm-ostree.yaml +++ /dev/null @@ -1,8 +0,0 @@ -packages: - - rpm-ostree nss-altfiles - -exclude-packages: - # Exclude kernel-debug-core to make sure that it doesn't somehow get - # chosen as the package to satisfy the `kernel-core` dependency from - # the kernel package. - - kernel-debug-core diff --git a/tier-1/bootc-config.yaml b/tier-1/bootc-config.yaml deleted file mode 120000 index 9f9c8ab3..00000000 --- a/tier-1/bootc-config.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/bootc-config.yaml \ No newline at end of file diff --git a/tier-1/bootc.yaml b/tier-1/bootc.yaml deleted file mode 120000 index e4ff72ce..00000000 --- a/tier-1/bootc.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/bootc.yaml \ No newline at end of file diff --git a/tier-1/bootupd.yaml b/tier-1/bootupd.yaml deleted file mode 120000 index 6b1db4e8..00000000 --- a/tier-1/bootupd.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/bootupd.yaml \ No newline at end of file diff --git a/tier-1/firmware.yaml b/tier-1/firmware.yaml deleted file mode 100644 index 1c778cfb..00000000 --- a/tier-1/firmware.yaml +++ /dev/null @@ -1,7 +0,0 @@ - packages: - # linux-firmware now a recommends so let's explicitly include it - # https://gitlab.com/cki-project/kernel-ark/-/commit/32271d0cd9bd52d386eb35497c4876a8f041f70b - # https://src.fedoraproject.org/rpms/kernel/c/f55c3e9ed8605ff28cb9a922efbab1055947e213?branch=rawhide - - linux-firmware - # If you're using linux-firmware, you probably also want fwupd - - fwupd diff --git a/tier-1/fwupd.yaml b/tier-1/fwupd.yaml deleted file mode 100644 index 0045a304..00000000 --- a/tier-1/fwupd.yaml +++ /dev/null @@ -1,5 +0,0 @@ -# Firmware updates -packages-aarch64: - - fwupd -packages-x86_64: - - fwupd diff --git a/tier-1/group b/tier-1/group deleted file mode 120000 index f4ca0786..00000000 --- a/tier-1/group +++ /dev/null @@ -1 +0,0 @@ -../tier-0/group \ No newline at end of file diff --git a/tier-1/grub2-removals.yaml b/tier-1/grub2-removals.yaml deleted file mode 120000 index 7fecbad5..00000000 --- a/tier-1/grub2-removals.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/grub2-removals.yaml \ No newline at end of file diff --git a/tier-1/initramfs-full.yaml b/tier-1/initramfs-full.yaml deleted file mode 100644 index d5547ef5..00000000 --- a/tier-1/initramfs-full.yaml +++ /dev/null @@ -1,8 +0,0 @@ -# Configuration for the "tier-1" initramfs -postprocess: - - | - #!/usr/bin/env bash - mkdir -p /usr/lib/dracut/dracut.conf.d - cat > /usr/lib/dracut/dracut.conf.d/30-bootc-tier-1.conf << 'EOF' - dracutmodules+=" lvm crypt " - EOF diff --git a/tier-1/initramfs.yaml b/tier-1/initramfs.yaml deleted file mode 120000 index c2688459..00000000 --- a/tier-1/initramfs.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/initramfs.yaml \ No newline at end of file diff --git a/tier-1/kdump-aarch64-aws-workaround.yaml b/tier-1/kdump-aarch64-aws-workaround.yaml deleted file mode 100644 index c1987394..00000000 --- a/tier-1/kdump-aarch64-aws-workaround.yaml +++ /dev/null @@ -1,12 +0,0 @@ -# This file includes a fixup for kdump on aarch64 AWS instances. -# The issue seems specific to aarch64 AWS instances, but we'll go -# ahead and apply it across the board for aarch64, since that's -# the easiest thing to do. Hopefully the upstream issue will get -# resolved soon. -postprocess: - - | - #!/usr/bin/env bash - # Remove irqpoll from the list of KDUMP_COMMANDLINE_APPEND. This - # causes issues on aarch64 AWS instances. - # https://github.com/coreos/fedora-coreos-tracker/issues/1187 - sed -i -e 's/irqpoll //' /etc/sysconfig/kdump diff --git a/tier-1/kernel.yaml b/tier-1/kernel.yaml deleted file mode 120000 index d6f64cce..00000000 --- a/tier-1/kernel.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/kernel.yaml \ No newline at end of file diff --git a/tier-1/manifest-tier-0.yaml b/tier-1/manifest-tier-0.yaml deleted file mode 120000 index 8d5a3e16..00000000 --- a/tier-1/manifest-tier-0.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/manifest.yaml \ No newline at end of file diff --git a/tier-1/manifest.yaml b/tier-1/manifest.yaml deleted file mode 100644 index 99f807de..00000000 --- a/tier-1/manifest.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Flip this back on, we're going to be a larger system -recommends: true - -include: - - manifest-tier-0.yaml - - bootable-rpm-ostree.yaml - - rpm-packaging.yaml - - podman.yaml - - firmware.yaml - - networking-tools.yaml - - system-configuration.yaml - - user-experience.yaml - - fwupd.yaml - - persistent-journal.yaml - - initramfs-full.yaml - -packages: - # Include and set the default editor - - nano - # And we expect this in general - - vim-minimal - - nfs-utils - # Additional firewall support; we aren't including these in RHCOS or they - # don't exist in RHEL - - iptables-nft iptables-services - - WALinuxAgent-udev - # Allow communication between sudo and SSSD - # for caching sudo rules by SSSD. - # https://github.com/coreos/fedora-coreos-tracker/issues/445 - - libsss_sudo - # SSSD; we only ship a subset of the backends - - sssd-client sssd-ad sssd-ipa sssd-krb5 sssd-ldap - # Used by admins interactively - - attr - - openssl - - lsof - # Provides terminal tools like clear, reset, tput, and tset - - ncurses - # i18n - - kbd - # zram-generator (but not zram-generator-defaults) for F33 change - # https://github.com/coreos/fedora-coreos-tracker/issues/509 - - zram-generator - # resolved was broken out to its own package in rawhide/f35 - - systemd-resolved - -# These are random architecture-specific packages -packages-x86_64: - - irqbalance -packages-ppc64le: - - irqbalance - - librtas - - powerpc-utils-core - - ppc64-diag-rtas -packages-aarch64: - - irqbalance - -postprocess: - # Undo RPM scripts enabling units; we want the presets to be canonical - # https://github.com/projectatomic/rpm-ostree/issues/1803 - - | - #!/usr/bin/env bash - set -xeuo pipefail - rm -rf /etc/systemd/system/* - systemctl preset-all - rm -rf /etc/systemd/user/* - systemctl --user --global preset-all - # Default to iptables-nft. Otherwise, legacy wins. We can drop this once/if we - # remove iptables-legacy. This is needed because alternatives don't work - # https://github.com/coreos/fedora-coreos-tracker/issues/677 - # https://github.com/coreos/fedora-coreos-tracker/issues/676 - - | - #!/usr/bin/env bash - set -xeuo pipefail - ln -sf /usr/sbin/ip6tables-nft /etc/alternatives/ip6tables - ln -sf /usr/sbin/ip6tables-nft-restore /etc/alternatives/ip6tables-restore - ln -sf /usr/sbin/ip6tables-nft-save /etc/alternatives/ip6tables-save - ln -sf /usr/sbin/iptables-nft /etc/alternatives/iptables - ln -sf /usr/sbin/iptables-nft-restore /etc/alternatives/iptables-restore - ln -sf /usr/sbin/iptables-nft-save /etc/alternatives/iptables-save - # See: https://github.com/coreos/fedora-coreos-tracker/issues/1253 - # https://bugzilla.redhat.com/show_bug.cgi?id=2112857 - # https://github.com/coreos/rpm-ostree/issues/3918 - # Temporary workaround to remove the SetGID binary from liblockfile that is - # pulled by the s390utils but not needed for /usr/sbin/zipl. - - | - #!/usr/bin/env bash - set -xeuo pipefail - rm -f /usr/bin/dotlockfile - -# Things we don't expect to ship on the host. We currently -# have recommends: false so these could only come in via -# hard requirement, in which case the build will fail. -exclude-packages: - - perl - - perl-interpreter - - nodejs - - grubby - - cowsay # Just in case - # Let's make sure initscripts doesn't get pulled back in - # https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254 - - initscripts - # For (datacenter/cloud oriented) servers, we want to see the details by default. - # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/ - - plymouth - # Do not use legacy ifcfg config format in NetworkManager - # See https://github.com/coreos/fedora-coreos-config/pull/1991 - - NetworkManager-initscripts-ifcfg-rh diff --git a/tier-1/networking-tools.yaml b/tier-1/networking-tools.yaml deleted file mode 100644 index 45de8610..00000000 --- a/tier-1/networking-tools.yaml +++ /dev/null @@ -1,25 +0,0 @@ -# This defines a set of tools that are useful for configuring, debugging, -# or manipulating the network of a system. It is desired to keep this list -# generic enough to be shared downstream with RHCOS. - -packages: - # Standard tools for configuring network/hostname - - NetworkManager hostname - # Interactive Networking configuration during coreos-install - - NetworkManager-tui - # Teaming https://github.com/coreos/fedora-coreos-config/pull/289 - # and http://bugzilla.redhat.com/1758162 - - NetworkManager-team teamd - # Support for cloud quirks and dynamic config in real rootfs: - # https://github.com/coreos/fedora-coreos-tracker/issues/320 - - NetworkManager-cloud-setup - # Route manipulation and QoS - - iproute iproute-tc - # Firewall manipulation - - iptables nftables - # Interactive network tools for admins - - socat net-tools bind-utils - -exclude-packages: - # We use NetworkManager - - systemd-networkd diff --git a/tier-1/ostree.yaml b/tier-1/ostree.yaml deleted file mode 120000 index 174954e7..00000000 --- a/tier-1/ostree.yaml +++ /dev/null @@ -1 +0,0 @@ -../tier-0/ostree.yaml \ No newline at end of file diff --git a/tier-1/passwd b/tier-1/passwd deleted file mode 120000 index dc62c0b2..00000000 --- a/tier-1/passwd +++ /dev/null @@ -1 +0,0 @@ -../tier-0/passwd \ No newline at end of file diff --git a/tier-1/persistent-journal.yaml b/tier-1/persistent-journal.yaml deleted file mode 100644 index ccc6c5f8..00000000 --- a/tier-1/persistent-journal.yaml +++ /dev/null @@ -1,13 +0,0 @@ -# Taken from https://github.com/coreos/fedora-coreos-config/blob/aa4373201f415baff85701f7f96ab0583931af6c/overlay.d/05core/usr/lib/systemd/journald.conf.d/10-coreos-persistent.conf#L5 -# Hardcode persistent journal by default. journald has this "auto" behaviour -# that only makes logs persistent if `/var/log/journal` exists, which it won't -# on first boot because `/var` isn't fully populated. We should be able to get -# rid of this once we move to sysusers and create the dir in the initrd. - -postprocess: - - | #!/bin/bash - mkdir -p /usr/lib/systemd/journald.conf.d/ - cat >/usr/lib/systemd/journald.conf.d/10-centos-bootc-persistent.conf << EOF - [Journal] - Storage=persistent - EOF diff --git a/tier-1/podman.yaml b/tier-1/podman.yaml deleted file mode 100644 index 6c40c5d0..00000000 --- a/tier-1/podman.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# Core podman bits - -packages: - - crun - - podman - - container-selinux - - skopeo diff --git a/tier-1/rpm-packaging.yaml b/tier-1/rpm-packaging.yaml deleted file mode 100644 index 89e7a8ad..00000000 --- a/tier-1/rpm-packaging.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# A full dnf experience at build time, but right now -# `dnf update` *client side* doesn't do much helpful... -packages: - - dnf - # To ensure we can enable client certs to access RHEL content - - subscription-manager - -postprocess: - # These enable librhsm which enables host subscriptions to work in containers - # https://github.com/rpm-software-management/librhsm/blob/fcd972cbe7c8a3907ba9f091cd082b1090231492/rhsm/rhsm-context.c#L30 - # https://github.com/openshift/os/pull/876/commits/dd35dd0e102aeed90df14f05c8ae9da4c8c5962a - - | - #!/usr/bin/bash - set -xeuo pipefail - ln -sr /run/secrets/etc-pki-entitlement /etc/pki/entitlement-host - ln -sr /run/secrets/rhsm /etc/rhsm-host diff --git a/tier-1/system-configuration.yaml b/tier-1/system-configuration.yaml deleted file mode 100644 index 7534975d..00000000 --- a/tier-1/system-configuration.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# These are packages that are related to configuring parts of the system. - -packages: - # Configuring SSH keys, cloud provider check-in, etc - # TODO: needs Ignition kargs - # - afterburn afterburn-dracut - # NTP support - - chrony - # Storage configuration/management - - lvm2 - - cryptsetup - - e2fsprogs - - sg3_utils - - xfsprogs - ## This is generally useful... https://github.com/CentOS/centos-bootc/issues/394 - - cloud-utils-growpart - # User configuration - - passwd - - shadow-utils - - acl - # Manipulating the kernel keyring; used by bootc - - keyutils - # There are things that write outside of the journal still (such as the - # classic wtmp, etc.). auditd also writes outside the journal but it has its - # own log rotation. - # Anything package layered will also tend to expect files dropped in - # /etc/logrotate.d to work. Really, this is a legacy thing, but if we don't - # have it then people's disks will slowly fill up with logs. - - logrotate - # Boost starving threads - # https://github.com/coreos/fedora-coreos-tracker/issues/753 - - stalld diff --git a/tier-1/user-experience.yaml b/tier-1/user-experience.yaml deleted file mode 100644 index 273b5d95..00000000 --- a/tier-1/user-experience.yaml +++ /dev/null @@ -1,33 +0,0 @@ -# This file is included in RHEL CoreOS, see -# https://github.com/openshift/os/blob/71c974b1e456292033e3ef3fe7bcfe17d1855ebc/manifest.yaml#L12 -# Only apply changes here that should apply to both FCOS and RHCOS. - -# These packages are either widely used utilities/services or -# are targeted for improving the general CoreOS user experience. -# It is intended to be kept generic so that it may be shared downstream with -# RHCOS. -packages: - # Basic user tools - - jq # parsing/interacting with JSON data - - bash-completion - - coreutils - - file - - less - - sudo - # Intended to be part of baseline RHEL-derived operating systems - - sos - # File compression/decompression - ## bsdtar - dependency of 35coreos-live dracut module - - bsdtar - - bzip2 - - gzip - - tar - - xz - - zstd - # kdump support - # https://github.com/coreos/fedora-coreos-tracker/issues/622 - - kexec-tools - # Remote Access - - openssh-clients openssh-server - # nvme-cli for managing nvme disks - - nvme-cli