Daan De Meyer [Fri, 1 Dec 2023 10:22:21 +0000 (11:22 +0100)]
Move integration tests into python
Instead of vendor locking ourselves to Github Actions, let's move
the integration tests into python so we can run them locally and
on other CI systems.
We opt to use unittest style test cases so that we can have a
configurable base class that can be used for various integration
tests. Unfortunately, I haven't found a nice and type safe way to
make pytest fixtures configurable so we opt for unittest instead.
Note that while we use the subTest() feature of unittest, pytest
still considers test_boot() a single test because it doesn't support
this particular feature of unittest. Ideally we switch our test runner
to something else in the future which does support the subTest() feature.
We always run steps that can run unprivileged without privileges even
if we're running as root so that tests can be run locally with root
privileges without ending up with a bunch of files owned by root
afterwards.
Daan De Meyer [Wed, 29 Nov 2023 20:39:42 +0000 (21:39 +0100)]
Fix ImageId= docs
- We don't patch it into partition labels anymore
- We already patch os-release ourselves so let's not use it as an
example of what to do with $IMAGE_ID for users.
Joerg Behrmann [Tue, 21 Nov 2023 09:47:41 +0000 (10:47 +0100)]
util: make name and home of INVOKING_USER methods that cache their results
At test time, e.g. during reproducible builds, usernames are not guaranteed to
be resolvable, because NSS is deliberately broken. Hence, only try to resolve
either only if needed and cache the result, so it stays the same across
invocations.
This unfortunately can no longer be achieved by combining @classmethod with
@property, since the combination, which had only been allowed since Python 3.9,
was deprecated again in Python 3.11.
Use the main tool name in error when tool is not found
We would say that we cannnot find /usr/lib/systemd/ukify, which
is somewhat confusing, since we're looking for ukify in $PATH
first, and only for /usr/lib/systemd/ukify as a fallback.
This also avoids a second which call on the results of a which call.
Daan De Meyer [Tue, 28 Nov 2023 10:39:04 +0000 (11:39 +0100)]
Add microcode support
Let's make sure we add early CPIO initrds containing microcode when
building bootable images. To make early loading of microcode work, an
uncompressed initrd has to be prepended to the list of initrds containing
the microcode at a canonical location.
Daan De Meyer [Tue, 28 Nov 2023 09:38:01 +0000 (10:38 +0100)]
Do not trigger bwrap's max arg limit when running modinfo
We might potentially pass a lot of modules at once to modinfo which
could trigger bwrap's max argument limit so make sure to chunk things
up to avoid hitting the limit.
autologin: use a helper method to reduce boilerplate
I kept the generated option strings exactly the same. In some cases we
put the baud before the device name or placeholder, and in other cases in
the opposite order, but maybe there's some reason for this.
The unit file is changed to use just 'aggety' instead of the full path,
and the leading whitespace is dropped. Both things should have no effect,
but make the resulting file nicer to read.
Luca Boccassi [Sat, 18 Nov 2023 18:15:44 +0000 (18:15 +0000)]
ci: enable jammy-proposed-updates to get new libsolv
rawhide and tumbleweed now compress repodata with zstd which cannot be
handled by libsolv in jammy. Enable jammy-proposed to get new version
with the fix.
Joerg Behrmann [Thu, 16 Nov 2023 10:22:20 +0000 (11:22 +0100)]
Rename Compression.zst to Compression.zstd
But also leave a fallback Compression.zst with value "zstd" as a fallback in
case anybody used that. To test this we also change the construction of
Compression instances in test_config.py to use __get_item__ instead of __new__,
since that actually supports construction via the value and is also the one
actually used in config.py
Joerg Behrmann [Wed, 15 Nov 2023 11:23:36 +0000 (12:23 +0100)]
Post-release NEWS updates
This moves a few things further up to make them more prominent, like the
renaming of presets and the addition of profiles and also adds a the new esp
output format and a note about resolv.conf now needing WithNetwork=true to be
mapped during script runtime.
This is always a bit subjective, but I find a NEWS file much easier to read if
it's thematically organized. I think support for a new distro is important, so
put that first, then new verbs and options, then new configuration features,
and then all the other smaller changes.
Daan De Meyer [Thu, 9 Nov 2023 18:30:39 +0000 (19:30 +0100)]
Set ESP output minimum size based on sector size
Based on the sector size, a minimum size is required for FAT32 to
be bootable by OVMF. Instead of wasting space by always using 512MB,
let's set the minimum size based on the given sector size.
Daan De Meyer [Sun, 5 Nov 2023 13:00:59 +0000 (14:00 +0100)]
Add kernel-install plugin from mkosi-initrd
Let's support kernel-install natively in mkosi. This commit moves
the kernel-install plugin from mkosi-initrd into mkosi itself with
a few adaptations:
- We look for initrd configuration in /usr/lib/mkosi-initrd and
/etc/mkosi-initrd using "--include"
- We always include the host's kernel modules using --extra-tree
- We skip the mkosi-initrd plugin unless initrd_generator is
explicitly set to "mkosi-initrd". This allows the mkosi package
to be installed without also using it as the initrd generator if
initrd_generator is not configured explicitly.
This commit also extends the default fedora image to build the mkosi
rpm if the spec sources are mounted at rpm/ using BuildSources=. We
also configure the default image to use mkosi-initrd as the initrd
generator and ukify as the uki generator, so that running kernel-install
in the booted image will build a UKI using mkosi-initrd and ukify.
Daan De Meyer [Wed, 8 Nov 2023 12:37:33 +0000 (13:37 +0100)]
building rpms from source doc improvements
- Use env --chdir= instead of spawning a shell
- Document that scripts are executed in the same directory that
mkosi is running in and get rid of all uses of $SRCDIR and
$CHROOT_SRCDIR in favor of relative paths. We have to use $PWD
when actually building the rpm as some macros expect the topdir
to be an absolute path.
Daan De Meyer [Wed, 8 Nov 2023 11:29:39 +0000 (12:29 +0100)]
Use package manager specific subdirectories in the cache directory
We want to be able to set --cache-dir=/var/cache to automatically
reuse the system cache for each installed package manager, so let's
make sure we use the right subdirectories for each package manager
to make that work properly.
Daan De Meyer [Tue, 7 Nov 2023 21:10:47 +0000 (22:10 +0100)]
Add QemuDrives= option
This option allows specifying extra qemu drives to pass to qemu.
mkosi will create a file (optionally in the given directory) of
the given size and pass it to qemu via -drive, optionally with some
extra options.
Doing this in mkosi allows mkosi to automatically manage the lifetime
of the file backing the drive. We can create it as needed and remove it
when we exit.
Daan De Meyer [Tue, 7 Nov 2023 08:43:13 +0000 (09:43 +0100)]
Add BuildSourcesEphemeral= to the rpms from source doc.
rpmbuild with --build-in-place is a top offender when it comes to
writing files to the source directory, so let's suggest enabling
BuildSourcesEphemeral= in the building rpms from source doc.
Daan De Meyer [Mon, 6 Nov 2023 20:35:09 +0000 (21:35 +0100)]
Add BuildSourcesEphemeral=
Unfortunately there are use cases where it's useful to persist
changes to the source directory. A prime example is projects with
Makefile that do not provide a properly functioning `make install`.
The only way to use those with mkosi build scripts is to do an
in-tree build in the build script and then mounting the source
directory into the VM or container when booting it. For this to work
we need changes to the source directory to be persisted. To support
this use case, let's gate the ephemeral source directories behind an
option that's disabled by default (for backwards compatibitity reasons).
Daan De Meyer [Mon, 6 Nov 2023 13:04:26 +0000 (14:04 +0100)]
Make source directories ephemeral when running scripts
Various tools like to write to the source directory, which we want
to avoid. Let's make source directories ephemeral when running scripts
so tools can write to it as much as they want but we can throw away all
those changes when we're done running scripts.
Specifically, this makes running rpmbuild as documented in
docs/building-rpm-from-source.md a lot nicer as the source directory won't be
polluted with all manner of temporary files anymore.
Daan De Meyer [Mon, 6 Nov 2023 12:58:56 +0000 (13:58 +0100)]
Stop using workspace directories in source directories
Preparation for making source directories volatile while running
scripts. Overlapping overlayfs directories cause massive mayhem so
to keep our sanity, let's make sure the workspace directory is never
a subdirectory of any source directories.
XDG doesn't provide an equivalent of /var/tmp but when running in /home
we really want the workspace to be located in /home as well so we can use
reflinks if /home is a separate partition so we opt to use XDG_CACHE_HOME
or $HOME/.cache instead.
Daan De Meyer [Mon, 6 Nov 2023 10:28:16 +0000 (11:28 +0100)]
Fix mount_overlay() with multiple lowerdirs
Multiple lower directories are specified by delimiting with colons,
not by specifying the lowerdir= option multiple times. Also, the
lowerdirs are stacked right to left so make sure we reverse the given
list.
Daan De Meyer [Mon, 6 Nov 2023 14:40:19 +0000 (15:40 +0100)]
Fix RuntimeTrees=
We previously made the target path non-optional but this doesn't actually
work for RuntimeTrees=, where we need optional paths. So instead, let's
introduce ConfigTree to abstract the tree concept and have a class where
we can define methods on to make working with trees easier.
Daan De Meyer [Sun, 5 Nov 2023 12:15:50 +0000 (13:15 +0100)]
Use rpm to install rpms in building rpms from source doc
Let's get rid of an unnecessary indirection and just use rpm directly
to install the rpms we built in the previous step as all the dependencies
will be installed already and as such we don't need dnf.
Sharing of a directory for the (package) cache seems fine. The package manager
shall use subdirectories and/or unique file names, so there should be no
accidental conflict, and using the same cache directory allows the cache to be
reused when possible. OTOH, sharing of the directory for the build directory is
unlikely to be useful (since at least the configuration will usually be
different, so the build would generally mean rebuilding anything anyway), but
also the build system might not do cache invalidation strongly enough, leading
to inadvertetent sharing of build artifacts. Let's avoid the issue completely
but not sharing the build directory between different distributions releases or
architectures.
dnf5 is nice, but it has some issues, for example installation of rhel9
currently fails with some error about signature. Using dnf instead works around
the problem. Allow the user to override the selection using an environment
variable (or Environment=).
(We have the tools directory, but it doesn't help here because we want to use
'dnf' instead of 'dnf5' and not a different version of 'dnf5'.)
Daan De Meyer [Wed, 1 Nov 2023 11:49:52 +0000 (12:49 +0100)]
Fix incremental caching
- Make sure the distribution, release and architecture are also part
of the cache manifest
- Remove the output name from the cache key and use the distribution,
release, architecture and optionally image name instead.
- Use MkosiEncoder to serialize the cache manifest.
projects / thirdparty / mkosi.git / log
