Skip to content

Install config verity prep#1068

Merged
cgwalters merged 7 commits intobootc-dev:mainfrom
cgwalters:install-config-verity-prep
Feb 3, 2025
Merged

Install config verity prep#1068
cgwalters merged 7 commits intobootc-dev:mainfrom
cgwalters:install-config-verity-prep

Conversation

@cgwalters
Copy link
Collaborator

@cgwalters cgwalters commented Feb 1, 2025

Prep for #935

@github-actions github-actions bot added the area/install Issues related to `bootc install` label Feb 1, 2025
@cgwalters cgwalters force-pushed the install-config-verity-prep branch 4 times, most recently from f684da3 to b067d67 Compare February 2, 2025 22:32
@cgwalters
build: Handle dnf5 in Fedora
292d9e1 
Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
Improve parsing of ostree prepare-root config
2b175ad 
Prep for further work.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
install: Parse and load the prepare-root config
a2a5a7c 
Prep for using this to determine fsverity.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
build-sys: Rework vendoring for source archive
58fa21e 
In preparation for vendoring composefs-rs from git.
Basically before, things work fine when we're just vendoring
from crates.io, but fall over when we add a git dependency.
The Fedora `cargo_prep` macro writes a hardcoded `.cargo/config.toml`
which only has a replacement for `crates.io`, but we need
the generated replacement for git too which is output by
`cargo vendor-filterer` - which previously we were
discarding.

This was surprisingly difficult!

- Capture the output of `vendor-filterer`
- Work around a bug where it puts a broken `directory` path in
  the generated TOML
- Insert that as a new `vendor-config.toml` in our source
- Do use `cargo_prep` to init the RPM config in the spec,
  but re-inject our vendor config appended to that one.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
packit: Disable rhel-9 until 9.6
1208f4d 
We require a newer Rust. TODO re-enable post 9.6

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
tree: Cleanup and bump rust-version to 1.82
c947f0a 
To match composefs-rs.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters
lib: Depend on composefs-rs
cca41fb 
And expose some fsverity helpers. This is just to get the
ball rolling on integration.

Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters cgwalters force-pushed the install-config-verity-prep branch from b067d67 to cca41fb Compare February 3, 2025 14:10
@cgwalters
Copy link
Collaborator Author

cgwalters commented Feb 3, 2025

Man, this has been a crazy chain of things I hit. The vendoring thing was surprisingly complicated. But OK, now the latest thing is that composefs-rs's MSRV is newer than what's in RHEL9.5 (not C9S, so we know we're good for 9.6+).

jmarrero
jmarrero approved these changes Feb 3, 2025
View reviewed changes
Copy link
Contributor

@jmarrero jmarrero left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@cgwalters cgwalters merged commit 63f49d3 into bootc-dev:main Feb 3, 2025
23 checks passed
@jeckersb jeckersb mentioned this pull request Feb 18, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmarrero jmarrero jmarrero approved these changes

Assignees

No one assigned

Labels

area/install Issues related to `bootc install`

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@cgwalters @jmarrero