DO NOT MERGE Use CentOS Stream 10 as base image

This is highly experimental. CentOS Stream 10 is not officially out yet, so we use a base image in development to build ironic-image and test it. Current blockers: - CS10 is still in development!!! - shim package does not install shim for the current arch, needs to be explicitly installed separately - ipxe won't compile until very recent version that supports new GCC libraries - epel 10 repository is still in development - inotify-tools package for el10 is not available yet - current UID and GID for ironic user and group are already used by system accounts
metal3-io · Nov 28, 2024 · cf4fa40 · cf4fa40
1 parent 9f4b242
commit cf4fa40
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 12 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,12 +1,12 @@
-ARG BASE_IMAGE=quay.io/centos/centos:stream9
+ARG BASE_IMAGE=quay.io/centos-bootc/centos-bootc:stream10
 
 ## Build iPXE w/ IPv6 Support
 ## Note: we are pinning to a specific commit for reproducible builds.
 ## Updated as needed.
 
 FROM $BASE_IMAGE AS ironic-builder
 
-ARG IPXE_COMMIT_HASH=119c415ee47aaef2717104fea493377aa9a65874
+ARG IPXE_COMMIT_HASH=e965f179e1654103eca33feed7a9cc4c51d91be6
 
 RUN dnf install -y gcc git make xz-devel
 
@@ -18,7 +18,8 @@ RUN git clone https://github.com/ipxe/ipxe.git && \
       cd src && \
       ARCH=$(uname -m | sed 's/aarch/arm/') && \
       # NOTE(elfosardo): warning should not be treated as errors by default
-      NO_WERROR=1 make bin/undionly.kpxe "bin-$ARCH-efi/snponly.efi"
+      NO_WERROR=1 make bin/undionly.kpxe "bin-$ARCH-efi/snponly.efi" && \
+      ls -la
 
 COPY prepare-efi.sh /bin/
 RUN prepare-efi.sh centos

diff --git a/prepare-efi.sh b/prepare-efi.sh
@@ -10,10 +10,12 @@ if [[ "$ARCH" == "x86_64" ]]; then
     PACKAGES=grub2-efi-x64
     BOOTEFI=BOOTX64.EFI
     GRUBEFI=grubx64.efi
+    SHIM_PKG=shim-x64
 elif [[ "$ARCH" == "aarch64" ]]; then
     PACKAGES=grub2-efi-aa64
     BOOTEFI=BOOTAA64.EFI
     GRUBEFI=grubaa64.efi
+    SHIM_PKG=shim-aa64
 else
     echo "WARNING: don't know how to build an EFI image on $ARCH"
     touch "$DEST"
@@ -29,7 +31,8 @@ fi
 # ``Cannot initialize '::'``
 # This is due to the conversion table missing codepage 850, included in glibc-gconv-extra
 # shellcheck disable=SC2086
-dnf install -y grub2 shim dosfstools mtools glibc-gconv-extra $PACKAGES
+dnf install -y mtools
+dnf reinstall -y grub2 shim $SHIM_PKG dosfstools glibc-gconv-extra $PACKAGES
 
 ## TODO(TheJulia): At some point we may want to try and make the size
 ## of the ESP image file to be sized smaller for the files that need to
@@ -38,6 +41,8 @@ dnf install -y grub2 shim dosfstools mtools glibc-gconv-extra $PACKAGES
 dd bs=1024 count=6400 if=/dev/zero of="$DEST"
 mkfs.msdos -F 12 -n 'ESP_IMAGE' "$DEST"
 
+ls -la /boot/
+
 mmd -i "$DEST" EFI
 mmd -i "$DEST" EFI/BOOT
 mcopy -i "$DEST" -v "/boot/efi/EFI/BOOT/$BOOTEFI" ::EFI/BOOT

diff --git a/prepare-image.sh b/prepare-image.sh
@@ -9,8 +9,8 @@ echo "tsflags=nodocs" >> /etc/dnf/dnf.conf
 dnf install -y 'dnf-command(config-manager)'
 
 # emulate uid/gid configuration to match rpm install
-IRONIC_UID=997
-IRONIC_GID=994
+#IRONIC_UID=997
+#IRONIC_GID=994
 
 declare -a BUILD_DEPS=(
     gcc 
@@ -57,8 +57,8 @@ python3 -m pip install --no-cache-dir --ignore-installed --prefix /usr -r "${IRO
 
 # ironic system configuration
 mkdir -p /var/log/ironic /var/lib/ironic
-getent group ironic > /dev/null || groupadd -r ironic -g "${IRONIC_GID}"
-getent passwd ironic > /dev/null || useradd -r -g ironic -u "${IRONIC_UID}" -s /sbin/nologin ironic -d /var/lib/ironic
+getent group ironic > /dev/null || groupadd -r ironic
+getent passwd ironic > /dev/null || useradd -r -g ironic -s /sbin/nologin ironic -d /var/lib/ironic
 
 # clean installed build dependencies
 dnf remove -y "${BUILD_DEPS[@]}"
@@ -71,9 +71,10 @@ if [[ -n "${EXTRA_PKGS_LIST:-}" ]]; then
     fi
 fi
 
-dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
-dnf config-manager --set-disabled epel
-dnf install -y --enablerepo=epel inotify-tools
+#dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+#dnf config-manager --set-disabled epel
+#dnf install -y --enablerepo=epel inotify-tools
+dnf install -y https://rpmfind.net/linux/fedora/linux/releases/40/Everything/x86_64/os/Packages/i/inotify-tools-3.22.1.0-7.fc40.x86_64.rpm
 
 dnf remove -y --noautoremove 'dnf-command(config-manager)'
 
@@ -100,4 +101,4 @@ fi
 rm -f /bin/patch-image.sh
 
 dnf clean all
-rm -rf /var/cache/{yum,dnf}/*
+rm -rf /var/cache/{yum,dnf}/*