From d9132de50637da155657d841342671d5c382c333 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timoth=C3=A9e=20Ravier?= Date: Mon, 3 Jun 2024 18:57:57 +0200 Subject: [PATCH] manifests: Add initial c10s based variants See: https://github.com/openshift/os/issues/1466 --- README.md | 8 +-- c10s.repo | 63 +++++++++++++++++++++ extensions-c10s.yaml | 85 ++++++++++++++++++++++++++++ extensions-okd-c10s.yaml | 1 + image-c10s.yaml | 1 + image-okd-c10s.yaml | 1 + manifest-c10s.yaml | 27 +++++++++ manifest-okd-c10s.yaml | 116 +++++++++++++++++++++++++++++++++++++++ 8 files changed, 298 insertions(+), 4 deletions(-) create mode 100644 c10s.repo create mode 100644 extensions-c10s.yaml create mode 120000 extensions-okd-c10s.yaml create mode 120000 image-c10s.yaml create mode 120000 image-okd-c10s.yaml create mode 100644 manifest-c10s.yaml create mode 100644 manifest-okd-c10s.yaml diff --git a/README.md b/README.md index a37ab454..8b0be0cf 100644 --- a/README.md +++ b/README.md @@ -17,10 +17,10 @@ supported: - `ocp-rhel-9.4`: RHEL 9.4-based CoreOS; including OpenShift components. - `rhel-9.6`: RHEL 9.6-based CoreOS; without OpenShift components. - `ocp-rhel-9.6`: RHEL 9.6-based CoreOS; including OpenShift components. -- `c9s`: CentOS Stream-based CoreOS, without OKD components. -- `okd-c9s`: CentOS Stream-based CoreOS, including OpenShift components. This - currently includes some packages from RHEL because not all packages required - by OpenShift are provided in CentOS Stream. +- `c9s`/`c10s`: CentOS Stream-based CoreOS, without OKD components. +- `okd-c9s`/`okd-c10s`: CentOS Stream-based CoreOS, including OpenShift + components. This currently includes some packages from RHEL because not all + packages required by OpenShift are provided in CentOS Stream. In the future, the `ocp-*` variants will be removed. Instead, OpenShift components will be layered by deriving from the `rhel-9.4`/`c9s` images. diff --git a/c10s.repo b/c10s.repo new file mode 100644 index 00000000..f6917282 --- /dev/null +++ b/c10s.repo @@ -0,0 +1,63 @@ +[c10s-baseos] +name=CentOS Stream 10 - BaseOS +baseurl=https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/BaseOS/$basearch/os +gpgcheck=1 +repo_gpgcheck=0 +enabled=1 +gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-Official + +[c10s-appstream] +name=CentOS Stream 10 - AppStream +baseurl=https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/AppStream/$basearch/os +gpgcheck=1 +repo_gpgcheck=0 +enabled=1 +gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-Official + +# [c10s-extras-common] +# name=CentOS Stream 10 - Extras packages +# baseurl=https://mirror.stream.centos.org/SIGs/10-stream/extras/$basearch/extras-common +# gpgcheck=1 +# repo_gpgcheck=0 +# enabled=1 +# gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-SIG-Extras-SHA512 + +[c10s-nfv] +name=CentOS Stream 10 - NFV +baseurl=https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/NFV/$basearch/os +gpgcheck=1 +repo_gpgcheck=0 +enabled=1 +gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-Official + +[c10s-rt] +name=CentOS Stream 10 - RT +baseurl=https://composes.stream.centos.org/stream-10/production/latest-CentOS-Stream/compose/RT/$basearch/os +gpgcheck=1 +repo_gpgcheck=0 +enabled=1 +gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-Official + +# [c10s-sig-nfv] +# name=CentOS Stream 10 - SIG NFV +# baseurl=https://mirror.stream.centos.org/SIGs/10-stream/nfv/$basearch/openvswitch-2/ +# gpgcheck=1 +# repo_gpgcheck=0 +# enabled=1 +# gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-SIG-NFV + +# [c10s-sig-virtualization] +# name=CentOS Stream 10 - SIG Virtualization +# baseurl=https://mirror.stream.centos.org/SIGs/10-stream/virt/$basearch/kata-containers/ +# gpgcheck=1 +# repo_gpgcheck=0 +# enabled=1 +# gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-SIG-Virtualization + +# [c10s-sig-cloud-okd] +# name=CentOS Stream 10 - SIG Cloud OKD 4.15 +# baseurl=https://mirror.stream.centos.org/SIGs/10-stream/cloud/$basearch/okd-4.15/ +# gpgcheck=1 +# repo_gpgcheck=0 +# enabled=1 +# gpgkey=file:///usr/share/distribution-gpg-keys/centos/RPM-GPG-KEY-CentOS-SIG-Cloud diff --git a/extensions-c10s.yaml b/extensions-c10s.yaml new file mode 100644 index 00000000..1cd63d34 --- /dev/null +++ b/extensions-c10s.yaml @@ -0,0 +1,85 @@ +# RPMs as operating system extensions, distinct from the base ostree commit/image +# https://github.com/openshift/enhancements/blob/master/enhancements/rhcos/extensions.md +# and https://github.com/coreos/fedora-coreos-tracker/issues/401 + +# repos: +# - sig-virtualization + +extensions: + # https://issues.redhat.com/browse/RFE-4177 + # wasm: + # architectures: + # - x86_64 + # - aarch64 + # repos: + # - appstream + # packages: + # - crun-wasm + # https://github.com/coreos/fedora-coreos-tracker/issues/1504 + ipsec: + packages: + - libreswan + - NetworkManager-libreswan + # https://github.com/coreos/fedora-coreos-tracker/issues/326 + usbguard: + packages: + - usbguard + kerberos: + packages: + - krb5-workstation + - libkadm5 + # https://github.com/kmods-via-containers/kmods-via-containers/issues/3 + # https://gitlab.cee.redhat.com/coreos/redhat-coreos/merge_requests/866 + # These are currently overlaid onto the host so that they can be bind-mounted + # into build containers... in the future they should be a `development` + # extension: https://github.com/openshift/machine-config-operator/pull/2143. + kernel-devel: + packages: + - kernel-devel + - kernel-headers + match-base-evr: kernel + # These are already in the base, so they're not OS extensions, but they're + # useful to have in RPM form to install in kmod build containers. + kernel: + kind: development + packages: + - kernel + - kernel-core + - kernel-modules + - kernel-modules-extra + match-base-evr: kernel + # GRPA-2822 + # https://github.com/openshift/machine-config-operator/pull/1330 + # https://github.com/openshift/enhancements/blob/master/enhancements/support-for-realtime-kernel.md + kernel-rt: + architectures: + - x86_64 + repos: + - c10s-nfv + packages: + - kernel-rt-core + - kernel-rt-kvm + - kernel-rt-modules + - kernel-rt-modules-extra + - kernel-rt-devel + match-base-evr: kernel + # https://github.com/openshift/machine-config-operator/pull/2456 + # https://github.com/openshift/enhancements/blob/master/enhancements/sandboxed-containers/sandboxed-containers-tech-preview.md + # GRPA-3123 + # - kata-containers + # sandboxed-containers: + # architectures: + # - x86_64 + # repos: + # - sig-virtualization10 + # packages: + # - kata-containers + # https://issues.redhat.com/browse/COS-2402 + kernel-64k: + architectures: + - aarch64 + packages: + - kernel-64k-core + - kernel-64k-modules + - kernel-64k-modules-core + - kernel-64k-modules-extra diff --git a/extensions-okd-c10s.yaml b/extensions-okd-c10s.yaml new file mode 120000 index 00000000..d3c1820e --- /dev/null +++ b/extensions-okd-c10s.yaml @@ -0,0 +1 @@ +extensions-c10s.yaml \ No newline at end of file diff --git a/image-c10s.yaml b/image-c10s.yaml new file mode 120000 index 00000000..3abbf78c --- /dev/null +++ b/image-c10s.yaml @@ -0,0 +1 @@ +image-rhel-9.4.yaml \ No newline at end of file diff --git a/image-okd-c10s.yaml b/image-okd-c10s.yaml new file mode 120000 index 00000000..c423084c --- /dev/null +++ b/image-okd-c10s.yaml @@ -0,0 +1 @@ +image-c10s.yaml \ No newline at end of file diff --git a/manifest-c10s.yaml b/manifest-c10s.yaml new file mode 100644 index 00000000..c2287b2b --- /dev/null +++ b/manifest-c10s.yaml @@ -0,0 +1,27 @@ +# Manifest for CentOS Stream CoreOS 10 + +rojig: + license: MIT + name: scos + summary: CentOS Stream CoreOS 10 + +variables: + osversion: "c10s" + +# Include manifests common to all RHEL and CentOS Stream versions +include: + - common.yaml + +repos: + - c10s-baseos + - c10s-appstream + +# Eventually we should try to build these images as part of the c9s composes. +# In that case, the versioning should instead be exactly the same as the pungi +# compose ID. +automatic-version-prefix: "10." + +mutate-os-release: "10" + +packages: + - centos-stream-release diff --git a/manifest-okd-c10s.yaml b/manifest-okd-c10s.yaml new file mode 100644 index 00000000..4489de24 --- /dev/null +++ b/manifest-okd-c10s.yaml @@ -0,0 +1,116 @@ +# Manifest for OKD node based on CentOS Stream CoreOS 1à +# Note: this manifest is temporary; in the future, OKD components will be layered instead. + +rojig: + license: MIT + name: scos + summary: OKD 4.17 + +variables: + osversion: "c10s" + +include: + - manifest-c10s.yaml + - packages-openshift.yaml + +# Additional repos we need for OKD components +repos: + # For containernetworking-plugins for cri-o + - rhel-9.4-appstream + # CentOS Extras Common repo for SIG RPM GPG keys + # - c10s-extras-common + # CentOS NFV SIG repo for openvswitch + # - c10s-sig-nfv + # For openvswitch + - rhel-9.4-fast-datapath + # CentOS Cloud SIG repo for cri-o, cri-tools and conmon-rs + # - c10s-sig-cloud-okd + # Include RHCOS 9 repo for oc, hyperkube + - rhel-9.4-server-ose-4.17 + +# We include hours/minutes to avoid version number reuse +automatic-version-prefix: "417.10." +# This ensures we're semver-compatible which OpenShift wants +automatic-version-suffix: "-" +# Keep this is sync with the version in postprocess +mutate-os-release: "4.17" + +postprocess: + - | + #!/usr/bin/env bash + set -xeo pipefail + + # Tweak /usr/lib/os-release + grep -v -e "OSTREE_VERSION" -e "OPENSHIFT_VERSION" /etc/os-release > /usr/lib/os-release.stream + ( + . /etc/os-release + cat > /usr/lib/os-release < /usr/lib/system-release-cpe < /usr/lib/system-release < /usr/lib/issue <