Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: kiwi-systemdeps-containers | Distribution: openSUSE Tumbleweed |
Version: 10.2.3 | Vendor: openSUSE |
Release: 1.1 | Build date: Tue Dec 3 14:58:40 2024 |
Group: System/Management | Build host: reproducible |
Size: 0 | Source RPM: python-kiwi-10.2.3-1.1.src.rpm |
Packager: http://bugs.opensuse.org | |
Url: https://github.com/OSInside/kiwi | |
Summary: KIWI - host requirements for OCI container images |
Host setup helper to pull in all packages required/useful on the build host to build OCI container images
GPL-3.0-or-later
* Tue Dec 03 2024 Marcus Schäfer <[email protected]> - Bump version: 10.2.2 → 10.2.3 * Tue Dec 03 2024 Marcus Schäfer <[email protected]> - Update STYLEROOT to SUSE 2022 * Mon Dec 02 2024 Marcus Schäfer <[email protected]> - Fix broken links in the documentation * Mon Dec 02 2024 Marcus Schäfer <[email protected]> - Fix legacy_bios_mode detection The code in this method does not work correctly if the firmware is set to 'bios'. In bios only mode the method returned a false value which is incorrect as it should return a true value in this case. Without this patch ISO images will fail to boot because no loader gets configured. * Mon Dec 02 2024 Marcus Schäfer <[email protected]> - Added /dev/pts to bind mount locations During runtime several kernel filesystems are bind mounted into the image root system such that programs expecting it can work. /dev/pts was not needed so far but seems to be a good addition to the list to make tools like sudo to work properly when called e.g. from a config.sh script. This Fixes #2686 * Wed Nov 27 2024 Marcus Schäfer <[email protected]> - Added provide/require system files for containers Added the attributes provide_system_files and require_system_files to control the provider and requester of system files in container image builds. systemfiles is a metadata file which contains all files from the package database at call time. It is used in flake-pilot to provision the systemfiles data from the host into the container instance. One possible use case for this data is a flake registration which uses a base container that is derived from a runtime container but all data from the runtime should be provisioned from the host. Using this feature tightly couples the flake to the host OS distribution and version. * Wed Nov 27 2024 Marcus Schäfer <[email protected]> - Bump version: 10.2.1 → 10.2.2 * Wed Nov 27 2024 Marcus Schäfer <[email protected]> - Fix scope issue Increase livetime of the the compressor instances to the livetime of RootImportOCI. They create temporary files which are referenced later and need to live longer than the block they got created in * Tue Nov 26 2024 Marcus Schäfer <[email protected]> - Bump version: 10.2.0 → 10.2.1 * Mon Nov 25 2024 Marcus Schäfer <[email protected]> - Fixed use of fscreateoptions for iso type The information for fscreateoptions was not passed along to the tooling if a custom filesystem attribute was specified. This Fixes #2681 * Mon Nov 25 2024 Marcus Schäfer <[email protected]> - Allow to derive from multiple containers Add support for multi inheritance to the derived_from attribute In the order of a comma seperated list of docker source URI's a base tree is created. This was possible only with one container so far and Fixes #2680 as well as jira#OBS-354 * Thu Nov 21 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.18 → 10.2.0 * Thu Nov 21 2024 Marcus Schäfer <[email protected]> - Add selinux test build to TW Also update derived docker integration test to latest Leap * Wed Nov 20 2024 Neal Gompa <[email protected]> - kiwi/schema: Fix allowed value type for ISO publisher and application ID According to the spec, this should be constrained to 128 characters but also allow quite a few other special characters (as well as spaces). We didn't allow spaces in application ID, but allowed too much for Publisher. Now we set up both correctly. * Sun Nov 17 2024 Marcus Schäfer <[email protected]> - Fix setup of kiwi environment variables Some kiwi env vars are initialized with an empty value and not overwritten if another value is provided. For the selected variables an empty value setting is not allowed because the schema also enforces the value to be set at least once. In addition a helpful option named --print-kiwi-env was added to the 'image info' command which allows to print the environment variables and their values. * Tue Nov 12 2024 Marcus Schäfer <[email protected]> - Add random key support for LUKS encryption Allow to pass luks="random". In random mode use the generated keyfile as the only key to decrypt. This is only secure if the generated initrd also gets protected e.g. through encryption like it is done with the secure linux execution on zSystems * Thu Nov 07 2024 Marcus Schäfer <[email protected]> - Added development group in pyproject setup generateDS and other tools are needed and were forgotten to be added when we deleted the tox dependency * Wed Nov 06 2024 Marcus Schäfer <[email protected]> - Added containers integration with OBS When building in the Open Build Service (OBS) there is no way to create outgoing connections from the build workers. To allow the <containers> section to fetch containers from the SUSE registry we need to apply an OCI URI translation into a local path. The actual OCI container image is expected to be provided by the obs backend on the worker. Along with this commit also an integration test named test-image-disk-containers is provided. This Fixes jira#OBS-351 * Sun Nov 03 2024 Marcus Schäfer <[email protected]> - Fix rendering of SUSE docs The SUSE documentation is produced through a conversion of the ReST source into docbook. The name kiwi is reserved in the index and needs to be referenced as kiwi-ng when used as command. * Sun Nov 03 2024 Marcus Schäfer <[email protected]> - Remove tox dependency tox was used as sort of a make target to run unit tests and more in a python virtualenv. However, since we switched everything to poetry it's no longer needed to let tox create the python virtual environments. This commit moves the tox targets into the Makefile and adapts the github workflow files accordingly. In addition the scripts container based tests were re-activated and fixed such that they succeed again. * Fri Nov 01 2024 Marcus Schäfer <[email protected]> - Fix make build target Move the actions done by the tox target into the build target and call them there in a clean and easy to spot sequence. There is no need to call tox to prepare for the package submission, instead the checks and poetry runs to prepare for the package target should be called directly as part of the build target. In the future we might get rid of tox completely. * Fri Nov 01 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.17 → 10.1.18 * Thu Oct 31 2024 Marcus Schäfer <[email protected]> - Fixed zipl caller environment zipl gets confused with an active sysfs mount inside the root tree at call time of zipl. This commit umounts the /sys bind mount in the image tree prior calling zipl * Thu Oct 31 2024 Marcus Schäfer <[email protected]> - Fix s390 test-image-disk build Add missing kernel links used by suse tools * Thu Oct 31 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.16 → 10.1.17 * Wed Oct 30 2024 Marcus Schäfer <[email protected]> - Fix coloring of build_status.sh flags Depending on the place of the status flag the color setup might fail. This commit fixes it * Wed Oct 30 2024 Marcus Schäfer <[email protected]> - Add pytest-container as optional dependency The pyproject.toml listed pytest-container as dependency but it is used only to run the container based integration tests for the shell helper methods. For building the package this dependency should not be pulled in * Fri Oct 25 2024 Marcus Schäfer <[email protected]> - Fix networking in erofs integration test The network setup was systemd-networkd based but the provided network config was not for systemd * Wed Oct 23 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.15 → 10.1.16 * Wed Oct 23 2024 Marcus Schäfer <[email protected]> - Fix erofs requires in spec erofs-utils for SUSE only exists in Tumbleweed. The former conditon would also add the requirement for ALP and SLFO which is wrong. This commit fixes it * Tue Oct 22 2024 Marcus Schäfer <[email protected]> - Add vagrantconfig rule for vagrant format If the format="vagrant" attribute is set, a vagrantconfig section becomes mandatory. This commit enforces this rule on the schema. This Fixes #2666 * Mon Oct 21 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.14 → 10.1.15 * Thu Oct 17 2024 Marcus Schäfer <[email protected]> - Fixed sphinx_rtd_theme setup Delete obsolete display_version attribute * Thu Oct 17 2024 Marcus Schäfer <[email protected]> - Evaluate eficsm everywhere Fixed _supports_bios_modules() to take an eventually provided eficsm setup into account. The grub config still searches for i386 grub modules even if eficsm="false" is set. * Thu Oct 17 2024 Marcus Schäfer <[email protected]> - Fixed debian bootstrap script calls Run scripts as commands with their native shebang and not through bash. Not all debian package scripts uses bash, some of them uses sh which can be a link to dash or other interpreters. This Fixes #2660 * Thu Oct 17 2024 Marcus Schäfer <[email protected]> - Update TW integration tests The package x86info was dropped from TW * Wed Oct 16 2024 Dan Čermák <[email protected]> - Turn DiskFormat into an ordinary class - it does not need to be an abstract base class - use f-strings where applicable instead of format() - change return type of _custom_args_for_format from list to tuple * Mon Oct 14 2024 Marcus Schäfer <[email protected]> - Add new containers section Allow to specify references to OCI containers in the image description like in the following example: <containers source="registry.suse.com" backend="podman"> <container name="some" tag="some" path="/some/path"/> </containers> During the kiwi process the containers are fetched into a temporary location and a systemd service is configured to one time load the containers into the local registry at first boot of the system. This Fixes #2663 * Fri Oct 04 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.13 → 10.1.14 * Fri Oct 04 2024 Marcus Schäfer <[email protected]> - Revert "Install usrmerge for Debian integration test" This reverts commit 95ac861741f14c4f35611c16328384c18e53dcfb. Solution needs to be provided in code * Fri Oct 04 2024 Marcus Schäfer <[email protected]> - Install usrmerge for Debian integration test * Mon Sep 30 2024 Marcus Schäfer <[email protected]> - Support older apt versions for bootstrap This Fixes #2660 * Fri Sep 27 2024 Marcus Schäfer <[email protected]> - Run package scripts in apt bootstrap phase The bootstrap procedure based on apt only runs a manual collection of package scripts. This commit refactors the code that unpacks the bootstrap packages to a python implementation and adds a method to run the bootstrap scripts from all packages resolved by apt. * Thu Sep 26 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.12 → 10.1.13 * Thu Sep 26 2024 Marcus Schäfer <[email protected]> - Fix bundle extension for vagrant type When bundling result files that uses a vagrant type, kiwi creates them with the extension .vagrant.virtualbox.box or .vagrant.libvirt.box. The bundler code renames them using only the .box suffix which is too short as it is missing the subformat information. This commit fixes it and keeps this information in the result bundle file name. This Fixes #2656 * Thu Sep 26 2024 Marcus Schäfer <[email protected]> - Use simple quotas (squota) for volumes * Wed Sep 25 2024 Marcus Schäfer <[email protected]> - Add quota attribute to volume section Allow to set quota per volume for the btrfs filesystem This Fixes #2651 * Tue Sep 24 2024 Alyssa Rosenzweig <[email protected]> - Fix globbing with exclude with regex This fixes a collection of bugs when producing erofs images. On one hand, this ensures that an exclude of `/sys` doesn't accidentally match `/lib/libsystemd.so`, only `/sys/whatever`. On the other hand, this ensures that `/dev/*` does match `/dev/vda` and not just `/dev///////////`. This fixes libsystemd.so getting dropped in Kiwi-built FEX images. Signed-off-by: Alyssa Rosenzweig <[email protected]> * Tue Sep 24 2024 Alyssa Rosenzweig <[email protected]> - Honour custom exclude for filesystem builds All other call sites honour the custom exclude file, it's just this one that needs to be fixed. This unblocks use of Kiwi for generating FEX rootfs. Closes: #2652 Signed-off-by: Alyssa Rosenzweig <[email protected]> * Mon Sep 23 2024 Isaac True <[email protected]> - test: storage: update clone_device tests with new block size Signed-off-by: Isaac True <[email protected]> * Fri Sep 20 2024 Isaac True <[email protected]> - storage: clone_device: increase dd block size Increasing the block size used for dd reduces the time needed to clone a device. Signed-off-by: Isaac True <[email protected]> * Tue Sep 17 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.11 → 10.1.12 * Tue Sep 17 2024 Marcus Schäfer <[email protected]> - Add missing erofscompression validation In the filesystem builder I forgot to evaluate the erofscompression attribute. This Fixes #2647 * Mon Sep 16 2024 Marcus Schäfer <[email protected]> - Include PI and comments in XSL stylesheets So far comments and processing instructions (PI) were ignored when applying the XSL stylesheets. This commit updates all stylesheets to take them into account * Fri Sep 13 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.10 → 10.1.11 * Fri Sep 13 2024 Marcus Schäfer <[email protected]> - doc: Add login information test build test images * Fri Sep 13 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.9 → 10.1.10 * Thu Sep 12 2024 Michal Suchanek <[email protected]> - bootloader: Fix up ppc64 bootinfo again To make the code look pretty extra newline is inserted at the start of bootinfo file. This appears to break boot on Power9 PowerVM LPARs. * Thu Sep 12 2024 Marcus Schäfer <[email protected]> - Add support for erofs erofs is an alternative readonly filesystem that can be used as alternative to squashfs. This Fixes #2633 * Thu Sep 12 2024 Marcus Schäfer <[email protected]> - Fixed enclave integration test The SELinux policy of Fedora Rawhide when running completely in an initrd is not suitable to let the system boot up. Thus the current solution is to boot in permissive mode. A better solution for the future would probably be a selinux policy for enclaves * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - limit eif_build requires to fedora >= 42 * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.8 → 10.1.9 * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - Added sshd to nitro-enclave integration test * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - Fixed container sync options Do not exclude/filter any security/xattr capabilities. * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - Update container integration test Add getcap to check on filesystem capabilities * Wed Sep 11 2024 Marcus Schäfer <[email protected]> - Add new build type provides for enclave Add a provides tag (read by the open buildservice) for the new enclave builder. Also add a recommends to eif_builder in the systemdeps-core meta package * Tue Sep 10 2024 Marcus Schäfer <[email protected]> - Update enclave documentation Fixup repo setup in the build documentation * Tue Sep 10 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.7 → 10.1.8 * Tue Sep 10 2024 Marcus Schäfer <[email protected]> - Fixed enclave documentation Path to the build test was not correct * Tue Sep 10 2024 Marcus Schäfer <[email protected]> - Update test-image-nitro-enclave package list Fixup package list to match Fedora rawhide * Tue Sep 10 2024 Marcus Schäfer <[email protected]> - Move test-image-nitro-enclave to rawhide * Tue Sep 10 2024 Michal Suchanek <[email protected]> - Fix ppc64 chrp bootinfo generation * Mon Sep 09 2024 Marcus Schäfer <[email protected]> - Fixed documentation header Fixed double H1 headers from the boxbuild tweaks chapter. * Mon Sep 09 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.6 → 10.1.7 * Mon Sep 09 2024 Marcus Schäfer <[email protected]> - Move EXEC log message to the right place The log information of the command execution was not printed directly before the actual command invocation. There are other actions after the log information (e.g Path.which) which itself produce log information prior the real subprocess execution. This is very misleading when reading the log file and fixed in this commit. * Mon Sep 09 2024 Marcus Schäfer <[email protected]> - Add support for architectures in deb source file When apt resolves packages on a multiarch repo it can happen that dependencies for packages from other architectures are pulled into the solver process but are not provided by any repository. To overcome this behavior the repository can be setup to serve packages only for a specified architecture or list of architectures. This is related to OSInside/kiwi-descriptions#102 * Fri Sep 06 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.5 → 10.1.6 * Thu Sep 05 2024 Kostiantyn Astakhov <[email protected]> - add allowExtraConfig and exportFlags to ovftool options Add allowExtraConfig and exportFlags to ovftool options * Thu Sep 05 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.4 → 10.1.5 * Wed Sep 04 2024 Steffen Winterfeldt <[email protected]> - create EFI/BOOT only if UEFI boot is intended * Wed Sep 04 2024 Steffen Winterfeldt <[email protected]> - Fix boot support for ISO media on ppc64 add CHRP boot support for ppc64 and add xorriso option to avoid file name reduction to MS-DOS compatible 8.3 format * Tue Sep 03 2024 Marcus Schäfer <[email protected]> - Fix initrd permissions kiwi stored the initrd for ISO images as 600 which might be too restrictive. This commit makes sure the initrd is stored as 644 and Fixes bsc#1229257 * Tue Sep 03 2024 Marcus Schäfer <[email protected]> - Fixed ramdisk size setup For setting up the brd rd_size option kiwi creates 99-brd.conf used at load time of the kernel brd driver. The location for the conf file is set to /etc/modprobe.d/ However, in newer versions the location has changed to /usr/lib/modprobe.d/ and /etc/modprobe.d is no longer expected to exist. This commit makes sure /etc/modprobe.d is created if not present. * Tue Sep 03 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.3 → 10.1.4 * Mon Sep 02 2024 kastakhov <[email protected]> - Add note about guestOS values for vmware ovftools. * Mon Sep 02 2024 kastakhov <[email protected]> - Add note about guestOS values for vmware platform. * Mon Sep 02 2024 Marcus Schäfer <[email protected]> - Fixed resize of dos table type on s390 On s390, parted is used to detect the partition table type. In contrast to blkid the name for DOS tables is reported as 'msdos' and not 'dos' which impacts several conditions in the kiwi initrd code which checks for 'dos'. This commit fixes the get_partition_table_type() method to return a consistent table name for DOS tables. This Fixes bsc#1228729 * Mon Sep 02 2024 Marcus Schäfer <[email protected]> - Revert "remove dependency on /usr/bin/python" This reverts commit 15b450188483b567ca10bb459bf50ed90e905bb7. The change provided here entirely broke kiwi in OBS. With this patch applied every image build in OBS fails with the following message: 'line 1: /usr/sbin/kiwi: No such file or directory' * Mon Sep 02 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.2 → 10.1.3 * Sun Sep 01 2024 Marcus Schäfer <[email protected]> - Fix bundle extension for archive types When bundling result files that uses an archive type like tbz or docker, kiwi creates them with the extension tar.xz/tar.gz The bundler code only uses the extension from the last tuple in a "." split which is wrong for "tar." filenames. This commit adds an exception to the prefix rule for this output filenames and Fixes #2628 * Sun Sep 01 2024 Marcus Schäfer <[email protected]> - Fix ImageSystem mount procedure The mount() method did not take custom partitions into account. This commit fixes it. This Fixes #2619 * Tue Aug 27 2024 Petr Gajdos <[email protected]> - remove dependency on /usr/bin/python * Sun Aug 25 2024 Neal Gompa <[email protected]> - Add support for isomd5sum for tagging iso files The isomd5sum tool suite is used and available on all supported distributions except SUSE distributions, and is necessary to produce conformant ISOs for most Linux distributions. This change adds support for isomd5sum tool suite for kiwi, though it does not extend the kiwi-live dracut module to use it. The upstream dracut dmsquash-live module must be used instead. Co-authored-by: Dan Čermák <[email protected]> * Sat Aug 24 2024 Neal Gompa <[email protected]> - kiwi/builder/live: Log the correct value for Application ID Since it is now possible to set a custom application ID, we want to see this when it is being used for the image. * Sat Aug 24 2024 Neal Gompa <[email protected]> - kiwi/builder/live: Clean up leftover dracut configuration file The existence of this file breaks installers on live media that sync the full filesystem to disk and are not aware of this configuration before generating the target system initramfs. * Fri Aug 23 2024 Neal Gompa <[email protected]> - Allow string versions and test "word" versions There are descriptions out in the wild that use "non-numeric" versions in their descriptions, particularly without separators for splitting. This change switches all of this to strings rather than assuming numbers and gracefully handles the single word case. * Sat Aug 17 2024 Holden R. Fried <[email protected]> - Add documentation for boxbuild tweaks * Fri Aug 16 2024 Marcus Schäfer <[email protected]> - Fixed wrong log level on --logfile When using --logfile, the log generated there matches the stdout log (which without --debug, does not include any debug info). This is in contrast to the automatically generated one in the output directory, which always does and also not following the way how it is documented. This Fixes #2503 * Mon Aug 12 2024 Marcus Schäfer <[email protected]> - Fixed arch flag for namedCollection The arch flag in a namedCollection was not taken into account. This commit fixes this and also makes sure the result information is sorted and unique like we have it for the package lists. This Fixes #2600 * Fri Aug 09 2024 Marcus Schäfer <[email protected]> - Fix handling of zipl.conf in plain zipl bootloader When using the plain zipl bootloader kiwi created a /etc/zipl.conf file. However, this file was only useful during image build as it points to a loop target device and geometry but does not represent a proper config file to be used in the running system. In addition the different distributors provides their own version and layout of the zipl.conf to be used inside of the system and with their respective tools. Thus this commit changes the way how kiwi operates in a way that the zipl.conf used in the initial image only exists during the image build process. An eventual present /etc/zipl.conf will not be touched by kiwi. This Fixes #2597 * Thu Aug 08 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.1 → 10.1.2 * Thu Aug 08 2024 Marcus Schäfer <[email protected]> - Improve error reporting for remote deployment Add new method called show_log_and_quit which displays the written error log file as a file box to the user * Thu Aug 08 2024 Marcus Schäfer <[email protected]> - Update test-image-orthos integration test Update the test such that you can also build it locally. Change the remote installation target to be a ramdisk for easy testing of remote deployments * Thu Aug 08 2024 Marcus Schäfer <[email protected]> - Setup default minimum volume size per filesystem The former method provided a static value but there are huge differences for the minimum size requirement of a filesystem. For example extX is fine with 30MB whereas XFS requires 300MB. This commit adds a more dynamic default value based on the used filesystem. * Wed Aug 07 2024 Marcus Schäfer <[email protected]> - Increase default volume size So far 30MB was set as default volume size which is by far too small for a number of filesystems, e.g btrfs and also XFS. This commit increases the default volume size such that all modern filesystems builds if the default volume size is used. * Wed Aug 07 2024 Marcus Schäfer <[email protected]> - Update test-image-raid Apart from testing raid this integration test also tests a certain LVM volume setup. The test has been updated to use the btrfs filesystem because it has the most strict size requirements. * Tue Aug 06 2024 Dan Čermák <[email protected]> - Use shutil.which for Path.which * Tue Aug 06 2024 Dan Čermák <[email protected]> - Drop Path.remove & Path.rename Both methods were only used in one place each and it makes much more sense to use the pathlib builtin methods instead * Tue Aug 06 2024 Dan Čermák <[email protected]> - Replace Path.create implementation with pathlib builtin * Tue Aug 06 2024 Marcus Schäfer <[email protected]> - Bump version: 10.1.0 → 10.1.1 * Mon Aug 05 2024 Marcus Schäfer <[email protected]> - Mandatory package scripts for Debian bootstrap Make sure to run some mandatory package pre/post scripts such that settings like /etc/passwd, a root user, etc.. exists. This action can also be done in post_bootstrap.sh but I think it's better to do this in the core code * Mon Aug 05 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.28 → 10.1.0 * Mon Aug 05 2024 Marcus Schäfer <[email protected]> - kiwi no longer uses debootstrap For building Debian based images we used debootstrap to bootstrap an empty root until apt-get could be used to complete the job. This has now changed such hat apt-get is also used for bootstrapping a new system. The concept and also potential alternatives to the way kiwi bootstraps Debian based systems can be found here: * https://osinside.github.io/kiwi/working_with_images/build_without_debianbootstrap.html Due to the drop of debootstrap it might happen that package lists of existing image descriptions needs to be extended with packages that were formerly pulled in by debootstrap but did not get properly pulled in with the new apt based bootstrap. As reference please check out the integration tests from here: * https://github.com/OSInside/kiwi/tree/main/build-tests/x86/ubuntu * https://github.com/OSInside/kiwi/tree/main/build-tests/x86/debian Thanks * Mon Aug 05 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.27 → 10.0.28 * Sat Aug 03 2024 Marcus Schäfer <[email protected]> - Update documentation kiwi no longer uses debootstrap * Fri Aug 02 2024 Marcus Schäfer <[email protected]> - Fix test_process_result_bundle_as_rpm * Fri Aug 02 2024 Marcus Schäfer <[email protected]> - Fix Debian/Ubuntu integration tests Remove package hacks for debootstrap, explicitly add required packages and or configurations. * Fri Aug 02 2024 Marcus Schäfer <[email protected]> - Drop types-pkg_resources Got removed from PyPI * Wed Jul 31 2024 Marcus Schäfer <[email protected]> - Fix test_process_result_bundle_as_rpm os.path.basename was called on a MagicMock object which sometimes confused pytest * Wed Jul 31 2024 Neal Gompa <[email protected]> - CI: Add testing against Python 3.13 Python 3.13 is shipping in Fedora Linux for Fedora Linux 41, so we should ensure kiwi is tested against it. The testing setup is based on the latest development version of 3.13 as it is not yet released. * Wed Jul 31 2024 Marcus Schäfer <[email protected]> - Fix kiwi-repart restrictions The kiwi repart dracut module reads a profile file and if it does not exists it dies in the initrd. However, that profile file is not mandatory for the main resize functionality. Thus this commit turns this into a warning message. In addition the module-setup for 90kiwi-repart makes sure to include the required and optional profile files. This Fixes bsc#1228118 * Tue Jul 30 2024 Marcus Schäfer <[email protected]> - Do not exclude the .profile env file by default kiwi's initrd modules read a .profile file which gets included into the initrd produced at build time. To allow rebuild of a host-only initrd from the booted system this information should be present such that it is possible to re-use kiwi initrd code. * Tue Jul 30 2024 Marcus Schäfer <[email protected]> - Get rid of debootstrap Replace debootstrap with an apt-get based pre-download of packages followed by a dpkg-deb extraction. This Fixes #2599 * Tue Jul 30 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.26 → 10.0.27 * Tue Jul 30 2024 Fabian Vogt <[email protected]> - Fix dracut-interactive with systemd 256 With systemd 256, /usr (and thus also /bin/) is read-only in the initrd. Move dracut-interactive and its .service into /run instead. * Sun Jul 21 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.25 → 10.0.26 * Fri Jul 19 2024 Dmitri Popov <[email protected]> - Revise scripts_testing.rst * Fri Jul 19 2024 Dmitri Popov <[email protected]> - Revise schema_extensions.rst * Wed Jul 17 2024 Marcus Schäfer <[email protected]> - Pass kernel cmdline to agama In the agama integration test make sure to pass along the kernel boot parameters to allow controlling the behavior of agama better * Mon Jul 15 2024 Marcus Schäfer <[email protected]> - Add <file> directive to incorporate custom files Usually custom files are managed by placing them as overlay files or archives. However, overlay files must be structured inside of a root/ subdirectory and archive files are binary data. It is therefore not straight forward to just reference one or more files as source files to the image description to be placed into the image. This commit adds a new <file> element which allows to do this. This Fixes #1953 * Sun Jul 14 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.24 → 10.0.25 * Fri Jul 12 2024 Marcus Schäfer <[email protected]> - Fix mocking of test_process_result_bundle_as_rpm * Fri Jul 12 2024 Marcus Schäfer <[email protected]> - Fixed logging behavior of Compress::get_format The get_format() method allows to check which compression format a given input stream has. This is done by calling the supported compression tools in a row and let them check if they can deal with the provided data or not. As a result error messages are logged for streams that some tool doesn't understand. However, those error messages are no errors and only the result of the checking. This information in the kiwi log file is confusing and several users already complained when they see information like: EXEC: Failed with stderr: /usr/bin/xz: ...: File format not recognized This commit changes how the compression tooling is called in a way that no exception is raised (which leads to the above error message) but the result returncode is used to decide on the success or error of the respective compression tooling. * Fri Jul 12 2024 Marcus Schäfer <[email protected]> - Allow to set custom ISO Application ID Add new <type ... application_id="..."/> attribute to be set in the ISO header main block. The application ID was used as identifier in the legacy initrd code from former kiwi versions. Because of this there is still the compat layer which sets an App ID as MBR identifier string unless the new application_id overwrites it. This Fixes #1810 * Fri Jul 12 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.23 → 10.0.24 * Thu Jul 11 2024 Marcus Schäfer <[email protected]> - Added integration test for SUSE agama installer This integration test builds a self-install ISO image which drops the SUSE Agama installer into a ramdisk for performing an interactive installation procedure to test Agama * Thu Jul 11 2024 Marcus Schäfer <[email protected]> - Add --set-type-attr and --set-release-version Allow to set/overwrite type section attributes via the cmdline. Allow to set/add the release-version element via the cmdline. This Fixes #2478 and Fixes #2588 * Wed Jul 10 2024 Marcus Schäfer <[email protected]> - Update integration test for eficsm Update the type of the Secure profile of the live image integration test as well as the type of the simple-disk test to make use of the eficsm="false" attribute to switch off CSM mode and test an EFI only layout. * Wed Jul 10 2024 Marcus Schäfer <[email protected]> - Add new eficsm type attribute Allow to produce EFI/UEFI images without hybrid CSM capabilities. This Fixes #2407 * Wed Jul 10 2024 Dmitri Popov <[email protected]> - kiwi_plugin_architecture.rst * Wed Jul 10 2024 Dmitri Popov <[email protected]> - Revise kiwi_from_python.rst * Wed Jul 10 2024 Marcus Schäfer <[email protected]> - Wait for loop device detach to complete Detaching a loop device via 'losetup -d' is an async operation. Once the command returns the loop can still be associated with the block special. Therefore this commit waits until the block device got released or a timeout is hit. This Fixes #2580 * Tue Jul 09 2024 Marcus Schäfer <[email protected]> - Update requires for kiwi-systemdeps-disk-images On Tumbleweed several changes caused tools like strings or the codepage for mtools to be missing in a standard installation. For building disk images especially EFI capable ones with vendor information kiwi needs the above tool. This commit adds the packages providing them on Tumbleweed to the meta systemdeps for disk images. This Fixes #2585 * Mon Jul 08 2024 Marcus Schäfer <[email protected]> - Supplements are not understood by Debian/Ubuntu * Fri Jul 05 2024 Marcus Schäfer <[email protected]> - Add new builder for enclaves Add new EnclaveBuilder class which allows to build initrd-only image types. The first enclave implementation covers aws-nitro images produced via the eif_build tooling. * Thu Jul 04 2024 Marcus Schäfer <[email protected]> - Split out bash completion into a sub-package Per review of the SUSE packaging team we should split out the bash completion into its own sub-package to give users better control over the completion feature. * Thu Jul 04 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.22 → 10.0.23 * Thu Jul 04 2024 Neal Gompa <[email protected]> - package: Add fully qualified provides for python3-kiwi in spec On SUSE distributions, currently the expectation is that packages built against the Python interpreter should have fully qualified names in the form of pythonXY-<modulename>. Additionally, all other Linux distributions prefer something similar in the form of pythonX.Y-<modulename>. This ensures we have those names so that distribution dependency generation works as expected. * Thu Jul 04 2024 Marcus Schäfer <[email protected]> - Add support for arch selector on volumes The optional <volume ... arch=""/> attribute allows to create the volume only if it matches the specified host architecture. Multiple architecture names can be specified as comma separated list. * Wed Jun 26 2024 Marcus Schäfer <[email protected]> - Add rd.kiwi.oem.force_resize boot option Forces the disk resize process on an OEM disk image. If set, no sanity check for unpartitioned/free space is performed and also an eventually configured <oem-resize-once> configuration from the image description will not be taken into account. This Fixes bsc#1224389 * Tue Jun 25 2024 Marcus Schäfer <[email protected]> - Fixed leap integration tests For whatever reason procps is not longer pulled in by the core dependencies. Thus we have to explicitly request it * Thu Jun 20 2024 Marcus Schäfer <[email protected]> - Fix potential race condition in loop detach The call to 'losetup -d' is in fact an async operation. Once the command returns the loop can still be associated with the former file because it gets lazy unbound and releases later. Prior re-use of the same loop device it is therefore required to wait until the kernel event queue is processed. * Wed Jun 19 2024 Marcus Schäfer <[email protected]> - Fixed repository include to image with dnf When specifying a repository element with imageinclude="true", kiwi permanently adds the repo file inside of the image. The distribution standard path is used to store the repo file in this case. With dnf a package manager exists that is primarily used on Fedora and RHEL systems. Thus the standard path for the repo files is set to "/etc/yum.repos.d". However, dnf can also be used for other rpm based distributions e.g SUSE. On such a system the default path does not exist or is different because another package manager is the default. This commit makes sure that the expected path is created prior adding any repo files. * Tue Jun 18 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.21 → 10.0.22 * Mon Jun 17 2024 Marcus Schäfer <[email protected]> - Fixed selinux labels for boot files When kiwi calls the bootloader config and installation modules several files gets created as unlabeled_t because the labeling happened earlier. This commit ensures that setfiles gets called after BootLoaderConfig and/or BootLoaderInstall has done its job. This Fixes #2568 * Mon Jun 17 2024 Marcus Schäfer <[email protected]> - Add bash to package requirements If there are script evaluations that does not specify an interpreter, kiwi uses bash for it. The same applies for sub-process invocations using shell pipelines. Thus the bash shell is a required tool for kiwi under certain circumstances. Further details in Issue #2567 * Wed Jun 12 2024 Pavel Zhukov <[email protected]> - test-image-live: add shadow package Fixes: KiwiCommandError: chroot: stderr: /usr/bin/chroot: failed to run command ‘usermod’: No such file or directory * Tue Jun 11 2024 Fabian Vogt <[email protected]> - Fix displaying the image verification failure dialog Kiwi must wait for the previous dialog to finish before showing another one as it's the same systemd service behind it. * Mon Jun 10 2024 Marcus Schäfer <[email protected]> - Allow to customize the path of the isoscan cowfile Added rd.live.cowfile.path option to specify the cowfile at any path below the isoscan-loop-mount. This Fixes #2554 * Mon Jun 10 2024 Marcus Schäfer <[email protected]> - Better error handling on grub vendor dir lookup The strings command is used to lookup the in-efi binary encoded vendor path. However, if the strings or bash command is not availabe on the build host, the command silently failed and moved into the standard (non vendored) EFI boot path. This can lead to a broken boot for those distros and image targets which requires a vendor directory and should lead to an error message instead of a successful image build. This Fixes #2565 * Mon Jun 10 2024 Marcus Schäfer <[email protected]> - Fixed profile variable settings for preferences It's allowed to have multiple preferences sections. If those sections provides the same value multiple times, e.g keytable, the last one in the row will win. The setup of the variables in .profile environment file for the preferences elements is not following this rule and used the first section not the last. This commit fixes the profile variables to match the actual setup and Fixes #2560 * Thu Jun 06 2024 Dmitri Popov <[email protected]> - Revise users.rst * Thu Jun 06 2024 Dmitri Popov <[email protected]> - REvise systemdeps.rst * Thu Jun 06 2024 Dmitri Popov <[email protected]> - Revise shell_scripts.rst * Thu Jun 06 2024 Marcus Schäfer <[email protected]> - Add initrd boot option rd.kiwi.allow_plymouth By default kiwi stops plymouth if present and active in the initrd. Setting rd.kiwi.allow_plymouth will keep plymouth active in the initrd including all effects that might have to the available consoles. This is related to bsc#1214824 * Thu Jun 06 2024 Marcus Schäfer <[email protected]> - Drop use of obsolete tool isconsole isconsole was provided with the dropped kiwi-tools package. It was a simple C application that checked the capabilities of the current console. In the context of fbiterm it was just used to provide proper error messages which fbiterm on its own did not show. As also fbiterm is on its way to become obsolete and isconsole is already no longer present, it's ok to just drop that extra check and therefore keep the fbiterm mode functional if one manages to include fbiterm and its fonts into the initrd * Tue Jun 04 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.20 → 10.0.21 * Mon Jun 03 2024 Marcus Schäfer <[email protected]> - Add missing write_meta_data method to BLS base The standard bootloader interface class provided a method named write_meta_data which is expected to be implemented in the specialized bootloader implementation. For BLS bootloaders this method was missing in the BLS base class. write_meta_data can provide additional cmdline options for booting. If not covered some boot options might be missing. This patch fixes it * Mon Jun 03 2024 Marcus Schäfer <[email protected]> - Fix TW integration test to build outside OBS * Mon Jun 03 2024 Marcus Schäfer <[email protected]> - Make sure BootLoaderConfig fixes are effective The BootLoaderConfigGrub2 class has methods to fix the grub-mkconfig generated files. It does that by mounting the system and changing the respective files after the mkconfig call. However, after the change the class instance stays open in combination with BootLoaderInstallGrub2 instance which itself under certain circumstances also mounts the system to call grub-install. At the time grub-install is called it cannot be guaranteed that all changes has been written unless an explicit umount in the BootLoaderConfigGrub2 class instance happened. This commit address the potential race condition. * Mon Jun 03 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.19 → 10.0.20 * Mon Jun 03 2024 Marcus Schäfer <[email protected]> - Update rawhide integration test Use new arch attribute for testing in the repository element of the rawhide/test-image-live-disk integration test. * Sat Jun 01 2024 Marcus Schäfer <[email protected]> - Add support for arch attr in repository element Allow to provide different repository sections per architecture * Fri May 31 2024 Marcus Schäfer <[email protected]> - Add --list-profiles to image info Allow to list available profiles from the processed image description * Thu May 30 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.18 → 10.0.19 * Wed May 29 2024 Neal Gompa <[email protected]> - package: Always include patches and number all sources and patches This ensures that stuff is applied reliably and all sources and patches are included as expected. Then the added kiwi-revert-bls-default-for-suse.patch is applied conditionally for SUSE distributions. * Wed May 29 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.17 → 10.0.18 * Wed May 29 2024 Alberto Planas <[email protected]> - package: adjust openSUSE patch * Wed May 29 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.16 → 10.0.17 * Wed May 29 2024 Marcus Schäfer <[email protected]> - Fixed box plugin documentation The provided example was no longer correct according to changes on the image description referenced in the example * Fri May 17 2024 Marcus Schäfer <[email protected]> - Add procps to Tumbleweed integration tests * Thu May 16 2024 Marcus Schäfer <[email protected]> - Add procps to Tumbleweed integration tests * Sun May 12 2024 Marcus Schäfer <[email protected]> - Fix sdist upstream tarball contents The .virtualenv.dev-requirements.txt file is referenced by tox.ini but not put into the sdist tarball and therefore missing in the pypi upstream data. * Fri May 10 2024 Marcus Schäfer <[email protected]> - Drop use of obsolete pkg_resources As documented in https://setuptools.pypa.io/en/latest/pkg_resources.html the use of pkg_resources is obsolete and will cause issues. So happened on Debian unstable. This Fixes #2548 * Thu May 09 2024 Adam Williamson <[email protected]> - RepositoryDnf5: correct defaults, set system_cachedir The "defaults" in `use_default_location` here are the dnf4 defaults, not the dnf5 defaults, so let's update them. Also, for dnf5, we need to set `system_cachedir` instead of `cachedir` - see https://dnf5.readthedocs.io/en/latest/misc/caching.7.html , `system_cachedir` is the cache location used when running as root, `cachedir` is the cache location used when running as a regular user. Signed-off-by: Adam Williamson <[email protected]> * Wed May 08 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.15 → 10.0.16 * Wed May 08 2024 Marcus Schäfer <[email protected]> - poetry build doesn't like symlinks The sdist tarball produced by poetry build does not include all files and skipped symlinks in test/data. This caused the unit test run to fail if called from within that sources * Wed May 08 2024 Marcus Schäfer <[email protected]> - Fix spec file Require docopt-ng for Fedora 41+ * Tue May 07 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.14 → 10.0.15 * Tue May 07 2024 Dmitri Popov <[email protected]> - REview runtime_configuration.rst * Tue May 07 2024 Dmitri Popov <[email protected]> - Review repository_setup.rst * Thu May 02 2024 Marcus Schäfer <[email protected]> - Add support for stopsignal in containerconfig Allow to specify the stopsignal via the containerconfig element as the following example shows <type image="docker"> <containerconfig ...> <stopsignal>SIGINT</stopsignal> </containerconfig> </type> This Fixes #2543 * Thu May 02 2024 Steffen Winterfeldt <[email protected]> - Fix set_disk_password to be effective Since commit 8aa517eb7 it is necessary to call _mount_device_and_volumes() prior making any modifications to boot files. In addition handle potential errors from the grub.cfg modification better. * Thu May 02 2024 Marcus Schäfer <[email protected]> - Update Makefile Make sure custom patches are part of the package sources * Thu May 02 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.13 → 10.0.14 * Thu May 02 2024 Neal Gompa <[email protected]> - doc: Document the bls option for the grub bootloader * Wed May 01 2024 Neal Gompa <[email protected]> - Temporarily revert grub-bls default to false for SUSE distributions For the time being, SUSE distributions cannot handle KIWI's default to use BLS with GRUB2. Until they catch up, revert this for them only. * Wed May 01 2024 Neal Gompa <[email protected]> - kiwi/bootloader: restore backward compatibility for grub2 with bls The change to introduce the bls parameter broke backward compatibility with all existing kiwi descriptions for distributions that default to BLS. This fixes that by allowing the unset state to be equivalent to enabling it. Fixes: 8a8190098cb30358459ba10a4db1ba6446eee8c2 * Tue Apr 30 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.12 → 10.0.13 * Mon Apr 29 2024 Marcus Schäfer <[email protected]> - Overwrite compression setting only if randomized When building an encrypted image, the bundler never compressed the result. This overwrite from the runtime configuration and the default compression setting actually only makes sense when the image is randomized because only then a compression is for sure useless. This Fixes #2540 * Mon Apr 29 2024 Marcus Schäfer <[email protected]> - Make sure lsblk output is sorted by dev name lsblk without the sorting option can provide the list of devices in different order. This patch makes sure lsblk sorts the output by the device name. This Fixes bsc#1223374 * Fri Apr 26 2024 Romain Geissler <[email protected]> - Stop leaking plugins/{priorities,versionlock}.conf file with dnf4/5. This fixes the fedora issue https://bugzilla.redhat.com/show_bug.cgi?id=2270364 Signed-off-by: Romain Geissler <[email protected]> * Fri Apr 26 2024 Marcus Schäfer <[email protected]> - Fix luks_randomize setting Make sure the value passed for luks_randomize in the description becomes effective. It was not possible to switch off luks_randomize because any "not" value was turned into a true value. The actual default should therefore only apply in case luks_randomize is not specified at all which means only a None value will turn into a true value for this setting. * Fri Apr 26 2024 Adam Williamson <[email protected]> - Fix package removal with dnf5 dnf5 does not implement `dnf autoremove <package>` as a synonym for `--setopt=clean_requirements_on_remove=true remove <package>` as dnf4 did. So, we should do it this way instead. Signed-off-by: Adam Williamson <[email protected]> * Thu Apr 25 2024 Alberto Planas <[email protected]> - Add 'bls' parameter for the bootloader * Sat Apr 20 2024 Iván Chavero <[email protected]> - Fix efifatimagesize attribute type The efifatimagesize attribute type value is set to "oem" but the documentation says that it is intended to be also used for creating ISO images. This causes a schema error when this attribute is set on a profile with type "iso" and blocks changing the EFI boot image size which is a problem if the image is bigger than 20M. This commit allows to specify the attribute also for the "iso" type * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Add missing tool requires Latest changes on the bundler used sed and file which were not required by the spec. This is related to bsc#1221790 * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Add vmdk format to test-image-bundle-format Allow to check if the bundle format rename is applied in the new bundle reference checker code * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Fix file references in kiwi bundler result files When using a custom bundle_format the kiwi result bundler renames the output files to match the bundle_format. However, if there are output files that references other output files, for example the vmware binary (.vmdk) in the guest config file (.vmx) then this renaming breaks those result files. This patch adds a reference file check for all non binary output files if they contain a reference to another output file and updates the data accordingly. This Fixes bsc#1221790 * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Don't compress vmdk images Like with qcow2 it's not expected that the format type gets compressed in the bundle * Fri Apr 19 2024 Alberto Planas <[email protected]> - kiwi.rnc: define bls parameter for bootloader * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Keep runtime_checker_metadata.yml as module file It was a bad idea to install a mandatory source file outside the module path. This prevents running kiwi from source * Fri Apr 19 2024 Marcus Schäfer <[email protected]> - Fixed Arch build Forgot to add install of runtime_checker_metadata.yml * Thu Apr 18 2024 Marcus Schäfer <[email protected]> - Update tumbleweed/test-image-disk integration test * Thu Apr 18 2024 Marcus Schäfer <[email protected]> - Handle XSLT errors better Make sure etree.XSLTApplyError is a known error in the kiwi scope and raise an appropriate exception * Wed Apr 17 2024 Dmitri Popov <[email protected]> - Revise profiles.rst * Wed Apr 17 2024 Dmitri Popov <[email protected]> - Revise packages.rst * Wed Apr 17 2024 Dmitri Popov <[email protected]> - Revise customize_the_boot_process.rst * Wed Apr 17 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.11 → 10.0.12 * Mon Apr 15 2024 Marcus Schäfer <[email protected]> - Drop concept of volumes_mounted_initially The volume mount should be the same process no matter if it happens for the first time or subsequently * Mon Apr 15 2024 Marcus Schäfer <[email protected]> - Fixed mountpoint to use for read-only property Make sure get_mountpoint() is used to retrieve the correct mountpoint for the root entry point. Using the self.mountpoint member is not always correct * Mon Apr 15 2024 Marcus Schäfer <[email protected]> - Prevent extra volume mount/umount on btrfs For setting up the read-only property an extra mount of the btrfs sub-volumes was issued. However, all volumes are mounted at that time. Thus it's not required to mount them again, resulting in a busy state because of the auto-snapshot mounts which does not get umounted and keeps a busy state until the lazy umount kicks in. This Fixes #2529 * Fri Apr 12 2024 Marcus Schäfer <[email protected]> - Added IBM Secure Execution support on s390 IBM SEL(Secure Execution for Linux) is supported for s390 KVM guests. SEL images used to start a confidential computing protected guest contain an encrypted boot image which encapsulates the kernel the initrd and the bootparams. The encrypted Image is provided by the KVM/hypervisor to the Embedded zFirmware of the system (the ultravisor device). The decryption keys are hardware based and each system has an individual keypool unique to that system. The root filesystem is LUKS encrypted with a random key produced by kiwi at build time and kept inside of the initrd which exists only inside of the encrypted boot image and the encrypted rootfs to allow kernel updates. The commit to support secure execution also comes with an integration test that provides profiled image builds to target SUSE's LinuxONE as well as IBM Cloud systems. * Tue Apr 09 2024 Marcus Schäfer <[email protected]> - Fix typo in documentation main page Superfluous format sequence * Mon Apr 08 2024 Marcus Schäfer <[email protected]> - Added another search path for signed EFI binaries Add /usr/lib/grub/*-efi-signed to search for shim signed EFI binaries too. This Fixes #2525 * Mon Apr 08 2024 Marcus Schäfer <[email protected]> - Fixed runtime checks for dracut module packages Unfortunately the packaging of kiwi on Debian follows different naming conventions for dracut module packages which causes the runtime check to fail. This commit allows to check for multiple package names and adds the variants used on Debian. This Fixes #2524 * Thu Apr 04 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.10 → 10.0.11 * Wed Apr 03 2024 Marcus Schäfer <[email protected]> - Add schema upgrade opportunity for old schemas kiwi files using a schema version < 7.4 are no longer supported by kiwi >= v10.x.x. Thus this commit provides the required XSL stylesheets to upgrade older schemas to v74 such that they can be consumed by the latest kiwi version. The needed xsltproc instruction is placed on the main page of the documentation. * Wed Apr 03 2024 Marcus Schäfer <[email protected]> - Delete kiwi compat mode The compat mode allowed a kiwi v7 legacy argument translation and is obsolete since a long time * Wed Apr 03 2024 Marcus Schäfer <[email protected]> - Make excludes in bootstrap effective for dnf Followup fix to really use the ignore information in the dnf package manager implementation. This Fixes #2499 * Thu Mar 28 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.9 → 10.0.10 * Wed Mar 27 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.8 → 10.0.9 * Wed Mar 27 2024 Marcus Schäfer <[email protected]> - Fix setup of discoverable partitions Make sure GUI is unique and typecode is set according to the standard. This Fixes #2517 * Tue Mar 26 2024 Dmitri Popov <[email protected]> - Revise customize_boot * Mon Mar 25 2024 Marcus Schäfer <[email protected]> - Live ISO Wait for udev events after repart Make sure to wait for the event queue to become empty after the creation of the write partition. When kiwi calls the code to create the write partition this emits new udev events. It's important to wait for the event queue to become empty to avoid a potential regression on the use of the device nodes. In the processing of the events it can happen that a device gets removed and re-added. If we don't want for udev to process the entire queue it can happen that the wrong block device is used. This wrong selection is only possible because the way how hybrid ISOs are designed exposes both, the disk and the partition for the root device with the same label. This Fixes bsc#1213595 * Sat Mar 23 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.7 → 10.0.8 * Fri Mar 22 2024 Marcus Schäfer <[email protected]> - Fix zipl setup for use with custom btrfs root vol In the setup case that btrfs is used for the system and the root partition is on a custom named volume (not /), this information was not passed to the zipl bootloader instance and this caused the mounting of the overall root system to fail. This commit fixes it * Fri Mar 22 2024 Marcus Schäfer <[email protected]> - Allow ignore stanza in bootstrap So far the <ignore> stanza was only effective when placed as part of the type="image" packages section. This commit allows to place it also to the type="bootstrap" packages. This Fixes #2499 * Wed Mar 20 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.6 → 10.0.7 * Tue Mar 19 2024 Marcus Schäfer <[email protected]> - Add support for %v in bundle format Allow a placeholder for the entire version text as provided by the <version> section * Tue Mar 19 2024 Marcus Schäfer <[email protected]> - Allow bundle format to be set on the commandline The bundle format is usually specified as part of the image description in the bundle_format attribute. This commit also allows to specify/overwrite the bundle format in the kiwi result bundle command via the new --bundle-format option. This Fixes #2509 * Tue Mar 19 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.5 → 10.0.6 * Mon Mar 18 2024 Marcus Schäfer <[email protected]> - Fixup cleanup of zipl templates Make sure temporary modifications to the zipl template and config file are not effective in the later system. This Fixes bsc#1221469 * Thu Mar 14 2024 Dmitri Popov <[email protected]> - Revise system_update.rst * Thu Mar 14 2024 Dmitri Popov <[email protected]> - Revise system_prepare.rst * Wed Mar 13 2024 Dmitri Popov <[email protected]> - Revise system_create.rst * Wed Mar 13 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.4 → 10.0.5 * Wed Mar 13 2024 Marcus Schäfer <[email protected]> - Followup fix for use of /boot/zipl The mounting of /boot/zipl is also only required if the bootloader is set to grub2_s390x_emu * Wed Mar 13 2024 Marcus Schäfer <[email protected]> - Update schema version in spec file * Tue Mar 12 2024 Marcus Schäfer <[email protected]> - Drop rpm-dir from allowed repository type Using an arbitrary list of rpm packages as repository is a zypper only feature, barely tested and from our pov not really needed as a simple createrepo call turns any custom list of packages into a clean rpm-md repo including metadata. This commit drops rpm-dir from the list of allowed repository types and auto converts those image descriptions which makes use of it. Please note this does not prevent users from using flat package directories with zypper, because the type argument in the repository section is an optional attribute. In case there is no type specification zypper auto-detects and handles the data as it handles it. This Fixes #1926 * Tue Mar 12 2024 Dmitri Popov <[email protected]> - Revise system_build.rst * Tue Mar 12 2024 Marcus Schäfer <[email protected]> - Fixup use of /boot/zipl Only for the grub2_s390x_emu bootloader setup an optional boot partition setup must be put to /boot/zipl rather than to /boot * Mon Mar 11 2024 Marcus Schäfer <[email protected]> - Lookup distro provided BLS entries for zipl Check if there is already an entry file name produced by the distribution logic/policy. If we can find an already present entry name, prefer this name over the kiwi naming policy * Mon Mar 11 2024 Marcus Schäfer <[email protected]> - Install audit in s390 rawhide integration test * Sun Mar 10 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.3 → 10.0.4 * Sat Mar 09 2024 Marcus Schäfer <[email protected]> - Delete invalid EPEL repo from rawhide tests * Fri Mar 08 2024 Marcus Schäfer <[email protected]> - Fix s390 tools and grub requirement On Fedora/RHEL this is named s390utils and there is no grub2 * Fri Mar 08 2024 Marcus Schäfer <[email protected]> - Added rawhide integration test * Fri Mar 08 2024 Dmitri Popov <[email protected]> - Temp commit * Thu Mar 07 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.2 → 10.0.3 * Thu Mar 07 2024 Dmitri Popov <[email protected]> - Revise image_size, kiwi * Thu Mar 07 2024 Neal Gompa <[email protected]> - Ensure we use a compatible docopt-ng version To ensure our trick to switch between docopt and docopt-ng works, we need to have a higher minimum version for docopt-ng where compatibility with the original docopt was restored. * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Fixed delta_root build The support for delta_root allows to build a delta container image from a given base container. Due to the refactoring of the kiwi code base using context managers no explicit deletion of instances happens anymore. This uncovered a weakness of the delta root code at the level of the overlay mount. At the time of the umount there are still active temporary mount handlers which keeps the mountpoint busy. In order to fix this properly also the PackageManager factory is now a context manager and the Repository factory received a cleanup method which is called when the PackageManager goes out of scope. This refactoring also fixes the busy state when building deltas * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.1 → 10.0.2 * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Don't use poetry publish Publishing to pypi is done via pypa/gh-action-pypi-publish and the respective auth token. Calling poetry publish does not work because this is not authorized * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Bump version: 10.0.0 → 10.0.1 * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Drop ci-kiwi-9-compliant.yml Delete this action as it existed in the intermediate state prior the new major version v10.x.x * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Add tzdata to Debian tests * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Fixed sync script for test-image-rpi on Ubuntu * Wed Mar 06 2024 Marcus Schäfer <[email protected]> - Install language-pack-en for Ubuntu arm test * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Install locales-all for Debian tests * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Install language-pack-en for Debian tests * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Fix repo setup for Ubuntu arm test * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Install network stack for Debian test * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Request util-linux explicitly for Ubuntu tests * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Add usr-is-merged to package list for bootstrap * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Install language-pack-en for Ubuntu tests * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Move Ubuntu integration tests to Lunar * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Update test-image-rpi for Ubuntu on arm Do not install kiwi as test application * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Fix repo setup for Debian integration tests Staging repo must be first for higher prio * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Update test-image-docker-derived Don't install kiwi as test application, use something smaller, just vim * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Move Debian build test from Buster to Bookworm Move from Debian 11 to Debian 12 for integration testing * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Move Ubuntu integration tests from Jammy to Mantic Use Ubuntu 23.10 for the integration tests and move away from 22.04 * Tue Mar 05 2024 Neal Gompa <[email protected]> - Switch to Poetry and use pyproject.toml definitions This allows kiwi to be built, developed, tested, and installed through Poetry. This also raises the minimum Python version to 3.9. * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Delete test-image-microdnf microdnf is dead and dnf5 took over * Tue Mar 05 2024 Marcus Schäfer <[email protected]> - Delete test-image-live-disk-v8 CentOS-8 is EOL and dropped from upstream kiwi * Tue Mar 05 2024 Dmitri Popov <[email protected]> - Revise image info * Mon Mar 04 2024 Marcus Schäfer <[email protected]> - Add support for BLS zipl Add support for <bootloader name="zipl" .../> to support BLS based zipl configuration. This Fixes #2481 * Fri Mar 01 2024 Dmitri Popov <[email protected]> - Review Build WSL container * Fri Mar 01 2024 Dmitri Popov <[email protected]> - Revise Build simple disk * Thu Feb 29 2024 Marcus Schäfer <[email protected]> - Update v9 compliance action put the cherry-pick tests into an extra script and provide a skip list of commits for manual checking if needed * Thu Feb 29 2024 Marcus Schäfer <[email protected]> - Fix activation of luks pool in the initrd kiwi called systemd-cryptsetup directly which does not take the settings available in /etc/crypttab into account. This commit changes the activation procedure in a way that the generator created unit file systemd-cryptsetup@... is used This Fixes bsc#1219009 * Thu Feb 29 2024 Marcus Schäfer <[email protected]> - Apply changelog fixes by glob Does not require Makefile changes when maintaining branches * Wed Feb 28 2024 Marcus Schäfer <[email protected]> - Add changelog fix file for commit deb6ca The commit used a wrong e-mail address which should not land in the created changes file for the packaging * Wed Feb 28 2024 Marcus Schäfer <[email protected]> - Set default output console to gfxterm for grub If no console setting is done in the image description for grub the default output console is set to: gfxterm and the default input console is set to: console. This Fixes bsc#1219074 * Wed Feb 28 2024 Marcus Schäfer <[email protected]> - Catch error condition more specific Only a KiwiCommandError is an exception we want to catch and handle, everything else is a bug and should not be masked * Tue Feb 27 2024 Marcus Schäfer <[email protected]> - Add silent flag to CommandCapabilities an instance of CommandCapabilities allows to check for specific options of a command. If the parsing of options has failed a warning message is created by default. Under certain circumstances like the check for the --help option of setfiles, such a warning message can be misleading information in the build log file. Therefore the new silent flag allows to suppress the warning message and the flag is used for the capabilities of the setfiles utility. This Fixes #2350 * Tue Feb 27 2024 Marcus Schäfer <[email protected]> - Fix documentation preferlvm example The custom volumes example shows a faulty XML description. This Fixes #2483 * Tue Feb 27 2024 Marcus Schäfer <[email protected]> - Move SystemPrepare to context manager Change the SystemPrepare class to context manager. All code using SystemPrepare was updated to the following with statement: with SystemPrepare(...) as system_prepare: system_prepare.some_member() This completes the refactoring from finalizers to context managers and Fixes #2412 * Mon Feb 26 2024 Marcus Schäfer <[email protected]> - Fallback to built-in partition UUID table If systemd-id128 is not found or failed use the kiwi built-in table as defined by the UAPI group to assign the partition UUID * Mon Feb 26 2024 Marcus Schäfer <[email protected]> - Move DiskFormat to context manager Change the DiskFormat Factory to be a context manager. All code using DiskFormat was updated to the following with statement: with DiskFormat(...).new as disk_format: disk_format.some_member() This is related to Issue #2412 * Sat Feb 24 2024 Marcus Schäfer <[email protected]> - Added requirement for xmltodict to spec Actually the real issue to this defect seems to live in the anymarkup source code. It seems that the import of xmltodict at the beginning of the core module is optional, but later on when handling XML xmltodict seems to be mandatory, see here: https://github.com/bkabrda/anymarkup-core/blob/08896a8215819edcc413e3f2588518046 9a4c2ed/anymarkup_core/__init__.py#L210-L229. Because this issue can result in a "ImportError: Can't parse xml: xmltodict not installed" turning kiwi into a bad exit condition I propose to add this python requirement to the kiwi spec as a workaround and try fixing the anymarkup packaging and module setup upstream in addition. To my knowledge all relevant distributions provides xmltodict * Sat Feb 24 2024 Marcus Schäfer <[email protected]> - Fixed type hint for pinch_system method The PackageManager argument is allowed to be optional * Sat Feb 24 2024 Marcus Schäfer <[email protected]> - Add support for discoverable partitions Set PARTUUID according to systemd-id128 if applicable This Fixes #1385 * Thu Feb 22 2024 Marcus Schäfer <[email protected]> - Move Repository to context manager Change the Repository Factory to be a context manager. All code using Repository was updated to the following with statement: with Repository(...).new as repo: repo.some_member() This is related to Issue #2412 * Thu Feb 22 2024 Dmitri Popov <[email protected]> - Build LiveISO review * Wed Feb 21 2024 Dmitri Popov <[email protected]> - Buil KIS review * Wed Feb 21 2024 Dmitri Popov <[email protected]> - Build expandable disk review * Wed Feb 21 2024 Dmitri Popov <[email protected]> - Build container image review * Wed Feb 21 2024 Marcus Schäfer <[email protected]> - Allow terminal emulation setup from the cmdline Using rd.kiwi.term will export the TERM variable into the initrd environment. In case the default value for the terminal emulation is not appropriate rd.kiwi.term can be used to overwrite the default. The environment is also passed to the systemd unit which calls dialog based programs in kiwi dracut code, such that the TERM setting will be effective there too. For example: rd.kiwi.term=vt100 This is related to bsc#1218095 * Tue Feb 20 2024 Marcus Schäfer <[email protected]> - Fixed implementation for oem-shutdown If specified oem-shutdown caused a reboot -f -p which is a powerdown but not a graceful shutdown. This commit fixes this by using systemctl halt for a clean shutdown. This Fixes #2474 * Mon Feb 19 2024 Marcus Schäfer <[email protected]> - Move VolumeManager to context manager Change the VolumeManager Factory to be a context manager. All code using VolumeManager was updated to the following with statement: with VolumeManager(...).new as volume_manager: volume_manager.some_member() This is related to Issue #2412 * Mon Feb 19 2024 Dan Čermák <[email protected]> - Refactor Command class Command.run() currently has a bit of a confusing behavior: if raise_on_error is False and the executable is not found, then a weird CommandT is returned (return code is -1 and stdout+stderr is None). This makes it possible to hanlde command not found errors separately, but it makes that needlessly verbose. So instead, let's just return None in *this* special case. That in turn uncovered, that in most cases when we set `raise_on_error=True`, we actually want an error if the command is not present but no error if the command fails to execute (e.g. because it returns -1 if you run `$cmd --version`). Hence we introduce the flag `raise_on_command_not_found`, which causes an exception to be raised if the command is not found. This makes it independent of the `raise_on_error` flag. Additionally, we add a small optimization: if command starts with /, then we assume it's a full path and we omit the call to which (and just check whether it exists). Co-authored-by: Marcus Schäfer <[email protected]> * Mon Feb 19 2024 Marcus Schäfer <[email protected]> - Move ImageSystem to context manager Change the ImageSystem class to context manager. All code using ImageSystem was updated to the following with statement: with ImageSystem(...) as image_system: image_system.some_member() This is related to Issue #2412 * Mon Feb 19 2024 Marcus Schäfer <[email protected]> - Allow empty cherry-picks for compliance test If we cherry-pick from main to master the compliance check will notice that a commit already exists. This is not an error and we can allow to continue the picking via --allow-empty * Mon Feb 19 2024 Marcus Schäfer <[email protected]> - Followup fix for .profile.extra Allow to source .profile.extra such that it is possible to read and act on e.g cmdline parameters. This is related to bsc#1218095 * Sun Feb 18 2024 Alexandre Detiste <[email protected]> - Use unittest.mock from core python everywhere mock was an independent module that has been merged into the Python standard library. * Fri Feb 16 2024 David Cassany <[email protected]> - Include partprobe in initrd for s390 This commit includes partprobe, in addition to parted, on s390 based systems. Otherwise partx is used and apparently it does not properly support s390. Fixes bsc#1219798 Signed-off-by: David Cassany <[email protected]> * Fri Feb 16 2024 Marcus Schäfer <[email protected]> - Fixed MicroOS integration test temporarily disable ignition/combustion/growpart and use kiwi's resize code for testing, oem-resize set to true * Thu Feb 15 2024 Marcus Schäfer <[email protected]> - Fixed kis documentation The procedure to run qemu with a filesystem image as disk was not quite correct. * Wed Feb 14 2024 Marcus Schäfer <[email protected]> - Update documentation about partition clones Using the root_clone attribute comes with some requirements and consequences. This commit documents them * Wed Feb 14 2024 Fabian Vogt <[email protected]> - Improve documentation generation With Sphinx >= 6.0.0, jQuery is no longer included but the rtd theme's search functionality needs it. The theme was changed to load sphinxcontrib-jquery automatically with https://github.com/readthedocs/sphinx_rtd_theme/pull/1399, but kiwi broke this fix by loading the theme in the wrong way. Now that the theme is loaded properly, the search functionality also works with newer versions of sphinx again and the version pinning can be lifted. This Fixes: #2462 * Wed Feb 14 2024 Fabian Vogt <[email protected]> - Allow specifying the filesystem for live image, also direct squashfs Allow specifying the filesystem for live image, also direct squashfs By setting <type image="iso" filesystem="FSTYPE" .../> it's now possible to specify the filesystem used for live images. By using "squashfs", the rootfs container is skipped entirely. * Wed Feb 14 2024 Marcus Schäfer <[email protected]> - Add support for reading .profile.extra in initrd If there is the file /.profile.extra available in the initrd, kiwi will import this additional environment file after the import of the standard /.profile file. This is related to bsc#1218095 * Wed Feb 14 2024 Marcus Schäfer <[email protected]> - Don't run ci-kiwi-9-compliant action on forks * Tue Feb 13 2024 Marcus Schäfer <[email protected]> - Fix setup of UUID for btrfs When setting up the UUID for a btrfs filesystem via btrfstune it could happen that the call becomes interactive asking a question and give a recommendation. All this is unwanted and can be forced via the -f switch. This Fixes #2456 * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Move OCI to context manager Change the OCI Factory to be a context manager. All code using OCI was updated to the following with statement: with OCI(...).new as oci: oci.some_member() This is related to Issue #2412 * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Drop destructor from CommandProcess There is code that sends a SIGTERM to the process in case there is no error code information. I believe in this case sending SIGTERM will not kill the process (defunct) and I also don't see in what good condition we would be entering this state. * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Fixed use of custom bootloader In case no bootloader implementation by kiwi should be used, users can specify the bootloader="custom" attribute. Instead of skipping the bootloader stage in the builders it is better to consistently create an instance of bootloader but raise if a method of the bootloader interface is called for which the custom bootloader has no implementation. This commit adds the consistency bits. * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Fixed scope of BootLoaderConfig instance Due to the refactor of BootLoaderConfig into context managers we had two instances of BootLoaderConfig. However, the first instance holds data the second instance needs which caused an issue. This commit makes sure there is one BootLoaderInstance within the lifetime of required services * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Allow integration test to build outside of obs too * Mon Feb 12 2024 Marcus Schäfer <[email protected]> - Follow up fix for drop obsolete C tools from kiwi The spec file make call to build the C code was forgotten to be deleted * Sun Feb 11 2024 Marcus Schäfer <[email protected]> - Drop obsolete C tools from kiwi For building custom initrd images kiwi provided some optional helper tools. All these C written tools are old and outdated and either not useful anymore or replaced by other tools that are part of the distribution matrix we support. Thus with the move to the next major release those can go away. This also include the package kiwi-tools which was used to provide them * Wed Feb 07 2024 Marcus Schäfer <[email protected]> - Update documentation Several examples still pointed to Leap 15.3 repos, but we are at Leap 15.5. Thus this commit shifts towards Leap 15.5 * Mon Feb 05 2024 Marcus Schäfer <[email protected]> - Remove destructor from BootLoaderInstallGrub2 With MountManager as context manager the BootLoaderInstallGrub2 class doesn't need a destructor anymore. This is related to Issue #2412 * Mon Feb 05 2024 Marcus Schäfer <[email protected]> - Remove obsolete destructor from BootImageDracut With MountManager as context manager the BootImageDracut class doesn't need a destructor anymore. This is related to Issue #2412 * Mon Feb 05 2024 Marcus Schäfer <[email protected]> - Move Raid Luks and Integrity to context manager Change the RaidDevice, LuksDevice and IntegrityDevice classes to context manager: with RaidDevice(...) as raid: raid.some_member() with LuksDevice(...) as luks: luks.some_member() with IntegrityDevice(...) as integrity: integrity.some_member() In the context of the disk builder an ExitStack is used to handle the new context manager based classes This is related to Issue #2412 * Fri Feb 02 2024 Marcus Schäfer <[email protected]> - Fix error message regarding ovftool For ova support kiwi still uses the proprietary ovftool from VMware. The error message if the tool could not be found was broken and the link to the VMware page was also outdated. * Fri Feb 02 2024 Marcus Schäfer <[email protected]> - Drop PDF build of the documentation The kiwi.pdf file as provided in the kiwi-man-pages package was never really used by our users but comes with a huge dependency chain to LaTex. We provide the documentation online as well as converted to DocBook from where all other formats could be derived. Thus there is no need for us to produce an extra PDF document which is imho never consulted. In addition to this change also the contributing chapter has been reworked. Due to recent changes and drop of obsolete components from kiwi as well as the effort to move the development setup to poetry, there is only one non python tool needed for the development of kiwi. The check for this tool has been moved into the Makefile and all other checks formerly done in the helper/install_devel_packages script were deleted. * Wed Jan 31 2024 Marcus Schäfer <[email protected]> - Fix crypto LUKS integration test The integration test build also encrypts /boot which requires grub to open the LUKS pool using cryptomount. grub does not support the argonID salted password hashes. Thus the integration test description configures pbkdf2 instead * Wed Jan 31 2024 Marcus Schäfer <[email protected]> - Use ExitStack for MountManagers * Wed Jan 31 2024 Marcus Schäfer <[email protected]> - Only pass appropriate bootloader arguments When constructing a BootLoaderConfig instance only pass arguments appropriate to the selected bootloader. It does not hurt but it is bad style and unnecessary data and code points if e.g grub relevant information is passed when we actually setup systemd-boot * Wed Jan 31 2024 Marcus Schäfer <[email protected]> - Fix reading of os-release file If the /etc/os-release file contains comments or spaces python's csv reader will throw an exception. Thus this data must be ripped out prior reading * Tue Jan 30 2024 Marcus Schäfer <[email protected]> - Allow to use Literal for all python versions * Tue Jan 30 2024 Marcus Schäfer <[email protected]> - Better error message on module import * Tue Jan 30 2024 Marcus Schäfer <[email protected]> - Move Disk to context manager Change the Disk class to be a context manager. All code using Disk was updated to the following with statement: with Disk(...) as disk: disk.some_member() This is related to Issue #2412 * Fri Jan 26 2024 Marcus Schäfer <[email protected]> - Fixed test-image-rpi for TW No need to pull in zypper plugin that does not resolve on TW * Fri Jan 26 2024 Marcus Schäfer <[email protected]> - Update documentation drop documentation for isolinux in API and user docs * Fri Jan 26 2024 Dan Čermák <[email protected]> - Fix invalid escape sequence * Fri Jan 26 2024 Dan Čermák <[email protected]> - Add missing assert call to install_test * Fri Jan 26 2024 Dan Čermák <[email protected]> - Correct type hint of mbrid parameter * Fri Jan 26 2024 Dan Čermák <[email protected]> - Convert BootLoaderConfigBase into an abstract base class * Fri Jan 26 2024 Dan Čermák <[email protected]> - Convert BootLoaderConfig to free function The class serves really no purpose except for creating another namespace. This function now allows us to have more stricter type checking. * Fri Jan 26 2024 Marcus Schäfer <[email protected]> - better function name * Mon Jan 22 2024 Marcus Schäfer <[email protected]> - Drop support for syslinux/isolinux SYSLINUX has been abandoned for several years now, and it does not even work with modern versions of the filesystems supported in kiwi. This commit drops it and Fixes #2433 * Mon Jan 22 2024 Marcus Schäfer <[email protected]> - Update build tests Delete use of syslinux/isolinux * Fri Jan 19 2024 Marcus Schäfer <[email protected]> - Move BootLoaderConfig to context manager Change the BootLoaderConfig class to be a context manager. All code using BootLoaderConfig was updated to the following with statement: with BootLoaderConfig.new(...) as bootloader_config: bootloader_config.some_member() This is related to Issue #2412 * Fri Jan 19 2024 Dan Čermák <[email protected]> - [docs] make copyright year dynamic * Fri Jan 19 2024 Dan Čermák <[email protected]> - Silence Shellcheck warning SC2004 It causes false positives in array expressions, e.g. device_array[${device_index}] (see: https://www.shellcheck.net/wiki/SC2004) * Fri Jan 19 2024 Dan Čermák <[email protected]> - Quote shell variables to prevent word splitting this fixes shellcheck warning SC2086 https://www.shellcheck.net/wiki/SC2086 * Thu Jan 18 2024 Dan Čermák <[email protected]> - Add type hints & doc to VolumeManagerBase & VolumeManagerBtrfs Also add additional tests for test coverage of typing edge cases * Thu Jan 18 2024 Dan Čermák <[email protected]> - Correct invalid escape sequence \/ is not a valid escape sequence, it just needs to be forwarded to the shell * Thu Jan 18 2024 Dan Čermák <[email protected]> - DiskBuilder: use ExitStack to unmount partitions * Thu Jan 18 2024 Dan Čermák <[email protected]> - FileSystemBase & VolumeManagerBase: return a MountManager from sync_data This allows us to unmount the filesystems via the returned context manager * Thu Jan 18 2024 Dan Čermák <[email protected]> - Don't catch all exceptions in MountManager.umount * Thu Jan 18 2024 Dan Čermák <[email protected]> - Implement a context manager interface for MountManager * Wed Jan 17 2024 Marcus Schäfer <[email protected]> - Update Debian distro for integration tests We require python >= 3.9 * Wed Jan 17 2024 Marcus Schäfer <[email protected]> - Refactor disk builder for use with context manager In preparation to further context manager related changes in VolumeManager, LuksDevice, RaidDevice and more the disk builder code which uses these classes needs to be refactored beforehand to allow switching to context manager based cascading of the storage device classes. This commit does the refactoring and is related to Issue #2412 * Tue Jan 16 2024 Marcus Schäfer <[email protected]> - Follow up fix for drop of hybrid boot snippets The following is left over code from the drop of the hybrid boot templates. * Tue Jan 16 2024 Neal Gompa <[email protected]> - Drop hybrid boot snippets from the GRUB 2 configuration template Sometime between GRUB 2.04 and GRUB 2.06, it became no longer necessary to use "linuxefi"+"initrdefi" for UEFI boot. The standard "linux"+"initrd" stanzas work for both legacy BIOS boot and modern UEFI boot. Some distributions no longer support "linuxefi"+"initrdefi" at all anymore, so let's just use "linux"+"initrd" for everything now. * Mon Jan 15 2024 Marcus Schäfer <[email protected]> - Don't create default entry for sd-boot loader.conf * Mon Jan 15 2024 Marcus Schäfer <[email protected]> - Type cleanup, no use of Any type in disk builder Use proper Union declaration for system variable and add consistency layer into Filesystem/VolumeManager classes to meet the type declaration as well as to simplify further refactoring on these classes * Sat Jan 13 2024 Marcus Schäfer <[email protected]> - Compat entry name for kernel-install in sd-boot systemd-boot tools like kernel-install expect a certain entry naming policy. This commit adapts kiwi to adapt to this policy. The name for the default entry is constructed out of the ID information from /etc/os-release followed by the name of the kernel as it is represented by the directory name in /lib/modules/... This Fixes #2417 * Sat Jan 13 2024 Marcus Schäfer <[email protected]> - Drop SLE integration tests The kiwi version for SLE is maintained in the git repos * https://github.com/SUSE/kiwi_sle15 * https://github.com/SUSE/kiwi_sle12 and has its own set of QA integration tests in the internal build service. * Fri Jan 12 2024 Marcus Schäfer <[email protected]> - Apply different cherry-pick strategy cherry picking merge commits is not easily possible. Thus get the list of commits and check if it can be applied in a series * Fri Jan 12 2024 Marcus Schäfer <[email protected]> - Reduce XSL transformation list Minimum schema version to start with is v74 This Fixes #2368 * Fri Jan 12 2024 Marcus Schäfer <[email protected]> - Fixed custom ISO boot template The archlinux integration test used a custom iso boot template which still contained the terminal_setup variable. This commit fixed the template to use the new terminal_input and terminal_output variables * Fri Jan 12 2024 Marcus Schäfer <[email protected]> - Delete clicfs from documentation API * Thu Jan 11 2024 Marcus Schäfer <[email protected]> - Move FileSystem to context manager Change the FileSystem class to be a context manager. All code using FileSystem was updated to the following with statement: with FileSystem.new(...) as filesystem: filesystem.some_member() This is related to Issue #2412 * Thu Jan 11 2024 Marcus Schäfer <[email protected]> - Update unit test data to schema v8.0 * Thu Jan 11 2024 Marcus Schäfer <[email protected]> - Update major schema version from 7.6 -> 8.0 With the switch to schema v8.x we allow for non compatible changes in regards to the v7.x stream. Thus this commit also deletes the support for clicfs from the schema * Thu Jan 11 2024 Marcus Schäfer <[email protected]> - Drop clicfs support clicfs was a fuse userspace implementation of an overlay filesystem. Since overlayfs became the default overlay filesystem there is no reason for kiwi to keep the clicfs support * Wed Jan 10 2024 Dan Čermák <[email protected]> - Use obsrepositories for the CentOS 9 image We were relying on the repos being parsed from the kiwi description but this can cause problems and gives us less flexibility when it comes to fixing repository setup issues. This fixes https://github.com/OSInside/kiwi/issues/2335 * Tue Jan 09 2024 Marcus Schäfer <[email protected]> - Bump version: 9.25.22 → 10.0.0 * Tue Jan 09 2024 Marcus Schäfer <[email protected]> - Move workflow runs to main branch Make sure all github actions runs from main * Tue Jan 09 2024 Marcus Schäfer <[email protected]> - Bump version: 9.25.21 → 9.25.22 * Tue Jan 09 2024 Marcus Schäfer <[email protected]> - Add compliance action Check if the commits of a pull request can be cherry-picked to the master, which is the kiwi v9.x.x code stream. * Tue Jan 09 2024 Marcus Schäfer <[email protected]> - Fixed regression in GRUB_SERIAL_COMMAND setup The condition to write the serial line setup was broken. This commit fixes it. Related to Issue #2419 * Mon Jan 08 2024 Marcus Schäfer <[email protected]> - Fixed grub terminal setup The grub terminal setup is divided into the setting for the output and the input console. For both settings different parameters exists. So far kiwi did not differentiate between the two parts of the console setup and that could lead to a wrong setting if only one value is provided in kiwi's console= attribute which lead to the grub setting, GRUB_TERMINAL=value. If value is set to e.g gfxterm grub takes this for both input and output and it's obviously wrong for the input. To make this less error prune the kiwi code changes with this commit to set GRUB_TERMINAL_INPUT and GRUB_TERMINAL_OUTPUT rather than GRUB_TERMINAL and also runs sanity checks on the provided values if they are applicable. The information for setting up the console in the schema stays untouched though. That's because it's used for all bootloaders and also because grub supports multiple values for the console in/out setting in one GRUB_TERMINAL variable even though kiwi does no longer use it. To make this clear for the users also the documentation for the console attribute setup has been updated. If we want to wish two distinct attributes for input and output console settings a schema change and also differentiation between bootloaders is needed and that I only see for the kiwi-10 branch if at all. This Fixes #2419 * Thu Jan 04 2024 Marcus Schäfer <[email protected]> - Fix tox.ini python 3.12 unit target did not specify a 3.12 interpreter * Thu Jan 04 2024 Marcus Schäfer <[email protected]> - Fix overwrite of kiwi_oemunattended In case rd.kiwi.oem.installdevice is set, there is an overwrite of the kiwi_oemunattended setting. However the variable was set in local scope of a function and therefore the change was not effective in other methods which also evaluates this variable. This commit fixes it such that the overwrite happens in the early initialize method which provides the environment for all code running in the dracut module. This is related to jira#PED-7180 * Sat Dec 30 2023 Marcus Schäfer <[email protected]> - Move LoopDevice class to context manager Change the LoopDevice class to be a context manager. All code using LoopDevice was updated to the following with statement: with LoopDevice(...) as loop_provider: loop_provider.some_member() This is related to Issue #2412 * Fri Dec 29 2023 Neal Gompa <[email protected]> - Ensure setfiles is detected inside the image-root We do not actually use setfiles from the host, we use it from the image root we create for the image build. Thus, we should look in the image root instead of on the host system. This prevents us from incorrectly detecting that setfiles is not available for setting SELinux contexts. Fixes: https://github.com/OSInside/kiwi/issues/2414 Fixes: 2a22901ddd11ae23b6724b5e1aaa4261f219ccb6 * Thu Dec 28 2023 Dan Čermák <[email protected]> - Use xdist on the CI to speed up the test runs * Thu Dec 28 2023 Dan Čermák <[email protected]> - Add unit test job using python 3.12 * Thu Dec 28 2023 Dan Čermák <[email protected]> - Only run the job for this python environment * Thu Dec 28 2023 Dan Čermák <[email protected]> - [ci] Switch runner to ubuntu-latest * Thu Dec 28 2023 Dan Čermák <[email protected]> - Add missing raw string identifier infront of regexes * Tue Dec 26 2023 Jianhua Lu <[email protected]> - Allow target_blocksize to be available for kis image * Sun Dec 17 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.20 → 9.25.21 * Sun Dec 17 2023 Marcus Schäfer <[email protected]> - Cleanup tox targets Align tox targets with github workflows and fix targets not associated with a specific python version to use the python3 version installed on the host * Sun Dec 17 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.19 → 9.25.20 * Sun Dec 17 2023 Marcus Schäfer <[email protected]> - Fixed unit tests for parallel invokation * Fri Dec 15 2023 Marcus Schäfer <[email protected]> - Make sure selinux policy is effectively applied setup_selinux_file_contexts is now called after the config.sh script. This makes sure that eventual policy related changes done in the optional config.sh are covered by a late setfiles call. In addition setup_selinux_file_contexts is called again at the end of any chroot based script hook. So we assume that any optional script target can change the system in a way that a new setfiles call might be required. It can happen that setfiles is called more often than required but as we cannot know what custom scripts does, it's better to call it more often compared to not often enough. This Fixes bsc#1210604 * Thu Dec 14 2023 Marcus Schäfer <[email protected]> - Decrease image size for encrypted integration test Encrypted images do not compress well, therefore the size should be smaller such that we don't produce monsters * Thu Dec 14 2023 Marcus Schäfer <[email protected]> - Use ext4 for rawhide integration test * Thu Dec 14 2023 Marcus Schäfer <[email protected]> - Fixed typo in error message * Wed Dec 13 2023 Neal Gompa <[email protected]> - package: Drop unused xorriso dep on dracut-kiwi-live subpackage We do not actually use xorriso anywhere inside of the dracut module, nor do we pull in any utilities from the xorriso package into the generated initramfs anyway. Fixes: https://github.com/OSInside/kiwi/issues/2404 * Mon Dec 11 2023 Marcus Schäfer <[email protected]> - Set kpartx as default mapper tool for s390 Some time ago we moved the default partition mapper from kpartx to partx to reduce a package dependencies. However, on the s390 architecture partx does not work proplerly on e.g DASD devices. Thus the default mapper tool for this architecture will change to kpartx with this PR * Fri Dec 08 2023 Marcus Schäfer <[email protected]> - Update test-image-MicroOS Incorporate latest changes from upstream MicroOS and also add an encrypted profile build for testing * Wed Dec 06 2023 Marcus Schäfer <[email protected]> - Include either partx or partprobe to dracut The code in the 99kiwi-lib dracut module can either use partprobe or partx to do the job. We prefer partx over partprobe and error out if none of them could be found This Fixes #2400 * Tue Nov 28 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.18 → 9.25.19 * Thu Nov 23 2023 Alexandre Esse <[email protected]> - Fix typo in workflow overview doc section * Wed Nov 22 2023 Marcus Schäfer <[email protected]> - Add missing documentation for oem-unattended-id * Wed Nov 22 2023 Marcus Schäfer <[email protected]> - Allow install disk overwrite from cmdline Add rd.kiwi.oem.installdevice=DEVICE. Configures the disk device that should be used in an OEM installation. This overwrites any other oem device setting, e.g device filter or maxdisk and just continues the installation on the given device. However, the device must exist and must be a block special. This Fixes jira#PED-7180 * Tue Nov 21 2023 Marcus Schäfer <[email protected]> - Update mailmap * Fri Nov 10 2023 Kali <[email protected]> - Replace the regex-based loader entry fix with string parsing (#2388) A user building RHEL images ran into issues with the initrd. It turns out that RHEL uses some patches that mean the initrd/linux files in RHEL are not installed to /boot, which trips up the original regex. The new fix doesn't rely on matching the path in boot, instead just finding the initrd/linux files and rewriting them in place. This change also adds the pre-and-post fix loader entries to the debug logs. Reference: https://bugzilla.suse.com/1208701 Fixes suse bsc#1208701 * Fri Nov 10 2023 Marcus Schäfer <[email protected]> - Fix mbrid setup for read-only systems On filesystems without a UUID (e.g squashfs) the fallback boot id setup should apply if neither UUID nor MBR ID is present. This is a followup fix for Issue #2391 * Thu Nov 09 2023 Marcus Schäfer <[email protected]> - Fixed test-image-disk-legacy test description The configured embedded ESP image size is too big, max 30MB are possible as El Torito boot load size * Thu Nov 09 2023 Marcus Schäfer <[email protected]> - Don't make toml a requirement * Wed Nov 08 2023 Marcus Schäfer <[email protected]> - Fixed grub mbrid file search To identify the root device for ISO images (live and install media) that boots via grub2, kiwi uses a grub2 --file search. The searched file was named /boot/mbrid, however this is not a unique name and could be found on other devices of the system as well. To connect the search to the correct media this commit changes the search to an ID based method which is unique to the image build process. This Fixes #2389 * Wed Nov 08 2023 Marcus Schäfer <[email protected]> - Don't use kernel-install kernel-install does a lot more then making the kernel available to the ESP. It calls dracut, it creates loader entries and all that is unexpected and also breaks the boot because the way dracut is called in the image build case where host != target leads to broken results. This commit refactors the systemd-boot support in kiwi to prevent the use of kernel-install * Wed Nov 08 2023 Marcus Schäfer <[email protected]> - Add check_efi_fat_image_has_correct_size Add runtime check for to check that the efifatimagesize does not exceed the max El Torito load size * Tue Nov 07 2023 Marcus Schäfer <[email protected]> - Add support for ISO boot via systemd-boot Create proper EFI FAT image via bootctl to be used as alt loader in xorriso. This allows to boot the ISO via EFI e.g kvm -bios /usr/share/qemu/ovmf-x86_64.bin -cdrom file.iso Please note, hybrid boot is done via grub's hybrid MBR and as systemd-boot does not provide one, hybrid boot is out of scope yet. This Fixes #2281 * Sun Nov 05 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.17 → 9.25.18 * Wed Nov 01 2023 Marcus Schäfer <[email protected]> - Add partx to module-setup of kiwi-lib too * Fri Oct 27 2023 Marcus Schäfer <[email protected]> - Change partprobe fallback to partx Informing the kernel about a new partition geometry can be done in a busy state and is also effective for new devices and new mounts based on the new geometry. busy state mounts of course will not see it until swap of the busy state but a complete refuse of operation like it happens with blockdev is imho not required. Just as partprobe, partx is less restrictive on the busy state. That's why this commit changes the partprobe fallback to use partx instead of blockdev * Thu Oct 26 2023 Marcus Schäfer <[email protected]> - Create live persistent storage without busy state With the former logic the live ISO was already mounted when an eventual persistent storage partition was created. This leads to an issue on re-reading the partition table, not for all but several tools. This commit changes the order of tasks such that the setup of the persistent write storage is performed prior mounting the live ISO. In addition to this change an alternative method using blockdev to re-read the partition was added in case partprobe is not present. This also allows to get rid of the parted dependency which provides partprobe * Tue Oct 17 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.16 → 9.25.17 * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Fixed argument processing of config.bootoptions Instead of adding an extra space to make the subsequent reading to work, use an awk script that does it without nasty workarounds * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Allow test-image-disk-ramdisk to be build locally * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.15 → 9.25.16 * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Fixed doc search field The search in the documentation is broken with the rtd schema and latest sphinx. Stick with sphinx 5.0.0 for the moment which fixes the issue * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.14 → 9.25.15 * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Make codacy happy * Mon Oct 16 2023 Marcus Schäfer <[email protected]> - Support release version in signkey URLs Using one of the $releasever/${releasever} variable placeholders in an URL as part of a <signing key="..."/> element did not replace the placeholder with the value of the <release-version> element. This commit fixes this and also makes sure that the result list for downloading signing keys is unique. This Fixes #2381 * Sun Oct 08 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.13 → 9.25.14 * Sun Oct 08 2023 Marcus Schäfer <[email protected]> - Update pypi release to trusted workflow * Fri Sep 22 2023 Marcus Schäfer <[email protected]> - Added unit test for testing grub prefix Cover the condition if an extra boot partition is used * Wed Sep 13 2023 Marcus Schäfer <[email protected]> - Support TOML markup Allow to use TOML markup for the kiwi image description This Fixes #2372 * Wed Sep 13 2023 Marcus Schäfer <[email protected]> - Fix documentation for btrfs_set_default_volume The behavior documentation regarding the fstab entry when using the btrfs_set_default_volume attribute was wrong. This commit fixes the docs to match the code. Related to Issue #2366 * Wed Sep 13 2023 Radoslav Kolev <[email protected]> - Fix typo in 'image results' doc section * Wed Sep 13 2023 Marcus Schäfer <[email protected]> - Fixed root entry in fstab for btrfs layout A root (/) entry in fstab for btrfs is only required if no default volume is configured. This commit adapts the code path which adds an fstab entry for (/) to be effective only if btrfs_set_default_volume is set to false. Additionally, the documentation around btrfs_set_default_volume was clarified to describe the behavior the switch triggers. This Fixes #2366 * Wed Sep 13 2023 David Cassany Viladomat <[email protected]> - Remove community repository from Arch images Community repository is no longer needed for the test image. OBS does not pull any package from this repository and in Arch linux there is not the concept of empty repositories, so the build fails in an OBS context if this repository is included within the build stack. Signed-off-by: David Cassany <[email protected]> * Thu Sep 07 2023 Leif Liddy <[email protected]> - use / prefix when boot partition is used * Fri Sep 01 2023 Leif Liddy <[email protected]> - use os.path.join to create path os.path.join to create the path for the early_boot.write functions this will prevent paths from containing double slashes // * Thu Aug 31 2023 Neal Gompa <[email protected]> - PKGBUILD: Drop unused Python dependencies We haven't used some of these dependencies in years... * Sat Aug 26 2023 Leif Liddy <[email protected]> - add info on none console type * Fri Aug 25 2023 Leif Liddy <[email protected]> - allow value of GRUB_TERMINAL to be empty allow value of GRUB_TERMINAL to be empty. When setting grub_console="none" this now leads to an empty setting of GRUB_TERMINAL in the /etc/default/grub system configuration file. This Fixes #2261 * Thu Aug 24 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.12 → 9.25.13 * Tue Aug 22 2023 Marcus Schäfer <[email protected]> - Fixed mounting of subvolumes for data sync The subvolumes must be mounted below the root of the filesystem tree such that the sync mechanism correctly shuffles the data to the correct volumes. This Fixes #2356 * Tue Aug 22 2023 Joerg Vehlow <[email protected]> - Make verity metadata always readonly If a partition is verity protected, it can never be writable, since verity is by-definition read-only. * Tue Aug 15 2023 Evan Goode <[email protected]> - Require DNF 5 in Fedora >= 41, not Fedora > 38 The switch to DNF 5 has been postponed to (likely) Fedora 41. * Tue Aug 15 2023 Marcus Schäfer <[email protected]> - Add kiwi_live_volid variable to profile As part of the profile environment only the kiwi_install_volid variable existed with the default value 'INSTALL'. This information is correct when building an oem image with installiso set to true. The resulting .install.iso image has the configured volid or the mentioned default 'INSTALL'. However, when building a live ISO image the default volid value is set to 'CDROM' but the profile environment contains kiwi_install_volid which is misleading and in case no volid is provided in the configuration file, the default value would also be a wrong information. This commit cleans up the mess and provides kiwi_install_volid for install ISO media and kiwi_live_volid for Live ISO media with their respective default values * Tue Aug 15 2023 Tom Schraitle <[email protected]> - Add some hints about KIWI extensions and dependencies for SLE (#2348) SUSE Linux Enterprise Server (SLES) has KIWI as a package. However, some KIWI plugins and their dependencies can be unavailable. This commit introduces a new section which deals with this aspect. Fixes bsc#1209302 * Fri Aug 11 2023 Marcus Schäfer <[email protected]> - Package lockdev no longer exists on TW Update TW based integration tests and delete the install of the lockdev package * Thu Aug 10 2023 Tom Schraitle <[email protected]> - Update GitHub Actions "actions/*" part Update to the latest versions: * actions/checkout@v3 * action/setup-python@v4 * action/cache@v3 * Wed Aug 09 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.11 → 9.25.12 * Wed Aug 09 2023 Marcus Schäfer <[email protected]> - Fix double grub entries in hybrid ISO images As consequence of using the "source" grub command instead of the "configfile" command to load the grub config we now see double loading of the same file on ISO media. The reason here is that kiwi ISO media is always hybrid which means it embeds an MBR into the ISO for which the "source" command now can read the same file through two different device paths. This does not happen with the "configfile" grub command. Thus this patch uses "configfile" if we produce an ISO image and "source" for all other image types. The commit also fixes the custom grub template used for ISO images in a way that we only set the "serial" command if there is a serial configuration provided along with the image description. * Thu Aug 03 2023 Marcus Schäfer <[email protected]> - Update x86/tumbleweed/test-image-systemd-boot systemd package has been splitted and provides systemd-boot in an extra package now * Thu Aug 03 2023 Marcus Schäfer <[email protected]> - Limit scope of grub _fix method Only apply _fix_grub_to_support_dynamic_efi_and_bios_boot for the x86_64 or ix86 architectures. This Fixes #2343 * Tue Aug 01 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.10 → 9.25.11 * Tue Aug 01 2023 Leif Liddy <[email protected]> - remove trailing whitespace * Tue Aug 01 2023 Dan Čermák <[email protected]> - rpm spec: add missing requires of typing_extensions for python < 3.8 * Tue Aug 01 2023 Dan Čermák <[email protected]> - rpm spec: bump copyright year * Tue Aug 01 2023 Marcus Schäfer <[email protected]> - Fixed linter errors Latest changes regarding type hints introduced linter errors. Also adapt the workflow run which is expected to detect them * Tue Aug 01 2023 Leif Liddy <[email protected]> - add GRUB_TIMEOUT_STYLE menu option revert trailing space removal * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.9 → 9.25.10 * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Fixed python interpreter for Release target * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.8 → 9.25.9 * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Fixed workflow interpreter name Specifying py 3.10 has to be quoted * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.7 → 9.25.8 * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Fixed doc publishing The github action to do this was still based on py3.6 but the latest changes on tox.ini requires a newer version of tox which doesn't exist for py3.6. Thus run the workflow on a newer python version * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.6 → 9.25.7 * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Fix linter check, whitespace after : * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.5 → 9.25.6 * Mon Jul 31 2023 Marcus Schäfer <[email protected]> - Pass rootflags if no default volume is set In case of btrfs and if btrfs_set_default_volume is explicitly switched off, we create the correct rootflags= kernel cmdline entry to tell the system about the root volume for booting * Thu Jul 27 2023 slowpeek <[email protected]> - Use 'source' instead of 'configfile' in generated grub.cfg Details are outlined in issue #2320 * Thu Jul 27 2023 Marcus Schäfer <[email protected]> - Make sure btrfs root volume is used when needed With the possibility to switch off setting the default volume an issue at other parts in the kiwi code which mounted the btrfs based system were uncovered. Without any default volume set it's required to transport the root volume if different from / and pass the respective subvol= option to the mount. This commit fixes it at the places where kiwi trusted btrfs to have a correct default volume set * Thu Jul 27 2023 Marcus Schäfer <[email protected]> - update Fedora integration test The setting of a default volume is unwanted here * Thu Jul 27 2023 Marcus Schäfer <[email protected]> - add btrfs_set_default_volume attribute By default kiwi runs btrfs set-default on the volume that is considered the default volume according to the btrfs settings and defaults. btrfs_set_default_volume="false" allows to deactivate this action. Along with the change also the misleading name of the btrfs_create_toplevel_subvolume has been changed to root_is_subvolume * Tue Jul 25 2023 Marcus Schäfer <[email protected]> - Fixed check for extended attributes Only if libc reports errno 95 Operation not supported the method should return that extended attributes are not supported. Also add a debug information about the result of the call to get further information in the log file * Tue Jul 25 2023 Marcus Schäfer <[email protected]> - Fixed call of tox for xdist Passing arguments to modules called by tox has changed its syntax * Tue Jul 25 2023 Marcus Schäfer <[email protected]> - Take subvol mount option for root into account If the rootfs is btrfs based make sure the fstab entry for it takes the name of the root subvolume into account * Tue Jul 25 2023 Marcus Schäfer <[email protected]> - Fix fallback secure boot setup Don't copy the same file. This case happens when rebuilding an image using --allow-existing-root when the fallback setup has done its job already in the first run * Mon Jul 24 2023 Dan Čermák <[email protected]> - Fix type hints of IsoToolXorrIso.init_iso_creation_parameters * Mon Jul 24 2023 Dan Čermák <[email protected]> - xorriso: handle case when isohdpfx.bin not found * Mon Jul 24 2023 Dan Čermák <[email protected]> - Fix type hints for the Pacman package manager * Mon Jul 24 2023 Dan Čermák <[email protected]> - Type hint the Path module * Mon Jul 24 2023 Dan Čermák <[email protected]> - Add better type hints to ContainerImageOCI and ContainerImageAppx * Mon Jul 24 2023 Dan Čermák <[email protected]> - Add ContainerImageBase abstract base class for OCI & Appx * Mon Jul 24 2023 Dan Čermák <[email protected]> - Add type hints to the Compress module * Mon Jul 24 2023 Dan Čermák <[email protected]> - Import modules in OCI.new() explicitly Also, add a type hint to the return type of OCI.new() so that this can now be verified with mypy * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Update contributing chapter Fix and update the information how to contribute. Due to the latest changes in tox.ini some requirements regarding the tox and python versions came up. This commit updates the docs in this regard * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Added py3.11 tox target * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Fixed writing correct keyfile path to etc/crypttab The keyfile path was not correctly set in etc/crypttab which caused systemd not being able to read the keyfile, consequently asking for a passphrase. This commit fixes the writing of the crypttab and also fixes a python name clash with the "os" namespace. * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Cleanup condition for SECURE_BOOT=yes|no The statement serves the purpose for an if/else construction to become a better read. In addition delete the probably left-over print statement from the test * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Delete pyxattr from setup.py Followup on Issue #2330. Forgot to delete pyxattr requirement from setup.py * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Add volid to profile for all ISO based image types Add provided volume id (or the default value) to the profile environment file for all ISO based image types. So far this was only done for installation ISO media but not for simple live ISO images. * Mon Jul 24 2023 Marcus Schäfer <[email protected]> - Fixed mail address in spec file * Thu Jul 20 2023 Marcus Schäfer <[email protected]> - Delete (py)xattr module requirement The required functionality is provided by the core os library * Thu Jul 20 2023 Paul Gardiner <[email protected]> - Fix failure when booting KIS via NBD In the NBD booting case, the function initGlobalDevices in kiwi-overlay-root.sh runs the command ndb-client to connect the remote NBD share to the device /dev/nbd0. The script parse-kiwi-overlay.sh, on the other hand, incorrectly parses overlay:nbd=ip:export to /dev/ip/export, leading to the system waiting for /dev/ip/export to appear. This commit corrects the problem. With this change NDB booting of KIS images now succeeds, although only if the ndb package is added to the appliance description. * Wed Jul 19 2023 Marcus Schäfer <[email protected]> - Use bootpartition for Fedora integration test When using btrfs with the proposed layout for testing the delivered grub bios module for the Fedora system used to build the integration test (FC37) is not capable to find the grub config file. A manual call for configfile in the grub shell fixes this with the existing kiwi created grub early-boot script. However, it is expected that the delivered grub image works and kiwi only creates its own one if no distro delivered grub image was found. To make the integration test functional for both BIOS and EFI the simple solution is to use an extra not btrfs based boot partition. This still allows to test the desired btrfs layout in terms of volumes and sub-volumes and does not break on any of the boot methods. * Wed Jul 19 2023 Marcus Schäfer <[email protected]> - Fixed apply_attributes_on_volume Make the function call more robust in terms of path separation * Wed Jul 19 2023 Dan Čermák <[email protected]> - Use tox isolated_build instead of hardcoding the envdir * Tue Jul 18 2023 Marcus Schäfer <[email protected]> - Add parent attribute to volume setup For the btrfs volume management, allow to put a volume into a specific parent volume. If not specified the volume is below the default volume This Fixes #2316 * Tue Jul 18 2023 Jesus Bermudez Velazquez <[email protected]> - Add SECURE_BOOT no when the firmware is efi This Fixes bsc#1211102 * Sun Jul 16 2023 Marcus Schäfer <[email protected]> - Use btrfs for fedora/test-image-live-disk test Change the Virtual profile to build a btrfs based image for testing respective btrfs layouts * Sun Jul 16 2023 Marcus Schäfer <[email protected]> - Add btrfs_create_toplevel_subvolume attribute Allow to explicitly select if a toplevel subvolume should be created or not. To avoid a behavior change, kiwi will create a toplevel based btrfs structure if this attribute is not specified. However, a deprecation message to inform about future behavior change will be printed. This is related to Issue #2316 * Wed Jul 12 2023 Marcus Schäfer <[email protected]> - Evaluate the @root volume name also for btrfs In a volume setup the special volume declaration <volume name="@root=identifier"/> was only evaluated for the LVM volume manager. In case of btrfs a hardcoded root volume name '@' was used. This commit allows to specify a custom name for the root volume for btrfs as well and also allows to specify that there should be no such root volume. Example: <volume name="@root=@"/> Name the root volume '@'. If not specified this stays as the default to stay compatible <volume name="@root=/"/> Indicate no root volume is wanted. All subvolumes resides below root (/) <volume name="@root=foo"/> Name the root volume 'foo' This is related to Issue #2316 and a first patch to address the requested changes * Mon Jul 10 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.4 → 9.25.5 * Mon Jul 10 2023 Marcus Schäfer <[email protected]> - Fixed regression in bootloader config attr access use_disk_password is not an attribute that exists in all BootLoaderConfig instances. Thus it's a mistake to access the attribute in the disk builder * Mon Jul 10 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.3 → 9.25.4 * Mon Jul 10 2023 Marcus Schäfer <[email protected]> - Load isoschematron module on demand Due to a license issue the isoschematron code might not be available in the lxml package from the distributor. This commit uses isoschematron on demand. If present on the system it gets loaded and used, if not a warning that the schematron validation will be skipped is provided. This Fixes #2314 * Sat Jul 08 2023 slowpeek <[email protected]> - Improve loopback.cfg example submenu+source should be preferred over menuentry+configfile: - submenu creates a new context, menuentry does not. As a result, changes made to vars inside menuentry's braces pollute the current scope. In this particular case what is notably wrong is root=loop happens in the current scope. If we activate the "Boot from openSUSE ISO" menu entry and then press Esc to return back to explore other menu entries, $root would still be set to 'loop'. Instead of manually saving and restoring $root value it is better to wrap the whole thing in a new context with submenu - configfile is not just 'source in a new context', it has as least one side effect. For details look for grub_err_printed_errors usage in [1] and [2] in grub sources [1] grub-core/normal/menu.c [2] grub-core/normal/menu_entry.c * Fri Jul 07 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.2 → 9.25.3 * Wed Jul 05 2023 Olaf Kirch <[email protected]> - Add improvements for fully encrypted disk images This commit adds more flexibility when using LUKS encrypted images. In addition support for key derivation on user provided passwords has been added. The following new attributes were added to the schema: type.luks_randomize allow to enable/disable the data randomizing if luks encryption is used type.luks_pbkdf When LUKS unlocks a key slot using a user provided password, it uses a so-called key derivation function to derive a symmetric encryption key from the password. Not all boot loaders support all KDF algorithms, hence this attribute can be used to select a specific algorithm bootloader.use_disk_password When /boot is encrypted, make the boot loader store the password in its configuration file (in cleartext). This is useful for full disk encryption images Signed-off-by: Olaf Kirch <[email protected]> * Wed Jul 05 2023 Olaf Kirch <[email protected]> - Change location of LUKS keyfile to /root/.root.keyfile In some configuration (eg on a transactional system), the root file system is read-only, which means we will not be able to remove the stale .root.keyfile after firstboot. This patch changes the location of the keyfile and places it in /root/.root.keyfile instead, because root's home directory is much more likely to be read/write. Also fixed the associated unit test (thanks to schaefi). Signed-off-by: Olaf Kirch <[email protected]> * Tue Jul 04 2023 Marcus Schäfer <[email protected]> - Add alternative re-reading of the partition table To inform the kernel about disk geometry changes, kiwi uses partprobe as a primary tool. However it is provided by parted and not necessarily available due to the package requirements on the dracut module. A second attempt via blockdev which is expected to exist is therefore made by this commit * Tue Jul 04 2023 Marcus Schäfer <[email protected]> - Refactor the luks_device class data transport Also add missing unit tests * Mon Jul 03 2023 Marcus Schäfer <[email protected]> - test_get_build_type_bootloader_use_disk_password Add missing unit test for use_disk_password attribute * Fri Jun 16 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.1 → 9.25.2 * Fri Jun 16 2023 Marcus Schäfer <[email protected]> - Fix repository setup for microdnf An instance of the Repository class for microdnf has to use RepositoryDnf4 * Fri Jun 16 2023 Marcus Schäfer <[email protected]> - Bump version: 9.25.0 → 9.25.1 * Wed Jun 14 2023 Marcus Schäfer <[email protected]> - Fixed image install of dnf package manager If the package manager is set to 'dnf4', this name is taken also as package name to install this package manager into the image. Problem is 'dnf4' is not a valid package name. The correct name for 'dnf4' is 'dnf'. This commit fixes the name bug introduced with the changes for Issue #2262 * Wed Jun 14 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.61 → 9.25.0 * Wed Jun 14 2023 Marcus Schäfer <[email protected]> - Add more details about used grub image(s) * Sat Jun 10 2023 glaubway <[email protected]> - make alias unique in any cases * Thu Jun 01 2023 Steffen Winterfeldt <[email protected]> - The actual padding is 0. And switch to sha256. * Mon May 29 2023 Marcus Schäfer <[email protected]> - Change package manager dnf to dnf4 With dnf5 there is a successor for dnf but there will also be a transition period where there will be both, the former dnf and the new dnf5 available. For a clear distinction between the two we got the recommendation from the RedHat team to support both in different namespaces. This commit now implements a backward compatible change for kiwi which includes the following modifications: * XSL stylesheet for automatic schema transformation from <packagemanager>dnf</packagemanager> to <packagemanager>dnf4</packagemanager> * Code copy of dnf API interface from PackageManagerDnf -> PackageManagerDnf4 RepositoryDnf -> RepositoryDnf4 * Deprecation of former Dnf API interface The code change here will force developers to adapt their code if they used RepositoryDnf / PackageManagerDnf classes in their python code. After this change developers will be dropped into a raise condition which exits kiwi at the time of the call. Related to Issue #2300 and Issue #2262 * Thu May 25 2023 Hans-Peter Jansen <[email protected]> - Documentation: clearify dnf based collection selectors With 89b5a6f5269, the selection of collections was changed to allow group IDs only for dnf based package installers. * Thu May 25 2023 Marcus Schäfer <[email protected]> - Update rawhide integration tests Use dnf5 for rawhide. It's hard to differentiate between old and new dnf version on Fedora Rawhide. Thus let's make the move to dnf5. Since microdnf is also wrapped into dnf5 the integration test for microdnf got renamed to dnf5 * Wed May 24 2023 Marcus Schäfer <[email protected]> - Add support for dnf5 package manager dnf5 is the next generation of the dnf package manager. dnf5 is not a drop in replacement to dnf which is the reason why this commit adds a new interface class for package and repository management under a new name: dnf5. Beginning with Fedora >= 39 dnf5 will be the standard. Thus the requirements on the packaging level were adapted too. This Fixes #2300 This Fixes #2262 * Wed May 24 2023 Isaac True <[email protected]> - dracut: modules.d: 90kiwi-overlay: add support for device mapper targets Allow specifying a device mapper target for the root of the overlayfs. This adds support for features like adding a dm-verity or dm-crypt backend to the overlayfs. A device mapper target can be specified using the following syntax on the kernel command line: root=overlay:MAPPER=verityRoot This translates to using the path `/dev/mapper/verityRoot` as the base of the overlayfs. Signed-off-by: Isaac True <[email protected]> * Wed May 24 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.60 → 9.24.61 * Tue May 23 2023 Isaac True <[email protected]> - dracut: modules.d: 99kiwi-lib: add bash shebangs and dependency The scripts in the kiwi-lib module use bash-specific syntax like `function`, which causes the script to fail if another shell (like dash or busybox) is used to interpret the scripts. Specifically set the shebang to use bash as the shell interpreter and add bash as a dependency to the dracut module to fix this. This resolves the following errors which are printed at boot when busybox tries to interpret the scripts: /bin/dracut-pre-mount: 3: /lib/kiwi-filesystem-lib.sh: function: not found /bin/dracut-pre-mount: 15: /lib/kiwi-filesystem-lib.sh: Syntax error: "}" unexpected Signed-off-by: Isaac True <[email protected]> * Mon May 22 2023 Jiri Srain <[email protected]> - Do not depend on dnf for SUSE ALP * Tue May 16 2023 Marcus Schäfer <[email protected]> - Added appx-util as WSL requires for Fedora/RHEL Make sure the kiwi-systemdeps-containers-wsl meta package pulls in the required tools for Fedora/RHEL when building WSL containers. This is a followup to #2286 * Tue May 16 2023 Marcus Schäfer <[email protected]> - Add cpio to core systemdeps requires list * Thu May 11 2023 Jan Löser <[email protected]> - Find correct `shimx64.efi` binary for EL derivatives Sort globbing result by length and look for `shim[a-z]*.efi` pattern first before falling back to `shim.efi`. This allows us to match correct shim binary for SecureBoot enabled systems. The following example shows the content of recent shim package from AlmaLinux 9: $ ls -1 ~/Downloads/shim-almalinux-x64/boot/efi/EFI/almalinux BOOTX64.CSV mmx64.efi shim.efi shimx64-almalinux.efi shimx64.efi Sorted globbing result is: shimx64.efi shimx64-almalinux.efi First match wins (here `shimx64.efi`) which is the correct binary to be used as it is signed by M$. Was tested with shim packages for CentOS (x64, ia32, aarch64), Fedora 36 (x64), AlmaLinux 9 (x64, aarch64). * Sat May 06 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.59 → 9.24.60 * Thu May 04 2023 Marcus Schäfer <[email protected]> - Allow to create plain cpio archives Allow to create plain cpio archives to serve the idea of the mkosi initrd concept * Fri Apr 28 2023 Fabian Vogt <[email protected]> - Fix restoration of grub2-install (bsc#1210948) It checked for grub2-install.orig in the host, not the buildroot. This meant that it left /usr/sbin/grub2-install as a noop. * Fri Apr 28 2023 David Cassany <[email protected]> - Use cross arch macros to interpret uint64_t This commit adds inttypes.h to make use of PRIu64 style macros in order to properly translate uint64_t across different architectures. More specific this allows the code to compile for ix86. Signed-off-by: David Cassany <[email protected]> * Tue Apr 25 2023 Jan Löser <[email protected]> - Look for specific `shimx64.efi` binary first In CentOS, `/boot/efi/EFI/*/shim*.efi` extends to `/boot/efi/EFI/centos/shimx64-centos.efi` which is not signed by M$ but CentOS itself. This in turn does not boot on SecureBoot enabled systems. * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Delete score card Too flaky, broken most of the time and I'm not sure how much value it adds to the project overall * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Fix score card action * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Update TW build tests plymouth-plugin-script must be explicitly added now * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Revert "Add zstd and xzio to grub image" This reverts commit af8c702db0a60ed4abeba8686d4e8475c410c58d. The grub modules does not exist in all grub installations. A different implementation is required * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Update TW integration tests change theme from bgrt to breeze. TW has deleted bgrt * Mon Apr 24 2023 Marcus Schäfer <[email protected]> - Fixed writing URIs including ASCII encoding * Fri Apr 21 2023 Marcus Schäfer <[email protected]> - Split container systemdeps in OCI and WSL * Thu Apr 20 2023 Marcus Schäfer <[email protected]> - Update kiwi-systemdeps-containers requires list Do not strictly require fb-util-for-appx. In order to create WSL containers fb-util-for-appx is a requirement but usually users create OCI containers and WSL containers are still a niche case. Thus it's ok to reduce the requirement into a recommends. This Fixes #2284 * Thu Apr 20 2023 Marcus Schäfer <[email protected]> - Encode remote URLs Special characters in a URL e.g the @ sign needs to be encoded as part of a remote URL. * Tue Apr 18 2023 Marcus Schäfer <[email protected]> - Fix workflow run * Tue Apr 18 2023 Marcus Schäfer <[email protected]> - Fixed Fedora prebuild EFI binary lookup When creating CentOS/Fedora live media, kiwi does not install the right signed grub2 EFI binary. This was caused by kiwi not being aware of the gcdx64.efi(x86_64), gcdaa64.efi(aarch64) binaries for CD/ISO boot. This Fixes #2270 * Thu Apr 13 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.58 → 9.24.59 * Thu Apr 13 2023 Marcus Schäfer <[email protected]> - Add zstd and xzio to grub image If kiwi builds its own grub image, make sure the compression algorithms zstd and xz are supported * Wed Apr 12 2023 David Cassany <[email protected]> - Adding a comment to explain the s390 specific path Signed-off-by: David Cassany <[email protected]> * Wed Apr 12 2023 David Cassany <[email protected]> - Use parted only in s390 arch This commit ensures parted is only called in dracut-kiwi-lib for s390 arch. It also fixes the spec to only require parted for s390 builds. In addition parted requirement has been removed from dracut-kiwi-live package since parted is not used in any other dracut module beyond kiwi-lib. Signed-off-by: David Cassany <[email protected]> * Tue Apr 04 2023 Jan Löser <[email protected]> - Add potential shim binary for Ubuntu Looks like `shim*.efi` is gone in latest `shim-signed` package. The package now contains `shimx64.efi.signed.latest` and `shimx64.efi.signed.previous` binaries, let's take latest. shim-signed_1.40.9+15.7-0ubuntu1_amd64/usr/lib/shim/: total 4688 drwxr-xr-x. 3 root root 209 Jan 31 12:57 . drwxr-xr-x. 3 root root 18 Jan 31 12:57 .. - rw-r--r--. 1 root root 108 Jan 31 12:57 BOOTX64.CSV - rwxr-xr-x. 1 root root 1622 Jan 31 12:57 is-not-revoked drwxr-xr-x. 2 root root 25 Jan 31 12:57 mok - rw-r--r--. 1 root root 950891 Jan 31 12:57 shimx64.efi - rw-r--r--. 1 root root 962400 Jan 31 12:57 shimx64.efi.dualsigned - rw-r--r--. 1 root root 960472 Jan 31 12:57 shimx64.efi.signed.latest - rw-r--r--. 1 root root 955656 Jan 31 12:57 shimx64.efi.signed.previous - rw-r--r--. 1 root root 88296 Jan 27 20:09 fbx64.efi - rw-r--r--. 1 root root 860824 Jan 27 20:09 mmx64.efi shim-signed_1.40.7+15.4-0ubuntu9_amd64/usr/lib/shim/: total 3728 drwxr-xr-x. 3 root root 145 Aug 13 2021 . drwxr-xr-x. 3 root root 18 Aug 13 2021 .. - rw-r--r--. 1 root root 108 Aug 13 2021 BOOTX64.CSV - rw-r--r--. 1 root root 85672 Aug 13 2021 fbx64.efi - rw-r--r--. 1 root root 856232 Aug 13 2021 mmx64.efi drwxr-xr-x. 2 root root 25 Aug 13 2021 mok - rw-r--r--. 1 root root 947143 Aug 13 2021 shimx64.efi - rw-r--r--. 1 root root 957576 Aug 13 2021 shimx64.efi.dualsigned - rw-r--r--. 1 root root 955656 Aug 13 2021 shimx64.efi.signed * Mon Apr 03 2023 David Cassany <[email protected]> - Expand DASD partition table with parted Signed-off-by: David Cassany <[email protected]> * Thu Mar 30 2023 Marcus Schäfer <[email protected]> - Fixed evaluation of custom start sector In case an alternative partition table start sector is configured, the check to effectively apply it should be based on the partition table type not on the firmware name * Thu Mar 30 2023 David Cassany <[email protected]> - Add parted dependency for s390 Signed-off-by: David Cassany <[email protected]> * Tue Mar 28 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.57 → 9.24.58 * Mon Mar 27 2023 Marcus Schäfer <[email protected]> - Build leap btrfs test without root as snapshot So far no btrfs integration test without root as snapshot existed * Sat Mar 25 2023 Marcus Schäfer <[email protected]> - Support EFI boot from squashfs grub supports reading from squashfs. If no extra bootloader installation is required this allows to boot from a squashfs rootfs without extra boot partition. The prebuilt grub images usually does not contain the squash4 module which is the reason why kiwi creates the EFI module itself if the system is fully immutable. Please note; the grub configuration must be provided manually as part of the image description in this case because grub-mkconfig at the time it has to be called has no write permissions anymore. * Fri Mar 24 2023 Fabian Vogt <[email protected]> - Fix /.snapshots mounting in the btrfs volume manager The /@/.snapshots subvolume was not mounted as /.snapshots in the root filesystem snapshot. This is now necessary for snapper to work. While at it, create 1/snapshot as plain subvolume, it does not make sense to snapshot @ itself. * Thu Mar 16 2023 Marcus Schäfer <[email protected]> - Add support for config-host-overlay.sh script * Thu Mar 16 2023 Marcus Schäfer <[email protected]> - Fixed build of dracut-kiwi-verity The spec file was missing the package definition to actually create the dracut-kiwi-verity package. In addition the fixed setting to the C standard 17 caused build errors for me on distributions that uses C standard 11/12. * Wed Mar 15 2023 Marcus Schäfer <[email protected]> - Add selinux integration test for Leap SUSE systems supports both, apparmor and selinux, whereas apparmor is the default. As selinux requires to create security labels during build time of an image, this integration test checks if the labeling works for SUSE based OS'es. This Fixes #2244 * Tue Mar 14 2023 Marcus Schäfer <[email protected]> - Allow custom template evaluation for install ISO So far only Live ISO images allowed for custom template usage * Tue Mar 14 2023 Marcus Schäfer <[email protected]> - Fix Arch Linux Live ISO integration test Switch to grub for booting the ISO, for some reason isolinux refused to work and there is no priority to dig into the issue. This Fixes #2233 * Tue Mar 14 2023 Marcus Schäfer <[email protected]> - Fix Arch Linux EFI install ISO integration test kiwi has code in bootloader/template/grub2.py which uses linuxefi/initrdefi commands according to the configured grub_platform. These commands does not exist on Arch and therefore the integration test provides its own ISO template. This Fixes #2232 * Tue Mar 14 2023 Marcus Schäfer <[email protected]> - Add dracut-kiwi-verity dracut module package When building an image with an embedded verity hash via the embed_verity_metadata="true" type attribute it is required to setup the device map at boot time accordingly. The dracut module in this commit provides the needed tooling as a POSIX C implementation which is able to read the kiwi embedded verityhash from the offset of the partition. Kudos goes to Isaac True <[email protected]> Co-authored-by: Isaac True <[email protected]> Signed-off-by: Isaac True <[email protected]> * Mon Mar 13 2023 Joachim Gleissner <[email protected]> - (Re-)add support for 'anymarkup' < 0.5.0 Fall back to module 'anymarkup' if 'anymarkup_core' is not available. * Sat Mar 11 2023 Marcus Schäfer <[email protected]> - Support UNIXNODE device names for overlayroot When no other persistent naming schema can be used to identify the device there should be the option to specify the kernel unix device node name * Fri Mar 10 2023 Joachim Gleissner <[email protected]> - Use module anymarkup-core instead of anymarkup Use 'anymarkup-core' directly instead of wrapper 'anymarkup'. * Thu Mar 09 2023 Marcus Schäfer <[email protected]> - Fix permissions of live ISO system files Make sure initrd and squashfs.img takes permissions o644 This Fixes #2246 * Wed Mar 08 2023 Marcus Schäfer <[email protected]> - Update TW test-image-rpi-overlay build test It used rd.root.overlay.readonly but it meant rd.root.overlay.temporary * Wed Mar 08 2023 Marcus Schäfer <[email protected]> - Fixed rd.root.overlay.readonly handling Fix the option implementation to actually do what it is supposed to do, boot the system in fll read-only mode. In addition a new parameter named rd.root.overlay.temporary has been introduced which allows to boot up in read-write mode but the write area is a tmpfs. Thus persistency only during runtime. Updated the documentation accordingly * Tue Mar 07 2023 Marcus Schäfer <[email protected]> - Fixed tumbleweed build tests opie no longer in TW * Tue Mar 07 2023 Marcus Schäfer <[email protected]> - Fixed tumbleweed/test-image-azure opie no longer in TW * Tue Mar 07 2023 Marcus Schäfer <[email protected]> - Support PARTLABEL device names for overlayroot When using GPT a partlabel exists that can also be used as a device reference * Tue Mar 07 2023 Marcus Schäfer <[email protected]> - Fixed kernel parameters for overlayroot setup The device selection for the read-only and read-write devices in an overlayroot setup was implicitly done in the kiwi-overlay dracut module by reading the root= information. This is a concept which barely works and should be refactored in a way that the root= information always points to the root device and that an eventually existing write location is explicitly provided via the existing rd.root.overlay.write parameter which is allowed to be overwritten for providing an alternative write location. Making this information consistent and explicit on the kernel commandline simplifies the dracut code to consume this information correctly. This Fixes #2251 * Sun Mar 05 2023 Marcus Schäfer <[email protected]> - Fixed conditional options evaluation The former condition caused the end result list to be empty * Sat Feb 11 2023 Marcus Schäfer <[email protected]> - Add support for creating delta containers Add new attribute delta_root="true|false" which in combination with derived_from="OCI-base-image" allows to create a delta root tree only containing the differences between the OCI-base-image and the actions taken by the kiwi prepare step. Based on the delta root tree the subsequent image creation process starts. Such an incomplete root tree is only useful under certain circumstances which is also the reason why the feature is only available to the oci and docker image types. * Fri Feb 10 2023 Marcus Schäfer <[email protected]> - Bump version: 9.24.56 → 9.24.57 * Sat Jan 28 2023 Marcus Schäfer <[email protected]> - Allow squashfscompression for plain squashfs The schematron rule to limit the squashfscompression attribute to certain image types did not allow it for a plain squashfs filesystem build. This commit fixes that limitation. This Fixes #2241 * Wed Jan 18 2023 David Cassany <[email protected]> - Use rsync defaults to sync the initrd root-tree This commits makes use of rsync default options to sync the root-tree of the boot image for custom initrds. Fixes bsc#1207128 where it was noted hardlinks were not preserved inside the initrd. Signed-off-by: David Cassany <[email protected]> * Tue Jan 17 2023 Marcus Schäfer <[email protected]> - Fixed wrong test assertions Former versions of pytest did ignore invalid assertions. Now they are reported as an error and show the mistakes of the past * Tue Jan 17 2023 Marcus Schäfer <[email protected]> - Added 90-brd.conf for test-image-disk-ramdisk By default the brd ramdisk module is no longer added to the initrd. For ramdisk deployments this is required though. This Fixes #2230 * Sun Jan 15 2023 Marcus Schäfer <[email protected]> - Delete CentOS v7 build tests CentOS v7 is EOL for kiwi image build tests * Thu Jan 05 2023 Marcus Schäfer <[email protected]> - Allow to specify fixed size for the root partition So far the last partition (typically root) in the partition table takes all the rest space of the partition table in the image file. At deployment/boot time users had several options to let that partition grow to a custom size. However, during build time of the image it was not possible to specify a specific fixed size for the root partition as we don't wanted to produce gaps of unpartitioned space in the image file. It has turned out that there is hardware available which requires a partition to be an exact multiple of some blocksize. As kiwi supports size constraints for all other partitions but not for root this commit now allows for it. The oem-systemsize element is now also taken into account at build time of the image if the oem-resize which would do that at deployment/boot time is switched off like the following example shows: ```xml <oemconfig> <!-- set root partition to 2048MB --> <oem-systemsize>2048</oem-systemsize> <oem-resize>false</oem-resize> </oemconfig> ``` This Fixes #2203 * Wed Jan 04 2023 Marcus Schäfer <[email protected]> - Delete ppc:fedora from testing report * Wed Jan 04 2023 Marcus Schäfer <[email protected]> - Remove Fedora PPC build test from index The integration test unfortunately never got tested anywhere is outdated and I have no PPC hardware here to run any tests. Let's add a real test if there is demand for it * Wed Jan 04 2023 Marcus Schäfer <[email protected]> - Added kiwi-settings for Fedora arm build tests * Mon Jan 02 2023 Marcus Schäfer <[email protected]> - Pass along tmpdir to skopeo When using the --temp-dir parameter, it was not passed to the skopeo calls when building a container image with kiwi. * Thu Dec 22 2022 Marcus Schäfer <[email protected]> - Allow fat16/fat32 as filesystem in partitions The partitions element allows to specify the filesystem for the individual partition. In the schema fat16 and fat32 were missing * Thu Dec 22 2022 Robert Schweikert <[email protected]> - Support new bootloadersettings section Allow to specify an optional <bootloadersettings> element inside of the <bootloader> section. The information is used to specify custom arguments for the tools called in a bootloader setup procedure, e.g shim-install, grub-install or grub-mkconfig. kiwi does not judge on the given parameters and if the provided data is effectively used depends on the individual bootloader implementation. In this commit the data will be effectively handled if bootloader="grub2" is configured. More precisely the custom additions to support SUSE's TPM model with grub2 can be configured as follows: <bootloadersettings> <shimoption name="--suse-enable-tpm"/> <installoption name="--suse-enable-tpm"/> <configoption name="--set-trusted-boot"/> </bootloadersettings> This Fixes #2224 * Tue Dec 20 2022 Marcus Schäfer <[email protected]> - Stick with tox v3.28.0 for unit testing tox >= 3.0.15 together with virtualenv >= 20.17.1 raises strange incompatibilities and prevents the unit test run because tox calls virtualenv in a wrong way leading to strange error messages like: - -- usage: virtualenv ... virtualenv: error: argument dest: destination '{check,devel,packagedoc,doc,doc_gh_pages,doc_suse,doc_man,scripts,}: /home/runner/work/kiwi/kiwi/.tox/3\n/home/runner/work/kiwi/kiwi/.tox/3.8' must not contain the path separator (:) as this would break the activation scripts - -- All this doesn't make sense to me at all and worked without any issues before. * Tue Dec 20 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.55 → 9.24.56 * Tue Dec 20 2022 Marcus Schäfer <[email protected]> - Fix gh-pages publish * Sun Dec 18 2022 Marcus Schäfer <[email protected]> - Fixed systemd boot integration test for rawhide systemd-boot was splitted in preparation for secure boot. The unsigned version of the EFI binary is used in the test so far * Sun Dec 18 2022 Marcus Schäfer <[email protected]> - Added device mapper setting for s390 on TW Use kpartx as partx fails * Sun Dec 18 2022 Marcus Schäfer <[email protected]> - Added device mapper setting for s390 Use kpartx as partx fails * Sun Dec 18 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.54 → 9.24.55 * Wed Dec 14 2022 Marcus Schäfer <[email protected]> - Allow to pass credentials as file reference * Tue Dec 13 2022 Marcus Schäfer <[email protected]> - Fixed handling of container archive compression In kiwi we support handling of the container archive compression via a runtime configuration setting of the following form, eg in /etc/kiwi.yml ```yaml container: [#] Specify compression for container images [#] Possible values are true, false, xz or none. - compress: true ``` However, this setting was only taken into account in the kiwi bundler. Meaning if the user calls 'kiwi result bundle ...' after the container image has been created the result bundler will take the compression setting into account. From my perspective this behavior is misleading and also prevents users from creating compressed container archives without a subsequent result bundler call. Therefore this commit moves the place to handle the compression setting into the container classes. The bundler code for containers will no longer operate on it and just takes what it gets, which can be either compressed or not. The default setting was "No compression" and this was not changed. This Fixes #2217 * Tue Dec 13 2022 Marcus Schäfer <[email protected]> - Add type hints for OCI and APPX classes * Sun Dec 11 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.53 → 9.24.54 * Sun Dec 11 2022 Marcus Schäfer <[email protected]> - Fix publish to pypi bind gh-action module to v1 release * Sun Dec 11 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.52 → 9.24.53 * Sat Dec 10 2022 Marcus Schäfer <[email protected]> - Use ubuntu-20.04 as github hosted runner It seems on ubuntu-latest no python 3.6 is available anymore * Sat Dec 10 2022 Marcus Schäfer <[email protected]> - Allow external commands in tox targets * Fri Dec 09 2022 Marcus Schäfer <[email protected]> - Fix unit test run for BLS spec base class Do not really call blkid as used in get_boot_cmdline * Fri Dec 09 2022 Marcus Schäfer <[email protected]> - Fixed typo in documentation Capitalize at the start of a sentence. This Fixes #2216 * Fri Dec 02 2022 Marcus Schäfer <[email protected]> - Fix unit tests to run in parallel Setting sys.argv and global variables impacts tests such that they cannot run in parallel. The little footprint of excluding the --config global args test from the coverage is beneficial to allow parallel test runs * Fri Dec 02 2022 Marcus Schäfer <[email protected]> - Don't show secret parts of an URI Using URIs of the form uri://user:pass@location should not be logged or printed including its credential data * Fri Dec 02 2022 Marcus Schäfer <[email protected]> - Don't use split on potential None value * Thu Dec 01 2022 Marcus Schäfer <[email protected]> - Allow to select partition mapper tool The recent change from kpartx to partx caused some appliance builds to break depending on their configuration. I spotted issues when building disks with veritysetup or integritysetup root devices. There are also issues with grub-install on other architectures e.g s390. It seems partx cannot be used as a drop in replacement and so I suggest to make this a runtime configuration option with partx as the new default but also allow for the old method * Thu Dec 01 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.51 → 9.24.52 * Wed Nov 30 2022 Marcus Schäfer <[email protected]> - Fix status indicator in helper/build_status.sh colored output only worked for toplevel results * Wed Nov 30 2022 Neal Gompa <[email protected]> - Eliminate redundant partx calls for cleaning up loop devices partx can clean up all partition loops associated with a loop device when deleting the main loop device. Apparently, sometimes it goes and does this even when only deleting the partition loop, so to avoid this problem, we will just eliminate the redundant call. Fixes: 8f2b8fda82a37d7a7ebbf8a6557870cc63b0ae91 * Wed Nov 30 2022 Marcus Schäfer <[email protected]> - Support repo URI's with credentials on cmdline Specifying a repository as part of the image description allows for credentials via the username and password attributes. Howver, repositories can also be specified on the commandline via the --set-repo / --add-repo options. The options on the commandline did not allow to specify credentials so far. This commit adds the commandline options --set-repo-credentials and --add-repo-credentials to support them * Wed Nov 30 2022 Marcus Schäfer <[email protected]> - Update test-image-vagrant virtualbox-guest-x11 seems to be deleted from TW * Wed Nov 30 2022 Marcus Schäfer <[email protected]> - Fixed test-image-custom-partitions The test was done prior kiwi added the partitions element and demonstrates how to influence the partition table via scripts. These scripts uses kpartx and the device mapper. Due to the recent change from kpartx to partx the scripts must be adapted * Tue Nov 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.50 → 9.24.51 * Tue Nov 29 2022 Marcus Schäfer <[email protected]> - Added code style batch to landing page * Tue Nov 29 2022 Marcus Schäfer <[email protected]> - Delete obsolete gitlab pipeline status flag Delete obsolete gitlab pipeline status from the project landing page. We do no longer use gitlab since they added that quota thing for their CI system * Tue Nov 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.49 → 9.24.50 * Tue Nov 29 2022 Neal Gompa <[email protected]> - Swap from DM kpartx to util-linux partx for creating loop devices The device-mapper (DM) based loop devices that kiwi has historically generated creates issues when trying to run kiwi in confined build environments. The DM tools prefer to have a tighter coupling between userspace and kernel interfaces, and we cannot necessarily guarantee that in the variety of build environments that kiwi can be run in. In particular, Koji uses either nspawn containers or chroots through Mock to run kiwi and that is where this fails. However, we do not need to use DM for this purpose when util-linux provides a perfectly serviceable alternative. This commit changes kiwi's loop device setup to use partx(8) from util-linux instead. As long as the appliance image being created doesn't use a disk scheme that requires DM, it becomes entirely possible to produce an image without needing DM at runtime at all. * Tue Nov 29 2022 Marcus Schäfer <[email protected]> - Added systemd_boot integration test for Rawhide * Mon Nov 21 2022 Marcus Schäfer <[email protected]> - Increase btrfs size of orthos integration test * Mon Nov 14 2022 Marcus Schäfer <[email protected]> - Increase scope of kernel lookup So far kiwi was looking up kernels only on /boot. Including other bootloaders it's no longer required that the kernel packages of the distributions provides the kernel in /boot Thus kiwi's lookup needs to be extended to other places which is done by this commit. * Sat Nov 12 2022 Marcus Schäfer <[email protected]> - Add GRUB_DEFAULT=saved if not set If there is no GRUB_DEFAULT setting in etc/default/grub we add GRUB_DEFAULT=saved as the default setting. This Fixes #2198 * Sat Nov 12 2022 Marcus Schäfer <[email protected]> - Disable gitlab CI pipeline Unfortunately gitlab decided to allow only eligible projects to use their CI pipeline. Being a member for years seems not to count in this change process. Therefore this commit disables the tests we run on gitlab and I will come up with a simple github action for the parts that we don't want to loose. * Fri Nov 11 2022 Marcus Schäfer <[email protected]> - Added integration test for systemd_boot The test build is based on the Tumbleweed distribution and provides a simple non-secure-boot systemd-boot virtual disk image * Tue Nov 08 2022 Marcus Schäfer <[email protected]> - no_implicit_optional = False * Thu Nov 03 2022 Marcus Schäfer <[email protected]> - Added --loglevel option specify logging level as number. Details about the available log levels can be found at: https://docs.python.org/3/library/logging.html#logging-levels Setting a log level causes all message >= level to be displayed. * Wed Nov 02 2022 Marcus Schäfer <[email protected]> - Consolidate and cleanup logging Make sure all loggers; stream handlers, file and socket handler uses the same logging format. Also make sure that there is only one place for setLogLevel when kiwi is used as application * Sat Oct 29 2022 Marcus Schäfer <[email protected]> - Added support for --logsocket Like with --logfile this commit adds support for using an existing Unix Domain Socket for logging. It's required that there is a listener on the given socket otherwise kiwi exits with an appropriate error message from the socket layer. A simple listener could look like the following: ```python sock_file = '/tmp/log_socket' buffer = 1024 if os.path.exists(sock_file): os.unlink(sock_file) sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) sock.bind(sock_file) sock.listen(1) while True: connection, client_address = sock.accept() try: while True: data = connection.recv(buffer) if not data: break print(data.decode()) finally: connection.close() ``` With the listener in place kiwi can be called as follows: kiwi-ng --logsocket /tmp/log_socket ... * Sat Oct 22 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.48 → 9.24.49 * Sat Oct 22 2022 Marcus Schäfer <[email protected]> - Fixed test-image-vagrant virtualbox-guest-tools obsoletes virtualbox-guest-x11 * Fri Oct 21 2022 Marcus Schäfer <[email protected]> - ignore the type check on the Result class With an update of mypy the bound TypeVar is no longer allowed. In newer versions of python we could use the "Self" type or import annotations from the future module. Unfortunately in older python versions which we still support (3.6) there is no non intrusive change which allows us to handle that type annotation. Thus this commit ignores the return type spec for Result.load() for the moment. * Wed Oct 12 2022 Igor Raits <[email protected]> - Stop copying /dev files statically into the OCI container In containers (nspawn) where part of the /dev filesystem is bind-mounted from outside system, kiwi fails to do the rsync (in creation of the nodes). There is no reason to actually copy whole tree inside so let's just not do it (as it does not seem to be needed at all). * Tue Oct 11 2022 Dirk Müller <[email protected]> - List riscv64 as a valid architecture in the schemas This is needed so that architecture filters on riscv64 specifics can be defined. * Wed Sep 14 2022 Marcus Schäfer <[email protected]> - Support DM integrity legacy options Add a new attribute integrity_legacy_hmac="true|false" which allows to use old flawed HMAC calculation (does not protect superblock). Add a new attribute integrity_legacy_padding="true|false" which allows to use inefficient legacy padding. Do not use these attributes until compatibility with a specific old kernel is required! * Wed Aug 31 2022 Jan Macku <[email protected]> - ci(lint): Add Shell linter - Differential Shellcheck * Wed Aug 31 2022 Marcus Schäfer <[email protected]> - Limit repo alias names to be a safe POSIX name Characters like spaces or other symbols used in repo alias names can cause the package manager to fail setting up the repo. Thus this patch changes the schema to only allow for safe POSIX names matching: {pattern = "[a-zA-Z0-9_\-\.]+"}. This Fixes #2170 * Thu Aug 25 2022 Marcus Schäfer <[email protected]> - Increase space for test-image-embedded test Add more space to test profile: SystemFeatures * Thu Aug 25 2022 Marcus Schäfer <[email protected]> - Increase efifatimage size for legacy build test * Tue Aug 23 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.47 → 9.24.48 * Sun Aug 21 2022 Laszlo Gombos <[email protected]> - Return failure if overlay is not supported * Wed Aug 10 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.46 → 9.24.47 * Wed Aug 10 2022 Marcus Schäfer <[email protected]> - Revert "EFI Filesystem must be Fat32 formatted" Using fat32 causes failed boots on e.g AWS EC2 arm. This must be solved differently with an attribute to configure it. This reverts commit b8641bdc6825423f8c65b55c8d0870b38874a566. * Tue Aug 09 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.45 → 9.24.46 * Tue Aug 09 2022 Marcus Schäfer <[email protected]> - Support URIs with credentials in solver plugin check if the URI string contains credentials and extract/trim them from the uri object. The urlparse class does not recognize this information as a valid URI and throws an exception * Tue Aug 09 2022 Marcus Schäfer <[email protected]> - Fixed kexec options setup in kiwi-dump-reboot The dracut module 99kiwi-dump-reboot creates an options list for kexec. Under certain conditions the options list can contain multiple spaces which leads to an error when calling kexec. This commit makes sure to trim white spaces. This Fixes #2178 * Sun Aug 07 2022 Marcus Schäfer <[email protected]> - Fixed test-image-disk-legacy Increase size of embedded EFI fat image needed for EFI bootable install ISO. Due to the increased size of the custom kiwi initrd the default size for the FAT image is too small * Sat Aug 06 2022 Marcus Schäfer <[email protected]> - Support custom size for embedded EFI FAT image For ISO images (live and install) the EFI boot requires an embedded FAT image. As of now a fixed size of 20M was used which leads to a problem if the EFI image or the initrd or the kernel is bigger than 20M. With the new attribute: efifatimagesize="nonNegativeInteger" we can now set a different value for the FAT image. Please note the value must be aligned to the also customizable efipartsize value which allows to configure the size of the EFI partition * Fri Aug 05 2022 Marcus Schäfer <[email protected]> - Fixed linter complaints after flake update flake now complains about E275 missing whitespace after keyword for the way 'del' is used. This commit fixes it * Thu Aug 04 2022 J Mixer <[email protected]> - Added a NOTE: section to explain the finer points of adding tools to a dracut hook. * Sat Jul 30 2022 Marcus Schäfer <[email protected]> - Fixup btrfs based legacy kiwi initrd test * Thu Jul 21 2022 gmoro <[email protected]> - Fix mocking of grub2-install (fix #2124) /bin/true was being used from the host machine instead of the chroot * Thu Jul 21 2022 David Cassany <[email protected]> - Fix race condition in runtime_config_test This commit instead of setting the global variable of the runtime config file patches it. This is relevant if running unit tests in parallel, where global variables are shared if not patched. Signed-off-by: David Cassany <[email protected]> * Tue Jul 12 2022 Marcus Schäfer <[email protected]> - EFI Filesystem must be Fat32 formatted Given the documentation from Microsoft the EFI partition must be a fat32 format. fat16 is still supported but unexpected. This Fixes #2141 * Tue Jul 12 2022 Marcus Schäfer <[email protected]> - Fixed typo in overview page prevent word duplication. This Fixes #2016 * Tue Jul 12 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.44 → 9.24.45 * Thu Jul 07 2022 Marcus Schäfer <[email protected]> - Umount device before cloning In case a clone should be created from a partition we need to make sure to umount the device after sync and prior cloning. Otherwise the clone operation is not safe because the rsynced data might still be in memory and not synced out to the block device. * Wed Jul 06 2022 Marcus Schäfer <[email protected]> - Fixed custom disk start sector setup The attribute disk_start_sector allows to specify a custom start sector for the first partition of the disk. On GPT tables everything works nicely, on DOS tables the used tools fdisk/sfdisk are not able to manage the start/end values of subsequent partitions if the first partition doesn't start with the tooling default. This patch allows to set the start sector after the partition table has been created * Sat Jul 02 2022 Marcus Schäfer <[email protected]> - Fixed CentOS-8 repo setup * Fri Jun 24 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.43 → 9.24.44 * Thu Jun 23 2022 Marcus Schäfer <[email protected]> - Make sure to rebuild rpm database For rpm based distributions make sure to call rpm --rebuilddb unconditionally prior using rpm with the chroot. This Fixes #2165 * Wed Jun 22 2022 Neal Gompa <[email protected]> - github: Refresh issue template to cover more operating scenarios KIWI is often used for cross-distribution image builds, so we should ask for that information when appropriate. Additionally, clarify "OBS" as "Open Build Service" to disambiguate. Finally, add a line about Koji since Koji can run kiwi to build images now. * Wed Jun 22 2022 Marcus Schäfer <[email protected]> - Fixed unit tests * Tue Jun 21 2022 Igor Raits <[email protected]> - Forcefully disable versionlock plugin in DNF [ INFO ]: 09:39:08 | Uninstalling system packages (chroot) [ INFO ]: 09:39:08 | Using package manager backend: dnf [ INFO ]: 09:39:08 | --> package: linux-firmware [ INFO ]: 09:39:08 | Uninstall system packages (chroot) [ DEBUG ]: 09:39:08 | EXEC: [chroot /tmp/myimage8/build/image-root dnf --config /kiwi_v708wllp -y --releasever=8 autoremove linux-firmware] [ INFO ]: Processing: [########################################] 100% [ ERROR ]: 09:39:08 | KiwiPackagesDeletePhaseFailed: System package deletion failed: Package deletion failed: Error: Locklist not set The versionlock plugin does not bring any benefit anyways as we completely override plugin configs. Also refactor configparser related stuff a bit. Signed-off-by: Igor Raits <[email protected]> * Mon Jun 20 2022 Marcus Schäfer <[email protected]> - Support squashfs in custom partitions When using squashfs in a custom partitions setup like the following: <partitions> <partition ... filesystem="squashfs"/> </partitions> The build fails because the filesystem needs to be created using the create_on_file() API and not the create_on_device() API. In addition the size estimation is bogus when using squashfs and cannot be pre-calculated because we only know how much space the filesystem really needs after mksquashfs as worked on the data and the compression. Thus this commit also relaxes the required size check in case of squashfs. Last but not least a squashfs filesystem does not provide label or UUID and can only be referenced by the PARTUUID it gets dumped on or by the native unix device node. As the unix node is a loop during build time of the image and meaningless this commit also forces by-partuuid mapping in fstab when mounting the squashfs based device. * Thu Jun 16 2022 Marcus Schäfer <[email protected]> - Fixed use of CommandCapabilities The class allows to check for data produced on stdout and stderr. However, programs reporting data on stderr usually fails with an exit code != 0. If the command is not called with raise_on_error=False it will never be possible to catch information from stderr. As we don't know if programs returns a failed exit code even on their e.g --usage message we should always pass the no raise option to make this more useful * Wed Jun 15 2022 David Cassany <[email protected]> - Fix volume mount path and adapt unit tests Signed-off-by: David Cassany <[email protected]> * Tue Jun 14 2022 Marcus Schäfer <[email protected]> - Handle older versions of setfiles correctly In older versions of setfiles we need a two pass setup First set the policy, second apply the security context. This commit checks in the usage message of setfiles which invocation syntax is required * Tue Jun 14 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.42 → 9.24.43 * Tue Jun 14 2022 Marcus Schäfer <[email protected]> - Fixed error handling for setfiles policy lookup Errors from os.scandir were not catched. In addition the path to run scandir was not properly created * Tue Jun 14 2022 Ludwig Nussel <[email protected]> - Mount /sys also for disks.sh /sys is needed to be able to run dracut in disks.sh * Mon Jun 13 2022 Ludwig Nussel <[email protected]> - Fix btrfs volume mounting If the second argument of os.path.join is an absolute directory, the result would be that directory. The intention is to produce a subdirectory of the mountpoint though. So pass a relative path. Without the fix, kiwi would try to e.g mount the /var subvolume of the image over the /var of the host, screwing everthing up of course :-) * Mon Jun 13 2022 Marcus Schäfer <[email protected]> - Prefer file based syscall in kexec when possible Use file based syscall in kexec if available. This is needed to support boot on an secure boot enabled system and is in general more reliable to boot into the system on real hardware platforms * Mon Jun 13 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.41 → 9.24.42 * Thu Jun 09 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.40 → 9.24.41 * Wed Jun 08 2022 Marcus Schäfer <[email protected]> - Fix helper method to detect dracut outfile format The method _get_boot_image_output_file_format_from_dracut_code is used in kiwi to match parts of the dracut code for the used output file format. Beginning with dracut-056 the code part checked has changed syntactically such that the match did no longer work. This commit increases the scope of the match and replace pattern and Fixes #2149 * Wed Jun 08 2022 Marcus Schäfer <[email protected]> - Fixed handling of signing_keys in cmdline options When passing signing_keys with the --add-repo|--set-repo commandline options the delimiter to separate the single key information is a colon(:). However, this is stupid when kiwi expects the signing key to be references as an URI format like file://... Therefore this patch changes the delimiter from colon(:) to semicolon(;) * Wed Jun 08 2022 Marcus Schäfer <[email protected]> - Correct setfiles relabeling This change was inspired by a change done on Fedora's livecd-tools from here: livecd-tools/livecd-tools#236. The patch corrects issues with the setfiles SELinux relabel command. The issues become apparent when the host and guest policies differ. Thus it becomes required to explicitly set the policy to decouple from eventual unwanted host settings. * Wed Jun 01 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.39 → 9.24.40 * Wed Jun 01 2022 Carlos Bederián <[email protected]> - Setup SELinux on every system prepare / build (#2148) Setup SELinux on every system prepare / build such that all image types benefit from it not only the disk (oem) type * Sun May 29 2022 Marcus Schäfer <[email protected]> - Install all of QEMU to Ubuntu arm integration test * Sun May 29 2022 Marcus Schäfer <[email protected]> - rename user to ubuntu for Ubuntu integration test * Sun May 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.38 → 9.24.39 * Sun May 29 2022 Marcus Schäfer <[email protected]> - Move to sphinx>=5.0.0 * Sun May 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.37 → 9.24.38 * Sun May 29 2022 Marcus Schäfer <[email protected]> - Fixed sphinx extlinks rendering In Sphinx v5 warning will be treated as errors. This results in the following warning to be an error: extlinks: Sphinx-6.0 will require a caption string to contain exactly one '%s' and all other '%' need to be escaped as '%%'. This commit applies the required quoting * Sun May 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.36 → 9.24.37 * Sat May 28 2022 Marcus Schäfer <[email protected]> - Added example aarch64 integration test for Ubuntu Created a RaspberryPI image description for Ubuntu(jammy) as integration test for building aarch64 images and added it to the integration test matrix * Mon May 23 2022 Marcus Schäfer <[email protected]> - Added --target-arch for image info Allow cross arch dependency solving * Fri May 20 2022 Marcus Schäfer <[email protected]> - update docs * Fri May 20 2022 Marcus Schäfer <[email protected]> - Add support for group id in users setting Allow to specify the group id in the groups list a user should belong to. The group id can be placed as part of the group name separated by a colon like in the following example: <users> <user groups="kiwi,admin:42,users" password="..." name="kiwi"/> </users> Please note kiwi checks if the provided group already exists and only creates a group if it is not already present in the system. As default groups are usually provided by the OS itself including its preferred group id, you will intentionally not be able to overwrite group id for existing groups. This Fixes #2064 * Thu May 19 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.35 → 9.24.36 * Tue May 17 2022 Robert Schweikert <[email protected]> - Subformats should also not be compressed when encryption is enabled (#2138) Subformats should also not be compressed when encryption is enabled This is a follow on change to bdba953. When the filesystem is encrypted the resulting image should not be compressed. Also explain why we ignore the compression seeting in the user configuration for encrypted images. * Mon May 16 2022 Marcus Schäfer <[email protected]> - Add support for prebuilt bootstrap package for apt When using the apt packagemanager kiwi required the use of debootstrap to create the initial rootfs. This works as long as there is always a main distribution repository available which follows the structure of the official debian mirrors. However if such a main distribution is not present or an alternative layout like e.g OBS repos is used, debootstrap will refuse to work. To allow for an alternative and without the dependency to debootstrap kiwi supports using a prebuilt bootstrap package providing the mini rootfs to serve as the bootstrap result. As all other package managers properly supports installation into an empty new root, this feature was only added when using the apt packagemanager * Sun May 08 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.34 → 9.24.35 * Sat May 07 2022 Marcus Schäfer <[email protected]> - Allow more repo params to be set on the cmdline The repository parameters for signing keys, the component list the main distribution name for debian repositories and also the repository_gpgcheck could not be set via the commandline options --add-repo and/or --set-repo. This commit adds support for them and also updates the manual page accordingly * Sat May 07 2022 Marcus Schäfer <[email protected]> - Update ubuntu integration tests Build them against latest release (jammy). This Fixes #2128 * Sat May 07 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.33 → 9.24.34 * Thu May 05 2022 Marcus Schäfer <[email protected]> - Follow up fix for isolinux-config isolinux-config is called to update the search path inside of the isolinux binary. isolinux/syslinux is exclusive to the ix86 architecture and to BIOS firmware. Therefore the condition to actually call it should reflect this. * Thu May 05 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.32 → 9.24.33 * Thu May 05 2022 Marcus Schäfer <[email protected]> - Fixed runtime check Fixed check_dracut_module_for_disk_overlay_in_package_list. The check complains if the dracut-kiwi-overlay module is not installed but overlay support was requested. This is correct but should only be done if the selected initrd system is dracut. * Wed May 04 2022 ozboss <[email protected]> - Add option to set LUKS type to luks1 (#2126) Add option to set LUKS type to luks1 So far the LUKS type could be set to luks and luks2. However, what luks version the value 'luks' evaluates to depends on how the distributor has packaged luks. Thus it's possible that 'luks' is either luks1 or luks2. To also have the opportunity to explicitly specify luks1 this commit adds the opportunity in the schema. * Wed May 04 2022 Marcus Schäfer <[email protected]> - Update devel packages helper Added trang as needed when working on the schema * Fri Apr 29 2022 Marcus Schäfer <[email protected]> - Add support for dm integrity with secret key Allow to protect the opening of the integrity data map and journal through a keyfile. For setting the key file two new optional type attributes were added: * integrity_keyfile * integrity_metadata_key_description The key file format must be correct according to the selected integrity algorithm. As of now the kiwi default hmac-sha256 algorithm is used with the selected keyfile The optional integrity_metadata_key_description attribute allows to specify a custom description of an integrity key as it is expected to be present in the kernel keyring. The information is placed in the integrity metadata block. If not specified kiwi creates a key argument string instead which is based on the given integrity_keyfile filename. The format of this key argument is: :BASENAME_OF_integrity_keyfile_WITHOUT_FILE_EXTENSION * Thu Apr 28 2022 Marcus Schäfer <[email protected]> - Update get_disksize_mbytes to support clones When using partition clones the pre-calculation of the disk size needs to take this into account. * Wed Apr 27 2022 Marcus Schäfer <[email protected]> - Fixed UUID setup for XFS Make sure the log got replayed prior generating a new UUID * Tue Apr 26 2022 Marcus Schäfer <[email protected]> - Fixed scope of setup_isolinux_boot_path There is a method called setup_isolinux_boot_path which is encoded in the Iso class. The method allows to change the boot path in the isolinux binary and makes sense when the bootloader is selected to be isolinux. However, the method was called in the scope of the FileSystemIsoFs class which responsibility is to create an ISO filesystem. The creation of an ISO filesystem has no direct connection to a bootloader. Thus calling this method in the scope of the FileSystemIsoFs implementation is wrong and can lead to unexpected side effects. This commit moves the call of the method to the places where isolinux as a bootloader can still be used. This Fixes #2117 * Tue Apr 26 2022 Dan Čermák <[email protected]> - Correct the URL to the dracut home page This fixes https://github.com/OSInside/kiwi/issues/2097 * Tue Apr 26 2022 Dan Čermák <[email protected]> - Change the custom vagrant config file to 00-vagrant.conf If it is called 99-vagrant.conf, then anything "before" that, like 50-redhat.conf takes precedence and overrides our custom settings. * Tue Apr 26 2022 Dan Čermák <[email protected]> - Add Leap 15.4, SLE 15 SP4 & CentOS Stream 9 to the scripts tests * Mon Apr 25 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.31 → 9.24.32 * Mon Apr 11 2022 Marcus Schäfer <[email protected]> - Add support for standalone dm integrity There is support in kiwi to use dm_integrity in combination with the LUKS header and dm_crypt. However there is also the use case to setup dm_integrity in standalone mode. This commit allows to create the dm_integrity layer outside of LUKS using /etc/integritytab to activate the map through a systemd generator if systemd is used. Regarding systemd it's required to use a version of system which provides: system-generators/systemd-integritysetup-generator. If this generator does not exist in the distribution it will also be missing in the dracut generated initrd and the boot will not be able to succeed. It's mentioned here because even newer distributions might be missing the generator Along with the implementation there are two new optional attributes in the <type> section: standalone_integrity="true|false" embed_integrity_metadata="true|false" standalone_integrity activates/deactivates the dm_integrity map on top of the root filesystem. Similar to the veritysetup support there is the opportunity to create an embedded magic metadata block at the end of the device containing the root filesystem via embed_integrity_metadata * Sun Apr 10 2022 Marcus Schäfer <[email protected]> - Update per codacy smell * Sun Apr 10 2022 Marcus Schäfer <[email protected]> - Add support for part clones to the Disk interface The Disk class provides methods to create partition(s) and map names according to its scope and independent of the actual partition tools. For example: create_root_partition(). This commit adds an additional optional clone parameter to all methods for which we want to allow partition clones * Sun Apr 10 2022 Marcus Schäfer <[email protected]> - Be less strict in boot link to itself As part of the grub setup a link named 'boot' inside of /boot is created pointing to itself 'boot -> .'. The reason is to allow the bootloader config to find its files referenced as /boot/something independently if /boot is placed into an extra partition. However if an extra boot partition is used and a filesystem which does not support symlinks, e.g fat, that symlink creation should not lead to an error in the image build process as it is considered an optional safe link and not a mandatory pre-requisite * Thu Apr 07 2022 Marcus Schäfer <[email protected]> - Fixed TW arm rpi integration test Explicitly add ruby to the package list * Wed Apr 06 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.30 → 9.24.31 * Wed Apr 06 2022 Robert Schweikert <[email protected]> - Fix LABEL detection (#2112) When only "root=" is specified on the kernel command line the match is located in the first group. Loop through the groups upon mtach to find what we are looking for. * Tue Apr 05 2022 Robert Schweikert <[email protected]> - Preserve LABEL setting (#2108) Preserve the LABEL= setting when the grub config file is re-generated. the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and not in any SUSE distribution. Set the grub setting such that LABEL is preserved on SUSE distros. (bsc#1197616) * Tue Apr 05 2022 Marcus Schäfer <[email protected]> - Fix test_setup_default_grub_empty_kernelcmdline The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT is not set depending on the provided cmdline. The test exists for reasons explained in Issue #1650 * Fri Apr 01 2022 Fabian Vogt <[email protected]> - Don't compress .appx containers (#2106) The container is actually inside and already compressed. * Fri Apr 01 2022 Marcus Schäfer <[email protected]> - Added new CloneDevice class Added CloneDevice class to the storage interface. The class allows to create clone(s) from a given source block device into a list of target block devices. The target block devices are clones of the source but prevents device naming conflicts for unique identifiers like the UUID. This is requires to still allow to boot from images containing device clones and needs to be handled by tools that might work on top of the cloned devices. * Thu Mar 31 2022 Marcus Schäfer <[email protected]> - Improve readability of shell commands The way the lsblk pipeline is constructed is improved to become easier to read by this commit * Thu Mar 31 2022 Marcus Schäfer <[email protected]> - Added set_uuid() method to FileSystem API Allow to set a custom UUID not only at creation time of a filesystem but also at a later point in time in an already existing filesystem * Tue Mar 29 2022 David Cassany <[email protected]> - Ensure BootloaderConfig resources are cleaned first This commit wraps the manual BootloaderConfig instance cleanup in disk builder into a try/finally scope. This way if KIWI is aborted or fails within this scope the BootloaderConfig is cleaned up first. Signed-off-by: David Cassany <[email protected]> * Tue Mar 29 2022 Marcus Schäfer <[email protected]> - Fixed overlay root dracut module make sure there is always only one selection for the readonly root partition * Tue Mar 29 2022 Marcus Schäfer <[email protected]> - Update LUKS integration test for TW Use cipher options to make cryptomount work again * Tue Mar 29 2022 Marcus Schäfer <[email protected]> - Set LUKS(v1) for TW encryption integration test In Tumbleweed LUKS2 became the default but the grub cryptomount tool is not able to work with the v2 LUKS header. Thus the test explicitly builds against the former luks version for now * Tue Mar 29 2022 Marcus Schäfer <[email protected]> - Set LUKS2 for TW luks encryption integration test In Tumbleweed LUKS2 became the default also for grub and cryptomount, which requires to create a LUKS2 header in the dm_crypt layer * Tue Mar 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.29 → 9.24.30 * Mon Mar 28 2022 Tim Serong <[email protected]> - Add ensure_empty_tmpdirs option for OCI containers (bsc#1197783) Since #1759 was merged, the contents of /run/ and /tmp/ are excluded from built images. This causes problems for some containers, notably Ceph when deployed in a Rook/k8s environment, which needs to have certain directories present inside /run/. This commit adds the ability to return to the previous behaviour and *not* empty those temporary directories, if you specify <image><preferences><type [...] ensure_empty_tmpdirs="false">. Fixes: https://github.com/OSInside/kiwi/issues/2093 Signed-off-by: Tim Serong <[email protected]> * Fri Mar 25 2022 Marcus Schäfer <[email protected]> - Fixed parsing of veritysetup output veritysetup uses tabs to align values. The way kiwi parsed the values did not strip out the tabs and later on keeps them in the verification metadata block. The unit test did not catch this because the mock output used for veritysetup did not contain tabs. This commit fixes the test to catch this condition and also fixes the code to handle all space characters (tabs, space, newlines) in a safe way * Thu Mar 24 2022 Marcus Schäfer <[email protected]> - Update contents of store_credentials result file The method added information about the PARTUUID as useful information. However, PARTUUID's are not supported by all partition tables. The Linux generated artificial values from the disk identifier are not wanted in this scope. As the information is not mandatory it's better to not provide it at all and avoid confusion to users. * Thu Mar 24 2022 Marcus Schäfer <[email protected]> - Make blkid call more robust Do not raise of blkid is not able to read the requested ID. It is expected that the methods of the BlockID class either returns a value or none but do not raise and cause the complete process to terminate * Thu Mar 24 2022 Marcus Schäfer <[email protected]> - Added embed_verity_metadata attribute Specifies to write a binary block at the end of the partition serving the root filesystem, containing information for dm_verity verification and to construct the device map * Thu Mar 24 2022 Marcus Schäfer <[email protected]> - Added create_verification_metadata method Along with creating a filesystem including device mapper features like dm_verity (see verity_blocks) or dm_crypt/dm_integrity (see luks) there is always the question where to store the metadata information required to setup the device map. This can include information about blocksizes, offset addresses and more. The create_verification_metadata() method allows to write a signed custom data block of a documented format at the end of the given block special which stores this type of information such that tools at boot time gets the opportunity to read this information. In this commit only information connected to the dm_verity feature activated via the verity_blocks attribute will be part of the verification block. With future changes other data might be added * Wed Mar 23 2022 Marcus Schäfer <[email protected]> - Added runtime check for by-partuuid use Added check_partuuid_persistency_type_used_with_mbr(). Not every partition table type supports UUIDs. We don't want to make use of the artifical values created by Linux if the partition table doesn't support it natively * Wed Mar 23 2022 Marcus Schäfer <[email protected]> - Support partuuid and label mounts in dracut module The 90kiwi-overlay dracut module was not able to parse the device link if done with PARTUUID or LABEL * Wed Mar 23 2022 Marcus Schäfer <[email protected]> - Added integration test for by-partuuid The test hooks into the existing test-image-embedded integration test for leap. As I plan to extend the tests specific to features actually only useful for special embedded images, I thought this would be the right place to start * Mon Mar 21 2022 Marcus Schäfer <[email protected]> - validate luksformat options validate options against the cryptsetup help info in a runtime check * Mon Mar 21 2022 Marcus Schäfer <[email protected]> - Handle LUKS type in its own attribute * Sun Mar 20 2022 Marcus Schäfer <[email protected]> - Fixed attribute description The overlayroot_verity_blocks attribute description contained outdated information * Sat Mar 19 2022 Marcus Schäfer <[email protected]> - Add support for verity setup on standard rootfs So far the verity support was only available with the overlayroot layout and the read-only squashfs root. This commit adds a new attribute: verity_blocks="number|all" which allows to create the verity setup also on the standard root partition In addition to the change it was needed to extend the Filesystem API with an additional optional paramter to allow setup of the filesystem UUID. Having the opportunity to set the UUID at filesystem creation is generally useful and with regards to this particular change it became also required * Fri Mar 18 2022 Neal Gompa <[email protected]> - Allow Btrfs and XFS as options for the boot partition filesystem We already do this implicitly when we do not define this attribute and request a boot partition, so let us explicitly offer these as options too. * Fri Mar 18 2022 Marcus Schäfer <[email protected]> - Fix grub defaults for PARTUUID use Make sure to set GRUB_DISABLE_LINUX_PARTUUID to false when using by-partuuid * Thu Mar 17 2022 Marcus Schäfer <[email protected]> - Allow luks format options Added new luksformat element which allows to pass along options to the luksFormat call. This allows users to switch between LUKS and LUKS2 via e.g <luksformat> <option name="--type" value="luks2"/> </luksformat> It also allows to pass along a set of options only available to LUKS2, e.g <luksformat> <option name="--type" value="luks2"/> <option name="--cipher" value="aes-gcm-random"/> <option name="--integrity" value="aead"/> </luksformat> In addition to the new attribute the existing luks attribute can also be specified to read credentials from a keyfile by using the file:// source locator, e.g <type ... luks="file:///path/to/a/keyfile"/> This Fixes #1898 * Sat Mar 12 2022 Marcus Schäfer <[email protected]> - Fixed funny build_status.sh bug If the name of the repository starts with an 'F' like in Fedora, the 'F' is turned into a red escape sequence because it is assumed to be a failed status indicator :) The path here is probably also dumb as it just assumes there is a space after the status indicator. Well the complete script is not really a good one, but still helpful * Sat Mar 12 2022 Marcus Schäfer <[email protected]> - Update Fedora arm integration test Move test to Fedora 34 * Sat Mar 12 2022 Marcus Schäfer <[email protected]> - Added container build test for Fedora Fedora systems uses buildah to create containers. There is no integration test for kiwi which tests building containers with buildah. This commit adds a build test to cover this path. Related to Issue #2020 * Fri Mar 11 2022 Marcus Schäfer <[email protected]> - Fixed test-image-docker-derived for leap The test still used the additionaltags attribute with the latest schema (v7.5) which fails to validate because the attribute was moved to additionalnames * Thu Mar 10 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.28 → 9.24.29 * Thu Mar 10 2022 Marcus Schäfer <[email protected]> - Don't bind mount /run during build time In commit #9512318 a new bind mount of /run into the root tree during build time was introduced. The bind mount was done because in my tests running podman from config.sh it did not work without /run bind mounted. However, it turned out that I was wrong because along with the provided methods to prepare cgroups and a custom runtime configuration method; setupContainerRuntime() it is not needed to have /run bind mounted. Thus this commit deletes the bind mount of /run and therefore Fixes #2067 * Thu Mar 10 2022 Marcus Schäfer <[email protected]> - Fix github action running obs service refresh The curl command to send the POST request for running the obs remote service uses the --fail-with-body option. Unfortunately the ubuntu-latest container used to run the action comes with a curl version that does not support the option. Thus this commit removes the use of the option * Wed Mar 09 2022 Marcus Schäfer <[email protected]> - Move scope of veritysetup veritysetup was called as part of the disk builder. However, the veritysetup should be a responsibility of the classes which implements the sync_data method. This allows to use the creation of a verity hash format right after sync as a feature to these classes and in a broader scope. In addition to that change the VeritySetup::format method now returns the metadata from the format call and stores it as debug information to the log file. A concept to persistently store the verification metadata as part of the partition(s) will be a next step. * Wed Mar 09 2022 Dan Čermák <[email protected]> - Style changes in container docs Reformulate the container building guide a bit * Wed Mar 09 2022 Marcus Schäfer <[email protected]> - Add support for custom size in filesystem classes Allow to create filesystems with an optional size parameter. If no size is provided the filesystem gets as big as the device which is the default and unchanged behavior. In addition a size counting from the beginning (>0) as well as a size counting from the end (<=0) can be provided. * Wed Mar 09 2022 David Cassany <[email protected]> - Update schema docs Signed-off-by: David Cassany <[email protected]> * Tue Mar 08 2022 Marcus Schäfer <[email protected]> - Provide schema version v7.5 in spec * Tue Mar 08 2022 Marcus Schäfer <[email protected]> - Update descriptions to schema v7.5 * Sun Mar 06 2022 Marcus Schäfer <[email protected]> - Support mount by PARTUUID In addition to by-label and by-uuid also support mounting by PARTUUID. Please note kiwi also makes sure that the grub generated config file uses the root=PARTUUID= notation and it's not clear if grub-mkconfig will persist making use of it. Nevertheless there are also systems which uses different methods to boot and it makes sense to support partuuid mappings as well * Sun Mar 06 2022 Marcus Schäfer <[email protected]> - Add support for partition cloning Support creating block level clones of certain partitions used in the image. Clones can be created from the root, boot and any partition listed in the <partitions> element. * Sun Mar 06 2022 Marcus Schäfer <[email protected]> - Update cron for security scorecard Run weekly on Saturdays * Fri Mar 04 2022 Marcus Schäfer <[email protected]> - Add support for extended layout to msdos table This commit adds the following new type attribute <type ... dosparttable_extended_layout="true|false"/> If set it specifies to make use of logical partitions inside of an extended one. Effective only on type configurations which uses the msdos table type, it will cause the fourth partition to be an extended partition and all following partitions will be placed as logical partitions inside of that extended partition. This setting is useful if more than 4 partitions needs to be created in an msdos table. In addition to the support for extended/logical partitions the the attributes 'mountpoint' and 'filesystem' in the <partitions> section becomes optional. This also allows to place partitions as placeholders not mounted into the system * Fri Mar 04 2022 Marcus Schäfer <[email protected]> - Added type hints for partitioner interface * Fri Mar 04 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.27 → 9.24.28 * Thu Mar 03 2022 Marcus Schäfer <[email protected]> - Fixed unconditional grub2 package requirement The grub2 package does not exist on all distributions as a name provider independent of the architecture. On for example Debian and Ubuntu the packages are handled differently and grub2 is only provided on supported architectures. Thus the spec file should set the grub2 requirement only if the distribution provides it in any case * Wed Mar 02 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.26 → 9.24.27 * Tue Mar 01 2022 Marcus Schäfer <[email protected]> - Added overlayroot_verity_blocks attribute Setting this attribute to a number or 'all' in an overlayroot configuration will create a dm verity hash from the number of given blocks (or all) placed at the end of the squashfs compressed read-only root filesystem. For later verification of the device, and without further image description settings, the credentials information produced by veritysetup from the cryptsetup tools, is created as a file in /boot/overlayroot.verity and is stored as such into the image by default. * Tue Mar 01 2022 Marcus Schäfer <[email protected]> - Fixed disk.sh caller environment The documentation explains the disk.sh script to be called from inside of the image root as it exists on the block layer. The disk.sh script is therefore also called after the sync of the unpacked image root tree to the block layer. The implementation however, was only partially calling disk.sh from such an environment. In fact the environment was only the mountpoint of the root partition but this is not the complete system regarding layouts that uses extra partitions and/or volumes. This commit introduces the use of the new class ImageSystem and calls disk.sh in the way it was designed and documented. * Tue Mar 01 2022 Marcus Schäfer <[email protected]> - Added ImageSystem class The class responsibility is to provide access to the image root system from the block layer of the image scope * Tue Mar 01 2022 Marcus Schäfer <[email protected]> - Prevent superfluous filesystem creation In case of an overlayroot setup and the request for no extra write partition, it is not needed to create a filesystem for the write space which never gets synced to the image * Sat Feb 26 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.25 → 9.24.26 * Sat Feb 26 2022 Marcus Schäfer <[email protected]> - Fixed destructor test on oci_tools/buildah_test.py Calling del() from teardown breaks when the method is called through teardown_method * Sat Feb 26 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.24 → 9.24.25 * Sat Feb 26 2022 Marcus Schäfer <[email protected]> - Support nose and xunit style tests The modifications in this commit allows the unit tests to run on both, pytest 6.x (nose test layout) and the new pytest 7.x (xunit test layout). This Fixes #2072 in a much nicer way. Thanks much to @smarlowucf * Fri Feb 25 2022 Marcus Schäfer <[email protected]> - Update unit test to work in obs Some unit tests fails if they run in an obs environment. This is because the implementation checks the runtime envoironment and behaves differently if the system is an obs worker. The unit tests has to explicitly set this condition right for the test * Fri Feb 25 2022 Marcus Schäfer <[email protected]> - Revert "Unit test adaptions to pytest v7" This reverts commit 0dc2e803e0e8059c54a0ea23960245286675c86c. The pytest interface from version v6 to v7 has received changes which requires the tests to be adapted to work for either the old or the new interface. As there are still many distributions which uses v6 as the standard we decided to revert back the adaptions done to support v7 and create a version requirement to v6 in .virtualenv.dev-requirements.txt This Fixes #2072 * Wed Feb 23 2022 Marcus Schäfer <[email protected]> - Added overlayroot_readonly_partsize attribute Specifies the size in MB of the partition which stores the squashfs compressed read-only root filesystem in an overlayroot setup. This Fixes #2068 * Wed Feb 23 2022 Marcus Schäfer <[email protected]> - Update to scorecard CI 1.0.4 * Tue Feb 22 2022 Marcus Schäfer <[email protected]> - Added debootstrap log info to exception message In case debootstrap fails there is more detailed information in a logfile written by debootstrap itself. This commit changes the exception information to contain this log information if present. Related to Issue #1800 * Sun Feb 20 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.23 → 9.24.24 * Sun Feb 20 2022 Marcus Schäfer <[email protected]> - Added overlayroot_write_partition attribute For the oem type only, allows to specify if the extra read-write partition in an overlayroot setup should be created or not. By default the partition is created and the kiwi-overlay dracut module also expect it to be present. However, the overlayroot feature can also be used without an initrd and under certain circumstances it is handy to configure if the partition table should contain the read-write partition or not. * Sat Feb 19 2022 Matt Coleman <[email protected]> - Use DEB822-formatted .sources files instead .list files for APT * Tue Feb 15 2022 David Cassany <[email protected]> - Support additional names for docker containers Docker containers used to support the attribute `additionaltags` which was used to provide multiple tags for the same image. Since only tags were supported this commit renames the attribute to `additionalnames` and now supports tags and names witht he following syntax: * '<name>:<tag>' -> adds a full docker image reference including name and tag * ':<tag>' -> adds an additional tag while reusing the former name * '<name>' -> adds an additional name while reusing the former tag Fixes #2045 Signed-off-by: David Cassany <[email protected]> * Mon Feb 14 2022 Marcus Schäfer <[email protected]> - Follow up fix on force deleting debs Also remove eventual post scripting prior force removal of deb packages. Similar inconsistencies as with the pre scripts can occur on force removal. We want the operation to be successful in force mode even if that means to leave a dirty state. * Sat Feb 12 2022 Marcus Schäfer <[email protected]> - Add support for pre_disk_sync.sh script The optional pre_disk_sync.sh script is executed for the disk image type oem only and runs right before the synchronisation of the root tree into the disk image loop file. The script hook can be used to change content of the root tree as a last action before the sync to the disk image is performed. This is useful for example to delete components from the system which were needed before or cannot be modified afterwards when syncing into a read-only filesystem. * Thu Feb 10 2022 Marcus Schäfer <[email protected]> - Create ci-scorecards-analysis.yml Create security health metrics score card * Tue Feb 08 2022 Marcus Schäfer <[email protected]> - Fixup inplace podman storage and container conf Newer versions of podman requires runroot and graphroot to be explicitly set in storage.conf. Newer versions of podman no longer reads the engine.cgroups setting on containers.conf and prints a 'Failed to decode the keys [\"engine.cgroups\"]' warning message This commit fixes storage.conf and containers.conf written by kiwi if the setupContainerRuntime method is used in scripts. * Tue Feb 08 2022 David Cassany <[email protected]> - Make use of container name in OCI images Fixes #2050 Signed-off-by: David Cassany <[email protected]> * Mon Feb 07 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.22 → 9.24.23 * Mon Feb 07 2022 Marcus Schäfer <[email protected]> - Fixed name of secret variable The ci-update-build-tests action used a wrong variable name which does not exist in the github secrets. This commit fixes it and uses the correct variable name * Mon Feb 07 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.21 → 9.24.22 * Mon Feb 07 2022 Marcus Schäfer <[email protected]> - Revert "Revert "Fixed MicroOS build test"" This reverts commit 8c4464b8ff2af2642439ce92e1e2be497f2b0f4d. snapper default config has moved from /etc to /usr/share now hopefully for the last time * Mon Feb 07 2022 Marcus Schäfer <[email protected]> - Fixed unit tests The pytest interface setup() method call has changed in a way that an additional parameter is passed to the method which leads to a python error at invocation time if the setup method does not define it. * Mon Feb 07 2022 Neal Gompa <[email protected]> - build-tests: Update CentOS 8 test appliance to CentOS Stream 8 CentOS Linux 8 is now EOL, so switch over to CentOS Stream 8. * Sat Feb 05 2022 Marcus Schäfer <[email protected]> - Added API for BLS and systemd-boot support Bootloaders implementing the Boot Loader Spec (BLS) are not directly compatible with the original Bootloader Class design in kiwi. Because of that an interface class which translates the original API into calls following BLS was added. This allows us to keep the implementations in the Builder classes and the public BootLoader interface untouched. In addition to the BLS API an implementation to support the systemd-boot loader is part of this commit too. An example type definition to use systemd-boot with an EFI disk image type looks like the following: <type image="oem" filesystem="xfs" firmware="efi" bootloader="systemd_boot" efipartsize="200"/> The implementation uses bootctl and kernel-install tools provided from systemd and expects a proper integration of systemd-boot by the distribution maintainers This Fixes #1935 * Fri Feb 04 2022 Marcus Schäfer <[email protected]> - Fixed handling of oem reboot settings There are oem settings called oem-reboot, oem-reboot-interactive as well as oem-shutdown and oem-shutdown-interactive. When used the information is passed along to the profile but not evaluated by any initrd code. I don't know where on the way we lost the code that actually works with these settings but this commit makes them effective. This Fixes #2056 * Thu Feb 03 2022 Dirk Müller <[email protected]> - treat armv8l as armv7hl openSUSE switched from armv7hl buildworkers to aarch64 in 32bit mode which identifies itself as "armv8l" in uname -m. * Tue Feb 01 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.20 → 9.24.21 * Mon Jan 31 2022 Marcus Schäfer <[email protected]> - Fixed UUID used in grub early boot script In case the system is luks encrypted the UUID of the root partition was used in the grub early boot script. However, this condition is only correct if in addition to the luks encryption the boot area is on crypto too. If boot is not on crypto the UUID must be the boot partition and not root. Only if root AND boot is on crypto the kiwi created early boot script includes the grub cryptomount calls. * Sat Jan 29 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.19 → 9.24.20 * Sat Jan 29 2022 Marcus Schäfer <[email protected]> - Followup fix for force deleting debian packages The force uninstall deletes pre scripts prior removal because if they fail the package will not be removed. For a force uninstall we consider this ok. However, the deletion of the scripts did not happen in the image root. This patch fixes it * Wed Jan 26 2022 Marcus Schäfer <[email protected]> - Followup fix for force deleting debian packages Pass --force-depends to allow uninstall even if the dependency checker complains * Tue Jan 25 2022 Marcus Schäfer <[email protected]> - Fix use of xattrs for container sync when syncing data for containers only a subset of xattr attributes can be applied. This Fixes #2009 * Tue Jan 25 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.18 → 9.24.19 * Tue Jan 25 2022 Neal Gompa <[email protected]> - Ensure SELinux labels are set based on the policy When running kiwi from a filesystem tree that has custom labels applied (such as when using kiwi from within a container on an SELinux-enabled host), the filesystem labeling doesn't correctly apply on some files and folders with a warning about the location being customized by the administrator. This causes all kinds of strange results with the built images and makes them unbootable. To resolve this, tell setfiles to forcibly set files and folders with the default context from the installed policy. * Tue Jan 25 2022 Fabian Vogt <[email protected]> - Extend and update documentation about /etc/machine-id setup * Tue Jan 25 2022 Fabian Vogt <[email protected]> - Fix ordered list in shell_scripts.rst Ordered lists must be indented by three spaces, otherwise the numbering breaks. * Mon Jan 24 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.17 → 9.24.18 * Mon Jan 24 2022 David Cassany <[email protected]> - Fix ramdisk deployments from PXE This commit fixes PXE deployments on ramdisk. In such cases the former fix from df4e62a4 is not sufficient as there is no `root=` parameter within the kernel cmd line and hence this logic is never executed. Signed-off-by: David Cassany <[email protected]> * Fri Jan 21 2022 David Cassany <[email protected]> - Update outdated PKGBUILD for Arch Linux Signed-off-by: David Cassany <[email protected]> * Fri Jan 21 2022 Marcus Schäfer <[email protected]> - Fixed unit test race condition * Fri Jan 21 2022 Marcus Schäfer <[email protected]> - Fixed grub loader/entries setup If called in non standard environments like an OBS worker the grub tooling does not work correctly and produces invalid results. For these cases kiwi provides a collection of fix_ methods to change the produced results. This commit covers the invalid path in loader/entries/*.conf files pointing to the kernel and the initrd as they exist in the image-root directory. This results for example in settings like: linux /usr/src/packages/KIWI-oem/build/image-root/boot/vmlinuz-5.14.0-43.el9.x86_64 when it should be: linux /boot/vmlinuz-5.14.0-43.el9.x86_64 This Fixes #2038 * Fri Jan 21 2022 Fabian Vogt <[email protected]> - Set /.snapshots subvolume to mode 0700 (bsc#1194992) Avoid that users other than root can enter or even change the content. This is what snapper does as well. * Fri Jan 21 2022 Marcus Schäfer <[email protected]> - Fixed build_status helper output issue Starting with CentOS stream 9 integration tests a new layer in the project that builds it was added. This changed the osc results output and messed up the build_status helper output a bit. This commit fixes it * Thu Jan 20 2022 Marcus Schäfer <[email protected]> - Fix the uninstall(force) on Debian based dists Packages marked for uninstall via <package name="delete|uninstall"/> failed to become removed for several reasons. The way this was done in kiwi did not work because dpkg needs to be called differently and with some nasty pre-processing in order to allow for force deletion. In force mode we also allow to remove packages marked as essential. In gracefull uninstall mode this commit makes sure the environment is prepared and does not fail for false-positive reasons. * Wed Jan 19 2022 Marcus Schäfer <[email protected]> - Added mail map Added information about my private e-mail being the successor for the work done when I was an employee of SUSE * Tue Jan 18 2022 Marcus Schäfer <[email protected]> - Allow calling podman within chroot Added helper functions and env preparation code to allow calling podman from within a chroot. This allows to run podman from e.g config.sh and also inside of OBS workers * Tue Jan 18 2022 Marcus Schäfer <[email protected]> - Fix requirements for kiwi-systemdeps-filesystems Extend btrfs condition applying for EL8 to apply for EL9 too * Fri Jan 14 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.16 → 9.24.17 * Fri Jan 14 2022 Marcus Schäfer <[email protected]> - Fixed image builds without kernel If an image is build without a kernel kiwi fails due to some code paths expecting the presence of kernel modules and or kernel binaries. This commit fixes this and allows creating an image without installing a kernel. * Fri Jan 14 2022 Marcus Schäfer <[email protected]> - Added CentOS Stream 9 integration tests * Thu Jan 13 2022 Fabian Vogt <[email protected]> - Allow "uninitialized" as content of /etc/machine-id According to machine-id(5), an empty file does not signal that this is the first boot of the system. Instead, the file needs to be missing or contain the string "uninitialized". A missing file does not work if the filesystem is initially mounted read-only, so allow "uninitialized" as well, instead of truncating it. Improve the documentation of the method, e.g. dracut is not involved. * Thu Jan 13 2022 Fabian Vogt <[email protected]> - Fix booting GRUB submenu entries with hybrid images (linux/linuxefi) Variables assigned with "set" are not visible in submenus for some reason. Export $linux and $initrd, so that they also work in submenu entries. Fixes bsc#1192523 * Thu Jan 13 2022 Fabian Vogt <[email protected]> - Don't copy GRUB modules for EFI with secure boot enabled When booting grub.efi with secure boot enabled, modules can't be loaded and thus the grub.efi image needs to be complete. Save some space in live images by not copying them into the ISO filesystem. Fixes part of #1750 * Thu Jan 13 2022 Fabian Vogt <[email protected]> - Don't include the ESP in the ISO9660 partition as well (#1750) Previously the image for the ESP was created inside the source directory for the ISO9660 filesystem, so it ended up there as well as a separate partition. Fix that by creating it as a temporary file instead. * Thu Jan 13 2022 Marcus Schäfer <[email protected]> - Automate build-tests OBS service refresh This commit provides a new github action which sends API requests to the OBS api to refresh the source services for the integration tests on the OBS server side. This Fixes #1980 * Wed Jan 12 2022 Marcus Schäfer <[email protected]> - Added docker integration test for Ubuntu * Wed Jan 12 2022 Marcus Schäfer <[email protected]> - Update ubuntu integration test to Hirsute(21.04) * Tue Jan 11 2022 Marcus Schäfer <[email protected]> - Bump version: 9.24.15 → 9.24.16 * Sun Jan 09 2022 Marcus Schäfer <[email protected]> - Fixed regression in compression detection The change from 282529de8f612dee32d54ee868c2365dcd829220 Introduced a bad regression. The assumption was made that the xz tool could be used to detect if a file is compressed or not. However, this requires the file to be locally present. In the scope of the method call is_compressed() and within a remote deployment e.g PXE this is not the case. Therefore the former way to "detect" the compression according to the .xz postfix of the source filename was restored. In addition the function name was changed to is_xz_compressed() because that's what the method can do and not more. This Fixes #2015 * Fri Jan 07 2022 Marcus Schäfer <[email protected]> - Added debug option --debug-run-scripts-in-screen Instead of running scripts in screen if the --debug switch is set, we allow to explicitly switch on this behavior via a new option. This Fixes #2010 * Fri Jan 07 2022 Marcus Schäfer <[email protected]> - Change packages target for bootincludes Packages marked with bootinclude="true" will be added to the referenced kiwi boot image description if the initrd_system is set to "kiwi" instead of "dracut". The package marked was primarily added to the type="image" section and got only added to the type="bootstrap" section if no image type section existed. However, it has turned out that this approach has the disadvantage that packages which must be installed as part of the bootstraping (e.g certificates) cannot be handled. This commit changes the behavior of the bootinclude to include the package always to the type="bootstrap" section. * Fri Jan 07 2022 Marcus Schäfer <[email protected]> - Add GitHub workflow badges * Fri Jan 07 2022 Marcus Schäfer <[email protected]> - Fixed Codacy Badge * Sun Jan 02 2022 Marcus Schäfer <[email protected]> - Allow firmware="custom" setting The firmware attribute in kiwi is used to indicate for which boot firmware the image should be build. Specifying the target firmware is helpful to create for example the correct disk layout. If no firmware is specified KIWI decides for a default according to the image architecture. This selection is not 100% accurate and as we don't know the later target system. Especially for embedded devices the correct disk layout and other settings can be board specific and KIWI's default settings regarding the firmware could be invalid. For compatibility reasons we cannot switch off the default selection case and therefore a new attribute value "custom" is introduced with this commit. If set KIWI does not select any firmware and consequently all settings caused by a firmware setup will be skipped. On the other hand this means all needed settings for the target to boot and not done by KIWI needs to be specified explicitly and as needed. * Sun Jan 02 2022 Neal Gompa <[email protected]> - Add util-linux dep for -systemdeps-disk-images subpackage Without this dependency, kiwi fails to work properly in minimal image build environments, like in a mock chroot where util-linux is not installed. * Fri Dec 17 2021 Tanja Roth <[email protected]> - index.rst: fix headline * third try: apply diff by schaefi * Fri Dec 17 2021 Tanja Roth <[email protected]> - index.rst: fix headline * removed lonely bracket * added more lines to fix syntax * Thu Dec 16 2021 Tanja Roth <[email protected]> - index.rst: Change title (bsc#1189294#c2) * 'KIWI NG 9: KIWI NG Documentation' -> 'Building Linux System Appliances with KIWI Next Generation (KIWI NG <VERSION>) * suggested in bsc#1189294#c2 for more clarity * change has been discussed with and approved by main author (Marcus S.) * Thu Dec 16 2021 Rüdiger Oertel <[email protected]> - support compressed modules in other formats when cleaning up the firmware directory for unused files * Thu Dec 16 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.14 → 9.24.15 * Wed Dec 15 2021 Marcus Schäfer <[email protected]> - Update documentation Rework troubleshooting chapter and add an article about app security subsystems like selinux and their potential influence on building images. Also update the quickstart with a reference to the troublshooting chapter. This Fixes #1891 * Wed Dec 08 2021 Marcus Schäfer <[email protected]> - Added support for collection modules In CentOS Stream 8 and Red Hat Enterprise Linux 8, there are Application Streams that are offered in the form of modules (using Fedora Modularity technology). To build images that use this content KIWI needs to support to enable/disable various modules. This commit allows to configure collection modules in a new element as shown below <packages type="bootstrap"> <collectionModule name="module" stream="stream" enable="true|false"/> </packages> This Fixes Issue #1999 * Mon Dec 06 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.13 → 9.24.14 * Sun Dec 05 2021 Marcus Schäfer <[email protected]> - Disable intersphinx intersphinx is a doc extension which links to the documentation of objects in other projects whenever Sphinx encounters a cross-reference that has no matching target in the current documentation set, it looks for targets in the documentation sets configured in the intersphinx_mapping. However, the kiwi docs do not use this feature thus it can be disabled. * Tue Nov 30 2021 David Cassany <[email protected]> - Compress container images in builder class This commit changes the stage at which container images are compressed to match the criteria applied to other image types. Instead of compressing the image in OCI devoted classes now it is happening in builder class by setting Result instance properties. Fixes #1996 Signed-off-by: David Cassany <[email protected]> * Mon Nov 29 2021 Marcus Schäfer <[email protected]> - Revert "Fixed MicroOS build test" This reverts commit 52c38f9ec22aef484efaf0a570dc78eea529deec. The TW people moved to an older version of libsnapper, no idea what these guys are doing * Mon Nov 29 2021 John Paul Adrian Glaubitz <[email protected]> - kiwi-repart: Fix spelling error in source code comment * Mon Nov 29 2021 John Paul Adrian Glaubitz <[email protected]> - Fix multiple minor spelling errors in documentation * Mon Nov 29 2021 Marcus Schäfer <[email protected]> - Added support for setting up release version Currently the release version is not set or set to '0' for package managers which requires a value to operate. However, in order to support leveraging the same description across different releases it is important to have the opportunity to specify a setting for the release version. This commit adds a new optional attribute to the preferences section which allows to specify a custom value which serves as the release version: <preferences> <release-version>TEXT</release-version> </preferences> If not specified the default setting as before applies. Please note the release version information is currently used in dnf and microdnf package managers only. It might happen that it gets applied to the other package manager backends as well. This will happen on demand though. Related to Issue #1918. This Fixes #1927 * Mon Nov 29 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.12 → 9.24.13 * Mon Nov 29 2021 Marcus Schäfer <[email protected]> - Add global --kiwi-file option When building with kiwi a search on the kiwi main config file is made inside of the given --description directory. The search looks up for the file config.xml or *.kiwi. So far there was no opportunity to specify another name. This commit adds an option in the global area named: - -kiwi-file name which will make kiwi to lookup this file inside of the given --description directory and fail if it does not exist. This Fixes #1973 * Mon Nov 29 2021 Marcus Schäfer <[email protected]> - Added type hints for CliTask class * Fri Nov 26 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.11 → 9.24.12 * Thu Nov 25 2021 Marcus Schäfer <[email protected]> - Use realpath to resolve this:// location * Thu Nov 25 2021 Marcus Schäfer <[email protected]> - Support this:// resource locator for includes Allow include references like the following example: <include from="this://include.xml"/> * Thu Nov 25 2021 Marcus Schäfer <[email protected]> - Allow repo path relative to the image description This commit adds a new URI type called this://... The this:// part will be resolved into the absolute path to the image description. A source path like the following: <source path="this://my_repo"/> is resolved to <source path="dir:///path/to/image/description/my_repo"/> This change provides the requested opportunity to reference repos provided as part of the image description and Fixes #1964 * Thu Nov 25 2021 Marcus Schäfer <[email protected]> - Care for different snapper template locations snapper recently changed their config template location from etc/ to usr/. This commit handles the two locations and Fixes bsc#1192940 * Thu Nov 25 2021 Marcus Schäfer <[email protected]> - Prevent warning message on resize exception On systems which are configured to run the oem resize at every boot (default case) kiwi checks how much space is free and if that fits the constraints configured as part of the image description. If the constraints are not met a warning message is displayed and the boot continuous without any resize action happening. This warning message however, always appears after the first boot when the resize had happened and no rest space on disk is present unless the disk geometry would have changed. The situation of the reboot of the system without any disk geometry change is the standard case and happens way more often than the reboot with a disk geometry change. Therefore the warning message displayed is not actually a real warning and most often considered as an issue when there is none. To relax this situation, this commit only shows the warning message if the detected free space on disk is greater than 2M, which is the condition under which we assume an intentional (user made) disk geometry change. This Fixes #1958 * Wed Nov 24 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.10 → 9.24.11 * Wed Nov 24 2021 Justin <[email protected]> - Fix Source Install Disk Detection in get_disk_list (#1982) Fix Source Install Disk Detection in get_disk_list The original check doesn't always work because PARTITIONS get labels, NOT disks. If you install with a Flash Drive and deploy to a machine with an NVMe drive, the Flash Drive is listed first because SCSIs are shown first by lsblk (At least they were in our scenario). When we run blkid "[Install Flash Drive Disk]" -s LABEL -o value in this scenario, we get nothing returned so this conditional evaluates incorrectly. We should get the ${kiwi_install_volid} Partition Block Name, and search for whether ${disk_device} is contained within it as the Disk Device that corresponds to the Install Partition. * Tue Nov 23 2021 Marcus Schäfer <[email protected]> - Do not force dracut into a compression setting So far we called dracut with --xz which forces the initrd to be xz compressed. There are other compression formats used by the distributions and they might differe from xz. The selection for a compression tool is done by a dist configuration in dracut.conf.d which is provided by the distributions as they see fit. For us this means not forcing dracut into a specific compression setting allows to make use of the distro provided setting and also allows to change/override this setting by an overlay file. This Fixes bsc#1192975 * Tue Nov 23 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.9 → 9.24.10 * Tue Nov 23 2021 Marcus Schäfer <[email protected]> - Added documentation about sharing backends The kiwi boxbuild plugin supports several sharing backends. Details about them and eventual pre-setup steps prior use are mentioned in this document * Tue Nov 23 2021 Marcus Schäfer <[email protected]> - Fixed MicroOS build test snapper default config has moved from /etc to /usr/share * Mon Nov 22 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.8 → 9.24.9 * Mon Nov 22 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.7 → 9.24.8 * Mon Nov 22 2021 Marcus Schäfer <[email protected]> - Added support for reading metalink in info module For resolver operations through libsolv the 'kiwi image info' module exists. So far it could not read the repos from metalink repo definitions. This Fixes #1890 * Fri Nov 19 2021 David Cassany <[email protected]> - Force key attribute from signing element to be treated as a URI Signed-off-by: David Cassany <[email protected]> * Thu Nov 18 2021 David Cassany <[email protected]> - Pass signing keys from the XML to the repositories This commits makes sure signing keys are passed to repositories setup in build task. Signed-off-by: David Cassany <[email protected]> * Thu Nov 18 2021 Marcus Schäfer <[email protected]> - Move static sle15 integration test to git * Tue Nov 16 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.6 → 9.24.7 * Mon Nov 15 2021 Marcus Schäfer <[email protected]> - Fixed raid integration test using extra boot part Due to changes in the distribution the tests needs some adaptions. The kernel as provided now by TW uses symlinks from boot to /usr/lib/modules/... to point to the kernel binary. Of course this breaks for any system that uses /boot on another partition. Those image tests which were testing this aspect needs fixing. * Mon Nov 15 2021 Dan Čermák <[email protected]> - Make sure fedora-release is installed on Rawhide Follow up to #1957 and #1962: The Fedora build tests were using the generic release package and not fedora-release. This issue has been partially fixed in #1962, but we forgot to port the fix to the rawhide images as well. This commit adds the missing package to the Rawhide images as well. * Fri Nov 12 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.5 → 9.24.6 * Fri Nov 12 2021 Marcus Schäfer <[email protected]> - Followup fix for debootstrap called only once A recent change skipped calling debootstrap if the allow-existing-root flag was passed in combination with apt as the package manager. However this is not enough. If you say allow-existing-root but the existing root is empty or not valid to continue with chroot and apt the debootstrap phase should not be skipped. This commit checks if apt works in the chroot such that we can assume debootstrap has done its job and can be skipped * Fri Nov 12 2021 Marcus Schäfer <[email protected]> - Allow to set sign keyfile in repository elements This commit adds a new and optional child element <signing> to the repository/source element as shown in the following example: <repository> <source path="..."> <signing key="keyfile"/> </source> </repository> The collection of all keyfiles from all repositories will be added to the keyring as used by the selected package manager. Signing keys specified on the commandline and signing keys specified in the image description will be combined. This Fixes #1883 * Fri Nov 12 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.4 → 9.24.5 * Fri Nov 12 2021 Marcus Schäfer <[email protected]> - Fixed include processing This commit fixes several issue connected with the use of the <include> directive: First and foremost the XSLT chain was broken in a way that the include XSLT in combination with the PrettyPrinter XSLT were called not in the chain of stylesheets but together. This results in XML descriptions which duplicated the content and went invalid Another change is, when the include XSLT is called in the chain. This commit moves it to become the very first processing instruction such that the included data is part of all subsequent XSLT stylesheets. This also allows to use older schema versions in included XML data and they get automatically converted through the chain of XSLT stylesheets. Last change is the evaluation of the from= attribute value. This value is now interpreted as an URI. Currently only local URIs are supported. The reason to do this is because XSLT when processing a document resolves relative paths according to the file path of the master document. As kiwi does not change the original content that path with will be a /var/tmp location if one of the XSLT stylesheets were used. The documentation for this change was updated as well * Thu Nov 11 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.3 → 9.24.4 * Thu Nov 11 2021 Marcus Schäfer <[email protected]> - Added type hints and annotations for iso_tools * Thu Nov 11 2021 Marcus Schäfer <[email protected]> - Drop support for cdrtools Tools like mkisofs, genisoimage and friends are all unmaintained and have found their substitute in xorriso for quite some time. This commit deletes the code from kiwi which supported creation of ISO images using the obsolete cdrtools collection. In addition all hack code associated with these tools like mbr insertion via isohybrid and things like that got dropped as well. This Fixes #1908 * Thu Nov 11 2021 kyr <[email protected]> - Drop usage of `factor` from coreutils utils/checksum: drop factor calls For portability we don't need to call linux coreutils' factor, instead we use pure python prime number generation implementation. Signed-off-by: Kyr Shatskyy <[email protected]> * Thu Nov 11 2021 Matt Coleman <[email protected]> - Add support for custom GRUB templates This allows the user to specify a template file to customize the bootloader menu. This only applies to oem and iso image types: other image types use the grub mkconfig toolchain. This resolves Issue #1970 Co-authored-by: Marcus Schäfer <[email protected]> * Tue Nov 09 2021 Dan Čermák <[email protected]> - Only trigger functions workflow on certain paths * Tue Nov 09 2021 Dan Čermák <[email protected]> - Re-enable functions integration tests once again * Tue Nov 09 2021 Kyr Shatskyy <[email protected]> - config/functions: make baseQuoteFile use extended regex It is more universal to use extended regex, because they can be used on wider range of platforms, for example, same regex works equally on bsd sed and linux distributions. Signed-off-by: Kyr Shatskyy <[email protected]> * Mon Nov 08 2021 Marcus Schäfer <[email protected]> - Added python 3.9, 3.10 to test workflow * Mon Nov 08 2021 Kyr Shatskyy <[email protected]> - utils/temporary: rename dir parameter to path To avoid conflicts with python standard `dir` function and for better matching purpose, the Temporary class constructor parameter it is the best to rename from dir to path. Signed-off-by: Kyr Shatskyy <[email protected]> * Sun Nov 07 2021 Kyr Shatskyy <[email protected]> - utils/temporary: the --temp-dir does not work Using of --temp-dir argument does not make an effect, because optional 'dir' parameter defaults to the global TEMP_DIR value before it's changed. This patch address this issue. Signed-off-by: Kyr Shatskyy <[email protected]> * Wed Nov 03 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.2 → 9.24.3 * Wed Nov 03 2021 Marcus Schäfer <[email protected]> - Fixed s390 SLE15 integration test added blog package to solve packages added by file provides which are not resolved by obs * Wed Nov 03 2021 Marcus Schäfer <[email protected]> - Fixed s390 integration test using extra boot part Due to changes in the distribution the tests needs some adaptions. The kernel as provided now by TW uses symlinks from boot to /usr/lib/modules/... to point to the kernel binary. Of course this breaks for any system that uses /boot on another partition. Those image tests which were testing this aspect needs fixing. * Wed Nov 03 2021 Marcus Schäfer <[email protected]> - Added partition sizes to disk size math Make sure partition sizes are used for the calculation of the entire disk size to fit the size constraints of the image disk * Tue Nov 02 2021 Marcus Schäfer <[email protected]> - Revert "Cleanup xattr requirement" This reverts commit 6754b3f9e270a6cb710355605c46b0bade4de29c. It has turned out that SLE15 still uses the other xattr module :/ * Tue Nov 02 2021 Marcus Schäfer <[email protected]> - Added integration test Test the combination of custom partitions and volumes * Fri Oct 29 2021 Marcus Schäfer <[email protected]> - Make sure fedora-release is installed Fedora based integration tests should install the fedora-release package. If no release package is specified the generic-release package is choosen which is unexpected. This Fixes #1957 * Wed Oct 27 2021 Marcus Schäfer <[email protected]> - Make sure debootstrap is called only once When building debian based images the bootstrap phase is done by calling debootstrap. If kiwi is called on an already existing root tree via --allow-existing-root this will make debootstrap to fail in any case. This is because for debootstrap it's an error condition if there is already data in the root. However, for kiwi and the explicitly requested re-use of the root tree this is not an error. Thus this commit skips the bootstrap by debootstrap and directly continues with the image phase. * Wed Oct 27 2021 Marcus Schäfer <[email protected]> - Cleanup xattr requirement There is no version of suse we support that provides the old xattr module. Thus the requirement can be set in a clean way to pyxattr and the setup.py trickery can be deleted * Mon Oct 25 2021 Marcus Schäfer <[email protected]> - Disable config functions testing It happens too often that the failure on running the container causes failed results which are not actually failures. I have hope that #1944 stabilize this * Fri Oct 22 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.1 → 9.24.2 * Fri Oct 22 2021 Marcus Schäfer <[email protected]> - Fixed nasty bug in ramdisk generator The ramdisk unit generator reads the config.bootoptions file and extracts the root_uuid from it. This is done with a very simple shell read using a space as separator. However the last element is never read by that code. As long as there was yet another kernel cmdline option after the root= option this bug was not an issue. But as soon as the root= option is last in the list it will not be read and the generator exits prior creating the sysroot.mount target. This commit fixes it in a way that it makes sure there is always a space at the end of the config.bootoptions file * Thu Oct 21 2021 Marcus Schäfer <[email protected]> - Support custom partitions In addition to the volume volume management settings also allow to setup low level table entries like in the following example: <partitions> <partition name="var" size="100" mountpoint="/var" filesystem="ext3"/> </partitions> * Thu Oct 21 2021 Marcus Schäfer <[email protected]> - Added integration build test for bundle_format * Wed Oct 20 2021 Marcus Schäfer <[email protected]> - Added lsof to kiwi-systemdeps-core * Tue Oct 19 2021 Marcus Schäfer <[email protected]> - Add support for custom result bundle naming Allow to specify a bundle_format per <type> which is used at the time of the result bundle creation to create image output names matching the provided pattern. This Fixes #1943 * Tue Oct 19 2021 Marcus Schäfer <[email protected]> - Added missing python-simplejson to pkgbuild Added missing python-simplejson requirement to the archlinux pkgbuild package template * Tue Oct 19 2021 Marcus Schäfer <[email protected]> - Raise exception on umount issue Up to now kiwi tried to umount a resource it has mounted for some time and if it was not possible due to a busy state the process continued. In any of these situations it was not possible to free up the nested resources and it could also happen that the image build result got corrupted because there is still data that can be consumed but shouldn't be there anymore. The change here makes kiwi to stop the process and raise with an error also including the information that there are now resources still active but busy on the host and a manual cleanup is unfortunately needed. This Fixes #1914 * Mon Oct 18 2021 Marcus Schäfer <[email protected]> - Added SystemOverlayRoot profile Test kiwi's overlayroot mode without initrd * Mon Oct 18 2021 Marcus Schäfer <[email protected]> - Update test for image without initrd and loader The systemd-remount-fs.service expects devices to be present in their UUID representation. When booting without an initrd there is no udev and the root= device must be provided with the kernel exposed unix device name. In addition there is no UUID device representation for virtio devices which are used together with the small kvmsmall kernel of this example. Since booting of this appliance is done via: $ kvm --kernel (kernel-kvmsmall) \ - drive file=kiwi-test-image-embedded.raw,if=virtio \ - append "root=/dev/vda1 console=ttyS0 rw" The kernel rootfs is mounted in rw mode anyway. Thus the systemd remount service is not useful in this case and switched off * Fri Oct 15 2021 Marcus Schäfer <[email protected]> - Bump version: 9.24.0 → 9.24.1 * Thu Oct 14 2021 Marcus Schäfer <[email protected]> - Make sure embedded test exposes the kernel * Thu Oct 14 2021 Marcus Schäfer <[email protected]> - Fixed use of LUKS encrypted images with empty pass For initial provisioning of LUKS encrypted disk images an empty passphrase key is handy to avoid interaction in the deployment process. However, the dracut kiwi modules were lacking the information that the luks keyfile could be an empty passphrase key which must not be opened with the potential risk to get prompted for input. This commit introduces a new profile environment variable evaluated by the dracut kiwi lib code to open the LUKS pool and allows to distinguish the situation on key files with or without a passphrase * Thu Oct 14 2021 Marcus Schäfer <[email protected]> - Fixed type annotations for LuksDevice class * Wed Oct 13 2021 Marcus Schäfer <[email protected]> - Fixed repo setup for test-image-embedded Use obsrepositories * Wed Oct 13 2021 Marcus Schäfer <[email protected]> - Added a build test for no-initrd / no-bootloader It's allowed to configure an image building without an initrd and/or bootloader setup. These are settings mostly used in the embedded world and this build test makes sure images of that kind can be build * Tue Oct 12 2021 Marcus Schäfer <[email protected]> - Add support for portable result data (#1949) In addition to the serialized Result instance kiwi.result file this commit also creates a portable version of this information in kiwi.result.json. Only the information that can be expressed as json document is part of the portable version. This is related to Issue #1918 * Thu Oct 07 2021 Marcus Schäfer <[email protected]> - Added documentation for kiwi stackbuild plugin Restructure the documentation to put all plugin documentation under its own category. Add a chapter about the stackbuild plugin, it's concepts and use cases. This Fixes #1907 * Thu Oct 07 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.63 → 9.24.0 * Thu Oct 07 2021 Marcus Schäfer <[email protected]> - Add support for toplevel include directive(s) On the toplevel of an image description you can now specify include directive(s) like in the following example <image ...> ... <include from="filename_a.xml"/> ... <include from="filename_b.xml"/> </image> At the place of their occurrence the include statement will be replaced with the contents of the given filename. The implementation is based on a XSLT stylesheet and applies very early in the process. The stylesheet reads the contents of the given file as XML document(). Thus only valid XML documents gets accepted by this include concept. This Fixes #1929 and is related to Issue #1918 * Wed Oct 06 2021 Dan Čermák <[email protected]> - Switch to pytest_container instead of custom conftest * Wed Oct 06 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.62 → 9.23.63 * Wed Oct 06 2021 Marcus Schäfer <[email protected]> - Fixed error reporting for stateful description Errors due to missing or no type definitions were reported provding the internal object reference of the XML parse result. This is useless information for users and needs to be done better. This commit fixes the error message to avoid showing object references and includes information about the applied profiles used for this XML state. * Wed Oct 06 2021 Marcus Schäfer <[email protected]> - Fixed legacy PXE documentation The documentation for building a legacy pxe image was not using the profiles (Flat or Compressed) as the actual image description for this example requires it. This Fixes #1923 * Wed Oct 06 2021 Marcus Schäfer <[email protected]> - Added mdadm to requires for systemdeps When building raid based images the buildhost needs mdadm. In addition rework the place to require disk based tools. Most of them were added to the filesystem systemdeps but belong to the disk systemdeps * Wed Oct 06 2021 Marcus Schäfer <[email protected]> - Fixed creation of loopback config If an extra boot partition is in use the creation of the config file for the loopback boot feature was using the wrong path. This commit fixes it and also introduces integration checks which builds in this condition * Tue Oct 05 2021 Marcus Schäfer <[email protected]> - Fixed GRUB_CMDLINE_LINUX_DEFAULT setup regression The value for GRUB_CMDLINE_LINUX_DEFAULT should only be changed if custom kernelcmdline values are provided. In case there are none kiwi should not change this value. The test to check for this condition is based on the result cmdline reduced by the root setting. However the default cmdline setting in kiwi appends 'rw' in addition to the root device information. This means the default kernelcmdline is never empty and therefore the grub setting GRUB_CMDLINE_LINUX_DEFAULT="rw" is always set. This commit fixes the conditional change by making sure the default cmdline only consists out of the root device information. This Fixes #1650 * Tue Oct 05 2021 Marcus Schäfer <[email protected]> - Allow logfile option to log on stdout The option setting '--logfile stdout' is now a special form and logs the messages usually written to a file to stdout instead. This is handy if all messages of the build are requested but the --debug switch is not because it does more than that, e.g calling scripts through debug'able screen sessions * Tue Oct 05 2021 Marcus Schäfer <[email protected]> - Allow test-image-luks to be build locally too In suse there are many programs replaced by the busybox alternative and also preferred by the package manager. However there are also packages like the kernel in suse which wants gawk and not busybox-gawk. In kiwi to build images there are two installation phases, the bootstrap phase which installs mandatory packages to allow chroot operations and the image phase which installs the rest of the requested packages as chroot operation. In this two pass step the package manager is called twice to resolve dependencies and that causes the issue with the preferred busybox packages which gets pulled in in the first phase. To prevent this there are only two options: 1. Explicitly list the non busybox packages in the bootstrap phase 2. Prevent the image phase and put all packages to the bootstrap phase such there is only one package manager call for dependency resolution This commit implementes option 1. because having all packages in the bootstrap phase means that the host packagemanager resolves and if the host packagemanager is somehow not compatible with the image target this leads to other weird issues which are not obvious and hard to debug. * Thu Sep 23 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.61 → 9.23.62 * Thu Sep 23 2021 Marcus Schäfer <[email protected]> - Fixed script calls when running in obs kiwi is called with --debug in obs which triggers the scripts to be called through screen. However the obs caller is not associated with a terminal thus it fails. This commit creates an exception for debug mode when running in obs * Thu Sep 23 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.60 → 9.23.61 * Thu Sep 23 2021 Luis González Fernández <[email protected]> - Fix secure boot for ubuntu based images This patch fixes #1911 and makes secure boot images to work again in Ubuntu 20.04 Co-authored-by: Luis Ladislao Gonzalez Fernandez <[email protected]> * Wed Sep 22 2021 Marcus Schäfer <[email protected]> - Run scripts via a screen session in debug mode When creating a custom script it usually takes some iterations of try and testing until a final stable state is reached. To support developers with this task kiwi calls scripts associated with a screen session. The connection to screen is only done if kiwi is called with the --debug option. * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Delete obsolete release stage from gitlab Now done as github action * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.59 → 9.23.60 * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Fixed pypi tox release target Only needs the creation of the sdist tarball * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.58 → 9.23.59 * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Moved pages and pypi publish to github actions Moved gh-pages doc update and pypi upload from gitlab to github actions * Tue Sep 21 2021 Marcus Schäfer <[email protected]> - Fixed RNC schema definition From the compact form of the schema the RNG schema is created. The latest changes to support the target_dir attribute in the <archive> section were added wrong to the compact form of the schema * Fri Sep 17 2021 Marcus Schäfer <[email protected]> - Fixed Tumbleweed integration tests Due to changes in the distribution the tests needs some adaptions. The kernel as provided now by TW uses symlinks from boot to /usr/lib/modules/... to point to the kernel binary. Of course this breaks for any system that uses /boot on another partition. Those image tests which were testing this aspect needs fixing. * Wed Sep 15 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.57 → 9.23.58 * Wed Sep 15 2021 Marcus Schäfer <[email protected]> - Fixed MANIFEST Make sure all test data is included into the source tarball not only a recursive inclusion of a portion of it. This is needed to run tests at build time from the pypi provided source tarball * Wed Sep 15 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.56 → 9.23.57 * Tue Sep 14 2021 Marcus Schäfer <[email protected]> - Fixed python manifest Deleted no longer existing doc source from manifest and add the full set of documentation sources * Fri Sep 10 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.55 → 9.23.56 * Fri Sep 10 2021 Marcus Schäfer <[email protected]> - Only wipe bundle dir when required The given result bundle dir must only be wiped if the request to turn the result files into an rpm was given. Only in this case the given bundle dir must start empty * Fri Sep 10 2021 Marcus Schäfer <[email protected]> - Fixed uninstall handling via dnf, microdnf, zypper The above package managers supports uninstall instructions like 'iwl*'. In kiwi there was code checking via rpm if the packages given to uninstall actually exists. That code does not work if the given package to uninstall is an instruction that matches a pattern. Therefore if we use the uninstall section in the kiwi image description, just pass the provided information to the package manager and don't try to be clever in kiwi itself. * Thu Sep 09 2021 Marcus Schäfer <[email protected]> - Allow to set --logfile for result namespace Setting a logfile for e.g 'kiwi-ng result bundle ...' is useful and should be possible * Thu Sep 09 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.54 → 9.23.55 * Wed Sep 08 2021 Marcus Schäfer <[email protected]> - Added support for building rpm package from bundle With the new option --package-as-rpm it is possible to call the kiwi result bundler such that the image build results gets packaged into an rpm. I think this is a handy feature to transport image builds via repositories * Wed Sep 08 2021 Marcus Schäfer <[email protected]> - Fixed MicroOS integration test With ignition/combustion in place it's not allowed to use tmp as a subvolume * Tue Sep 07 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.53 → 9.23.54 * Mon Sep 06 2021 Marcus Schäfer <[email protected]> - Fixed condition for GRUB_DISABLE_LINUX_UUID="true" The grub config parameter GRUB_DISABLE_LINUX_UUID must only be set if the device persistence setting is not UUID. However, in kiwi UUID device names are the default and doesn't have to be expressed explicitly. Therefore the condition to check for different than 'by-uuid' is wrong for the default case were no device persistence setting exists. This results in a wrong grub option to be set. This commit fixes it in a way to disable UUID device names in grub if the only other device persistency setting in kiwi named: 'by-label' is explicitly configured. This Fixes #1842 * Mon Sep 06 2021 Marcus Schäfer <[email protected]> - Added force_trailing_slash argument to sync_data A speciality of the rsync tool is that it behaves differently if the given source_dir ends with a '/' or not. If it ends with a slash the data structure below will be synced to the target_dir. If it does not end with a slash the source_dir and its contents are synced to the target_dir. For example: source └── some_data 1. $ rsync -a source target target └── source └── some_data 2. $ rsync -a source/ target target └── some_data The parameter force_trailing_slash in the DataSync::sync_data method can be used to make sure rsync behaves like shown in the second case. This Fixes #1786 * Mon Sep 06 2021 Marcus Schäfer <[email protected]> - Added type hints for DataSync class * Fri Sep 03 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.52 → 9.23.53 * Thu Sep 02 2021 Marcus Schäfer <[email protected]> - Add missing bootloader tests Merging #1850 exposed the missing bootloader tests. This reminds me to move the gitlab driven unit tests to github actions because for forked repos the gitlab tests does not run but github actions tests would run * Tue Aug 31 2021 Robert Schneider <[email protected]> - Fix logging of ISO publisher * Tue Aug 31 2021 Mexit <[email protected]> - Improving text formatting * Mon Aug 30 2021 Mexit <[email protected]> - Added documentation for grub2 loopback ISO images * Fri Aug 27 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.51 → 9.23.52 * Fri Aug 27 2021 Marcus Schäfer <[email protected]> - Fixed pep E711 code smell comparison to None should be 'if cond is not None:' * Fri Aug 27 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.50 → 9.23.51 * Fri Aug 27 2021 Robert Schweikert <[email protected]> - No compression with encryption When an image is setup to use encryption the resulting image appears as a random stream of bytes and cannot be compressed. Simply skip the compression in this case. * Thu Aug 26 2021 Marcus Schäfer <[email protected]> - Fix typo in schema documentation ciper -> cipher. Fix originally done by Robert Schweikert and moved to the right place, see Issue #1906 for details * Thu Aug 12 2021 Jesus Bermudez Velazquez <[email protected]> - Allow target dir for archive - Add the option to specify a target directory to unpack the archive - Update doc for target dir attribute This Fixes #1794 * Tue Aug 10 2021 Marcus Schäfer <[email protected]> - Log deprecation errors to stderr Make sure information about deprecated shell methods logs their information to stderr. This will cause the error message to be exposed to the user and not only in the log file * Tue Aug 10 2021 Marcus Schäfer <[email protected]> - Fixed TW build test Explicitly added packages that causes conflicts due to the busybox alternatives * Tue Aug 10 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.49 → 9.23.50 * Thu Aug 05 2021 Marcus Schäfer <[email protected]> - Added support for repo customization script repo files allows for several customization options which could not be set by kiwi through the current repository schema. As the options used do not follow any standard and are not compatible between package managers and distributions the only generic way to handle this is through a script which is invoked with the repo file as parameter for each file created to describe a repo for the selected package manager. This allows users to update/change the repo file content on their individual needs. In the kiwi description the path to the custom script can be specified as follows <repository ... customize="/path/to/custom_script"> <source path="..."/> </repository> This Fixes #1896 * Fri Jul 30 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.48 → 9.23.49 * Thu Jul 29 2021 Marcus Schäfer <[email protected]> - Fixed fstab entry for swap on LVM If an LVM setup is used together with a swapspace the swap is created as a volume in the volume group. The required fstab entry to activate swap was not using the LVM exposed device but the UUID of the low level block layer. This low level device is not created by udev because LVM takes over precedence in this case. * Sat Jul 24 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.47 → 9.23.48 * Sat Jul 24 2021 Marcus Schäfer <[email protected]> - Fixed LVM get_volumes Due to the change on the temporary directory yet another error in the volume manager classes for LVM got exposed. * Sat Jul 24 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.46 → 9.23.47 * Sat Jul 24 2021 Marcus Schäfer <[email protected]> - Fixed LVM/btrfs volume based image builds Due to the change on the temporary directory an error in the volume manager classes for LVM and btrfs was exposed. There was code which uses a sub-part of the volume mount point directory which is a tempdir based directory name. The sub-part was choosen by an index based path split which worked for /tmp but no longer for /var/tmp. With tempdir now being also a commandline option this code has to become more robust. * Fri Jul 23 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.45 → 9.23.46 * Thu Jul 22 2021 Marcus Schäfer <[email protected]> - Do not expose the delete feature in Temporary We do not want to expose the ability to create temporary data that doesn't get auto deleted at the end of its scope * Thu Jul 22 2021 Marcus Schäfer <[email protected]> - Refactor recovery archive creation The creation of the recovery archive was based on a tempfile which then gets moved to the final target file. This is bad because if causes the tempfile cleanup to raise an exception unless you specify delete=False. Creating a tempfile with delete=False however, negates the reason for creating self managed temporary data. Thus this code was refactored to create the recovery archive file at its final destination from the beginning on * Wed Jul 21 2021 Marcus Schäfer <[email protected]> - Moving temp data handling to its own namespace Moving use of mkdtemp, NamedTemporaryFile and TemporaryDirectory into its own class called Temporary: By default all temporary data is created below /var/tmp but can be changed via the global commandline option --temp-dir. This Fixes #1870 * Wed Jul 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.44 → 9.23.45 * Tue Jul 20 2021 Marcus Schäfer <[email protected]> - Handle UnicodeDecode errors more gracefully If the Codec.decode() method cannot encode the given data to utf-8 an Encoding exception is raised which causes kiwi to raise a KiwiDecodingError. That way to handle the error causes an image build to fail. However, this sort of error for example happens if the .changes file of a package contains invalid characters. From a user perspective this cannot be fixed and you cannot build the image because of a stupid character error in a .changes file outside your control. Because of this reason this commit handles the decode error case differently and applies the 'replace' strategy on error. The characters in questions gets replaced and the rest of the data which can be decoded is returned. * Mon Jul 19 2021 Marcus Schäfer <[email protected]> - Install mypy library stubs for mock * Wed Jul 14 2021 Marcus Schäfer <[email protected]> - Added documentation for oem-skip-verify element * Wed Jul 14 2021 Marcus Schäfer <[email protected]> - Increase size of efi fat image For ISO images an embedded efi fat image is needed to boot. As consequence of adding the mok manager it can happen that the size of the efi fat image is too small. With this commit the size is increased to prevent an out of space issue * Wed Jul 14 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.43 → 9.23.44 * Wed Jul 07 2021 Dan Čermák <[email protected]> - Add tests for baseVagrantSetup * Wed Jul 07 2021 Dan Čermák <[email protected]> - Set the directory permissions of /home/vagrant/.ssh to 0700 in baseVagrantSetup * Wed Jul 07 2021 Dan Čermák <[email protected]> - Don't modify main sshd_config file via baseVagrantSetup In Tumbleweed we switched from shipping sshd's config file in /etc to /usr/etc, but baseVagrantSetup was not respecting that. So instead of modifying the main config file, we instead create a custom file in /etc/ssh/sshd_config.d/ with our custom setting which is much more robust accross distributions. However, if /etc/ssh/sshd_config.d/ does not exist, then we fall back to adding our settings to /etc/ssh/sshd_config. * Tue Jul 06 2021 Marcus Schäfer <[email protected]> - Fixed LUKS keyfile permission bits LUKS keyfile should use 0600 file permission flags * Tue Jul 06 2021 Marcus Schäfer <[email protected]> - Fixed secure boot fallback setup Make sure MokManager gets copied. The name and location of the mok manager is distribution specific in the same way as the shim loader. Thus we need to apply a similar concept for looking it up. This Fixes bsc#1187515 * Tue Jul 06 2021 Marcus Schäfer <[email protected]> - Improve live image integration test Build one live image for Standard EFI+BIOS boot and another variant that support SecureBoot+BIOS boot * Mon Jul 05 2021 Marcus Schäfer <[email protected]> - Fixed grub cmdline setup with custom root If the kiwi kernelcmdline attribute contains root=... information it is extracted from being written to GRUB_CMDLINE_LINUX_DEFAULT. However, the regexp to extract the root=... information was broken and deleted more elements of the cmdline information than just the root device information. This commit fixes the regexp to only delete the root=... information taking into account that every kernel parameter is delimited by '\s' This Fixes #1875 * Mon Jul 05 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.42 → 9.23.43 * Mon Jul 05 2021 Dan Čermák <[email protected]> - Re-add suseImportBuildKey suseImportBuildKey is not required during the image build as kiwi imports the correct keys by itself. However, the created images lack the repository signing keys and any `zypper` commands will thus fail. This fixes https://github.com/OSInside/kiwi/issues/1876 * Fri Jul 02 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.41 → 9.23.42 * Thu Jul 01 2021 Marcus Schäfer <[email protected]> - Fixed fedora integration test builds Maintain the repos in the obs prj config which prevents the weird "nothing provides kernel-obs-build" error * Wed Jun 30 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.40 → 9.23.41 * Wed Jun 30 2021 Dan Čermák <[email protected]> - Remove util-linux-systemd & util-linux Requires from dracut-kiwi-overlay These dependencies are pulled in via dracut-kiwi-lib. * Wed Jun 30 2021 Dan Čermák <[email protected]> - Add missing util-linux-systemd Requires to dracut-kiwi-[live,libs] * Wed Jun 30 2021 Marcus Schäfer <[email protected]> - Fixed test-image-orthos integration test The test was missing btrfs_root_is_snapshot which is required when using btrfs on tumbleweed. * Tue Jun 29 2021 Marcus Schäfer <[email protected]> - Fixed test-image-disk-legacy integration test The test did not set a device filter for ramdisk devices but activates unattended mode. In this mode the first device in the list is taken and this is a ramdisk device which is by default too small to be used for the installation. Thus the install usually fails. This commit sets the device filter for ramdisk devices such that only associated disk devices can be used for the install process, which is the purpose of this test. This is related to Issue OSInside/kiwi-functional-tests#8 * Tue Jun 29 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.39 → 9.23.40 * Tue Jun 29 2021 Marcus Schäfer <[email protected]> - Mount dev and proc filesystems prior dracut In newer versions of dracut /dev and /proc must be mounted for dracut to work correctly. If not present the resulting initrd is incomplete. This Fixes #1867 * Mon Jun 28 2021 Neal Gompa <[email protected]> - Use namespaced files in /var/tmp for large temporary files Previously, kiwi created staging image files as plain temporary files in /tmp, which causes issues on operating systems where /tmp is tmpfs. Notably, image builds would fail with "no space left on the device" because the tmpfs was not big enough for everything to exist there. To fix this, we change to use /var/tmp, and additionally add a prefix for our temporary files so that the user knows which ones kiwi created. Fixes: https://github.com/OSInside/kiwi/issues/1866 * Fri Jun 25 2021 Tom Schraitle <[email protected]> - Use latest stylesheet in STYLEROOT Use "suse2021-ns" instead of "suse2013-ns" due to new branding. * Wed Jun 23 2021 Dan Čermák <[email protected]> - Add missing util-linux-systemd dependency to dracut-kiwi-overlay The script kiwi-overlay-root.sh requires lsblk which is provided by util-linux-systemd. If that package is missing in the final image, then booting an overlayroot image hangs with: dracut-pre-mount[480]: //lib/dracut/hooks/pre-mount/30-kiwi-overlay-root.sh: line 46: lsblk: command not found * Tue Jun 22 2021 Marcus Schäfer <[email protected]> - Start moving CI test from gitlab to actions Moving the linter and unit tests to github workflows and out of the gitlab CI system has the advantage that pull request from forked repos will run the tests. In the long run I think we should move away completely from gitlab CI and use github actions as this will reduce the number of external services used in the kiwi project. This commit starts with the most simple parts: unit and type tests, doc rendering and code style * Mon Jun 21 2021 Marcus Schäfer <[email protected]> - Make sure chat link points to Element not Riot Riot has changed to Element. The index page on kiwi still uses the old location. This updates the information how to use the Matrix channel and the kiwi room name. This Fixes #1854 * Mon Jun 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.38 → 9.23.39 * Mon Jun 21 2021 Dan Čermák <[email protected]> - Functions integration tests (#1851) Add integration tests for functions.sh Implement a container based test system to run shell code for testing. The concept utilizes pytest-testinfra and runs a container per test. The nested container in a container feature is supported by the github actions workflow. Thus the integration of this testing concept runs in the github actions CI rather than on gitlab * Mon Jun 21 2021 Marcus Schäfer <[email protected]> - Don't shell out for calling dnf refactor the dnf call to install packages and groups in one call. This allows to prevent calling dnf through a shell. For installing of a package group the group ID name is expected. This Fixes #1856 * Mon Jun 21 2021 Robert Schweikert <[email protected]> - - Improve the error message if the config file cannot be parsed. * Mon Jun 21 2021 Marcus Schäfer <[email protected]> - Do not shell out for calling microdnf. In fact it can be counter productive if the shell evaluates eventually existing package name/instruction patterns. This is related to Issue #1856 * Mon Jun 21 2021 Marcus Schäfer <[email protected]> - Prevent calling pacman through a shell There is no reason to shell out for calling pacman. In fact it can be counter productive if the shell evaluates eventually existing package name/instruction patterns. This is related to Issue #1856 * Sat Jun 19 2021 Marcus Schäfer <[email protected]> - Make sure mypy stubs will be installed * Thu Jun 17 2021 Mexit <[email protected]> - Update grub2.py * Thu Jun 17 2021 Mexit <[email protected]> - Code improvement * Thu Jun 17 2021 Mexit <[email protected]> - Code improvement * Wed Jun 16 2021 Mexit <[email protected]> - Allow the ISO to be booted from grub directly * Wed Jun 16 2021 Marcus Schäfer <[email protected]> - Allow creation of LUKS system with empty key To support cloud platforms better we should allow the creation of an initial(insecure) LUKS encrypted image with an empty passphrase/keyfile. This Fixes bsc#1187461 and bsc#1187460 * Fri Jun 11 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.37 → 9.23.38 * Thu Jun 10 2021 Marcus Schäfer <[email protected]> - Fixed cleanup of temporary directory In the custom kiwi initrd build process a temporary directory holding a copy of the initrd root tree is created. That data got never cleaned up. This commit uses a TemporaryDirectory object from the tempfile module to make sure it gets deleted once the execution scope is done. This Fixes #1837 * Mon Jun 07 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.36 → 9.23.37 * Mon Jun 07 2021 Marcus Schäfer <[email protected]> - Delete deprecated shell functions from docs suseActivateDefaultServices suseSetupProductInformation suseImportBuildKey suseConfig baseCleanMount baseSetupUserPermissions baseGetPackagesForDeletion baseGetProfilesUsed baseStripMans baseStripDocs baseStripInfos Rpm * Sun Jun 06 2021 Marcus Schäfer <[email protected]> - Fixed creating grub bios module If no prebuilt grub bios module was found, kiwi creates one. In this case kiwi searches for the grub modules and runs the grub mkimage tool. The search for the modules for the bios module used the host system (/) grub and that fails if the host has packaged grub differently than the image target. This fix moves the lookup into the image root directory which is the correct place to lookup the grub data * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.35 → 9.23.36 * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Fixed building with custom kiwi initrd setup The change from allowing to build with initrd_system="none" broke the build for initrd_system="kiwi". This commit fixes the regression * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Use zypper --gpg-auto-import-keys option When building an image against self managed repos the auto import of the repo gpg key makes sense to me * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Cleanup integration tests from obsolete methods Cleanup config.sh scripts calling obsolete helper methods * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Cleanup integration tests from obsolete methods Cleanup config.sh scripts calling obsolete helper methods * Sat Jun 05 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.34 → 9.23.35 * Fri Jun 04 2021 gnuninu <[email protected]> - Corrected preferences timezone code tag * Tue Jun 01 2021 Marcus Schäfer <[email protected]> - Refactor config functions code Reorganize the code into more readable areas like methods present as helpers, methods for customers, methods which are distribution specific and also methods that are deprecated and give a good reason why they are deprecated when they get called. This is related to Issue #1828 * Mon May 31 2021 Marcus Schäfer <[email protected]> - Revert "Switch test-image-live-disk to Fedora 33" This reverts commit f80549474c4baa120e6e228bacc7b4a075265753. * Mon May 31 2021 Marcus Schäfer <[email protected]> - Switch test-image-live-disk to Fedora 33 * Fri May 28 2021 Marcus Schäfer <[email protected]> - Fixed codacy code smells * Fri May 28 2021 Marcus Schäfer <[email protected]> - Add strong typing for the following API methods kiwi/boot/image/base.py kiwi/boot/image/builtin_kiwi.py kiwi/boot/image/dracut.py This references issue #1644 * Thu May 27 2021 Marcus Schäfer <[email protected]> - Added support for skipping initrd creation Embedded systems and other customer use cases sometimes doesn't require an initrd. So far the initrd creation was a mandatory step in the process. With this commit it's possible to configure <type ... initrd_system="none"/> and therefore skip the creation and setup of an initrd. Using this feature comes with a price. Without an initrd the task of mounting the specified root=DEVICE_SPEC now becomes a task of the kernel. If the kernel doesn't have the required filesystem driver compiled in or the mount process of the device is not just a simple mount action, the boot of such an appliance will fail * Thu May 27 2021 Dan Čermák <[email protected]> - Remove grep and find from suseSetupProduct * Thu May 27 2021 Joachim Gleissner <[email protected]> - config/functions.sh: Avoid non-zero exit status In baseStripDocs and baseStripFirmware avoid non-zero exit status of grep. This allows the functions to be used in a script that sets the exit-on-error flag. * Fri May 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.33 → 9.23.34 * Fri May 21 2021 Marcus Schäfer <[email protected]> - Make sure we use sphinx >= 4.0.2 * Fri May 21 2021 Marcus Schäfer <[email protected]> - Revert "Revert "Fix installation of man pages"" This reverts commit db7410f3c5b7b101ec0974cc24de0400c491f065. * Fri May 21 2021 Marcus Schäfer <[email protected]> - Revert "Make sure man pages are part of the sdist tarball" This reverts commit 3bf80506c4bbe381b66febdd38df93e65103ffb6. * Fri May 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.32 → 9.23.33 * Fri May 21 2021 Marcus Schäfer <[email protected]> - Make sure man pages are part of the sdist tarball Due to the move of man pages in sphinx the MANIFEST.in has to be updated to provide the man pages in the sdist tarball * Fri May 21 2021 Marcus Schäfer <[email protected]> - Revert "Fix installation of man pages" This reverts commit 286b26b5b6598285bf6eb26a1f5c9200c925b529. * Fri May 21 2021 Marcus Schäfer <[email protected]> - Fixed missing shebang in config.sh The ubuntu integration test config.sh script was missing the shebang to let the script code run through bash * Fri May 21 2021 Neal Gompa <[email protected]> - Fix installation of man pages The generated source archive on PyPI has the man page files in ./doc/build/man instead of ./doc/build/man/8. Adjust the Makefile to use the correct path to install the man pages. * Fri May 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.31 → 9.23.32 * Thu May 20 2021 David Cassany <[email protected]> - Do not return default stdout if it is no raising on failure This commit prevents the use of a default stdout and stderr in case return code reports errors and it is not raising an exception. If we are not raising an exception there is no specific need to artificially append some stdout and stderr default message, we just behave as if there was no error. * Thu May 20 2021 Marcus Schäfer <[email protected]> - Update Ubuntu integration test for system settings In Debian based distributions the kiwi built in way to setup locale, keyboard and timezone via systemd tools does not work because not(yet) provided by the distribution. This commit adds a reference implementation in the Ubuntu integration test to demonstrate how the settings given in the kiwi image description needs to be handled to make them effective in the later image. This Fixes #1787 * Thu May 20 2021 Marcus Schäfer <[email protected]> - Add log information on grub search There is a method in kiwi which searches for grub files. As grub is packaged differently within the distributions a dynamic lookup is needed. However, the result and where kiwi looked it up was not part of the log file. In terms of issues like the one from Issue #1754 it would be very handy to know about this information. Thus this commit adds debug information to the log file regarding what grub files are searched and where and if found * Thu May 20 2021 Marcus Schäfer <[email protected]> - Fixed coday complains * Thu May 20 2021 Marcus Schäfer <[email protected]> - Make dracut version check more robust The check_dracut_module_versions_compatible_to_kiwi() runtime check calls the package manager from the host and reads the package database from the image root. Doing this requires the package database in the image to be compatible with the package manager on the host. However this cannot be guarenteed and it is more robust to chroot into the image root and call the package manager from there. However, this change also comes with the cost that it's required to have a package manager available in the image root tree. Therefore along with the chroot based call, eventual exceptions from the call are now catched and leads to a debug message in the log file but will not lead the runtime check to fail. I consider the cases without a package database inside of the image to be less critical than the incompatibility issue between the host tooling and the package database in the image. This Fixes bsc#1185937 * Tue May 18 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.30 → 9.23.31 * Tue May 18 2021 Marcus Schäfer <[email protected]> - Stop plymouth also for progress dialogs * Mon May 17 2021 Marcus Schäfer <[email protected]> - Prevent explicit man page compression The manual pages are compressed by the packager tooling. There is no need to do this ourselves * Mon May 17 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.29 → 9.23.30 * Mon May 17 2021 Marcus Schäfer <[email protected]> - Increase integration tests boot timeout Increase integration tests timeout from 2sec to 10sec * Mon May 17 2021 Marcus Schäfer <[email protected]> - Update integration tests to be non interactive Some integration tests allows for interactive dialogs on the bootloader menu or in the installation process. As we plan to use these tests for automated functional testing there should be no interaction whenever possible. This Fixes #1811 * Mon May 17 2021 Marcus Schäfer <[email protected]> - Update kiwi installation documentation The installation chapter contained information about the manual install of package keys. That information is suspect to be always outdated because these keys changes. Instead of describing the manual install of the package key the docs moved to use the auto-import feature of the package manager. As the instructions were also rpm specific but we also support install via other package mangers the complete chapter was a bit reworked and should be more straight forward now. This Fixes #1799 * Mon May 17 2021 Marcus Schäfer <[email protected]> - Update documentation qemu calls We use the kiwi integration tests as base for the documentation example images now. The integration tests are all configured to set the console to serial. Thus the docs should explain the qemu call for test runs using the -serial stdio option to make sure the console information is displayed to the user * Sun May 16 2021 Marcus Schäfer <[email protected]> - Update and fix documentation The documentation had a broken link to the buildservice tests for suse. Since we changed this into leap and tumbleweed the subproject link to :suse became invalid. In addition to the fix the macro setup and build instructions were moved to use the kiwi integration tests as example appliance descriptions. The user experience in building the integration test images should be better because we only release kiwi if those appliances build successfully. This Fixes #1812 * Sun May 16 2021 Marcus Schäfer <[email protected]> - Fixed package build The new version of sphinx puts manual pages into doc/build/man/8 when it was doc/build/man before. This breaks the Makefile target to install the documentation. This commit updates the Makefile to follow the change. * Wed May 12 2021 Marcus Schäfer <[email protected]> - Fix dnf arch setting * Wed May 12 2021 Marcus Schäfer <[email protected]> - Update shim path lookup Distributions like Fedora has changed the EFI binaries location to be shim<efiarch>.efi in /boot/efi/EFI/<vendor> in order to support multiarch setup for UEFI. This change requires the lookup in KIWI to be more global matching. This Fixes #1806 * Wed May 12 2021 Marcus Schäfer <[email protected]> - Move integration test for Fedora to v34 * Wed May 12 2021 Marcus Schäfer <[email protected]> - Fixed live network setup to be generic In dracut the network setup comes with different models providing a different set of functions. The ifup method as used in the live iso dracut module is only available with the network-legacy mode and fails with network-wicked. This commit uses a dracut conf file in /etc/cmdline.d which uses the dracut network interface parameters instead of calling module specific methods. This Fixes #1802 * Wed May 12 2021 Marcus Schäfer <[email protected]> - Fixed setup of repository architecture Unfortunately the architecture reported by uname is not necessarily the same name as used in the repository metadata. Therefore it was not a good idea to set the architecture and manage the name via a mapping table. It also has turned out that repo arch names are distro specific which causes more complexity on an eventual mapping table. In the end this commit changes the way how the repository architecture is setup in a way that we only set the architecture if a name was explicitly specified such that the user keeps full control over it without any mapping magic included This Fixes bsc#1185287 * Fri May 07 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.28 → 9.23.29 * Mon May 03 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.27 → 9.23.28 * Fri Apr 30 2021 David Cassany <[email protected]> - Upgrade tests accoring to #1805 This commit is a follow up of #1805 which missed to update the related unit test. * Fri Apr 30 2021 David Cassany <[email protected]> - Make installation media unattended This commit configures install media of several tests to run unattended installation. This is done to facilitate the logic of functional tests. * Wed Apr 28 2021 Marcus Schäfer <[email protected]> - Fixed unit tests for parallel invocation With the change to allow the platform architecture to be set application global, the unit tests might fail if tests run in parallel and using different mock architectures for the test. Thus test that runs depending on a platform name needs to set the name in the test * Wed Apr 28 2021 Marcus Schäfer <[email protected]> - Update Debian integration test for UEFI testing Updated the Virtual disk profile to make use of the EFI secure boot feature. * Tue Apr 27 2021 Jeff Kowalczyk <[email protected]> - Fix WSL appx filemap relative paths not preserved During WSL appx image type creation step the file hierarchy under metadata_path is written to a temporary file for eventual use as argument to utility appx. The file hierarchy information is dropped resulting in all filemap entries appearing to be at the metadata_path root. The resulting image will side load and run but without icon and other resources. Stricter checks at Windows Store submission will fail due to mismatch between image manifest and contents. Fix by preserving relative path of filemap entries relative to metadata_path. Add log output showing both input absolute path and output relative path. * Tue Apr 27 2021 Marcus Schäfer <[email protected]> - Update Ubuntu integration test for UEFI testing Updated the Virtual disk profile to make use of the EFI secure boot feature. * Tue Apr 27 2021 Marcus Schäfer <[email protected]> - Added support for UEFI on Debian based distros The Debian/Ubuntu folks have a different system to support EFI secure boot. In order to make use of it kiwi needs some adaptions done in this pull request. This Fixes #1743 * Tue Apr 20 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.26 → 9.23.27 * Mon Apr 19 2021 Marcus Schäfer <[email protected]> - Fixed spec file on Debian tool settings debootstrap should always come with dpkg because we don't want to handle the architecture names used on Debian when dpkg knows them better than we do. since debootstrap itself considers the possibility of being called without dpkg on the system we generate the dependency by a spec change here. This Fixes #1778 * Mon Apr 19 2021 Marcus Schäfer <[email protected]> - Change zypper download mode to in-advance In relation to upcoming zypper changes e.g to make use of librpm on single transaction operations there is the possibility that file triggers start being used. To ensure zypper behaves consistently DownloadInAdvance mode should be used, this way the transaction happens as a whole and with the upcoming zypper changes zypper will still be capable to handle the file triggers. This Fixes #1789 * Sun Apr 18 2021 Marcus Schäfer <[email protected]> - Added shadow package to pxe integration test Tools like usermod were moved from coreutils to shadow * Sun Apr 18 2021 Marcus Schäfer <[email protected]> - Added shadow package to integration test Tools like usermod were moved from coreutils to shadow * Fri Apr 16 2021 David Cassany <[email protected]> - Fix appx manifest for WSL containers This commit prevents KIWI from setting Identity Name attribute and DisplayName and PublisherDisplayName elements. Fixes #1780 * Fri Apr 16 2021 David Cassany <[email protected]> - Do not apply default subcommand for derivate containers This commit does not apply the default subcommand for derivate containers. Fixes bsc#1184823 * Fri Apr 16 2021 Marcus Schäfer <[email protected]> - Fixed integration tests requesting grub For some reason two integration tests requests the "grub" and the "grub2" package. On TW there is now no longer a provider of grub and thus the image build became unresolvable. There is only grub2 for quite some time, so I deleted this package setting from the tests in question * Fri Apr 16 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.25 → 9.23.26 * Thu Apr 15 2021 Marcus Schäfer <[email protected]> - Fixed platform setup for vagrant unit tests * Thu Apr 15 2021 Marcus Schäfer <[email protected]> - Add support for a custom exclude file The new optional metadata file image/exclude_files.yaml can be placed inside of the local image root tree. At creation time of the image binary the file contents are used to extend the default exclude list with additional information. The structure of the file must be as follows: ```yaml exclude: - exclude-name-used-in-rsync ``` * Wed Apr 14 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.24 → 9.23.25 * Wed Apr 14 2021 Marcus Schäfer <[email protected]> - Update zypp.conf architecture setting Make sure the architecture is set as parameter in the zypp.conf file used for building the image. This is needed to allow differentiation between host arch and image arch for cross image build environments * Wed Apr 14 2021 Marcus Schäfer <[email protected]> - Added option to set the image target architecture The option --target-arch allows to set the architecture used to build the image. By default this is the host architecture. Please note, if the specified architecture name does not match the host architecture and is therefore requesting a cross architecture image build, it's important to understand that for this process to work a preparatory step to support the image architecture and binary format on the building host is required and is not considered a responsibility of kiwi. There will be a followup effort on providing a plugin for kiwi which should be used to manage the needed binfmt settings for cross arch image builds * Tue Apr 13 2021 David Cassany <[email protected]> - Refactor disk and install builders and dracut boot image This commit mainly refactors the DiskBuilder class. Then install builder and dracut boot image refactors are mostly to drop no longer needed code. The refactors tries to make the build simpler and easier to read and also prevent the reuse of the BootImage instance used for the main image when creating the installation media (this aplies only for dracut based images). Fixes #873 * Tue Apr 13 2021 David Cassany <[email protected]> - Refactor create_disk method This commit refactor create_disk method and related utility methods to ensure runtime objects are not stored as attributes of the object. This is done to ensure proper clearing and destruction of those objects once create_disk method is done. Related to #873 * Mon Apr 12 2021 Marcus Schäfer <[email protected]> - Added openssl to the core requires openssl is used in kiwi to construct a password hash if the plaintext password feature for user settings is used. This Fixes bsc#1184128 * Sun Apr 11 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.23 → 9.23.24 * Fri Apr 09 2021 Marcus Schäfer <[email protected]> - Decommission obsolete code reaching EOL Use the @decommissioned decorator to raise for API methods that a over the obsoletion period * Fri Apr 09 2021 Marcus Schäfer <[email protected]> - Added mypy call to tox target For the tox unit_pyX targets, mypy static type checking is now called prior tests. This references Issue 1644 * Tue Apr 06 2021 Marcus Schäfer <[email protected]> - Complete strong typing for API methods Added required code changes to let mypy pass when running from the toplevel kiwi namespace. This now finally Fixes #1644 * Mon Apr 05 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.22 → 9.23.23 * Wed Mar 31 2021 Marcus Schäfer <[email protected]> - Added optional post_bootstrap.sh script hook After the bootstrap phase a script post_bootstrap.sh is executed in a chroot process which allows to add/modify system settings prior the completion of the system installation. This helps users for example with custom package manager settings and Fixes #1763 as well as Fixes #1782 * Tue Mar 30 2021 Marcus Schäfer <[email protected]> - Update documentation Add information about new volume filesystem_check attribute * Tue Mar 30 2021 Marcus Schäfer <[email protected]> - Allow to enable volumes for filesystem check The new attribute <volume ... filesystem_check="true|false"/> allows to change the default value for the fs_passno field in the generated fstab file. By default kiwi sets "0" in this field and leaves it up to the user to customize this as appropriate via script code. Coding changes to the fstab file via scripts are not very user friendly and with respect that systemd takes over control and generates checkers depending on the value of fs_passno it would be good if there is a way to explicitly specify if checks to the filesystem are wanted or not. Therefore the new attribute now exists. If set to: true this results in a value of "2" for the fs_passno field. Please note the root/boot and efi entries are excluded from this setup. This Fixes #1728 * Mon Mar 22 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.21 → 9.23.22 * Mon Mar 22 2021 Marcus Schäfer <[email protected]> - Refactor building of root cmdline setting Creating the root= cmdline parameter was based on methods that deals with the uuid. However, it's also possible to use a label information for the root= cmdline. To support this kiwi issued a 'blkid --uuid' command but that requires udev device names to be present on the host. The open buildservice workers do not run udev and fails apart the standard. This commit refactors the root cmdline setup to work with the device node as it exists during build time such that the blkid call runs against that device node. * Mon Mar 22 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.20 → 9.23.21 * Fri Mar 19 2021 Marcus Schäfer <[email protected]> - Delete yum from packagemanager in schema Auto convert yum to dnf if set as packagemanager. This allows to delete the yum handling from code parts in kiwi where this was still present. In addition this fixes the inclusion of yum into the packagelist. This Fixes #1768 * Tue Mar 16 2021 KeithMnemonic <[email protected]> - Add Strong Typing to builder APIs * Tue Mar 16 2021 KeithMnemonic <[email protected]> - This PR add APIs Strong Typing to the repository APIs Strong Typing has been added to the following files: repository/base.py repository/pacman.py repository/apt.py repository/dnf.py repository/template/apt.py repository/zypper.py * Tue Mar 16 2021 Marcus Schäfer <[email protected]> - Drop by-path devicepersistency setting The dev/disk/by-path device representation is a host specific PCI location. For image building which happens disconnected from the later target device this setting is useless. This Fixes #1747 * Tue Mar 16 2021 Marcus Schäfer <[email protected]> - Fixed LVM root volume inclusion in fstab The root(/) volume in a LVM setup was included as UUID device path. This is inconsistent compared to the non root volumes which are included by their LVM representation: /dev/VGROUP_NAME/VOLUME_NAME This commit makes sure the root volume is included by its persistent LVM device representation too. This is related to Issue #1747 * Mon Mar 15 2021 Marcus Schäfer <[email protected]> - Update unit- integration tests to schema v74 * Mon Mar 15 2021 Marcus Schäfer <[email protected]> - Added XSLT transformation schema v73 -> v74 Update schema version and change to package manager 'apt' if 'apt-get' was set * Mon Mar 15 2021 Marcus Schäfer <[email protected]> - Change packagemanager setting from apt-get to apt In kiwi we use the name of the section as package name to install this package manager capability. However on Debian based distros there is no package named apt-get. There is only a package named apt which provides a tool named apt-get. To avoid inconsistencies like we had it in Issue #1735 and to bring this setting in line with all other packagemanager settings the setting was moved to just apt. This Fixes #1738 * Thu Mar 11 2021 KeithMnemonic <[email protected]> - Public API Strong Typing for kiwi package_manager * Thu Mar 11 2021 David Cassany <[email protected]> - Require qemu-img in any filesystem based image This commit moves the qemu-img requirement into the `kiwi-systemdeps-filesystems` to ensure ISO, OEM and PXE images include it in the build service. Also this is required for images that are simple root-trees in a filesystem (image=ext4). * Thu Mar 11 2021 David Cassany <[email protected]> - Add a requirement for kiwi-systemdeps-iso-media on disk images This commit adds a requirement for `kiwi-systemdeps-iso-media` in `kiwi-systemdeps-disk-images`. This is to ensure that installing `kiwi-systemdeps-disk-images` is enough to build OEM images including install media. * Tue Mar 09 2021 David Cassany <[email protected]> - Exclude /run and /tmp to be synched into the image This commit makes sure the contents of /run and /tmp are ignored when synchronizing the generated root tree into the image. Fixes #1744 * Tue Mar 09 2021 Marcus Schäfer <[email protected]> - Fix use of by-label device persistency in grub If devicepersistency="by-label" is set in the KIWI description it will correctly operate on the fstab values but still uses the UUID based setting for root= in the grub config. This commit allows to set root=LABEL=... in the grub config in case the devicepersistency requested it. In order for this to work this commit also had to increase the scope of the grub helper method _fix_grub_root_device_reference which is now called in any case. This Fixes #1757 * Mon Mar 08 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.19 → 9.23.20 * Sat Mar 06 2021 Marcus Schäfer <[email protected]> - Fixed API vs. CLI inconsistency when using kiwi as API the program fails with a usage message from the Cli class. The kiwi.cli module should not be imported except for kiwi comandline tasks. It has turned out that the RuntimeConfig class which is used in several places in different API classes imports Cli and creates an instance of it to check for a global option. This causes major issues for all programs which uses the kiwi API but not the command line interface because the docopt call in Cli() expects a valid docstring which only exists in kiwi's cli.py. This commit fixes the inconsistency and allows people to use the kiwi API independent of any command line interface. Fixes #1755 * Fri Mar 05 2021 David Cassany <[email protected]> - Add Rawhide and Tumbleweed tests for secure boot on aarch64 * Fri Mar 05 2021 Marcus Schäfer <[email protected]> - Make sure man pages are part of sdist tarball The current tarball when uploaded to pypi via gitlab does not contain the manual pages because the doc target to build them is not called. This commit adds a doc_man tox target which is called prior pypi release. This Fixes #1746 * Wed Mar 03 2021 David Cassany <[email protected]> - Refactor grub2 installation This commit refactors grub2 installation method to split it in two parts. Former grub2.install method was meant to run the grub2-install tool, however, in addition it was also running the secure boot installation shim-install. The install method in KIWI is skipped for those architectures and firmware combinations for which bios support doesn't exist. This was leading to skip the secure boot installation. The current approach strips the secure boot installation logic from the grub2.install method, so skipping the install method does not automatically result in skipping the secure boot installation. Fixes bsc#1182211 * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.18 → 9.23.19 * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Fixed admin path for dpkg-query Fixed admin path in check_dracut_module_versions_compatible_to_kiwi runtime check. * Mon Mar 01 2021 Fergal Mc Carthy <[email protected]> - Fail non-XML descriptions if anymarkup not available (#1742) Co-authored-by: Fergal Mc Carthy <[email protected]> * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.17 → 9.23.18 * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Make runtime check more robust Fixed check_dracut_module_versions_compatible_to_kiwi to work with systems that have no dracut installed. * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Fixed call time runtime check in build command The check_dracut_module_versions_compatible_to_kiwi runtime check was called too early in the build process. It has to be called at the end of the prepare stage when the image root tree has been created * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Added missing runtime check to default config file Added check_dracut_module_versions_compatible_to_kiwi as comment block to the default config file * Mon Mar 01 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.16 → 9.23.17 * Sun Feb 28 2021 Marcus Schäfer <[email protected]> - Fixed docstring for SolverRepositoryDeb class The doc string incorrectly pointed to the rpm-md repo type when it should be apt-deb * Thu Feb 25 2021 Marcus Schäfer <[email protected]> - Fixed code smells reported from codacy In addition cleanup unused instance variable self.custom_args from DiskFormatBase class * Tue Feb 23 2021 Marcus Schäfer <[email protected]> - Add kiwi dracut mod vs. kiwi compatibility check Add a runtime check to be called in the create stage which reads the version(s) of the installed kiwi dracut modules from the package database and compare them with a min_version setting maintained in the KIWI builder code. If the installed dracut module is not compatible with the used kiwi builder version the build stops at this point with a descriptive error message * Tue Feb 23 2021 Jesus Bermudez Velazquez <[email protected]> - Add strong typing for the following API methods kiwi/storage/raid_device kiwi/storage/setup kiwi/storage/subformat/base kiwi/storage/subformat/gce kiwi/storage/subformat/ova kiwi/storage/subformat/qcow2 This references issue #1644 * Tue Feb 23 2021 Marcus Schäfer <[email protected]> - Added strong typing for the following API methods * storage/subformat/vagrant_base.py * storage/subformat/vagrant_libvirt.py * storage/subformat/vagrant_virtualbox.py * storage/subformat/vdi.py * storage/subformat/vhd.py * storage/subformat/vhdfixed.py * storage/subformat/vhdx.py * storage/subformat/vmdk.py This references Issue #1644 * Mon Feb 22 2021 Marcus Schäfer <[email protected]> - Deleted legacy kiwi chapter from the docs The information there is almost obsolete since kiwi(perl) does no longer exist in any modern distribution. It's only maintained on SLE12 which itself is EOL and the kiwi there has its own documentation which we don't need to reference anymore in the upstream project * Mon Feb 22 2021 Marcus Schäfer <[email protected]> - Added new Troubleshooting chapter to the docs Added a new chapter to handle issues which depends on several environment conditions and for which not only one possible solution exists. This Fixes #1691 * Fri Feb 19 2021 Marcus Schäfer <[email protected]> - Document use of SUSE media Add chapter to describe how to use the SUSE product media in a kiwi build process. This Fixes #1678 * Fri Feb 19 2021 Marcus Schäfer <[email protected]> - Delete support for generic iso:// source type The generic iso:// media type mounts the given iso file and expect its root to provide a repository that can be used 1:1 with a package manager. This concept is broken since some time and it can't be fixed in a generic way. All distribution media comes with a certain layout and basically needs extra handling to become fully usable as repository. The current implementation of the iso type which simply mounts the iso and expects its root to be a known repo is not useful. Therefore the support for it will be decommissioned. Instead we will provide a documentation chapter that documents how to incorporate distro ISO media for building images. * Thu Feb 18 2021 Marcus Schäfer <[email protected]> - Added deb support to sat solver module Add support to create SAT solvables from Debian repos via deb2solv tool from libsolv. This allows image info --resolve-package-list to work with Debian/Ubuntu image descriptions. Please note by default libsolv is not compiled with support for Debian. Therefore the following compile flags must be set on libsolv * -DENABLE_DEBIAN=1 * -DMULTI_SEMANTICS=1 If libsolv does not provide the needed capabilities kiwi will fail on either the repository solvable creation due to missing deb2solv or on call of setdisttype() due to missing MULTI_SEMANTICS feature in libsolv * Thu Feb 18 2021 Marcus Schäfer <[email protected]> - Update contributing chapter Add an example to show that using the kiwi description format is an option when using kiwi as an API in other python programs * Tue Feb 16 2021 Marcus Schäfer <[email protected]> - Change donation message There are more people working on kiwi and the message is from times with only me as contributor. It would be unfair to keep the current message and I will share any donation with the team. * Tue Feb 16 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.15 → 9.23.16 * Mon Feb 15 2021 David Cassany <[email protected]> - Fix lsblk flags to get sorted output This commit modifies the lsblk command flags to get a sorted output according to the disk layout. This is related to 176c7eab commita and it fixes bsc#1182264 * Mon Feb 15 2021 Marcus Schäfer <[email protected]> - Fixed kiwi-systemdeps-filesystems requires The filesystems requires list also contains low level tools to manage partitions, loops and subsystems. The tools to manage LUKS(cryptsetup) are missing and imho belongs there along with the LVM tools which are listed * Mon Feb 15 2021 Marcus Schäfer <[email protected]> - Added documentation for kiwi-systemdeps concept Added information about the kiwi-systemdeps sub packages and its purpose. This Fixes #1686 * Mon Feb 15 2021 David Cassany <[email protected]> - Add strong typing for filesystem classes This commit strong typing for FileSystem* classes. Part of #1644 * Mon Feb 15 2021 Marcus Schäfer <[email protected]> - Update documentation The runtime config file can also be specified on the commandline * Mon Feb 15 2021 Marcus Schäfer <[email protected]> - Added ca-certificates-mozilla to build tests ca-certificates-mozilla provides the issuer CERT to allow for https repo connections. The standard ca-certificates is not enough on suse/leap/sles based integration tests * Sat Feb 13 2021 Marcus Schäfer <[email protected]> - Fixed packaging metadata for pypi Include the README as long description in the metadata for pypi. The change causes the description on pypi.org to show the ReST rendered README instead of a message that the author of the module hasn't provided a description * Sat Feb 13 2021 Marcus Schäfer <[email protected]> - Delete legacy oem build test from leap The legacy custom kiwi boot test will only continue to exist on tumbleweed without any warranty * Fri Feb 12 2021 David Cassany <[email protected]> - Include a note about rpm's curl requirement to import remote keys This commits add a note in the KIWI installation page to warn users rpm requires curl utility in order to import remote keys from a URI. Fixes #1680 * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.14 → 9.23.15 * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Update documentation Mention the cross arch build capability of the boxbuild command. Also update the example box used in the self container build chapter * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Allow to specify OBS credentials in runtime config In preparation to the new obs kiwi plugin this commit adds an opportunity to store obs credentials such that the plugin could also be used in a non-interactive way * Fri Feb 12 2021 Jesus Bermudez Velazquez <[email protected]> - Add strong typing for the following API methods kiwi/storage/device_provider kiwi/storage/disk kiwi/storage/loop_device kiwi/storage/luks_device kiwi/storage/mapped_device This references issue #1644 * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Update build_status helper for box plugin The suse box has been renamed to tumbleweed * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Update documentation Fixed link list to integration tests * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Added rawhide test status to build_status helper * Fri Feb 12 2021 Marcus Schäfer <[email protected]> - Added Fedora Rawhide integration tests * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Followup fix for RuntimeConfig refactor The refactor of the RuntimeConfig made sure the runtime config file is read in only once. But if the file exists and is empty after yaml.safe_load like in the kiwi package provided /etc/kiwi.yml which contains all config options as comments, the code still reads in the file with every new instance of RuntimeConfig. This commit fixes this condition * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed test-image-vagrant for Leap Use the correct release package * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed test-image-docker-derived for Leap Use the right derived from location * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed test-image-docker for Leap Nothing provides grub * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Delete test-image-pxe from leap tests We don't continue development of netboot code. Thus there is only one test for the old netboot system on TW. People are advised to move to oem remote deployment or the kis type using custom(non kiwi) dracut extensions * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - test-image-MicroOS does not build for leap Looks like this concept is not available on Leap * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Added integration tests for Leap * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Update documentation Location for integration tests has changed * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Deleted x86/suse integration tests * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Moving x86/suse -> x86/tumbleweed This is in fact a copy of the build-tests for x86/suse to x86/tumbleweed. Once the tests in OBS are building x86/suse and the respective project will be deleted * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Deleted s390/suse integration tests * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Moving s390/suse -> s390/tumbleweed This is in fact a copy of the build-tests for s390/suse to s390/tumbleweed. Once the tests in OBS are building s390/suse and the respective project will be deleted * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Delete ppc/suse from build_status helper * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Deleted ppc/suse integration tests * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Moving ppc/suse -> ppc/tumbleweed This is in fact a copy of the build-tests for ppc/suse to ppc/tumbleweed. Once the tests in OBS are building ppc/suse and the respective project will be deleted * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed Debian integration test The test was not using the Staging kiwi to build * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Deleted arm/suse integration tests * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Moving arm/suse -> arm/tumbleweed This is in fact a copy of the build-tests for arm/suse to arm/tumbleweed. Once the tests in OBS are building arm/suse and the respective project will be deleted * Thu Feb 11 2021 Jesus Bermudez Velazquez <[email protected]> - Update tuples to enforce type hints * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed use of BIOS grub image on ISO media Not all systems (e.g Debian) creates the boot/grub|grub2 directory. In kiwi when we need to create a custom grub image because we did not find the distro provided one, an earlyboot.cfg file is created and embedded into the grub image. The locaton to store that file is below boot/grub|grub2. However if the directory does not exist the build will fail as with the current Debian Live integration test. * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Added debian integration tests to build_status The debian build tests were not taken into account by the build_status helper * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Moved ARM fedora integration test to latest stable * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Update suse build tests Deleted old and obsolete configuration setup. Use generic description information as much as possible * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Move fedora integration tests to stable release Instead of building against the rolling release (rawhide) we build the integration tests for non suse tests against the stable release of distributions. The reason is except for suse we don't have influence and resources on the distribution development and sometimes facing the problem that we can only sit and pray for a self healing of the rolling distro releases. From a kiwi release perspective this blocks us too often * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Fixed tbz integration test It seems /bin/sh has been moved into a file provides that cannot be solved by the obs solver. Therefore a package providing it needs to be added explicitly. * Thu Feb 11 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.13 → 9.23.14 * Wed Feb 10 2021 David Cassany <[email protected]> - Remove files or folders that conflict with debootstrap This commit makes use of Path.wipe method instead of os.unlink. This way we are certain the path is removed regardless being a directory or a file. fixes #1718 * Wed Feb 10 2021 David Cassany <[email protected]> - Clean some copy and paste leftover from doc strings * Tue Feb 09 2021 Marcus Schäfer <[email protected]> - Fixed ramdisk deployment from install ISO The dracut mount hook is only called if NO root= information is provided from the cmdline. In a PXE deployment this is the case but in an install ISO deployment not. This commit re-adds the sysroot mount generator approach but only applies on the condition rd.kiwi.ramdisk is set and root= is specified. Only in this case we know config.bootoptions is present in the initrd and will not be provided from an outside service * Tue Feb 09 2021 Christian Goll <[email protected]> - Added dolly support Allow dolly as alternative download protocol * Tue Feb 09 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.12 → 9.23.13 * Sun Feb 07 2021 Marcus Schäfer <[email protected]> - Refactor RuntimeConfig class The former implementation read the runtime config file every time a new RuntimeConfig instance was created. The runtime config is however static during the runtime of an image build process and not supposed to change. Therefore the file should be read in once and any new instance of RuntimConfig should just use what has been read in at the first invocation. This commit refactors the RuntimeConfig class to hold an application global RUNTIME_CONFIG variable and allows to reread the config on explicit request. * Sat Feb 06 2021 Marcus Schäfer <[email protected]> - Added option to setup OBS API server in config Allow to specify the open build service API server in the kiwi runtime configuration file * Sat Feb 06 2021 Marcus Schäfer <[email protected]> - Allow to specify config file on the command line The optional kiwi runtime config file (kiwi.yml) could only be read from ~/.config/kiwi/config.yml or /etc/kiwi.yml This commits adds the global option --config which allows to specify a custom runtime configuration as well. * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Fixed detection for pacman repo type grep the directory listing for a .db.sig metadata file to identify a pacman repo * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Cleanup CliTask doc strings and code duplication Introduce a tuple method to handle arguments with [n] comma separated elements. Also fix method docstrings with wrong type information. * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Fixed typing for add_repository in XMLState class mypy reported further issues on XMLState class which are fixed by this commit * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Fixed type annotations and docs for Uri class The constructor used a wrong type for the repo_type variable and the doc string for the class was invalid * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Added get_repo_type method to SolverRepository In preparation of a plugin to handle external service repositories a method to check for the repository type was added. The detection is based on a search for a specific metadata file which is an indicator for the type of a repository. * Fri Feb 05 2021 Marcus Schäfer <[email protected]> - Update manual pages The system build and prepare commands have received options which were not mentioned in the manual pages. This commit updates the pages to be in line with the code * Mon Feb 01 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.11 → 9.23.12 * Mon Feb 01 2021 Marcus Schäfer <[email protected]> - Fixed debootstrap device node conflict debootstrap creates its own device node tree and fails if a node it creates itself already exists. This commit introduces a list of conflicting device nodes and deletes them prior kiwi calling debootstrap. This Fixes #1675 * Sun Jan 31 2021 Marcus Schäfer <[email protected]> - Added aaa_base to s390 TW build tests On s390 TW aaa_base is not pulled in by a dependency in obs. It looks like the package is pulled in by a file provides which is not resolved by obs. Thus the package needs to be added explicitly * Fri Jan 29 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.10 → 9.23.11 * Fri Jan 29 2021 Marcus Schäfer <[email protected]> - Follow up fix, creating custom grub EFI images Make sure custom EFI grub image is copied to the media directory if this is different from the root directory e.g on creation of live images * Thu Jan 28 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.9 → 9.23.10 * Thu Jan 28 2021 Marcus Schäfer <[email protected]> - Follow up fix, creating custom grub images Moving the grub mkimage call as chroot operation also broke the creation of image builds that uses the legacy custom kiwi boot image feature instead of dracut. This commit fixes it * Thu Jan 28 2021 Marcus Schäfer <[email protected]> - Added leap box to be shown by build_status helper * Wed Jan 27 2021 Marcus Schäfer <[email protected]> - Added decorators to help with API management The lifetime of API methods could be limited due to the development of kiwi. To allow for a deprecation process the following helper methods has been added * Wed Jan 27 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.8 → 9.23.9 * Wed Jan 27 2021 David Cassany <[email protected]> - Update MicroOS build test This commit alignes the MicroOS tests with the MicroOS images build for kvm and xen. In addition it adds the installation media request and custom initrd modules configuration for the installation media. * Wed Jan 27 2021 Marcus Schäfer <[email protected]> - Fixed creation of custom bios grub image The last commit moved the grub mkimage call into the chroot. As a side effect and when creating install media the earlyboot script could no longer be found. This commit fixes it * Wed Jan 27 2021 David Cassany <[email protected]> - Include installmedia documentation * Tue Jan 26 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.7 → 9.23.8 * Mon Jan 25 2021 Marcus Schäfer <[email protected]> - Fixed creation of custom grub image If kiwi can't find the distribution provided grub image(s) it creates them using the respective grub[X]-mkimage tool. However the tool was called on the build host which could cause an inconsistency on the used module path. Grub is not packaged consistently across the distributions and also the provided modules comes in different versions and patch sets. Therefore it's required that kiwi calls the grub mkimage tool as chrooted operation inside of the tree that provides the target image. As consequence of the change it's required that the image root tree provides the grub mkimage tool. In addition to the change we now also log the output from the grub mkimage call in the kiwi build logfile. This Fixes #1254 * Thu Jan 21 2021 Jesus Bermudez Velazquez <[email protected]> - Add strong typing for the following API methods * kiwi/system/kernel.py * kiwi/system/result.py * kiwi/system/shell.py This references issue #1644 * Thu Jan 21 2021 David Cassany <[email protected]> - Add the schematron rules for installinitrd This commit adds an schematron rule to limit the presence of installinitrd element to disk builds including installation media. * Thu Jan 21 2021 David Cassany <[email protected]> - Add the installinitrd element This commit adds the `<installinitrd>` element in kiwi schema to facilitate the dracut modules configuration for the installation initrds on OEM images. Within installinitrd element is possible list the dracut modules to append, to omit or to just set an static list of dracut modules to include. Fixes #1676 Fixes #1683 * Thu Jan 21 2021 Jesus Bermudez Velazquez <[email protected]> - Add strong typing for the following API methods * system/root_bind.py * system/root_init.py * system/identifier.py This references issue #1644 * Thu Jan 21 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.6 → 9.23.7 * Wed Jan 20 2021 Marcus Schäfer <[email protected]> - Don't call super() from logging.Formatter It's not needed to run the base class constructor. The interface for the logging facility is also different between python 3.6 and python 3.8 such that calling the base constructor would be bad idea anyway. * Wed Jan 20 2021 Jesus Bermudez Velazquez <[email protected]> - Add strong typing for the following API methods * kiwi/system/size.py * kiwi/system/uri.py * kiwi/system/users.py Update the test path for users_test.py This references #1644 * Wed Jan 20 2021 David Cassany <[email protected]> - Include missing qemu-tools dependency for iso images This commit includes a missing qemu-tools dependency for iso image type. * Wed Jan 20 2021 Marcus Schäfer <[email protected]> - Added strong typing for the following API methods * kiwi/system/prepare.py * kiwi/system/profile.py * kiwi/system/setup.py The changes here also lead to a small refactoring for the handling of the package manager. In my opinion it doesn't make sense to allow a None type package manager from the stateful XML instance. As without any package manager nothing can be done. As it also turns into an issue for the PackageManager API which does not allow for an empty value here I thought it's better to come up with a default package manager (set to dnf) if no one is explicitly specified This references Issue #1644 * Wed Jan 20 2021 Marcus Schäfer <[email protected]> - Explicitly set lvm device source Set external_device_info_source=none for lvm calls. This is related to Issue #1665 * Tue Jan 19 2021 Marcus Schäfer <[email protected]> - Fixed use of encoding in open calls The use of encodings.ascii in open calls was wrong. Open expects an encoding string but encodings.ascii returns a module reference * Tue Jan 19 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.5 → 9.23.6 * Tue Jan 19 2021 Marcus Schäfer <[email protected]> - Handle checksum files in ascii encoding Follow up fix for #1673. Handle reading/writing of all supported checksum variants in ascii encoding * Mon Jan 18 2021 Neal Gompa <[email protected]> - Mark Micro DNF as a RPM based package manager Without doing this, KIWI won't generate the correct output files for verification of image content. * Mon Jan 18 2021 Marcus Schäfer <[email protected]> - Only write GRUB_CMDLINE_LINUX_DEFAULT with content Only write GRUB_CMDLINE_LINUX_DEFAULT in the grub defaults file if there are custom options set via the kernelcmdline attribute. This Fixes #1650 * Sat Jan 16 2021 Petr Pavlu <[email protected]> - Move logic to sync system data into a separate method Reduce cyclomatic complexity of DiskBuilder.create_disk() by moving the logic to sync system data into a separate method. * Fri Jan 15 2021 Marcus Schäfer <[email protected]> - Fixed missing systemdisk provides kiwi-systemdeps-filesystems did not provide kiwi-filesystem:ext2 * Fri Jan 15 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.4 → 9.23.5 * Wed Jan 13 2021 Jesus Bermudez Velazquez <[email protected]> - Refactor default shared cache location Defaults shared cache location does not depend on CLI parameters Add set method for custom cache location in Defaults CLI default value for shared cache dir depends on Defaults if not set Update default if CLI shared cache dir set Fixes #1671 * Tue Jan 12 2021 Jesus Bermudez Velazquez <[email protected]> - Update contributing link in README * Mon Jan 11 2021 Marcus Schäfer <[email protected]> - Delete obsolete ddb.adapterType patching When building a vmdk image with pvscsi as adapter type, kiwi implicitly changed the adapter_type from pvscsi to lsilogic because qemu only knows lsilogic. At the end kiwi patched the adapter type in the descriptor of the vmdk header back to pvscsi. That patching seems to be wrong according to information from users and VMware support. This commit deletes the descriptor patching and only leaves the pvscsi setting in the guest configuration(vmx). This Fixes bsc#1180539 and Fixes #1847 * Mon Jan 11 2021 Marcus Schäfer <[email protected]> - Bump version: 9.23.3 → 9.23.4
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Dec 21 00:31:52 2024