mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 06:59:40 -05:00
deps: upgrade to Fedora 38 (#1909)
* image: upgrade mkosi distro version to Fedora 38 * image: remove downgrade of GCP kernel * ci: upgrade expected measurements for Fedora 38 * deps: upgrade bazeldnf packages to Fedora 38 * deps: upgrade container images to Fedora 38
This commit is contained in:
parent
4d6d2b1fa2
commit
264b2df902
32
.github/workflows/build-os-image.yml
vendored
32
.github/workflows/build-os-image.yml
vendored
@ -334,7 +334,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Collect hashes
|
- name: Collect hashes
|
||||||
id: collect-hashes
|
id: collect-hashes
|
||||||
working-directory: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37
|
working-directory: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38
|
||||||
run: |
|
run: |
|
||||||
{
|
{
|
||||||
echo "image-raw-${{ matrix.csp }}-${{ matrix.attestation_variant }}-sha256=$(sha256sum image.raw | head -c 64)"
|
echo "image-raw-${{ matrix.csp }}-${{ matrix.attestation_variant }}-sha256=$(sha256sum image.raw | head -c 64)"
|
||||||
@ -351,27 +351,27 @@ jobs:
|
|||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
||||||
with:
|
with:
|
||||||
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.raw
|
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.raw
|
||||||
|
|
||||||
- name: Upload individual OS parts as artifacts
|
- name: Upload individual OS parts as artifacts
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
||||||
with:
|
with:
|
||||||
name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: parts-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: |
|
path: |
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.cmdline
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.cmdline
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.efi
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.efi
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.esp.raw
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.esp.raw
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.root-x86-64.raw
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.root-x86-64.raw
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.root-x86-64-verity.raw
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.root-x86-64-verity.raw
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.vmlinuz
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.vmlinuz
|
||||||
|
|
||||||
- name: Upload manifest as artifact
|
- name: Upload manifest as artifact
|
||||||
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
|
||||||
with:
|
with:
|
||||||
name: manifest-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: manifest-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: |
|
path: |
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.changelog
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.changelog
|
||||||
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.manifest
|
${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.manifest
|
||||||
|
|
||||||
upload-os-image:
|
upload-os-image:
|
||||||
name: "Upload OS image to CSP"
|
name: "Upload OS image to CSP"
|
||||||
@ -399,10 +399,10 @@ jobs:
|
|||||||
- csp: openstack
|
- csp: openstack
|
||||||
attestation_variant: qemu-vtpm
|
attestation_variant: qemu-vtpm
|
||||||
env:
|
env:
|
||||||
RAW_IMAGE_PATH: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image.raw
|
RAW_IMAGE_PATH: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image.raw
|
||||||
JSON_OUTPUT: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37/image-upload.json
|
JSON_OUTPUT: mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38/image-upload.json
|
||||||
AZURE_IMAGE_PATH: mkosi.output.azure_${{ matrix.attestation_variant }}/fedora~37/image.vhd
|
AZURE_IMAGE_PATH: mkosi.output.azure_${{ matrix.attestation_variant }}/fedora~38/image.vhd
|
||||||
GCP_IMAGE_PATH: mkosi.output.gcp_${{ matrix.attestation_variant }}/fedora~37/image.tar.gz
|
GCP_IMAGE_PATH: mkosi.output.gcp_${{ matrix.attestation_variant }}/fedora~38/image.tar.gz
|
||||||
SHORTNAME: ${{ needs.build-settings.outputs.imageNameShort }}
|
SHORTNAME: ${{ needs.build-settings.outputs.imageNameShort }}
|
||||||
ATTESTATION_VARIANT: ${{ matrix.attestation_variant }}
|
ATTESTATION_VARIANT: ${{ matrix.attestation_variant }}
|
||||||
steps:
|
steps:
|
||||||
@ -415,7 +415,7 @@ jobs:
|
|||||||
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
||||||
with:
|
with:
|
||||||
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
name: image-${{ matrix.csp }}-${{ matrix.attestation_variant }}
|
||||||
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~37
|
path: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}_${{ matrix.attestation_variant }}/fedora~38
|
||||||
|
|
||||||
- name: Install tools
|
- name: Install tools
|
||||||
shell: bash
|
shell: bash
|
||||||
@ -655,7 +655,7 @@ jobs:
|
|||||||
.measurements.6.warnOnly = true |
|
.measurements.6.warnOnly = true |
|
||||||
.measurements.6.expected = "3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969" |
|
.measurements.6.expected = "3d458cfe55cc03ea1f443f1562beec8df51c75e14a9fcf9a7234a13f198e7969" |
|
||||||
.measurements.7.warnOnly = true |
|
.measurements.7.warnOnly = true |
|
||||||
.measurements.7.expected = "b1e9b305325c51b93da58cbf7f92512d8eebfa01143e4d8844e40e062e9b6cd5" |
|
.measurements.7.expected = "a1d193dbfc3da1a5e93fe7b1384427fb78feeffcb06675a0cf840ec99406f237" |
|
||||||
.measurements.8.warnOnly = false |
|
.measurements.8.warnOnly = false |
|
||||||
.measurements.9.warnOnly = false |
|
.measurements.9.warnOnly = false |
|
||||||
.measurements.11.warnOnly = false |
|
.measurements.11.warnOnly = false |
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# syntax=docker/dockerfile:1.5-labs
|
# syntax=docker/dockerfile:1.5-labs
|
||||||
FROM fedora:37
|
FROM fedora:38
|
||||||
|
|
||||||
ARG TARGETOS
|
ARG TARGETOS
|
||||||
ARG TARGETARCH
|
ARG TARGETARCH
|
||||||
@ -12,20 +12,20 @@ ADD --checksum=sha256:${BAZELISK_SHA256} \
|
|||||||
/usr/local/bin/bazelisk
|
/usr/local/bin/bazelisk
|
||||||
|
|
||||||
RUN chmod +x /usr/local/bin/bazelisk && \
|
RUN chmod +x /usr/local/bin/bazelisk && \
|
||||||
ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \
|
ln -s /usr/local/bin/bazelisk /usr/local/bin/bazel && \
|
||||||
dnf install -y \
|
dnf install -y \
|
||||||
git \
|
git \
|
||||||
diffutils \
|
diffutils \
|
||||||
libxcrypt-compat \
|
libxcrypt-compat \
|
||||||
python3 \
|
python3 \
|
||||||
&& \
|
&& \
|
||||||
dnf clean all && \
|
dnf clean all && \
|
||||||
groupadd --gid 1000 builder && \
|
groupadd --gid 1000 builder && \
|
||||||
useradd -rm -d /home/builder -s /bin/bash -g root -u 1000 --gid builder builder && \
|
useradd -rm -d /home/builder -s /bin/bash -g root -u 1000 --gid builder builder && \
|
||||||
mkdir -p /home/builder/.cache && \
|
mkdir -p /home/builder/.cache && \
|
||||||
mkdir -p /workspace && \
|
mkdir -p /workspace && \
|
||||||
chown -R builder:builder /home/builder/.cache /workspace && \
|
chown -R builder:builder /home/builder/.cache /workspace && \
|
||||||
git config --global --add safe.directory /workspace
|
git config --global --add safe.directory /workspace
|
||||||
|
|
||||||
USER builder
|
USER builder
|
||||||
WORKDIR /workspace
|
WORKDIR /workspace
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS release
|
FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS release
|
||||||
|
|
||||||
RUN dnf install -y https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.6.2-x86_64.rpm
|
RUN dnf install -y https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-8.6.2-x86_64.rpm
|
||||||
|
|
||||||
|
@ -1,11 +1,11 @@
|
|||||||
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS build
|
FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS build
|
||||||
|
|
||||||
ARG LOGSTASH_VER=8.6.1
|
ARG LOGSTASH_VER=8.6.1
|
||||||
|
|
||||||
RUN curl -fsSLO https://artifacts.opensearch.org/logstash/logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
|
RUN curl -fsSLO https://artifacts.opensearch.org/logstash/logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
|
||||||
RUN tar -zxvf logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
|
RUN tar -zxvf logstash-oss-with-opensearch-output-plugin-$LOGSTASH_VER-linux-x64.tar.gz
|
||||||
|
|
||||||
FROM fedora:37@sha256:ab2fd8de428f5dbdb147d43135902a776a6c64d2243fd7ac99629df3b47c9256 AS release
|
FROM fedora:38@sha256:a29e3f593f5eb60a0a52d34bdc0147da22c97381d3667c5588dbe02ca35e1514 AS release
|
||||||
|
|
||||||
COPY --from=build logstash-* /usr/share/logstash
|
COPY --from=build logstash-* /usr/share/logstash
|
||||||
|
|
||||||
|
@ -27,11 +27,10 @@ AZURE_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-
|
|||||||
GCP_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-200.fc37.x86_64.rpm kernel-modules-6.1.18-200.fc37.x86_64.rpm
|
GCP_FIXED_KERNEL_RPMS := kernel-6.1.18-200.fc37.x86_64.rpm kernel-core-6.1.18-200.fc37.x86_64.rpm kernel-modules-6.1.18-200.fc37.x86_64.rpm
|
||||||
PREBUILD_RPMS_SYSTEMD := $(addprefix prebuilt/rpms/systemd/,$(SYSTEMD_FIXED_RPMS))
|
PREBUILD_RPMS_SYSTEMD := $(addprefix prebuilt/rpms/systemd/,$(SYSTEMD_FIXED_RPMS))
|
||||||
PREBUILT_RPMS_AZURE := $(addprefix prebuilt/rpms/azure/,$(AZURE_FIXED_KERNEL_RPMS))
|
PREBUILT_RPMS_AZURE := $(addprefix prebuilt/rpms/azure/,$(AZURE_FIXED_KERNEL_RPMS))
|
||||||
PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/gcp/,$(GCP_FIXED_KERNEL_RPMS))
|
|
||||||
|
|
||||||
.PHONY: all clean inject-bins $(csps) $(variants)
|
.PHONY: all clean inject-bins $(csps) $(variants)
|
||||||
|
|
||||||
.NOTPARALLEL: mkosi.output.%/fedora~37/image.raw clean-%
|
.NOTPARALLEL: mkosi.output.%/fedora~38/image.raw clean-%
|
||||||
|
|
||||||
all: $(csps)
|
all: $(csps)
|
||||||
|
|
||||||
@ -41,27 +40,19 @@ gcp: gcp_gcp-sev-es gcp_gcp-sev-snp
|
|||||||
openstack: openstack_qemu-vtpm
|
openstack: openstack_qemu-vtpm
|
||||||
qemu: qemu_qemu-vtpm
|
qemu: qemu_qemu-vtpm
|
||||||
|
|
||||||
$(variants): %: mkosi.output.%/fedora~37/image.raw
|
$(variants): %: mkosi.output.%/fedora~38/image.raw
|
||||||
|
|
||||||
prebuilt/rpms/systemd/%.rpm:
|
prebuilt/rpms/systemd/%.rpm:
|
||||||
@echo "Downloading $*"
|
@echo "Downloading $*"
|
||||||
@mkdir -p $(@D)
|
@mkdir -p $(@D)
|
||||||
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/systemd/251.11/2.fc37/x86_64/$*.rpm
|
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/systemd/251.11/2.fc37/x86_64/$*.rpm
|
||||||
|
|
||||||
# Currently, Azure and GCP use the same fixed kernels.
|
|
||||||
# They will likely derive soon again, but for now we can just copy the file from Azure to save traffic.
|
|
||||||
prebuilt/rpms/gcp/%.rpm: prebuilt/rpms/azure/%.rpm
|
|
||||||
@echo "Downloading $*"
|
|
||||||
@mkdir -p $(@D)
|
|
||||||
# @curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm
|
|
||||||
cp prebuilt/rpms/azure/$*.rpm prebuilt/rpms/gcp/$*.rpm
|
|
||||||
|
|
||||||
prebuilt/rpms/azure/%.rpm:
|
prebuilt/rpms/azure/%.rpm:
|
||||||
@echo "Downloading $*"
|
@echo "Downloading $*"
|
||||||
@mkdir -p $(@D)
|
@mkdir -p $(@D)
|
||||||
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm
|
@curl -fsSL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/6.1.18/200.fc37/x86_64/$*.rpm
|
||||||
|
|
||||||
mkosi.output.%/fedora~37/image.raw: inject-bins inject-certs
|
mkosi.output.%/fedora~38/image.raw: inject-bins inject-certs
|
||||||
rm -rf .csp/
|
rm -rf .csp/
|
||||||
mkdir -p .csp/
|
mkdir -p .csp/
|
||||||
$(eval csp := $(firstword $(subst _, ,$*)))
|
$(eval csp := $(firstword $(subst _, ,$*)))
|
||||||
@ -85,7 +76,7 @@ mkosi.output.%/fedora~37/image.raw: inject-bins inject-certs
|
|||||||
rm -rf .csp/
|
rm -rf .csp/
|
||||||
@echo "Image is ready: $@"
|
@echo "Image is ready: $@"
|
||||||
|
|
||||||
inject-bins: $(PREBUILD_RPMS_SYSTEMD) $(PREBUILT_RPMS_AZURE) $(PREBUILT_RPMS_GCP)
|
inject-bins: $(PREBUILD_RPMS_SYSTEMD) $(PREBUILT_RPMS_AZURE)
|
||||||
mkdir -p $(MKOSI_EXTRA)/usr/bin
|
mkdir -p $(MKOSI_EXTRA)/usr/bin
|
||||||
mkdir -p $(MKOSI_EXTRA)/usr/sbin
|
mkdir -p $(MKOSI_EXTRA)/usr/sbin
|
||||||
cp $(UPGRADE_AGENT_BINARY) $(MKOSI_EXTRA)/usr/bin/upgrade-agent
|
cp $(UPGRADE_AGENT_BINARY) $(MKOSI_EXTRA)/usr/bin/upgrade-agent
|
||||||
|
@ -113,7 +113,7 @@ After that, you can build the image with:
|
|||||||
sudo make EXTRA_SEARCH_PATHS="${SYSTEMD_BIN}" -j $(nproc)
|
sudo make EXTRA_SEARCH_PATHS="${SYSTEMD_BIN}" -j $(nproc)
|
||||||
```
|
```
|
||||||
|
|
||||||
Raw images will be placed in `mkosi.output.<CSP>/fedora~37/image.raw`.
|
Raw images will be placed in `mkosi.output.<CSP>/fedora~38/image.raw`.
|
||||||
|
|
||||||
## Prepare Secure Boot
|
## Prepare Secure Boot
|
||||||
|
|
||||||
@ -125,7 +125,7 @@ For QEMU and Azure, you can pre-generate the NVRAM variables for secure boot. Th
|
|||||||
<summary><a id="qemu-secure-boot">libvirt / QEMU / KVM</a></summary>
|
<summary><a id="qemu-secure-boot">libvirt / QEMU / KVM</a></summary>
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~37/image.raw
|
secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~38/image.raw
|
||||||
```
|
```
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
@ -147,10 +147,10 @@ export AZURE_REGION=northeurope
|
|||||||
export AZURE_REPLICATION_REGIONS=
|
export AZURE_REPLICATION_REGIONS=
|
||||||
export AZURE_DISK_NAME=constellation-$(date +%s)
|
export AZURE_DISK_NAME=constellation-$(date +%s)
|
||||||
export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME}
|
export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME}
|
||||||
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw
|
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.raw
|
||||||
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd
|
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.vhd
|
||||||
export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs
|
export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs
|
||||||
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json
|
export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~38/image-upload.json
|
||||||
export BLOBS_DIR=${PWD}/blobs
|
export BLOBS_DIR=${PWD}/blobs
|
||||||
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
|
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
|
||||||
upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" ""
|
upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" ""
|
||||||
@ -191,7 +191,7 @@ Warning! Never set `--version` to a value that is already used for a release ima
|
|||||||
```sh
|
```sh
|
||||||
# Warning! Never set `--version` to a value that is already used for a release image.
|
# Warning! Never set `--version` to a value that is already used for a release image.
|
||||||
# Instead, use a `ref` that corresponds to your branch name.
|
# Instead, use a `ref` that corresponds to your branch name.
|
||||||
bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~37/image.raw --variant "" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~38/image.raw --variant "" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
||||||
```
|
```
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
@ -207,8 +207,8 @@ bazel run //image/upload -- aws --verbose --raw-image mkosi.output.aws/fedora~37
|
|||||||
- `pki_prod` is used for release images
|
- `pki_prod` is used for release images
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.raw
|
export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~38/image.raw
|
||||||
export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.tar.gz
|
export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~38/image.tar.gz
|
||||||
upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH}
|
upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH}
|
||||||
# Warning! Never set `--version` to a value that is already used for a release image.
|
# Warning! Never set `--version` to a value that is already used for a release image.
|
||||||
# Instead, use a `ref` that corresponds to your branch name.
|
# Instead, use a `ref` that corresponds to your branch name.
|
||||||
@ -230,8 +230,8 @@ Note:
|
|||||||
- Optional (if Secure Boot should be enabled) [Prepare virtual machine guest state (VMGS) with customized NVRAM or use existing VMGS blob](#azure-secure-boot)
|
- Optional (if Secure Boot should be enabled) [Prepare virtual machine guest state (VMGS) with customized NVRAM or use existing VMGS blob](#azure-secure-boot)
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw
|
export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.raw
|
||||||
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd
|
export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~38/image.vhd
|
||||||
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
|
upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}"
|
||||||
# Warning! Never set `--version` to a value that is already used for a release image.
|
# Warning! Never set `--version` to a value that is already used for a release image.
|
||||||
# Instead, use a `ref` that corresponds to your branch name.
|
# Instead, use a `ref` that corresponds to your branch name.
|
||||||
@ -254,7 +254,7 @@ Note:
|
|||||||
```sh
|
```sh
|
||||||
# Warning! Never set `--version` to a value that is already used for a release image.
|
# Warning! Never set `--version` to a value that is already used for a release image.
|
||||||
# Instead, use a `ref` that corresponds to your branch name.
|
# Instead, use a `ref` that corresponds to your branch name.
|
||||||
bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.openstack/fedora~37/image.raw --variant "sev" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.openstack/fedora~38/image.raw --variant "sev" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
||||||
```
|
```
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
@ -268,7 +268,7 @@ bazel run //image/upload -- openstack --verbose --raw-image mkosi.output.opensta
|
|||||||
```sh
|
```sh
|
||||||
# Warning! Never set `--version` to a value that is already used for a release image.
|
# Warning! Never set `--version` to a value that is already used for a release image.
|
||||||
# Instead, use a `ref` that corresponds to your branch name.
|
# Instead, use a `ref` that corresponds to your branch name.
|
||||||
bazel run //image/upload -- qemu --verbose --raw-image mkosi.output.qemu/fedora~37/image.raw --variant "default" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
bazel run //image/upload -- qemu --verbose --raw-image mkosi.output.qemu/fedora~38/image.raw --variant "default" --version ref/foo/stream/nightly/v2.7.0-pre-asdf
|
||||||
```
|
```
|
||||||
|
|
||||||
</details>
|
</details>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[Distribution]
|
[Distribution]
|
||||||
Distribution=fedora
|
Distribution=fedora
|
||||||
Release=37
|
Release=38
|
||||||
|
|
||||||
[Output]
|
[Output]
|
||||||
Format=disk
|
Format=disk
|
||||||
|
@ -3,6 +3,6 @@ PathExists=../.csp/gcp
|
|||||||
|
|
||||||
# replace kernel
|
# replace kernel
|
||||||
[Content]
|
[Content]
|
||||||
Packages=prebuilt/rpms/gcp/kernel-6.1.18-200.fc37.x86_64.rpm
|
Packages=kernel
|
||||||
prebuilt/rpms/gcp/kernel-core-6.1.18-200.fc37.x86_64.rpm
|
kernel-core
|
||||||
prebuilt/rpms/gcp/kernel-modules-6.1.18-200.fc37.x86_64.rpm
|
kernel-modules
|
||||||
|
1473
rpm/BUILD.bazel
1473
rpm/BUILD.bazel
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
|||||||
repositories:
|
repositories:
|
||||||
- arch: x86_64
|
- arch: x86_64
|
||||||
metalink: https://mirrors.fedoraproject.org/metalink?repo=fedora-37&arch=x86_64
|
metalink: https://mirrors.fedoraproject.org/metalink?repo=fedora-38&arch=x86_64
|
||||||
name: 37-x86_64-primary-repo
|
name: 38-x86_64-primary-repo
|
||||||
- arch: x86_64
|
- arch: x86_64
|
||||||
metalink: https://mirrors.fedoraproject.org/metalink?repo=updates-released-f37&arch=x86_64
|
metalink: https://mirrors.fedoraproject.org/metalink?repo=updates-released-f38&arch=x86_64
|
||||||
name: 37-x86_64-update-repo
|
name: 38-x86_64-update-repo
|
||||||
|
3662
rpm/rpms.bzl
3662
rpm/rpms.bzl
File diff suppressed because it is too large
Load Diff
@ -2,6 +2,6 @@
|
|||||||
|
|
||||||
rm -f rpm/repo.yaml
|
rm -f rpm/repo.yaml
|
||||||
bazel run //:bazeldnf -- init \
|
bazel run //:bazeldnf -- init \
|
||||||
--fc 37 \
|
--fc 38 \
|
||||||
--arch x86_64 \
|
--arch x86_64 \
|
||||||
--output rpm/repo.yaml
|
--output rpm/repo.yaml
|
||||||
|
@ -7,28 +7,28 @@ bazel run //:bazeldnf -- fetch \
|
|||||||
--repofile rpm/repo.yaml
|
--repofile rpm/repo.yaml
|
||||||
bazel run //:bazeldnf -- rpmtree \
|
bazel run //:bazeldnf -- rpmtree \
|
||||||
--workspace WORKSPACE.bazel \
|
--workspace WORKSPACE.bazel \
|
||||||
--to_macro rpm/rpms.bzl%rpms \
|
--to-macro rpm/rpms.bzl%rpms \
|
||||||
--buildfile rpm/BUILD.bazel \
|
--buildfile rpm/BUILD.bazel \
|
||||||
--repofile rpm/repo.yaml \
|
--repofile rpm/repo.yaml \
|
||||||
--name cryptsetup-devel \
|
--name cryptsetup-devel \
|
||||||
cryptsetup-devel
|
cryptsetup-devel
|
||||||
bazel run //:bazeldnf -- rpmtree \
|
bazel run //:bazeldnf -- rpmtree \
|
||||||
--workspace WORKSPACE.bazel \
|
--workspace WORKSPACE.bazel \
|
||||||
--to_macro rpm/rpms.bzl%rpms \
|
--to-macro rpm/rpms.bzl%rpms \
|
||||||
--buildfile rpm/BUILD.bazel \
|
--buildfile rpm/BUILD.bazel \
|
||||||
--repofile rpm/repo.yaml \
|
--repofile rpm/repo.yaml \
|
||||||
--name glibc \
|
--name glibc \
|
||||||
glibc
|
glibc
|
||||||
bazel run //:bazeldnf -- rpmtree \
|
bazel run //:bazeldnf -- rpmtree \
|
||||||
--workspace WORKSPACE.bazel \
|
--workspace WORKSPACE.bazel \
|
||||||
--to_macro rpm/rpms.bzl%rpms \
|
--to-macro rpm/rpms.bzl%rpms \
|
||||||
--buildfile rpm/BUILD.bazel \
|
--buildfile rpm/BUILD.bazel \
|
||||||
--repofile rpm/repo.yaml \
|
--repofile rpm/repo.yaml \
|
||||||
--name libvirt-devel \
|
--name libvirt-devel \
|
||||||
libvirt-devel
|
libvirt-devel
|
||||||
bazel run //:bazeldnf -- rpmtree \
|
bazel run //:bazeldnf -- rpmtree \
|
||||||
--workspace WORKSPACE.bazel \
|
--workspace WORKSPACE.bazel \
|
||||||
--to_macro rpm/rpms.bzl%rpms \
|
--to-macro rpm/rpms.bzl%rpms \
|
||||||
--buildfile rpm/BUILD.bazel \
|
--buildfile rpm/BUILD.bazel \
|
||||||
--repofile rpm/repo.yaml \
|
--repofile rpm/repo.yaml \
|
||||||
--name containerized-libvirt \
|
--name containerized-libvirt \
|
||||||
@ -42,7 +42,7 @@ bazel run //:bazeldnf -- rpmtree \
|
|||||||
libvirt-client
|
libvirt-client
|
||||||
bazel run //:bazeldnf -- prune \
|
bazel run //:bazeldnf -- prune \
|
||||||
--workspace WORKSPACE.bazel \
|
--workspace WORKSPACE.bazel \
|
||||||
--to_macro rpm/rpms.bzl%rpms \
|
--to-macro rpm/rpms.bzl%rpms \
|
||||||
--buildfile rpm/BUILD.bazel
|
--buildfile rpm/BUILD.bazel
|
||||||
bazel run //rpm:ldd-cryptsetup
|
bazel run //rpm:ldd-cryptsetup
|
||||||
bazel run //rpm:ldd-libvirt
|
bazel run //rpm:ldd-libvirt
|
||||||
|
Loading…
Reference in New Issue
Block a user