diff --git a/image/Makefile b/image/Makefile index def2e84b1..09859db0d 100644 --- a/image/Makefile +++ b/image/Makefile @@ -10,7 +10,7 @@ IMAGE_VERSION ?= v0.0.0 csps := aws qemu gcp azure certs := $(PKI)/PK.cer $(PKI)/KEK.cer $(PKI)/db.cer -GCP_FIXED_KERNEL_RPMS := kernel-5.19.17-300.fc37.x86_64.rpm kernel-core-5.19.17-300.fc37.x86_64.rpm kernel-modules-5.19.17-300.fc37.x86_64.rpm +GCP_FIXED_KERNEL_RPMS := kernel-5.19.17-200.fc36.x86_64.rpm kernel-core-5.19.17-200.fc36.x86_64.rpm kernel-modules-5.19.17-200.fc36.x86_64.rpm PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/,$(GCP_FIXED_KERNEL_RPMS)) @@ -18,15 +18,14 @@ PREBUILT_RPMS_GCP := $(addprefix prebuilt/rpms/,$(GCP_FIXED_KERNEL_RPMS)) all: $(csps) -$(csps): %: mkosi.output.%/fedora~37/image.raw - +$(csps): %: mkosi.output.%/fedora~36/image.raw prebuilt/rpms/%.rpm: @echo "Downloading $*" @mkdir -p $(@D) - @curl -sL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/5.19.17/300.fc37/x86_64/$*.rpm + @curl -sL -o $@ https://kojipkgs.fedoraproject.org/packages/kernel/5.19.17/200.fc36/x86_64/$*.rpm -mkosi.output.%/fedora~37/image.raw: mkosi.files/mkosi.%.conf inject-bins inject-certs +mkosi.output.%/fedora~36/image.raw: mkosi.files/mkosi.%.conf inject-bins inject-certs mkosi --config mkosi.files/mkosi.$*.conf --image-version=$(IMAGE_VERSION) build secure-boot/signed-shim.sh $@ @if [ -n $(SUDO_UID) ] && [ -n $(SUDO_GID) ]; then \ diff --git a/image/README.md b/image/README.md index 9afcb1284..6219cf4c9 100644 --- a/image/README.md +++ b/image/README.md @@ -75,7 +75,7 @@ After that, you can build the image with: sudo make -j $(nproc) ``` -Raw images will be placed in `mkosi.output./fedora~37/image.raw`. +Raw images will be placed in `mkosi.output./fedora~36/image.raw`. ## Prepare Secure Boot @@ -87,7 +87,7 @@ For QEMU and Azure, you can pre-generate the NVRAM variables for secure boot. Th libvirt / QEMU / KVM ```sh -secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~37/image.raw +secure-boot/generate_nvram_vars.sh mkosi.output.qemu/fedora~36/image.raw ``` @@ -109,10 +109,10 @@ export AZURE_REGION=northeurope export AZURE_REPLICATION_REGIONS= export AZURE_DISK_NAME=constellation-$(date +%s) export AZURE_SNAPSHOT_NAME=${AZURE_DISK_NAME} -export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw -export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd +export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.raw +export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.vhd export AZURE_VMGS_FILENAME=${AZURE_SECURITY_TYPE}.vmgs -export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json +export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~36/image-upload.json export BLOBS_DIR=${PWD}/blobs upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}" upload/upload_azure.sh --disk-name "${AZURE_DISK_NAME}-setup-secure-boot" "" @@ -156,10 +156,10 @@ export PKI=${PWD}/pki export AWS_REGION=eu-central-1 export AWS_REPLICATION_REGIONS="us-east-2" export AWS_BUCKET=constellation-images -export AWS_EFIVARS_PATH=${PWD}/mkosi.output.aws/fedora~37/efivars.bin -export AWS_IMAGE_PATH=${PWD}/mkosi.output.aws/fedora~37/image.raw +export AWS_EFIVARS_PATH=${PWD}/mkosi.output.aws/fedora~36/efivars.bin +export AWS_IMAGE_PATH=${PWD}/mkosi.output.aws/fedora~36/image.raw export AWS_IMAGE_FILENAME=image-$(date +%s).raw -export AWS_JSON_OUTPUT=${PWD}/mkosi.output.aws/fedora~37/image-upload.json +export AWS_JSON_OUTPUT=${PWD}/mkosi.output.aws/fedora~36/image-upload.json secure-boot/aws/create_uefivars.sh "${AWS_EFIVARS_PATH}" upload/upload_aws.sh ``` @@ -185,10 +185,10 @@ export PKI=${PWD}/pki export GCP_PROJECT=constellation-images export GCP_REGION=europe-west3 export GCP_BUCKET=constellation-images -export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.raw +export GCP_RAW_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~36/image.raw export GCP_IMAGE_FILENAME=$(date +%s).tar.gz -export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~37/image.tar.gz -export GCP_JSON_OUTPUT=${PWD}/mkosi.output.gcp/fedora~37/image-upload.json +export GCP_IMAGE_PATH=${PWD}/mkosi.output.gcp/fedora~36/image.tar.gz +export GCP_JSON_OUTPUT=${PWD}/mkosi.output.gcp/fedora~36/image-upload.json upload/pack.sh gcp ${GCP_RAW_IMAGE_PATH} ${GCP_IMAGE_PATH} upload/upload_gcp.sh ``` @@ -228,9 +228,9 @@ export AZURE_IMAGE_OFFER=constellation export AZURE_SKU=${AZURE_IMAGE_DEFINITION} export AZURE_PUBLISHER=edgelesssys export AZURE_DISK_NAME=constellation-$(date +%s) -export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.raw -export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~37/image.vhd -export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~37/image-upload.json +export AZURE_RAW_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.raw +export AZURE_IMAGE_PATH=${PWD}/mkosi.output.azure/fedora~36/image.vhd +export AZURE_JSON_OUTPUT=${PWD}/mkosi.output.azure/fedora~36/image-upload.json upload/pack.sh azure "${AZURE_RAW_IMAGE_PATH}" "${AZURE_IMAGE_PATH}" upload/upload_azure.sh -g --disk-name "${AZURE_DISK_NAME}" "${AZURE_VMGS_PATH}" ``` @@ -250,8 +250,8 @@ export STREAM= # e.g. "nightly", "debug", "stable" (depends on the type of image export IMAGE_VERSION= # e.g. v2.1.0" or output of pseudo-version tool export QEMU_BUCKET=cdn-constellation-backend export QEMU_BASE_URL="https://cdn.confidential.cloud" -export QEMU_IMAGE_PATH=${PWD}/mkosi.output.qemu/fedora~37/image.raw -export QEMU_JSON_OUTPUT=${PWD}/mkosi.output.qemu/fedora~37/image-upload.json +export QEMU_IMAGE_PATH=${PWD}/mkosi.output.qemu/fedora~36/image.raw +export QEMU_JSON_OUTPUT=${PWD}/mkosi.output.qemu/fedora~36/image-upload.json upload/upload_qemu.sh ``` diff --git a/image/mkosi.conf.d/mkosi.conf b/image/mkosi.conf.d/mkosi.conf index e2334fbc9..1b9ab375c 100644 --- a/image/mkosi.conf.d/mkosi.conf +++ b/image/mkosi.conf.d/mkosi.conf @@ -1,6 +1,6 @@ [Distribution] Distribution=fedora -Release=37 +Release=36 [Output] Format=gpt_squashfs diff --git a/image/mkosi.files/mkosi.azure.conf b/image/mkosi.files/mkosi.azure.conf index 3506649ed..528d8e0f9 100644 --- a/image/mkosi.files/mkosi.azure.conf +++ b/image/mkosi.files/mkosi.azure.conf @@ -8,6 +8,6 @@ BasePackages=conditional Packages=systemd util-linux dracut - prebuilt/rpms/kernel-5.19.17-300.fc37.x86_64.rpm - prebuilt/rpms/kernel-core-5.19.17-300.fc37.x86_64.rpm - prebuilt/rpms/kernel-modules-5.19.17-300.fc37.x86_64.rpm + prebuilt/rpms/kernel-5.19.17-200.fc36.x86_64.rpm + prebuilt/rpms/kernel-core-5.19.17-200.fc36.x86_64.rpm + prebuilt/rpms/kernel-modules-5.19.17-200.fc36.x86_64.rpm diff --git a/image/mkosi.files/mkosi.gcp.conf b/image/mkosi.files/mkosi.gcp.conf index b00e6228b..b19b7aeaa 100644 --- a/image/mkosi.files/mkosi.gcp.conf +++ b/image/mkosi.files/mkosi.gcp.conf @@ -8,6 +8,6 @@ BasePackages=conditional Packages=systemd util-linux dracut - prebuilt/rpms/kernel-5.19.17-300.fc37.x86_64.rpm - prebuilt/rpms/kernel-core-5.19.17-300.fc37.x86_64.rpm - prebuilt/rpms/kernel-modules-5.19.17-300.fc37.x86_64.rpm + prebuilt/rpms/kernel-5.19.17-200.fc36.x86_64.rpm + prebuilt/rpms/kernel-core-5.19.17-200.fc36.x86_64.rpm + prebuilt/rpms/kernel-modules-5.19.17-200.fc36.x86_64.rpm