tier-x: new tier for cross-variant collaboration

One of the main goals of the bootable containers initiative in Fedora
is to have all the image-based Fedora variants share a common base onto
which we can maintain CI, develop features, fix bugs, etc...

While I believe in the long-term, we should try to have literal
derivation from a base image, this is not currently desirable for
various reasons. Instead, for now we can share things at the manifest
level by having this repo be a submodule in the every variant's repo.

Currently, tier-0 is much smaller than it needs to be for sharing
purposes. Crucially, it doesn't include NetworkManager. At the same
time, tier-1 is much too large as a shared target. As a first step, we
should try to match variants where they currently are and not force them
to ship many more packages than they currently do.

For this purpose, I'm proposing a new tier: tier-x. The "x" stands for
"cross-variant". This tier is composed of tier-0 + a set of packages
that is currently in common to all the involved variants. The most
notable additions are NetworkManager, openssh, and rpm-ostree.

The intention then is to have every Fedora variant `include` this tier
and have it become the point of collaboration between variants. E.g. new
packages/bug fixes/temporary workarounds relevant to all variants likely
should land in this tier instead of in the downstreams. CI of course
will also be an important discussion point.

fedora-tier-x.yaml

@@ -0,0 +1,12 @@
+releasever: rawhide
+repos:
+  - rawhide
+
+metadata:
+  name: fedora-boot-tier-x
+  summary: Fedora Bootable Tier X
+
+include:
+  - fedora-generic.yaml
+  - tier-x/manifest.yaml
+  - tier-x/kernel.yaml

tier-x/kernel.yaml

@@ -0,0 +1 @@
+../tier-0/kernel.yaml

tier-x/manifest.yaml

@@ -0,0 +1,46 @@
+include:
+  - ../tier-0/manifest.yaml
+
+packages:
+  # Used by admins interactively
+  - attr
+  - bash-completion
+  - hostname
+  - iproute
+  - jq
+  - less
+  - vim-minimal
+  # crun recommends but doesn't require criu and criu-libs. We want them for
+  # checkpoint/restore. https://github.com/coreos/fedora-coreos-tracker/issues/1370
+  - criu criu-libs
+  # storage
+  - cryptsetup
+  - lvm2
+  - tar
+  # zram-generator (but not zram-generator-defaults) for F33 change
+  # https://github.com/coreos/fedora-coreos-tracker/issues/509
+  - zram-generator
+  # Some host applications(i.e. NetworkManager) use dnsmasq
+  # as the binary for some various utility operations.
+  # https://github.com/coreos/fedora-coreos-tracker/issues/519
+  - dnsmasq
+  # networking
+  - iptables-nft
+  - NetworkManager
+  - openssh-clients
+  - openssh-server
+  - slirp4netns # rootless podman networking
+  - systemd-resolved
+  # linux-firmware now a recommends so let's explicitly include it
+  # https://gitlab.com/cki-project/kernel-ark/-/commit/32271d0cd9bd52d386eb35497c4876a8f041f70b
+  # https://src.fedoraproject.org/rpms/kernel/c/f55c3e9ed8605ff28cb9a922efbab1055947e213?branch=rawhide
+  - linux-firmware
+  # security
+  - polkit
+  - sudo
+  # Allow for configuring different timezones
+  - tzdata
+  # rpm-ostree
+  - rpm-ostree nss-altfiles
+  # firmware updates
+  - fwupd