Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Split products #822

Merged
merged 20 commits into from
Oct 31, 2023
Merged

Split products #822

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
b142ab9
change struct of agama.yaml
jreidinger Oct 20, 2023
0f192cb
Merge remote-tracking branch 'origin/master' into split_products
jreidinger Oct 24, 2023
7fa2c28
Reorganize products definition
jreidinger Oct 25, 2023
08598cb
add product reader and use it to read products
jreidinger Oct 25, 2023
3ad4008
adapt tests and in some case also prepare code
jreidinger Oct 26, 2023
a49fd9b
move products to top level
jreidinger Oct 30, 2023
eb3c692
fix tyypo
jreidinger Oct 30, 2023
b8606a5
add packaging files
jreidinger Oct 30, 2023
b3bc24c
add staging setup for new products
jreidinger Oct 30, 2023
0f96c01
adapt service package to move of ssl.conf
jreidinger Oct 30, 2023
1157292
make ruboopc happy
jreidinger Oct 30, 2023
c3932bc
Apply suggestions from code review
jreidinger Oct 30, 2023
f563c2f
replace allow_any_instance
jreidinger Oct 30, 2023
cbf275f
fix typo
jreidinger Oct 30, 2023
6577dda
more happy rubocop
jreidinger Oct 30, 2023
991c93d
Apply suggestions from code review
jreidinger Oct 31, 2023
f172fd9
changes from review
jreidinger Oct 31, 2023
b9bbdea
split opensuse products to separate files
jreidinger Oct 31, 2023
fa0d0c5
try to adapt integration tests
jreidinger Oct 31, 2023
7be5524
fix single product yaml
jreidinger Oct 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions service/conf.d/ssl.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
web:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to the content, cockpit.conf or web.conf could be a better name.

ssl: null
ssl_cert: null
ssl_key: null
342 changes: 0 additions & 342 deletions service/etc/agama.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,346 +1,4 @@
products:
ALP-Dolomite:
name: SUSE ALP Dolomite
description: 'SUSE ALP Dolomite is a minimum immutable OS core, focused on
security to provide the bare minimum to run workloads and services as
containers or virtual machines.'
Tumbleweed:
name: openSUSE Tumbleweed
description: 'The Tumbleweed distribution is a pure rolling release version
of openSUSE containing the latest "stable" versions of all software
instead of relying on rigid periodic release cycles. The project does
this for users that want the newest stable software.'
Leap16:
name: openSUSE Leap 16.0
archs: x86_64,aarch64
description: '[Experimental project] openSUSE Leap 16 is built on top of the next generation Adaptable Linux Platform (ALP) from SUSE.'

web:
ssl: null
ssl_cert: null
ssl_key: null

ALP-Dolomite:
software:
installation_repositories:
- url: https://updates.suse.com/SUSE/Products/ALP-Dolomite/1.0/x86_64/product/
archs: x86_64
- url: https://updates.suse.com/SUSE/Products/ALP-Dolomite/1.0/aarch64/product/
archs: aarch64
- url: https://updates.suse.com/SUSE/Products/ALP-Dolomite/1.0/s390x/product/
archs: s390
- url: https://updates.suse.com/SUSE/Products/ALP-Dolomite/1.0/ppc64le/product/
archs: ppc

mandatory_patterns:
- alp_base_zypper
- alp_cockpit
- alp_hardware
optional_patterns: null # no optional pattern shared
mandatory_packages:
- package: device-mapper # Apparently needed if devices at /dev/mapper are used at boot (eg. FDE)
- package: fde-tools # Needed for FDE with TPM, hardcoded here temporarily
archs: aarch64, x86_64
- package: libtss2-tcti-device0
- package: ppc64-diag # Needed for hardware-based installations
archs: ppc64
optional_packages: null
base_product: ALP-Dolomite

security:
tpm_luks_open: true
lsm: selinux
available_lsms:
# apparmor:
# patterns:
# - apparmor
selinux:
patterns:
- alp_selinux
policy: enforcing
none:
patterns: null

storage:
space_policy: delete
encryption:
method: luks2
pbkd_function: pbkdf2
volumes:
- "/"
volume_templates:
- mount_path: "/"
filesystem: btrfs
btrfs:
snapshots: true
read_only: true
default_subvolume: "@"
subvolumes:
- path: root
- path: home
- path: opt
- path: srv
- path: boot/writable
- path: usr/local
- path: var
copy_on_write: false
# Architecture specific subvolume
- path: boot/grub2/arm64-efi
archs: aarch64
- path: boot/grub2/i386-pc
archs: x86_64
- path: boot/grub2/powerpc-ieee1275
archs: ppc,!board_powernv
- path: boot/grub2/s390x-emu
archs: s390
- path: boot/grub2/x86_64-efi
archs: x86_64
size:
auto: true
outline:
required: true
filesystems:
- btrfs
snapshots_configurable: false
auto_size:
base_min: 5 GiB
base_max: 25 GiB
max_fallback_for:
- "/var"
- mount_path: "/var"
filesystem: btrfs
mount_options:
- "x-initrd.mount"
- "nodatacow"
size:
auto: false
min: 5 GiB
outline:
required: false
filesystems:
- btrfs

Tumbleweed:
software:
installation_repositories:
- url: https://download.opensuse.org/tumbleweed/repo/oss/
archs: x86_64
- url: https://download.opensuse.org/ports/aarch64/tumbleweed/repo/oss/
archs: aarch64
- url: https://download.opensuse.org/ports/zsystems/tumbleweed/repo/oss/
archs: s390
- url: https://download.opensuse.org/ports/ppc/tumbleweed/repo/oss/
archs: ppc
- url: https://download.opensuse.org/tumbleweed/repo/non-oss/
archs: x86_64
# aarch64 does not have non-oss ports. Keep eye if it change
- url: https://download.opensuse.org/ports/zsystems/tumbleweed/repo/non-oss/
archs: s390
- url: https://download.opensuse.org/ports/ppc/tumbleweed/repo/non-oss/
archs: ppc
- url: https://download.opensuse.org/update/tumbleweed/
archs: x86_64
- url: https://download.opensuse.org/ports/aarch64/update/tumbleweed/
archs: aarch64
- url: https://download.opensuse.org/ports/zsystems/update/tumbleweed/
archs: s390
- url: https://download.opensuse.org/ports/ppc/tumbleweed/repo/oss/
archs: ppc
mandatory_patterns:
- enhanced_base # only pattern that is shared among all roles on TW
optional_patterns: null # no optional pattern shared
mandatory_packages:
- NetworkManager
optional_packages: null
base_product: openSUSE

security:
lsm: apparmor
available_lsms:
apparmor:
patterns:
- apparmor
selinux:
patterns:
- selinux
policy: permissive
none:
patterns: null

storage:
space_policy: delete
volumes:
- "/"
- "swap"
volume_templates:
- mount_path: "/"
filesystem: btrfs
btrfs:
snapshots: true
read_only: false
default_subvolume: "@"
subvolumes:
- path: home
- path: opt
- path: root
- path: srv
- path: usr/local
# Unified var subvolume - https://lists.opensuse.org/opensuse-packaging/2017-11/msg00017.html
- path: var
copy_on_write: false
# Architecture specific subvolumes
- path: boot/grub2/arm64-efi
archs: aarch64
- path: boot/grub2/arm-efi
archs: arm
- path: boot/grub2/i386-pc
archs: x86_64
- path: boot/grub2/powerpc-ieee1275
archs: ppc,!board_powernv
- path: boot/grub2/s390x-emu
archs: s390
- path: boot/grub2/x86_64-efi
archs: x86_64
- path: boot/grub2/riscv64-efi
archs: riscv64
size:
auto: true
outline:
required: true
filesystems:
- btrfs
- ext2
- ext3
- ext4
- xfs
auto_size:
base_min: 5 GiB
base_max: 15 GiB
snapshots_increment: 250%
max_fallback_for:
- "/home"
snapshots_configurable: true
- mount_path: "swap"
filesystem: swap
size:
auto: false
min: 1 GiB
max: 2 GiB
outline:
required: false
filesystems:
- swap
- mount_path: "/home"
filesystem: xfs
size:
auto: false
min: 10 GiB
max: unlimited
outline:
required: false
filesystems:
- btrfs
- ext2
- ext3
- ext4
- xfs
- filesystem: xfs
size:
auto: false
outline:
required: false
filesystems:
- btrfs
- ext2
- ext3
- ext4
- xfs

Leap16:
software:
installation_repositories:
- url: https://download.opensuse.org/repositories/openSUSE:/Leap:/16.0/images/repo/Leap-16.0-x86_64-Media1/
archs: x86_64
- url: https://download.opensuse.org/repositories/openSUSE:/Leap:/16.0/images/repo/Leap-16.0-aarch64-Media1/
archs: aarch64
mandatory_patterns:
- alp_base
- alp_base_zypper
- alp_cockpit
- alp-container_runtime
- alp_defaults
optional_patterns: null # no optional pattern shared
mandatory_packages:
- package: device-mapper # Apparently needed if devices at /dev/mapper are used at boot (eg. FDE)
- package: fde-tools # Needed for FDE with TPM, hardcoded here temporarily
archs: aarch64, x86_64
- package: libtss2-tcti-device0
optional_packages: null
base_product: Leap16

security:
tpm_luks_open: true
lsm: selinux
available_lsms:
# apparmor:
# patterns:
# - apparmor
selinux:
patterns:
- alp_selinux
policy: enforcing
none:
patterns: null

storage:
space_policy: delete
encryption:
method: luks2
pbkd_function: pbkdf2
volumes:
- "/"
volume_templates:
- mount_path: "/"
filesystem: btrfs
btrfs:
snapshots: true
read_only: true
default_subvolume: "@"
subvolumes:
- path: root
- path: home
- path: opt
- path: srv
- path: boot/writable
- path: usr/local
- path: boot/grub2/arm64-efi
archs: aarch64
- path: boot/grub2/i386-pc
archs: x86_64
- path: boot/grub2/powerpc-ieee1275
archs: ppc,!board_powernv
- path: boot/grub2/s390x-emu
archs: s390
- path: boot/grub2/x86_64-efi
archs: x86_64
- path: var
copy_on_write: false
size:
auto: false
min: 5 GiB
outline:
required: true
filesystems:
- btrfs
snapshots_configurable: false
- filesystem: xfs
size:
auto: false
outline:
required: false
filesystems:
- btrfs
- ext2
- ext3
- ext4
- xfs
Loading
Loading