--- /dev/null
+# SPDX-License-Identifier: LGPL-2.1+
+
+from collections.abc import Iterable
+from pathlib import Path
+from typing import Any, Optional
+
+from mkosi.distributions import centos
+from mkosi.installer.dnf import Repo
+from mkosi.log import die
+from mkosi.state import MkosiState
+
+
+class Installer(centos.Installer):
+ @classmethod
+ def pretty_name(cls) -> str:
+ return "RHEL"
+
+ @staticmethod
+ def gpgurls(state: MkosiState) -> tuple[str, ...]:
+ return ("https://access.redhat.com/security/data/fd431d51.txt",)
+
+ @staticmethod
+ def sslcacert(state: MkosiState) -> Optional[Path]:
+ if state.config.mirror:
+ return None
+
+ p = Path("etc/rhsm/ca/redhat-uep.pem")
+ if (state.pkgmngr / p).exists():
+ p = state.pkgmngr / p
+ elif (Path("/") / p).exists():
+ p = Path("/") / p
+ else:
+ die("redhat-uep.pem certificate not found in host system or package manager tree")
+
+ return p
+
+ @staticmethod
+ def sslclientkey(state: MkosiState) -> Optional[Path]:
+ if state.config.mirror:
+ return None
+
+ pattern = "etc/pki/entitlement/*-key.pem"
+
+ p = next((p for p in sorted(state.pkgmngr.glob(pattern))), None)
+ if not p:
+ p = next((p for p in Path("/").glob(pattern)), None)
+ if not p:
+ die("Entitlement key not found in host system or package manager tree")
+
+ return p
+
+ @staticmethod
+ def sslclientcert(state: MkosiState) -> Optional[Path]:
+ if state.config.mirror:
+ return None
+
+ pattern = "etc/pki/entitlement/*.pem"
+
+ p = next((p for p in sorted(state.pkgmngr.glob(pattern)) if "key" not in p.name), None)
+ if not p:
+ p = next((p for p in sorted(Path("/").glob(pattern)) if "key" not in p.name), None)
+ if not p:
+ die("Entitlement certificate not found in host system or package manager tree")
+
+ return p
+
+ @classmethod
+ def repository_variants(cls, state: MkosiState, repo: str) -> Iterable[Repo]:
+ if state.config.local_mirror:
+ yield Repo(repo, f"baseurl={state.config.local_mirror}", cls.gpgurls(state))
+ else:
+ mirror = state.config.mirror or "https://cdn.redhat.com/content/dist/"
+
+ common: dict[str, Any] = dict(
+ gpgurls=cls.gpgurls(state),
+ sslcacert=cls.sslcacert(state),
+ sslclientcert=cls.sslclientcert(state),
+ sslclientkey=cls.sslclientkey(state),
+ )
+
+ v = state.config.release
+ major = int(float(v))
+ yield Repo(
+ f"rhel-{v}-{repo}-rpms",
+ f"baseurl={centos.join_mirror(mirror, f'rhel{major}/{v}/$basearch/{repo}/os')}",
+ enabled=True,
+ **common,
+ )
+ yield Repo(
+ f"rhel-{v}-{repo}-debug-rpms",
+ f"baseurl={centos.join_mirror(mirror, f'rhel{major}/{v}/$basearch/{repo}/debug')}",
+ enabled=False,
+ **common,
+ )
+ yield Repo(
+ f"rhel-{v}-{repo}-source",
+ f"baseurl={centos.join_mirror(mirror, f'rhel{major}/{v}/$basearch/{repo}/source')}",
+ enabled=False,
+ **common,
+ )
+
+ @classmethod
+ def repositories(cls, state: MkosiState, release: int) -> Iterable[Repo]:
+ yield from cls.repository_variants(state, "baseos")
+ yield from cls.repository_variants(state, "appstream")
+ yield from cls.repository_variants(state, "codeready-builder")
+ yield from cls.epel_repositories(state)
import textwrap
from collections.abc import Iterable
from pathlib import Path
-from typing import NamedTuple
+from typing import NamedTuple, Optional
from mkosi.run import apivfs_cmd, bwrap
from mkosi.state import MkosiState
url: str
gpgurls: tuple[str, ...]
enabled: bool = True
+ sslcacert: Optional[Path] = None
+ sslclientkey: Optional[Path] = None
+ sslclientcert: Optional[Path] = None
def dnf_executable(state: MkosiState) -> str:
)
)
+ if repo.sslcacert:
+ f.write(f"sslcacert={repo.sslcacert}\n")
+ if repo.sslclientcert:
+ f.write(f"sslclientcert={repo.sslclientcert}\n")
+ if repo.sslclientkey:
+ f.write(f"sslclientkey={repo.sslclientkey}\n")
+
for i, url in enumerate(repo.gpgurls):
f.write("gpgkey=" if i == 0 else len("gpgkey=") * " ")
f.write(f"{url}\n")
: The distribution to install in the image. Takes one of the following
arguments: `fedora`, `debian`, `ubuntu`, `arch`, `opensuse`, `mageia`,
- `centos`, `rhel-ubi`, `openmandriva`, `rocky`, `alma`, `custom`.
- If not specified, defaults to the distribution of the host or `custom`
- if the distribution of the host is not a supported distribution.
+ `centos`, `rhel`, `rhel-ubi`, `openmandriva`, `rocky`, `alma`,
+ `custom`. If not specified, defaults to the distribution of the host
+ or `custom` if the distribution of the host is not a supported
+ distribution.
`Release=`, `--release=`, `-r`
* *CentOS*
+* *RHEL*
+
* *RHEL UBI*
* *OpenMandriva*
Currently, *Fedora Linux* packages all relevant tools as of Fedora 28.
+Note that when not using a custom mirror, `RHEL` images can only be
+built from a host system with a `RHEL` subscription (established using
+e.g. `subscription-manager`).
+
# Execution Flow
Execution flow for `mkosi build`. Default values/calls are shown in parentheses.
projects / thirdparty / mkosi.git / commitdiff
