deps: upgrade to Fedora 38 (#1909)

* image: upgrade mkosi distro version to Fedora 38
* image: remove downgrade of GCP kernel
* ci: upgrade expected measurements for Fedora 38
* deps: upgrade bazeldnf packages to Fedora 38
* deps: upgrade container images to Fedora 38
This commit is contained in:
Malte Poll 2023-06-15 16:50:35 +02:00 committed by GitHub
parent 4d6d2b1fa2
commit 264b2df902
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 2407 additions and 2865 deletions

View File

@ -334,7 +334,7 @@ jobs:
- name: Collect hashes - name: Collect hashes
id: collect-hashes id: collect-hashes
working-directory: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37 working-directory: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38
run: | run: |
{ {
echo "image-raw-${{ matrix.csp }}-${{ matrix.attestation_variant }}-sha256=$(sha256sum image.raw | head -c 64)" echo "image-raw-${{ matrix.csp }}-${{ matrix.attestation_variant }}-sha256=$(sha256sum image.raw | head -c 64)"
@ -351,27 +351,27 @@ jobs:
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with: with:
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }} name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.raw path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.raw
- name: Upload individual OS parts as artifacts - name: Upload individual OS parts as artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with: with:
name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }} name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }}
path: | path: |
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.cmdline ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.cmdline
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.efi ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.efi
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.esp.raw ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.esp.raw
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.root-x86-64.raw ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.root-x86-64.raw
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.root-x86-64-verity.raw ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.root-x86-64-verity.raw
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.vmlinuz ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.vmlinuz
- name: Upload manifest as artifact - name: Upload manifest as artifact
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with: with:
name: manifest-${{ matrix.csp }}-${{ matrix.attestation_variant }} name: manifest-${{ matrix.csp }}-${{ matrix.attestation_variant }}
path: | path: |
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.changelog ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.changelog
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.manifest ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.manifest
upload-os-image: upload-os-image:
name: "Upload OS image to CSP" name: "Upload OS image to CSP"
@ -399,10 +399,10 @@ jobs:
- csp: openstack - csp: openstack
attestation_variant: qemu-vtpm attestation_variant: qemu-vtpm
env: env:
RAW_IMAGE_PATH: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.raw RAW_IMAGE_PATH: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.raw
JSON_OUTPUT: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image-upload.json JSON_OUTPUT: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image-upload.json
AZURE_IMAGE_PATH: mkosi.output.azure_${{ matrix.attestation_variant }}/fedora~37/image.vhd AZURE_IMAGE_PATH: mkosi.output.azure_${{ matrix.attestation_variant }}/fedora~38/image.vhd
GCP_IMAGE_PATH: mkosi.output.gcp_${{ matrix.attestation_variant }}/fedora~37/image.tar.gz GCP_IMAGE_PATH: mkosi.output.gcp_${{ matrix.attestation_variant }}/fedora~38/image.tar.gz
SHORTNAME: ${{ needs.build-settings.outputs.imageNameShort }} SHORTNAME: ${{ needs.build-settings.outputs.imageNameShort }}
ATTESTATION_VARIANT: ${{ matrix.attestation_variant }} ATTESTATION_VARIANT: ${{ matrix.attestation_variant }}
steps: steps:
@ -415,7 +415,7 @@ jobs:
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }} name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37 path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38
- name: Install tools - name: Install tools
shell: bash shell: bash
@ -655,7 +655,7 @@ jobs:
.measurements.6.warnOnly = true | .measurements.6.warnOnly = true |
.measurements.6.expected = "3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969" | .measurements.6.expected = "3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969" |
.measurements.7.warnOnly = true | .measurements.7.warnOnly = true |
.measurements.7.expected = "b1e9b305325c51b93da58cbf7f92512d8eebfa01143e4d8844e40e062e9b6cd5" | .measurements.7.expected = "a1d193dbfc3da1a5e93fe7b1384427fb78feeffcb06675a0cf840ec99406f237" |
.measurements.8.warnOnly = false | .measurements.8.warnOnly = false |
.measurements.9.warnOnly = false | .measurements.9.warnOnly = false |
.measurements.11.warnOnly = false | .measurements.11.warnOnly = false |

View File

@ -1,5 +1,5 @@
# syntax=docker/dockerfile:1.5-labs # syntax=docker/dockerfile:1.5-labs
FROM fedora:37 FROM fedora:38
ARG TARGETOS ARG TARGETOS
ARG TARGETARCH ARG TARGETARCH
@ -12,20 +12,20 @@ ADD --checksum=sha256:${BAZELISK_SHA256} \
/usr/local/bin/bazelisk /usr/local/bin/bazelisk
RUN chmod +x /usr/local/bin/bazelisk && \ RUN chmod +x /usr/local/bin/bazelisk && \
ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \ ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \
dnf install -y \ dnf install -y \
git \ git \
diffutils \ diffutils \
libxcrypt-compat \ libxcrypt-compat \
python3 \ python3 \
&& \ && \
dnf clean all && \ dnf clean all && \
groupadd --gid 1000 builder && \ groupadd --gid 1000 builder && \
useradd -rm -d /home/builder -s /bin/bash -g root -u 1000 --gid builder builder && \ useradd -rm -d /home/builder -s /bin/bash -g root -u 1000 --gid builder builder && \
mkdir -p /home/builder/.cache && \ mkdir -p /home/builder/.cache && \
mkdir -p /workspace && \ mkdir -p /workspace && \
chown -R builder:builder /home/builder/.cache /workspace && \ chown -R builder:builder /home/builder/.cache /workspace && \
git config --global --add safe.directory /workspace git config --global --add safe.directory /workspace
USER builder USER builder
WORKDIR /workspace WORKDIR /workspace

View File

@ -1,4 +1,4 @@
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS release FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS release
RUN dnf install -y https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.6.2-x86_64.rpm RUN dnf install -y https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.6.2-x86_64.rpm

View File

@ -1,11 +1,11 @@
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS build FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS build
ARG LOGSTASH_VER=8.6.1 ARG LOGSTASH_VER=8.6.1
RUN curl -fsSLO https://artifacts.opensearch.org/logstash/logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz RUN curl -fsSLO https://artifacts.opensearch.org/logstash/logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
RUN tar -zxvf logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz RUN tar -zxvf logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS release FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS release
COPY --from=build logstash-* /usr/share/logstash COPY --from=build logstash-* /usr/share/logstash

View File

@ -27,11 +27,10 @@ AZURE_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-
GCP_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-200.fc37.x86_64.rpm kernel-modules-6.1.18-200.fc37.x86_64.rpm GCP_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-200.fc37.x86_64.rpm kernel-modules-6.1.18-200.fc37.x86_64.rpm
PREBUILD_RPMS_SYSTEMD := $(addprefix prebuilt/rpms/systemd/,$(SYSTEMD_FIXED_RPMS)) PREBUILD_RPMS_SYSTEMD := $(addprefix prebuilt/rpms/systemd/,$(SYSTEMD_FIXED_RPMS))
PREBUILT_RPMS_AZURE := $(addprefix prebuilt/rpms/azure/,$(AZURE_FIXED_KERNEL_RPMS)) PREBUILT_RPMS_AZURE := $(addprefix prebuilt/rpms/azure/,$(AZURE_FIXED_KERNEL_RPMS))
PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/gcp/,$(GCP_FIXED_KERNEL_RPMS))
.PHONY: all clean inject-bins $(csps) $(variants) .PHONY: all clean inject-bins $(csps) $(variants)
.NOTPARALLEL: mkosi.output.%/fedora~37/image.raw clean-% .NOTPARALLEL: mkosi.output.%/fedora~38/image.raw clean-%
all: $(csps) all: $(csps)
@ -41,27 +40,19 @@ gcp: gcp_gcp-sev-es gcp_gcp-sev-snp
openstack: openstack_qemu-vtpm openstack: openstack_qemu-vtpm
qemu: qemu_qemu-vtpm qemu: qemu_qemu-vtpm
$(variants): %: mkosi.output.%/fedora~37/image.raw $(variants): %: mkosi.output.%/fedora~38/image.raw
prebuilt/rpms/systemd/%.rpm: prebuilt/rpms/systemd/%.rpm:
@echo "Downloading $*" @echo "Downloading $*"
@mkdir -p $(@D) @mkdir -p $(@D)
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/systemd/251.11/2.fc37/x86_64/$*.rpm @curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/systemd/251.11/2.fc37/x86_64/$*.rpm
# Currently, Azure and GCP use the same fixed kernels.
# They will likely derive soon again, but for now we can just copy the file from Azure to save traffic.
prebuilt/rpms/gcp/%.rpm: prebuilt/rpms/azure/%.rpm
@echo "Downloading $*"
@mkdir -p $(@D)
# @curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm
cp prebuilt/rpms/azure/$*.rpm prebuilt/rpms/gcp/$*.rpm
prebuilt/rpms/azure/%.rpm: prebuilt/rpms/azure/%.rpm:
@echo "Downloading $*" @echo "Downloading $*"
@mkdir -p $(@D) @mkdir -p $(@D)
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm @curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm
mkosi.output.%/fedora~37/image.raw: inject-bins inject-certs mkosi.output.%/fedora~38/image.raw: inject-bins inject-certs
rm -rf .csp/ rm -rf .csp/
mkdir -p .csp/ mkdir -p .csp/
$(eval csp := $(firstword $(subst _, ,$*))) $(eval csp := $(firstword $(subst _, ,$*)))
@ -85,7 +76,7 @@ mkosi.output.%/fedora~37/image.raw: inject-bins inject-certs
rm -rf .csp/ rm -rf .csp/
@echo "Image is ready: $@" @echo "Image is ready: $@"
inject-bins: $(PREBUILD_RPMS_SYSTEMD) $(PREBUILT_RPMS_AZURE) $(PREBUILT_RPMS_GCP) inject-bins: $(PREBUILD_RPMS_SYSTEMD) $(PREBUILT_RPMS_AZURE)
mkdir -p $(MKOSI_EXTRA)/usr/bin mkdir -p $(MKOSI_EXTRA)/usr/bin
mkdir -p $(MKOSI_EXTRA)/usr/sbin mkdir -p $(MKOSI_EXTRA)/usr/sbin
cp $(UPGRADE_AGENT_BINARY) $(MKOSI_EXTRA)/usr/bin/upgrade-agent cp $(UPGRADE_AGENT_BINARY) $(MKOSI_EXTRA)/usr/bin/upgrade-agent

View File

@ -113,7 +113,7 @@ After that, you can build the image with:
sudo make EXTRA_SEARCH_PATHS="${SYSTEMD_BIN}" -j $(nproc) sudo make EXTRA_SEARCH_PATHS="${SYSTEMD_BIN}" -j $(nproc)
``` ```
Raw images will be placed in `mkosi.output.<CSP>/fedora~37/image.raw`. Raw images will be placed in `mkosi.output.<CSP>/fedora~38/image.raw`.
## Prepare Secure Boot ## Prepare Secure Boot
@ -125,7 +125,7 @@ For QEMU and Azure, you can pre-generate the NVRAM variables for secure boot. Th
<summary><a id="qemu-secure-boot">libvirt / QEMU / KVM</a></summary> <summary><a id="qemu-secure-boot">libvirt / QEMU / KVM</a></summary>
```sh ```sh
secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~37/image.raw secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~38/image.raw
``` ```
</details> </details>
@ -147,10 +147,10 @@ export AZURE_REGION=northeurope
export AZURE_REPLICATION_REGIONS= export AZURE_REPLICATION_REGIONS=
export AZURE_DISK_NAME=constellation-$(date +%s) export AZURE_DISK_NAME=constellation-$(date +%s)
export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME} export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME}
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.vhd
export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~38/image-upload.json
export BLOBS_DIR=${PWD}/blobs export BLOBS_DIR=${PWD}/blobs
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}" upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" "" upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" ""
@ -191,7 +191,7 @@ Warning! Never set `--version` to a value that is already used for a release ima
```sh ```sh
# Warning! Never set `--version` to a value that is already used for a release image. # Warning! Never set `--version` to a value that is already used for a release image.
# Instead, use a `ref` that corresponds to your branch name. # Instead, use a `ref` that corresponds to your branch name.
bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~37/image.raw --variant "" --version ref/foo/stream/nightly/v2.7.0-pre-asdf bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~38/image.raw --variant "" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
``` ```
</details> </details>
@ -207,8 +207,8 @@ bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~37
- `pki_prod` is used for release images - `pki_prod` is used for release images
```sh ```sh
export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.raw export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~38/image.raw
export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.tar.gz export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~38/image.tar.gz
upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH} upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH}
# Warning! Never set `--version` to a value that is already used for a release image. # Warning! Never set `--version` to a value that is already used for a release image.
# Instead, use a `ref` that corresponds to your branch name. # Instead, use a `ref` that corresponds to your branch name.
@ -230,8 +230,8 @@ Note:
- Optional (if Secure Boot should be enabled) [Prepare virtual machine guest state (VMGS) with customized NVRAM or use existing VMGS blob](#azure-secure-boot) - Optional (if Secure Boot should be enabled) [Prepare virtual machine guest state (VMGS) with customized NVRAM or use existing VMGS blob](#azure-secure-boot)
```sh ```sh
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.raw
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.vhd
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}" upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
# Warning! Never set `--version` to a value that is already used for a release image. # Warning! Never set `--version` to a value that is already used for a release image.
# Instead, use a `ref` that corresponds to your branch name. # Instead, use a `ref` that corresponds to your branch name.
@ -254,7 +254,7 @@ Note:
```sh ```sh
# Warning! Never set `--version` to a value that is already used for a release image. # Warning! Never set `--version` to a value that is already used for a release image.
# Instead, use a `ref` that corresponds to your branch name. # Instead, use a `ref` that corresponds to your branch name.
bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.openstack/fedora~37/image.raw --variant "sev" --version ref/foo/stream/nightly/v2.7.0-pre-asdf bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.openstack/fedora~38/image.raw --variant "sev" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
``` ```
</details> </details>
@ -268,7 +268,7 @@ bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.opensta
```sh ```sh
# Warning! Never set `--version` to a value that is already used for a release image. # Warning! Never set `--version` to a value that is already used for a release image.
# Instead, use a `ref` that corresponds to your branch name. # Instead, use a `ref` that corresponds to your branch name.
bazel run //image/upload -- qemu --verbose --raw-image mkosi.output.qemu/fedora~37/image.raw --variant "default" --version ref/foo/stream/nightly/v2.7.0-pre-asdf bazel run //image/upload -- qemu --verbose --raw-image mkosi.output.qemu/fedora~38/image.raw --variant "default" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
``` ```
</details> </details>

View File

@ -1,6 +1,6 @@
[Distribution] [Distribution]
Distribution=fedora Distribution=fedora
Release=37 Release=38
[Output] [Output]
Format=disk Format=disk

View File

@ -3,6 +3,6 @@ PathExists=../.csp/gcp
# replace kernel # replace kernel
[Content] [Content]
Packages=prebuilt/rpms/gcp/kernel-6.1.18-200.fc37.x86_64.rpm Packages=kernel
prebuilt/rpms/gcp/kernel-core-6.1.18-200.fc37.x86_64.rpm kernel-core
prebuilt/rpms/gcp/kernel-modules-6.1.18-200.fc37.x86_64.rpm kernel-modules

File diff suppressed because it is too large Load Diff

View File

@ -1,7 +1,7 @@
repositories: repositories:
- arch: x86_64 - arch: x86_64
metalink: https://mirrors.fedoraproject.org/metalink?repo=fedora-37&arch=x86_64 metalink: https://mirrors.fedoraproject.org/metalink?repo=fedora-38&arch=x86_64
name: 37-x86_64-primary-repo name: 38-x86_64-primary-repo
- arch: x86_64 - arch: x86_64
metalink: https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64 metalink: https://mirrors.fedoraproject.org/metalink?repo=updates-released-f38&arch=x86_64
name: 37-x86_64-update-repo name: 38-x86_64-update-repo

File diff suppressed because it is too large Load Diff

View File

@ -2,6 +2,6 @@
rm -f rpm/repo.yaml rm -f rpm/repo.yaml
bazel run //:bazeldnf -- init \ bazel run //:bazeldnf -- init \
--fc 37 \ --fc 38 \
--arch x86_64 \ --arch x86_64 \
--output rpm/repo.yaml --output rpm/repo.yaml

View File

@ -7,28 +7,28 @@ bazel run //:bazeldnf -- fetch \
--repofile rpm/repo.yaml --repofile rpm/repo.yaml
bazel run //:bazeldnf -- rpmtree \ bazel run //:bazeldnf -- rpmtree \
--workspace WORKSPACE.bazel \ --workspace WORKSPACE.bazel \
--to_macro rpm/rpms.bzl%rpms \ --to-macro rpm/rpms.bzl%rpms \
--buildfile rpm/BUILD.bazel \ --buildfile rpm/BUILD.bazel \
--repofile rpm/repo.yaml \ --repofile rpm/repo.yaml \
--name cryptsetup-devel \ --name cryptsetup-devel \
cryptsetup-devel cryptsetup-devel
bazel run //:bazeldnf -- rpmtree \ bazel run //:bazeldnf -- rpmtree \
--workspace WORKSPACE.bazel \ --workspace WORKSPACE.bazel \
--to_macro rpm/rpms.bzl%rpms \ --to-macro rpm/rpms.bzl%rpms \
--buildfile rpm/BUILD.bazel \ --buildfile rpm/BUILD.bazel \
--repofile rpm/repo.yaml \ --repofile rpm/repo.yaml \
--name glibc \ --name glibc \
glibc glibc
bazel run //:bazeldnf -- rpmtree \ bazel run //:bazeldnf -- rpmtree \
--workspace WORKSPACE.bazel \ --workspace WORKSPACE.bazel \
--to_macro rpm/rpms.bzl%rpms \ --to-macro rpm/rpms.bzl%rpms \
--buildfile rpm/BUILD.bazel \ --buildfile rpm/BUILD.bazel \
--repofile rpm/repo.yaml \ --repofile rpm/repo.yaml \
--name libvirt-devel \ --name libvirt-devel \
libvirt-devel libvirt-devel
bazel run //:bazeldnf -- rpmtree \ bazel run //:bazeldnf -- rpmtree \
--workspace WORKSPACE.bazel \ --workspace WORKSPACE.bazel \
--to_macro rpm/rpms.bzl%rpms \ --to-macro rpm/rpms.bzl%rpms \
--buildfile rpm/BUILD.bazel \ --buildfile rpm/BUILD.bazel \
--repofile rpm/repo.yaml \ --repofile rpm/repo.yaml \
--name containerized-libvirt \ --name containerized-libvirt \
@ -42,7 +42,7 @@ bazel run //:bazeldnf -- rpmtree \
libvirt-client libvirt-client
bazel run //:bazeldnf -- prune \ bazel run //:bazeldnf -- prune \
--workspace WORKSPACE.bazel \ --workspace WORKSPACE.bazel \
--to_macro rpm/rpms.bzl%rpms \ --to-macro rpm/rpms.bzl%rpms \
--buildfile rpm/BUILD.bazel --buildfile rpm/BUILD.bazel
bazel run //rpm:ldd-cryptsetup bazel run //rpm:ldd-cryptsetup
bazel run //rpm:ldd-libvirt bazel run //rpm:ldd-libvirt