public
/
bootc-base-images
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Split excluded and arch packages into "package text file" 

Aiming to have the main container build not use rpm-ostree.

Signed-off-by: Colin Walters <walters@verbum.org>
This commit is contained in:
Colin Walters 2025-01-21 17:12:06 -05:00
parent 3addf4c691
commit 176ede2332
11 changed files with 56 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Containerfile
View File

@ -2,18 +2,41 @@
# This is a local reference by default because we haven't shipped this image yet. # This is a local reference by default because we haven't shipped this image yet.
FROM localhost/fedora-bootc:base as rootfs FROM localhost/fedora-bootc:base as rootfs
# Drop this into /usr/share/doc, so that other things can parse it # Drop our package sets into /usr/share/doc, so that other things can parse it
COPY packages-recommended.txt /usr/share/doc/fedora-bootc/packages-recommended.txt COPY packages-*.txt /usr/share/doc/fedora-bootc/
# Overlay our defaults
COPY tier-1/usr/ /usr/
RUN <<EORUN RUN <<EORUN
set -xeuo pipefail set -euo pipefail
grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt | xargs dnf -y install dnf_args=()
echo "Loading packages-excluded"
for x in $(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-excluded.txt); do
dnf_args+=(--exclude ${x})
done
echo "Loading packages-recommended"
base_pkgs=$(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt)
pkgfile_for_arch=/usr/share/doc/fedora-bootc/packages-$(arch).txt
arch_pkgs=
if test -f ${pkgfile_for_arch}; then
echo "Loading ${pkgfile_for_arch}"
arch_pkgs=$(grep -E -v '^#' ${pkgfile_for_arch})
fi
dnf -y ${dnf_args[@]} install $base_pkgs $arch_pkgs
# Ensure we regenerate the initramfs with new content # Ensure we regenerate the initramfs with new content
# https://docs.fedoraproject.org/en-US/bootc/initramfs/ # https://docs.fedoraproject.org/en-US/bootc/initramfs/
kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver
# Undo RPM scripts enabling units; we want the presets to be canonical for the base image.
# https://github.com/projectatomic/rpm-ostree/issues/1803
rm -rf /etc/systemd/system/*
systemctl preset-all
rm -rf /etc/systemd/user/*
systemctl --user --global preset-all
dnf clean all dnf clean all
rm -vf /var/log/dnf* rm -vrf /var/log/*
bootc container lint bootc container lint
EORUN EORUN

6
base/bootc.yaml
View File

@ -9,9 +9,3 @@ packages:
# Required by bootc install, sgdisk has been replaced by Rust crate # Required by bootc install, sgdisk has been replaced by Rust crate
# in bootc https://github.com/containers/bootc/pull/775 # in bootc https://github.com/containers/bootc/pull/775
- xfsprogs e2fsprogs dosfstools - xfsprogs e2fsprogs dosfstools
exclude-packages:
# Exclude kernel-debug-core to make sure that it doesn't somehow get
# chosen as the package to satisfy the `kernel-core` dependency from
# the kernel package.
- kernel-debug-core

1
packages-aarch64.txt Normal file
View File

@ -0,0 +1 @@
irqbalance

21
packages-excluded.txt Normal file
View File

@ -0,0 +1,21 @@
# Packages excluded by default
# We use NetworkManager
systemd-networkd
# But without the legacy
# See https://github.com/coreos/fedora-coreos-config/pull/1991
NetworkManager-initscripts-ifcfg-rh
# Let's not have both legacy and nft versions in the image. Users are free to
# also layer legacy themselves if they want.
iptables-legacy
# We use bootupd
grubby
# Let's make sure initscripts doesn't get pulled back in
# https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
initscripts
# For (datacenter/cloud oriented) servers, we want to see the details by default.
# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
plymouth

4
packages-ppc64le.txt Normal file
View File

@ -0,0 +1,4 @@
irqbalance
librtas
powerpc-utils-core
ppc64-diag-rtas

1
packages-x86_64.txt Normal file
View File

@ -0,0 +1 @@
irqbalance

8
tier-1/initramfs-full.yaml
View File

@ -1,8 +0,0 @@
# Configuration for the "tier-1" initramfs
postprocess:
- |
#!/usr/bin/env bash
mkdir -p /usr/lib/dracut/dracut.conf.d
cat > /usr/lib/dracut/dracut.conf.d/30-bootc-tier-1.conf << 'EOF'
add_dracutmodules+=" lvm crypt fips "
EOF

1
tier-1/kernel.yaml
View File

@ -1 +0,0 @@
../tier-0/kernel.yaml

54
tier-1/manifest.yaml
View File

@ -8,7 +8,6 @@ include:
- system-configuration.yaml - system-configuration.yaml
- coreos-user-experience.yaml - coreos-user-experience.yaml
- persistent-journal.yaml - persistent-journal.yaml
- initramfs-full.yaml
- generic-growfs.yaml - generic-growfs.yaml
packages: packages:
@ -36,56 +35,3 @@ packages:
- zram-generator - zram-generator
# This one is in Python so isn't in FCOS, but we can safely add it here. # This one is in Python so isn't in FCOS, but we can safely add it here.
- sos - sos
# These are random architecture-specific packages
packages-x86_64:
- irqbalance
packages-ppc64le:
- irqbalance
- librtas
- powerpc-utils-core
- ppc64-diag-rtas
packages-aarch64:
- irqbalance
postprocess:
# Undo RPM scripts enabling units; we want the presets to be canonical
# https://github.com/projectatomic/rpm-ostree/issues/1803
- |
#!/usr/bin/env bash
set -xeuo pipefail
rm -rf /etc/systemd/system/*
systemctl preset-all
rm -rf /etc/systemd/user/*
systemctl --user --global preset-all
# See: https://github.com/coreos/fedora-coreos-tracker/issues/1253
# https://bugzilla.redhat.com/show_bug.cgi?id=2112857
# https://github.com/coreos/rpm-ostree/issues/3918
# Temporary workaround to remove the SetGID binary from liblockfile that is
# pulled by the s390utils but not needed for /usr/sbin/zipl.
- |
#!/usr/bin/env bash
set -xeuo pipefail
rm -f /usr/bin/dotlockfile
# Things we don't expect to ship on the host. We currently
# have recommends: false so these could only come in via
# hard requirement, in which case the build will fail.
exclude-packages:
- perl
- perl-interpreter
- nodejs
- grubby
- cowsay # Just in case
# Let's make sure initscripts doesn't get pulled back in
# https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
- initscripts
# For (datacenter/cloud oriented) servers, we want to see the details by default.
# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
- plymouth
# Do not use legacy ifcfg config format in NetworkManager
# See https://github.com/coreos/fedora-coreos-config/pull/1991
- NetworkManager-initscripts-ifcfg-rh
# Let's not have both legacy and nft versions in the image. Users are free to
# also layer legacy themselves if they want.
- iptables-legacy

4
tier-1/networking-tools.yaml
View File

@ -14,7 +14,3 @@ packages:
- iptables nftables - iptables nftables
# Interactive network tools for admins # Interactive network tools for admins
- socat net-tools bind-utils - socat net-tools bind-utils
exclude-packages:
# We use NetworkManager
- systemd-networkd

1
tier-1/usr/lib/dracut/dracut.conf.d/30-bootc-full.conf Normal file
View File

@ -0,0 +1 @@
add_dracutmodules+=" lvm crypt fips "