Migrate disk image building to systemd-repart

.github/mkosi.extra/usr/lib/systemd/mkosi-check-and-shutdown.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+# SPDX-License-Identifier: LGPL-2.1-or-later
+set -eux
+
+systemctl --failed --no-legend | tee /failed-services
+
+# Exit with non-zero EC if the /failed-services file is not empty (we have -e set)
+[[ ! -s /failed-services ]]
+
+: >/testok

.github/mkosi.extra/usr/lib/systemd/system/mkosi-check-and-shutdown.service

@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+[Unit]
+Description=Check if any service failed and then shut down the machine
+After=multi-user.target network-online.target
+Requires=multi-user.target
+OnFailure=poweroff.target
+OnFailureJobMode=replace-irreversibly
+
+[Service]
+Type=oneshot
+ExecStartPre=rm -f /failed-services /testok
+ExecStart=/usr/lib/systemd/mkosi-check-and-shutdown.sh
+ExecStartPost=systemctl poweroff --no-block

.github/workflows/ci.yml

@@ -119,8 +119,7 @@ jobs:
           - directory
           - tar
           - cpio
-          - gpt_ext4
-          - plain_squashfs
+          - disk
 
     steps:
     - uses: actions/checkout@v2
@@ -130,7 +129,7 @@ jobs:
       run: sudo apt-get update && sudo apt-get install --no-install-recommends python3-pexpect python3-pytest
 
     - name: Install Gentoo dependencies (portage)
-      if: ${{ matrix.distro == 'gentoo' }}
+      if: matrix.distro == 'gentoo'
       run: |
         sudo tee /usr/lib/sysusers.d/acct-user-portage.conf > /dev/null <<- EOF
         # /usr/lib/sysusers.d/portage.conf
@@ -163,7 +162,7 @@ jobs:
     - name: Install
       run: sudo python3 -m pip install .
 
-    - name: Build/Boot ${{ matrix.distro }}/${{ matrix.format }}
+    - name: Configure ${{ matrix.distro }}/${{ matrix.format }}
       run: |
         mkdir -p mkosi.conf.d
 
@@ -173,6 +172,18 @@ jobs:
 
         [Output]
         Format=${{ matrix.format }}
+        Bootable=yes
+        KernelCommandLine=systemd.unit=mkosi-check-and-shutdown.service
+                          !quiet
+                          systemd.log_target=console
+                          systemd.default_standard_output=journal+console
+
+        [Host]
+        Autologin=yes
+        QemuHeadless=yes
+
+        [Content]
+        ExtraTrees=.github/mkosi.extra
         EOF
 
         mkdir -p mkosi.skeleton/etc/portage
@@ -182,46 +193,29 @@ jobs:
         sync-uri = https://raw.githubusercontent.com/257/binpkgs/main
         EOF
 
-        sudo MKOSI_TEST_DEFAULT_VERB=boot python3 -m pytest --exitfirst -m integration -sv tests
+    - name: Build ${{ matrix.distro }}/${{ matrix.format }}
+      run: sudo python3 -m mkosi build
 
-    - name: Build ${{ matrix.distro }}/${{ matrix.format }} UsrOnly
-      run: |
-        tee mkosi.conf <<- EOF
-        [Output]
-        UsrOnly=True
-        EOF
+    - name: Boot ${{ matrix.distro }}/${{ matrix.format }} systemd-nspawn
+      if: matrix.format == 'disk' || matrix.format == 'directory'
+      run: sudo python3 -m mkosi boot
 
-        sudo mkosi --force build
+    - name: Check ${{ matrix.distro }}/${{ matrix.format }} systemd-nspawn
+      if: matrix.format == 'disk' || matrix.format == 'directory'
+      run: sudo python3 -m mkosi shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }"
 
-    - name: Build/Boot ${{ matrix.distro }}/${{ matrix.format }} UEFI UKI
-      run: |
-        tee mkosi.conf <<- EOF
-        [Host]
-        QemuBoot=uefi
-        EOF
+    - name: Boot ${{ matrix.distro }}/${{ matrix.format }} UEFI
+      if: matrix.format == 'disk'
+      run: sudo timeout -k 30 10m python3 -m mkosi --qemu-boot=uefi qemu
 
-        sudo MKOSI_TEST_DEFAULT_VERB=qemu python3 -m pytest --exitfirst -m integration -sv tests
+    - name: Check ${{ matrix.distro }}/${{ matrix.format }} UEFI
+      if: matrix.format == 'disk' || matrix.format == 'directory'
+      run: sudo python3 -m mkosi shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }"
 
-    - name: Build/Boot ${{ matrix.distro }}/${{ matrix.format }} UEFI
-      run: |
-        tee mkosi.conf <<- EOF
-        [Output]
-        WithUnifiedKernelImages=no
-
-        [Host]
-        QemuBoot=uefi
-        EOF
-
-        sudo MKOSI_TEST_DEFAULT_VERB=qemu python3 -m pytest --exitfirst -m integration -sv tests
-
-    - name: Build/Boot ${{ matrix.distro }}/${{ matrix.format}} QEMU Linux Boot
-      run: |
-        tee mkosi.conf <<- EOF
-        [Output]
-        WithUnifiedKernelImages=no
-
-        [Host]
-        QemuBoot=linux
-        EOF
+    - name: Boot ${{ matrix.distro }}/${{ matrix.format}} QEMU Linux Boot
+      if: matrix.format == 'disk'
+      run: sudo timeout -k 30 10m python3 -m mkosi --qemu-boot=linux qemu
 
-        sudo MKOSI_TEST_DEFAULT_VERB=qemu python3 -m pytest --exitfirst -m integration -sv tests
+    - name: Check ${{ matrix.distro }}/${{ matrix.format }} QEMU Linux Boot
+      if: matrix.format == 'disk' || matrix.format == 'directory'
+      run: sudo python3 -m mkosi shell bash -c "[[ -e /testok ]] || { cat /failed-services; exit 1; }"

NEWS.md

@@ -6,6 +6,28 @@
   current behaviour.
 - Add `--idmap` option to run `--systemd-nspawn` with ID mapping support. Defaults
   to `True`. `--idmap=no` can be used to prevent usage of ID mapping.
+- Migrated to systemd-repart. Many options are dropped in favor of specifying them directly
+  in repart partition definition files:
+    - Format=gpt_xxx options are replaced with a single "disk" options. Filesystem to use can now be specified with repart's Format= option
+    - Format=plain_squashfs (Can be reproduced by a single repart squashfs
+    root partition combined with SplitArtifacts=yes)
+    - Verity= (Replaced by repart's Verity= options)
+    - Encrypt= (Replaced by repart's Encrypt= option)
+    - RootSize=, HomeSize=, VarSize=, TmpSize=, ESPSize=, SwapSize=, SrvSize=
+    (Replaced by repart's size options)
+    - UsrOnly= (replaced with `CopyFiles=/:/usr` in a usr partition definition)
+    - OutputSplitRoot=, OutputSplitVerity=, (Replaced by repart's SplitName= option)
+    - OutputSplitKernel= (UKI is now always written to its own output file)
+    - GPTFirstLBA (Removed, no equivalent in repart)
+    - ReadOnly= (Replaced by repart's ReadOnly= option per partition)
+    - Minimize= (Replaced by repart's Minimize= option per partition)
+    - CompressFs= (No equivalent in repart, can be replicated by replacing mkfs.<fs>
+    in $PATH with a script that adds the necessary command line option)
+    - MkSquashfs= (Can be replaced with a script in $PATH that invokes
+    the correct binary)
+
+    We also remove the WithoutUnifiedKernelImages= switch as building unified
+    kernel images is trivial and fast these days.
 
 ## v14
 
@@ -72,18 +94,6 @@
   you weren't relying on this file to configure any network interfaces other
   than the tun/tap virtio-net interface created by mkosi when booting the image
   in QEMU with the `--netdev` option. If you were relying on this config file
-  to configure other interfaces, you'll have to re-create it with the correct
-  match and a lower initial number in the filename to make sure
-  `systemd-networkd` will keep configuring your interface, e.g. via the
-  `mkosi.skeleton` or `mkosi.extra` trees or a `mkosi.postinst` script.
-- The `kernel-install` script for building unified kernel images has been
-  removed. From v13 onwards, on systems using `kernel-install`, `mkosi` won't
-  automatically build new unified kernel images when a kernel is updated or
-  installed. To keep the old behavior, you can install the `kernel-install`
-  script manually via a skeleton tree; a copy can be found
-  [here](https://github.com/systemd/mkosi/blob/3798eb0c2ebcdf7dac207a559a3cb5a65cdb77b0/mkosi/resources/dracut_unified_kernel_install.sh).
-- New `QemuKvm` option configures whether to use KVM when running `mkosi qemu`.
-- `mkosi` will not default to the same OS release as the host system anymore
   when the host system uses the same distribution as the image that's being
   built. Instead, when no release is specified, mkosi will now always default
   to the default version embedded in mkosi itself.

action.yaml

@@ -24,25 +24,31 @@ runs:
         e2fsprogs \
         xfsprogs \
         squashfs-tools \
-        btrfs-progs
+        btrfs-progs \
+        mtools
 
       sudo pacman-key --init
       sudo pacman-key --populate archlinux
 
-  # Try to eliminate "Failed to dissect image: Connection timed out" errors from nspawn by compiling
-  # systemd-nspawn from v251 from source.
-  - name: Update systemd-nspawn
+  - name: Update systemd
     shell: bash
     working-directory: ${{ github.action_path }}
     run: |
       echo "deb-src http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs) main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list
       sudo apt-get update
       sudo apt-get build-dep systemd
-      git clone https://github.com/systemd/systemd-stable --branch v251.2 --depth=1
-      meson systemd-stable/build systemd-stable
-      ninja -C systemd-stable/build systemd-nspawn
-      sudo ln -svf $PWD/systemd-stable/build/systemd-nspawn $(which systemd-nspawn)
+      sudo apt-get install libfdisk-dev
+      git clone https://github.com/systemd/systemd --depth=1
+      meson systemd/build systemd -Drepart=true -Defi=true
+      ninja -C systemd/build systemd-nspawn systemd-dissect systemd-repart bootctl
+      sudo ln -svf $PWD/systemd/build/systemd-nspawn /usr/bin/systemd-nspawn
+      sudo ln -svf $PWD/systemd/build/systemd-dissect /usr/bin/systemd-dissect
+      sudo ln -svf $PWD/systemd/build/systemd-repart /usr/bin/systemd-repart
+      sudo ln -svf $PWD/systemd/build/bootctl /usr/bin/bootctl
       systemd-nspawn --version
+      systemd-dissect --version
+      systemd-repart --version
+      bootctl --version
 
   - name: Install
     shell: bash