%global forgeurl https://github.com/osbuild/osbuild %global selinuxtype targeted Version: 44 %forgemeta %global pypi_name osbuild %global pkgdir %{_prefix}/lib/%{pypi_name} Name: %{pypi_name} Release: 1%{?dist} License: ASL 2.0 URL: %{forgeurl} Source0: %{forgesource} BuildArch: noarch Summary: A build system for OS images BuildRequires: make BuildRequires: python3-devel BuildRequires: python3-docutils BuildRequires: systemd Requires: bash Requires: bubblewrap Requires: coreutils Requires: curl Requires: dnf Requires: e2fsprogs Requires: glibc Requires: policycoreutils Requires: qemu-img Requires: systemd Requires: tar Requires: util-linux Requires: python3-%{pypi_name} = %{version}-%{release} Requires: (%{name}-selinux if selinux-policy-%{selinuxtype}) # Turn off dependency generators for runners. The reason is that runners are # tailored to the platform, e.g. on RHEL they are using platform-python. We # don't want to pick up those dependencies on other platform. %global __requires_exclude_from ^%{pkgdir}/(runners)/.*$ # Turn off shebang mangling on RHEL. brp-mangle-shebangs (from package # redhat-rpm-config) is run on all executables in a package after the `install` # section runs. The below macro turns this behavior off for: # - runners, because they already have the correct shebang for the platform # they're meant for, and # - stages and assemblers, because they are run within osbuild build roots, # which are not required to contain the same OS as the host and might thus # have a different notion of "platform-python". # RHEL NB: Since assemblers and stages are not excluded from the dependency # generator, this also means that an additional dependency on /usr/bin/python3 # will be added. This is intended and needed, so that in the host build root # /usr/bin/python3 is present so stages and assemblers can be run. %global __brp_mangle_shebangs_exclude_from ^%{pkgdir}/(assemblers|runners|stages)/.*$ %{?python_enable_dependency_generator} %description A build system for OS images %package -n python3-%{pypi_name} Summary: %{summary} %{?python_provide:%python_provide python3-%{pypi_name}} %description -n python3-%{pypi_name} A build system for OS images %package lvm2 Summary: LVM2 support Requires: %{name} = %{version}-%{release} Requires: lvm2 %description lvm2 Contains the necessary stages and device host services to build LVM2 based images. %package luks2 Summary: LUKS2 support Requires: %{name} = %{version}-%{release} Requires: cryptsetup %description luks2 Contains the necessary stages and device host services to build LUKS2 encrypted images. %package ostree Summary: OSTree support Requires: %{name} = %{version}-%{release} Requires: ostree Requires: rpm-ostree %description ostree Contains the necessary stages, assembler and source to build OSTree based images. %package selinux Summary: SELinux policies Requires: %{name} = %{version}-%{release} BuildRequires: selinux-policy BuildRequires: selinux-policy-devel %{?selinux_requires} %description selinux Contains the necessary SELinux policies that allows osbuild to use labels unknown to the host inside the containers it uses to build OS artifacts. %package tools Summary: Extra tools and utilities Requires: %{name} = %{version}-%{release} Requires: python3-pyyaml %description tools Contains additional tools and utilities for development of manifests and osbuild. %prep %forgesetup %build %py3_build make man # SELinux make -f /usr/share/selinux/devel/Makefile osbuild.pp bzip2 -9 osbuild.pp %pre %selinux_relabel_pre -s %{selinuxtype} %install %py3_install mkdir -p %{buildroot}%{pkgdir}/stages install -p -m 0755 $(find stages -type f) %{buildroot}%{pkgdir}/stages/ mkdir -p %{buildroot}%{pkgdir}/assemblers install -p -m 0755 $(find assemblers -type f) %{buildroot}%{pkgdir}/assemblers/ mkdir -p %{buildroot}%{pkgdir}/runners install -p -m 0755 $(find runners -type f -or -type l) %{buildroot}%{pkgdir}/runners mkdir -p %{buildroot}%{pkgdir}/sources install -p -m 0755 $(find sources -type f) %{buildroot}%{pkgdir}/sources mkdir -p %{buildroot}%{pkgdir}/devices install -p -m 0755 $(find devices -type f) %{buildroot}%{pkgdir}/devices mkdir -p %{buildroot}%{pkgdir}/inputs install -p -m 0755 $(find inputs -type f) %{buildroot}%{pkgdir}/inputs mkdir -p %{buildroot}%{pkgdir}/mounts install -p -m 0755 $(find mounts -type f) %{buildroot}%{pkgdir}/mounts # mount point for bind mounting the osbuild library mkdir -p %{buildroot}%{pkgdir}/osbuild # schemata mkdir -p %{buildroot}%{_datadir}/osbuild/schemas install -p -m 0644 $(find schemas/*.json) %{buildroot}%{_datadir}/osbuild/schemas ln -s %{_datadir}/osbuild/schemas %{buildroot}%{pkgdir}/schemas # documentation mkdir -p %{buildroot}%{_mandir}/man1 mkdir -p %{buildroot}%{_mandir}/man5 install -p -m 0644 -t %{buildroot}%{_mandir}/man1/ docs/*.1 install -p -m 0644 -t %{buildroot}%{_mandir}/man5/ docs/*.5 # SELinux install -D -m 0644 -t %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype} %{name}.pp.bz2 install -D -m 0644 -t %{buildroot}%{_mandir}/man8 selinux/%{name}_selinux.8 # Udev rules mkdir -p %{buildroot}%{_udevrulesdir} install -p -m 0755 data/10-osbuild-inhibitor.rules %{buildroot}%{_udevrulesdir} %check exit 0 # We have some integration tests, but those require running a VM, so that would # be an overkill for RPM check script. %files %license LICENSE %{_bindir}/osbuild %{_mandir}/man1/%{name}.1* %{_mandir}/man5/%{name}-manifest.5* %{_datadir}/osbuild/schemas %{pkgdir} %{_udevrulesdir}/*.rules # the following files are in the lvm2 sub-package %exclude %{pkgdir}/devices/org.osbuild.lvm2* %exclude %{pkgdir}/stages/org.osbuild.lvm2* # the following files are in the luks2 sub-package %exclude %{pkgdir}/devices/org.osbuild.luks2* %exclude %{pkgdir}/stages/org.osbuild.crypttab %exclude %{pkgdir}/stages/org.osbuild.luks2* # the following files are in the ostree sub-package %exclude %{pkgdir}/assemblers/org.osbuild.ostree* %exclude %{pkgdir}/inputs/org.osbuild.ostree* %exclude %{pkgdir}/sources/org.osbuild.ostree* %exclude %{pkgdir}/stages/org.osbuild.ostree* %exclude %{pkgdir}/stages/org.osbuild.rpm-ostree %files -n python3-%{pypi_name} %license LICENSE %doc README.md %{python3_sitelib}/%{pypi_name}-*.egg-info/ %{python3_sitelib}/%{pypi_name}/ %files lvm2 %{pkgdir}/devices/org.osbuild.lvm2* %{pkgdir}/stages/org.osbuild.lvm2* %files luks2 %{pkgdir}/devices/org.osbuild.luks2* %{pkgdir}/stages/org.osbuild.crypttab %{pkgdir}/stages/org.osbuild.luks2* %files ostree %{pkgdir}/assemblers/org.osbuild.ostree* %{pkgdir}/inputs/org.osbuild.ostree* %{pkgdir}/sources/org.osbuild.ostree* %{pkgdir}/stages/org.osbuild.ostree* %{pkgdir}/stages/org.osbuild.rpm-ostree %files selinux %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2 %{_mandir}/man8/%{name}_selinux.8.* %ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name} %post selinux %selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2 %postun selinux if [ $1 -eq 0 ]; then %selinux_modules_uninstall -s %{selinuxtype} %{name} fi %posttrans selinux %selinux_relabel_post -s %{selinuxtype} %files tools %{_bindir}/osbuild-mpp %changelog * Thu Dec 16 2021 Packit Service - 44-1 CHANGES WITH 44: ---------------- * LUKS (v2) support (#879) * osbuild-mpp: Add support for a pacman resolver (#911) * `stages/dnf-automatic`: add new stage for configuring DNF Automatic (#936) * `stages/yum.repos`: add new stage for creating YUM / DNF repo files (#932) * `stages/users`: explicitly create a home directory (#929) * `stages/dnf`: edit /etc/dnf/dnf.conf (#928) * `stages/sshd`: support PermitRootLogin option (#917) * build root: isolate container environment from the host and set `CONTAINER` (#926) * Small fix for `mounts/ostree.deployment` and an order check for `depsolve` (#915) * Added poll() with a time out of 10 minutes for building images (#888, #918) * Apply autopep8 to osbuild-mpp and resolve Constructor is undefined (#914) * Support for on demand pipeline building (#855) * util/rmrf: handle broken symlinks (#913) Contributions from: Aaron Hetherington, Achilleas Koutsou, Christian Kellner, Jelle van der Waa, Ondřej Budai, Sanne Raymaekers, Simon Steinbeiss, Tomas Hozza — Vöcklabruck, 2021-12-16 * Wed Dec 01 2021 Packit Service - 43-1 CHANGES WITH 43: ---------------- * Buildroot: mask `/proc/cmdline` (#895) * stages/grub2.inst: Make grub-mkimage binary configurable (#905) * tests: enable testing on aarch64 RHEL (#844) * gitignore: Ignore generated man pages (#903) * stages/ostree.fillvar: fill the correct var (#904) * osbuild-mpp: Allow importing multiple pipelines from a manifest (#900) * ci: switch to rhel-9 runners (#901) * spec: require python3-pyyaml for osbuild-tools (#899) * osbuild-mpp: Support loading yaml as well as json files (#893) * CI: update the osbuild-ci container (#896) * osbuild: Add org.osbuild.gunzip stage (#886) * osbuild-mpp: Report the path of the json file when parsing fails (#890) * packit: enable copr builds for CS9 on main (#894) * tools/osbuild-mpp: add ability to embed files (#859) * osbuild-mpp: Add mpp-if feature (#885) Contributions from: Alexander Larsson, Christian Kellner, Jakub Rusz, Jelle van der Waa, Ondřej Budai, kingsleyzissou — Berlin, 2021-12-01 * Thu Nov 18 2021 Packit Service - 42-1 CHANGES WITH 42: ---------------- * packit: enable copr build for CS9 (#887) * test/lvm2: use LoopControl.loop_for_fd (#884) * packit: Use upstream github release description (#880) Contributions from: Christian Kellner, Ondřej Budai, Simon Steinbeiss — Cork, 2021-11-17 -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEErKmAeFdguKfr5RbZC04GHB6SbNcFAmGU3x8ACgkQC04GHB6S bNcXqBAAxWLL5kFhhrbboXShLmgdVbryYv8muxsyF0YFdE8qHdJmwDZkURoUH2Mh RzWDl4Lq1FKoGJZ6WP3S0/Mj/8cpHhhXSnUzcGZamz6hJrsoyeUfYRQrB67/Mkm5 HEWWMxYBA1qvf+tfzVAr4BjlUfmDAHqjbRu5loHqANJSKNCmcg2jrHnvV5VrjBQf t1NCQOm960kik5gjFfAemsmEYlkPN8MtD/VxxUJC2dKCDkY7tQBITB+40fB0lDdF EIODFooKE0b2rXumEJUr95V6vGmmEOyFOcsOajls58pJSbak01g2I6J6WpSb9EiS RZbhNYhh59BKNrsbfpO8JAYrqVy+OyPZxTwdpIUYbP4KndNbGe/QH5L/Vbdt1Dv9 HokDnTGD2jLrHyK1HP+NkjHmGy+s5XCiFwtFPbZeI7RIgxugIkJjM985u9vi0Ufd uzbI0DP302DRiafXgR9CX/YXkEWjHpu8RSeoFsbTj6KzSAZtacK7gXWcSF5TUMlZ kGVGy/b9xz5Ily2SOI07FBNMCHH705BRXsZGuugPlmslACTEVUh377DpvYcgBHVx oclxqFXW17xwcxCrC6JBcXM9h2h59KJ60BSGnVHpg2bdqZat01we1p2rbcN6Dn2H 45KWO7O678oRBnIpt4lsnY/Avs7DZ83HfX4ctNfcgdwRDISFyts= =jsoz -----END PGP SIGNATURE----- * Wed Nov 17 2021 Packit Service - 42-1 CHANGES WITH 42: ---------------- * packit: enable copr build for CS9 (#887) * test/lvm2: use LoopControl.loop_for_fd (#884) * packit: Use upstream github release description (#880) Contributions from: Christian Kellner, Ondřej Budai, Simon Steinbeiss — Cork, 2021-11-17 -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEErKmAeFdguKfr5RbZC04GHB6SbNcFAmGU3x8ACgkQC04GHB6S bNcXqBAAxWLL5kFhhrbboXShLmgdVbryYv8muxsyF0YFdE8qHdJmwDZkURoUH2Mh RzWDl4Lq1FKoGJZ6WP3S0/Mj/8cpHhhXSnUzcGZamz6hJrsoyeUfYRQrB67/Mkm5 HEWWMxYBA1qvf+tfzVAr4BjlUfmDAHqjbRu5loHqANJSKNCmcg2jrHnvV5VrjBQf t1NCQOm960kik5gjFfAemsmEYlkPN8MtD/VxxUJC2dKCDkY7tQBITB+40fB0lDdF EIODFooKE0b2rXumEJUr95V6vGmmEOyFOcsOajls58pJSbak01g2I6J6WpSb9EiS RZbhNYhh59BKNrsbfpO8JAYrqVy+OyPZxTwdpIUYbP4KndNbGe/QH5L/Vbdt1Dv9 HokDnTGD2jLrHyK1HP+NkjHmGy+s5XCiFwtFPbZeI7RIgxugIkJjM985u9vi0Ufd uzbI0DP302DRiafXgR9CX/YXkEWjHpu8RSeoFsbTj6KzSAZtacK7gXWcSF5TUMlZ kGVGy/b9xz5Ily2SOI07FBNMCHH705BRXsZGuugPlmslACTEVUh377DpvYcgBHVx oclxqFXW17xwcxCrC6JBcXM9h2h59KJ60BSGnVHpg2bdqZat01we1p2rbcN6Dn2H 45KWO7O678oRBnIpt4lsnY/Avs7DZ83HfX4ctNfcgdwRDISFyts= =jsoz -----END PGP SIGNATURE----- * Mon Nov 08 2021 Packit Service - 41-1 - stages/authconfig: run authconfig (Tom Gundersen) - stages/yum.config: add an option to configure langpacks plugin (Ondřej Budai) - formats/v2: fix describe for mount without source (Christian Kellner) - stages/selinux: ability to force an auto-relabel (Christian Kellner) - stages/pwquality.conf: set pwquality configuration (Tom Gundersen) - stages/rhsm: add support to configure yum plugins (Christian Kellner) - stages/rhsm: extract plugins defintion (Christian Kellner) - Add new `org.osbuild.yum.config` stage (Tomas Hozza) - test/cloud-init: add new options to stage test (Achilleas Koutsou) - stages/cloud-init: disable default_flow_style when writing configs (Achilleas Koutsou) - stages/cloud-init: add support for configuring output logging (Achilleas Koutsou) - stages/cloud-init: add support for configuring reporting handlers (Achilleas Koutsou) - stages/cloud-init: add support for configuring Azure datasource (Achilleas Koutsou) - stages: add new org.osbuild.cron.script stage (Christian Kellner) - stages/grub2: add support for terminal, serial and timeout config (Ondřej Budai) - stages/waagent.conf: set WALinuxAgent configuration (Tom Gundersen) - stages/sshd.config: set sshd configuration (Tom Gundersen) - Support 'install' command in org.osbuild.modprobe stage (Tomas Hozza) - Post release version bump (msehnout) * Wed Nov 03 2021 Packit Service - 40-1 - stages/lvm2.create: fix 'size' and add 'extents' (Christian Kellner) - Let schutzbot do the post-release version bump (Simon Steinbeiss) - test/data: use ostree.deployment in fedora image (Christian Kellner) - mounts: add new ostree.deployment service (Christian Kellner) - mounts: include tree directory in arguments (Christian Kellner) - mounts: allow empty returns from service (Christian Kellner) - mounts: separate file system mount service (Christian Kellner) - meta: allow mounts for all stages (Christian Kellner) - schema/v2: make mount source and target optional (Christian Kellner) - mounts: change schema meta information (Christian Kellner) - mounts: introduce new mount manager class (Christian Kellner) - devices: add device path helper functions (Christian Kellner) - devices: introduce new device manager class (Christian Kellner) - test/data: add RHEL 7 manifests (Christian Kellner) - test/stages: add check for `parted` stage (Christian Kellner) - runners: add rhel7 runner (Christian Kellner) - stages/grub2.legacy: new stage for non-bls config (Christian Kellner) - stages/parted: new stage to partition a device (Christian Kellner) - pipeline: don't bind-mount /boot from the host (Christian Kellner) - buildroot: make mounting /boot optional (Christian Kellner) - setup.cfg: increase max-statements to 75 (Christian Kellner) - runners: add new centos9 runner (Christian Kellner) - ci: remove 8.5 nightly testing (Ondřej Budai) - mpp: fix long options (Christian Kellner) - osbuild-mpp: Set the "arch" variable to the current rpm arch (Alexander Larsson) - osbuild-mpp: Better handling of variable defaults and propagation (Alexander Larsson) - osbuild-mpp: Better handling of -D overrides (Alexander Larsson) - osbuild-mpp: Allow using formating in depsolver node (Alexander Larsson) - osbuild-mpp: Add mpp-join (Alexander Larsson) - osbuild-mpp: Add mpp-eval (Alexander Larsson) - Fix GitHub Action tag pattern (Simon Steinbeiss) - mockbuild: reuse mock repos from the system ones (Ondřej Budai) - mockbuild: rotate a variable name (Ondřej Budai) - gitlab: don't save journal (Ondřej Budai) - deploy: update to the latest composer commit (Ondřej Budai) - ci: don't register the runners (Ondřej Budai) - trigger-gitlab: do not interpret the fetch_pulls outputs (Ondřej Budai) - Bump version numbers ahead of release (Simon Steinbeiss) - Switch to simple upstream releases (Simon Steinbeiss) - stages/grub2.inst: ensure /var/tmp exists (Christian Kellner) - devices/loopback: remove extra "'" from print (Christian Kellner) - tests/ci: Switch to testing on 8.4 GA (Jakub Rusz) - tests: enable testing on RHEl-8.5 and RHEL-9.0 (Jakub Rusz) - .github: Write PR data to a file first in trigger-gitlab (Sanne Raymaekers) - README: Add a link to our developer guide (Simon Steinbeiss) * Wed Oct 06 2021 Packit Service - 39-1 - 39 (Thomas Lavocat) - packit: enable builds on ppc64le (Tomas Hozza) - CI: rename rhel-8.5 runners to rhel-8.5-nightly (Achilleas Koutsou) - mockbuild: add RHEL 8.6 (Achilleas Koutsou) - docs: document osbuild and selinux integration (Christian Kellner) - ci: trigger gitlab from checks not tests (Christian Kellner) - ci: split out checks from tests (Christian Kellner) - .github: Get PR number from sha (Sanne Raymaekers) - .github: Use the workflow_run event data in trigger-gitlab (Sanne Raymaekers) - ci: trigger gitlab ci via workflow run event (Christian Kellner) * Mon Sep 27 2021 Packit Service - 38-1 - 38 (Simon Steinbeiss) - Copy the local_vars dictionary to avoid eval modifying it (Pierre-Yves Chibon) - Add support for defining variables from other variables or basic expression (Pierre-Yves Chibon) - test/host: checks for invalid fd handling (Christian Kellner) - host: check reply_fds before sending them (Christian Kellner) - host: raise a protocol error for empty messages (Christian Kellner) - sources: pass items via temporary file (Christian Kellner) - test/host: add check for call with fds (Christian Kellner) - host: properly clean up passed fds (Christian Kellner) - stages/qemu: fix 'compat' option (Christian Kellner) * Wed Sep 22 2021 Packit Service - 37-1 - 37 (Martin Sehnoutka) - sources: port to host services (Christian Kellner) - org.osbuild.curl: Don't load secrets if not needed (Alexander Larsson) - pipeline: split out downloading from building (Christian Kellner) - Fix the assert as `.sort()` returns None (Pierre-Yves Chibon) - schutzbot: Update terraform sha (Sanne Raymaekers) - packit: Propose PRs to all Fedoras (Simon Steinbeiss) - stages: pam_limits.conf → pam.limits.conf (Christian Kellner) - Add a new stage for configuring `pam_limits` module (Tomas Hozza) - ostree.config: add `bootloader` config option (Christian Kellner) - Add a new stage for setting kernel parameters via sysctl.d (Tomas Hozza) * Wed Sep 08 2021 Packit Service - 36-1 - 36 (Diaa Sami) - Add a new stage `org.osbuild.tmpfilesd` for configuring tmpfiles.d (Tomas Hozza) - Add a new stage for configuring SELinux state on the system (Tomas Hozza) - Add a new `org.osbuild.dnf.config` stage for configuring DNF (Tomas Hozza) - Add new `org.osbuild.tuned` stage for setting active TuneD profile (Tomas Hozza) - util/rhsm: Check if repositories is None before iterating (Sanne Raymaekers) - stages/kickstart: set passwords with --iscrypted (Achilleas Koutsou) * Sun Aug 29 2021 Packit Service - 35-1 - 35 (Tom Gundersen) - stages/kickstart: quote ssh-key (Christian Kellner) * Mon Aug 19 2019 Miro Hrončok - 1-3 - Rebuilt for Python 3.8 * Mon Jul 29 2019 Martin Sehnoutka - 1-2 - update upstream URL to the new Github organization * Wed Jul 17 2019 Martin Sehnoutka - 1-1 - Initial package