- Embed the manifests into the container image
- Add bootc-base-imagectl which is a tightly controlled frontend
to execute on those manifests.
For now, we don't attempt to rework how we build the standard
image to actually look like `dnf install`, but we show that
it can work.
Signed-off-by: Colin Walters <walters@verbum.org>
The "tiers" nomenclature ended up being unhelpful since
we introduced "tier-x" which is between tier-0 and tier-1.
We also never exposed the tier naming outside of our source
code. In preparation for doing so, rename to tier-0 to
"minimal" which is a bit more descriptive.
Renaming the other images will follow.
Signed-off-by: Colin Walters <walters@verbum.org>
The platform-engineering include is using a truly ancient buildah
image. Stop including that and bump to the latest.
Signed-off-by: Colin Walters <walters@verbum.org>
Let's at least verify tier-0 and tier-x can build fine. Ideally in the
future we actually run some tests on the resulting image, though let's
wait until this CI is migrated to Konflux before doing that.
Ultimately we expect these images to be produced by the OS build
lifecycle, not via our CI. That's in flight now. Our primary
targets will anyways be eln and c9s; released Fedora actually
moves more slowly in many cases and that's not what we need
or are interested in here.
This is basically just:
- kernel
- systemd
- selinux-policy-targeted
- bootc
Notably it doesn't have `rpm-ostree` or `rpm`, or many other things.
It also doesn't even have `linux-firmware`.
And no `openssh`!
It's almost certain that you need to derive from this, but
it should be a suitable starting point.
TODO: Add something like
```
$ dnf-system-bootstrap
Installing packaging tools from quay.io/fedora/fedora-boot-dnf@sha256:abcd...)
# This would be basically all the packages not in tier-0 that
# are enough to give `dnf install`
$ dnf install cowsay
# Install critical stuff
$ dnf system-bootstrap remove
# Remove everything that we added for the package system, that isn't
# a dependency of what the user wants!
```
(In theory we could make this work with multi-stage builds, but
it's a little hard)
Colin Walters
Jonathan Lebon
Liora Milbaum