Changes:
- ensure that kernel and initrd are relative links
- add 'active_snap' variable to grub (managed by snapshotter)
- add 'root_subpath' variable to grub
- snapper can now be used on orange flavor (see notes)
Notes:
- 'active_snap' and 'root_subpath' allows grub to build a relative path to the kernel and initrd when btrfs_relative_path is not available.
- Snapper works on orange flavor, however it can take several minutes before the daemon initialize in active or passive mode. If elemental upgrade is invoked during this time it will fail.
* Isolating btrfs and snapper specific logic
Signed-off-by: David Cassany <dcassany@suse.com>
* Define a backend interface for btrfs snapshotter
This commit adds a backend interface in btrfs snapshotter. The interface
essentially wraps snapper and btrfs utilities.
The idea is make a pure btrfs implementation of the interface and
also a snapper based implementation.
The functions that snapper can't provide are simply managed by the btrfs
implementation.
Signed-off-by: David Cassany <dcassany@suse.com>
* Move snapper configuration to snapper backend
Signed-off-by: David Cassany <dcassany@suse.com>
* Implement btrfs backend
This commit implements the btrfs backend for the btrfs snapshotter
and moves all the logic of specific btrfs client calls there.
The backend interface is also refined for that purpose.
Signed-off-by: David Cassany <dcassany@suse.com>
* Make the btrfs snapshotter backend configurable
Signed-off-by: David Cassany <dcassany@suse.com>
* Add some method comment headers
Signed-off-by: David Cassany <dcassany@suse.com>
* Few small changes to facilitate testing
Signed-off-by: David Cassany <dcassany@suse.com>
* Add btrfs-backend unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
* Add snapper backend unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
* revert back to snapper for green example
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
* Add cloud-init paths of the new root in 'after-*' hooks
This commit enables to run the non chrooted 'after-*' hooks
included in the newly deployed image root. This specially applies to the
install, reset, upgrade and build-disk commands.
Moreover, 'after-disk' command now includes static reference paths to
the new root and working directory, so that those can be used within
the hooks regardless of the choosen output directory.
* Include arm-firwmare feature
This commit introduces an arm-firmware feature adding
the required after-* hooks to ensure the RPi firmware is
copied to the EFI partition.
It could be, eventually, extended to support other boards
and it does not harm systems which are not including RPi
firmware.
* Allow features to be passed as arguments
Signed-off-by: David Cassany <dcassany@suse.com>
The following warnings are fixed in the example flavors + cli
Dockerfile:
```
- StageNameCasing: Stage name 'TOOLKIT' should be lowercase (line 7)
- StageNameCasing: Stage name 'OS' should be lowercase (line 10)
- InvalidDefaultArgInFrom: Default value for ARG
${TOOLKIT_REPO}:${VERSION} results in empty or invalid base image name
(line 7)
- JSONArgsRecommended: JSON arguments recommended for CMD to prevent
unintended behavior related to OS signals (line 97)
- FromAsCasing: 'as' and 'FROM' keywords' casing do not match (line 4)
```
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Enable SELinux for tumbleweed and rename it to green
Signed-off-by: David Cassany <dcassany@suse.com>
* Disable SELinux on recovery and refine relabelling
Signed-off-by: David Cassany <dcassany@suse.com>
* Remove k3s-selinux, not needed for examples
Signed-off-by: David Cassany <dcassany@suse.com>
* Improve SELinux labelling
Signed-off-by: David Cassany <dcassany@suse.com>
* Fix unit tests
Signed-off-by: David Cassany <dcassany@suse.com>
---------
Signed-off-by: David Cassany <dcassany@suse.com>
* Implementation of Btrfs snapshotter
* Btrfs based examples
* Refined and adapt features
* Update build-disk to new snapshotter and prevent including State partition on expandable images
* Remove /oem bind mount in initramfs, already mounted by mount command
* Adapt unit tests
* Add mount command unit tests
* Make grubfallback test more generic
* Adding btrfs snapshotter unit tests and fixing default snapshotter config constructor
* Add utils test
* Fix upgrade ENV variables mapping
* Include transactional-update package in example
* Fix persistent bind mounts
* Make sure state is RW mounted upgrading from legacy
* Remove unused passive symlinks for loopdevice
* Fix upgrade from older version
Signed-off-by: David Cassany <dcassany@suse.com>
* Add mount command
The mount command mounts the system and is meant to run in an initrd to
actually mount the root filesystem and use systemd to switch-root into
it.
It also optionally writes an /etc/fstab file to the newly mounted
system so that systemd will mount the system after switching root.
The command is used in the new dracut module elemental-rootfs, which
will coexist with immutable-rootfs (they are functionally the same)
until immutable-rootfs can be deprecated.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add tmpfs overlay mount
Mounts a tmpfs to /run/elemental/overlay with size= flag set
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Examples use the new elemental-rootfs
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add persistent overlay mounts
Persistent mounts use the /run/elemental/persistent/.state directory to
store upper and work dirs.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add sentinel files
Write sentinel file (active_mode, passive_mode, recovery_mode) to
/run/cos or /run/elemental based on which kernel cmdline is used
(cos-img/filename or elemental.image)
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Read kernel cmdline for mount
This commit adds capabilities to the mount command to read configuration
from the kernel cmdline. The supported parameters are:
* elemental.disable + rd.cos.disable
* elemental.image + cos-img/filename
* elemental.oemlabel + rd.cos.oemlabel
In the new elemental.image parameter we can specify
active|passive|recovery instead of the path to the image.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Enable recovery booting and reset
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Load env vars
Currently supported:
* OVERLAY
* RW_PATHS
* PERSISTENT_STATE_PATHS
* PERSISTENT_STATE_BIND
Loaded from files (if they exist):
* /run/elemental/layout.env
* /run/cos/cos-layout.env
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Run rootfs stage inside mount command
Since the rootfs stage should be run between mounting the image and
mounting the rest of the system I added a call to RunStage that takes
care of this and then uses godotenv dependency to actually load
/run/elemental/layout.env and /run/cos/cos-layout.env.
This means the old way of generating layout files will still work with
the new mount-command.
The caveat here is that in the current implementation the rootfs stage
will run twice, once from the elemental-setup-rootfs service and once
from this command. I would say the easiest way forward is to remove the
elemental-setup-rootfs when switching to elemental-rootfs as the default
mounting module.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add persistent bind mounts
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add block overlay
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Use registry.opensuse.org for example images
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Minor changes to get tests working
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Fsck partitions before mounting
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Fix for fsck
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
More mount tests
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Comment mount example configuration
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Add elemental-setup services to elemental-rootfs
The elemental-setup and rootfs features are heavily dependent on each
other.
This commit copies the elemental-setup feature into elemental-rootfs,
and changes the mount-command to actually start the
elemental-setup-rootfs service during mount to not run the yip rootfs
stage twice.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Fix lint goconst
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add elemental-sysroot feature
The features elemental-sysroot, elemental-rootfs and elemental-setup are
used for mounting the root filesystem and all overlays.
elemental-sysroot is used for mounting state/recovery partition to
/run/elemental/state, and then mounting the image from the partition
based on kernel parameters.
elemental-setup actually runs the different stages of boot using
elemental run-stage command.
elemental-rootfs runs the 'elemental mount' command to mount tmpfs
overlays, persistent overlays and then writes the /etc/fstab to actually
mount when pivoting to the new root.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update sysroot, setup and rootfs dracut modules
This commit goes through the early systemd services run in dracut and
adds Wants,Before,Requires to each step to make them run during the
correct stage of the bootup (man dracut.bootup).
We also change all the /run/cos and /run/initramfs/cos-state to the new
/run/elemental and /run/initramfs/elemental-state directories.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Test compatibility
Tests still use /run/cos, this commit adds back
/run/cos/active|passive|recovery_mode files
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update to latest ele-testhelpers
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Forwards compatibility for immutable-rootfs feat
This commit makes the immutable-rootfs module forwards compatible with
the other changes in mount, elemental-sysroot and elemental-setup.
It uses the new elemental.image and elemental.oemlabel cmdline paramters
if found, otherwise falls back to the old parameters and also sets the
/run/elemental/active|passive|recovery_mode files.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update init features for green and tumbleweed
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Remove oem mounts from elemental-setup-initramfs
This should fix installer-tests in CI since the /oem might not exist
when booting from ISO.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add target for rpi disk
This commit adds a flavor for tumbleweed raspberry pi image that uses a
after-disk hook to copy firmware into the EFI partition.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add DOCKER_SOCK Makefile variable
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Rebase rpi example to leap
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add tumbleweed example
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add status badges for workflows to README
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update ele-testhelpers to latest commit
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* More documentation work
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Improve multi-arch handling
GRUB_ARCH can be calculated in runtime, this makes toolkit Dockerfile
and green-example Dockerfile able to be built with buildx
--platform=linux/amd64,linux/arm64 flag at the same time.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add arm64 workflow
This commit adds arm64 to the build-matrix for PRs and checks if the PR
is labeled with arm64 before running.
ARM64 tests are run on self-hosted runners while x86_64 tests are still
run on github macos-latest runners.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update documentation
Remove old usages of luet/luet-makeiso and channel.
Goes through the Examples and updates the usage to reflect the latest
changes of the toolkit.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Changes to golangci-config
Disable all linters by default and add back the current default ones.
This is done in order to prevent new default linters in the
golangci-lint to take effect without noticing.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Also push elemental-cli on release to ghcr.io
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
---------
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Changes to makefile and packer setup to make it easier to build arm64
and multi-platform images.
Should be able to run `make ARCH=arm64 build-example-iso packer` etc and just work.
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Add LUET_NOLOCK for example Dockerfile
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
* Update LUET_VERSION in examples
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Signed-off-by: Fredrik Lönnegren <fredrik.lonnegren@suse.com>
Fredrik Lönnegren