Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build-podman-os: Add extra-kargs #975

Merged
merged 1 commit into from
Apr 10, 2024
Merged

build-podman-os: Add extra-kargs #975

merged 1 commit into from
Apr 10, 2024

Conversation

ravanelli
Copy link
Member

dustymabe
dustymabe reviewed Apr 8, 2024
View reviewed changes
jobs/build-podman-os.Jenkinsfile Outdated
extra_kargs = shwrapCapture("""
python3 -c 'import sys, yaml; data = yaml.safe_load(sys.stdin)["extra-kargs"][0]; \
print(data)' < src/config/image-base.yaml
""")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

honestly I'm not sure what the best approach is right here.

eventually I think we want this whole process decoupled from Fedora CoreOS and this is probably the opposite direction.

I think we should either hardcode the value here (mitigations=auto,nosmt) or possibly we decide that mitigations=auto,nosmt doesn't make sense for podman machine (i.e. it's running on someone's laptop, not shared hardware) and we omit adding that kernel argument at all here.

Would be interested in input from @jlebon and @baude here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Chatted with Dusty about this OOB.

In the general case, I think ideally running osbuild does pick up the values from the embedded image.json (or maybe eventually the same config files as bootc).

Specifically for this case, yeah I think probably we don't need to pick up this karg here (and in the future, this would be e.g. overriding it during the container build phase instead).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ideally running osbuild does pick up the values from the embedded image.json (or maybe eventually the same config files as bootc).

For the latter this will happen as part of osbuild/bootc-image-builder#18 which will unblock using https://containers.github.io/bootc/man-md/bootc-install-config.html which can be embedded in the container image.

So once FCOS derives from a shared base image we can just add a little bootc install drop-in which will configure that install-time karg in a container-native way.

@ravanelli
build-podman-os: Add extra-kargs
dec757c 
 - Reflect changes from coreos/coreos-assembler#3770
 - Add the extra-kargs to the configuration

Signed-off-by: Renata Ravanelli <[email protected]>
dustymabe
dustymabe approved these changes Apr 9, 2024
View reviewed changes
Copy link
Member

@dustymabe dustymabe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dustymabe dustymabe merged commit b0d8e44 into coreos:main Apr 10, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cgwalters cgwalters cgwalters left review comments

@dustymabe dustymabe dustymabe approved these changes

@jlebon jlebon Awaiting requested review from jlebon

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ravanelli @cgwalters @dustymabe @jlebon