We will have a better way to make derived container images
that doesn't require having dnf in the base image.
Prep for more minimal and custom images.
Signed-off-by: Colin Walters <walters@verbum.org>
dnf5 is currently in Fedora only, but this manifest is shared with
CentOS Stream and RHEL. Instead of requesting `dnf5`, request
`/usr/bin/dnf` instead. This will pull in dnf5 on Fedora, but dnf(4)
elsewhere.
We should be able to simplify this back to just `dnf` eventually once
dnf v4 is out of Fedora.
tier-1 is more opinionated and automatic updates by default is
definitely a very strong opinion.
This makes it easier to inherit from tier-0 without having to undo that
knob if it's not desirable.
Prep for !48.
Currently, there is both dnf and dnf5 in Fedora. dnf5 provides `dnf`,
but matching a package name is stronger and so requesting `dnf` here
still pulls in the legacy one.
This notably drops out Python from tier 0.
It's supported on all architectures now, even if it's
a no-op mostly on s390x today.
But specifically this will ensure we pull in zipl on s390x,
which *is* needed.
Signed-off-by: Colin Walters <walters@verbum.org>
The systemd firstboot process does several things, but notably
it runs a preset process. This means that basically a plain
`RUN systemctl enable foo` won't work unless you *also* write
a preset file for it, and no one will know to do that.
bootc isn't in C9S yet, but it is in the -dev images. Add
the install config unconditionally so that `bootc install`
works in the `centos-bootc-dev` image.
This is basically just:
- kernel
- systemd
- selinux-policy-targeted
- bootc
Notably it doesn't have `rpm-ostree` or `rpm`, or many other things.
It also doesn't even have `linux-firmware`.
And no `openssh`!
It's almost certain that you need to derive from this, but
it should be a suitable starting point.
TODO: Add something like
```
$ dnf-system-bootstrap
Installing packaging tools from quay.io/fedora/fedora-boot-dnf@sha256:abcd...)
# This would be basically all the packages not in tier-0 that
# are enough to give `dnf install`
$ dnf install cowsay
# Install critical stuff
$ dnf system-bootstrap remove
# Remove everything that we added for the package system, that isn't
# a dependency of what the user wants!
```
(In theory we could make this work with multi-stage builds, but
it's a little hard)
Colin Walters
Jonathan Lebon
Paul Whalen