archiso/mkarchiso:
Implement a buildmode to export artifacts required for netboot with IPXE.
When providing the buildmode 'netboot' via profiledef.sh or the `-m` option, all targets necessary to create an ISO
medium are built, but the components required for netboot are exported to the output dir.
Optionally, it is possible to provide a set of certificates for codsigning using the `-c` option, where the first file
is considered as the signer certificate and the second as the key.
Add `_export_netboot_artifacts()` to copy build artifacts to the output directory.
Add `_sign_netboot_artifacts()` to codesign the netboot artifacts in the work directory.
Add `_validate_requirements_buildmode_netboot()` to check for openssl.
Add `_build_iso_base()` to implement common function calls between the 'iso' and the 'netboot' buildmodes.
Add `_build_buildmode_netboot()` to make use of `_build_iso_base()`, (optionally) `_sign_netboot_artifacts()` and
`_export_netboot_artifacts()`.
Change `_build_buildmode_iso()` to make use of `_build_iso_base()`.
Add `-c` as an option to mkarchiso to read in a list of file names.
Unify the output of `_usage()` by using the same definition style for lists of strings provided to options that accept
them (e.g. `-c`, `-m`, `-p`).
Closes#128
README.rst:
Mention bootstrap images in the opening words of the project documentation.
Add awk, erofs-utils, findutils, gzip, libarchive, pacman and sed to dependencies.
docs/README.profile.rst:
Add documentation for the optional `buildmodes` array in profiledef.sh, the understood build modes `bootstrap` and
`iso` and the implicit default build mode 'iso'.
Add basic documentation for the bootstrap_packages.arch file.
Add missing backticks.
Fix indent.
archiso/mkarchiso:
Introduce a buildmodes array, that can be used to build towards more than one output artifact type.
Add a buildmode for building a bootstrap image (a compressed file containing a very minimal Arch installation).
The buildmodes can be set either using a `buildmodes` array in a `profiledef.sh` or by using the `-m` option flag to
mkarchiso and providing a space delimited, quoted list.
The 'iso' buildmode is always the default if no buildmodes are setup.
Implement building a bootstrap image, when using the 'bootstrap' `buildmode`, which uses a profile's
'bootstrap_packages.$arch' file to install packages using pacstrap and compressing it to a bootstrap image.
The name of the output file is currently constructed from the `iso_name` value by appending `-bootstrap`.
Replace the uses of `airootfs_dir` with the more generic `pacstrap_dir`, as the location denotes where pacstrap is
being used.
Replace uses of `img_name` with `image_name` and removing it from the global scope, so that it can be overridden per
each buildmode.
Rename `_cleanup_airootfs_dir()` to `_cleanup_pacstrap_dir()`.
Make `_run_once()` more generic by prepending the state files with a string defined by `run_once_mode`.
Add `_validate_requirements_buildmode_all()`, `_validate_requirements_buildmode_bootstrap()` and
`_validate_requirements_buildmode_iso()` to validate the general requirements of the different buildmodes.
Add `_build_bootstrap_image()` to generate the bootstrap image using bsdtar.
Rename `_build_iso()` to `_build_iso_image()` to fit the naming of the respective bootstrap function.
Extend `_read_profile()` to include the reading of bootstrap image specific packages from a file.
Extend `_validate_options()` to include testing of the bootstrap packages and running of validation functions for all
buildmodes.
Change `_set_overrides()` to override the buildmodes if they are specified via the `-m` option flag.
Change `_make_version()` to be used generically in all buildmodes.
Change `_make_pkglist()` to be used generically in all buildmodes.
Rename `_build_profile()` to `_build_buildmode_iso()` and set local variables that are specific to the buildmode, such
as `image_name`, `pacstrap_dir`, `run_once_mode` , `buildmode_packages` and `buildmode_pkg_list`.
Add `_build_buildmode_bootstrap()` and set local variables that are specific to the buildmode, such as `image_name`,
`pacstrap_dir`, `run_once_mode` , `buildmode_packages` and `buildmode_pkg_list`.
Add the `-m` option flag to the list of flags.
Closes#127
configs/baseline/bootstrap_packages.x86_64:
Add a packages file for bootstrap images using the baseline profile and add arch-install-scripts and base to it.
scripts/run_archiso:
Change parameters to qemu's `-drive` option to make use of the explicit `read-only=on`, as the implicit `read-only` is
now obsolete.
Closes#126
.gitlab/ci/build-host.sh:
Change parameters to qemu's `-drive` option to make use of the explicit `read-only=on`, as the implicit `read-only` is
now obsolete.
archiso/mkarchiso:
Change the help output to reflect that the `-g` option is generically signing a rootfs (which may be e.g. squashfs or
erofs).
Change the output of `_mksignature()` to be more generic, as it signs any type of understood rootfs image (which may be
e.g. squashfs or erofs).
archiso/mkarchiso:
Force the file extension in use for the PGP signatures of the rootfs to always be .sig.
When gnupg's 'armor' configuration option is used, the output otherwise defaults to using .asc.
As the verification hook in mkinitcpio-archiso expects the .sig file extension, verifying the rootfs will fail in that
scenario.
.gitlab/ci/build-inside-vm.sh:
Create an ephemeral signing key for signing the rootfs image (e.g. squashfs or erofs) when building the profiles.
Implements #125
configs/releng/packages.x86_64:
Add libusb-compat and pcsclite as optional dependencies for gnupg to be able to interact with smartcards out-of-the-box.
Closes#122
* Don't nest code blocks inside quote blocks.
* Replace bash with sh, as there's nothing bash-specific in the examples.
* There is no syntax highlighting for grub, use sh.
* Use sentence case for headings.
* Use monospace for paths.
mkarchiso creates "${airootfs_dir}/etc/machine-id" by using output redirection. If this file is an existing symlink, then the printf output would be written to the symlink target. It can be a big issue in case the symlink resolves to a path outside ${airootfs_dir}.
Fixes#121.
This provides the ISO version information in the os-release file.
* IMAGE_ID is set to the value of $iso_name.
* IMAGE_VERSION is set to the value of $iso_version.
Implements #116.
.gitlab/ci/build-host.sh:
Change the readonly TMPDIR variable to a global tmpdir variable and set it in the `init()` function.
.gitlab/ci/build-inside-vm.sh:
Change assigning the readonly tmpdir variable directly to assigning it after declaring it.
Change `cleanup()` and `create_zsync_delta()` to use bash-style statements and also check whether SUDO_GID is set before
using it.
Some hardware, like Lenovo Thinkpad T420, will not BIOS boot if the disk has a valid GPT.
See https://bbs.archlinux.org/viewtopic.php?id=264096 .
Instead of a valid GPT, change to a valid MBR and invalid GPT similar to what was used before 729d16b48c. That layout, despite having crazy partition tables, boots everywhere.
The difference is that -append_partition is still kept and specified before -isohybrid-gpt-basdat. Thus the appended partition will be listed as EFI system partition in MBR and as Microsoft basic partition in the invalid GPT.
Fixes#102.
README.rst:
Add a "Releases" section that specifies who is creating releases and which PGP key ID is used to sign tags.
Additionally, information about how to retrieve the relevant public key and how to verify a tag in the repository is
added.
Fixes#114
configs/releng/airootfs/etc/xdg/reflector/reflector.conf:
Reduce the amount mirrors that reflector checks from 70 to 20.
This significantly reduces the time it takes to end up with an up-to-date mirrorlist during boot with the releng
profile.
Fixes#92
configs/releng/airootfs/root/.automated_script.sh:
Add the `--location` curl parameter (see `man 1 curl`) to allow for curl to retrieve a remote script even if the source
is being redirected (e.g. moved permanently) when using the `script=` kernel commandline parameter.
Fixes#113