| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: kiwi-man-pages | Distribution: openSUSE Tumbleweed |
| Version: 10.2.32 | Vendor: openSUSE |
| Release: 1.1 | Build date: Mon Aug 11 17:44:15 2025 |
| Group: System/Management | Build host: reproducible |
| Size: 21297 | Source RPM: python-kiwi-10.2.32-1.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://github.com/OSInside/kiwi | |
| Summary: KIWI - manual pages | |
Provides manual pages to describe the kiwi commands
GPL-3.0-or-later
* Mon Aug 11 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.31 → 10.2.32
* Mon Aug 11 2025 Josef Ottl <j.ottl@edgizer.com>
- fix: resize for raid device, ensure vars like kiwi_RaidDev are loaded before setting disk variable
* Fri Aug 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Do not clobber initialize method
There was a method named initialize defined and implemented
differently in the dracut modules kiwi-lib and kiwi-repart.
kiwi-lib is expected to be shared code across all kiwi dracut
modules. However if one module redefines a method of the
same name which is used in another module and expected to
work differently there, this is evil. This commit cleans
up the name conflict and names the kiwi library init function
as lib_initialize. All dracut code that is expected to make
use of this method has been adopted too.
* Tue Aug 05 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Skip kiwi-repart module in install ISOs
In case the kiwi-repart module is explicitly requested in a
dracut.conf file and the image is also configured to build an
install ISO image this leads the install ISO to contain the
kiwi-repart module as well which is unwanted. This commit
explicitly omits the kiwi-repart when creating the initrd
for the install image
* Tue Aug 05 2025 Gavin Lambert <uecasm@users.noreply.github.com>
- Skip repart when booting install/live iso
* Mon Aug 04 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update leap test-image-disk integration test
Add test for alternative volume ID in install ISO
* Fri Aug 01 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.30 → 10.2.31
* Thu Jul 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Consolidate device lock into its own method
Add set_device_lock method which uses udevadm lock preferable
but also supports an flock fallback in case there is no lock
command provided via systemd/udev
* Thu Jul 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix bug in shell condition
The shell code test ... || warn A; warn B will always
print the warning for B despite the test result. This lead
to the warning message "Settings from the kiwi description will be ignored"
to be printed always. This commit fixes it with a clean if/then
condition
* Wed Jul 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix documentation rendering
There was an indentation bug which caused the docs to
render wrong. This commit fixes it
* Wed Jul 30 2025 Adam Williamson <awilliam@redhat.com>
- solver/repository: Handle zstd-compressed metadata files
`_create_solvables` assumes metadata files are gzip-compressed,
but modern Fedora ones are not, they are zstd-compressed.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
* Tue Jul 29 2025 Adam Williamson <awilliam@redhat.com>
- uri: If we fail to resolve the metalink URI, log it
It's rather useful to know *what* the URI is when something goes
wrong, after all.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
* Tue Jul 29 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.29 → 10.2.30
* Tue Jul 29 2025 Fabian Vogt <fvogt@suse.de>
- Fix repartitioning with parted
parted does locking itself already. Wrapping it in udevadm lock results
in a deadlock, breaking boot.
* Mon Jul 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-disk-simple integration test
Update slfo/test-image-disk-simple. Add more space for
flake testing and add a user to test flakes for non root
* Fri Jul 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Catch potential exceptions from pathlib.Path.mkdir
Creating a directory can fail, we should catch this error
instead of ending up in a stack trace
* Thu Jul 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.28 → 10.2.29
* Thu Jul 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix return from repart stage
If we return from the repart stage it's important to wait
for the root device to appear. This is because the device
setup from udev might still be held back due to a former
lock on the device. This means if we return fast after
locking for example when check_repart_possible() quickly
finds out that it's not possible, then udev has not yet
got the time to create the device nodes.
This Fixes #2863
* Fri Jul 18 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.27 → 10.2.28
* Fri Jul 18 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix dracut code to be POSIX compliant
The redirect type "< <(...)" is not POSIX complians and leads
to a syntax error in dracut which calls bash as "sh" leading
it to be restricted to POSIX only
* Thu Jul 17 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Extend test-image-lvm integration test
For testing a bit more complex resize procedure, update
the lvm integration test to run more resize actions
with required device locking
* Thu Jul 17 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Apply proper udev locking
Several commands during repart, resize and other actions
require a proper lock to be set for udev such that other
events knows about the locked state of a device and do
not mess with it until the command for which the lock
persists has completed. This commit applies proper udev
locks to all commands that requires it. In addition
incorrect code that was expected to prevent such race
conditions got dropped from the implementation.
This is related to bsc#1242987
* Thu Jul 17 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- relocate GPT at the end of disk using sfdisk
Using sfdisk for relocation and verification makes this
part more consistent. We also want to move away from gdisk.
This is related to #2851
* Thu Jul 17 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Do not strictly require config.partids in repart
The kiwi-repart implementation requires a metadata file
named config.partids which holds information about
partition ids and more stored at the time the image was
built. Depending on the complexity of the image and the
resize request some of the information can be rebuilt
in case the metadata file is missing. This commit adds
the rebuild of the minimum required information to run
a standard resize and therefore allows the kiwi-repart
dracut module to work also without config.partids to be
present in the system
* Thu Jul 17 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Do not drop /config.partids
The partition id metadata file is used in the kiwi-repart
module. If a user wants to use the kiwi repart module
permanently, this metadata file needs to stay in the system.
Therefore it should not be automatically deleted by the
cleanup. A disk.sh hook script can be used to force the
deletion of the file though. This is related #2851
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix centos/test-image-live-disk-v10
There is no package named iprutils
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix centos/test-image-live-disk-v10
Update package names
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added centos/test-image-live-disk-v10 build test
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix tumbleweed/test-image-gce integration test
Drop obsolete growpart
* Wed Jul 16 2025 Robert Schneider <48757730+work-robot@users.noreply.github.com>
- Followup fix to support older apt versions for bootstrap
There are apt versions that do not create missing state files.
Make sure the intermediate bootstrap state file is created in
any case. This Fixes #2857
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed integration test builds
Next round of fixes for integration tests. Missing
or wrong service activations
* Wed Jul 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix arm/tumbleweed/test-image-rpi
Fix snapper setup for this integration test
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-live-disk
Added missing openssh-server package
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-azure
Add missing python-azure-agent-config-default package
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed debian integration test builds
secure shell service is named ssh and not sshd there
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed integration test builds
Second round of fixes for integration tests. Again errors
now became visible due to the refactoring of the script code
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed integration test builds
Errors from scripts were no longer ignored due to the last
cleanup of the integration test script code. This commit
fixes the now exposed build errors
* Tue Jul 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix check_target_dir_on_unsupported_filesystem
Find the first existing path in the target path and
check the filesystem capabilities for this path.
This Fixes #2858
* Mon Jul 14 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Cleanup integration tests config.sh script code
Add script code to shellcheck and fix all reported issues.
Get rid of suseXX and baseXX methods as much as possible.
Add set -ex for all script code. Do not allow any script
code to fail.
* Mon Jul 14 2025 Andrea Bolognani <abologna@redhat.com>
- defaults: Add patterns for shim/grub2 on riscv64
A recent commit changed the way these are looked up and
accidentally broke image building on riscv64, with
KiwiBootLoaderGrubSecureBootError: Signed grub2 efi loader not found
now being raised for kiwi recipes that worked just fine
before that moment.
Fixes: 197572378cf4f25103934beac2ceca4fbbcfcbc0
Thanks: David Abdurachmanov <davidlt@rivosinc.com>
Thanks: Marcus Schäfer <marcus.schaefer@gmail.com>
Signed-off-by: Andrea Bolognani <abologna@redhat.com>
* Sat Jul 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add SLFO test-image-disk-simple integration test
Add simple disk test and allow for testing the new
transparent container idea for the aws toolchain. also
add SLFO builds to the helper script
* Wed Jul 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed check for unallocated space on disk
So far the check for unallocated space was only working for GPT
and there it was also not really stable. The check was based on
verifying if the backup GPT table is really at the end of the
disk. Depending on which tool was used to dump the image on the
target this "mistake" often got corrected by the tools that
dumped the image. In this case the check no longer worked.
This commit improves the check by another test which looks
for the real free bytes on disk compared to the current
partition geometry.
* Wed Jul 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move to neutral directory for calling osc
When calling the helper/build_status.sh script to get an
overview about the results of the integration tests, there
is a stupid new behavior from the osc tool that it assumes
a package name according to the name of the directory you
are in probably connected to the fact that the data in this
directory is a git checkout or some other strange assumption.
This commit moves to a neutral directory where none of the
osc internal assumptions applies and it just does what it
should do... showing results of the given project.
* Wed Jul 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.26 → 10.2.27
* Tue Jul 08 2025 Gavin Lambert <uecasm@users.noreply.github.com>
- Fix regression in get_partition_node_name
backwards compat for lsblk before 2.38
if START column not supported, fall back to default sort
* Tue Jul 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add global option --setenv
Allow to set environment variables in the caller environment
via the commandline, e.g --setenv SOURCE_DATE_EPOCH=42
* Tue Jul 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Seed filesystem UUIDs with SOURCE_DATE_EPOCH
For reproducible builds the calculation of the filesystem UUID
should be persistent with each rebuild of the image. To achieve
this the UUID is calculated using the SOURCE_DATE_EPOCH from
the environment plus a char-number representation of the filesystem
label name as random seed. In kiwi every filesystem is created
with a label, thus only in case there is no SOURCE_DATE_EPOCH
available we continue to create the UUID as random data.
This Fixes #2761
* Tue Jul 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add label attribute for <partition> section
Allow to specify a filesystem label as part of a <partition>
definition. So far the label was set by the name of the
partition. With the new label attribute, a filesystem label
different from the partition name can be set. This commit
also updates/fixes the documentation in this regard.
* Tue Jul 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Improve log message in SystemIdentifier
Add some scope information such that we know from where
this log information originates from.
* Mon Jul 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add rd.kiwi.install.devicepersistency
Allow to specify which type of persistent device name should
be used to build up the list of installation disk devices.
For example rd.kiwi.install.devicepersistency=by-path would
use the by-path representations for the available disk
devices. The default (by-id) stays untouched. In case an
invalid or not present device representation is selected, kiwi
falls back to the non persistent unix node names.
* Fri Jul 04 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-disk
Add NetworkManager for better remote debugging capabilities
* Tue Jul 01 2025 Bernhard M. Wiedemann <bwiedemann@suse.de>
- Make mbr-id deterministic
Log the value of SDE so it is available to review,
even if the build system does not tell about it.
Update the tests to cover the new code-path.
Co-Authored-By: Marcus Schäfer <marcus.schaefer@gmail.com>
* Tue Jul 01 2025 Bernhard M. Wiedemann <bwiedemann@suse.de>
- Ensure dracut initrd is reproducible
This helps a bit with issue #2358
Add reproducible flag for UKI too
Update tests accordingly
Co-Authored-By: Marcus Schäfer <marcus.schaefer@gmail.com>
* Fri Jun 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.25 → 10.2.26
* Fri Jun 27 2025 Alejandro Perez Pestana <alejandroperezpestana99@gmail.com>
- Add kernel parameter support for dm-verity options
Implement rd.kiwi.verity_options= parameter to allow runtime customization of veritysetup options
Closes #2837
* Fri Jun 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix shim lookup for arm on SUSE
Add missing search path for shim binary on arm based SUSE
systems. Also update the tumbleweed/test-image-live-disk
integration test for arm to build with secure boot enabled
to actually test a secure boot enabled ISO build.
This Fixes #2842
* Wed Jun 25 2025 Dan Čermák <dcermak@suse.com>
- Add container_import template test
* Wed Jun 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.24 → 10.2.25
* Wed Jun 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed get_partition_node_name
The function get_partition_node_name takes the disk device
and the partition index as arguments to match against the
respective device node for this partition index. The partition
index is the position of the partition in the partition table
according to their start offset. For the code to function
properly it is required that the list of partitions provided
by lsblk is ordered according to the start address of the
partitions in the table. The way lsblk was called did not
enforce this ordering. This commit enforces the order to
be done against the start offset and fixes bsc#1245190
* Tue Jun 24 2025 Dan Čermák <dcermak@suse.com>
- Add support for container-snap as a container-image engine
With this commit, we can now pre-load images using container-snap directly
during the kiwi image build
* Tue Jun 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-MicroOS for local build
Fix bootstrap setup such that micro-os patterns can resolve
* Tue Jun 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix logging of stderr data in command calls
The stderr data was presented as one blob without line
breaks. Hard to read and smells like a bug. This commit
fixes the output to become readable
* Tue Jun 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-MicroOS/disk.sh
Add a findmnt for / to check if there is a proper root
device reference
* Mon Jun 23 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix mount system for root_is_snapper_snapshot
If root is a snapper snapshot we have to tell the
chroot a proper root mount point which can be achieved
by a bind mount pointing to itself. This Fixes
bsc#1244668
* Wed Jun 18 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- There is no shim for aarch64 on SUSE
Fix integration test for standard EFI (no secure boot)
setup on arm
* Mon Jun 16 2025 Alejandro Perez <69607775+aale24@users.noreply.github.com>
- Add driver configuration support for dracut initrd
Add driver configuration support for dracut initrd
Add support for specifying kernel drivers to be included or omitted
in the dracut initrd configuration. This extends the existing dracut
configuration capabilities like in the following example
<initrd action="add">
<dracut driver="erofs"/>
</initrd>
* Tue Jun 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed rootfs size calculation with spare part
In case a spare_part setup is combined with the root_clone feature,
the size calculation for the rootfs did not take the cloning into
account and lead to the wrong value. In addition when requesting
the spare part to be last and no size information was given, the
partition was not created at all. This commit fixes both defects
and Fixes #2831
* Sun Jun 08 2025 Neal Gompa <ngompa@velocitylimitless.com>
- Add dependency for isomd5sum for iso images and set in kiwi-settings
This ensures that isomd5sum is pulled into the environment for ISO image
builds, and the updated settings makes it so that kiwi boxes will use it.
* Tue Jun 03 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow /boot to be a btrfs subvolume
In a btrfs based design, allow to put /boot as subvolume.
This required a small fix in the mount order in a way that
boot/efi gets mounted after the subvolume mounts are done.
The respective integration test has been updated to test
this functionality. This Fixes #2824
* Mon Jun 02 2025 Dirk Müller <dirk@dmllr.de>
- Use f-strings where feasible
This is a slightly shorter and easier to read syntax
* Mon Jun 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow multiple EFI arch binaries/modules
Allow to lookup and included EFI binaries/modules for
multiple architectures. For testing the integration
test in rawhide/test-image-live-disk has been adapted
accordingly to install 32bit and 64bit EFI binaries.
This Fixes #2822
* Mon Jun 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Log warning message for disabled runtime checks
Complete type hints for RuntimeConfig class and log
a warning message for each disabled runtime check
* Mon Jun 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix static type argument int vs. str
* Mon Jun 02 2025 Dirk Müller <dirk@dmllr.de>
- Move it inside the context that actually uses it
also rename it to "supported" as that seems to closer match
what it resembles
* Mon Jun 02 2025 Dirk Müller <dirk@dmllr.de>
- Add overlayfs as supporting xattr/ACLs as well
* Mon Jun 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix disk_type validation for zipl loader
If the targettype is set to GPT in combination with plain
zipl as loader, the code to validate the targettype against
the targetgeometry was not effective and zipl failed.
This Fixes #2821
* Wed May 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup overlay unit enablement
* Wed May 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup overlay mount dependencies
* Wed May 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-overlayroot integration test
Use proper systemd mount units to setup the custom overlay.
The handling of fstab entries by systemd is limited and
should be better handled by self managed mount units
* Wed May 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use proper mount units for overlay setup
Instead of manual mounting create a proper systemd mount
unit. This allows to manage mount dependencies and the order
of nested mounts in a clean way
* Tue May 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.23 → 10.2.24
* Mon May 26 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Cleanup build metadata
Make sure the final image rootfs does not contain unneeded
metadata files used during build time. The respective cleanup
call is performed after the root sync and after all initrd/boot
processing has been done. This is because up to that point it's
still possible that the information is required. This means
when building images with a read-only rootfs, it might not be
possible that the metadata can be deleted due to a chicken&egg
situation. Furthermore the cleanup is applied to the disk
builder only as other builders do not really suffer from
this data and for the container builder the metadata can
also be used for the stackbuild feature when building images
derived from containers. This Fixes #2668
* Sun May 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update overlay integration test for partial write
Update the sdboot_uki_verity_erofs profile of the
test-image-overlayroot integration test with a custom
fstab example to overlay only parts of the system
for writing. This Fixes #2815
* Sun May 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- bootloader setup without overlay write partition
If overlayroot_write_partition="false" is set, no system
indicator was stored. This cause the bootloader setup to
be skipped completely which is not required for e.g.
systemd-boot.
* Sun May 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure to create overlay directories
Create overlay directories even if rd.root.overlay.readonly
is set. This allows individual fstab overlays mounts to be
performed
* Fri May 23 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed rd.root.overlay.readonly overlay mode
When booting an overlayroot image with rd.root.overlay.readonly
set, the system will boot with only the read-only root mounted.
There was a bug in the dracut code which prevented this mount
from succeeding when the read-only rootfs is different from
squashfs. This commit changes the mount to be a simple bind
mount, independent of the origin filesystem. This works because
the read-only mount is performed in the dracut overlay code
anyway. This is related to Issue #2815
* Wed May 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- The way we build debs requires setuptools
debbuild doesn't work when setuptools is not there
* Wed May 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop use of setuptools
Since we moved to poetry and no code using setuptools anymore,
this requirement can be dropped. The commit also updates the
plugin documentation which was still based on setup.py
* Tue May 20 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update live boot remote boot features
Like the upstream module also support the root=live:http://...
remote boot options. The kiwi-live dracut module is scheduled
to become obsolete, but it's still in use and should support
remote boot not only for AoE. As we got more issue reports than
working AoE remote boot success, this commit also updates the
documentation and switches to the capabilities of this PR.
* Mon May 19 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add UKI support for the grub bootloader
In addition to systemd_boot also add support for UKI creation
when grub is used. This includes the creation of a UKI image
via dracut in the same way as it's done for systemd_boot.
In addition an earlyboot grub script chainloads the UKI and
bypasses any written grub configuration. In Theory this should
also allow to use the shim loader for chainloading an UKI.
However I haven't done testing in this direction and I also
expect security issues with this approach because loading
any non signed data by shim is not expected to work. A new
profile named grub_uki_verity_erofs has been added to the
integration test that experiments with UKIs
* Mon May 19 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.22 → 10.2.23
* Fri May 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for <initrd> section as part of <type>
Extend scope and content of the <initrd> section to be allowed
as part of the <type> section. This allows to specify custom
call options and modules for the dracut tool. In particular
this commit implementes support for passing the uefi option
to dracut to enable building an UKI EFI binary as follows:
<initrd action="setup">
<dracut uefi="true"/>
</initrd>
This Fixes #2809 and Fixes #2408
* Fri May 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix systemd-boot loader setup
To make sure only loader entries from /boot/efi/loader/entries
kiwi deleted eventually existing entry files from /boot/loader.
However that is a problem for read-only systems and should actually
also not performed by kiwi. This Fixes #2805
* Thu May 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.21 → 10.2.22
* Thu May 15 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Apply security context on writable root only
Make sure to perform setfiles only on a writable target. In case
of a read-only root it is expected that the security context set
by kiwi in an earlier stage is complete. As there is no way to
modify data when root is read-only, there is also no way to change
the security context of any file such that we skip setfiles
in this case. Should there be a read-only system that has writable
partitions such as /boot and their content changes while the rest
of the root system is read-only it is in the responsibility of
the author of the image description to call setfiles only on
the affected and still writable files via a custom disk.sh
script. Along with the fix the respective integration test was
modified to enable selinux such that this change is actually
integration tested. This Fixes #2805
* Thu May 15 2025 areif-dev <aj@ajreifsnyder.com>
- Docs: fix typo in users.rst
* Wed May 14 2025 areif-dev <aj@ajreifsnyder.com>
- Docs: minor punctuation and grammar fixes
* Wed May 14 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Give test-image-overlayroot enough space
* Wed May 14 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow ext2/ext3 as valid build target
stat reports the value 'ext2/ext3' which is a valid target
* Wed May 14 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added check_target_dir_on_unsupported_filesystem
Add runtime check to make sure the selected target directory
for the image and/or the image rootfs lives on a filesystem
that provides all required features like extended permissions,
ACLs or xattrs.
* Tue May 13 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix rd.kiwi.oem.luks.reencrypt_randompass workflow
When requesting a new random key prior reencryption, make
sure that this new key is referenced in the current in
memory initrd crypttab such that all subsequent
tasks e.g. luks resize have permissions to complete while
inside of this initrd instance
* Mon May 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for new tarball-based WSL format
With the new image="wsl" type one can build a WSL container
image that uses the new tarball format. This Fixes #2678
* Mon May 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update SL-Micro build test
For details see: https://build.opensuse.org/request/show/1272418
* Mon May 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Required read-only-root-fs for SL-Micro test build
Changes from the SL-Micro team requires adaptions to the
integration test description
* Mon May 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete fstab.script from SL-Micro test build
This was only needed when /var was an extra partition, but
it's a volume with copy-on-write disabled for some time
* Mon May 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add systemd-resolved to TW integration tests
For some reason it's not longer part of the systemd standard
installation
* Fri May 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.20 → 10.2.21
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add dkms to test-image-embedded integration test
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed access issue to etc/kernel for sdboot
In case of an overlayroot setup we have to make sure
that etc/kernel is writable. This is done by a bind
mount of the ESP
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-overlayroot
Add another build using grub instead of systemd-boot and use
btrfs as write partition instead of xfs. Please note this test
requires a boot partition because grub cannot read from erofs
and unlike systemd-boot grub does not read all boot data from
the ESP.
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed get_volume_management
If a volume capable filesystem like btrfs is requested, there
must also be a volume definition available to report that
the volume management is actively used. Just the request of
the filesystem can also mean it's being used without volumes
like it could be the case for an overlayroot setup that
requests btrfs as write partition.
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-overlayroot
Move to systemd-boot as bootloader, activate secure boot
and drop the extra boot partition. Use XFS for the write
space
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow initrd updates on read-only devices
Move initrd to ESP for boot loaders that reads data
from there
* Thu May 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix ordering issue for device assignment
wrong assignment of a boot partition in overlayroot setup
without boot partition
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add kiwi-settings package for TW
de-blacklist erofs to allow building integration tests
with this filesystem
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Switch to dracut-kiwi-verity
So far no luck with the systemd verity generator. This
commit adds the parsing of /etc/veritytab in the existing
kiwi-verity dracut module and uses it in the overlayroot
integration test.
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-overlayroot integration test
Switch to erofs for overlay testing. Additionally split the build
into two profiles. The first one just builds a simple overlayroot
oem disk based on erofs. The second one adds a veritysetup layer
and configures the systemd-veritysetup-generator for use in dracut.
This Fixes #2799
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add documentation for new attribute
Add details how to use the new overlayroot_readonly_filesystem attribute
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for selecting the overlay read-only fs
Add new overlayroot_readonly_filesystem attribute which allows
to select for either squashfs or erofs as the read-only filesystem
in an OEM overlay disk setup.
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed root setup for verity overlay disk
When building an image with overlayroot set to true and
activated verity data, the root= parameter must be
set to root=overlay:MAPPER=verityroot instead of the standard
overlay:PARTUUID mapping.
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure the verity record has a superblock
* Wed May 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop distro specific runtime check
The check_efi_mode_for_disk_overlay_correctly_setup exists because
shim-install does not work on read-only devices. However, shim-install
is a SUSE only tool that runs a SUSE specific secure boot setup.
For other secure boot processes this runtime check is not useful.
As runtime checks aims to be generally useful, this one gets
dropped.
* Tue May 06 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix root clone size setup
If the root_clone attribute is specified without providing a
fixed size for the system, kiwi estimates the size needed for
the root part and assigns the rest to the clone. This leads to
different partition sizes for the root clones. As per definition
of a clone the expectation is that the size is the same, this
commit changes the behavior such that the calculated size for
the system is applied to the origin root and all its clones.
As a consequence this can leave unpartitioned space free in
the image. This Fixes #2463
* Mon May 05 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.19 → 10.2.20
* Fri May 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix reencryption master key passphrase
Make sure to use the correct passphrase for the master
key such that it can be decrypted with the same credentials
as before. The credentials reset is a subsequent task
after reencryption.
* Thu May 01 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.18 → 10.2.19
* Wed Apr 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed targettype setup in zipl.conf
The special targettype set to GPT still indicates SCSI for
the zipl.conf but tells kiwi to create a GPT disk layout
* Wed Apr 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed s390 integration test
targettype attribute in wrong section
* Wed Apr 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for GPT targettype on s390
Allow to build s390 images using GPT instead of the old DOS
partition table. zipl has added support to read from GPT.
This Fixes #2694
* Wed Apr 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add --no-compress option to bundler
Allow to skip the compression for bundle files marked
to become compressed. This Fixes #2736
* Wed Apr 30 2025 Steve Traylen <straylen@stevekiwi.cern.ch>
- Rawhide (F43) has removed basesystem package
The basesystem package was retired with rawhide (F43).
https://src.fedoraproject.org/rpms/filesystem/pull-request/20
* Wed Apr 30 2025 Steve Traylen <steve.traylen@cern.ch>
- rawhide install shadow-utils for usermod
Using `kiwi-ng` version 10.2.18 (EL9)
Currently with:
```
sudo kiwi-ng system build \
- -description kiwi/build-tests/x86/fedora/test-image-docker
- -set-repo http://ftp.fau.de/fedora/linux/development/rawhide/Everything/x86_64/os/ \
- -target-dir /tmp/myimage1
```
This fails with:
```
[ INFO ]: 09:46:38 | Setting up user root
[ INFO ]: 09:46:38 | --> Modifying user: root
[ INFO ]: 09:46:38 | --> Primary group for user root: root
[ ERROR ]: 09:46:38 | KiwiCommandError: chroot: stderr: /sbin/chroot: failed to run command ‘usermod’: No such file or directory
```
Install the package `shadow-utils` to provide `usermod`.
* Wed Apr 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed default bls value setup
Fixed get_build_type_bootloader_bls behavior in case the bls
attribute is not set. In this case get_bls() returns a None value
which was returned. However in this case the attribute value
should not be taken into account and the method defined default
value for bls should be returned. This Fixes #2542
* Mon Apr 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.17 → 10.2.18
* Mon Apr 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix setup of use_disk_password for random secret
When using luks="random" in combination with use_disk_password="true"
the resulting cryptomount call in grub is wrong. This commit fixes it
* Sun Apr 27 2025 Neal Gompa <ngompa@velocitylimitless.com>
- Drop copying GRUB2 modules to /boot with Secure Boot UEFI images
Copying the modules creates a situation where future updates
applied to a running system can cause GRUB to crash due to mixed
modules and GRUB EFI binaries.
It is not needed anyway since GRUB EFI binaries for Secure Boot have
all modules compiled into the binaries.
Fixes: https://github.com/OSInside/kiwi/issues/2790
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure editbootinstall runs offline
editbootinstall expects the system to be umounted
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure post sync actions are in scope
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Follow up fix for overlayroot builds for EFI path
Only perform the boot overlay if there is an extra boot partition
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Only remove entries from exclude list if present
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix overlayroot builds for EFI path
make sure to keep boot/efi mountpoint directories
in the read-only area as they can't be created later
* Sun Apr 27 2025 Neal Gompa <ngompa@velocitylimitless.com>
- doc: overview: Add list of supported Linux distributions
These are the Linux distributions that are developed and actively
tested for with the latest kiwi releases.
This should offer greater clarity about what we're able to support
as an upstream project.
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed mount of image system for volume managers
The ImageSystem.mount() method implemented its own handling
for mounting the volumes of a volume manager based system.
First and foremost this duplicates code that already exists
in the respective VolumeManager implementation and second
the code behaved wrong in case of btrfs when there is no
default subvolume configured
* Sun Apr 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Handle grub fix functions less strict
If called on full read-only systems, log the information
that the files can't be modified but do not fail. On
such systems the expectation is that no fix code must
be applied and as such the fix function can be considered
an optional step.
* Fri Apr 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed root setup for encrypted overlay disk
When building an image with overlayroot set to true and
activated luks encryption, the root= parameter must be
set to root=overlay:MAPPER=luks instead of the standard
overlay:PARTUUID mapping. This Fixes #2776
* Fri Apr 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Change suffix for package manager config files
Use .config instead of .conf for the temporary package
manager config files. Reason for this change is a bug in
dracut which reads and executes all /*.conf files from
the system. This Fixes #2780
* Fri Apr 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Set security context after root sync
On selinux enabled image builds we call setfiles initially
after the root tree is complete and after each script invocation
that might change the system. However the security context
also applies to mount points e.g volumes which only exists
at the time when the root tree gets synced to the actual image
binary. Thus this commit also calls setfiles on the mounted
root tree after data sync. This Fixes rh#2333743
* Fri Apr 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix broken doc link
Rephrase chapter pointing to a documentation side at VMware.
They are constantly changing their documentation URLs that
I'm tired of fixing this. This Fixes #2782
* Tue Apr 22 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.16 → 10.2.17
* Tue Apr 22 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix key slot selection for luks reencrypt
Depending on the type setup for a luks encrypted image, there
might be one or two key slots available. When kiwi is requested
to perform the reencryption process at least one key-slot and
the proper keyfile/passphrase must be provided. This commit
stores the information about the key-slot number for which
a decryption information exists in the initrd. In addition to
the code change also the corresponding integration test image
was updated.
* Tue Apr 22 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-gce integration test
python3-gcemetadata was renamed to python-gcemetadata
* Mon Apr 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed integration test builds for TW
Request dracut explicitly when needed
* Wed Apr 16 2025 Neal Gompa <ngompa@velocitylimitless.com>
- Add support for filtering out files from the ESP image for GRUB
Prior to this change, KIWI blindly synced the ESP directory into the
embedded ESP image. Depending on the distribution and packages included
for the created image, this can have undesirable side-effects.
For image builds that need some more fine-grained control over the
creation of the embedded ESP image (particularly for ISO images),
this change introduces the ability to inject an exclusion list
similar to what is used to filter out files for the root filesystem.
Fixes: https://github.com/OSInside/kiwi/issues/2008
Fixes: https://github.com/OSInside/kiwi/issues/2777
* Sun Apr 13 2025 Neal Gompa <ngompa@velocitylimitless.com>
- Fix bundle extension for container types
When building result files that use container types like oci or docker,
kiwi creates them as archive tarballs with an extension prefix to
indicate the special nature of the archive. However, the bundler
code does not retain the prefix, which results in the wrong file
extension for these archives.
This change adds exceptions for these types and refactors the
exception handling to unify it with the Vagrant image filename
handling, which operates similarly.
Fixes: https://github.com/OSInside/kiwi/issues/2628
* Fri Apr 11 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update LOADER_TYPE setup for grub
If the bootloader attribute: bls is set to true, make sure
the LOADER_TYPE changes to grub2-bls. This is related to
Issue #2773
* Thu Apr 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix Agama PXE build
A bootloader setup is needed to create config.bootoptions
Even though a ramdisk deployment does not require a bootloader
setup we need it because part of the setup is the root device
reference which is still needed to pivot root into the
system
* Thu Apr 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix firmware setting for Agama PXE image
* Thu Apr 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added obs BUILD_FLAVOR for agama
Required for multibuild (multiple profiles) build
* Thu Apr 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update Agama integration test
Split the build into two profiles ISO and PXE to differentiate
the build results into a small Agama for remote installations
and a standard Agama for iso based installations
* Wed Apr 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Prevent loading unused data in oem deployment
In case rd.kiwi.ramdisk is used as part of a remote deployment
setup, it's not needed to load the system kernel and initrd
because it's not used as kexec is not called with the system
deployed into memory. For ramdisk deployments the system is
booted using the currently active kernel and initrd and as
such we can avoid loading an extra kernel and initrd for
booting the system via kexec.
* Wed Apr 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update Agama integration test
Make use of <oem-ramdisk-size> in the Agama integration test
* Wed Apr 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added <oem-ramdisk-size> element
So far it was only possible to specify the size of the ramdisk
via the kernel commandline option: ramdisk_size. In a remote
deployment it was therefore required to carry this size as a
mandatory information to the deployment server. With this commit
we allow to specify the size for the ramdisk to be configured as
part of the image configuration which makes this information
also available inside of the initrd. If provided the ramdisk_size
kernel commandline option still takes precedence over the
<oem-ramdisk-size> setting to avoid any behavior change and to
still allow dynamic overrides of the ramdisk size.
* Tue Apr 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- reinstall bootstrap packs in image phase for apt
Due to the special bootstrap process, the packages unpacked
during bootstrap are not properly listed in the apt index.
Therefore the bootstrap packages are added to the install
phase which causes an install of this packages again to
fix the apt index and provide a consistent system from
an apt perspective. This Fixes #2768
* Mon Apr 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed restore of keyfile after reencryption
When kiwi runs the reencryption it also restores an eventual
existing keyfile. However if the option rd.kiwi.oem.luks.reencrypt_randompass
is specified no former keyfile should be restored. The purpose
of reencrypt_randompass is to make sure only this in memory
passphrase can access the luks pool such that tooling at boot
time gets the opportunity to work with the luks pool for e.g.
setting up a TPM key or set a passphrase only known to the user.
* Fri Apr 04 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update dracut kiwi-lib module setup
Make sure all tools used in code are requested for inclusion
* Fri Apr 04 2025 Rüdiger Oertel <ro@suse.de>
- keep /usr/bin/sha256sum
dropping md5sum was okay, but now we need
the current tool to verify the checksum
* Thu Apr 03 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Restrict keyfile permissions
For reencrypt in combination with rd.kiwi.oem.luks.reencrypt_randompass
make sure that the temporary random pass keyfile has 0400 root
owned access permissions set
* Wed Apr 02 2025 Neal Gompa <neal@gompa.dev>
- package: Add kiwi-image:oci Provides to -systemdeps-containers
This allows the Open Build Service to correctly resolve dependencies
when building OCI images.
* Wed Apr 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Better logging which kiwi file is read
Improve the log message that tells about reading the
kiwi config file to actually show the file path that
is read in. This is especially an issue if more than
one kiwi file is read in during the build process.
* Wed Apr 02 2025 Rüdiger Oertel <ro@suse.de>
- also keep the ts binary, might be needed to provide timestamped logfiles
* Tue Apr 01 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation
Add information about new apk (Alpine) support
* Mon Mar 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for Alpine
Add apk repository and package manager support and provide
an integration test build for the Alpine distribution
* Mon Mar 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix F824 flake check for global assignments
* Mon Mar 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use metalink repos for local test builds
* Sat Mar 29 2025 Neal Gompa <ngompa@velocitylimitless.com>
- schema: Allow C as a valid locale
It should be permitted to set the "C.UTF-8" locale for minimal images
that are not preloaded with locales. The "C.UTF-8" locale has been
supported in Linux distributions for many years.
* Tue Mar 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.15 → 10.2.16
* Tue Mar 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support sourcetype setting on the commandline
Allow to specifiy the sourcetype(metalink|baseurl|mirrorlist)
also on the commandline via --set-repo/--add-repo options. So
far this was only possible as part of the kiwi description file
* Tue Mar 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.14 → 10.2.15
* Tue Mar 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix gh-pages deployment
poetry install was not called, thus sphinx was not present
* Tue Mar 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.13 → 10.2.14
* Mon Mar 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop use of travis-sphinx
According to the documentation of peaceiris/actions-gh-pages
the sphinx-build output can be directly consumed to publish
to github pages
* Mon Mar 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow stderr data in CommandProcess
Enhance poll_show_progress() method to allow polling on
stderr data too. The new parameter with_stderr is used
together with the dnf5 package manager. dnf5 has changed
in a way that a lot of useful information during the
install of packages is printed to stderr. From my perspective
a clear regression to former behavior but we can fix this
in kiwi to poll on both channels. This Fixes #2748
* Mon Mar 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support arch attribute for <users> section
Allow to setup users per arch. This Fixes #2737
* Mon Mar 24 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add Debian_12_update repo for testing with typer
Even though we will add support for the typer Cli with kiwi-11
I want our integration test images to be able to build with the
open PR #2751. Debian 12 is the only target in the support matrix
which uses a too old veryion of typer. Therefore to be able to
test this target I built a newer version of typer in an update
repo for Debian 12 and added it to the integration test
description
* Fri Mar 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed python3_sitelib for debbuild in OBS
* Fri Mar 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-agama
Service setup-systemd-proxy-env.path no longer exists
* Wed Mar 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Explicitly request shadow-utils
Make sure shadow-utils gets installed for rawhide
integration tests
* Wed Mar 12 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop test-image-suse-on-dnf test
This was just a "can this work" test but has no real
relevance for users since nobody would use dnf to build
a suse image, there is also no help when it does not
work. So let's drop this test build
* Thu Mar 06 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- distutils sysconfig is deprecated
Move to sysconfig module
* Tue Mar 04 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make integration tests to build outside of OBS
Update and extend all integration tests such that they also
build outside of the Open Build Service. Along with the changes
on the descriptions a simple build-tests.sh script was added
to drive the build process. The build is based on the kiwi
boxbuild plugin in container mode to build the tests
from a given build-tests directory. A new chapter to document
how to Build the Build Tests is also provided and referenced
on the github main page.
* Mon Mar 03 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add rd.kiwi.oem.luks.reencrypt_randompass
For OEM LUKS2 encrypted disk images in combination
with rd.kiwi.oem.luks.reencrypt. Reset insecure built time
passphrase with a random onetime passphrase
* Mon Mar 03 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.12 → 10.2.13
* Fri Feb 28 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Lookup CHRP loader instead of using a static name
On ppc the CHRP loader name can vary between distributions.
This commit adds a search method to lookup different ELF
loader names. In addition an integration test image for
Fedora was added. This Fixes #2741
* Wed Feb 26 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.11 → 10.2.12
* Wed Feb 26 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix profile env variable name regression
In the effort of adapting to the latest snapper in Issue #2697
we overlooked the after effect of a different variable name
in the profile environment with regards to $kiwi_btrfs_root_is_snapshot
and $kiwi_btrfs_root_is_snapper_snapshot. Image builds that
references the former variable name would be broken by the change.
This commit makes sure no regression is introduced by providing
both variants. This Fixes bsc#1237772
* Tue Feb 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix grub mkimage call for the ppc platform
The list of modules used to create a grub platform image for
ppc was the same list as used for the x86 bios platform.
This commit fixes this and also cleans up the inconsistency
and misleading names used for creating platform specific
output. This Fixes #2738
* Sun Feb 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.10 → 10.2.11
* Sun Feb 16 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update box plugin documentation
Add chapter about new container build feature. The
box plugin can now also run the build in containers
* Tue Feb 11 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- The ubuntu 20.04 github runner is closing down
Make sure to move to another runner for workloads which
still uses ubuntu 20.04
* Sun Feb 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.9 → 10.2.10
* Sun Feb 09 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Poetry build sdist timestamps set to epoch 0
Newer versions of poetry set the timestamp for all source
files to epoch 0. Such sources are not accepted by e.g
Debian FTP servers and in general I don't like when tools
changes their behavior just like that. This commit forces
an older version of poetry for the purpose of creating the
sdist tarball which then gets published on pypi. The
argumentation for reproducible builds by forcing source
files to a certain timestamp doesn't fly for me. I'm open
for any better solution though. This Fixes #2730
* Sun Feb 02 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.8 → 10.2.9
* Fri Jan 31 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Classify missing chkstat as debug message
chkstat is a distribution specific tool. If it is
present we use it, if not we don't but it's not worth
a warning. This Fixes #2711
* Thu Jan 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to run setfiles multi threaded
Use option -T0 for newer setfiles version.
This Fixes #2719
* Thu Jan 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add rd.kiwi.dialog.timeout option
Allow to configure the timeout value for dialogs displayed
by the kiwi dracut code. By default the timeout is set to
60 seconds. With the special value "off" the dialog will
never timeout. This Fixes #2718
* Thu Jan 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure copy actions does not drop context
Use shutil.copy2 to copy files preserving their
attributes in the grub BootLoader space.
This Fixes #2709
* Thu Jan 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Improve unit test for archive target_dir
Add a test case with absolute path in the target_dir
to make sure we never unpack the archive to the host
system. The actual issue was resolved together with
the implementation in #1953 and commit
78238a993c966d1229cd2fc1f5923673a90de14d
This Fixes #2701
* Thu Jan 30 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed profiled overlay imports
When building an image for profile: SOME and providing
an overlay directory named SOME/... kiwi will sync the
contents of this overlay directory to the root tree.
However it took the toplevel name SOME/ into account
which is unwanted because only the sub data structure
should be synced into the new root tree. This
Fixes #2690
* Mon Jan 27 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.7 → 10.2.8
* Mon Jan 27 2025 Ondrej Holecek <oholecek@suse.com>
- Use multipath child instead of parent device
On multipath systems we need to find underlying child device
instead of using parent device.
This prevents listing all parent devices for a multipath device
* Sat Jan 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase size for agama integration test build
Agama needs more space to build now
* Sat Jan 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed agama integration test
rubygem-byebug and rubygem-agama-yast seems to
no longer exist
* Sat Jan 25 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update TW integration tests
Package nscd was dropped from TW
* Wed Jan 22 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix documentation regarding URI styles
In reference to commit 760a65558f9e2e91d3eaa3a2f9503ff596984b48
the support for iso:// URI types was dropped some time ago.
However, the documentation was not properly updated. This
commit fixes it
* Tue Jan 21 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix return value of grub helper methods
The grub helper methods to find grub tools returns a
None value if the tool cannot be found. This None value
could be used later in a Command call where it will be
used in a join() command to log the resulting commandline.
This join() call then fails and raises an unhandled error
causing a stack trace in the application. This commit
fixes it
* Mon Jan 20 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added disk validation for duplicate installs
Installing the same image to different storage disks on the
same machine creates device conflicts with unexpected side
effects. This commit adds a validation based on the PTUUID
of the disk image to check if another device on the system
has the same ID and if yes, does not allow to install the
image again including a message which device takes the same
identifier. This references bsc#1228741
* Mon Jan 20 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed documentation for signing key attribute
The source locator name for local files was incorrect
* Sat Jan 18 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.6 → 10.2.7
* Sat Jan 18 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation
Added a new troubleshooting chapter as subsection to
the Build Host Constraints named Package Manager Behavior.
It serves the purpose to describe options for the customer
to change the default package manager behavior which
we from the kiwi side do not influence intentionally.
This is a followup change to bsc#1235448
* Tue Jan 14 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop still present tox artifacts
There were still some left over tox files and the
documentation contribution chapter was also wrong at
several places
* Mon Jan 13 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for reading optional pkgmgr env file
If there is a file .kiwi.package_manager.env in the root of
the image tree it will be read and put into the caller environment for
the selected package and repository manager. There are features
in e.g zypper which can only be used via env variables.
This Fixes bsc#1235448
* Mon Jan 13 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Auto convert unit test XML data to schema v8.3
* Mon Jan 13 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Rename btrfs_root_is_snapshot
Rename btrfs_root_is_snapshot to btrfs_root_is_snapper_snapshot.
This happens in preparation for the changes suggested in #2697
where we want to get rid of snapper specific btrfs code which
will be available in snapper natively soon. To make sure a btrfs
layout specific to snapper(and SUSE), the implicitly used attribute
named btrfs_root_is_snapshot now becomes explicit and its new
name will indicate that snapper sits behind it. Along with the
rename a XSLT stylesheet to automatically convert the old name
into the new name for schema v8.3 will be performed.
* Mon Jan 13 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.5 → 10.2.6
* Fri Jan 10 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed donate button target
* Wed Jan 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added LUKS reencryption support
Added rd.kiwi.oem.luks.reencrypt boot option consumed by the
kiwi-repart dracut module. For OEM LUKS2 encrypted disk images.
If set, reencrypts the disk prior an eventual resize and therefore
creates a new key pool and master key. The reencryption is advisable
if the image binary is not protected. With access to the image
binary it's possible to extract the luks header which then allows to
decrypt the data unless it was reencrypted. The reencryption process
only runs if the checksum of the luks header still matches the one
from the original disk image. Be aware that the reencryption will
ask for the passphrase if the image has been built with an initial
luks passphrase.
* Wed Jan 08 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed arm/tumbleweed/test-image-rpi
No ruby required for this integration test build
* Tue Jan 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Plain zipl loader needs boot partition
If the rootfs is something zipl cannot read, we need an
extra boot partition using a supported filesystem
* Tue Jan 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed IBM-Cloud-Standard profile
The test-image-MicroOS integration test builds an IBM-Cloud-Standard
profile as encrypted variant with a random key that is not protected
by an encrypted boot image. This doesn't make sense. Thus the
encryption setup for the IBM cloud standard build got removed.
Use the IBM-Cloud-Secure-Execution profile to test encrypted
secure linux builds
* Tue Jan 07 2025 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-qcow-openstack
rsh package was dropped from TW
* Tue Dec 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix genprotimg for s390 builds
A recent change on genprotimg now forbids to use --cert in
combination with --no-verify, even though this was allowed
before.
* Fri Dec 20 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix documentation for repo, package gpg settings
In contrast to the documentation, kiwi sets default values
for any gpg setting if not explicitly specified differently.
We want to avoid to inherit a behavior from how the distribution
packages the package manager. This commit fixes the documentation
to be in line with the implementation
* Thu Dec 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop insecure and unsupported md5 digest
Decommission the Checksum.md5() method and move all places
in code to sha256(). The md5 digest is considered insecure
and has also been removed from hashlib as a supported digest.
This Fixes #2696
* Thu Dec 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix config functions action
The action failed on the setup of the runtime because the upgrade
of pip failed.
* Thu Dec 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.4 → 10.2.5
* Mon Dec 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Changed systemfiles provider
Instead of providing a static list of filenames, provide a list
of package names. It is expected that the pilot of flake-pilot
resolves this list against the local package database to build
up the filelist for provisioning
* Sat Dec 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.3 → 10.2.4
* Wed Dec 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update system files setup for containers
The attribute provide_system_files creates a meta file in the
root tree named 'systemfiles'. The contents of this file were
produced by just a dump of the package database so far. For
a more generic use of this data some adaptions were needed.
First we allow to skip packages matching a pattern from being
part of the system files. Next we do not put ghost and doc
files into account. And last we handle library files in a different
file named 'systemfiles.libs' where we do not add symlink targets
if the target path is also part of the package. The consumer
of this information is flake-pilot which syncs that library system
files from the host via --copy-links. This allows a more generic
use with regards to versioned libraries e.g. libc
* Tue Dec 10 2024 Neal Gompa <ngompa@velocitylimitless.com>
- Drop /dev/pts from bind mount locations
This has created havoc in the Fedora build environments by
fully unmounting /dev/pts and breaking the builders for
subsquent tasks.
This is a partial revert of commit daf1323c5ded7e4e7783205f5e30457b40eb322f.
* Mon Dec 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unit test
* Sun Dec 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't take ghost files into account
When creating the system files information do not
take ghost files and artifact files into account
* Tue Dec 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.2 → 10.2.3
* Tue Dec 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update STYLEROOT to SUSE 2022
* Mon Dec 02 2024 John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
- Add support for loongarch64
This Fixes #2684
* Mon Dec 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix broken links in the documentation
* Mon Dec 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix legacy_bios_mode detection
The code in this method does not work correctly if the
firmware is set to 'bios'. In bios only mode the method
returned a false value which is incorrect as it should
return a true value in this case. Without this patch
ISO images will fail to boot because no loader gets
configured.
* Mon Dec 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added /dev/pts to bind mount locations
During runtime several kernel filesystems are bind mounted into
the image root system such that programs expecting it can work.
/dev/pts was not needed so far but seems to be a good addition
to the list to make tools like sudo to work properly when called
e.g. from a config.sh script. This Fixes #2686
* Fri Nov 29 2024 Adam Williamson <awilliam@redhat.com>
- xorriso: respect efiparttable and gpt_hybrid_mbr
This should make the xorriso-based ISO build path respect the
'efiparttable' and 'gpt_hybrid_mbr' settings when building a
UEFI-compatible image, making it write a GPT disk label by default
instead of an MBR (msdos) one. If it's building an image that is not
UEFI-compatible it will always write an MBR label, regardless of
this setting.
If 'gpt_hybrid_mbr' is set, xorriso will write an Ubuntu-style
MBR/GPT hybrid partition table, where the MBR partition table
includes a partition with type 00 and the bootable flag, as well
as the partition with type ee required by the UEFI spec. This
mildly violates the UEFI spec but may make the image bootable on
native BIOS or CSM firmwares which refuse to boot from a disk with
no partition marked 'bootable' in the MBR. If 'gpt_hybrid_mbr' is
not set, xorriso will write a strictly UEFI-spec compliant label,
with just the 'protective MBR' required by the UEFI spec (no
bootable partition) and the correct GPT partition table. Note
this is somewhat different from what gpt_hybrid_mbr does for
disk images.
Also, we now pass -compliance no_emul_toc when building ISOs, as
recommended by upstream in
https://lists.gnu.org/archive/html/bug-xorriso/2024-11/msg00012.html
This tool is generally always going to be building ISOs intended
for write-once use, not multi-session use (and which are rarely,
these days, written to physical discs at all anyway).
Signed-off-by: Adam Williamson <awilliam@redhat.com>
* Wed Nov 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added provide/require system files for containers
Added the attributes provide_system_files and require_system_files
to control the provider and requester of system files in
container image builds. systemfiles is a metadata file which
contains all files from the package database at call time.
It is used in flake-pilot to provision the systemfiles data
from the host into the container instance. One possible use
case for this data is a flake registration which uses a
base container that is derived from a runtime container but
all data from the runtime should be provisioned from the
host. Using this feature tightly couples the flake to the
host OS distribution and version.
* Wed Nov 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.1 → 10.2.2
* Wed Nov 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix scope issue
Increase livetime of the the compressor instances
to the livetime of RootImportOCI. They create temporary
files which are referenced later and need to live longer
than the block they got created in
* Tue Nov 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.2.0 → 10.2.1
* Mon Nov 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed use of fscreateoptions for iso type
The information for fscreateoptions was not passed along to the
tooling if a custom filesystem attribute was specified.
This Fixes #2681
* Mon Nov 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to derive from multiple containers
Add support for multi inheritance to the derived_from attribute
In the order of a comma seperated list of docker source URI's
a base tree is created. This was possible only with one container
so far and Fixes #2680 as well as jira#OBS-354
* Thu Nov 21 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.18 → 10.2.0
* Thu Nov 21 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add selinux test build to TW
Also update derived docker integration test to latest Leap
* Wed Nov 20 2024 Neal Gompa <ngompa@velocitylimitless.com>
- kiwi/schema: Fix allowed value type for ISO publisher and application ID
According to the spec, this should be constrained to 128 characters
but also allow quite a few other special characters (as well as spaces).
We didn't allow spaces in application ID, but allowed too much for Publisher.
Now we set up both correctly.
* Mon Nov 18 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix setup of kiwi environment variables
Some kiwi env vars are initialized with an empty value
and not overwritten if another value is provided. For
the selected variables an empty value setting is not
allowed because the schema also enforces the value to
be set at least once. In addition a helpful option
named --print-kiwi-env was added to the 'image info'
command which allows to print the environment variables
and their values.
* Tue Nov 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add random key support for LUKS encryption
Allow to pass luks="random". In random mode use the
generated keyfile as the only key to decrypt. This is
only secure if the generated initrd also gets protected
e.g. through encryption like it is done with the secure
linux execution on zSystems
* Thu Nov 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added development group in pyproject setup
generateDS and other tools are needed and were forgotten
to be added when we deleted the tox dependency
* Wed Nov 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added containers integration with OBS
When building in the Open Build Service (OBS) there is no way
to create outgoing connections from the build workers. To allow
the <containers> section to fetch containers from the SUSE
registry we need to apply an OCI URI translation into a local
path. The actual OCI container image is expected to be provided
by the obs backend on the worker. Along with this commit also an
integration test named test-image-disk-containers is provided.
This Fixes jira#OBS-351
* Sun Nov 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix rendering of SUSE docs
The SUSE documentation is produced through a conversion
of the ReST source into docbook. The name kiwi is reserved
in the index and needs to be referenced as kiwi-ng when
used as command.
* Sun Nov 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Remove tox dependency
tox was used as sort of a make target to run unit tests
and more in a python virtualenv. However, since we switched
everything to poetry it's no longer needed to let tox create
the python virtual environments. This commit moves the tox
targets into the Makefile and adapts the github workflow
files accordingly. In addition the scripts container based
tests were re-activated and fixed such that they succeed
again.
* Fri Nov 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix make build target
Move the actions done by the tox target into the
build target and call them there in a clean and easy
to spot sequence. There is no need to call tox to
prepare for the package submission, instead the
checks and poetry runs to prepare for the package
target should be called directly as part of the
build target. In the future we might get rid of
tox completely.
* Fri Nov 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.17 → 10.1.18
* Fri Nov 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed zipl caller environment
zipl gets confused with an active sysfs mount inside
the root tree at call time of zipl. This commit
umounts the /sys bind mount in the image tree prior
calling zipl
* Thu Oct 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix s390 test-image-disk build
Add missing kernel links used by suse tools
* Thu Oct 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.16 → 10.1.17
* Wed Oct 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix coloring of build_status.sh flags
Depending on the place of the status flag the color
setup might fail. This commit fixes it
* Wed Oct 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add pytest-container as optional dependency
The pyproject.toml listed pytest-container as dependency
but it is used only to run the container based integration
tests for the shell helper methods. For building the package
this dependency should not be pulled in
* Fri Oct 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix networking in erofs integration test
The network setup was systemd-networkd based but
the provided network config was not for systemd
* Wed Oct 23 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.15 → 10.1.16
* Wed Oct 23 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix erofs requires in spec
erofs-utils for SUSE only exists in Tumbleweed. The
former conditon would also add the requirement for ALP
and SLFO which is wrong. This commit fixes it
* Tue Oct 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add vagrantconfig rule for vagrant format
If the format="vagrant" attribute is set, a vagrantconfig
section becomes mandatory. This commit enforces this rule
on the schema. This Fixes #2666
* Mon Oct 21 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.14 → 10.1.15
* Thu Oct 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed sphinx_rtd_theme setup
Delete obsolete display_version attribute
* Thu Oct 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Evaluate eficsm everywhere
Fixed _supports_bios_modules() to take an eventually
provided eficsm setup into account. The grub config still
searches for i386 grub modules even if eficsm="false"
is set.
* Thu Oct 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed debian bootstrap script calls
Run scripts as commands with their native shebang and not
through bash. Not all debian package scripts uses bash, some
of them uses sh which can be a link to dash or other
interpreters. This Fixes #2660
* Thu Oct 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update TW integration tests
The package x86info was dropped from TW
* Wed Oct 16 2024 Dan Čermák <dcermak@suse.com>
- Turn DiskFormat into an ordinary class
- it does not need to be an abstract base class
- use f-strings where applicable instead of format()
- change return type of _custom_args_for_format from list to tuple
* Tue Oct 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add new containers section
Allow to specify references to OCI containers in the
image description like in the following example:
<containers source="registry.suse.com" backend="podman">
<container name="some" tag="some" path="/some/path"/>
</containers>
During the kiwi process the containers are fetched into a
temporary location and a systemd service is configured to
one time load the containers into the local registry at
first boot of the system. This Fixes #2663
* Fri Oct 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.13 → 10.1.14
* Fri Oct 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "Install usrmerge for Debian integration test"
This reverts commit 95ac861741f14c4f35611c16328384c18e53dcfb.
Solution needs to be provided in code
* Fri Oct 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install usrmerge for Debian integration test
* Mon Sep 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support older apt versions for bootstrap
This Fixes #2660
* Fri Sep 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Run package scripts in apt bootstrap phase
The bootstrap procedure based on apt only runs a manual
collection of package scripts. This commit refactors the
code that unpacks the bootstrap packages to a python
implementation and adds a method to run the bootstrap
scripts from all packages resolved by apt.
* Thu Sep 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.12 → 10.1.13
* Thu Sep 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix bundle extension for vagrant type
When bundling result files that uses a vagrant type,
kiwi creates them with the extension .vagrant.virtualbox.box
or .vagrant.libvirt.box. The bundler code renames them using
only the .box suffix which is too short as it is missing
the subformat information. This commit fixes it and keeps
this information in the result bundle file name.
This Fixes #2656
* Thu Sep 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use simple quotas (squota) for volumes
* Wed Sep 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add quota attribute to volume section
Allow to set quota per volume for the btrfs filesystem
This Fixes #2651
* Tue Sep 24 2024 Alyssa Rosenzweig <alyssa@rosenzweig.io>
- Fix globbing with exclude with regex
This fixes a collection of bugs when producing erofs images.
On one hand, this ensures that an exclude of `/sys` doesn't accidentally
match `/lib/libsystemd.so`, only `/sys/whatever`.
On the other hand, this ensures that `/dev/*` does match `/dev/vda` and
not just `/dev///////////`.
This fixes libsystemd.so getting dropped in Kiwi-built FEX images.
Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
* Tue Sep 24 2024 Alyssa Rosenzweig <alyssa@rosenzweig.io>
- Honour custom exclude for filesystem builds
All other call sites honour the custom exclude file, it's just this one
that needs to be fixed. This unblocks use of Kiwi for generating FEX
rootfs.
Closes: #2652
Signed-off-by: Alyssa Rosenzweig <alyssa@rosenzweig.io>
* Mon Sep 23 2024 Isaac True <isaac@is.having.coffee>
- test: storage: update clone_device tests with new block size
Signed-off-by: Isaac True <isaac@is.having.coffee>
* Fri Sep 20 2024 Isaac True <isaac@is.having.coffee>
- storage: clone_device: increase dd block size
Increasing the block size used for dd reduces the time needed to clone a
device.
Signed-off-by: Isaac True <isaac@is.having.coffee>
* Tue Sep 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.11 → 10.1.12
* Tue Sep 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add missing erofscompression validation
In the filesystem builder I forgot to evaluate the
erofscompression attribute. This Fixes #2647
* Mon Sep 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Include PI and comments in XSL stylesheets
So far comments and processing instructions (PI) were
ignored when applying the XSL stylesheets. This commit
updates all stylesheets to take them into account
* Fri Sep 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.10 → 10.1.11
* Fri Sep 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- doc: Add login information test build test images
* Fri Sep 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.9 → 10.1.10
* Thu Sep 12 2024 Michal Suchanek <msuchanek@suse.de>
- bootloader: Fix up ppc64 bootinfo again
To make the code look pretty extra newline is inserted at the start of
bootinfo file. This appears to break boot on Power9 PowerVM LPARs.
* Thu Sep 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for erofs
erofs is an alternative readonly filesystem that can be
used as alternative to squashfs. This Fixes #2633
* Thu Sep 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed enclave integration test
The SELinux policy of Fedora Rawhide when running completely in
an initrd is not suitable to let the system boot up. Thus the
current solution is to boot in permissive mode. A better solution
for the future would probably be a selinux policy for enclaves
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- limit eif_build requires to fedora >= 42
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.8 → 10.1.9
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added sshd to nitro-enclave integration test
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed container sync options
Do not exclude/filter any security/xattr capabilities.
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update container integration test
Add getcap to check on filesystem capabilities
* Wed Sep 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add new build type provides for enclave
Add a provides tag (read by the open buildservice) for the new
enclave builder. Also add a recommends to eif_builder in
the systemdeps-core meta package
* Tue Sep 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update enclave documentation
Fixup repo setup in the build documentation
* Tue Sep 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.7 → 10.1.8
* Tue Sep 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed enclave documentation
Path to the build test was not correct
* Tue Sep 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-nitro-enclave package list
Fixup package list to match Fedora rawhide
* Tue Sep 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move test-image-nitro-enclave to rawhide
* Tue Sep 10 2024 Michal Suchanek <msuchanek@suse.de>
- Fix ppc64 chrp bootinfo generation
* Mon Sep 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed documentation header
Fixed double H1 headers from the boxbuild tweaks chapter.
* Mon Sep 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.6 → 10.1.7
* Mon Sep 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move EXEC log message to the right place
The log information of the command execution was not printed
directly before the actual command invocation. There are other
actions after the log information (e.g Path.which) which itself
produce log information prior the real subprocess execution.
This is very misleading when reading the log file and fixed
in this commit.
* Mon Sep 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for architectures in deb source file
When apt resolves packages on a multiarch repo it can happen
that dependencies for packages from other architectures are
pulled into the solver process but are not provided by any
repository. To overcome this behavior the repository can
be setup to serve packages only for a specified architecture
or list of architectures. This is related to
OSInside/kiwi-descriptions#102
* Fri Sep 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.5 → 10.1.6
* Thu Sep 05 2024 Kostiantyn Astakhov <16296930+kastakhov@users.noreply.github.com>
- add allowExtraConfig and exportFlags to ovftool options
Add allowExtraConfig and exportFlags to ovftool options
* Thu Sep 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.4 → 10.1.5
* Wed Sep 04 2024 Steffen Winterfeldt <wfeldt@opensuse.org>
- create EFI/BOOT only if UEFI boot is intended
* Wed Sep 04 2024 Steffen Winterfeldt <wfeldt@opensuse.org>
- Fix boot support for ISO media on ppc64
add CHRP boot support for ppc64 and add xorriso option to avoid
file name reduction to MS-DOS compatible 8.3 format
* Tue Sep 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix initrd permissions
kiwi stored the initrd for ISO images as 600 which might
be too restrictive. This commit makes sure the initrd is
stored as 644 and Fixes bsc#1229257
* Tue Sep 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed ramdisk size setup
For setting up the brd rd_size option kiwi creates
99-brd.conf used at load time of the kernel brd driver.
The location for the conf file is set to /etc/modprobe.d/
However, in newer versions the location has changed to
/usr/lib/modprobe.d/ and /etc/modprobe.d is no longer
expected to exist. This commit makes sure /etc/modprobe.d
is created if not present.
* Tue Sep 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.3 → 10.1.4
* Mon Sep 02 2024 kastakhov <16296930+kastakhov@users.noreply.github.com>
- Add note about guestOS values for vmware ovftools.
* Mon Sep 02 2024 kastakhov <16296930+kastakhov@users.noreply.github.com>
- Add note about guestOS values for vmware platform.
* Mon Sep 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed resize of dos table type on s390
On s390, parted is used to detect the partition table type.
In contrast to blkid the name for DOS tables is reported
as 'msdos' and not 'dos' which impacts several conditions
in the kiwi initrd code which checks for 'dos'. This commit
fixes the get_partition_table_type() method to return a
consistent table name for DOS tables. This Fixes bsc#1228729
* Mon Sep 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "remove dependency on /usr/bin/python"
This reverts commit 15b450188483b567ca10bb459bf50ed90e905bb7.
The change provided here entirely broke kiwi in OBS. With this
patch applied every image build in OBS fails with the following
message: 'line 1: /usr/sbin/kiwi: No such file or directory'
* Mon Sep 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.2 → 10.1.3
* Sun Sep 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix bundle extension for archive types
When bundling result files that uses an archive type like
tbz or docker, kiwi creates them with the extension tar.xz/tar.gz
The bundler code only uses the extension from the last tuple
in a "." split which is wrong for "tar." filenames. This commit
adds an exception to the prefix rule for this output filenames
and Fixes #2628
* Sun Sep 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix ImageSystem mount procedure
The mount() method did not take custom partitions into account.
This commit fixes it. This Fixes #2619
* Tue Aug 27 2024 Petr Gajdos <pgajdos@suse.cz>
- remove dependency on /usr/bin/python
* Sun Aug 25 2024 Neal Gompa <ngompa@velocitylimitless.com>
- Add support for isomd5sum for tagging iso files
The isomd5sum tool suite is used and available on all supported
distributions except SUSE distributions, and is necessary to produce
conformant ISOs for most Linux distributions.
This change adds support for isomd5sum tool suite for kiwi, though
it does not extend the kiwi-live dracut module to use it. The upstream
dracut dmsquash-live module must be used instead.
Co-authored-by: Dan Čermák <dcermak@suse.com>
* Sat Aug 24 2024 Neal Gompa <ngompa@velocitylimitless.com>
- kiwi/builder/live: Log the correct value for Application ID
Since it is now possible to set a custom application ID, we want
to see this when it is being used for the image.
* Sat Aug 24 2024 Neal Gompa <ngompa@velocitylimitless.com>
- kiwi/builder/live: Clean up leftover dracut configuration file
The existence of this file breaks installers on live media that
sync the full filesystem to disk and are not aware of this configuration
before generating the target system initramfs.
* Fri Aug 23 2024 Neal Gompa <ngompa@velocitylimitless.com>
- Allow string versions and test "word" versions
There are descriptions out in the wild that use "non-numeric" versions
in their descriptions, particularly without separators for splitting.
This change switches all of this to strings rather than assuming
numbers and gracefully handles the single word case.
* Sat Aug 17 2024 Holden R. Fried <holdenrf2021@gmail.com>
- Add documentation for boxbuild tweaks
* Fri Aug 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed wrong log level on --logfile
When using --logfile, the log generated there matches the
stdout log (which without --debug, does not include any debug info).
This is in contrast to the automatically generated one in the
output directory, which always does and also not following the
way how it is documented. This Fixes #2503
* Mon Aug 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed arch flag for namedCollection
The arch flag in a namedCollection was not taken into account.
This commit fixes this and also makes sure the result information
is sorted and unique like we have it for the package lists.
This Fixes #2600
* Fri Aug 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix handling of zipl.conf in plain zipl bootloader
When using the plain zipl bootloader kiwi created a /etc/zipl.conf
file. However, this file was only useful during image build as it
points to a loop target device and geometry but does not represent
a proper config file to be used in the running system. In addition
the different distributors provides their own version and layout
of the zipl.conf to be used inside of the system and with their
respective tools. Thus this commit changes the way how kiwi operates
in a way that the zipl.conf used in the initial image only exists
during the image build process. An eventual present /etc/zipl.conf
will not be touched by kiwi. This Fixes #2597
* Thu Aug 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.1 → 10.1.2
* Thu Aug 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Improve error reporting for remote deployment
Add new method called show_log_and_quit which displays
the written error log file as a file box to the user
* Thu Aug 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-orthos integration test
Update the test such that you can also build it locally.
Change the remote installation target to be a ramdisk
for easy testing of remote deployments
* Thu Aug 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Setup default minimum volume size per filesystem
The former method provided a static value but there are huge
differences for the minimum size requirement of a filesystem.
For example extX is fine with 30MB whereas XFS requires 300MB.
This commit adds a more dynamic default value based on the
used filesystem.
* Wed Aug 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase default volume size
So far 30MB was set as default volume size which is by far
too small for a number of filesystems, e.g btrfs and also XFS.
This commit increases the default volume size such that all
modern filesystems builds if the default volume size is used.
* Wed Aug 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-raid
Apart from testing raid this integration test also tests
a certain LVM volume setup. The test has been updated
to use the btrfs filesystem because it has the most strict
size requirements.
* Tue Aug 06 2024 Dan Čermák <dcermak@suse.com>
- Use shutil.which for Path.which
* Tue Aug 06 2024 Dan Čermák <dcermak@suse.com>
- Drop Path.remove & Path.rename
Both methods were only used in one place each and it makes much more sense to
use the pathlib builtin methods instead
* Tue Aug 06 2024 Dan Čermák <dcermak@suse.com>
- Replace Path.create implementation with pathlib builtin
* Tue Aug 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.1.0 → 10.1.1
* Mon Aug 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Mandatory package scripts for Debian bootstrap
Make sure to run some mandatory package pre/post scripts
such that settings like /etc/passwd, a root user, etc..
exists. This action can also be done in post_bootstrap.sh
but I think it's better to do this in the core code
* Mon Aug 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.28 → 10.1.0
* Mon Aug 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- kiwi no longer uses debootstrap
For building Debian based images we used debootstrap to
bootstrap an empty root until apt-get could be used to
complete the job. This has now changed such hat apt-get
is also used for bootstrapping a new system. The concept
and also potential alternatives to the way kiwi bootstraps
Debian based systems can be found here:
* https://osinside.github.io/kiwi/working_with_images/build_without_debianbootstrap.html
Due to the drop of debootstrap it might happen that
package lists of existing image descriptions needs to be
extended with packages that were formerly pulled in by
debootstrap but did not get properly pulled in with the
new apt based bootstrap. As reference please check out the
integration tests from here:
* https://github.com/OSInside/kiwi/tree/main/build-tests/x86/ubuntu
* https://github.com/OSInside/kiwi/tree/main/build-tests/x86/debian
Thanks
* Mon Aug 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.27 → 10.0.28
* Sat Aug 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation
kiwi no longer uses debootstrap
* Fri Aug 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix test_process_result_bundle_as_rpm
* Fri Aug 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix Debian/Ubuntu integration tests
Remove package hacks for debootstrap, explicitly add
required packages and or configurations.
* Fri Aug 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop types-pkg_resources
Got removed from PyPI
* Wed Jul 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix test_process_result_bundle_as_rpm
os.path.basename was called on a MagicMock object which
sometimes confused pytest
* Wed Jul 31 2024 Neal Gompa <neal@gompa.dev>
- CI: Add testing against Python 3.13
Python 3.13 is shipping in Fedora Linux for Fedora Linux 41, so we
should ensure kiwi is tested against it. The testing setup is
based on the latest development version of 3.13 as it is not
yet released.
* Wed Jul 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix kiwi-repart restrictions
The kiwi repart dracut module reads a profile file and if it
does not exists it dies in the initrd. However, that profile
file is not mandatory for the main resize functionality. Thus
this commit turns this into a warning message. In addition
the module-setup for 90kiwi-repart makes sure to include
the required and optional profile files.
This Fixes bsc#1228118
* Tue Jul 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Do not exclude the .profile env file by default
kiwi's initrd modules read a .profile file which gets included
into the initrd produced at build time. To allow rebuild of a
host-only initrd from the booted system this information should
be present such that it is possible to re-use kiwi initrd code.
* Tue Jul 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Get rid of debootstrap
Replace debootstrap with an apt-get based pre-download of
packages followed by a dpkg-deb extraction.
This Fixes #2599
* Tue Jul 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.26 → 10.0.27
* Tue Jul 30 2024 Fabian Vogt <fvogt@suse.de>
- Fix dracut-interactive with systemd 256
With systemd 256, /usr (and thus also /bin/) is read-only in the initrd.
Move dracut-interactive and its .service into /run instead.
* Sun Jul 21 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.25 → 10.0.26
* Fri Jul 19 2024 Dmitri Popov <dpopov@suse.com>
- Revise scripts_testing.rst
* Fri Jul 19 2024 Dmitri Popov <dpopov@suse.com>
- Revise schema_extensions.rst
* Wed Jul 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Pass kernel cmdline to agama
In the agama integration test make sure to pass along
the kernel boot parameters to allow controlling the
behavior of agama better
* Mon Jul 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add <file> directive to incorporate custom files
Usually custom files are managed by placing them as overlay
files or archives. However, overlay files must be structured
inside of a root/ subdirectory and archive files are binary
data. It is therefore not straight forward to just reference
one or more files as source files to the image description
to be placed into the image. This commit adds a new <file>
element which allows to do this. This Fixes #1953
* Sun Jul 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.24 → 10.0.25
* Fri Jul 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix mocking of test_process_result_bundle_as_rpm
* Fri Jul 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed logging behavior of Compress::get_format
The get_format() method allows to check which compression format
a given input stream has. This is done by calling the supported
compression tools in a row and let them check if they can deal
with the provided data or not. As a result error messages are
logged for streams that some tool doesn't understand. However,
those error messages are no errors and only the result of the
checking. This information in the kiwi log file is confusing
and several users already complained when they see information
like:
EXEC: Failed with stderr: /usr/bin/xz: ...: File format not recognized
This commit changes how the compression tooling is called in a
way that no exception is raised (which leads to the above error message)
but the result returncode is used to decide on the success or
error of the respective compression tooling.
* Fri Jul 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to set custom ISO Application ID
Add new <type ... application_id="..."/> attribute to be set in
the ISO header main block. The application ID was used as identifier
in the legacy initrd code from former kiwi versions. Because of
this there is still the compat layer which sets an App ID as MBR
identifier string unless the new application_id overwrites it.
This Fixes #1810
* Fri Jul 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.23 → 10.0.24
* Thu Jul 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added integration test for SUSE agama installer
This integration test builds a self-install ISO image which
drops the SUSE Agama installer into a ramdisk for performing
an interactive installation procedure to test Agama
* Thu Jul 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add --set-type-attr and --set-release-version
Allow to set/overwrite type section attributes via the cmdline.
Allow to set/add the release-version element via the cmdline.
This Fixes #2478 and Fixes #2588
* Wed Jul 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update integration test for eficsm
Update the type of the Secure profile of the live image integration
test as well as the type of the simple-disk test to make use of the
eficsm="false" attribute to switch off CSM mode and test an EFI only
layout.
* Wed Jul 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add new eficsm type attribute
Allow to produce EFI/UEFI images without hybrid CSM
capabilities. This Fixes #2407
* Wed Jul 10 2024 Dmitri Popov <dpopov@suse.com>
- kiwi_plugin_architecture.rst
* Wed Jul 10 2024 Dmitri Popov <dpopov@suse.com>
- Revise kiwi_from_python.rst
* Wed Jul 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Wait for loop device detach to complete
Detaching a loop device via 'losetup -d' is an async operation.
Once the command returns the loop can still be associated with
the block special. Therefore this commit waits until the block
device got released or a timeout is hit. This Fixes #2580
* Tue Jul 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update requires for kiwi-systemdeps-disk-images
On Tumbleweed several changes caused tools like strings
or the codepage for mtools to be missing in a standard
installation. For building disk images especially EFI
capable ones with vendor information kiwi needs the above
tool. This commit adds the packages providing them on
Tumbleweed to the meta systemdeps for disk images.
This Fixes #2585
* Mon Jul 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Supplements are not understood by Debian/Ubuntu
* Fri Jul 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add new builder for enclaves
Add new EnclaveBuilder class which allows to build initrd-only
image types. The first enclave implementation covers aws-nitro
images produced via the eif_build tooling.
* Thu Jul 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Split out bash completion into a sub-package
Per review of the SUSE packaging team we should split out
the bash completion into its own sub-package to give users
better control over the completion feature.
* Thu Jul 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.22 → 10.0.23
* Thu Jul 04 2024 Neal Gompa <neal@gompa.dev>
- package: Add fully qualified provides for python3-kiwi in spec
On SUSE distributions, currently the expectation is that packages
built against the Python interpreter should have fully qualified
names in the form of pythonXY-<modulename>. Additionally, all other
Linux distributions prefer something similar in the form of
pythonX.Y-<modulename>.
This ensures we have those names so that distribution dependency
generation works as expected.
* Thu Jul 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for arch selector on volumes
The optional <volume ... arch=""/> attribute allows to create
the volume only if it matches the specified host architecture.
Multiple architecture names can be specified as comma separated
list.
* Wed Jun 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add rd.kiwi.oem.force_resize boot option
Forces the disk resize process on an OEM disk image.
If set, no sanity check for unpartitioned/free space
is performed and also an eventually configured
<oem-resize-once> configuration from the image description
will not be taken into account. This Fixes bsc#1224389
* Tue Jun 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed leap integration tests
For whatever reason procps is not longer pulled in by the
core dependencies. Thus we have to explicitly request it
* Thu Jun 20 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix potential race condition in loop detach
The call to 'losetup -d' is in fact an async operation. Once
the command returns the loop can still be associated with the
former file because it gets lazy unbound and releases later.
Prior re-use of the same loop device it is therefore required
to wait until the kernel event queue is processed.
* Wed Jun 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed repository include to image with dnf
When specifying a repository element with imageinclude="true",
kiwi permanently adds the repo file inside of the image.
The distribution standard path is used to store the repo
file in this case. With dnf a package manager exists that is
primarily used on Fedora and RHEL systems. Thus the standard
path for the repo files is set to "/etc/yum.repos.d".
However, dnf can also be used for other rpm based distributions
e.g SUSE. On such a system the default path does not exist
or is different because another package manager is the
default. This commit makes sure that the expected path is
created prior adding any repo files.
* Tue Jun 18 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.21 → 10.0.22
* Mon Jun 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed selinux labels for boot files
When kiwi calls the bootloader config and installation modules
several files gets created as unlabeled_t because the labeling
happened earlier. This commit ensures that setfiles gets called
after BootLoaderConfig and/or BootLoaderInstall has done its
job. This Fixes #2568
* Mon Jun 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add bash to package requirements
If there are script evaluations that does not specify
an interpreter, kiwi uses bash for it. The same applies
for sub-process invocations using shell pipelines. Thus
the bash shell is a required tool for kiwi under certain
circumstances. Further details in Issue #2567
* Wed Jun 12 2024 Pavel Zhukov <pavel@zhukoff.net>
- test-image-live: add shadow package
Fixes:
KiwiCommandError: chroot: stderr: /usr/bin/chroot: failed to run command ‘usermod’: No such file or directory
* Tue Jun 11 2024 Fabian Vogt <fvogt@suse.de>
- Fix displaying the image verification failure dialog
Kiwi must wait for the previous dialog to finish before showing another
one as it's the same systemd service behind it.
* Mon Jun 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to customize the path of the isoscan cowfile
Added rd.live.cowfile.path option to specify the cowfile at
any path below the isoscan-loop-mount. This Fixes #2554
* Mon Jun 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Better error handling on grub vendor dir lookup
The strings command is used to lookup the in-efi binary encoded
vendor path. However, if the strings or bash command is not availabe
on the build host, the command silently failed and moved into the
standard (non vendored) EFI boot path. This can lead to a broken
boot for those distros and image targets which requires a vendor
directory and should lead to an error message instead of a
successful image build. This Fixes #2565
* Mon Jun 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed profile variable settings for preferences
It's allowed to have multiple preferences sections. If those
sections provides the same value multiple times, e.g keytable,
the last one in the row will win. The setup of the variables
in .profile environment file for the preferences elements is
not following this rule and used the first section not the
last. This commit fixes the profile variables to match the
actual setup and Fixes #2560
* Thu Jun 06 2024 Dmitri Popov <dpopov@suse.com>
- Revise users.rst
* Thu Jun 06 2024 Dmitri Popov <dpopov@suse.com>
- REvise systemdeps.rst
* Thu Jun 06 2024 Dmitri Popov <dpopov@suse.com>
- Revise shell_scripts.rst
* Thu Jun 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add initrd boot option rd.kiwi.allow_plymouth
By default kiwi stops plymouth if present and active in the
initrd. Setting rd.kiwi.allow_plymouth will keep plymouth
active in the initrd including all effects that might have
to the available consoles. This is related to bsc#1214824
* Thu Jun 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop use of obsolete tool isconsole
isconsole was provided with the dropped kiwi-tools package.
It was a simple C application that checked the capabilities
of the current console. In the context of fbiterm it was just
used to provide proper error messages which fbiterm on its
own did not show. As also fbiterm is on its way to become
obsolete and isconsole is already no longer present, it's ok
to just drop that extra check and therefore keep the fbiterm
mode functional if one manages to include fbiterm and its
fonts into the initrd
* Tue Jun 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.20 → 10.0.21
* Mon Jun 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add missing write_meta_data method to BLS base
The standard bootloader interface class provided a method
named write_meta_data which is expected to be implemented
in the specialized bootloader implementation. For BLS
bootloaders this method was missing in the BLS base class.
write_meta_data can provide additional cmdline options
for booting. If not covered some boot options might be
missing. This patch fixes it
* Mon Jun 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix TW integration test to build outside OBS
* Mon Jun 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure BootLoaderConfig fixes are effective
The BootLoaderConfigGrub2 class has methods to fix the grub-mkconfig
generated files. It does that by mounting the system and changing the
respective files after the mkconfig call. However, after the change
the class instance stays open in combination with BootLoaderInstallGrub2
instance which itself under certain circumstances also mounts the
system to call grub-install. At the time grub-install is called it
cannot be guaranteed that all changes has been written unless an
explicit umount in the BootLoaderConfigGrub2 class instance happened.
This commit address the potential race condition.
* Mon Jun 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.19 → 10.0.20
* Mon Jun 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update rawhide integration test
Use new arch attribute for testing in the repository
element of the rawhide/test-image-live-disk integration
test.
* Sat Jun 01 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for arch attr in repository element
Allow to provide different repository sections per architecture
* Fri May 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add --list-profiles to image info
Allow to list available profiles from the processed image
description
* Thu May 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.18 → 10.0.19
* Wed May 29 2024 Neal Gompa <neal@gompa.dev>
- package: Always include patches and number all sources and patches
This ensures that stuff is applied reliably and all sources and patches
are included as expected.
Then the added kiwi-revert-bls-default-for-suse.patch is applied
conditionally for SUSE distributions.
* Wed May 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.17 → 10.0.18
* Wed May 29 2024 Alberto Planas <aplanas@suse.com>
- package: adjust openSUSE patch
* Wed May 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.16 → 10.0.17
* Wed May 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed box plugin documentation
The provided example was no longer correct according to
changes on the image description referenced in the example
* Fri May 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add procps to Tumbleweed integration tests
* Thu May 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add procps to Tumbleweed integration tests
* Sun May 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix sdist upstream tarball contents
The .virtualenv.dev-requirements.txt file is referenced by tox.ini
but not put into the sdist tarball and therefore missing in the
pypi upstream data.
* Fri May 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop use of obsolete pkg_resources
As documented in https://setuptools.pypa.io/en/latest/pkg_resources.html
the use of pkg_resources is obsolete and will cause issues.
So happened on Debian unstable. This Fixes #2548
* Thu May 09 2024 Adam Williamson <awilliam@redhat.com>
- RepositoryDnf5: correct defaults, set system_cachedir
The "defaults" in `use_default_location` here are the dnf4
defaults, not the dnf5 defaults, so let's update them. Also, for
dnf5, we need to set `system_cachedir` instead of `cachedir` -
see https://dnf5.readthedocs.io/en/latest/misc/caching.7.html ,
`system_cachedir` is the cache location used when running as
root, `cachedir` is the cache location used when running as a
regular user.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
* Wed May 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.15 → 10.0.16
* Wed May 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- poetry build doesn't like symlinks
The sdist tarball produced by poetry build does not include
all files and skipped symlinks in test/data. This caused the
unit test run to fail if called from within that sources
* Wed May 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix spec file
Require docopt-ng for Fedora 41+
* Tue May 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.14 → 10.0.15
* Tue May 07 2024 Dmitri Popov <dpopov@suse.com>
- REview runtime_configuration.rst
* Tue May 07 2024 Dmitri Popov <dpopov@suse.com>
- Review repository_setup.rst
* Thu May 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for stopsignal in containerconfig
Allow to specify the stopsignal via the containerconfig
element as the following example shows
<type image="docker">
<containerconfig ...>
<stopsignal>SIGINT</stopsignal>
</containerconfig>
</type>
This Fixes #2543
* Thu May 02 2024 Steffen Winterfeldt <wfeldt@opensuse.org>
- Fix set_disk_password to be effective
Since commit 8aa517eb7 it is necessary to call
_mount_device_and_volumes() prior making any modifications
to boot files. In addition handle potential errors
from the grub.cfg modification better.
* Thu May 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update Makefile
Make sure custom patches are part of the package sources
* Thu May 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.13 → 10.0.14
* Thu May 02 2024 Neal Gompa <neal@gompa.dev>
- doc: Document the bls option for the grub bootloader
* Wed May 01 2024 Neal Gompa <ngompa@opensuse.org>
- Temporarily revert grub-bls default to false for SUSE distributions
For the time being, SUSE distributions cannot handle KIWI's default
to use BLS with GRUB2. Until they catch up, revert this for them only.
* Wed May 01 2024 Neal Gompa <neal@gompa.dev>
- kiwi/bootloader: restore backward compatibility for grub2 with bls
The change to introduce the bls parameter broke backward compatibility
with all existing kiwi descriptions for distributions that default to BLS.
This fixes that by allowing the unset state to be equivalent to enabling it.
Fixes: 8a8190098cb30358459ba10a4db1ba6446eee8c2
* Tue Apr 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.12 → 10.0.13
* Mon Apr 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Overwrite compression setting only if randomized
When building an encrypted image, the bundler never compressed
the result. This overwrite from the runtime configuration and
the default compression setting actually only makes sense when
the image is randomized because only then a compression is
for sure useless. This Fixes #2540
* Mon Apr 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure lsblk output is sorted by dev name
lsblk without the sorting option can provide the list
of devices in different order. This patch makes sure
lsblk sorts the output by the device name.
This Fixes bsc#1223374
* Fri Apr 26 2024 Romain Geissler <romain.geissler@amadeus.com>
- Stop leaking plugins/{priorities,versionlock}.conf file with dnf4/5.
This fixes the fedora issue
https://bugzilla.redhat.com/show_bug.cgi?id=2270364
Signed-off-by: Romain Geissler <romain.geissler@amadeus.com>
* Fri Apr 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix luks_randomize setting
Make sure the value passed for luks_randomize in the description
becomes effective. It was not possible to switch off luks_randomize
because any "not" value was turned into a true value. The actual
default should therefore only apply in case luks_randomize is
not specified at all which means only a None value will turn
into a true value for this setting.
* Fri Apr 26 2024 Adam Williamson <awilliam@redhat.com>
- Fix package removal with dnf5
dnf5 does not implement `dnf autoremove <package>` as a synonym
for `--setopt=clean_requirements_on_remove=true remove <package>`
as dnf4 did. So, we should do it this way instead.
Signed-off-by: Adam Williamson <awilliam@redhat.com>
* Thu Apr 25 2024 Alberto Planas <aplanas@suse.com>
- Add 'bls' parameter for the bootloader
* Sat Apr 20 2024 Iván Chavero <ichavero@chavero.com.mx>
- Fix efifatimagesize attribute type
The efifatimagesize attribute type value is set to "oem" but the documentation says
that it is intended to be also used for creating ISO images. This causes a schema error
when this attribute is set on a profile with type "iso" and blocks changing the EFI
boot image size which is a problem if the image is bigger than 20M. This commit
allows to specify the attribute also for the "iso" type
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add missing tool requires
Latest changes on the bundler used sed and file
which were not required by the spec. This is
related to bsc#1221790
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add vmdk format to test-image-bundle-format
Allow to check if the bundle format rename is applied
in the new bundle reference checker code
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix file references in kiwi bundler result files
When using a custom bundle_format the kiwi result bundler renames
the output files to match the bundle_format. However, if there are
output files that references other output files, for example the
vmware binary (.vmdk) in the guest config file (.vmx) then this
renaming breaks those result files. This patch adds a reference
file check for all non binary output files if they contain a
reference to another output file and updates the data accordingly.
This Fixes bsc#1221790
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't compress vmdk images
Like with qcow2 it's not expected that the format type gets
compressed in the bundle
* Fri Apr 19 2024 Alberto Planas <aplanas@suse.com>
- kiwi.rnc: define bls parameter for bootloader
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Keep runtime_checker_metadata.yml as module file
It was a bad idea to install a mandatory source file outside
the module path. This prevents running kiwi from source
* Fri Apr 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed Arch build
Forgot to add install of runtime_checker_metadata.yml
* Thu Apr 18 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update tumbleweed/test-image-disk integration test
* Thu Apr 18 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Handle XSLT errors better
Make sure etree.XSLTApplyError is a known error in the kiwi
scope and raise an appropriate exception
* Wed Apr 17 2024 Dmitri Popov <dpopov@suse.com>
- Revise profiles.rst
* Wed Apr 17 2024 Dmitri Popov <dpopov@suse.com>
- Revise packages.rst
* Wed Apr 17 2024 Dmitri Popov <dpopov@suse.com>
- Revise customize_the_boot_process.rst
* Wed Apr 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.11 → 10.0.12
* Mon Apr 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop concept of volumes_mounted_initially
The volume mount should be the same process no matter
if it happens for the first time or subsequently
* Mon Apr 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed mountpoint to use for read-only property
Make sure get_mountpoint() is used to retrieve the correct
mountpoint for the root entry point. Using the self.mountpoint
member is not always correct
* Mon Apr 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Prevent extra volume mount/umount on btrfs
For setting up the read-only property an extra mount of the
btrfs sub-volumes was issued. However, all volumes are mounted
at that time. Thus it's not required to mount them again, resulting
in a busy state because of the auto-snapshot mounts which does
not get umounted and keeps a busy state until the lazy umount
kicks in. This Fixes #2529
* Fri Apr 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added IBM Secure Execution support on s390
IBM SEL(Secure Execution for Linux) is supported for s390
KVM guests. SEL images used to start a confidential computing
protected guest contain an encrypted boot image which encapsulates
the kernel the initrd and the bootparams. The encrypted Image is
provided by the KVM/hypervisor to the Embedded zFirmware of the
system (the ultravisor device). The decryption keys are hardware
based and each system has an individual keypool unique to that
system. The root filesystem is LUKS encrypted with a random key
produced by kiwi at build time and kept inside of the initrd which
exists only inside of the encrypted boot image and the encrypted
rootfs to allow kernel updates. The commit to support secure
execution also comes with an integration test that provides
profiled image builds to target SUSE's LinuxONE as well
as IBM Cloud systems.
* Tue Apr 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix typo in documentation main page
Superfluous format sequence
* Mon Apr 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added another search path for signed EFI binaries
Add /usr/lib/grub/*-efi-signed to search for shim signed EFI
binaries too. This Fixes #2525
* Mon Apr 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed runtime checks for dracut module packages
Unfortunately the packaging of kiwi on Debian follows different
naming conventions for dracut module packages which causes
the runtime check to fail. This commit allows to check for
multiple package names and adds the variants used on Debian.
This Fixes #2524
* Thu Apr 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.10 → 10.0.11
* Wed Apr 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add schema upgrade opportunity for old schemas
kiwi files using a schema version < 7.4 are no longer supported
by kiwi >= v10.x.x. Thus this commit provides the required
XSL stylesheets to upgrade older schemas to v74 such that they
can be consumed by the latest kiwi version. The needed xsltproc
instruction is placed on the main page of the documentation.
* Wed Apr 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete kiwi compat mode
The compat mode allowed a kiwi v7 legacy argument translation
and is obsolete since a long time
* Wed Apr 03 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make excludes in bootstrap effective for dnf
Followup fix to really use the ignore information in the dnf
package manager implementation. This Fixes #2499
* Thu Mar 28 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.9 → 10.0.10
* Wed Mar 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.8 → 10.0.9
* Wed Mar 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix setup of discoverable partitions
Make sure GUI is unique and typecode is set according to the
standard. This Fixes #2517
* Tue Mar 26 2024 Dmitri Popov <dpopov@suse.com>
- Revise customize_boot
* Mon Mar 25 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Live ISO Wait for udev events after repart
Make sure to wait for the event queue to become empty after
the creation of the write partition. When kiwi calls the
code to create the write partition this emits new udev events.
It's important to wait for the event queue to become empty
to avoid a potential regression on the use of the device nodes.
In the processing of the events it can happen that a device
gets removed and re-added. If we don't want for udev
to process the entire queue it can happen that the
wrong block device is used. This wrong selection is only
possible because the way how hybrid ISOs are designed exposes
both, the disk and the partition for the root device with
the same label. This Fixes bsc#1213595
* Sat Mar 23 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.7 → 10.0.8
* Fri Mar 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix zipl setup for use with custom btrfs root vol
In the setup case that btrfs is used for the system and
the root partition is on a custom named volume (not /),
this information was not passed to the zipl bootloader
instance and this caused the mounting of the overall
root system to fail. This commit fixes it
* Fri Mar 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow ignore stanza in bootstrap
So far the <ignore> stanza was only effective when placed
as part of the type="image" packages section. This commit
allows to place it also to the type="bootstrap" packages.
This Fixes #2499
* Wed Mar 20 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.6 → 10.0.7
* Tue Mar 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for %v in bundle format
Allow a placeholder for the entire version text as
provided by the <version> section
* Tue Mar 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow bundle format to be set on the commandline
The bundle format is usually specified as part of the image
description in the bundle_format attribute. This commit also
allows to specify/overwrite the bundle format in the kiwi
result bundle command via the new --bundle-format option.
This Fixes #2509
* Tue Mar 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.5 → 10.0.6
* Mon Mar 18 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup cleanup of zipl templates
Make sure temporary modifications to the zipl template
and config file are not effective in the later system.
This Fixes bsc#1221469
* Thu Mar 14 2024 Dmitri Popov <dpopov@suse.com>
- Revise system_update.rst
* Thu Mar 14 2024 Dmitri Popov <dpopov@suse.com>
- Revise system_prepare.rst
* Wed Mar 13 2024 Dmitri Popov <dpopov@suse.com>
- Revise system_create.rst
* Wed Mar 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.4 → 10.0.5
* Wed Mar 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Followup fix for use of /boot/zipl
The mounting of /boot/zipl is also only required if the
bootloader is set to grub2_s390x_emu
* Wed Mar 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update schema version in spec file
* Tue Mar 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop rpm-dir from allowed repository type
Using an arbitrary list of rpm packages as repository is a zypper
only feature, barely tested and from our pov not really needed
as a simple createrepo call turns any custom list of packages
into a clean rpm-md repo including metadata. This commit drops
rpm-dir from the list of allowed repository types and auto
converts those image descriptions which makes use of it. Please
note this does not prevent users from using flat package
directories with zypper, because the type argument in the
repository section is an optional attribute. In case there is
no type specification zypper auto-detects and handles the data
as it handles it. This Fixes #1926
* Tue Mar 12 2024 Dmitri Popov <dpopov@suse.com>
- Revise system_build.rst
* Tue Mar 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup use of /boot/zipl
Only for the grub2_s390x_emu bootloader setup an optional boot
partition setup must be put to /boot/zipl rather than to /boot
* Mon Mar 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Lookup distro provided BLS entries for zipl
Check if there is already an entry file name produced by the
distribution logic/policy. If we can find an already present
entry name, prefer this name over the kiwi naming policy
* Mon Mar 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install audit in s390 rawhide integration test
* Sun Mar 10 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.3 → 10.0.4
* Sat Mar 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete invalid EPEL repo from rawhide tests
* Fri Mar 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix s390 tools and grub requirement
On Fedora/RHEL this is named s390utils and there is no grub2
* Fri Mar 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added rawhide integration test
* Fri Mar 08 2024 Dmitri Popov <dpopov@suse.com>
- Temp commit
* Thu Mar 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.2 → 10.0.3
* Thu Mar 07 2024 Dmitri Popov <dpopov@suse.com>
- Revise image_size, kiwi
* Thu Mar 07 2024 Neal Gompa <neal@gompa.dev>
- Ensure we use a compatible docopt-ng version
To ensure our trick to switch between docopt and docopt-ng works,
we need to have a higher minimum version for docopt-ng where
compatibility with the original docopt was restored.
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed delta_root build
The support for delta_root allows to build a delta container
image from a given base container. Due to the refactoring of
the kiwi code base using context managers no explicit deletion
of instances happens anymore. This uncovered a weakness of
the delta root code at the level of the overlay mount. At
the time of the umount there are still active temporary
mount handlers which keeps the mountpoint busy. In order to
fix this properly also the PackageManager factory is now
a context manager and the Repository factory received a
cleanup method which is called when the PackageManager goes
out of scope. This refactoring also fixes the busy state
when building deltas
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.1 → 10.0.2
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't use poetry publish
Publishing to pypi is done via pypa/gh-action-pypi-publish
and the respective auth token. Calling poetry publish does
not work because this is not authorized
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 10.0.0 → 10.0.1
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop ci-kiwi-9-compliant.yml
Delete this action as it existed in the intermediate state
prior the new major version v10.x.x
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add tzdata to Debian tests
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed sync script for test-image-rpi on Ubuntu
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install language-pack-en for Ubuntu arm test
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install locales-all for Debian tests
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install language-pack-en for Debian tests
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix repo setup for Ubuntu arm test
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install network stack for Debian test
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Request util-linux explicitly for Ubuntu tests
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add usr-is-merged to package list for bootstrap
* Wed Mar 06 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install language-pack-en for Ubuntu tests
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Ubuntu integration tests to Lunar
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-rpi for Ubuntu on arm
Do not install kiwi as test application
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix repo setup for Debian integration tests
Staging repo must be first for higher prio
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-docker-derived
Don't install kiwi as test application, use something
smaller, just vim
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Debian build test from Buster to Bookworm
Move from Debian 11 to Debian 12 for integration testing
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Ubuntu integration tests from Jammy to Mantic
Use Ubuntu 23.10 for the integration tests and move away from 22.04
* Tue Mar 05 2024 Neal Gompa <neal@gompa.dev>
- Switch to Poetry and use pyproject.toml definitions
This allows kiwi to be built, developed, tested, and installed
through Poetry. This also raises the minimum Python version to 3.9.
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete test-image-microdnf
microdnf is dead and dnf5 took over
* Tue Mar 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete test-image-live-disk-v8
CentOS-8 is EOL and dropped from upstream kiwi
* Tue Mar 05 2024 Dmitri Popov <dpopov@suse.com>
- Revise image info
* Mon Mar 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for BLS zipl
Add support for <bootloader name="zipl" .../> to support BLS
based zipl configuration. This Fixes #2481
* Fri Mar 01 2024 Dmitri Popov <dpopov@suse.com>
- Review Build WSL container
* Fri Mar 01 2024 Dmitri Popov <dpopov@suse.com>
- Revise Build simple disk
* Thu Feb 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update v9 compliance action
put the cherry-pick tests into an extra script and
provide a skip list of commits for manual checking
if needed
* Thu Feb 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix activation of luks pool in the initrd
kiwi called systemd-cryptsetup directly which does not take
the settings available in /etc/crypttab into account. This
commit changes the activation procedure in a way that the
generator created unit file systemd-cryptsetup@... is used
This Fixes bsc#1219009
* Thu Feb 29 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Apply changelog fixes by glob
Does not require Makefile changes when maintaining branches
* Wed Feb 28 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add changelog fix file for commit deb6ca
The commit used a wrong e-mail address which should not
land in the created changes file for the packaging
* Wed Feb 28 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Set default output console to gfxterm for grub
If no console setting is done in the image description for grub
the default output console is set to: gfxterm and the default
input console is set to: console. This Fixes bsc#1219074
* Wed Feb 28 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Catch error condition more specific
Only a KiwiCommandError is an exception we want to
catch and handle, everything else is a bug and should
not be masked
* Tue Feb 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add silent flag to CommandCapabilities
an instance of CommandCapabilities allows to check for specific
options of a command. If the parsing of options has failed a
warning message is created by default. Under certain circumstances
like the check for the --help option of setfiles, such a warning
message can be misleading information in the build log file.
Therefore the new silent flag allows to suppress the warning
message and the flag is used for the capabilities of the
setfiles utility. This Fixes #2350
* Tue Feb 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix documentation preferlvm example
The custom volumes example shows a faulty XML description.
This Fixes #2483
* Tue Feb 27 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move SystemPrepare to context manager
Change the SystemPrepare class to context manager.
All code using SystemPrepare was updated to the following
with statement:
with SystemPrepare(...) as system_prepare:
system_prepare.some_member()
This completes the refactoring from finalizers to
context managers and Fixes #2412
* Mon Feb 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fallback to built-in partition UUID table
If systemd-id128 is not found or failed use the kiwi built-in
table as defined by the UAPI group to assign the partition UUID
* Mon Feb 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move DiskFormat to context manager
Change the DiskFormat Factory to be a context manager.
All code using DiskFormat was updated to the following
with statement:
with DiskFormat(...).new as disk_format:
disk_format.some_member()
This is related to Issue #2412
* Sat Feb 24 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added requirement for xmltodict to spec
Actually the real issue to this defect seems to live in the
anymarkup source code. It seems that the import of xmltodict
at the beginning of the core module is optional, but later on
when handling XML xmltodict seems to be mandatory, see here:
https://github.com/bkabrda/anymarkup-core/blob/08896a8215819edcc413e3f2588518046
9a4c2ed/anymarkup_core/__init__.py#L210-L229. Because this
issue can result in a "ImportError: Can't parse xml: xmltodict not installed"
turning kiwi into a bad exit condition I propose to add
this python requirement to the kiwi spec as a workaround and
try fixing the anymarkup packaging and module setup upstream
in addition. To my knowledge all relevant distributions
provides xmltodict
* Sat Feb 24 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed type hint for pinch_system method
The PackageManager argument is allowed to be optional
* Sat Feb 24 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for discoverable partitions
Set PARTUUID according to systemd-id128 if applicable
This Fixes #1385
* Thu Feb 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Repository to context manager
Change the Repository Factory to be a context manager.
All code using Repository was updated to the following
with statement:
with Repository(...).new as repo:
repo.some_member()
This is related to Issue #2412
* Thu Feb 22 2024 Dmitri Popov <dpopov@suse.com>
- Build LiveISO review
* Wed Feb 21 2024 Dmitri Popov <dpopov@suse.com>
- Buil KIS review
* Wed Feb 21 2024 Dmitri Popov <dpopov@suse.com>
- Build expandable disk review
* Wed Feb 21 2024 Dmitri Popov <dpopov@suse.com>
- Build container image review
* Wed Feb 21 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow terminal emulation setup from the cmdline
Using rd.kiwi.term will export the TERM variable into the initrd
environment. In case the default value for the terminal emulation
is not appropriate rd.kiwi.term can be used to overwrite the default.
The environment is also passed to the systemd unit which calls
dialog based programs in kiwi dracut code, such that the TERM
setting will be effective there too. For example:
rd.kiwi.term=vt100
This is related to bsc#1218095
* Tue Feb 20 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed implementation for oem-shutdown
If specified oem-shutdown caused a reboot -f -p which is
a powerdown but not a graceful shutdown. This commit fixes
this by using systemctl halt for a clean shutdown.
This Fixes #2474
* Mon Feb 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move VolumeManager to context manager
Change the VolumeManager Factory to be a context manager.
All code using VolumeManager was updated to the following
with statement:
with VolumeManager(...).new as volume_manager:
volume_manager.some_member()
This is related to Issue #2412
* Mon Feb 19 2024 Dan Čermák <45594031+dcermak@users.noreply.github.com>
- Refactor Command class
Command.run() currently has a bit of a confusing behavior: if raise_on_error is
False and the executable is not found, then a weird CommandT is returned (return
code is -1 and stdout+stderr is None). This makes it possible to hanlde command
not found errors separately, but it makes that needlessly verbose. So instead,
let's just return None in *this* special case.
That in turn uncovered, that in most cases when we set `raise_on_error=True`, we
actually want an error if the command is not present but no error if the command
fails to execute (e.g. because it returns -1 if you run `$cmd --version`). Hence we
introduce the flag `raise_on_command_not_found`, which causes an exception to
be raised if the command is not found. This makes it independent of the
`raise_on_error` flag.
Additionally, we add a small optimization: if command starts with /, then we
assume it's a full path and we omit the call to which (and just check whether it
exists).
Co-authored-by: Marcus Schäfer <marcus.schaefer@gmail.com>
* Mon Feb 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move ImageSystem to context manager
Change the ImageSystem class to context manager.
All code using ImageSystem was updated to the following
with statement:
with ImageSystem(...) as image_system:
image_system.some_member()
This is related to Issue #2412
* Mon Feb 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow empty cherry-picks for compliance test
If we cherry-pick from main to master the compliance check
will notice that a commit already exists. This is not an error
and we can allow to continue the picking via --allow-empty
* Mon Feb 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Followup fix for .profile.extra
Allow to source .profile.extra such that it is possible to
read and act on e.g cmdline parameters. This is related to
bsc#1218095
* Sun Feb 18 2024 Alexandre Detiste <alexandre.detiste@gmail.com>
- Use unittest.mock from core python everywhere
mock was an independent module that has been merged into the Python standard library.
* Fri Feb 16 2024 David Cassany <dcassany@suse.com>
- Include partprobe in initrd for s390
This commit includes partprobe, in addition to parted, on
s390 based systems. Otherwise partx is used and apparently
it does not properly support s390.
Fixes bsc#1219798
Signed-off-by: David Cassany <dcassany@suse.com>
* Fri Feb 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed MicroOS integration test
temporarily disable ignition/combustion/growpart and use
kiwi's resize code for testing, oem-resize set to true
* Thu Feb 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed kis documentation
The procedure to run qemu with a filesystem image as disk
was not quite correct.
* Wed Feb 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation about partition clones
Using the root_clone attribute comes with some requirements
and consequences. This commit documents them
* Wed Feb 14 2024 Fabian Vogt <fvogt@suse.de>
- Improve documentation generation
With Sphinx >= 6.0.0, jQuery is no longer included but the rtd theme's search
functionality needs it. The theme was changed to load sphinxcontrib-jquery
automatically with https://github.com/readthedocs/sphinx_rtd_theme/pull/1399,
but kiwi broke this fix by loading the theme in the wrong way.
Now that the theme is loaded properly, the search functionality also works
with newer versions of sphinx again and the version pinning can be lifted.
This Fixes: #2462
* Wed Feb 14 2024 Fabian Vogt <fvogt@suse.de>
- Allow specifying the filesystem for live image, also direct squashfs
Allow specifying the filesystem for live image, also direct squashfs
By setting <type image="iso" filesystem="FSTYPE" .../> it's now possible
to specify the filesystem used for live images. By using "squashfs", the
rootfs container is skipped entirely.
* Wed Feb 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for reading .profile.extra in initrd
If there is the file /.profile.extra available in the
initrd, kiwi will import this additional environment file
after the import of the standard /.profile file.
This is related to bsc#1218095
* Wed Feb 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't run ci-kiwi-9-compliant action on forks
* Tue Feb 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix setup of UUID for btrfs
When setting up the UUID for a btrfs filesystem via btrfstune
it could happen that the call becomes interactive asking
a question and give a recommendation. All this is unwanted
and can be forced via the -f switch. This Fixes #2456
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move OCI to context manager
Change the OCI Factory to be a context manager.
All code using OCI was updated to the following
with statement:
with OCI(...).new as oci:
oci.some_member()
This is related to Issue #2412
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop destructor from CommandProcess
There is code that sends a SIGTERM to the process in case
there is no error code information. I believe in this case
sending SIGTERM will not kill the process (defunct) and I
also don't see in what good condition we would be entering
this state.
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed use of custom bootloader
In case no bootloader implementation by kiwi should be
used, users can specify the bootloader="custom" attribute.
Instead of skipping the bootloader stage in the builders
it is better to consistently create an instance of bootloader
but raise if a method of the bootloader interface is called
for which the custom bootloader has no implementation. This
commit adds the consistency bits.
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed scope of BootLoaderConfig instance
Due to the refactor of BootLoaderConfig into context managers
we had two instances of BootLoaderConfig. However, the first
instance holds data the second instance needs which caused an
issue. This commit makes sure there is one BootLoaderInstance
within the lifetime of required services
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow integration test to build outside of obs too
* Mon Feb 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Follow up fix for drop obsolete C tools from kiwi
The spec file make call to build the C code was forgotten
to be deleted
* Sun Feb 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop obsolete C tools from kiwi
For building custom initrd images kiwi provided some
optional helper tools. All these C written tools are
old and outdated and either not useful anymore or
replaced by other tools that are part of the distribution
matrix we support. Thus with the move to the next
major release those can go away. This also include the
package kiwi-tools which was used to provide them
* Wed Feb 07 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation
Several examples still pointed to Leap 15.3 repos, but we are
at Leap 15.5. Thus this commit shifts towards Leap 15.5
* Mon Feb 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Remove destructor from BootLoaderInstallGrub2
With MountManager as context manager the BootLoaderInstallGrub2
class doesn't need a destructor anymore. This is related
to Issue #2412
* Mon Feb 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Remove obsolete destructor from BootImageDracut
With MountManager as context manager the BootImageDracut
class doesn't need a destructor anymore. This is
related to Issue #2412
* Mon Feb 05 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Raid Luks and Integrity to context manager
Change the RaidDevice, LuksDevice and IntegrityDevice classes
to context manager:
with RaidDevice(...) as raid:
raid.some_member()
with LuksDevice(...) as luks:
luks.some_member()
with IntegrityDevice(...) as integrity:
integrity.some_member()
In the context of the disk builder an ExitStack is used to
handle the new context manager based classes
This is related to Issue #2412
* Fri Feb 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix error message regarding ovftool
For ova support kiwi still uses the proprietary ovftool
from VMware. The error message if the tool could not be
found was broken and the link to the VMware page was also
outdated.
* Fri Feb 02 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop PDF build of the documentation
The kiwi.pdf file as provided in the kiwi-man-pages package
was never really used by our users but comes with a huge
dependency chain to LaTex. We provide the documentation
online as well as converted to DocBook from where all other
formats could be derived. Thus there is no need for us to
produce an extra PDF document which is imho never consulted.
In addition to this change also the contributing chapter has
been reworked. Due to recent changes and drop of obsolete
components from kiwi as well as the effort to move the development
setup to poetry, there is only one non python tool needed
for the development of kiwi. The check for this tool has been
moved into the Makefile and all other checks formerly done
in the helper/install_devel_packages script were deleted.
* Wed Jan 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix crypto LUKS integration test
The integration test build also encrypts /boot which requires
grub to open the LUKS pool using cryptomount. grub does not support
the argonID salted password hashes. Thus the integration test
description configures pbkdf2 instead
* Wed Jan 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use ExitStack for MountManagers
* Wed Jan 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Only pass appropriate bootloader arguments
When constructing a BootLoaderConfig instance only pass
arguments appropriate to the selected bootloader. It does
not hurt but it is bad style and unnecessary data and
code points if e.g grub relevant information is passed
when we actually setup systemd-boot
* Wed Jan 31 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix reading of os-release file
If the /etc/os-release file contains comments or spaces
python's csv reader will throw an exception. Thus this
data must be ripped out prior reading
* Tue Jan 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to use Literal for all python versions
* Tue Jan 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Better error message on module import
* Tue Jan 30 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move Disk to context manager
Change the Disk class to be a context manager.
All code using Disk was updated to the following
with statement:
with Disk(...) as disk:
disk.some_member()
This is related to Issue #2412
* Fri Jan 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-rpi for TW
No need to pull in zypper plugin that does not resolve on TW
* Fri Jan 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update documentation
drop documentation for isolinux in API and user docs
* Fri Jan 26 2024 Dan Čermák <dcermak@suse.com>
- Fix invalid escape sequence
* Fri Jan 26 2024 Dan Čermák <dcermak@suse.com>
- Add missing assert call to install_test
* Fri Jan 26 2024 Dan Čermák <dcermak@suse.com>
- Correct type hint of mbrid parameter
* Fri Jan 26 2024 Dan Čermák <dcermak@suse.com>
- Convert BootLoaderConfigBase into an abstract base class
* Fri Jan 26 2024 Dan Čermák <dcermak@suse.com>
- Convert BootLoaderConfig to free function
The class serves really no purpose except for creating another
namespace. This function now allows us to have more stricter type checking.
* Fri Jan 26 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- better function name
* Mon Jan 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop support for syslinux/isolinux
SYSLINUX has been abandoned for several years now, and it does not
even work with modern versions of the filesystems supported in kiwi.
This commit drops it and Fixes #2433
* Mon Jan 22 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update build tests
Delete use of syslinux/isolinux
* Fri Jan 19 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move BootLoaderConfig to context manager
Change the BootLoaderConfig class to be a context manager.
All code using BootLoaderConfig was updated to the following
with statement:
with BootLoaderConfig.new(...) as bootloader_config:
bootloader_config.some_member()
This is related to Issue #2412
* Fri Jan 19 2024 Dan Čermák <dcermak@suse.com>
- [docs] make copyright year dynamic
* Fri Jan 19 2024 Dan Čermák <dcermak@suse.com>
- Silence Shellcheck warning SC2004
It causes false positives in array expressions,
e.g. device_array[${device_index}]
(see: https://www.shellcheck.net/wiki/SC2004)
* Fri Jan 19 2024 Dan Čermák <dcermak@suse.com>
- Quote shell variables to prevent word splitting
this fixes shellcheck warning SC2086
https://www.shellcheck.net/wiki/SC2086
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- Add type hints & doc to VolumeManagerBase & VolumeManagerBtrfs
Also add additional tests for test coverage of typing edge cases
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- Correct invalid escape sequence
\/ is not a valid escape sequence, it just needs to be forwarded to the shell
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- DiskBuilder: use ExitStack to unmount partitions
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- FileSystemBase & VolumeManagerBase: return a MountManager from sync_data
This allows us to unmount the filesystems via the returned context manager
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- Don't catch all exceptions in MountManager.umount
* Thu Jan 18 2024 Dan Čermák <dcermak@suse.com>
- Implement a context manager interface for MountManager
* Wed Jan 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update Debian distro for integration tests
We require python >= 3.9
* Wed Jan 17 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Refactor disk builder for use with context manager
In preparation to further context manager related changes
in VolumeManager, LuksDevice, RaidDevice and more the
disk builder code which uses these classes needs to be
refactored beforehand to allow switching to context
manager based cascading of the storage device classes.
This commit does the refactoring and is related to
Issue #2412
* Tue Jan 16 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Follow up fix for drop of hybrid boot snippets
The following is left over code from the drop of the hybrid
boot templates.
* Tue Jan 16 2024 Neal Gompa <neal@gompa.dev>
- Drop hybrid boot snippets from the GRUB 2 configuration template
Sometime between GRUB 2.04 and GRUB 2.06, it became no longer
necessary to use "linuxefi"+"initrdefi" for UEFI boot. The
standard "linux"+"initrd" stanzas work for both legacy BIOS boot
and modern UEFI boot.
Some distributions no longer support "linuxefi"+"initrdefi" at all
anymore, so let's just use "linux"+"initrd" for everything now.
* Mon Jan 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't create default entry for sd-boot loader.conf
* Mon Jan 15 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Type cleanup, no use of Any type in disk builder
Use proper Union declaration for system variable and add
consistency layer into Filesystem/VolumeManager classes to
meet the type declaration as well as to simplify further
refactoring on these classes
* Sun Jan 14 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Compat entry name for kernel-install in sd-boot
systemd-boot tools like kernel-install expect a certain
entry naming policy. This commit adapts kiwi to adapt to
this policy. The name for the default entry is constructed
out of the ID information from /etc/os-release followed
by the name of the kernel as it is represented by the
directory name in /lib/modules/... This Fixes #2417
* Sat Jan 13 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop SLE integration tests
The kiwi version for SLE is maintained in the git repos
* https://github.com/SUSE/kiwi_sle15
* https://github.com/SUSE/kiwi_sle12
and has its own set of QA integration tests in the internal
build service.
* Fri Jan 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Apply different cherry-pick strategy
cherry picking merge commits is not easily possible. Thus get
the list of commits and check if it can be applied in a series
* Fri Jan 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Reduce XSL transformation list
Minimum schema version to start with is v74
This Fixes #2368
* Fri Jan 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed custom ISO boot template
The archlinux integration test used a custom iso boot
template which still contained the terminal_setup variable.
This commit fixed the template to use the new terminal_input
and terminal_output variables
* Fri Jan 12 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete clicfs from documentation API
* Thu Jan 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move FileSystem to context manager
Change the FileSystem class to be a context manager. All code using
FileSystem was updated to the following with statement:
with FileSystem.new(...) as filesystem:
filesystem.some_member()
This is related to Issue #2412
* Thu Jan 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update unit test data to schema v8.0
* Thu Jan 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update major schema version from 7.6 -> 8.0
With the switch to schema v8.x we allow for non compatible
changes in regards to the v7.x stream. Thus this commit also
deletes the support for clicfs from the schema
* Thu Jan 11 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Drop clicfs support
clicfs was a fuse userspace implementation of an overlay
filesystem. Since overlayfs became the default overlay filesystem
there is no reason for kiwi to keep the clicfs support
* Wed Jan 10 2024 Dan Čermák <dcermak@suse.com>
- Use obsrepositories for the CentOS 9 image
We were relying on the repos being parsed from the kiwi description but this can
cause problems and gives us less flexibility when it comes to fixing repository
setup issues.
This fixes https://github.com/OSInside/kiwi/issues/2335
* Tue Jan 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.22 → 10.0.0
* Tue Jan 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move workflow runs to main branch
Make sure all github actions runs from main
* Tue Jan 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.21 → 9.25.22
* Tue Jan 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add compliance action
Check if the commits of a pull request can be cherry-picked to
the master, which is the kiwi v9.x.x code stream.
* Tue Jan 09 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed regression in GRUB_SERIAL_COMMAND setup
The condition to write the serial line setup was broken.
This commit fixes it. Related to Issue #2419
* Mon Jan 08 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed grub terminal setup
The grub terminal setup is divided into the setting for the output
and the input console. For both settings different parameters exists.
So far kiwi did not differentiate between the two parts of the
console setup and that could lead to a wrong setting if only one
value is provided in kiwi's console= attribute which lead to the
grub setting, GRUB_TERMINAL=value. If value is set to e.g gfxterm
grub takes this for both input and output and it's obviously
wrong for the input. To make this less error prune the kiwi code
changes with this commit to set GRUB_TERMINAL_INPUT and
GRUB_TERMINAL_OUTPUT rather than GRUB_TERMINAL and also runs sanity
checks on the provided values if they are applicable. The information
for setting up the console in the schema stays untouched though.
That's because it's used for all bootloaders and also because grub
supports multiple values for the console in/out setting in one
GRUB_TERMINAL variable even though kiwi does no longer use it.
To make this clear for the users also the documentation for the
console attribute setup has been updated. If we want to wish two
distinct attributes for input and output console settings a schema
change and also differentiation between bootloaders is needed and
that I only see for the kiwi-10 branch if at all. This Fixes #2419
* Thu Jan 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix tox.ini
python 3.12 unit target did not specify a 3.12 interpreter
* Thu Jan 04 2024 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix overwrite of kiwi_oemunattended
In case rd.kiwi.oem.installdevice is set, there is an overwrite
of the kiwi_oemunattended setting. However the variable was set
in local scope of a function and therefore the change was not
effective in other methods which also evaluates this variable.
This commit fixes it such that the overwrite happens in the early
initialize method which provides the environment for all code
running in the dracut module. This is related to jira#PED-7180
* Sat Dec 30 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move LoopDevice class to context manager
Change the LoopDevice class to be a context manager.
All code using LoopDevice was updated to the following
with statement:
with LoopDevice(...) as loop_provider:
loop_provider.some_member()
This is related to Issue #2412
* Fri Dec 29 2023 Neal Gompa <neal@gompa.dev>
- Ensure setfiles is detected inside the image-root
We do not actually use setfiles from the host, we use it from the
image root we create for the image build. Thus, we should look in
the image root instead of on the host system.
This prevents us from incorrectly detecting that setfiles is not
available for setting SELinux contexts.
Fixes: https://github.com/OSInside/kiwi/issues/2414
Fixes: 2a22901ddd11ae23b6724b5e1aaa4261f219ccb6
* Thu Dec 28 2023 Dan Čermák <dcermak@suse.com>
- Use xdist on the CI to speed up the test runs
* Thu Dec 28 2023 Dan Čermák <dcermak@suse.com>
- Add unit test job using python 3.12
* Thu Dec 28 2023 Dan Čermák <dcermak@suse.com>
- Only run the job for this python environment
* Thu Dec 28 2023 Dan Čermák <dcermak@suse.com>
- [ci] Switch runner to ubuntu-latest
* Thu Dec 28 2023 Dan Čermák <dcermak@suse.com>
- Add missing raw string identifier infront of regexes
* Tue Dec 26 2023 Jianhua Lu <lujianhua000@gmail.com>
- Allow target_blocksize to be available for kis image
* Sun Dec 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.20 → 9.25.21
* Sun Dec 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Cleanup tox targets
Align tox targets with github workflows and fix targets
not associated with a specific python version to use
the python3 version installed on the host
* Sun Dec 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.19 → 9.25.20
* Sun Dec 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unit tests for parallel invokation
* Fri Dec 15 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure selinux policy is effectively applied
setup_selinux_file_contexts is now called after the config.sh
script. This makes sure that eventual policy related changes
done in the optional config.sh are covered by a late setfiles
call. In addition setup_selinux_file_contexts is called again
at the end of any chroot based script hook. So we assume that
any optional script target can change the system in a way that
a new setfiles call might be required. It can happen that
setfiles is called more often than required but as we cannot
know what custom scripts does, it's better to call it more
often compared to not often enough. This Fixes bsc#1210604
* Thu Dec 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Decrease image size for encrypted integration test
Encrypted images do not compress well, therefore the size
should be smaller such that we don't produce monsters
* Thu Dec 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use ext4 for rawhide integration test
* Thu Dec 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed typo in error message
* Wed Dec 13 2023 Neal Gompa <neal@gompa.dev>
- package: Drop unused xorriso dep on dracut-kiwi-live subpackage
We do not actually use xorriso anywhere inside of the dracut module,
nor do we pull in any utilities from the xorriso package into the
generated initramfs anyway.
Fixes: https://github.com/OSInside/kiwi/issues/2404
* Mon Dec 11 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Set kpartx as default mapper tool for s390
Some time ago we moved the default partition mapper from
kpartx to partx to reduce a package dependencies.
However, on the s390 architecture partx does not work
proplerly on e.g DASD devices. Thus the default mapper
tool for this architecture will change to kpartx
with this PR
* Fri Dec 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-MicroOS
Incorporate latest changes from upstream MicroOS and
also add an encrypted profile build for testing
* Wed Dec 06 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Include either partx or partprobe to dracut
The code in the 99kiwi-lib dracut module can either use
partprobe or partx to do the job. We prefer partx over
partprobe and error out if none of them could be found
This Fixes #2400
* Tue Nov 28 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.18 → 9.25.19
* Thu Nov 23 2023 Alexandre Esse <alexandre.esse.dev@gmail.com>
- Fix typo in workflow overview doc section
* Wed Nov 22 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add missing documentation for oem-unattended-id
* Wed Nov 22 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow install disk overwrite from cmdline
Add rd.kiwi.oem.installdevice=DEVICE. Configures the disk device
that should be used in an OEM installation. This overwrites any
other oem device setting, e.g device filter or maxdisk and just
continues the installation on the given device. However, the
device must exist and must be a block special.
This Fixes jira#PED-7180
* Tue Nov 21 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update mailmap
* Fri Nov 10 2023 Kali <jehan.singh@suse.com>
- Replace the regex-based loader entry fix with string parsing (#2388)
A user building RHEL images ran into issues with the initrd.
It turns out that RHEL uses some patches that mean the
initrd/linux files in RHEL are not installed to /boot, which trips
up the original regex. The new fix doesn't rely on matching the
path in boot, instead just finding the initrd/linux files and rewriting
them in place.
This change also adds the pre-and-post fix loader entries to the debug logs.
Reference: https://bugzilla.suse.com/1208701
Fixes suse bsc#1208701
* Fri Nov 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix mbrid setup for read-only systems
On filesystems without a UUID (e.g squashfs) the fallback boot id
setup should apply if neither UUID nor MBR ID is present. This
is a followup fix for Issue #2391
* Thu Nov 09 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-disk-legacy test description
The configured embedded ESP image size is too big, max 30MB
are possible as El Torito boot load size
* Thu Nov 09 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't make toml a requirement
* Wed Nov 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed grub mbrid file search
To identify the root device for ISO images (live and install media)
that boots via grub2, kiwi uses a grub2 --file search. The searched
file was named /boot/mbrid, however this is not a unique name and
could be found on other devices of the system as well. To connect
the search to the correct media this commit changes the search to
an ID based method which is unique to the image build process.
This Fixes #2389
* Wed Nov 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't use kernel-install
kernel-install does a lot more then making the kernel available
to the ESP. It calls dracut, it creates loader entries and all
that is unexpected and also breaks the boot because the way
dracut is called in the image build case where host != target
leads to broken results. This commit refactors the systemd-boot
support in kiwi to prevent the use of kernel-install
* Wed Nov 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add check_efi_fat_image_has_correct_size
Add runtime check for to check that the efifatimagesize
does not exceed the max El Torito load size
* Tue Nov 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for ISO boot via systemd-boot
Create proper EFI FAT image via bootctl to be used as
alt loader in xorriso. This allows to boot the ISO
via EFI e.g kvm -bios /usr/share/qemu/ovmf-x86_64.bin -cdrom file.iso
Please note, hybrid boot is done via grub's hybrid MBR and
as systemd-boot does not provide one, hybrid boot is out
of scope yet. This Fixes #2281
* Sun Nov 05 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.17 → 9.25.18
* Wed Nov 01 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add partx to module-setup of kiwi-lib too
* Fri Oct 27 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Change partprobe fallback to partx
Informing the kernel about a new partition geometry can be done in a
busy state and is also effective for new devices and new mounts based
on the new geometry. busy state mounts of course will not see it until
swap of the busy state but a complete refuse of operation like it
happens with blockdev is imho not required. Just as partprobe, partx
is less restrictive on the busy state. That's why this commit changes
the partprobe fallback to use partx instead of blockdev
* Thu Oct 26 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Create live persistent storage without busy state
With the former logic the live ISO was already mounted when an
eventual persistent storage partition was created. This leads
to an issue on re-reading the partition table, not for all but
several tools. This commit changes the order of tasks such that
the setup of the persistent write storage is performed prior
mounting the live ISO. In addition to this change an alternative
method using blockdev to re-read the partition was added in case
partprobe is not present. This also allows to get rid of the
parted dependency which provides partprobe
* Tue Oct 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.16 → 9.25.17
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed argument processing of config.bootoptions
Instead of adding an extra space to make the subsequent reading
to work, use an awk script that does it without nasty workarounds
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow test-image-disk-ramdisk to be build locally
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.15 → 9.25.16
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed doc search field
The search in the documentation is broken with the rtd
schema and latest sphinx. Stick with sphinx 5.0.0 for the
moment which fixes the issue
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.14 → 9.25.15
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make codacy happy
* Mon Oct 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support release version in signkey URLs
Using one of the $releasever/${releasever} variable placeholders
in an URL as part of a <signing key="..."/> element did not replace
the placeholder with the value of the <release-version> element.
This commit fixes this and also makes sure that the result list
for downloading signing keys is unique. This Fixes #2381
* Sun Oct 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.13 → 9.25.14
* Sun Oct 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update pypi release to trusted workflow
* Fri Sep 22 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added unit test for testing grub prefix
Cover the condition if an extra boot partition is used
* Wed Sep 13 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support TOML markup
Allow to use TOML markup for the kiwi image description
This Fixes #2372
* Wed Sep 13 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix documentation for btrfs_set_default_volume
The behavior documentation regarding the fstab entry when
using the btrfs_set_default_volume attribute was wrong.
This commit fixes the docs to match the code. Related
to Issue #2366
* Wed Sep 13 2023 Radoslav Kolev <radoslav.kolev@suse.com>
- Fix typo in 'image results' doc section
* Wed Sep 13 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed root entry in fstab for btrfs layout
A root (/) entry in fstab for btrfs is only required if no
default volume is configured. This commit adapts the code
path which adds an fstab entry for (/) to be effective only
if btrfs_set_default_volume is set to false.
Additionally, the documentation around btrfs_set_default_volume
was clarified to describe the behavior the switch triggers.
This Fixes #2366
* Wed Sep 13 2023 David Cassany Viladomat <dcassany@suse.com>
- Remove community repository from Arch images
Community repository is no longer needed for the test image. OBS does
not pull any package from this repository and in Arch linux there is not
the concept of empty repositories, so the build fails in an OBS context
if this repository is included within the build stack.
Signed-off-by: David Cassany <dcassany@suse.com>
* Thu Sep 07 2023 Leif Liddy <leif.liddy@gmail.com>
- use / prefix when boot partition is used
* Fri Sep 01 2023 Leif Liddy <leif.liddy@gmail.com>
- use os.path.join to create path
os.path.join to create the path for the early_boot.write functions
this will prevent paths from containing double slashes //
* Thu Aug 31 2023 Neal Gompa <neal@gompa.dev>
- PKGBUILD: Drop unused Python dependencies
We haven't used some of these dependencies in years...
* Sat Aug 26 2023 Leif Liddy <leifliddy@users.noreply.github.com>
- add info on none console type
* Fri Aug 25 2023 Leif Liddy <leifliddy@users.noreply.github.com>
- allow value of GRUB_TERMINAL to be empty
allow value of GRUB_TERMINAL to be empty. When setting grub_console="none"
this now leads to an empty setting of GRUB_TERMINAL in the /etc/default/grub
system configuration file. This Fixes #2261
* Thu Aug 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.12 → 9.25.13
* Tue Aug 22 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed mounting of subvolumes for data sync
The subvolumes must be mounted below the root of the
filesystem tree such that the sync mechanism correctly
shuffles the data to the correct volumes.
This Fixes #2356
* Tue Aug 22 2023 Joerg Vehlow <joerg.vehlow@aox.de>
- Make verity metadata always readonly
If a partition is verity protected, it can never be writable,
since verity is by-definition read-only.
* Wed Aug 16 2023 Evan Goode <mail@evangoo.de>
- Require DNF 5 in Fedora >= 41, not Fedora > 38
The switch to DNF 5 has been postponed to (likely) Fedora 41.
* Tue Aug 15 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add kiwi_live_volid variable to profile
As part of the profile environment only the kiwi_install_volid
variable existed with the default value 'INSTALL'. This information
is correct when building an oem image with installiso set to
true. The resulting .install.iso image has the configured volid
or the mentioned default 'INSTALL'. However, when building a live
ISO image the default volid value is set to 'CDROM' but the profile
environment contains kiwi_install_volid which is misleading and
in case no volid is provided in the configuration file, the
default value would also be a wrong information. This commit cleans
up the mess and provides kiwi_install_volid for install ISO media
and kiwi_live_volid for Live ISO media with their respective
default values
* Tue Aug 15 2023 Tom Schraitle <tomschr@users.noreply.github.com>
- Add some hints about KIWI extensions and dependencies for SLE (#2348)
SUSE Linux Enterprise Server (SLES) has KIWI as a package.
However, some KIWI plugins and their dependencies can
be unavailable.
This commit introduces a new section which deals with this
aspect.
Fixes bsc#1209302
* Fri Aug 11 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Package lockdev no longer exists on TW
Update TW based integration tests and delete the install
of the lockdev package
* Thu Aug 10 2023 Tom Schraitle <tom_schr@web.de>
- Update GitHub Actions "actions/*" part
Update to the latest versions:
* actions/checkout@v3
* action/setup-python@v4
* action/cache@v3
* Wed Aug 09 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.11 → 9.25.12
* Wed Aug 09 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix double grub entries in hybrid ISO images
As consequence of using the "source" grub command instead
of the "configfile" command to load the grub config we now
see double loading of the same file on ISO media. The reason
here is that kiwi ISO media is always hybrid which means it
embeds an MBR into the ISO for which the "source" command now
can read the same file through two different device paths.
This does not happen with the "configfile" grub command.
Thus this patch uses "configfile" if we produce an ISO image
and "source" for all other image types. The commit also fixes
the custom grub template used for ISO images in a way that
we only set the "serial" command if there is a serial
configuration provided along with the image description.
* Thu Aug 03 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update x86/tumbleweed/test-image-systemd-boot
systemd package has been splitted and provides
systemd-boot in an extra package now
* Thu Aug 03 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Limit scope of grub _fix method
Only apply _fix_grub_to_support_dynamic_efi_and_bios_boot for
the x86_64 or ix86 architectures. This Fixes #2343
* Tue Aug 01 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.10 → 9.25.11
* Tue Aug 01 2023 Leif Liddy <leif.liddy@gmail.com>
- remove trailing whitespace
* Tue Aug 01 2023 Dan Čermák <dcermak@suse.com>
- rpm spec: add missing requires of typing_extensions for python < 3.8
* Tue Aug 01 2023 Dan Čermák <dcermak@suse.com>
- rpm spec: bump copyright year
* Tue Aug 01 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed linter errors
Latest changes regarding type hints introduced linter errors.
Also adapt the workflow run which is expected to detect them
* Tue Aug 01 2023 Leif Liddy <leif.liddy@gmail.com>
- add GRUB_TIMEOUT_STYLE menu option
revert trailing space removal
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.9 → 9.25.10
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed python interpreter for Release target
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.8 → 9.25.9
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed workflow interpreter name
Specifying py 3.10 has to be quoted
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.7 → 9.25.8
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed doc publishing
The github action to do this was still based on py3.6
but the latest changes on tox.ini requires a newer version
of tox which doesn't exist for py3.6. Thus run the workflow
on a newer python version
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.6 → 9.25.7
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix linter check, whitespace after :
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.5 → 9.25.6
* Mon Jul 31 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Pass rootflags if no default volume is set
In case of btrfs and if btrfs_set_default_volume is explicitly
switched off, we create the correct rootflags= kernel cmdline
entry to tell the system about the root volume for booting
* Thu Jul 27 2023 slowpeek <slowpeek@users.noreply.github.com>
- Use 'source' instead of 'configfile' in generated grub.cfg
Details are outlined in issue #2320
* Thu Jul 27 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure btrfs root volume is used when needed
With the possibility to switch off setting the default volume
an issue at other parts in the kiwi code which mounted the
btrfs based system were uncovered. Without any default volume
set it's required to transport the root volume if different
from / and pass the respective subvol= option to the mount.
This commit fixes it at the places where kiwi trusted btrfs
to have a correct default volume set
* Thu Jul 27 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- update Fedora integration test
The setting of a default volume is unwanted here
* Thu Jul 27 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- add btrfs_set_default_volume attribute
By default kiwi runs btrfs set-default on the volume that is
considered the default volume according to the btrfs settings
and defaults. btrfs_set_default_volume="false" allows
to deactivate this action. Along with the change also the
misleading name of the btrfs_create_toplevel_subvolume has
been changed to root_is_subvolume
* Tue Jul 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed check for extended attributes
Only if libc reports errno 95 Operation not supported the method
should return that extended attributes are not supported. Also
add a debug information about the result of the call to get further
information in the log file
* Tue Jul 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed call of tox for xdist
Passing arguments to modules called by tox has changed
its syntax
* Tue Jul 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Take subvol mount option for root into account
If the rootfs is btrfs based make sure the fstab entry for
it takes the name of the root subvolume into account
* Tue Jul 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix fallback secure boot setup
Don't copy the same file. This case happens when rebuilding
an image using --allow-existing-root when the fallback setup
has done its job already in the first run
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Fix type hints of IsoToolXorrIso.init_iso_creation_parameters
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- xorriso: handle case when isohdpfx.bin not found
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Fix type hints for the Pacman package manager
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Type hint the Path module
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Add better type hints to ContainerImageOCI and ContainerImageAppx
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Add ContainerImageBase abstract base class for OCI & Appx
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Add type hints to the Compress module
* Mon Jul 24 2023 Dan Čermák <dcermak@suse.com>
- Import modules in OCI.new() explicitly
Also, add a type hint to the return type of OCI.new() so that this can now be
verified with mypy
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update contributing chapter
Fix and update the information how to contribute. Due to
the latest changes in tox.ini some requirements regarding
the tox and python versions came up. This commit updates
the docs in this regard
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added py3.11 tox target
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed writing correct keyfile path to etc/crypttab
The keyfile path was not correctly set in etc/crypttab which
caused systemd not being able to read the keyfile, consequently
asking for a passphrase. This commit fixes the writing of the
crypttab and also fixes a python name clash with the "os"
namespace.
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Cleanup condition for SECURE_BOOT=yes|no
The statement serves the purpose for an if/else construction
to become a better read. In addition delete the probably
left-over print statement from the test
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete pyxattr from setup.py
Followup on Issue #2330. Forgot to delete pyxattr requirement
from setup.py
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add volid to profile for all ISO based image types
Add provided volume id (or the default value) to the profile
environment file for all ISO based image types. So far this
was only done for installation ISO media but not for simple
live ISO images.
* Mon Jul 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed mail address in spec file
* Thu Jul 20 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete (py)xattr module requirement
The required functionality is provided by the core os library
* Thu Jul 20 2023 Paul Gardiner <github@glidos.net>
- Fix failure when booting KIS via NBD
In the NBD booting case, the function initGlobalDevices in
kiwi-overlay-root.sh runs the command ndb-client to connect the remote NBD
share to the device /dev/nbd0. The script parse-kiwi-overlay.sh, on the
other hand, incorrectly parses overlay:nbd=ip:export to /dev/ip/export,
leading to the system waiting for /dev/ip/export to appear. This commit
corrects the problem.
With this change NDB booting of KIS images now succeeds, although only if
the ndb package is added to the appliance description.
* Wed Jul 19 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use bootpartition for Fedora integration test
When using btrfs with the proposed layout for testing the
delivered grub bios module for the Fedora system used to build
the integration test (FC37) is not capable to find the grub
config file. A manual call for configfile in the grub shell
fixes this with the existing kiwi created grub early-boot
script. However, it is expected that the delivered grub image
works and kiwi only creates its own one if no distro delivered
grub image was found. To make the integration test functional
for both BIOS and EFI the simple solution is to use an extra
not btrfs based boot partition. This still allows to test
the desired btrfs layout in terms of volumes and sub-volumes
and does not break on any of the boot methods.
* Wed Jul 19 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed apply_attributes_on_volume
Make the function call more robust in terms of path separation
* Wed Jul 19 2023 Dan Čermák <dcermak@suse.com>
- Use tox isolated_build instead of hardcoding the envdir
* Tue Jul 18 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add parent attribute to volume setup
For the btrfs volume management, allow to put a volume into a specific
parent volume. If not specified the volume is below the default volume
This Fixes #2316
* Tue Jul 18 2023 Jesus Bermudez Velazquez <jesus.bv@suse.com>
- Add SECURE_BOOT no when the firmware is efi
This Fixes bsc#1211102
* Sun Jul 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use btrfs for fedora/test-image-live-disk test
Change the Virtual profile to build a btrfs based image
for testing respective btrfs layouts
* Sun Jul 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add btrfs_create_toplevel_subvolume attribute
Allow to explicitly select if a toplevel subvolume should
be created or not. To avoid a behavior change, kiwi will
create a toplevel based btrfs structure if this attribute
is not specified. However, a deprecation message to inform
about future behavior change will be printed. This is
related to Issue #2316
* Wed Jul 12 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Evaluate the @root volume name also for btrfs
In a volume setup the special volume declaration
<volume name="@root=identifier"/> was only evaluated for the
LVM volume manager. In case of btrfs a hardcoded root volume
name '@' was used. This commit allows to specify a custom
name for the root volume for btrfs as well and also allows
to specify that there should be no such root volume.
Example:
<volume name="@root=@"/>
Name the root volume '@'. If not specified this stays as
the default to stay compatible
<volume name="@root=/"/>
Indicate no root volume is wanted. All subvolumes resides
below root (/)
<volume name="@root=foo"/>
Name the root volume 'foo'
This is related to Issue #2316 and a first patch to
address the requested changes
* Mon Jul 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.4 → 9.25.5
* Mon Jul 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed regression in bootloader config attr access
use_disk_password is not an attribute that exists in all
BootLoaderConfig instances. Thus it's a mistake to access
the attribute in the disk builder
* Mon Jul 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.3 → 9.25.4
* Mon Jul 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Load isoschematron module on demand
Due to a license issue the isoschematron code might not be
available in the lxml package from the distributor. This commit
uses isoschematron on demand. If present on the system it gets
loaded and used, if not a warning that the schematron validation
will be skipped is provided. This Fixes #2314
* Sat Jul 08 2023 slowpeek <slowpeek@users.noreply.github.com>
- Improve loopback.cfg example
submenu+source should be preferred over menuentry+configfile:
- submenu creates a new context, menuentry does not. As a result, changes made
to vars inside menuentry's braces pollute the current scope. In this particular
case what is notably wrong is root=loop happens in the current scope. If we
activate the "Boot from openSUSE ISO" menu entry and then press Esc to return
back to explore other menu entries, $root would still be set to 'loop'. Instead
of manually saving and restoring $root value it is better to wrap the whole
thing in a new context with submenu
- configfile is not just 'source in a new context', it has as least one side
effect. For details look for grub_err_printed_errors usage in [1] and [2] in
grub sources
[1] grub-core/normal/menu.c
[2] grub-core/normal/menu_entry.c
* Fri Jul 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.2 → 9.25.3
* Wed Jul 05 2023 Olaf Kirch <okir@suse.com>
- Add improvements for fully encrypted disk images
This commit adds more flexibility when using LUKS
encrypted images. In addition support for key derivation
on user provided passwords has been added. The following
new attributes were added to the schema:
type.luks_randomize
allow to enable/disable the data randomizing if luks
encryption is used
type.luks_pbkdf
When LUKS unlocks a key slot using a user provided
password, it uses a so-called key derivation function
to derive a symmetric encryption key from the password.
Not all boot loaders support all KDF algorithms, hence
this attribute can be used to select a specific algorithm
bootloader.use_disk_password
When /boot is encrypted, make the boot loader store the
password in its configuration file (in cleartext). This
is useful for full disk encryption images
Signed-off-by: Olaf Kirch <okir@suse.com>
* Wed Jul 05 2023 Olaf Kirch <okir@suse.com>
- Change location of LUKS keyfile to /root/.root.keyfile
In some configuration (eg on a transactional system), the root
file system is read-only, which means we will not be able to remove
the stale .root.keyfile after firstboot.
This patch changes the location of the keyfile and places it in
/root/.root.keyfile instead, because root's home directory is much
more likely to be read/write.
Also fixed the associated unit test (thanks to schaefi).
Signed-off-by: Olaf Kirch <okir@suse.com>
* Tue Jul 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add alternative re-reading of the partition table
To inform the kernel about disk geometry changes, kiwi uses
partprobe as a primary tool. However it is provided by parted
and not necessarily available due to the package requirements
on the dracut module. A second attempt via blockdev which
is expected to exist is therefore made by this commit
* Tue Jul 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Refactor the luks_device class data transport
Also add missing unit tests
* Mon Jul 03 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- test_get_build_type_bootloader_use_disk_password
Add missing unit test for use_disk_password attribute
* Fri Jun 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.1 → 9.25.2
* Fri Jun 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix repository setup for microdnf
An instance of the Repository class for microdnf has
to use RepositoryDnf4
* Fri Jun 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.25.0 → 9.25.1
* Wed Jun 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed image install of dnf package manager
If the package manager is set to 'dnf4', this name is
taken also as package name to install this package manager
into the image. Problem is 'dnf4' is not a valid package
name. The correct name for 'dnf4' is 'dnf'. This commit
fixes the name bug introduced with the changes for
Issue #2262
* Wed Jun 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.61 → 9.25.0
* Wed Jun 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add more details about used grub image(s)
* Sat Jun 10 2023 glaubway <me@lvfrfn.in.ua>
- make alias unique in any cases
* Thu Jun 01 2023 Steffen Winterfeldt <wfeldt@opensuse.org>
- The actual padding is 0. And switch to sha256.
* Mon May 29 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Change package manager dnf to dnf4
With dnf5 there is a successor for dnf but there will also
be a transition period where there will be both, the former
dnf and the new dnf5 available. For a clear distinction
between the two we got the recommendation from the RedHat
team to support both in different namespaces. This commit
now implements a backward compatible change for kiwi which
includes the following modifications:
* XSL stylesheet for automatic schema transformation from
<packagemanager>dnf</packagemanager> to
<packagemanager>dnf4</packagemanager>
* Code copy of dnf API interface from
PackageManagerDnf -> PackageManagerDnf4
RepositoryDnf -> RepositoryDnf4
* Deprecation of former Dnf API interface
The code change here will force developers to adapt
their code if they used RepositoryDnf / PackageManagerDnf
classes in their python code. After this change developers
will be dropped into a raise condition which exits kiwi
at the time of the call. Related to Issue #2300
and Issue #2262
* Thu May 25 2023 Hans-Peter Jansen <hp@urpla.net>
- Documentation: clearify dnf based collection selectors
With 89b5a6f5269, the selection of collections was changed to allow
group IDs only for dnf based package installers.
* Thu May 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update rawhide integration tests
Use dnf5 for rawhide. It's hard to differentiate between old and
new dnf version on Fedora Rawhide. Thus let's make the move to
dnf5. Since microdnf is also wrapped into dnf5 the integration
test for microdnf got renamed to dnf5
* Wed May 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for dnf5 package manager
dnf5 is the next generation of the dnf package manager.
dnf5 is not a drop in replacement to dnf which is the reason
why this commit adds a new interface class for package and
repository management under a new name: dnf5. Beginning with
Fedora >= 39 dnf5 will be the standard. Thus the requirements
on the packaging level were adapted too.
This Fixes #2300
This Fixes #2262
* Wed May 24 2023 Isaac True <isaac.true@canonical.com>
- dracut: modules.d: 90kiwi-overlay: add support for device mapper targets
Allow specifying a device mapper target for the root of the overlayfs.
This adds support for features like adding a dm-verity or dm-crypt
backend to the overlayfs.
A device mapper target can be specified using the following syntax on
the kernel command line:
root=overlay:MAPPER=verityRoot
This translates to using the path `/dev/mapper/verityRoot` as the base
of the overlayfs.
Signed-off-by: Isaac True <isaac.true@canonical.com>
* Wed May 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.60 → 9.24.61
* Tue May 23 2023 Isaac True <isaac.true@canonical.com>
- dracut: modules.d: 99kiwi-lib: add bash shebangs and dependency
The scripts in the kiwi-lib module use bash-specific syntax like
`function`, which causes the script to fail if another shell (like dash
or busybox) is used to interpret the scripts. Specifically set the shebang
to use bash as the shell interpreter and add bash as a dependency to the
dracut module to fix this.
This resolves the following errors which are printed at boot when
busybox tries to interpret the scripts:
/bin/dracut-pre-mount: 3: /lib/kiwi-filesystem-lib.sh: function: not found
/bin/dracut-pre-mount: 15: /lib/kiwi-filesystem-lib.sh: Syntax error: "}" unexpected
Signed-off-by: Isaac True <isaac.true@canonical.com>
* Mon May 22 2023 Jiri Srain <jsrain@suse.com>
- Do not depend on dnf for SUSE ALP
* Tue May 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added appx-util as WSL requires for Fedora/RHEL
Make sure the kiwi-systemdeps-containers-wsl meta package
pulls in the required tools for Fedora/RHEL when building
WSL containers. This is a followup to #2286
* Tue May 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add cpio to core systemdeps requires list
* Thu May 11 2023 Jan Löser <loeser@atix.de>
- Find correct `shimx64.efi` binary for EL derivatives
Sort globbing result by length and look for `shim[a-z]*.efi` pattern
first before falling back to `shim.efi`. This allows us to match
correct shim binary for SecureBoot enabled systems.
The following example shows the content of recent shim package from
AlmaLinux 9:
$ ls -1 ~/Downloads/shim-almalinux-x64/boot/efi/EFI/almalinux
BOOTX64.CSV
mmx64.efi
shim.efi
shimx64-almalinux.efi
shimx64.efi
Sorted globbing result is:
shimx64.efi
shimx64-almalinux.efi
First match wins (here `shimx64.efi`) which is the correct binary to be
used as it is signed by M$.
Was tested with shim packages for CentOS (x64, ia32, aarch64), Fedora 36
(x64), AlmaLinux 9 (x64, aarch64).
* Sat May 06 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.59 → 9.24.60
* Thu May 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to create plain cpio archives
Allow to create plain cpio archives to serve the idea
of the mkosi initrd concept
* Fri Apr 28 2023 Fabian Vogt <fvogt@suse.de>
- Fix restoration of grub2-install (bsc#1210948)
It checked for grub2-install.orig in the host, not the buildroot. This
meant that it left /usr/sbin/grub2-install as a noop.
* Fri Apr 28 2023 David Cassany <dcassany@suse.com>
- Use cross arch macros to interpret uint64_t
This commit adds inttypes.h to make use of PRIu64 style
macros in order to properly translate uint64_t across
different architectures. More specific this allows the
code to compile for ix86.
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Apr 25 2023 Jan Löser <loeser@atix.de>
- Look for specific `shimx64.efi` binary first
In CentOS, `/boot/efi/EFI/*/shim*.efi` extends to
`/boot/efi/EFI/centos/shimx64-centos.efi` which is not signed by M$ but
CentOS itself. This in turn does not boot on SecureBoot enabled systems.
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete score card
Too flaky, broken most of the time and I'm not sure
how much value it adds to the project overall
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix score card action
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update TW build tests
plymouth-plugin-script must be explicitly added now
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "Add zstd and xzio to grub image"
This reverts commit af8c702db0a60ed4abeba8686d4e8475c410c58d.
The grub modules does not exist in all grub installations.
A different implementation is required
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update TW integration tests
change theme from bgrt to breeze. TW has deleted bgrt
* Mon Apr 24 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed writing URIs including ASCII encoding
* Fri Apr 21 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Split container systemdeps in OCI and WSL
* Thu Apr 20 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update kiwi-systemdeps-containers requires list
Do not strictly require fb-util-for-appx. In order to create
WSL containers fb-util-for-appx is a requirement but usually
users create OCI containers and WSL containers are still a
niche case. Thus it's ok to reduce the requirement into a
recommends. This Fixes #2284
* Thu Apr 20 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Encode remote URLs
Special characters in a URL e.g the @ sign needs to be encoded
as part of a remote URL.
* Tue Apr 18 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix workflow run
* Tue Apr 18 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed Fedora prebuild EFI binary lookup
When creating CentOS/Fedora live media, kiwi does not install the
right signed grub2 EFI binary. This was caused by kiwi not being
aware of the gcdx64.efi(x86_64), gcdaa64.efi(aarch64) binaries
for CD/ISO boot. This Fixes #2270
* Thu Apr 13 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.58 → 9.24.59
* Thu Apr 13 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add zstd and xzio to grub image
If kiwi builds its own grub image, make sure the compression
algorithms zstd and xz are supported
* Wed Apr 12 2023 David Cassany <dcassany@suse.com>
- Adding a comment to explain the s390 specific path
Signed-off-by: David Cassany <dcassany@suse.com>
* Wed Apr 12 2023 David Cassany <dcassany@suse.com>
- Use parted only in s390 arch
This commit ensures parted is only called in dracut-kiwi-lib for s390
arch. It also fixes the spec to only require parted for
s390 builds.
In addition parted requirement has been removed from dracut-kiwi-live
package since parted is not used in any other dracut module beyond
kiwi-lib.
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Apr 04 2023 Jan Löser <loeser@atix.de>
- Add potential shim binary for Ubuntu
Looks like `shim*.efi` is gone in latest `shim-signed` package. The
package now contains `shimx64.efi.signed.latest` and
`shimx64.efi.signed.previous` binaries, let's take latest.
shim-signed_1.40.9+15.7-0ubuntu1_amd64/usr/lib/shim/:
total 4688
drwxr-xr-x. 3 root root 209 Jan 31 12:57 .
drwxr-xr-x. 3 root root 18 Jan 31 12:57 ..
- rw-r--r--. 1 root root 108 Jan 31 12:57 BOOTX64.CSV
- rwxr-xr-x. 1 root root 1622 Jan 31 12:57 is-not-revoked
drwxr-xr-x. 2 root root 25 Jan 31 12:57 mok
- rw-r--r--. 1 root root 950891 Jan 31 12:57 shimx64.efi
- rw-r--r--. 1 root root 962400 Jan 31 12:57 shimx64.efi.dualsigned
- rw-r--r--. 1 root root 960472 Jan 31 12:57 shimx64.efi.signed.latest
- rw-r--r--. 1 root root 955656 Jan 31 12:57 shimx64.efi.signed.previous
- rw-r--r--. 1 root root 88296 Jan 27 20:09 fbx64.efi
- rw-r--r--. 1 root root 860824 Jan 27 20:09 mmx64.efi
shim-signed_1.40.7+15.4-0ubuntu9_amd64/usr/lib/shim/:
total 3728
drwxr-xr-x. 3 root root 145 Aug 13 2021 .
drwxr-xr-x. 3 root root 18 Aug 13 2021 ..
- rw-r--r--. 1 root root 108 Aug 13 2021 BOOTX64.CSV
- rw-r--r--. 1 root root 85672 Aug 13 2021 fbx64.efi
- rw-r--r--. 1 root root 856232 Aug 13 2021 mmx64.efi
drwxr-xr-x. 2 root root 25 Aug 13 2021 mok
- rw-r--r--. 1 root root 947143 Aug 13 2021 shimx64.efi
- rw-r--r--. 1 root root 957576 Aug 13 2021 shimx64.efi.dualsigned
- rw-r--r--. 1 root root 955656 Aug 13 2021 shimx64.efi.signed
* Mon Apr 03 2023 David Cassany <dcassany@suse.com>
- Expand DASD partition table with parted
Signed-off-by: David Cassany <dcassany@suse.com>
* Thu Mar 30 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed evaluation of custom start sector
In case an alternative partition table start sector is
configured, the check to effectively apply it should be
based on the partition table type not on the firmware
name
* Thu Mar 30 2023 David Cassany <dcassany@suse.com>
- Add parted dependency for s390
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Mar 28 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.57 → 9.24.58
* Mon Mar 27 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Build leap btrfs test without root as snapshot
So far no btrfs integration test without root as snapshot existed
* Sat Mar 25 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support EFI boot from squashfs
grub supports reading from squashfs. If no extra bootloader
installation is required this allows to boot from a squashfs
rootfs without extra boot partition. The prebuilt grub images
usually does not contain the squash4 module which is the
reason why kiwi creates the EFI module itself if the system
is fully immutable. Please note; the grub configuration
must be provided manually as part of the image description
in this case because grub-mkconfig at the time it has to be
called has no write permissions anymore.
* Fri Mar 24 2023 Fabian Vogt <fvogt@suse.de>
- Fix /.snapshots mounting in the btrfs volume manager
The /@/.snapshots subvolume was not mounted as /.snapshots in the root
filesystem snapshot. This is now necessary for snapper to work.
While at it, create 1/snapshot as plain subvolume, it does not make sense
to snapshot @ itself.
* Thu Mar 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for config-host-overlay.sh script
* Thu Mar 16 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed build of dracut-kiwi-verity
The spec file was missing the package definition to actually
create the dracut-kiwi-verity package. In addition the fixed
setting to the C standard 17 caused build errors for me on
distributions that uses C standard 11/12.
* Wed Mar 15 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add selinux integration test for Leap
SUSE systems supports both, apparmor and selinux, whereas
apparmor is the default. As selinux requires to create security
labels during build time of an image, this integration test
checks if the labeling works for SUSE based OS'es.
This Fixes #2244
* Tue Mar 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow custom template evaluation for install ISO
So far only Live ISO images allowed for custom template usage
* Tue Mar 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix Arch Linux Live ISO integration test
Switch to grub for booting the ISO, for some reason isolinux
refused to work and there is no priority to dig into the issue.
This Fixes #2233
* Tue Mar 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix Arch Linux EFI install ISO integration test
kiwi has code in bootloader/template/grub2.py which uses
linuxefi/initrdefi commands according to the configured
grub_platform. These commands does not exist on Arch and
therefore the integration test provides its own ISO
template. This Fixes #2232
* Tue Mar 14 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add dracut-kiwi-verity dracut module package
When building an image with an embedded verity hash via the
embed_verity_metadata="true" type attribute it is required
to setup the device map at boot time accordingly. The dracut
module in this commit provides the needed tooling as a
POSIX C implementation which is able to read the kiwi embedded
verityhash from the offset of the partition. Kudos goes to
Isaac True <isaac.true@canonical.com>
Co-authored-by: Isaac True <isaac.true@canonical.com>
Signed-off-by: Isaac True <isaac.true@canonical.com>
* Mon Mar 13 2023 Joachim Gleissner <jgleissner@suse.com>
- (Re-)add support for 'anymarkup' < 0.5.0
Fall back to module 'anymarkup' if 'anymarkup_core' is not available.
* Sat Mar 11 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support UNIXNODE device names for overlayroot
When no other persistent naming schema can be used to
identify the device there should be the option to
specify the kernel unix device node name
* Fri Mar 10 2023 Joachim Gleissner <jgleissner@suse.com>
- Use module anymarkup-core instead of anymarkup
Use 'anymarkup-core' directly instead of wrapper 'anymarkup'.
* Thu Mar 09 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix permissions of live ISO system files
Make sure initrd and squashfs.img takes permissions o644
This Fixes #2246
* Wed Mar 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update TW test-image-rpi-overlay build test
It used rd.root.overlay.readonly but it meant rd.root.overlay.temporary
* Wed Mar 08 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed rd.root.overlay.readonly handling
Fix the option implementation to actually do what it is supposed
to do, boot the system in fll read-only mode. In addition a new
parameter named rd.root.overlay.temporary has been introduced
which allows to boot up in read-write mode but the write area
is a tmpfs. Thus persistency only during runtime. Updated the
documentation accordingly
* Tue Mar 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed tumbleweed build tests
opie no longer in TW
* Tue Mar 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed tumbleweed/test-image-azure
opie no longer in TW
* Tue Mar 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support PARTLABEL device names for overlayroot
When using GPT a partlabel exists that can also be used as a
device reference
* Tue Mar 07 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed kernel parameters for overlayroot setup
The device selection for the read-only and read-write devices
in an overlayroot setup was implicitly done in the kiwi-overlay
dracut module by reading the root= information. This is a
concept which barely works and should be refactored in a way
that the root= information always points to the root device
and that an eventually existing write location is explicitly
provided via the existing rd.root.overlay.write parameter
which is allowed to be overwritten for providing an alternative
write location. Making this information consistent and explicit
on the kernel commandline simplifies the dracut code to
consume this information correctly. This Fixes #2251
* Sun Mar 05 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed conditional options evaluation
The former condition caused the end result list to be empty
* Sat Feb 11 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for creating delta containers
Add new attribute delta_root="true|false" which in combination with
derived_from="OCI-base-image" allows to create a delta root tree
only containing the differences between the OCI-base-image and the
actions taken by the kiwi prepare step. Based on the delta root tree
the subsequent image creation process starts. Such an incomplete
root tree is only useful under certain circumstances which is also
the reason why the feature is only available to the oci and docker
image types.
* Fri Feb 10 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.56 → 9.24.57
* Sat Jan 28 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow squashfscompression for plain squashfs
The schematron rule to limit the squashfscompression attribute
to certain image types did not allow it for a plain squashfs
filesystem build. This commit fixes that limitation.
This Fixes #2241
* Wed Jan 18 2023 David Cassany <dcassany@suse.com>
- Use rsync defaults to sync the initrd root-tree
This commits makes use of rsync default options to sync
the root-tree of the boot image for custom initrds.
Fixes bsc#1207128 where it was noted hardlinks
were not preserved inside the initrd.
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Jan 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed wrong test assertions
Former versions of pytest did ignore invalid assertions.
Now they are reported as an error and show the mistakes
of the past
* Tue Jan 17 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added 90-brd.conf for test-image-disk-ramdisk
By default the brd ramdisk module is no longer added to the
initrd. For ramdisk deployments this is required though.
This Fixes #2230
* Sun Jan 15 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete CentOS v7 build tests
CentOS v7 is EOL for kiwi image build tests
* Thu Jan 05 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to specify fixed size for the root partition
So far the last partition (typically root) in the partition table
takes all the rest space of the partition table in the image file.
At deployment/boot time users had several options to let that
partition grow to a custom size. However, during build time of the
image it was not possible to specify a specific fixed size for the
root partition as we don't wanted to produce gaps of unpartitioned
space in the image file. It has turned out that there is hardware
available which requires a partition to be an exact multiple of
some blocksize. As kiwi supports size constraints for all other
partitions but not for root this commit now allows for it. The
oem-systemsize element is now also taken into account at build
time of the image if the oem-resize which would do that at
deployment/boot time is switched off like the following example
shows:
```xml
<oemconfig>
<!-- set root partition to 2048MB -->
<oem-systemsize>2048</oem-systemsize>
<oem-resize>false</oem-resize>
</oemconfig>
```
This Fixes #2203
* Wed Jan 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete ppc:fedora from testing report
* Wed Jan 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Remove Fedora PPC build test from index
The integration test unfortunately never got tested anywhere
is outdated and I have no PPC hardware here to run any tests.
Let's add a real test if there is demand for it
* Wed Jan 04 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added kiwi-settings for Fedora arm build tests
* Mon Jan 02 2023 Marcus Schäfer <marcus.schaefer@gmail.com>
- Pass along tmpdir to skopeo
When using the --temp-dir parameter, it was not passed to the
skopeo calls when building a container image with kiwi.
* Thu Dec 22 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow fat16/fat32 as filesystem in partitions
The partitions element allows to specify the filesystem for
the individual partition. In the schema fat16 and fat32 were
missing
* Thu Dec 22 2022 Robert Schweikert <rjschwei@suse.com>
- Support new bootloadersettings section
Allow to specify an optional <bootloadersettings> element
inside of the <bootloader> section. The information is used to
specify custom arguments for the tools called in a bootloader
setup procedure, e.g shim-install, grub-install or grub-mkconfig.
kiwi does not judge on the given parameters and if the provided
data is effectively used depends on the individual bootloader
implementation. In this commit the data will be effectively
handled if bootloader="grub2" is configured. More precisely
the custom additions to support SUSE's TPM model with grub2
can be configured as follows:
<bootloadersettings>
<shimoption name="--suse-enable-tpm"/>
<installoption name="--suse-enable-tpm"/>
<configoption name="--set-trusted-boot"/>
</bootloadersettings>
This Fixes #2224
* Tue Dec 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Stick with tox v3.28.0 for unit testing
tox >= 3.0.15 together with virtualenv >= 20.17.1 raises
strange incompatibilities and prevents the unit test run
because tox calls virtualenv in a wrong way leading to
strange error messages like:
- --
usage: virtualenv ...
virtualenv: error: argument dest: destination '{check,devel,packagedoc,doc,doc_gh_pages,doc_suse,doc_man,scripts,}: /home/runner/work/kiwi/kiwi/.tox/3\n/home/runner/work/kiwi/kiwi/.tox/3.8' must not contain the path separator (:) as this would break the activation scripts
- --
All this doesn't make sense to me at all and worked
without any issues before.
* Tue Dec 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.55 → 9.24.56
* Tue Dec 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix gh-pages publish
* Sun Dec 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed systemd boot integration test for rawhide
systemd-boot was splitted in preparation for secure
boot. The unsigned version of the EFI binary is used
in the test so far
* Sun Dec 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added device mapper setting for s390 on TW
Use kpartx as partx fails
* Sun Dec 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added device mapper setting for s390
Use kpartx as partx fails
* Sun Dec 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.54 → 9.24.55
* Wed Dec 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to pass credentials as file reference
* Tue Dec 13 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed handling of container archive compression
In kiwi we support handling of the container archive compression
via a runtime configuration setting of the following form, eg
in /etc/kiwi.yml
```yaml
container:
[#] Specify compression for container images
[#] Possible values are true, false, xz or none.
- compress: true
```
However, this setting was only taken into account in the kiwi
bundler. Meaning if the user calls 'kiwi result bundle ...'
after the container image has been created the result bundler
will take the compression setting into account. From my perspective
this behavior is misleading and also prevents users from
creating compressed container archives without a subsequent
result bundler call. Therefore this commit moves the place to
handle the compression setting into the container classes.
The bundler code for containers will no longer operate on it
and just takes what it gets, which can be either compressed
or not. The default setting was "No compression" and this
was not changed. This Fixes #2217
* Tue Dec 13 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add type hints for OCI and APPX classes
* Sun Dec 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.53 → 9.24.54
* Sun Dec 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix publish to pypi
bind gh-action module to v1 release
* Sun Dec 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.52 → 9.24.53
* Sat Dec 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Use ubuntu-20.04 as github hosted runner
It seems on ubuntu-latest no python 3.6 is available anymore
* Sat Dec 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow external commands in tox targets
* Fri Dec 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix unit test run for BLS spec base class
Do not really call blkid as used in get_boot_cmdline
* Fri Dec 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed typo in documentation
Capitalize at the start of a sentence.
This Fixes #2216
* Fri Dec 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix unit tests to run in parallel
Setting sys.argv and global variables impacts tests such that
they cannot run in parallel. The little footprint of excluding
the --config global args test from the coverage is beneficial
to allow parallel test runs
* Fri Dec 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't show secret parts of an URI
Using URIs of the form uri://user:pass@location should not be
logged or printed including its credential data
* Fri Dec 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't use split on potential None value
* Thu Dec 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow to select partition mapper tool
The recent change from kpartx to partx caused some appliance
builds to break depending on their configuration. I spotted
issues when building disks with veritysetup or integritysetup
root devices. There are also issues with grub-install on other
architectures e.g s390. It seems partx cannot be used as a drop
in replacement and so I suggest to make this a runtime
configuration option with partx as the new default but also
allow for the old method
* Thu Dec 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.51 → 9.24.52
* Wed Nov 30 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix status indicator in helper/build_status.sh
colored output only worked for toplevel results
* Wed Nov 30 2022 Neal Gompa <neal@gompa.dev>
- Eliminate redundant partx calls for cleaning up loop devices
partx can clean up all partition loops associated with a loop device
when deleting the main loop device. Apparently, sometimes it goes and
does this even when only deleting the partition loop, so to avoid
this problem, we will just eliminate the redundant call.
Fixes: 8f2b8fda82a37d7a7ebbf8a6557870cc63b0ae91
* Wed Nov 30 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support repo URI's with credentials on cmdline
Specifying a repository as part of the image description
allows for credentials via the username and password attributes.
Howver, repositories can also be specified on the commandline
via the --set-repo / --add-repo options. The options on the
commandline did not allow to specify credentials so far.
This commit adds the commandline options --set-repo-credentials
and --add-repo-credentials to support them
* Wed Nov 30 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update test-image-vagrant
virtualbox-guest-x11 seems to be deleted from TW
* Wed Nov 30 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-custom-partitions
The test was done prior kiwi added the partitions element and
demonstrates how to influence the partition table via scripts.
These scripts uses kpartx and the device mapper. Due to the
recent change from kpartx to partx the scripts must be
adapted
* Tue Nov 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.50 → 9.24.51
* Tue Nov 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added code style batch to landing page
* Tue Nov 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Delete obsolete gitlab pipeline status flag
Delete obsolete gitlab pipeline status from the project
landing page. We do no longer use gitlab since they added
that quota thing for their CI system
* Tue Nov 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.49 → 9.24.50
* Tue Nov 29 2022 Neal Gompa <neal@gompa.dev>
- Swap from DM kpartx to util-linux partx for creating loop devices
The device-mapper (DM) based loop devices that kiwi has historically
generated creates issues when trying to run kiwi in confined build
environments. The DM tools prefer to have a tighter coupling between
userspace and kernel interfaces, and we cannot necessarily guarantee
that in the variety of build environments that kiwi can be run in.
In particular, Koji uses either nspawn containers or chroots through
Mock to run kiwi and that is where this fails.
However, we do not need to use DM for this purpose when util-linux
provides a perfectly serviceable alternative. This commit changes
kiwi's loop device setup to use partx(8) from util-linux instead.
As long as the appliance image being created doesn't use a disk
scheme that requires DM, it becomes entirely possible to produce
an image without needing DM at runtime at all.
* Tue Nov 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added systemd_boot integration test for Rawhide
* Mon Nov 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase btrfs size of orthos integration test
* Mon Nov 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase scope of kernel lookup
So far kiwi was looking up kernels only on /boot. Including
other bootloaders it's no longer required that the kernel
packages of the distributions provides the kernel in /boot
Thus kiwi's lookup needs to be extended to other places
which is done by this commit.
* Sat Nov 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add GRUB_DEFAULT=saved if not set
If there is no GRUB_DEFAULT setting in etc/default/grub
we add GRUB_DEFAULT=saved as the default setting.
This Fixes #2198
* Sat Nov 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Disable gitlab CI pipeline
Unfortunately gitlab decided to allow only eligible
projects to use their CI pipeline. Being a member for
years seems not to count in this change process.
Therefore this commit disables the tests we run on
gitlab and I will come up with a simple github action
for the parts that we don't want to loose.
* Fri Nov 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added integration test for systemd_boot
The test build is based on the Tumbleweed distribution
and provides a simple non-secure-boot systemd-boot
virtual disk image
* Tue Nov 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- no_implicit_optional = False
* Thu Nov 03 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added --loglevel option
specify logging level as number. Details about the
available log levels can be found at:
https://docs.python.org/3/library/logging.html#logging-levels
Setting a log level causes all message >= level to be
displayed.
* Wed Nov 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Consolidate and cleanup logging
Make sure all loggers; stream handlers, file and socket
handler uses the same logging format. Also make sure that
there is only one place for setLogLevel when kiwi is
used as application
* Sat Oct 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added support for --logsocket
Like with --logfile this commit adds support for using
an existing Unix Domain Socket for logging. It's required
that there is a listener on the given socket otherwise
kiwi exits with an appropriate error message from the
socket layer. A simple listener could look like the
following:
```python
sock_file = '/tmp/log_socket'
buffer = 1024
if os.path.exists(sock_file):
os.unlink(sock_file)
sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
sock.bind(sock_file)
sock.listen(1)
while True:
connection, client_address = sock.accept()
try:
while True:
data = connection.recv(buffer)
if not data:
break
print(data.decode())
finally:
connection.close()
```
With the listener in place kiwi can be called as follows:
kiwi-ng --logsocket /tmp/log_socket ...
* Sat Oct 22 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.48 → 9.24.49
* Sat Oct 22 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-vagrant
virtualbox-guest-tools obsoletes virtualbox-guest-x11
* Fri Oct 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- ignore the type check on the Result class
With an update of mypy the bound TypeVar is no longer allowed.
In newer versions of python we could use the "Self" type or
import annotations from the future module. Unfortunately in
older python versions which we still support (3.6) there is
no non intrusive change which allows us to handle that type
annotation. Thus this commit ignores the return type spec
for Result.load() for the moment.
* Wed Oct 12 2022 Igor Raits <igor.raits@gmail.com>
- Stop copying /dev files statically into the OCI container
In containers (nspawn) where part of the /dev filesystem is bind-mounted
from outside system, kiwi fails to do the rsync (in creation of the
nodes).
There is no reason to actually copy whole tree inside so let's just
not do it (as it does not seem to be needed at all).
* Tue Oct 11 2022 Dirk Müller <dirk@dmllr.de>
- List riscv64 as a valid architecture in the schemas
This is needed so that architecture filters on riscv64 specifics can
be defined.
* Wed Sep 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support DM integrity legacy options
Add a new attribute integrity_legacy_hmac="true|false" which
allows to use old flawed HMAC calculation (does not protect superblock).
Add a new attribute integrity_legacy_padding="true|false" which
allows to use inefficient legacy padding. Do not use these attributes
until compatibility with a specific old kernel is required!
* Wed Aug 31 2022 Jan Macku <jamacku@redhat.com>
- ci(lint): Add Shell linter - Differential Shellcheck
* Wed Aug 31 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Limit repo alias names to be a safe POSIX name
Characters like spaces or other symbols used in repo alias names
can cause the package manager to fail setting up the repo. Thus
this patch changes the schema to only allow for safe POSIX names
matching: {pattern = "[a-zA-Z0-9_\-\.]+"}. This Fixes #2170
* Thu Aug 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase space for test-image-embedded test
Add more space to test profile: SystemFeatures
* Thu Aug 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Increase efifatimage size for legacy build test
* Tue Aug 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.47 → 9.24.48
* Sun Aug 21 2022 Laszlo Gombos <laszlo.gombos@gmail.com>
- Return failure if overlay is not supported
* Wed Aug 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.46 → 9.24.47
* Wed Aug 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "EFI Filesystem must be Fat32 formatted"
Using fat32 causes failed boots on e.g AWS EC2 arm.
This must be solved differently with an attribute
to configure it.
This reverts commit b8641bdc6825423f8c65b55c8d0870b38874a566.
* Tue Aug 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.45 → 9.24.46
* Tue Aug 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support URIs with credentials in solver plugin
check if the URI string contains credentials and
extract/trim them from the uri object. The urlparse
class does not recognize this information as a valid
URI and throws an exception
* Tue Aug 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed kexec options setup in kiwi-dump-reboot
The dracut module 99kiwi-dump-reboot creates an options
list for kexec. Under certain conditions the options
list can contain multiple spaces which leads to an error
when calling kexec. This commit makes sure to trim
white spaces. This Fixes #2178
* Sun Aug 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-disk-legacy
Increase size of embedded EFI fat image needed for EFI
bootable install ISO. Due to the increased size of the
custom kiwi initrd the default size for the FAT image
is too small
* Sat Aug 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support custom size for embedded EFI FAT image
For ISO images (live and install) the EFI boot requires an embedded
FAT image. As of now a fixed size of 20M was used which leads to a
problem if the EFI image or the initrd or the kernel is bigger than
20M. With the new attribute:
efifatimagesize="nonNegativeInteger"
we can now set a different value for the FAT image. Please note the
value must be aligned to the also customizable efipartsize value
which allows to configure the size of the EFI partition
* Fri Aug 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed linter complaints after flake update
flake now complains about E275 missing whitespace
after keyword for the way 'del' is used. This commit
fixes it
* Thu Aug 04 2022 J Mixer <j.mixer135@gmail.com>
- Added a NOTE: section to explain the finer points of adding tools to a
dracut hook.
* Sat Jul 30 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup btrfs based legacy kiwi initrd test
* Thu Jul 21 2022 gmoro <gmoro@suse.com>
- Fix mocking of grub2-install (fix #2124)
/bin/true was being used from the host machine instead of
the chroot
* Thu Jul 21 2022 David Cassany <dcassany@suse.com>
- Fix race condition in runtime_config_test
This commit instead of setting the global variable of the runtime config
file patches it. This is relevant if running unit tests in parallel,
where global variables are shared if not patched.
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Jul 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- EFI Filesystem must be Fat32 formatted
Given the documentation from Microsoft the EFI partition
must be a fat32 format. fat16 is still supported but
unexpected. This Fixes #2141
* Tue Jul 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed typo in overview page
prevent word duplication. This Fixes #2016
* Tue Jul 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.44 → 9.24.45
* Thu Jul 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Umount device before cloning
In case a clone should be created from a partition we need
to make sure to umount the device after sync and prior cloning.
Otherwise the clone operation is not safe because the rsynced
data might still be in memory and not synced out to the block
device.
* Wed Jul 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed custom disk start sector setup
The attribute disk_start_sector allows to specify a custom
start sector for the first partition of the disk. On GPT
tables everything works nicely, on DOS tables the used tools
fdisk/sfdisk are not able to manage the start/end values of
subsequent partitions if the first partition doesn't start
with the tooling default. This patch allows to set the
start sector after the partition table has been created
* Sat Jul 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed CentOS-8 repo setup
* Fri Jun 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.43 → 9.24.44
* Thu Jun 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make sure to rebuild rpm database
For rpm based distributions make sure to call
rpm --rebuilddb unconditionally prior using rpm
with the chroot. This Fixes #2165
* Wed Jun 22 2022 Neal Gompa <neal@gompa.dev>
- github: Refresh issue template to cover more operating scenarios
KIWI is often used for cross-distribution image builds, so we
should ask for that information when appropriate.
Additionally, clarify "OBS" as "Open Build Service" to disambiguate.
Finally, add a line about Koji since Koji can run kiwi to build
images now.
* Wed Jun 22 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unit tests
* Tue Jun 21 2022 Igor Raits <igor.raits@gmail.com>
- Forcefully disable versionlock plugin in DNF
[ INFO ]: 09:39:08 | Uninstalling system packages (chroot)
[ INFO ]: 09:39:08 | Using package manager backend: dnf
[ INFO ]: 09:39:08 | --> package: linux-firmware
[ INFO ]: 09:39:08 | Uninstall system packages (chroot)
[ DEBUG ]: 09:39:08 | EXEC: [chroot /tmp/myimage8/build/image-root dnf --config /kiwi_v708wllp -y --releasever=8 autoremove linux-firmware]
[ INFO ]: Processing: [########################################] 100%
[ ERROR ]: 09:39:08 | KiwiPackagesDeletePhaseFailed: System package deletion failed: Package deletion failed: Error: Locklist not set
The versionlock plugin does not bring any benefit anyways as we
completely override plugin configs.
Also refactor configparser related stuff a bit.
Signed-off-by: Igor Raits <igor.raits@gmail.com>
* Mon Jun 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support squashfs in custom partitions
When using squashfs in a custom partitions setup like the following:
<partitions>
<partition ... filesystem="squashfs"/>
</partitions>
The build fails because the filesystem needs to be created
using the create_on_file() API and not the create_on_device()
API. In addition the size estimation is bogus when using
squashfs and cannot be pre-calculated because we only know
how much space the filesystem really needs after mksquashfs
as worked on the data and the compression. Thus this commit
also relaxes the required size check in case of squashfs.
Last but not least a squashfs filesystem does not provide
label or UUID and can only be referenced by the PARTUUID
it gets dumped on or by the native unix device node. As
the unix node is a loop during build time of the image and
meaningless this commit also forces by-partuuid mapping in
fstab when mounting the squashfs based device.
* Thu Jun 16 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed use of CommandCapabilities
The class allows to check for data produced on stdout
and stderr. However, programs reporting data on stderr
usually fails with an exit code != 0. If the command
is not called with raise_on_error=False it will never
be possible to catch information from stderr. As we
don't know if programs returns a failed exit code
even on their e.g --usage message we should always
pass the no raise option to make this more useful
* Wed Jun 15 2022 David Cassany <dcassany@suse.com>
- Fix volume mount path and adapt unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Jun 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Handle older versions of setfiles correctly
In older versions of setfiles we need a two pass setup
First set the policy, second apply the security context.
This commit checks in the usage message of setfiles which
invocation syntax is required
* Tue Jun 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.42 → 9.24.43
* Tue Jun 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed error handling for setfiles policy lookup
Errors from os.scandir were not catched. In addition the path
to run scandir was not properly created
* Tue Jun 14 2022 Ludwig Nussel <ludwig.nussel@suse.de>
- Mount /sys also for disks.sh
/sys is needed to be able to run dracut in disks.sh
* Mon Jun 13 2022 Ludwig Nussel <ludwig.nussel@suse.de>
- Fix btrfs volume mounting
If the second argument of os.path.join is an absolute directory, the
result would be that directory. The intention is to produce a
subdirectory of the mountpoint though. So pass a relative path.
Without the fix, kiwi would try to e.g mount the /var subvolume of
the image over the /var of the host, screwing everthing up of course
:-)
* Mon Jun 13 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Prefer file based syscall in kexec when possible
Use file based syscall in kexec if available. This is needed to
support boot on an secure boot enabled system and is in general
more reliable to boot into the system on real hardware platforms
* Mon Jun 13 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.41 → 9.24.42
* Thu Jun 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.40 → 9.24.41
* Wed Jun 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix helper method to detect dracut outfile format
The method _get_boot_image_output_file_format_from_dracut_code
is used in kiwi to match parts of the dracut code for the used
output file format. Beginning with dracut-056 the code part
checked has changed syntactically such that the match did
no longer work. This commit increases the scope of the match
and replace pattern and Fixes #2149
* Wed Jun 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed handling of signing_keys in cmdline options
When passing signing_keys with the --add-repo|--set-repo
commandline options the delimiter to separate the single
key information is a colon(:). However, this is stupid when
kiwi expects the signing key to be references as an URI
format like file://... Therefore this patch changes the
delimiter from colon(:) to semicolon(;)
* Wed Jun 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Correct setfiles relabeling
This change was inspired by a change done on Fedora's livecd-tools
from here: livecd-tools/livecd-tools#236. The patch corrects issues
with the setfiles SELinux relabel command. The issues become apparent
when the host and guest policies differ. Thus it becomes required
to explicitly set the policy to decouple from eventual unwanted
host settings.
* Wed Jun 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.39 → 9.24.40
* Wed Jun 01 2022 Carlos Bederián <zzzoom@gmail.com>
- Setup SELinux on every system prepare / build (#2148)
Setup SELinux on every system prepare / build such that all image types benefit from it not only the disk (oem) type
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Install all of QEMU to Ubuntu arm integration test
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- rename user to ubuntu for Ubuntu integration test
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.38 → 9.24.39
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move to sphinx>=5.0.0
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.37 → 9.24.38
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed sphinx extlinks rendering
In Sphinx v5 warning will be treated as errors. This results in the following
warning to be an error: extlinks: Sphinx-6.0 will require a caption string to
contain exactly one '%s' and all other '%' need to be escaped as '%%'.
This commit applies the required quoting
* Sun May 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.36 → 9.24.37
* Sat May 28 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added example aarch64 integration test for Ubuntu
Created a RaspberryPI image description for Ubuntu(jammy)
as integration test for building aarch64 images and added
it to the integration test matrix
* Mon May 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added --target-arch for image info
Allow cross arch dependency solving
* Fri May 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- update docs
* Fri May 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for group id in users setting
Allow to specify the group id in the groups list a user
should belong to. The group id can be placed as part of
the group name separated by a colon like in the following
example:
<users>
<user groups="kiwi,admin:42,users" password="..." name="kiwi"/>
</users>
Please note kiwi checks if the provided group already
exists and only creates a group if it is not already present in
the system. As default groups are usually provided by the OS
itself including its preferred group id, you will intentionally
not be able to overwrite group id for existing groups.
This Fixes #2064
* Thu May 19 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.35 → 9.24.36
* Tue May 17 2022 Robert Schweikert <rjschwei@suse.com>
- Subformats should also not be compressed when encryption is enabled (#2138)
Subformats should also not be compressed when encryption is enabled
This is a follow on change to bdba953. When the filesystem is encrypted the
resulting image should not be compressed. Also explain why we ignore the
compression seeting in the user configuration for encrypted images.
* Mon May 16 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for prebuilt bootstrap package for apt
When using the apt packagemanager kiwi required the use of
debootstrap to create the initial rootfs. This works as long
as there is always a main distribution repository available
which follows the structure of the official debian mirrors.
However if such a main distribution is not present or an
alternative layout like e.g OBS repos is used, debootstrap
will refuse to work. To allow for an alternative and without
the dependency to debootstrap kiwi supports using a prebuilt
bootstrap package providing the mini rootfs to serve as
the bootstrap result. As all other package managers properly
supports installation into an empty new root, this feature
was only added when using the apt packagemanager
* Sun May 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.34 → 9.24.35
* Sat May 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow more repo params to be set on the cmdline
The repository parameters for signing keys, the component
list the main distribution name for debian repositories and
also the repository_gpgcheck could not be set via the
commandline options --add-repo and/or --set-repo. This
commit adds support for them and also updates the manual
page accordingly
* Sat May 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update ubuntu integration tests
Build them against latest release (jammy).
This Fixes #2128
* Sat May 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.33 → 9.24.34
* Thu May 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Follow up fix for isolinux-config
isolinux-config is called to update the search path inside
of the isolinux binary. isolinux/syslinux is exclusive to
the ix86 architecture and to BIOS firmware. Therefore the
condition to actually call it should reflect this.
* Thu May 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.32 → 9.24.33
* Thu May 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed runtime check
Fixed check_dracut_module_for_disk_overlay_in_package_list. The
check complains if the dracut-kiwi-overlay module is not installed
but overlay support was requested. This is correct but should only
be done if the selected initrd system is dracut.
* Wed May 04 2022 ozboss <32305849+ozboss@users.noreply.github.com>
- Add option to set LUKS type to luks1 (#2126)
Add option to set LUKS type to luks1
So far the LUKS type could be set to luks and luks2. However, what luks
version the value 'luks' evaluates to depends on how the distributor has
packaged luks. Thus it's possible that 'luks' is either luks1 or luks2. To
also have the opportunity to explicitly specify luks1 this commit adds
the opportunity in the schema.
* Wed May 04 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update devel packages helper
Added trang as needed when working on the schema
* Fri Apr 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for dm integrity with secret key
Allow to protect the opening of the integrity data map and
journal through a keyfile. For setting the key file two new
optional type attributes were added:
* integrity_keyfile
* integrity_metadata_key_description
The key file format must be correct according to the selected
integrity algorithm. As of now the kiwi default hmac-sha256
algorithm is used with the selected keyfile
The optional integrity_metadata_key_description attribute
allows to specify a custom description of an integrity key
as it is expected to be present in the kernel keyring. The
information is placed in the integrity metadata block. If
not specified kiwi creates a key argument string instead
which is based on the given integrity_keyfile filename.
The format of this key argument is:
:BASENAME_OF_integrity_keyfile_WITHOUT_FILE_EXTENSION
* Thu Apr 28 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update get_disksize_mbytes to support clones
When using partition clones the pre-calculation of the
disk size needs to take this into account.
* Wed Apr 27 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed UUID setup for XFS
Make sure the log got replayed prior generating a new UUID
* Tue Apr 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed scope of setup_isolinux_boot_path
There is a method called setup_isolinux_boot_path which is
encoded in the Iso class. The method allows to change the
boot path in the isolinux binary and makes sense when the
bootloader is selected to be isolinux. However, the method
was called in the scope of the FileSystemIsoFs class which
responsibility is to create an ISO filesystem. The creation
of an ISO filesystem has no direct connection to a bootloader.
Thus calling this method in the scope of the FileSystemIsoFs
implementation is wrong and can lead to unexpected side
effects. This commit moves the call of the method to the
places where isolinux as a bootloader can still be used.
This Fixes #2117
* Tue Apr 26 2022 Dan Čermák <dcermak@suse.com>
- Correct the URL to the dracut home page
This fixes https://github.com/OSInside/kiwi/issues/2097
* Tue Apr 26 2022 Dan Čermák <dcermak@suse.com>
- Change the custom vagrant config file to 00-vagrant.conf
If it is called 99-vagrant.conf, then anything "before" that, like
50-redhat.conf takes precedence and overrides our custom settings.
* Tue Apr 26 2022 Dan Čermák <dcermak@suse.com>
- Add Leap 15.4, SLE 15 SP4 & CentOS Stream 9 to the scripts tests
* Mon Apr 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.31 → 9.24.32
* Mon Apr 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for standalone dm integrity
There is support in kiwi to use dm_integrity in combination
with the LUKS header and dm_crypt. However there is also the
use case to setup dm_integrity in standalone mode. This commit
allows to create the dm_integrity layer outside of LUKS using
/etc/integritytab to activate the map through a systemd
generator if systemd is used.
Regarding systemd it's required to use a version of system which
provides: system-generators/systemd-integritysetup-generator.
If this generator does not exist in the distribution it will
also be missing in the dracut generated initrd and the boot
will not be able to succeed. It's mentioned here because even
newer distributions might be missing the generator
Along with the implementation there are two new optional
attributes in the <type> section:
standalone_integrity="true|false"
embed_integrity_metadata="true|false"
standalone_integrity activates/deactivates the dm_integrity map
on top of the root filesystem. Similar to the veritysetup support
there is the opportunity to create an embedded magic metadata
block at the end of the device containing the root
filesystem via embed_integrity_metadata
* Sun Apr 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update per codacy smell
* Sun Apr 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for part clones to the Disk interface
The Disk class provides methods to create partition(s)
and map names according to its scope and independent of
the actual partition tools. For example: create_root_partition().
This commit adds an additional optional clone parameter to
all methods for which we want to allow partition clones
* Sun Apr 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Be less strict in boot link to itself
As part of the grub setup a link named 'boot' inside of
/boot is created pointing to itself 'boot -> .'. The reason
is to allow the bootloader config to find its files referenced as
/boot/something independently if /boot is placed into an extra
partition. However if an extra boot partition is used and a
filesystem which does not support symlinks, e.g fat, that
symlink creation should not lead to an error in the image build
process as it is considered an optional safe link and not a
mandatory pre-requisite
* Thu Apr 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed TW arm rpi integration test
Explicitly add ruby to the package list
* Wed Apr 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.30 → 9.24.31
* Wed Apr 06 2022 Robert Schweikert <rjschwei@suse.com>
- Fix LABEL detection (#2112)
When only "root=" is specified on the kernel command line the match is
located in the first group. Loop through the groups upon mtach to find
what we are looking for.
* Tue Apr 05 2022 Robert Schweikert <rjschwei@suse.com>
- Preserve LABEL setting (#2108)
Preserve the LABEL= setting when the grub config file is re-generated.
the GRUB_ENABLE_LINUX_LABEL setting does not exists upstream and
not in any SUSE distribution. Set the grub setting such that LABEL
is preserved on SUSE distros. (bsc#1197616)
* Tue Apr 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix test_setup_default_grub_empty_kernelcmdline
The unit test exists to check that GRUB_CMDLINE_LINUX_DEFAULT
is not set depending on the provided cmdline. The test exists
for reasons explained in Issue #1650
* Fri Apr 01 2022 Fabian Vogt <fvogt@suse.de>
- Don't compress .appx containers (#2106)
The container is actually inside and already compressed.
* Fri Apr 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added new CloneDevice class
Added CloneDevice class to the storage interface.
The class allows to create clone(s) from a given source
block device into a list of target block devices.
The target block devices are clones of the source but
prevents device naming conflicts for unique identifiers
like the UUID. This is requires to still allow to boot
from images containing device clones and needs to be
handled by tools that might work on top of the cloned
devices.
* Thu Mar 31 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Improve readability of shell commands
The way the lsblk pipeline is constructed is improved
to become easier to read by this commit
* Thu Mar 31 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added set_uuid() method to FileSystem API
Allow to set a custom UUID not only at creation time of
a filesystem but also at a later point in time in an
already existing filesystem
* Tue Mar 29 2022 David Cassany <dcassany@suse.com>
- Ensure BootloaderConfig resources are cleaned first
This commit wraps the manual BootloaderConfig instance cleanup in
disk builder into a try/finally scope. This way if KIWI is aborted
or fails within this scope the BootloaderConfig is cleaned up first.
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Mar 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed overlay root dracut module
make sure there is always only one selection for the
readonly root partition
* Tue Mar 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update LUKS integration test for TW
Use cipher options to make cryptomount work again
* Tue Mar 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Set LUKS(v1) for TW encryption integration test
In Tumbleweed LUKS2 became the default but the grub cryptomount
tool is not able to work with the v2 LUKS header. Thus the test
explicitly builds against the former luks version for now
* Tue Mar 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Set LUKS2 for TW luks encryption integration test
In Tumbleweed LUKS2 became the default also for grub
and cryptomount, which requires to create a LUKS2 header
in the dm_crypt layer
* Tue Mar 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.29 → 9.24.30
* Mon Mar 28 2022 Tim Serong <tserong@suse.com>
- Add ensure_empty_tmpdirs option for OCI containers (bsc#1197783)
Since #1759 was merged, the contents of /run/ and /tmp/ are excluded from
built images. This causes problems for some containers, notably Ceph when
deployed in a Rook/k8s environment, which needs to have certain directories
present inside /run/. This commit adds the ability to return to the previous
behaviour and *not* empty those temporary directories, if you specify
<image><preferences><type [...] ensure_empty_tmpdirs="false">.
Fixes: https://github.com/OSInside/kiwi/issues/2093
Signed-off-by: Tim Serong <tserong@suse.com>
* Fri Mar 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed parsing of veritysetup output
veritysetup uses tabs to align values. The way kiwi parsed
the values did not strip out the tabs and later on keeps
them in the verification metadata block. The unit test
did not catch this because the mock output used for
veritysetup did not contain tabs. This commit fixes the
test to catch this condition and also fixes the code to
handle all space characters (tabs, space, newlines) in
a safe way
* Thu Mar 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update contents of store_credentials result file
The method added information about the PARTUUID as useful
information. However, PARTUUID's are not supported by all
partition tables. The Linux generated artificial values
from the disk identifier are not wanted in this scope.
As the information is not mandatory it's better to not
provide it at all and avoid confusion to users.
* Thu Mar 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Make blkid call more robust
Do not raise of blkid is not able to read the requested ID.
It is expected that the methods of the BlockID class either
returns a value or none but do not raise and cause the
complete process to terminate
* Thu Mar 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added embed_verity_metadata attribute
Specifies to write a binary block at the end of the
partition serving the root filesystem, containing information
for dm_verity verification and to construct the device map
* Thu Mar 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added create_verification_metadata method
Along with creating a filesystem including device mapper features
like dm_verity (see verity_blocks) or dm_crypt/dm_integrity (see luks)
there is always the question where to store the metadata information
required to setup the device map. This can include information about
blocksizes, offset addresses and more. The create_verification_metadata()
method allows to write a signed custom data block of a documented
format at the end of the given block special which stores this type
of information such that tools at boot time gets the opportunity to
read this information. In this commit only information connected
to the dm_verity feature activated via the verity_blocks attribute
will be part of the verification block. With future changes other
data might be added
* Wed Mar 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added runtime check for by-partuuid use
Added check_partuuid_persistency_type_used_with_mbr(). Not
every partition table type supports UUIDs. We don't want to
make use of the artifical values created by Linux if the
partition table doesn't support it natively
* Wed Mar 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support partuuid and label mounts in dracut module
The 90kiwi-overlay dracut module was not able to parse the
device link if done with PARTUUID or LABEL
* Wed Mar 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added integration test for by-partuuid
The test hooks into the existing test-image-embedded integration
test for leap. As I plan to extend the tests specific to features
actually only useful for special embedded images, I thought this
would be the right place to start
* Mon Mar 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- validate luksformat options
validate options against the cryptsetup help info
in a runtime check
* Mon Mar 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Handle LUKS type in its own attribute
* Sun Mar 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed attribute description
The overlayroot_verity_blocks attribute description
contained outdated information
* Sat Mar 19 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for verity setup on standard rootfs
So far the verity support was only available with the
overlayroot layout and the read-only squashfs root. This
commit adds a new attribute: verity_blocks="number|all"
which allows to create the verity setup also on the
standard root partition
In addition to the change it was needed to extend the
Filesystem API with an additional optional paramter to
allow setup of the filesystem UUID. Having the opportunity
to set the UUID at filesystem creation is generally useful
and with regards to this particular change it became also
required
* Fri Mar 18 2022 Neal Gompa <ngompa13@gmail.com>
- Allow Btrfs and XFS as options for the boot partition filesystem
We already do this implicitly when we do not define this attribute
and request a boot partition, so let us explicitly offer these as
options too.
* Fri Mar 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix grub defaults for PARTUUID use
Make sure to set GRUB_DISABLE_LINUX_PARTUUID to false
when using by-partuuid
* Thu Mar 17 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow luks format options
Added new luksformat element which allows to pass
along options to the luksFormat call. This allows users to
switch between LUKS and LUKS2 via e.g
<luksformat>
<option name="--type" value="luks2"/>
</luksformat>
It also allows to pass along a set of options only available
to LUKS2, e.g
<luksformat>
<option name="--type" value="luks2"/>
<option name="--cipher" value="aes-gcm-random"/>
<option name="--integrity" value="aead"/>
</luksformat>
In addition to the new attribute the existing luks attribute
can also be specified to read credentials from a keyfile by
using the file:// source locator, e.g
<type ... luks="file:///path/to/a/keyfile"/>
This Fixes #1898
* Sat Mar 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed funny build_status.sh bug
If the name of the repository starts with an 'F' like
in Fedora, the 'F' is turned into a red escape sequence
because it is assumed to be a failed status indicator :)
The path here is probably also dumb as it just assumes
there is a space after the status indicator. Well the
complete script is not really a good one, but still
helpful
* Sat Mar 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update Fedora arm integration test
Move test to Fedora 34
* Sat Mar 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added container build test for Fedora
Fedora systems uses buildah to create containers. There is
no integration test for kiwi which tests building containers
with buildah. This commit adds a build test to cover this
path. Related to Issue #2020
* Fri Mar 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed test-image-docker-derived for leap
The test still used the additionaltags attribute with the
latest schema (v7.5) which fails to validate because the
attribute was moved to additionalnames
* Fri Mar 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.28 → 9.24.29
* Thu Mar 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Don't bind mount /run during build time
In commit #9512318 a new bind mount of /run into the root tree
during build time was introduced. The bind mount was done because
in my tests running podman from config.sh it did not work without
/run bind mounted. However, it turned out that I was wrong because
along with the provided methods to prepare cgroups and a custom
runtime configuration method; setupContainerRuntime() it is not
needed to have /run bind mounted. Thus this commit deletes the
bind mount of /run and therefore Fixes #2067
* Thu Mar 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix github action running obs service refresh
The curl command to send the POST request for running the
obs remote service uses the --fail-with-body option.
Unfortunately the ubuntu-latest container used to run the
action comes with a curl version that does not support the
option. Thus this commit removes the use of the option
* Wed Mar 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Move scope of veritysetup
veritysetup was called as part of the disk builder. However,
the veritysetup should be a responsibility of the classes which
implements the sync_data method. This allows to use the creation
of a verity hash format right after sync as a feature to these
classes and in a broader scope. In addition to that change the
VeritySetup::format method now returns the metadata from the
format call and stores it as debug information to the log file.
A concept to persistently store the verification metadata as part
of the partition(s) will be a next step.
* Wed Mar 09 2022 Dan Čermák <45594031+dcermak@users.noreply.github.com>
- Style changes in container docs
Reformulate the container building guide a bit
* Wed Mar 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for custom size in filesystem classes
Allow to create filesystems with an optional size parameter.
If no size is provided the filesystem gets as big as the device
which is the default and unchanged behavior. In addition a
size counting from the beginning (>0) as well as a size
counting from the end (<=0) can be provided.
* Wed Mar 09 2022 David Cassany <dcassany@suse.com>
- Update schema docs
Signed-off-by: David Cassany <dcassany@suse.com>
* Tue Mar 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Provide schema version v7.5 in spec
* Tue Mar 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update descriptions to schema v7.5
* Sun Mar 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support mount by PARTUUID
In addition to by-label and by-uuid also support mounting
by PARTUUID. Please note kiwi also makes sure that the grub
generated config file uses the root=PARTUUID= notation and it's
not clear if grub-mkconfig will persist making use of it.
Nevertheless there are also systems which uses different
methods to boot and it makes sense to support partuuid
mappings as well
* Sun Mar 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for partition cloning
Support creating block level clones of certain partitions
used in the image. Clones can be created from the root, boot
and any partition listed in the <partitions> element.
* Sun Mar 06 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update cron for security scorecard
Run weekly on Saturdays
* Fri Mar 04 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for extended layout to msdos table
This commit adds the following new type attribute
<type ... dosparttable_extended_layout="true|false"/>
If set it specifies to make use of logical partitions inside
of an extended one. Effective only on type configurations which
uses the msdos table type, it will cause the fourth partition
to be an extended partition and all following partitions will be
placed as logical partitions inside of that extended partition.
This setting is useful if more than 4 partitions needs to be
created in an msdos table.
In addition to the support for extended/logical partitions the
the attributes 'mountpoint' and 'filesystem' in the <partitions>
section becomes optional. This also allows to place partitions
as placeholders not mounted into the system
* Fri Mar 04 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added type hints for partitioner interface
* Fri Mar 04 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.27 → 9.24.28
* Thu Mar 03 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unconditional grub2 package requirement
The grub2 package does not exist on all distributions
as a name provider independent of the architecture.
On for example Debian and Ubuntu the packages are
handled differently and grub2 is only provided on
supported architectures. Thus the spec file should
set the grub2 requirement only if the distribution
provides it in any case
* Wed Mar 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.26 → 9.24.27
* Tue Mar 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added overlayroot_verity_blocks attribute
Setting this attribute to a number or 'all' in an overlayroot
configuration will create a dm verity hash from the number of
given blocks (or all) placed at the end of the squashfs compressed
read-only root filesystem. For later verification of the device,
and without further image description settings, the credentials
information produced by veritysetup from the cryptsetup tools, is
created as a file in /boot/overlayroot.verity and is stored as
such into the image by default.
* Tue Mar 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed disk.sh caller environment
The documentation explains the disk.sh script to be called
from inside of the image root as it exists on the block layer.
The disk.sh script is therefore also called after the sync
of the unpacked image root tree to the block layer. The
implementation however, was only partially calling disk.sh
from such an environment. In fact the environment was only
the mountpoint of the root partition but this is not the
complete system regarding layouts that uses extra partitions
and/or volumes. This commit introduces the use of the new
class ImageSystem and calls disk.sh in the way it was
designed and documented.
* Tue Mar 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added ImageSystem class
The class responsibility is to provide access to the
image root system from the block layer of the image
scope
* Tue Mar 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Prevent superfluous filesystem creation
In case of an overlayroot setup and the request for
no extra write partition, it is not needed to create
a filesystem for the write space which never gets
synced to the image
* Sat Feb 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.25 → 9.24.26
* Sat Feb 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed destructor test on oci_tools/buildah_test.py
Calling del() from teardown breaks when the method is
called through teardown_method
* Sat Feb 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.24 → 9.24.25
* Sat Feb 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Support nose and xunit style tests
The modifications in this commit allows the unit tests
to run on both, pytest 6.x (nose test layout) and the new
pytest 7.x (xunit test layout). This Fixes #2072 in a
much nicer way. Thanks much to @smarlowucf
* Fri Feb 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update unit test to work in obs
Some unit tests fails if they run in an obs environment.
This is because the implementation checks the runtime
envoironment and behaves differently if the system is
an obs worker. The unit tests has to explicitly set this
condition right for the test
* Fri Feb 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "Unit test adaptions to pytest v7"
This reverts commit 0dc2e803e0e8059c54a0ea23960245286675c86c.
The pytest interface from version v6 to v7 has received
changes which requires the tests to be adapted to work for
either the old or the new interface. As there are still many
distributions which uses v6 as the standard we decided to
revert back the adaptions done to support v7 and create
a version requirement to v6 in .virtualenv.dev-requirements.txt
This Fixes #2072
* Wed Feb 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added overlayroot_readonly_partsize attribute
Specifies the size in MB of the partition which stores the
squashfs compressed read-only root filesystem in an
overlayroot setup. This Fixes #2068
* Wed Feb 23 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update to scorecard CI 1.0.4
* Tue Feb 22 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added debootstrap log info to exception message
In case debootstrap fails there is more detailed information
in a logfile written by debootstrap itself. This commit changes
the exception information to contain this log information if
present. Related to Issue #1800
* Sun Feb 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.23 → 9.24.24
* Sun Feb 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added overlayroot_write_partition attribute
For the oem type only, allows to specify if the extra read-write
partition in an overlayroot setup should be created or not.
By default the partition is created and the kiwi-overlay dracut
module also expect it to be present. However, the overlayroot
feature can also be used without an initrd and under certain
circumstances it is handy to configure if the partition table
should contain the read-write partition or not.
* Sat Feb 19 2022 Matt Coleman <matt@datto.com>
- Use DEB822-formatted .sources files instead .list files for APT
* Tue Feb 15 2022 David Cassany <dcassany@suse.com>
- Support additional names for docker containers
Docker containers used to support the attribute `additionaltags` which
was used to provide multiple tags for the same image. Since only tags
were supported this commit renames the attribute to `additionalnames`
and now supports tags and names witht he following syntax:
* '<name>:<tag>' -> adds a full docker image reference including name
and tag
* ':<tag>' -> adds an additional tag while reusing the former name
* '<name>' -> adds an additional name while reusing the former tag
Fixes #2045
Signed-off-by: David Cassany <dcassany@suse.com>
* Mon Feb 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Follow up fix on force deleting debs
Also remove eventual post scripting prior force removal
of deb packages. Similar inconsistencies as with the pre
scripts can occur on force removal. We want the operation
to be successful in force mode even if that means to
leave a dirty state.
* Sat Feb 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add support for pre_disk_sync.sh script
The optional pre_disk_sync.sh script is executed for the
disk image type oem only and runs right before the synchronisation
of the root tree into the disk image loop file. The script hook
can be used to change content of the root tree as a last action
before the sync to the disk image is performed. This is useful
for example to delete components from the system which were
needed before or cannot be modified afterwards when syncing
into a read-only filesystem.
* Thu Feb 10 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Create ci-scorecards-analysis.yml
Create security health metrics score card
* Tue Feb 08 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixup inplace podman storage and container conf
Newer versions of podman requires runroot and graphroot
to be explicitly set in storage.conf.
Newer versions of podman no longer reads the engine.cgroups
setting on containers.conf and prints a 'Failed to decode the
keys [\"engine.cgroups\"]' warning message
This commit fixes storage.conf and containers.conf written
by kiwi if the setupContainerRuntime method is used in
scripts.
* Tue Feb 08 2022 David Cassany <dcassany@suse.com>
- Make use of container name in OCI images
Fixes #2050
Signed-off-by: David Cassany <dcassany@suse.com>
* Mon Feb 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.22 → 9.24.23
* Mon Feb 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed name of secret variable
The ci-update-build-tests action used a wrong variable
name which does not exist in the github secrets. This
commit fixes it and uses the correct variable name
* Mon Feb 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.21 → 9.24.22
* Mon Feb 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Revert "Revert "Fixed MicroOS build test""
This reverts commit 8c4464b8ff2af2642439ce92e1e2be497f2b0f4d.
snapper default config has moved from /etc to /usr/share
now hopefully for the last time
* Mon Feb 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unit tests
The pytest interface setup() method call has changed
in a way that an additional parameter is passed to
the method which leads to a python error at invocation
time if the setup method does not define it.
* Mon Feb 07 2022 Neal Gompa <ngompa@centosproject.org>
- build-tests: Update CentOS 8 test appliance to CentOS Stream 8
CentOS Linux 8 is now EOL, so switch over to CentOS Stream 8.
* Sat Feb 05 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added API for BLS and systemd-boot support
Bootloaders implementing the Boot Loader Spec (BLS) are not
directly compatible with the original Bootloader Class design
in kiwi. Because of that an interface class which translates
the original API into calls following BLS was added. This allows
us to keep the implementations in the Builder classes and the
public BootLoader interface untouched. In addition to the BLS
API an implementation to support the systemd-boot loader is
part of this commit too.
An example type definition to use systemd-boot with an EFI
disk image type looks like the following:
<type image="oem" filesystem="xfs" firmware="efi" bootloader="systemd_boot" efipartsize="200"/>
The implementation uses bootctl and kernel-install tools
provided from systemd and expects a proper integration
of systemd-boot by the distribution maintainers
This Fixes #1935
* Fri Feb 04 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed handling of oem reboot settings
There are oem settings called oem-reboot, oem-reboot-interactive
as well as oem-shutdown and oem-shutdown-interactive. When used
the information is passed along to the profile but not evaluated
by any initrd code. I don't know where on the way we lost the
code that actually works with these settings but this commit
makes them effective. This Fixes #2056
* Thu Feb 03 2022 Dirk Müller <dirk@dmllr.de>
- treat armv8l as armv7hl
openSUSE switched from armv7hl buildworkers to aarch64 in 32bit mode
which identifies itself as "armv8l" in uname -m.
* Tue Feb 01 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.20 → 9.24.21
* Mon Jan 31 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed UUID used in grub early boot script
In case the system is luks encrypted the UUID of the root
partition was used in the grub early boot script. However,
this condition is only correct if in addition to the luks
encryption the boot area is on crypto too. If boot is not
on crypto the UUID must be the boot partition and not root.
Only if root AND boot is on crypto the kiwi created early
boot script includes the grub cryptomount calls.
* Sat Jan 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.19 → 9.24.20
* Sat Jan 29 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Followup fix for force deleting debian packages
The force uninstall deletes pre scripts prior removal
because if they fail the package will not be removed.
For a force uninstall we consider this ok. However,
the deletion of the scripts did not happen in the
image root. This patch fixes it
* Wed Jan 26 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Followup fix for force deleting debian packages
Pass --force-depends to allow uninstall even if the
dependency checker complains
* Tue Jan 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix use of xattrs for container sync
when syncing data for containers only a subset of xattr
attributes can be applied. This Fixes #2009
* Tue Jan 25 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.18 → 9.24.19
* Tue Jan 25 2022 Neal Gompa <ngompa@datto.com>
- Ensure SELinux labels are set based on the policy
When running kiwi from a filesystem tree that has custom labels applied
(such as when using kiwi from within a container on an SELinux-enabled
host), the filesystem labeling doesn't correctly apply on some files
and folders with a warning about the location being customized by
the administrator. This causes all kinds of strange results with
the built images and makes them unbootable.
To resolve this, tell setfiles to forcibly set files and folders
with the default context from the installed policy.
* Tue Jan 25 2022 Fabian Vogt <fvogt@suse.de>
- Extend and update documentation about /etc/machine-id setup
* Tue Jan 25 2022 Fabian Vogt <fvogt@suse.de>
- Fix ordered list in shell_scripts.rst
Ordered lists must be indented by three spaces, otherwise the numbering breaks.
* Mon Jan 24 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.17 → 9.24.18
* Mon Jan 24 2022 David Cassany <dcassany@suse.com>
- Fix ramdisk deployments from PXE
This commit fixes PXE deployments on ramdisk. In such cases the
former fix from df4e62a4 is not sufficient as there is no `root=`
parameter within the kernel cmd line and hence this logic is never
executed.
Signed-off-by: David Cassany <dcassany@suse.com>
* Fri Jan 21 2022 David Cassany <dcassany@suse.com>
- Update outdated PKGBUILD for Arch Linux
Signed-off-by: David Cassany <dcassany@suse.com>
* Fri Jan 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed unit test race condition
* Fri Jan 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed grub loader/entries setup
If called in non standard environments like an OBS worker
the grub tooling does not work correctly and produces invalid
results. For these cases kiwi provides a collection of fix_
methods to change the produced results. This commit covers
the invalid path in loader/entries/*.conf files pointing to
the kernel and the initrd as they exist in the image-root
directory. This results for example in settings like:
linux /usr/src/packages/KIWI-oem/build/image-root/boot/vmlinuz-5.14.0-43.el9.x86_64
when it should be:
linux /boot/vmlinuz-5.14.0-43.el9.x86_64
This Fixes #2038
* Fri Jan 21 2022 Fabian Vogt <fvogt@suse.de>
- Set /.snapshots subvolume to mode 0700 (bsc#1194992)
Avoid that users other than root can enter or even change the content.
This is what snapper does as well.
* Fri Jan 21 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed build_status helper output issue
Starting with CentOS stream 9 integration tests a new
layer in the project that builds it was added. This changed
the osc results output and messed up the build_status
helper output a bit. This commit fixes it
* Thu Jan 20 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix the uninstall(force) on Debian based dists
Packages marked for uninstall via <package name="delete|uninstall"/>
failed to become removed for several reasons. The way this was done
in kiwi did not work because dpkg needs to be called differently
and with some nasty pre-processing in order to allow for force
deletion. In force mode we also allow to remove packages marked as
essential. In gracefull uninstall mode this commit makes sure the
environment is prepared and does not fail for false-positive
reasons.
* Wed Jan 19 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added mail map
Added information about my private e-mail being the
successor for the work done when I was an employee
of SUSE
* Tue Jan 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow calling podman within chroot
Added helper functions and env preparation code
to allow calling podman from within a chroot. This
allows to run podman from e.g config.sh and also
inside of OBS workers
* Tue Jan 18 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fix requirements for kiwi-systemdeps-filesystems
Extend btrfs condition applying for EL8 to apply for EL9 too
* Fri Jan 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.16 → 9.24.17
* Fri Jan 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed image builds without kernel
If an image is build without a kernel kiwi fails due to
some code paths expecting the presence of kernel modules
and or kernel binaries. This commit fixes this and allows
creating an image without installing a kernel.
* Fri Jan 14 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added CentOS Stream 9 integration tests
* Thu Jan 13 2022 Fabian Vogt <fvogt@suse.de>
- Allow "uninitialized" as content of /etc/machine-id
According to machine-id(5), an empty file does not signal that this is the
first boot of the system. Instead, the file needs to be missing or contain
the string "uninitialized". A missing file does not work if the filesystem
is initially mounted read-only, so allow "uninitialized" as well, instead
of truncating it.
Improve the documentation of the method, e.g. dracut is not involved.
* Thu Jan 13 2022 Fabian Vogt <fvogt@suse.de>
- Fix booting GRUB submenu entries with hybrid images (linux/linuxefi)
Variables assigned with "set" are not visible in submenus for some reason.
Export $linux and $initrd, so that they also work in submenu entries.
Fixes bsc#1192523
* Thu Jan 13 2022 Fabian Vogt <fvogt@suse.de>
- Don't copy GRUB modules for EFI with secure boot enabled
When booting grub.efi with secure boot enabled, modules can't be loaded
and thus the grub.efi image needs to be complete. Save some space in live
images by not copying them into the ISO filesystem.
Fixes part of #1750
* Thu Jan 13 2022 Fabian Vogt <fvogt@suse.de>
- Don't include the ESP in the ISO9660 partition as well (#1750)
Previously the image for the ESP was created inside the source directory
for the ISO9660 filesystem, so it ended up there as well as a separate
partition. Fix that by creating it as a temporary file instead.
* Thu Jan 13 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Automate build-tests OBS service refresh
This commit provides a new github action which sends
API requests to the OBS api to refresh the source
services for the integration tests on the OBS server
side. This Fixes #1980
* Wed Jan 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added docker integration test for Ubuntu
* Wed Jan 12 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Update ubuntu integration test to Hirsute(21.04)
* Tue Jan 11 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Bump version: 9.24.15 → 9.24.16
* Sun Jan 09 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed regression in compression detection
The change from 282529de8f612dee32d54ee868c2365dcd829220
Introduced a bad regression. The assumption was made that the
xz tool could be used to detect if a file is compressed or not.
However, this requires the file to be locally present. In the
scope of the method call is_compressed() and within a remote
deployment e.g PXE this is not the case. Therefore the former
way to "detect" the compression according to the .xz postfix
of the source filename was restored. In addition the function
name was changed to is_xz_compressed() because that's what the
method can do and not more. This Fixes #2015
* Fri Jan 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Added debug option --debug-run-scripts-in-screen
Instead of running scripts in screen if the --debug switch is
set, we allow to explicitly switch on this behavior via
a new option. This Fixes #2010
* Fri Jan 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Change packages target for bootincludes
Packages marked with bootinclude="true" will be added to the
referenced kiwi boot image description if the initrd_system
is set to "kiwi" instead of "dracut". The package marked was
primarily added to the type="image" section and got only
added to the type="bootstrap" section if no image type section
existed. However, it has turned out that this approach has
the disadvantage that packages which must be installed as
part of the bootstraping (e.g certificates) cannot be handled.
This commit changes the behavior of the bootinclude to include
the package always to the type="bootstrap" section.
* Fri Jan 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Add GitHub workflow badges
* Fri Jan 07 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Fixed Codacy Badge
* Sun Jan 02 2022 Marcus Schäfer <marcus.schaefer@gmail.com>
- Allow firmware="custom" setting
The firmware attribute in kiwi is used to indicate for
which boot firmware the image should be build. Specifying
the target firmware is helpful to create for example the
correct disk layout. If no firmware is specified KIWI
decides for a default according to the image architecture.
This selection is not 100% accurate and as we don't know
the later target system. Especially for embedded devices
the correct disk layout and other settings can be
board specific and KIWI's default settings regarding the
firmware could be invalid. For compatibility reasons we
cannot switch off the default selection case and therefore
a new attribute value "custom" is introduced with this
commit. If set KIWI does not select any firmware and
consequently all settings caused by a firmware setup will
be skipped. On the other hand this means all needed
settings for the target to boot and not done by KIWI
needs to be specified explicitly and as needed.
* Sun Jan 02 2022 Neal Gompa <ngompa@datto.com>
- Add util-linux dep for -systemdeps-disk-images subpackage
Without this dependency, kiwi fails to work properly in minimal image
build environments, like in a mock chroot where util-linux is not installed.
/etc/kiwi.yml /usr/share/man/man8/kiwi.8.gz /usr/share/man/man8/kiwi::image::info.8.gz /usr/share/man/man8/kiwi::image::resize.8.gz /usr/share/man/man8/kiwi::result::bundle.8.gz /usr/share/man/man8/kiwi::result::list.8.gz /usr/share/man/man8/kiwi::system::build.8.gz /usr/share/man/man8/kiwi::system::create.8.gz /usr/share/man/man8/kiwi::system::prepare.8.gz /usr/share/man/man8/kiwi::system::update.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Oct 23 22:29:00 2025