diff --git a/build.sh b/build.sh index e610d932c5..83ed9b1bc1 100755 --- a/build.sh +++ b/build.sh @@ -176,7 +176,8 @@ patch_osbuild() { mv /usr/bin/osbuild-mpp /usr/lib/osbuild/tools/ # Now all the software is under the /usr/lib/osbuild dir and we can patch - cat /usr/lib/coreos-assembler/0001-mounts-ostree.deployment-rework-unmounting.patch \ + cat /usr/lib/coreos-assembler/0001-stages-ostree.config-support-setting-sysroot.bootpre.patch \ + /usr/lib/coreos-assembler/0001-mounts-ostree.deployment-rework-unmounting.patch \ /usr/lib/coreos-assembler/0002-mounts-ostree.deployment-rename-var-root-deploy_root.patch \ /usr/lib/coreos-assembler/0003-mounts-ostree.deployment-use-target-instead-of-tree.patch \ /usr/lib/coreos-assembler/0004-mounts-ostree.deployment-support-deployments-on-moun.patch \ @@ -187,7 +188,6 @@ patch_osbuild() { /usr/lib/coreos-assembler/0004-fscache-add-eviction-log-statement.patch \ /usr/lib/coreos-assembler/0001-support-user-defined-partition-numbers-for-GPT-disks.patch \ /usr/lib/coreos-assembler/0002-stages-sgdisk-support-label-option.patch \ - /usr/lib/coreos-assembler/0001-stages-zipl.inst-improve-kernel-initrd-path-resoluti.patch \ /usr/lib/coreos-assembler/0002-stages-zipl.inst-support-appending-kernel-options.patch \ /usr/lib/coreos-assembler/0001-stages-copy-allow-copying-from-the-tree.patch \ /usr/lib/coreos-assembler/0001-stages-qemu-don-t-use-internal-compression-for-now.patch \ diff --git a/src/0001-stages-ostree.config-support-setting-sysroot.bootpre.patch b/src/0001-stages-ostree.config-support-setting-sysroot.bootpre.patch new file mode 100644 index 0000000000..e4e6483154 --- /dev/null +++ b/src/0001-stages-ostree.config-support-setting-sysroot.bootpre.patch @@ -0,0 +1,41 @@ +From 612d3abd2ba05072a27142d5197645b4049561ae Mon Sep 17 00:00:00 2001 +From: Dusty Mabe +Date: Mon, 5 Feb 2024 23:27:59 -0500 +Subject: [PATCH] stages(ostree.config): support setting sysroot.bootprefix + +See https://github.com/ostreedev/ostree/pull/2705 and also +https://github.com/osbuild/osbuild/issues/1566. +--- + stages/org.osbuild.ostree.config | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/stages/org.osbuild.ostree.config b/stages/org.osbuild.ostree.config +index 7d5bb71d..5a91a8ae 100755 +--- a/stages/org.osbuild.ostree.config ++++ b/stages/org.osbuild.ostree.config +@@ -39,6 +39,10 @@ SCHEMA = """ + "type": "string", + "enum": ["none", "auto", "grub2", "syslinux", "uboot", "zipl", "aboot"] + }, ++ "bootprefix": { ++ "description": "If set to true, the bootloader entries generated will include /boot as a prefix.", ++ "type": "boolean" ++ }, + "readonly": { + "description": "Read only sysroot and boot", + "type": "boolean" +@@ -63,6 +67,11 @@ def main(tree, options): + if bootloader: + ostree.cli("config", "set", "sysroot.bootloader", bootloader, repo=repo) + ++ bootprefix = sysroot_options.get("bootprefix") ++ if bootprefix is not None: # can be False, which we would want to set ++ bp = "true" if bootprefix else "false" ++ ostree.cli("config", "set", "sysroot.bootprefix", bp, repo=repo) ++ + readonly = sysroot_options.get("readonly") + if readonly is not None: # can be False, which we would want to set + ro = "true" if readonly else "false" +-- +2.43.0 + diff --git a/src/0001-stages-zipl.inst-improve-kernel-initrd-path-resoluti.patch b/src/0001-stages-zipl.inst-improve-kernel-initrd-path-resoluti.patch deleted file mode 100644 index ad802354b6..0000000000 --- a/src/0001-stages-zipl.inst-improve-kernel-initrd-path-resoluti.patch +++ /dev/null @@ -1,39 +0,0 @@ -From f3e725766e5fe0a646bb5555a329574dddcdd309 Mon Sep 17 00:00:00 2001 -From: Nikita Dubrovskii -Date: Tue, 30 Jan 2024 08:54:51 +0100 -Subject: [PATCH 1/2] stages(zipl.inst): improve kernel/initrd path resolution - -If /boot is a separate filesystem then the path inside the blscfg -won't have the rootfs prefix on it and we need to add it here. - -Co-authored-by: Dusty Mabe ---- - stages/org.osbuild.zipl.inst | 12 ++++++++++-- - 1 file changed, 10 insertions(+), 2 deletions(-) - -diff --git a/stages/org.osbuild.zipl.inst b/stages/org.osbuild.zipl.inst -index a9bea045..92dfd33e 100755 ---- a/stages/org.osbuild.zipl.inst -+++ b/stages/org.osbuild.zipl.inst -@@ -74,8 +74,16 @@ def find_kernel(root, kernel: str): - if version != kernel: - continue - -- linux = root + params["linux"] -- initrd = root + params["initrd"] -+ # Find the prefix that needs to be added to get the full path to -+ # the kernel/initrd. If /boot is a separate filesystem then the -+ # path inside the blscfg won't have that prefix on it and we need -+ # to add it here. -+ prefix = root -+ if os.path.ismount(os.path.join(root, "boot")): -+ prefix = os.path.join(root, "boot") -+ -+ linux = os.path.join(prefix, params["linux"].lstrip("/")) -+ initrd = os.path.join(prefix, params["initrd"].lstrip("/")) - options = params.get("options", "") - return linux, initrd, options - --- -2.43.0 - diff --git a/src/cmdlib.sh b/src/cmdlib.sh index 8d28610ef5..dc38c58488 100755 --- a/src/cmdlib.sh +++ b/src/cmdlib.sh @@ -197,16 +197,15 @@ prepare_build() { fetch_stamp="${workdir}"/cache/fetched-stamp # We also need the platform.yaml as JSON - platforms="${configdir}/platforms.yaml" - export platforms_json="${workdir}/tmp/platforms.json" - yaml2json "${platforms}" "${platforms_json}" + platforms_yaml="${configdir}/platforms.yaml" + platforms_json="${tmp_builddir}/platforms.json" + yaml2json "${platforms_yaml}" "${platforms_json}.all" # Copy platforms table if it's non-empty for this arch - if jq -e ".$basearch" < "$platforms_json" > /dev/null; then - jq ".$basearch" < "$platforms_json" > "${platforms_json}.${basearch}" - mv "${platforms_json}.${basearch}" "$platforms_json" + if jq -e ".$basearch" < "$platforms_json.all" > /dev/null; then + jq ".$basearch" < "$platforms_json.all" > "${platforms_json}" fi - export image_json="${workdir}/tmp/image.json" + export image_json="${tmp_builddir}/image.json" write_image_json "${image}" "${image_json}" # These need to be absolute paths right now for rpm-ostree composejson="$(readlink -f "${workdir}"/tmp/compose.json)" @@ -428,12 +427,15 @@ EOF fi # Store the fully rendered disk image config (image.json) - # and the platform (platforms.json) inside + # and the platform (platforms.json) if it exists inside # the ostree commit, so it can later be extracted by disk image # builds. local jsondir="${tmp_overridesdir}/jsons" mkdir -p "${jsondir}/usr/share/coreos-assembler/" - cp "${image_json}" "${platforms_json}" "${jsondir}/usr/share/coreos-assembler/" + cp "${image_json}" "${jsondir}/usr/share/coreos-assembler/" + if [ -f "${platforms_json}" ]; then + cp "${platforms_json}" "${jsondir}/usr/share/coreos-assembler/" + fi commit_overlay cosa-json "${jsondir}" layers="${layers} overlay/cosa-json" diff --git a/src/coreos.osbuild.aarch64.mpp.yaml b/src/coreos.osbuild.aarch64.mpp.yaml index 5abcb78e9d..29f7367034 100644 --- a/src/coreos.osbuild.aarch64.mpp.yaml +++ b/src/coreos.osbuild.aarch64.mpp.yaml @@ -106,17 +106,23 @@ pipelines: bootloader: none # https://github.com/coreos/fedora-coreos-tracker/issues/1333 bls-append-except-default: grub_users="" + # Opt-in to https://github.com/ostreedev/ostree/pull/2705 which will + # add /boot as the prefix on top of BLS config entries. This is OK + # because there is a symlink that is created in the root of the boot + # filesystem by OSTree (boot -> .) that makes it so that /boot paths + # will always work. + bootprefix: true - type: org.osbuild.mkdir options: paths: - path: /boot/efi - mode: 448 + mode: 493 # platforms.json will live here - type: org.osbuild.mkdir options: paths: - path: /boot/coreos - mode: 644 + mode: 493 - type: org.osbuild.ignition # Deploy via container if we have a container ociarchive, else from repo. - mpp-if: ociarchive != '' diff --git a/src/coreos.osbuild.ppc64le.mpp.yaml b/src/coreos.osbuild.ppc64le.mpp.yaml index aa8adb1c23..155c516c96 100644 --- a/src/coreos.osbuild.ppc64le.mpp.yaml +++ b/src/coreos.osbuild.ppc64le.mpp.yaml @@ -108,12 +108,18 @@ pipelines: bootloader: none # https://github.com/coreos/fedora-coreos-tracker/issues/1333 bls-append-except-default: grub_users="" + # Opt-in to https://github.com/ostreedev/ostree/pull/2705 which will + # add /boot as the prefix on top of BLS config entries. This is OK + # because there is a symlink that is created in the root of the boot + # filesystem by OSTree (boot -> .) that makes it so that /boot paths + # will always work. + bootprefix: true # platforms.json will live here - type: org.osbuild.mkdir options: paths: - path: /boot/coreos - mode: 644 + mode: 493 - type: org.osbuild.ignition # Deploy via container if we have a container ociarchive, else from repo. - mpp-if: ociarchive != '' diff --git a/src/coreos.osbuild.s390x.mpp.yaml b/src/coreos.osbuild.s390x.mpp.yaml index 7d7be5ff2f..09c0bb97fa 100644 --- a/src/coreos.osbuild.s390x.mpp.yaml +++ b/src/coreos.osbuild.s390x.mpp.yaml @@ -95,12 +95,12 @@ pipelines: bootloader: none ## no grub_users="" on s390x #bls-append-except-default: grub_users="" - # platforms.json will live here - - type: org.osbuild.mkdir - options: - paths: - - path: /boot/coreos - mode: 644 + # Opt-in to https://github.com/ostreedev/ostree/pull/2705 which will + # add /boot as the prefix on top of BLS config entries. This is OK + # because there is a symlink that is created in the root of the boot + # filesystem by OSTree (boot -> .) that makes it so that /boot paths + # will always work. + bootprefix: true - type: org.osbuild.ignition # Deploy via container if we have a container ociarchive, else from repo. - mpp-if: ociarchive != '' @@ -182,21 +182,6 @@ pipelines: ref: ostree/1/1/0 osname: mpp-format-string: '{osname}' - # Copy in the platforms.json that was baked into the OSTree into /boot - # so tools like coreos-installer can use the information. - - type: org.osbuild.copy - options: - paths: - - from: tree:///usr/share/coreos-assembler/platforms.json - to: tree:///boot/coreos/platforms.json - mounts: - - name: ostree.deployment - type: org.osbuild.ostree.deployment - options: - deployment: - ref: ostree/1/1/0 - osname: - mpp-format-string: '{osname}' - name: raw-image stages: - type: org.osbuild.truncate diff --git a/src/coreos.osbuild.x86_64.mpp.yaml b/src/coreos.osbuild.x86_64.mpp.yaml index edfc6e4e7c..3a3b55cf5d 100644 --- a/src/coreos.osbuild.x86_64.mpp.yaml +++ b/src/coreos.osbuild.x86_64.mpp.yaml @@ -108,17 +108,23 @@ pipelines: bootloader: none # https://github.com/coreos/fedora-coreos-tracker/issues/1333 bls-append-except-default: grub_users="" + # Opt-in to https://github.com/ostreedev/ostree/pull/2705 which will + # add /boot as the prefix on top of BLS config entries. This is OK + # because there is a symlink that is created in the root of the boot + # filesystem by OSTree (boot -> .) that makes it so that /boot paths + # will always work. + bootprefix: true - type: org.osbuild.mkdir options: paths: - path: /boot/efi - mode: 448 + mode: 493 # platforms.json will live here - type: org.osbuild.mkdir options: paths: - path: /boot/coreos - mode: 644 + mode: 493 - type: org.osbuild.ignition # Deploy via container if we have a container ociarchive, else from repo. - mpp-if: ociarchive != '' diff --git a/src/create_disk.sh b/src/create_disk.sh index c93006688f..1a5d00880f 100755 --- a/src/create_disk.sh +++ b/src/create_disk.sh @@ -316,6 +316,12 @@ ostree config --repo $rootfs/ostree/repo set sysroot.bootloader none # Opt-in to https://github.com/ostreedev/ostree/pull/1767 AKA # https://github.com/ostreedev/ostree/issues/1265 ostree config --repo $rootfs/ostree/repo set sysroot.readonly true +# Opt-in to https://github.com/ostreedev/ostree/pull/2705 which will +# add /boot as the prefix on top of BLS config entries. This is OK +# because there is a symlink that is created in the root of the boot +# filesystem by OSTree (boot -> .) that makes it so that /boot paths +# will always work. +ostree config --repo $rootfs/ostree/repo set sysroot.bootprefix true if test -n "${composefs}"; then ostree config --repo $rootfs/ostree/repo set ex-integrity.composefs true fi