From 0980197ad9dd468445309427b0aef7851282c87f Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Wed, 23 Oct 2024 15:12:50 -0400 Subject: [PATCH 1/3] Containerfile: split long RUN lines They're getting quite long and hard to parse. Split for legibility. --- Containerfile | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/Containerfile b/Containerfile index 4a3f20c..59c3317 100644 --- a/Containerfile +++ b/Containerfile @@ -39,10 +39,15 @@ COPY . /src WORKDIR /src RUN rm -vf /src/*.repo COPY --from=repos /etc/yum.repos.d/*.repo /src -RUN --mount=type=cache,target=/workdir --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared rpm-ostree compose image \ - --image-config fedora-bootc-config.json --cachedir=/workdir --format=ociarchive --initialize ${MANIFEST} /buildcontext/out.ociarchive +RUN --mount=type=cache,target=/workdir \ + --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \ + rpm-ostree compose image --image-config fedora-bootc-config.json \ + --cachedir=/workdir --format=ociarchive --initialize ${MANIFEST} \ + /buildcontext/out.ociarchive FROM oci-archive:./out.ociarchive # Need to reference builder here to force ordering. But since we have to run # something anyway, we might as well cleanup after ourselves. -RUN --mount=type=bind,from=builder,src=.,target=/var/tmp --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared rm /buildcontext/out.ociarchive +RUN --mount=type=bind,from=builder,src=.,target=/var/tmp \ + --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \ + rm /buildcontext/out.ociarchive From 6315275af75673c9f8d4f6c431bcad370355174d Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Wed, 23 Oct 2024 15:14:06 -0400 Subject: [PATCH 2/3] Remove releasever from manifests; add pungi treefile stubs As agreed in https://gitlab.com/fedora/bootc/tracker/-/issues/39, we're going to be maintaining the treefile for all Fedora versions in the `main` branch. Accordingly stop hardcoding releasevers and repos in the treefiles. But for now, we're still building the official image in pungi using the non-container-native path, so add compatibility stubs to not break it. Coincidentally, this doubles down on the proposed API to build the base images for different Fedora versions using the `--from` switch. Document this in the README. But note this doesn't work yet because nothing is telling rpm-ostree which repos to use or what the releasever should be. --- README.md | 12 ++++++++++++ fedora-40.yaml | 7 +++++++ fedora-41.yaml | 7 +++++++ fedora-bootc.yaml | 4 ---- fedora-rawhide.yaml | 6 ++++++ fedora-tier-0.yaml | 4 ---- fedora-tier-x.yaml | 4 ---- 7 files changed, 32 insertions(+), 12 deletions(-) create mode 100644 fedora-40.yaml create mode 100644 fedora-41.yaml create mode 100644 fedora-rawhide.yaml diff --git a/README.md b/README.md index 557e94f..a409473 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,18 @@ podman build --security-opt=label=disable --cap-add=all \ See the `Containerfile` for more details. This builds the default `tier-1` image. +## Fedora versions + +By default, the base images are built for Fedora rawhide. To build against a +different Fedora version, you can override the `FROM` image used to obtain the +Fedora repos and dnf variables. E.g.: + +``` +podman build --from quay.io/fedora/fedora:41 ... +``` + +WIP: THIS DOESN'T WORK YET. + ### Deriving You are of course also free to fork, customize, and build base images yourself. diff --git a/fedora-40.yaml b/fedora-40.yaml new file mode 100644 index 0000000..647be5a --- /dev/null +++ b/fedora-40.yaml @@ -0,0 +1,7 @@ +# NB: This treefile is used by the legacy pungi path only to build tier-1. It +# will be removed in the future. +releasever: 40 +repos: + - fedora + - fedora-updates +include: fedora-bootc.yaml diff --git a/fedora-41.yaml b/fedora-41.yaml new file mode 100644 index 0000000..51026d4 --- /dev/null +++ b/fedora-41.yaml @@ -0,0 +1,7 @@ +# NB: This treefile is used by the legacy pungi path only to build tier-1. It +# will be removed in the future. +releasever: 41 +repos: + - fedora + - fedora-updates +include: fedora-bootc.yaml diff --git a/fedora-bootc.yaml b/fedora-bootc.yaml index 9b61e19..68dc692 100644 --- a/fedora-bootc.yaml +++ b/fedora-bootc.yaml @@ -1,7 +1,3 @@ -releasever: rawhide -repos: - - rawhide - metadata: name: fedora-boot-tier1 summary: Fedora Bootable Tier 1 diff --git a/fedora-rawhide.yaml b/fedora-rawhide.yaml new file mode 100644 index 0000000..5eec79c --- /dev/null +++ b/fedora-rawhide.yaml @@ -0,0 +1,6 @@ +# NB: This treefile is used by the legacy pungi path only to build tier-1. It +# will be removed in the future. +releasever: rawhide +repos: + - fedora-rawhide +include: fedora-bootc.yaml diff --git a/fedora-tier-0.yaml b/fedora-tier-0.yaml index c24d5c4..6cef2a1 100644 --- a/fedora-tier-0.yaml +++ b/fedora-tier-0.yaml @@ -1,7 +1,3 @@ -releasever: rawhide -repos: - - rawhide - metadata: name: fedora-boot-tier0 summary: Fedora Bootable Tier 0 diff --git a/fedora-tier-x.yaml b/fedora-tier-x.yaml index 19e08c8..90a96fd 100644 --- a/fedora-tier-x.yaml +++ b/fedora-tier-x.yaml @@ -1,7 +1,3 @@ -releasever: rawhide -repos: - - rawhide - metadata: name: fedora-boot-tier-x summary: Fedora Bootable Tier X From 908c347bb9df402a74d793966afb22c6a79bb6d5 Mon Sep 17 00:00:00 2001 From: Jonathan Lebon Date: Wed, 23 Oct 2024 15:17:53 -0400 Subject: [PATCH 3/3] Containerfile: add temporary hack for `--from` handling Using `--from` to set the target releasever doesn't work yet because we _need_ to set the `releasever` field since the repo files reference it. There's a pending rpm-ostree PR to fix this but for now hack around it by manually injecting the necessary variables in the treefile. --- Containerfile | 6 ++++++ README.md | 2 -- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Containerfile b/Containerfile index 59c3317..47257d1 100644 --- a/Containerfile +++ b/Containerfile @@ -39,6 +39,12 @@ COPY . /src WORKDIR /src RUN rm -vf /src/*.repo COPY --from=repos /etc/yum.repos.d/*.repo /src +# Brutally inject releasever and repos into manifest file. This is a major hack +# until rpm-ostree does this on its own: https://github.com/coreos/rpm-ostree/pull/5136 +RUN --mount=type=bind,from=repos,src=/,dst=/repos source /repos/etc/os-release && \ + echo -e "\nreleasever: $VERSION_ID" >> ${MANIFEST} && \ + echo -e "\nrepos:\n" >> ${MANIFEST} && \ + dnf repolist --setopt=reposdir=. | tail -n +2 | cut -f1 -d' ' | sed 's/^/- /' >> ${MANIFEST} RUN --mount=type=cache,target=/workdir \ --mount=type=bind,rw=true,src=.,dst=/buildcontext,bind-propagation=shared \ rpm-ostree compose image --image-config fedora-bootc-config.json \ diff --git a/README.md b/README.md index a409473..65dc8d9 100644 --- a/README.md +++ b/README.md @@ -42,8 +42,6 @@ Fedora repos and dnf variables. E.g.: podman build --from quay.io/fedora/fedora:41 ... ``` -WIP: THIS DOESN'T WORK YET. - ### Deriving You are of course also free to fork, customize, and build base images yourself.