%global forgeurl https://github.com/osbuild/osbuild
%global selinuxtype targeted
Version: 45
%forgemeta
%global pypi_name osbuild
%global pkgdir %{_prefix}/lib/%{pypi_name}
Name: %{pypi_name}
Release: 1%{?dist}
License: ASL 2.0
URL: %{forgeurl}
Source0: %{forgesource}
BuildArch: noarch
Summary: A build system for OS images
BuildRequires: make
BuildRequires: python3-devel
BuildRequires: python3-docutils
BuildRequires: systemd
Requires: bash
Requires: bubblewrap
Requires: coreutils
Requires: curl
Requires: dnf
Requires: e2fsprogs
Requires: glibc
Requires: policycoreutils
Requires: qemu-img
Requires: systemd
Requires: tar
Requires: util-linux
Requires: python3-%{pypi_name} = %{version}-%{release}
Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
# Turn off dependency generators for runners. The reason is that runners are
# tailored to the platform, e.g. on RHEL they are using platform-python. We
# don't want to pick up those dependencies on other platform.
%global __requires_exclude_from ^%{pkgdir}/(runners)/.*$
# Turn off shebang mangling on RHEL. brp-mangle-shebangs (from package
# redhat-rpm-config) is run on all executables in a package after the `install`
# section runs. The below macro turns this behavior off for:
# - runners, because they already have the correct shebang for the platform
# they're meant for, and
# - stages and assemblers, because they are run within osbuild build roots,
# which are not required to contain the same OS as the host and might thus
# have a different notion of "platform-python".
# RHEL NB: Since assemblers and stages are not excluded from the dependency
# generator, this also means that an additional dependency on /usr/bin/python3
# will be added. This is intended and needed, so that in the host build root
# /usr/bin/python3 is present so stages and assemblers can be run.
%global __brp_mangle_shebangs_exclude_from ^%{pkgdir}/(assemblers|runners|stages)/.*$
%{?python_enable_dependency_generator}
%description
A build system for OS images
%package -n python3-%{pypi_name}
Summary: %{summary}
%{?python_provide:%python_provide python3-%{pypi_name}}
%description -n python3-%{pypi_name}
A build system for OS images
%package lvm2
Summary: LVM2 support
Requires: %{name} = %{version}-%{release}
Requires: lvm2
%description lvm2
Contains the necessary stages and device host
services to build LVM2 based images.
%package luks2
Summary: LUKS2 support
Requires: %{name} = %{version}-%{release}
Requires: cryptsetup
%description luks2
Contains the necessary stages and device host
services to build LUKS2 encrypted images.
%package ostree
Summary: OSTree support
Requires: %{name} = %{version}-%{release}
Requires: ostree
Requires: rpm-ostree
%description ostree
Contains the necessary stages, assembler and source
to build OSTree based images.
%package selinux
Summary: SELinux policies
Requires: %{name} = %{version}-%{release}
BuildRequires: selinux-policy
BuildRequires: selinux-policy-devel
%{?selinux_requires}
%description selinux
Contains the necessary SELinux policies that allows
osbuild to use labels unknown to the host inside the
containers it uses to build OS artifacts.
%package tools
Summary: Extra tools and utilities
Requires: %{name} = %{version}-%{release}
Requires: python3-pyyaml
%description tools
Contains additional tools and utilities for development of
manifests and osbuild.
%prep
%forgesetup
%build
%py3_build
make man
# SELinux
make -f /usr/share/selinux/devel/Makefile osbuild.pp
bzip2 -9 osbuild.pp
%pre
%selinux_relabel_pre -s %{selinuxtype}
%install
%py3_install
mkdir -p %{buildroot}%{pkgdir}/stages
install -p -m 0755 $(find stages -type f) %{buildroot}%{pkgdir}/stages/
mkdir -p %{buildroot}%{pkgdir}/assemblers
install -p -m 0755 $(find assemblers -type f) %{buildroot}%{pkgdir}/assemblers/
mkdir -p %{buildroot}%{pkgdir}/runners
install -p -m 0755 $(find runners -type f -or -type l) %{buildroot}%{pkgdir}/runners
mkdir -p %{buildroot}%{pkgdir}/sources
install -p -m 0755 $(find sources -type f) %{buildroot}%{pkgdir}/sources
mkdir -p %{buildroot}%{pkgdir}/devices
install -p -m 0755 $(find devices -type f) %{buildroot}%{pkgdir}/devices
mkdir -p %{buildroot}%{pkgdir}/inputs
install -p -m 0755 $(find inputs -type f) %{buildroot}%{pkgdir}/inputs
mkdir -p %{buildroot}%{pkgdir}/mounts
install -p -m 0755 $(find mounts -type f) %{buildroot}%{pkgdir}/mounts
# mount point for bind mounting the osbuild library
mkdir -p %{buildroot}%{pkgdir}/osbuild
# schemata
mkdir -p %{buildroot}%{_datadir}/osbuild/schemas
install -p -m 0644 $(find schemas/*.json) %{buildroot}%{_datadir}/osbuild/schemas
ln -s %{_datadir}/osbuild/schemas %{buildroot}%{pkgdir}/schemas
# documentation
mkdir -p %{buildroot}%{_mandir}/man1
mkdir -p %{buildroot}%{_mandir}/man5
install -p -m 0644 -t %{buildroot}%{_mandir}/man1/ docs/*.1
install -p -m 0644 -t %{buildroot}%{_mandir}/man5/ docs/*.5
# SELinux
install -D -m 0644 -t %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype} %{name}.pp.bz2
install -D -m 0644 -t %{buildroot}%{_mandir}/man8 selinux/%{name}_selinux.8
# Udev rules
mkdir -p %{buildroot}%{_udevrulesdir}
install -p -m 0755 data/10-osbuild-inhibitor.rules %{buildroot}%{_udevrulesdir}
%check
exit 0
# We have some integration tests, but those require running a VM, so that would
# be an overkill for RPM check script.
%files
%license LICENSE
%{_bindir}/osbuild
%{_mandir}/man1/%{name}.1*
%{_mandir}/man5/%{name}-manifest.5*
%{_datadir}/osbuild/schemas
%{pkgdir}
%{_udevrulesdir}/*.rules
# the following files are in the lvm2 sub-package
%exclude %{pkgdir}/devices/org.osbuild.lvm2*
%exclude %{pkgdir}/stages/org.osbuild.lvm2*
# the following files are in the luks2 sub-package
%exclude %{pkgdir}/devices/org.osbuild.luks2*
%exclude %{pkgdir}/stages/org.osbuild.crypttab
%exclude %{pkgdir}/stages/org.osbuild.luks2*
# the following files are in the ostree sub-package
%exclude %{pkgdir}/assemblers/org.osbuild.ostree*
%exclude %{pkgdir}/inputs/org.osbuild.ostree*
%exclude %{pkgdir}/sources/org.osbuild.ostree*
%exclude %{pkgdir}/stages/org.osbuild.ostree*
%exclude %{pkgdir}/stages/org.osbuild.rpm-ostree
%files -n python3-%{pypi_name}
%license LICENSE
%doc README.md
%{python3_sitelib}/%{pypi_name}-*.egg-info/
%{python3_sitelib}/%{pypi_name}/
%files lvm2
%{pkgdir}/devices/org.osbuild.lvm2*
%{pkgdir}/stages/org.osbuild.lvm2*
%files luks2
%{pkgdir}/devices/org.osbuild.luks2*
%{pkgdir}/stages/org.osbuild.crypttab
%{pkgdir}/stages/org.osbuild.luks2*
%files ostree
%{pkgdir}/assemblers/org.osbuild.ostree*
%{pkgdir}/inputs/org.osbuild.ostree*
%{pkgdir}/sources/org.osbuild.ostree*
%{pkgdir}/stages/org.osbuild.ostree*
%{pkgdir}/stages/org.osbuild.rpm-ostree
%files selinux
%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
%{_mandir}/man8/%{name}_selinux.8.*
%ghost %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}
%post selinux
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
%postun selinux
if [ $1 -eq 0 ]; then
%selinux_modules_uninstall -s %{selinuxtype} %{name}
fi
%posttrans selinux
%selinux_relabel_post -s %{selinuxtype}
%files tools
%{_bindir}/osbuild-mpp
%changelog
* Fri Jan 07 2022 Packit Service <user-cont-team+packit-service@redhat.com> - 45-1
NGES WITH 45:
----------------
* `stages/grub2`: ability to not write kernel cmdline (#939)
* Arch legacy grub compatibility (#941)
* org.osbuild.kickstart adjustments (#943)
* Fix typo in tar stage schema option enum (#940)
* Add mkinitcpio stage (#937)
* stages: allow using sysconfig stage multiple times. (#938)
* objectstore: don't store objects by their treesum (#861)
Contributions from: Christian Kellner, Jelle van der Waa, Ondřej Budai, Tom Gundersen, Tomáš Hozza, Simon Steinbeiss
— Drásov (Brno-venkov), 2022-01-07
* Thu Dec 16 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 44-1
CHANGES WITH 44:
----------------
* LUKS (v2) support (#879)
* osbuild-mpp: Add support for a pacman resolver (#911)
* `stages/dnf-automatic`: add new stage for configuring DNF Automatic (#936)
* `stages/yum.repos`: add new stage for creating YUM / DNF repo files (#932)
* `stages/users`: explicitly create a home directory (#929)
* `stages/dnf`: edit /etc/dnf/dnf.conf (#928)
* `stages/sshd`: support PermitRootLogin option (#917)
* build root: isolate container environment from the host and set `CONTAINER` (#926)
* Small fix for `mounts/ostree.deployment` and an order check for `depsolve` (#915)
* Added poll() with a time out of 10 minutes for building images (#888, #918)
* Apply autopep8 to osbuild-mpp and resolve Constructor is undefined (#914)
* Support for on demand pipeline building (#855)
* util/rmrf: handle broken symlinks (#913)
Contributions from: Aaron Hetherington, Achilleas Koutsou, Christian Kellner, Jelle van der Waa,
Ondřej Budai, Sanne Raymaekers, Simon Steinbeiss, Tomas Hozza
— Vöcklabruck, 2021-12-16
* Wed Dec 01 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 43-1
CHANGES WITH 43:
----------------
* Buildroot: mask `/proc/cmdline` (#895)
* stages/grub2.inst: Make grub-mkimage binary configurable (#905)
* tests: enable testing on aarch64 RHEL (#844)
* gitignore: Ignore generated man pages (#903)
* stages/ostree.fillvar: fill the correct var (#904)
* osbuild-mpp: Allow importing multiple pipelines from a manifest (#900)
* ci: switch to rhel-9 runners (#901)
* spec: require python3-pyyaml for osbuild-tools (#899)
* osbuild-mpp: Support loading yaml as well as json files (#893)
* CI: update the osbuild-ci container (#896)
* osbuild: Add org.osbuild.gunzip stage (#886)
* osbuild-mpp: Report the path of the json file when parsing fails (#890)
* packit: enable copr builds for CS9 on main (#894)
* tools/osbuild-mpp: add ability to embed files (#859)
* osbuild-mpp: Add mpp-if feature (#885)
Contributions from: Alexander Larsson, Christian Kellner, Jakub Rusz, Jelle van der Waa, Ondřej Budai, kingsleyzissou
— Berlin, 2021-12-01
* Thu Nov 18 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 42-1
CHANGES WITH 42:
----------------
* packit: enable copr build for CS9 (#887)
* test/lvm2: use LoopControl.loop_for_fd (#884)
* packit: Use upstream github release description (#880)
Contributions from: Christian Kellner, Ondřej Budai, Simon Steinbeiss
— Cork, 2021-11-17
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEErKmAeFdguKfr5RbZC04GHB6SbNcFAmGU3x8ACgkQC04GHB6S
bNcXqBAAxWLL5kFhhrbboXShLmgdVbryYv8muxsyF0YFdE8qHdJmwDZkURoUH2Mh
RzWDl4Lq1FKoGJZ6WP3S0/Mj/8cpHhhXSnUzcGZamz6hJrsoyeUfYRQrB67/Mkm5
HEWWMxYBA1qvf+tfzVAr4BjlUfmDAHqjbRu5loHqANJSKNCmcg2jrHnvV5VrjBQf
t1NCQOm960kik5gjFfAemsmEYlkPN8MtD/VxxUJC2dKCDkY7tQBITB+40fB0lDdF
EIODFooKE0b2rXumEJUr95V6vGmmEOyFOcsOajls58pJSbak01g2I6J6WpSb9EiS
RZbhNYhh59BKNrsbfpO8JAYrqVy+OyPZxTwdpIUYbP4KndNbGe/QH5L/Vbdt1Dv9
HokDnTGD2jLrHyK1HP+NkjHmGy+s5XCiFwtFPbZeI7RIgxugIkJjM985u9vi0Ufd
uzbI0DP302DRiafXgR9CX/YXkEWjHpu8RSeoFsbTj6KzSAZtacK7gXWcSF5TUMlZ
kGVGy/b9xz5Ily2SOI07FBNMCHH705BRXsZGuugPlmslACTEVUh377DpvYcgBHVx
oclxqFXW17xwcxCrC6JBcXM9h2h59KJ60BSGnVHpg2bdqZat01we1p2rbcN6Dn2H
45KWO7O678oRBnIpt4lsnY/Avs7DZ83HfX4ctNfcgdwRDISFyts=
=jsoz
-----END PGP SIGNATURE-----
* Wed Nov 17 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 42-1
CHANGES WITH 42:
----------------
* packit: enable copr build for CS9 (#887)
* test/lvm2: use LoopControl.loop_for_fd (#884)
* packit: Use upstream github release description (#880)
Contributions from: Christian Kellner, Ondřej Budai, Simon Steinbeiss
— Cork, 2021-11-17
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEErKmAeFdguKfr5RbZC04GHB6SbNcFAmGU3x8ACgkQC04GHB6S
bNcXqBAAxWLL5kFhhrbboXShLmgdVbryYv8muxsyF0YFdE8qHdJmwDZkURoUH2Mh
RzWDl4Lq1FKoGJZ6WP3S0/Mj/8cpHhhXSnUzcGZamz6hJrsoyeUfYRQrB67/Mkm5
HEWWMxYBA1qvf+tfzVAr4BjlUfmDAHqjbRu5loHqANJSKNCmcg2jrHnvV5VrjBQf
t1NCQOm960kik5gjFfAemsmEYlkPN8MtD/VxxUJC2dKCDkY7tQBITB+40fB0lDdF
EIODFooKE0b2rXumEJUr95V6vGmmEOyFOcsOajls58pJSbak01g2I6J6WpSb9EiS
RZbhNYhh59BKNrsbfpO8JAYrqVy+OyPZxTwdpIUYbP4KndNbGe/QH5L/Vbdt1Dv9
HokDnTGD2jLrHyK1HP+NkjHmGy+s5XCiFwtFPbZeI7RIgxugIkJjM985u9vi0Ufd
uzbI0DP302DRiafXgR9CX/YXkEWjHpu8RSeoFsbTj6KzSAZtacK7gXWcSF5TUMlZ
kGVGy/b9xz5Ily2SOI07FBNMCHH705BRXsZGuugPlmslACTEVUh377DpvYcgBHVx
oclxqFXW17xwcxCrC6JBcXM9h2h59KJ60BSGnVHpg2bdqZat01we1p2rbcN6Dn2H
45KWO7O678oRBnIpt4lsnY/Avs7DZ83HfX4ctNfcgdwRDISFyts=
=jsoz
-----END PGP SIGNATURE-----
* Mon Nov 08 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 41-1
- stages/authconfig: run authconfig (Tom Gundersen)
- stages/yum.config: add an option to configure langpacks plugin (Ondřej Budai)
- formats/v2: fix describe for mount without source (Christian Kellner)
- stages/selinux: ability to force an auto-relabel (Christian Kellner)
- stages/pwquality.conf: set pwquality configuration (Tom Gundersen)
- stages/rhsm: add support to configure yum plugins (Christian Kellner)
- stages/rhsm: extract plugins defintion (Christian Kellner)
- Add new `org.osbuild.yum.config` stage (Tomas Hozza)
- test/cloud-init: add new options to stage test (Achilleas Koutsou)
- stages/cloud-init: disable default_flow_style when writing configs (Achilleas Koutsou)
- stages/cloud-init: add support for configuring output logging (Achilleas Koutsou)
- stages/cloud-init: add support for configuring reporting handlers (Achilleas Koutsou)
- stages/cloud-init: add support for configuring Azure datasource (Achilleas Koutsou)
- stages: add new org.osbuild.cron.script stage (Christian Kellner)
- stages/grub2: add support for terminal, serial and timeout config (Ondřej Budai)
- stages/waagent.conf: set WALinuxAgent configuration (Tom Gundersen)
- stages/sshd.config: set sshd configuration (Tom Gundersen)
- Support 'install' command in org.osbuild.modprobe stage (Tomas Hozza)
- Post release version bump (msehnout)
* Wed Nov 03 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 40-1
- stages/lvm2.create: fix 'size' and add 'extents' (Christian Kellner)
- Let schutzbot do the post-release version bump (Simon Steinbeiss)
- test/data: use ostree.deployment in fedora image (Christian Kellner)
- mounts: add new ostree.deployment service (Christian Kellner)
- mounts: include tree directory in arguments (Christian Kellner)
- mounts: allow empty returns from service (Christian Kellner)
- mounts: separate file system mount service (Christian Kellner)
- meta: allow mounts for all stages (Christian Kellner)
- schema/v2: make mount source and target optional (Christian Kellner)
- mounts: change schema meta information (Christian Kellner)
- mounts: introduce new mount manager class (Christian Kellner)
- devices: add device path helper functions (Christian Kellner)
- devices: introduce new device manager class (Christian Kellner)
- test/data: add RHEL 7 manifests (Christian Kellner)
- test/stages: add check for `parted` stage (Christian Kellner)
- runners: add rhel7 runner (Christian Kellner)
- stages/grub2.legacy: new stage for non-bls config (Christian Kellner)
- stages/parted: new stage to partition a device (Christian Kellner)
- pipeline: don't bind-mount /boot from the host (Christian Kellner)
- buildroot: make mounting /boot optional (Christian Kellner)
- setup.cfg: increase max-statements to 75 (Christian Kellner)
- runners: add new centos9 runner (Christian Kellner)
- ci: remove 8.5 nightly testing (Ondřej Budai)
- mpp: fix long options (Christian Kellner)
- osbuild-mpp: Set the "arch" variable to the current rpm arch (Alexander Larsson)
- osbuild-mpp: Better handling of variable defaults and propagation (Alexander Larsson)
- osbuild-mpp: Better handling of -D overrides (Alexander Larsson)
- osbuild-mpp: Allow using formating in depsolver node (Alexander Larsson)
- osbuild-mpp: Add mpp-join (Alexander Larsson)
- osbuild-mpp: Add mpp-eval (Alexander Larsson)
- Fix GitHub Action tag pattern (Simon Steinbeiss)
- mockbuild: reuse mock repos from the system ones (Ondřej Budai)
- mockbuild: rotate a variable name (Ondřej Budai)
- gitlab: don't save journal (Ondřej Budai)
- deploy: update to the latest composer commit (Ondřej Budai)
- ci: don't register the runners (Ondřej Budai)
- trigger-gitlab: do not interpret the fetch_pulls outputs (Ondřej Budai)
- Bump version numbers ahead of release (Simon Steinbeiss)
- Switch to simple upstream releases (Simon Steinbeiss)
- stages/grub2.inst: ensure /var/tmp exists (Christian Kellner)
- devices/loopback: remove extra "'" from print (Christian Kellner)
- tests/ci: Switch to testing on 8.4 GA (Jakub Rusz)
- tests: enable testing on RHEl-8.5 and RHEL-9.0 (Jakub Rusz)
- .github: Write PR data to a file first in trigger-gitlab (Sanne Raymaekers)
- README: Add a link to our developer guide (Simon Steinbeiss)
* Wed Oct 06 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 39-1
- 39 (Thomas Lavocat)
- packit: enable builds on ppc64le (Tomas Hozza)
- CI: rename rhel-8.5 runners to rhel-8.5-nightly (Achilleas Koutsou)
- mockbuild: add RHEL 8.6 (Achilleas Koutsou)
- docs: document osbuild and selinux integration (Christian Kellner)
- ci: trigger gitlab from checks not tests (Christian Kellner)
- ci: split out checks from tests (Christian Kellner)
- .github: Get PR number from sha (Sanne Raymaekers)
- .github: Use the workflow_run event data in trigger-gitlab (Sanne Raymaekers)
- ci: trigger gitlab ci via workflow run event (Christian Kellner)
* Mon Sep 27 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 38-1
- 38 (Simon Steinbeiss)
- Copy the local_vars dictionary to avoid eval modifying it (Pierre-Yves Chibon)
- Add support for defining variables from other variables or basic expression (Pierre-Yves Chibon)
- test/host: checks for invalid fd handling (Christian Kellner)
- host: check reply_fds before sending them (Christian Kellner)
- host: raise a protocol error for empty messages (Christian Kellner)
- sources: pass items via temporary file (Christian Kellner)
- test/host: add check for call with fds (Christian Kellner)
- host: properly clean up passed fds (Christian Kellner)
- stages/qemu: fix 'compat' option (Christian Kellner)
* Wed Sep 22 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 37-1
- 37 (Martin Sehnoutka)
- sources: port to host services (Christian Kellner)
- org.osbuild.curl: Don't load secrets if not needed (Alexander Larsson)
- pipeline: split out downloading from building (Christian Kellner)
- Fix the assert as `.sort()` returns None (Pierre-Yves Chibon)
- schutzbot: Update terraform sha (Sanne Raymaekers)
- packit: Propose PRs to all Fedoras (Simon Steinbeiss)
- stages: pam_limits.conf → pam.limits.conf (Christian Kellner)
- Add a new stage for configuring `pam_limits` module (Tomas Hozza)
- ostree.config: add `bootloader` config option (Christian Kellner)
- Add a new stage for setting kernel parameters via sysctl.d (Tomas Hozza)
* Wed Sep 08 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 36-1
- 36 (Diaa Sami)
- Add a new stage `org.osbuild.tmpfilesd` for configuring tmpfiles.d (Tomas Hozza)
- Add a new stage for configuring SELinux state on the system (Tomas Hozza)
- Add a new `org.osbuild.dnf.config` stage for configuring DNF (Tomas Hozza)
- Add new `org.osbuild.tuned` stage for setting active TuneD profile (Tomas Hozza)
- util/rhsm: Check if repositories is None before iterating (Sanne Raymaekers)
- stages/kickstart: set passwords with --iscrypted (Achilleas Koutsou)
* Sun Aug 29 2021 Packit Service <user-cont-team+packit-service@redhat.com> - 35-1
- 35 (Tom Gundersen)
- stages/kickstart: quote ssh-key (Christian Kellner)
* Mon Aug 19 2019 Miro Hrončok <mhroncok@redhat.com> - 1-3
- Rebuilt for Python 3.8
* Mon Jul 29 2019 Martin Sehnoutka <msehnout@redhat.com> - 1-2
- update upstream URL to the new Github organization
* Wed Jul 17 2019 Martin Sehnoutka <msehnout@redhat.com> - 1-1
- Initial package