Split excluded and arch packages into "package text file"
Aiming to have the main container build not use rpm-ostree. Signed-off-by: Colin Walters <walters@verbum.org>
This commit is contained in:
Colin Walters
parent
3addf4c691
commit
176ede2332
|
|
@ -2,18 +2,41 @@
|
|||
|
||||
# This is a local reference by default because we haven't shipped this image yet.
|
||||
FROM localhost/fedora-bootc:base as rootfs
|
||||
# Drop this into /usr/share/doc, so that other things can parse it
|
||||
COPY packages-recommended.txt /usr/share/doc/fedora-bootc/packages-recommended.txt
|
||||
# Drop our package sets into /usr/share/doc, so that other things can parse it
|
||||
COPY packages-*.txt /usr/share/doc/fedora-bootc/
|
||||
# Overlay our defaults
|
||||
COPY tier-1/usr/ /usr/
|
||||
RUN <<EORUN
|
||||
set -xeuo pipefail
|
||||
grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt | xargs dnf -y install
|
||||
set -euo pipefail
|
||||
dnf_args=()
|
||||
echo "Loading packages-excluded"
|
||||
for x in $(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-excluded.txt); do
|
||||
dnf_args+=(--exclude ${x})
|
||||
done
|
||||
echo "Loading packages-recommended"
|
||||
base_pkgs=$(grep -E -v '^#' /usr/share/doc/fedora-bootc/packages-recommended.txt)
|
||||
pkgfile_for_arch=/usr/share/doc/fedora-bootc/packages-$(arch).txt
|
||||
arch_pkgs=
|
||||
if test -f ${pkgfile_for_arch}; then
|
||||
echo "Loading ${pkgfile_for_arch}"
|
||||
arch_pkgs=$(grep -E -v '^#' ${pkgfile_for_arch})
|
||||
fi
|
||||
|
||||
dnf -y ${dnf_args[@]} install $base_pkgs $arch_pkgs
|
||||
|
||||
# Ensure we regenerate the initramfs with new content
|
||||
# https://docs.fedoraproject.org/en-US/bootc/initramfs/
|
||||
kver=$(cd /usr/lib/modules && echo *); dracut -vf /usr/lib/modules/$kver/initramfs.img $kver
|
||||
|
||||
# Undo RPM scripts enabling units; we want the presets to be canonical for the base image.
|
||||
# https://github.com/projectatomic/rpm-ostree/issues/1803
|
||||
rm -rf /etc/systemd/system/*
|
||||
systemctl preset-all
|
||||
rm -rf /etc/systemd/user/*
|
||||
systemctl --user --global preset-all
|
||||
|
||||
dnf clean all
|
||||
rm -vf /var/log/dnf*
|
||||
rm -vrf /var/log/*
|
||||
bootc container lint
|
||||
EORUN
|
||||
|
||||
|
|
|
|||
|
|
@ -9,9 +9,3 @@ packages:
|
|||
# Required by bootc install, sgdisk has been replaced by Rust crate
|
||||
# in bootc https://github.com/containers/bootc/pull/775
|
||||
- xfsprogs e2fsprogs dosfstools
|
||||
|
||||
exclude-packages:
|
||||
# Exclude kernel-debug-core to make sure that it doesn't somehow get
|
||||
# chosen as the package to satisfy the `kernel-core` dependency from
|
||||
# the kernel package.
|
||||
- kernel-debug-core
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
irqbalance
|
||||
|
|
@ -0,0 +1,21 @@
|
|||
# Packages excluded by default
|
||||
|
||||
# We use NetworkManager
|
||||
systemd-networkd
|
||||
# But without the legacy
|
||||
# See https://github.com/coreos/fedora-coreos-config/pull/1991
|
||||
NetworkManager-initscripts-ifcfg-rh
|
||||
|
||||
# Let's not have both legacy and nft versions in the image. Users are free to
|
||||
# also layer legacy themselves if they want.
|
||||
iptables-legacy
|
||||
|
||||
# We use bootupd
|
||||
grubby
|
||||
# Let's make sure initscripts doesn't get pulled back in
|
||||
# https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
|
||||
initscripts
|
||||
|
||||
# For (datacenter/cloud oriented) servers, we want to see the details by default.
|
||||
# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
|
||||
plymouth
|
||||
|
|
@ -0,0 +1,4 @@
|
|||
irqbalance
|
||||
librtas
|
||||
powerpc-utils-core
|
||||
ppc64-diag-rtas
|
||||
|
|
@ -0,0 +1 @@
|
|||
irqbalance
|
||||
|
|
@ -1,8 +0,0 @@
|
|||
# Configuration for the "tier-1" initramfs
|
||||
postprocess:
|
||||
- |
|
||||
#!/usr/bin/env bash
|
||||
mkdir -p /usr/lib/dracut/dracut.conf.d
|
||||
cat > /usr/lib/dracut/dracut.conf.d/30-bootc-tier-1.conf << 'EOF'
|
||||
add_dracutmodules+=" lvm crypt fips "
|
||||
EOF
|
||||
|
|
@ -1 +0,0 @@
|
|||
../tier-0/kernel.yaml
|
||||
|
|
@ -8,7 +8,6 @@ include:
|
|||
- system-configuration.yaml
|
||||
- coreos-user-experience.yaml
|
||||
- persistent-journal.yaml
|
||||
- initramfs-full.yaml
|
||||
- generic-growfs.yaml
|
||||
|
||||
packages:
|
||||
|
|
@ -36,56 +35,3 @@ packages:
|
|||
- zram-generator
|
||||
# This one is in Python so isn't in FCOS, but we can safely add it here.
|
||||
- sos
|
||||
|
||||
# These are random architecture-specific packages
|
||||
packages-x86_64:
|
||||
- irqbalance
|
||||
packages-ppc64le:
|
||||
- irqbalance
|
||||
- librtas
|
||||
- powerpc-utils-core
|
||||
- ppc64-diag-rtas
|
||||
packages-aarch64:
|
||||
- irqbalance
|
||||
|
||||
postprocess:
|
||||
# Undo RPM scripts enabling units; we want the presets to be canonical
|
||||
# https://github.com/projectatomic/rpm-ostree/issues/1803
|
||||
- |
|
||||
#!/usr/bin/env bash
|
||||
set -xeuo pipefail
|
||||
rm -rf /etc/systemd/system/*
|
||||
systemctl preset-all
|
||||
rm -rf /etc/systemd/user/*
|
||||
systemctl --user --global preset-all
|
||||
# See: https://github.com/coreos/fedora-coreos-tracker/issues/1253
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2112857
|
||||
# https://github.com/coreos/rpm-ostree/issues/3918
|
||||
# Temporary workaround to remove the SetGID binary from liblockfile that is
|
||||
# pulled by the s390utils but not needed for /usr/sbin/zipl.
|
||||
- |
|
||||
#!/usr/bin/env bash
|
||||
set -xeuo pipefail
|
||||
rm -f /usr/bin/dotlockfile
|
||||
|
||||
# Things we don't expect to ship on the host. We currently
|
||||
# have recommends: false so these could only come in via
|
||||
# hard requirement, in which case the build will fail.
|
||||
exclude-packages:
|
||||
- perl
|
||||
- perl-interpreter
|
||||
- nodejs
|
||||
- grubby
|
||||
- cowsay # Just in case
|
||||
# Let's make sure initscripts doesn't get pulled back in
|
||||
# https://github.com/coreos/fedora-coreos-tracker/issues/220#issuecomment-611566254
|
||||
- initscripts
|
||||
# For (datacenter/cloud oriented) servers, we want to see the details by default.
|
||||
# https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/HSMISZ3ETWQ4ETVLWZQJ55ARZT27AAV3/
|
||||
- plymouth
|
||||
# Do not use legacy ifcfg config format in NetworkManager
|
||||
# See https://github.com/coreos/fedora-coreos-config/pull/1991
|
||||
- NetworkManager-initscripts-ifcfg-rh
|
||||
# Let's not have both legacy and nft versions in the image. Users are free to
|
||||
# also layer legacy themselves if they want.
|
||||
- iptables-legacy
|
||||
|
|
|
|||
|
|
@ -14,7 +14,3 @@ packages:
|
|||
- iptables nftables
|
||||
# Interactive network tools for admins
|
||||
- socat net-tools bind-utils
|
||||
|
||||
exclude-packages:
|
||||
# We use NetworkManager
|
||||
- systemd-networkd
|
||||
|
|
|
|||
|
|
@ -0,0 +1 @@
|
|||
add_dracutmodules+=" lvm crypt fips "
|
||||
Loading…
Reference in New Issue