From 176ede233215fdd669831367eb13e1a808e06ab9 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 21 Jan 2025 17:12:06 -0500
Subject: [PATCH] Split excluded and arch packages into "package text file"

Aiming to have the main container build not use rpm-ostree.

Signed-off-by: Colin Walters <walters@verbum.org>
---
 Containerfile                                 | 33 ++++++++++--
 base/bootc.yaml                               |  6 ---
 packages-aarch64.txt                          |  1 +
 packages-excluded.txt                         | 21 ++++++++
 packages-ppc64le.txt                          |  4 ++
 packages-x86_64.txt                           |  1 +
 tier-1/initramfs-full.yaml                    |  8 ---
 tier-1/kernel.yaml                            |  1 -
 tier-1/manifest.yaml                          | 54 -------------------
 tier-1/networking-tools.yaml                  |  4 --
 .../dracut/dracut.conf.d/30-bootc-full.conf   |  1 +
 11 files changed, 56 insertions(+), 78 deletions(-)
 create mode 100644 packages-aarch64.txt
 create mode 100644 packages-excluded.txt
 create mode 100644 packages-ppc64le.txt
 create mode 100644 packages-x86_64.txt
 delete mode 100644 tier-1/initramfs-full.yaml
 delete mode 120000 tier-1/kernel.yaml
 create mode 100644 tier-1/usr/lib/dracut/dracut.conf.d/30-bootc-full.conf

diff --git a/Containerfile b/Containerfile
index 8fb88d6..c3bb6c7 100644
--- a/Containerfile
+++ b/Containerfile
@@ -2,18 +2,41 @@
 
 # This is a local reference by default because we haven't shipped this image yet.
 FROM localhost/fedora-bootc:base as rootfs
-# Drop this into /usr/share/doc, so that other things can parse it
-COPY packages-recommended.txt /usr/share/doc/fedora-bootc/packages-recommended.txt
+# Drop our package sets into /usr/share/doc, so that other things can parse it
+COPY packages-*.txt /usr/share/doc/fedora-bootc/
+# Overlay our defaults
+COPY tier-1/usr/ /usr/
 RUN <<EORUN
-set -xeuo pipefail
-grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt | xargs dnf -y install
+set -euo pipefail
+dnf_args=()
+echo "Loading packages-excluded"
+for x in $(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-excluded.txt); do
+  dnf_args+=(--exclude ${x})
+done
+echo "Loading packages-recommended"
+base_pkgs=$(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt)
+pkgfile_for_arch=/usr/share/doc/fedora-bootc/packages-$(arch).txt
+arch_pkgs=
+if test -f ${pkgfile_for_arch}; then
+  echo "Loading ${pkgfile_for_arch}"
+  arch_pkgs=$(grep -E -v '^#' ${pkgfile_for_arch})
+fi
+
+dnf -y ${dnf_args[@]} install $base_pkgs $arch_pkgs
 
 # Ensure we regenerate the initramfs with new content
 # https://docs.fedoraproject.org/en-US/bootc/initramfs/
 kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver
 
+# Undo RPM scripts enabling units; we want the presets to be canonical for the base image.
+# https://github.com/projectatomic/rpm-ostree/issues/1803
+rm -rf /etc/systemd/system/*
+systemctl preset-all
+rm -rf /etc/systemd/user/*
+systemctl --user --global preset-all
+
 dnf clean all
-rm -vf /var/log/dnf*
+rm -vrf /var/log/*
 bootc container lint
 EORUN
 
diff --git a/base/bootc.yaml b/base/bootc.yaml
index 5cecefb..48c4929 100644
--- a/base/bootc.yaml
+++ b/base/bootc.yaml
@@ -9,9 +9,3 @@ packages:
  # Required by bootc install, sgdisk has been replaced by Rust crate
  # in bootc https://github.com/containers/bootc/pull/775
  - xfsprogs e2fsprogs dosfstools
-
-exclude-packages:
-  # Exclude kernel-debug-core to make sure that it doesn't somehow get
-  # chosen as the package to satisfy the `kernel-core` dependency from
-  # the kernel package.
-  - kernel-debug-core
diff --git a/packages-aarch64.txt b/packages-aarch64.txt
new file mode 100644
index 0000000..77617c0
--- /dev/null
+++ b/packages-aarch64.txt
@@ -0,0 +1 @@
+irqbalance
diff --git a/packages-excluded.txt b/packages-excluded.txt
new file mode 100644
index 0000000..a8fec11
--- /dev/null
+++ b/packages-excluded.txt
@@ -0,0 +1,21 @@
+# Packages excluded by default
+
+# We use NetworkManager
+systemd-networkd
+# But without the legacy
+# See https://github.com/coreos/fedora-coreos-config/pull/1991
+NetworkManager-initscripts-ifcfg-rh
+
+# Let's not have both legacy and nft versions in the image. Users are free to
+# also layer legacy themselves if they want.
+iptables-legacy
+
+# We use bootupd
+grubby
+# Let's make sure initscripts doesn't get pulled back in
+# https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
+initscripts
+
+# For (datacenter/cloud oriented) servers, we want to see the details by default.
+# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
+plymouth
diff --git a/packages-ppc64le.txt b/packages-ppc64le.txt
new file mode 100644
index 0000000..79caa8d
--- /dev/null
+++ b/packages-ppc64le.txt
@@ -0,0 +1,4 @@
+irqbalance
+librtas
+powerpc-utils-core
+ppc64-diag-rtas
diff --git a/packages-x86_64.txt b/packages-x86_64.txt
new file mode 100644
index 0000000..77617c0
--- /dev/null
+++ b/packages-x86_64.txt
@@ -0,0 +1 @@
+irqbalance
diff --git a/tier-1/initramfs-full.yaml b/tier-1/initramfs-full.yaml
deleted file mode 100644
index 2c55a83..0000000
--- a/tier-1/initramfs-full.yaml
+++ /dev/null
@@ -1,8 +0,0 @@
-# Configuration for the "tier-1" initramfs
-postprocess:
-  - |
-    #!/usr/bin/env bash
-    mkdir -p /usr/lib/dracut/dracut.conf.d
-    cat > /usr/lib/dracut/dracut.conf.d/30-bootc-tier-1.conf << 'EOF'
-    add_dracutmodules+=" lvm crypt fips "
-    EOF
diff --git a/tier-1/kernel.yaml b/tier-1/kernel.yaml
deleted file mode 120000
index d6f64cc..0000000
--- a/tier-1/kernel.yaml
+++ /dev/null
@@ -1 +0,0 @@
-../tier-0/kernel.yaml
\ No newline at end of file
diff --git a/tier-1/manifest.yaml b/tier-1/manifest.yaml
index c84117b..826e11b 100644
--- a/tier-1/manifest.yaml
+++ b/tier-1/manifest.yaml
@@ -8,7 +8,6 @@ include:
   - system-configuration.yaml
   - coreos-user-experience.yaml
   - persistent-journal.yaml
-  - initramfs-full.yaml
   - generic-growfs.yaml
 
 packages:
@@ -36,56 +35,3 @@ packages:
   - zram-generator
   # This one is in Python so isn't in FCOS, but we can safely add it here.
   - sos
-
-# These are random architecture-specific packages
-packages-x86_64:
-  - irqbalance
-packages-ppc64le:
-  - irqbalance
-  - librtas
-  - powerpc-utils-core
-  - ppc64-diag-rtas
-packages-aarch64:
-  - irqbalance
-
-postprocess:
-  # Undo RPM scripts enabling units; we want the presets to be canonical
-  # https://github.com/projectatomic/rpm-ostree/issues/1803
-  - |
-    #!/usr/bin/env bash
-    set -xeuo pipefail
-    rm -rf /etc/systemd/system/*
-    systemctl preset-all
-    rm -rf /etc/systemd/user/*
-    systemctl --user --global preset-all
-  # See: https://github.com/coreos/fedora-coreos-tracker/issues/1253
-  #      https://bugzilla.redhat.com/show_bug.cgi?id=2112857
-  #      https://github.com/coreos/rpm-ostree/issues/3918
-  # Temporary workaround to remove the SetGID binary from liblockfile that is
-  # pulled by the s390utils but not needed for /usr/sbin/zipl.
-  - |
-    #!/usr/bin/env bash
-    set -xeuo pipefail
-    rm -f /usr/bin/dotlockfile
-
-# Things we don't expect to ship on the host.  We currently
-# have recommends: false so these could only come in via
-# hard requirement, in which case the build will fail.
-exclude-packages:
-  - perl
-  - perl-interpreter
-  - nodejs
-  - grubby
-  - cowsay  # Just in case
-  # Let's make sure initscripts doesn't get pulled back in
-  # https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
-  - initscripts
-  # For (datacenter/cloud oriented) servers, we want to see the details by default.
-  # https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
-  - plymouth
-  # Do not use legacy ifcfg config format in NetworkManager
-  # See https://github.com/coreos/fedora-coreos-config/pull/1991
-  - NetworkManager-initscripts-ifcfg-rh
-  # Let's not have both legacy and nft versions in the image. Users are free to
-  # also layer legacy themselves if they want.
-  - iptables-legacy
diff --git a/tier-1/networking-tools.yaml b/tier-1/networking-tools.yaml
index 7d6e7d1..79ad66c 100644
--- a/tier-1/networking-tools.yaml
+++ b/tier-1/networking-tools.yaml
@@ -14,7 +14,3 @@ packages:
   - iptables nftables
   # Interactive network tools for admins
   - socat net-tools bind-utils
-
-exclude-packages:
-  # We use NetworkManager
-  - systemd-networkd
diff --git a/tier-1/usr/lib/dracut/dracut.conf.d/30-bootc-full.conf b/tier-1/usr/lib/dracut/dracut.conf.d/30-bootc-full.conf
new file mode 100644
index 0000000..c580b15
--- /dev/null
+++ b/tier-1/usr/lib/dracut/dracut.conf.d/30-bootc-full.conf
@@ -0,0 +1 @@
+add_dracutmodules+=" lvm crypt fips "