diff --git a/Dockerfile b/Dockerfile index 2a507cfc47..9e85457301 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,7 @@ COPY ./ /root/containerbuild/ RUN ./build.sh write_archive_info RUN ./build.sh make_and_makeinstall RUN ./build.sh configure_user +RUN ./build.sh patch_osbuild # clean up scripts (it will get cached in layers, but oh well) WORKDIR /srv/ diff --git a/build.sh b/build.sh index a358394bf2..d4f28b67a1 100755 --- a/build.sh +++ b/build.sh @@ -22,6 +22,7 @@ if [ $# -gt 1 ]; then echo " configure_yum_repos" echo " install_rpms" echo " make_and_makeinstall" + echo " patch_osbuild" exit 1 fi @@ -160,6 +161,27 @@ write_archive_info() { prepare_git_artifacts "${srcdir}" /cosa/coreos-assembler-git.json /cosa/coreos-assembler-git.tar.gz } +patch_osbuild() { + # Add a few patches that either haven't made it into a release or + # that will be obsoleted with other work that will be done soon. + + # To make it easier to apply patches we'll move around the osbuild + # code on the system first: + rmdir /usr/lib/osbuild/osbuild + mv /usr/lib/python3.12/site-packages/osbuild /usr/lib/osbuild/ + mkdir /usr/lib/osbuild/tools + mv /usr/bin/osbuild-mpp /usr/lib/osbuild/tools/ + + # Now all the software is under the /usr/lib/osbuild dir and we can patch + patch -d /usr/lib/osbuild -p1 < /usr/lib/coreos-assembler/0001-stages-dmverity-make-device-objects-more-generic.patch + + # And then move the files back; supermin appliance creation will need it back + # in the places delivered by the RPM. + mv /usr/lib/osbuild/tools/osbuild-mpp /usr/bin/osbuild-mpp + mv /usr/lib/osbuild/osbuild /usr/lib/python3.12/site-packages/osbuild + mkdir /usr/lib/osbuild/osbuild +} + if [ $# -ne 0 ]; then # Run the function specified by the calling script ${1} @@ -174,4 +196,5 @@ else install_ocp_tools trust_redhat_gpg_keys configure_user + patch_osbuild fi diff --git a/src/0001-stages-dmverity-make-device-objects-more-generic.patch b/src/0001-stages-dmverity-make-device-objects-more-generic.patch new file mode 100644 index 0000000000..358f50218f --- /dev/null +++ b/src/0001-stages-dmverity-make-device-objects-more-generic.patch @@ -0,0 +1,58 @@ +From 5ccbe720ace34866931e2af7f248d5e5c632f9da Mon Sep 17 00:00:00 2001 +From: Jonathan Lebon +Date: Wed, 14 Aug 2024 10:56:11 -0400 +Subject: [PATCH] stages/dmverity: make device objects more generic + +We need to pass loopback devices for these properties, but the schema +says that there will be a `path` property, so osbuild complains. + +osbuild is right of course, but this definitely *did* work in an earlier +version, so something changed. Ideally, we'd narrow down here what +happened exactly, but at the same time this approach of just making the +property more generic matches what's done in e.g. the `zipl.inst` stage +where we also use a loopback device. + +For reference, this is where we use this stage: + +https://github.com/coreos/coreos-assembler/blob/ba45b296ec11734bafcae7728915016f17137a3d/src/osbuild-manifests/platform.qemu.ipp.yaml#L100-L119 +--- + stages/org.osbuild.dmverity.meta.json | 20 ++------------------ + 1 file changed, 2 insertions(+), 18 deletions(-) + +diff --git a/stages/org.osbuild.dmverity.meta.json b/stages/org.osbuild.dmverity.meta.json +index 213b5855..4c470838 100644 +--- a/stages/org.osbuild.dmverity.meta.json ++++ b/stages/org.osbuild.dmverity.meta.json +@@ -30,27 +30,11 @@ + "properties": { + "data_device": { + "type": "object", +- "additionalProperties": false, +- "required": [ +- "path" +- ], +- "properties": { +- "path": { +- "type": "string" +- } +- } ++ "additionalProperties": true + }, + "hash_device": { + "type": "object", +- "additionalProperties": false, +- "required": [ +- "path" +- ], +- "properties": { +- "path": { +- "type": "string" +- } +- } ++ "additionalProperties": true + } + } + } +-- +2.46.0 +