ART-14453: Use rpm-ostree install directly in legacy build pipeline#1935
ART-14453: Use rpm-ostree install directly in legacy build pipeline#1935locriandev wants to merge 7 commits into
Conversation
|
@locriandev: GitHub didn't allow me to request PR reviews from the following users: openshift/team-coreos. Note that only openshift members and repo collaborators can review this PR, and authors cannot review their own PRs. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
locriandev
changed the title
openshift-ci-robot
added
the
jira/valid-reference
|
@locriandev: This pull request references ART-14453 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "5.0.0" version, but no target version was set. DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Maybe we should go one step further and use dnf directly? |
|
Something is off here: |
|
@travier Thanks for the feedback! Re: dnf adoptionI have not strong opinions on this, as I understand it the adoption of rpm-ostree install came out as a suggestion from last meeting's notes. Re: the repo 401 errorsGood catch! The issue was that I've pushed a fix (a4808ee) that disables repos not matching the current OS version:
This should resolve the 401 errors. |
|
Thank you for working on this. I've done some review and have some local changes, but also see there are some things that need to change in this repo before we land this. I've opened #1936 for that. Once that merges I can rebase this and also add a commit or two on top to simplify the repo management if that is OK with you. |
|
#1936 has been merged. Can you rebase this one? |
openshift-ci
Bot
added
the
needs-rebase
locriandev
force-pushed
the
rpm-ostree-install-legacy
branch
from
a4808ee to
fdca987
Compare
openshift-ci
Bot
removed
the
needs-rebase
Replace rpm-ostree experimental compose treefile-apply with direct rpm-ostree install and inline postprocess steps. This aligns the legacy build-node-image.sh with the Konflux approach while maintaining support for SCOS/OKD variant detection. Changes: - Replace treefile-apply with rpm-ostree install command - Move all postprocess steps from packages-openshift.yaml inline - Remove packages-openshift.yaml (no longer needed) - Keep OPENSHIFT_VERSION=5.0 for master branch - Preserve SCOS/OKD detection using ID and VERSION_ID heuristic Related: openshift#1932 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> rh-pre-commit.version: 2.3.2 rh-pre-commit.check-secrets: ENABLED
When using rpm-ostree install directly, all repos from ci/get-ocp-repo.sh (which fetches both rhel-9 and rhel-10.2 repos) were being accessed, causing 401 errors when trying to access repos for the wrong OS version. This commit adds logic to disable repos that don't match the current OS: - rhel-9.8 builds: disable rhel-10.2 and centos repos - rhel-10.2 builds: disable rhel-9 and centos repos - centos-10 builds: disable all rhel repos This replicates the conditional-include logic from packages-openshift.yaml. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> rh-pre-commit.version: 2.3.2 rh-pre-commit.check-secrets: ENABLED
This way when we update for newer releases we don't need to update the script, but just the build-args. In other words, this keeps the definitions for things out of the script.
Help explain a bit more what they are used for.
We don't really need the `10` conditional.
If we mount the secret.repo into /run/src/secret.repo instead of /etc/yum.repos.d/secret.repo then it will get picked up by `cat /run/src/*.repo >> /etc/yum.repos.d/git.repo` which will allow for modifications to be made to the repo on disk (read/write), which we currently do for SCOS.
dustymabe
force-pushed
the
rpm-ostree-install-legacy
branch
from
fdca987 to
0f99d7e
Compare
|
I talked to @locriandev this morning and force pushed up some changes here. Ultimately a lot of small cleanups and two big changes:
I think the new simplified format should serve us better. @locriandev @jlebon - can you review this ? |
|
sigh. I guess expanding the use of build-args here is going to require adapting openshift/release@912602f |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jlebon, locriandev The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
the
approved
Instead of rpm-ostree install we can use dnf directly. Also let's define the names of the repos we want to use for each variant in the build-args themselves, which will remove the heuristics we were doing previously inside the build-node-image.sh script to filter out the ones we didn't want.
dustymabe
force-pushed
the
rpm-ostree-install-legacy
branch
from
0f99d7e to
b70494e
Compare
|
@locriandev: The following tests failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
We added the OPENSHIFT_VERSION and YUM_REPO_NAMES build args in openshift/os#1935 so let's add them here. Also drop the quay.io/openshift-release-dev/ocp-v4.0-art-dev:c9s-coreos references because we don't have that defined in our containerfile anymore.
5 participants
Summary
Per feedback on #1932, this PR updates the legacy build pipeline to use
rpm-ostree installdirectly instead ofrpm-ostree experimental compose treefile-applywithpackages-openshift.yaml.Changes
rpm-ostree experimental compose treefile-applywith directrpm-ostree installcommand, embedding all postprocess steps inlinepackages-openshift.yamlare now embedded inline inbuild-node-image.shRelated: #1932