diff --git a/Containerfile b/Containerfile index 592d5ad..3cd0136 100644 --- a/Containerfile +++ b/Containerfile @@ -1,12 +1,18 @@ FROM ghcr.io/cgwalters/c9s-oscore AS oscore -FROM docker.io/archlinux:latest AS builder - -RUN pacman --noconfirm -Sy arch-install-scripts ostree -RUN sed -i -e 's|^NoExtract.*||g' /etc/pacman.conf +FROM docker.io/opensuse/tumbleweed:latest AS builder RUN mkdir /newroot -RUN pacstrap -K /newroot base linux-zen linux-firmware ostree gptfdisk cryptsetup dosfstools xfsprogs +RUN zypper -n --gpg-auto-import-keys ar https://download.opensuse.org/tumbleweed/repo/oss/ oss +RUN zypper -n --gpg-auto-import-keys ar obs://home:smolsheep/openSUSE_Tumbleweed sheep +RUN zypper -n --gpg-auto-import-keys ref +RUN zypper -n in libostree libcap-progs + +# TODO: Remove +RUN zypper --root /newroot -n --gpg-auto-import-keys ar https://download.opensuse.org/tumbleweed/repo/oss/ oss +RUN zypper --root /newroot -n --gpg-auto-import-keys ar obs://home:smolsheep/openSUSE_Tumbleweed sheep +RUN zypper --root /newroot -n --gpg-auto-import-keys ref +RUN zypper --root /newroot -n in kernel-default systemd-boot zypper bash man vim shadow util-linux dosfstools openSUSE-release composefs bootc libostree libcap-progs RUN mv /newroot/home /newroot/var/ RUN ln -s var/home /newroot/home @@ -26,19 +32,18 @@ RUN ln -s var/srv /newroot/srv COPY ostree-0-integration.conf /newroot/usr/lib/tmpfiles.d/ -COPY --from=oscore /usr/bin/bootc /newroot/usr/bin/ -COPY --from=oscore /usr/lib/bootc /newroot/usr/lib/bootc - RUN mkdir -p /newroot/sysroot/ostree RUN ln -s sysroot/ostree /newroot/ostree RUN ostree --repo=/repo init --mode=bare RUN ostree --repo=/repo commit --orphan --tree=dir=/newroot --no-xattrs -# WORKAROUND: ERROR Creating ostree deployment: Performing deployment: Importing: Unencapsulating base: Importing commit: Invalid path (no parent) .lock RUN rm /repo/.lock RUN mv /repo /newroot/sysroot/ostree/ FROM scratch COPY --from=builder /newroot / + +RUN ln -s /usr/bin/true /usr/bin/dnf + LABEL ostree.bootable="true" diff --git a/README.md b/README.md index 10897db..f0dc770 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,13 @@ -# Arch Linux bootc container builder +# kamilyon -As root: +highly experimental pre-alpha-grade opensuse bootc tests. -```bash -./build -```` +## refs: -Current state: +* github.com/m1cha/bootc-archlinux: concept (and tooling) from which this entire repo is derived. +* github.com/cgwalters/c9s-oscore: ostree builder core image. +* github.com/osbuild/bootc-image-builder: image generator for bootc containers allowing installation into a vm. -```bash -# podman run --privileged --pid=host --net=none --security-opt label=type:unconfined_t bootc-arch bootc install --target-no-signature-verification /dev/sdb -Mounting devtmpfs -Initializing partitions -Creating filesystem -mke2fs 1.47.0 (5-Feb-2023) -Creating filesystem -Mounting /run/bootc/mounts/rootfs -Mounting /run/bootc/mounts/rootfs/boot -Creating ESP filesystem -Mounting /run/bootc/mounts/rootfs/boot/efi -Initializing ostree layout -Initializing sysroot -ostree/deploy/default initialized as OSTree root -Creating initial deployment -ERROR Creating ostree deployment: Performing deployment: Importing: Unencapsulating base: Importing commit: Expected commit object, not File -``` +## license + +cc0. if you want to credit someone, credit [m1cha](https://github.com/m1cha) and the [ostree team](https://github.com/ostreedev). ideally do not mention me at all. i do not wish to be perceived herein. diff --git a/build b/build index fc18ffe..6ab1f33 100755 --- a/build +++ b/build @@ -2,7 +2,7 @@ set -euo pipefail -image="localhost/bootc-arch:latest" +image="localhost/kamilyon:latest" podman build --net host --security-opt label=disable --cap-add all -f Containerfile --tag "$image" . @@ -12,4 +12,21 @@ diffid=$(podman inspect "$image" | jq -r '.[0].RootFS.Layers[-1]') echo "FROM $image" | podman build \ --label ostree.commit="$commit" \ --label ostree.final-diffid="$diffid"\ + --label containers.bootc="1" \ --tag "$image" - + +sudo podman run \ + --cap-add CAP_SYS_ADMIN \ + --rm \ + -it \ + --privileged \ + --pull=newer \ + --security-opt label=type:unconfined_t \ + -v $(pwd)/config.toml:/config.toml:ro \ + -v $(pwd)/output:/output \ + -v /var/lib/containers/storage:/var/lib/containers/storage \ + quay.io/centos-bootc/bootc-image-builder:latest \ + --type qcow2 \ + --local kamilyon:latest \ + --log-level debug \ + --rootfs xfs diff --git a/config.toml b/config.toml new file mode 100644 index 0000000..c3b144e --- /dev/null +++ b/config.toml @@ -0,0 +1,5 @@ +[[customizations.user]] +name = "arc" +password = "testsheep" +key = "" +groups = ["wheel"]