add proof of concept for building with osbuild

This is proof of concept code with many things hardcoded in the
coreos.osbuild.mpp.yaml that need to become more dynamically defined.
To use this you can set the COSA_USE_OSBUILD env var to have a value.
COSA_USE_OSBUILD=1 should work just fine.

Author: dustymabe

src/cmd-buildextend-metal

@@ -261,13 +261,21 @@ EOF
 cat "${image_json}" image-dynamic.json | jq -s add > image-for-disk.json
 platforms_json="${workdir}/tmp/platforms.json"
 yaml2json "${configdir}/platforms.yaml" "${platforms_json}"
-runvm "${qemu_args[@]}" -- \
-        /usr/lib/coreos-assembler/create_disk.sh \
-            --config "$(pwd)"/image-for-disk.json \
-            --kargs "${kargs}" \
-            --platform "${ignition_platform_id}" \
-            --platforms-json "${platforms_json}" \
-            "${disk_args[@]}"
+
+if [ "${image_type}" == "qemu" -a "${COSA_USE_OSBUILD:-}" != "" ]; then
+    runvm -- /usr/lib/coreos-assembler/runvm-osbuild              \
+                $ostree_repo $ref                                 \
+                /usr/lib/coreos-assembler/coreos.osbuild.mpp.yaml \
+                "${path}.tmp"
+else
+    runvm "${qemu_args[@]}" -- \
+            /usr/lib/coreos-assembler/create_disk.sh \
+                --config "$(pwd)"/image-for-disk.json \
+                --kargs "${kargs}" \
+                --platform "${ignition_platform_id}" \
+                --platforms-json "${platforms_json}" \
+                "${disk_args[@]}"
+fi
 
 if [[ $secure_execution -eq "1" && -z "${hostkey}" ]]; then
     /usr/lib/coreos-assembler/secex-genprotimgvm-scripts/runvm.sh \

src/coreos.osbuild.mpp.yaml

@@ -0,0 +1,228 @@
+version: '2'
+mpp-vars:
+  release: 38
+mpp-define-image:
+  id: image
+  #10G
+  size: '10737418240'
+  table:
+    uuid: 00000000-0000-4000-a000-000000000001
+    label: gpt
+    partitions:
+      - id: BIOS-BOOT
+        size: 2048
+        type: 21686148-6449-6E6F-744E-656564454649
+        bootable: true
+        uuid: FAC7F1FB-3E8D-4137-A512-961DE09A5549
+      - id: EFI-SYSTEM
+        size: 260096
+        type: C12A7328-F81F-11D2-BA4B-00A0C93EC93B
+        uuid: 68B2905B-DF3E-4FB3-80FA-49D1E773AA33
+      - id: boot
+        size: 786432
+        type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4
+        uuid: 61B2905B-DF3E-4FB3-80FA-49D1E773AA32
+      - id: root
+        # XXX: Dynamically set this size in the future
+        size: 4194304
+        type: 0FC63DAF-8483-4772-8E79-3D69D8477DE4
+        uuid: CA7D7CCB-63ED-4C53-861C-1742536059CC
+pipelines:
+  - name: image-tree
+    source-epoch: 1659397331
+    stages:
+      - type: org.osbuild.ostree.init-fs
+      - type: org.osbuild.ostree.os-init
+        options:
+          osname: fedora-coreos
+      - type: org.osbuild.ostree.config
+        options:
+          repo: /ostree/repo
+          config:
+            sysroot:
+              readonly: false
+              bootloader: none
+      - type: org.osbuild.mkdir
+        options:
+          paths:
+            - path: /boot/efi
+              mode: 448
+      - type: org.osbuild.ignition
+      - type: org.osbuild.ostree.deploy
+        options:
+          osname: fedora-coreos
+          remote: fedora
+          mounts:
+            - /boot
+            - /boot/efi
+          kernel_opts:
+            - rw
+            - console=tty0
+            - console=ttyS0
+            - ignition.platform.id=qemu
+            - '$ignition_firstboot'
+        inputs:
+          commits:
+            type: org.osbuild.ostree
+            origin: org.osbuild.source
+            mpp-resolve-ostree-commits:
+              commits:
+                - ref: $ref
+                  remote:
+                    url: $repourl
+      - type: org.osbuild.ostree.selinux
+        options:
+          deployment:
+            osname: fedora-coreos
+            ref: ostree/1/1/0
+      - type: org.osbuild.grub2
+        options:
+          rootfs:
+            label: root
+          bootfs:
+            label: boot
+          uefi:
+            vendor: fedora
+            install: true
+          legacy: i386-pc
+          write_defaults: false
+          greenboot: false
+          ignition: true
+  - name: image
+    stages:
+      - type: org.osbuild.truncate
+        options:
+          filename: disk.img
+          size:
+            mpp-format-string: '{image.size}'
+      - type: org.osbuild.sfdisk
+        devices:
+          device:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+        options:
+          mpp-format-json: '{image.layout}'
+      - type: org.osbuild.mkfs.fat
+        devices:
+          device:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''EFI-SYSTEM''].start}'
+              size:
+                mpp-format-int: '{image.layout[''EFI-SYSTEM''].size}'
+              lock: true
+        options:
+          label: EFI-SYSTEM
+          volid: 7B7795E7
+      - type: org.osbuild.mkfs.ext4
+        devices:
+          device:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''boot''].start}'
+              size:
+                mpp-format-int: '{image.layout[''boot''].size}'
+              lock: true
+        options:
+          uuid: 96d15588-3596-4b3c-adca-a2ff7279ea63
+          label: boot
+      - type: org.osbuild.mkfs.xfs
+        devices:
+          device:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''root''].start}'
+              size:
+                mpp-format-int: '{image.layout[''root''].size}'
+              lock: true
+        options:
+          uuid: 910678ff-f77e-4a7d-8d53-86f2ac47a823
+          label: root
+      - type: org.osbuild.copy
+        inputs:
+          tree:
+            type: org.osbuild.tree
+            origin: org.osbuild.pipeline
+            references:
+              - name:image-tree
+        options:
+          paths:
+            - from: input://tree/
+              to: mount://root/
+        devices:
+          efi:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''EFI-SYSTEM''].start}'
+              size:
+                mpp-format-int: '{image.layout[''EFI-SYSTEM''].size}'
+          boot:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''boot''].start}'
+              size:
+                mpp-format-int: '{image.layout[''boot''].size}'
+          root:
+            type: org.osbuild.loopback
+            options:
+              filename: disk.img
+              start:
+                mpp-format-int: '{image.layout[''root''].start}'
+              size:
+                mpp-format-int: '{image.layout[''root''].size}'
+        mounts:
+          - name: root
+            type: org.osbuild.xfs
+            source: root
+            target: /
+          - name: boot
+            type: org.osbuild.ext4
+            source: boot
+            target: /boot
+          - name: efi
+            type: org.osbuild.fat
+            source: efi
+            target: /boot/efi
+      - type: org.osbuild.grub2.inst
+        options:
+          platform: i386-pc
+          filename: disk.img
+          location:
+            mpp-format-int: '{image.layout[''BIOS-BOOT''].start}'
+          core:
+            type: mkimage
+            partlabel: gpt
+            filesystem: ext4
+          prefix:
+            type: partition
+            partlabel:
+              mpp-format-string: '{image.layout.label}'
+            number:
+              mpp-format-int: '{image.layout[''boot''].index}'
+            path: /grub2
+  - name: qcow2
+    stages:
+      - type: org.osbuild.qemu
+        inputs:
+          image:
+            type: org.osbuild.files
+            origin: org.osbuild.pipeline
+            references:
+              name:image:
+                file: disk.img
+        options:
+          filename: disk.qcow2
+          format:
+            type: qcow2
+            compat: '1.1'

src/deps.txt

@@ -16,12 +16,6 @@ dumb-init
 rpm-ostree createrepo_c openssh-clients python3-createrepo_c
 dnf-utils
 
-# We don't actually use this right now but we intend to share
-# code in the future.
-# XXX: temporarily disabled until we fix
-# https://github.com/osbuild/osbuild-composer/issues/1915
-# osbuild-composer
-
 # For generating ISO images
 genisoimage
 

src/runvm-osbuild

@@ -0,0 +1,35 @@
+#!/bin/bash
+set -eux -o pipefail
+
+repo=$1
+ref=$2
+mppyaml=$3
+path=$4
+
+workdir=$PWD
+
+# Since it doesn't exist create loop-control
+mknod /dev/loop-control c 10 237
+
+# get away from the virtiofs share because the xattrs that
+# are written out by the ostree deploy will cause SELinux denials.
+mkdir /root/osbuild && cd /root/osbuild
+
+# Use osbuild from the dusty-fedora-coreos fork for now
+git clone https://github.com/dustymabe/osbuild.git --branch dusty-fedora-coreos .
+
+# Run through the preprocessor
+./tools/osbuild-mpp               \
+    -D ref=\"${ref}\"             \
+    -D repourl=\"file://${repo}\" \
+    $mppyaml                      \
+    processed.json
+
+# Build the image
+python3 -m osbuild --libdir .              \
+    --store store/ --output-directory out/ \
+    --export qcow2 processed.json
+
+
+# Copy it out to the specified location
+cp out/qcow2/disk.qcow2 $path

src/vmdeps.txt

@@ -35,3 +35,7 @@ tar
 
 # needed for extensions container build
 podman
+
+# For running osbuild
+osbuild osbuild-ostree osbuild-selinux osbuild-tools python3-pyrsistent
+patch git