diff --git a/src/cmd-buildextend-metal b/src/cmd-buildextend-metal index ff9f5990d0..6827ddc57b 100755 --- a/src/cmd-buildextend-metal +++ b/src/cmd-buildextend-metal @@ -139,6 +139,12 @@ cat image-default.json "${image_json}" | jq -s add > image-configured.json # We do some extra handling of the rootfs here; it feeds into size estimation. rootfs_type=$(jq -re .rootfs < image-configured.json) +deploy_container= +container_imgref=$(jq -r '.["container-imgref"]//""' < image-configured.json) +if test -n "${container_imgref}" || jq -re '.["deploy-via-container"]' < image-configured.json >/dev/null; then + deploy_container=ostree-unverified-image:oci-archive:$builddir/$(meta_key images.ostree.path) +fi + # fs-verity requires block size = page size. We need to take that into account # in the disk size estimation due to higher fragmentation on larger blocks. BLKSIZE="" @@ -204,6 +210,8 @@ cat >image-dynamic.json << EOF "osname": "${name}", "buildid": "${build}", "imgid": "${img}", + "deploy-container": "${deploy_container}", + "container-imgref": "${container_imgref}", "ostree-commit": "${commit}", "ostree-ref": "${ref}", "ostree-repo": "${ostree_repo}" diff --git a/src/create_disk.sh b/src/create_disk.sh index e83784f3eb..14339c3144 100755 --- a/src/create_disk.sh +++ b/src/create_disk.sh @@ -99,6 +99,8 @@ commit=$(getconfig "ostree-commit") ref=$(getconfig "ostree-ref") # We support not setting a remote name (used by RHCOS) remote_name=$(getconfig_def "ostree-remote" "") +deploy_container=$(getconfig "deploy-container" "") +container_imgref=$(getconfig "container-imgref" "") os_name=$(getconfig "osname") rootfs_size=$(getconfig "rootfs-size") buildid=$(getconfig "buildid") @@ -247,27 +249,47 @@ fi # Now that we have the basic disk layout, initialize the basic # OSTree layout, load in the ostree commit and deploy it. ostree admin init-fs --modern $rootfs +# Initialize the "stateroot" +ostree admin os-init "$os_name" --sysroot $rootfs + +# Propagate flags into target repository if [ "${rootfs_type}" = "ext4verity" ]; then ostree config --repo=$rootfs/ostree/repo set ex-fsverity.required 'true' fi -time ostree pull-local --repo $rootfs/ostree/repo "$ostree" "$commit" -if test -n "${remote_name}"; then - deploy_ref="${remote_name}:${ref}" - ostree refs --repo $rootfs/ostree/repo --create "${deploy_ref}" "${commit}" -else - deploy_ref=$commit -fi -ostree admin os-init "$os_name" --sysroot $rootfs + +# Compute kargs # Note that $ignition_firstboot is interpreted by grub at boot time, # *not* the shell here. Hence the backslash escape. allkargs="$extrakargs \$ignition_firstboot" -kargsargs="" -for karg in $allkargs -do - kargsargs+="--karg-append=$karg " -done -ostree admin deploy "${deploy_ref}" --sysroot $rootfs --os "$os_name" $kargsargs +if test -n "${deploy_container}"; then + kargsargs="" + for karg in $allkargs + do + kargsargs+="--karg=$karg " + done + rpm-ostree ex-container image deploy --imgref "${deploy_container}" \ + ${container_imgref:+--target-imgref $container_imgref} \ + --stateroot "$os_name" --sysroot $rootfs $kargsargs +else + # Pull the commit + time ostree pull-local --repo $rootfs/ostree/repo "$ostree" "$commit" + # Deploy it, using an optional remote prefix + if test -n "${remote_name}"; then + deploy_ref="${remote_name}:${ref}" + ostree refs --repo $rootfs/ostree/repo --create "${deploy_ref}" "${commit}" + else + deploy_ref=$commit + fi + kargsargs="" + for karg in $allkargs + do + kargsargs+="--karg-append=$karg " + done + ostree admin deploy "${deploy_ref}" --sysroot $rootfs --os "$os_name" $kargsargs +fi +# Note that at the current time, this only supports deploying non-layered +# container images; xref https://github.com/ostreedev/ostree-rs-ext/issues/143 deploy_root="$rootfs/ostree/deploy/${os_name}/deploy/${commit}.0" test -d "${deploy_root}" diff --git a/src/image-default.yaml b/src/image-default.yaml index 669425692d..4b871507a1 100644 --- a/src/image-default.yaml +++ b/src/image-default.yaml @@ -2,3 +2,7 @@ bootfs: "ext4" rootfs: "xfs" grub-script: "/usr/lib/coreos-assembler/grub.cfg" +# True if we should use `rpm-ostree ex-container image deploy` +deploy-via-container: false +# Set this to a target container reference, e.g. ostree-unverified-registry:quay.io/example/os:latest +# container-imgref: ""