Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: dnf module #377

Draft
wants to merge 52 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from 18 commits
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
fd4ad28
feat: `dnf` module
fiftydinar Dec 22, 2024
cd91b05
chore: Add support for native installation of repos
fiftydinar Dec 22, 2024
cf3d495
docs: Revise the note about %OS_VERSION% in repos
fiftydinar Dec 22, 2024
2f392e7
fix: missing quote in echo
fiftydinar Dec 22, 2024
6d1047f
fix: Get raw COPR repos array elements without JSON brackets
fiftydinar Dec 22, 2024
9d13c87
chore: Auto-confirm prompts (`-y`) when adding repos
fiftydinar Dec 22, 2024
1396a18
fix: Accidental syntax error for `done`
fiftydinar Dec 22, 2024
b898af2
chore: Remove useless echo
fiftydinar Dec 22, 2024
6523979
chore: Install & remove using `dnf` in single operation cases
fiftydinar Dec 22, 2024
97566b8
docs: Add note that URL is not preferred for copr repos
fiftydinar Dec 22, 2024
0bb79d0
fix: `/opt` symlink issue & migrate removal + install to `dnf`
fiftydinar Dec 22, 2024
70c5766
chore: Document code some more
fiftydinar Dec 22, 2024
e01ed40
docs: Fix note about using install & remove at the same time
fiftydinar Dec 22, 2024
7d4aff9
chore: Add `dnf` to `modules.json`
fiftydinar Dec 22, 2024
a4e9ba4
chore: Add support for replacing packages
fiftydinar Dec 22, 2024
7da24f5
chore: Add option to enable or disable installation of weak dependencies
fiftydinar Dec 22, 2024
d495b6a
docs: Style backtick fix
fiftydinar Dec 22, 2024
1137c8b
fix(rpm-ostree): Symlinking `/opt/` multiple times caused an error
fiftydinar Dec 22, 2024
eb522e3
chore: Rename `weak-dependencies` to `install-weak-dependencies` & ad…
fiftydinar Dec 22, 2024
57f8b22
chore: Change `copr: user/project` formt to `COPR user/project`
fiftydinar Dec 22, 2024
7a5bcea
fix: Syntax error due to redundant `fi`
fiftydinar Dec 22, 2024
c7ae430
fix: Restore logic about not removing any newlines to COPR repos
fiftydinar Dec 22, 2024
b1a7c6f
feat: Add removal & installation of RPM groups
fiftydinar Dec 22, 2024
b7c0206
docs: Style fix
fiftydinar Dec 22, 2024
feb0d71
chore: Make sorting order in typespec better
fiftydinar Dec 22, 2024
fba3840
typespec: Minor leftover fix
fiftydinar Dec 22, 2024
e27ba39
chore: Fix typespec replace definition
fiftydinar Dec 22, 2024
a53dd5b
chore: Add mutter-patched COPR to module.yml
fiftydinar Dec 22, 2024
1a81609
fix: Forgot to replace `rpm-ostree` to `dnf` when checking for local …
fiftydinar Dec 23, 2024
a72ae5c
fix: Adding local file repos
fiftydinar Dec 23, 2024
2790123
fix: Replacing packages
fiftydinar Dec 23, 2024
ecffeae
chore: Make error message consistent
fiftydinar Dec 23, 2024
84f89d0
chore: Begin implementation of specific flag options for every instal…
fiftydinar Dec 23, 2024
5d7f34b
chore: Simplify printing log message for install packages
fiftydinar Dec 23, 2024
7fc5a24
feat: Add dnf flags to all operations
fiftydinar Dec 23, 2024
63f745b
feat: Add `remove-unused-dependencies` option for package removal
fiftydinar Dec 23, 2024
b474a5a
chore: Fix group-remove typespec
fiftydinar Dec 23, 2024
770bb33
chore: Fix group-install typespec
fiftydinar Dec 23, 2024
d8a9006
chore: Fix remove typespec
fiftydinar Dec 23, 2024
33065b4
chore: Fix install typespec
fiftydinar Dec 23, 2024
3423190
chore: Remove leftover global `install-weak-dependencies` option
fiftydinar Dec 23, 2024
f176120
chore: Remove redundant dnf5 plugin check
fiftydinar Dec 23, 2024
7458b4b
fix: dnf group remove command missed `group` prefix
fiftydinar Dec 23, 2024
ce4163c
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
c8043a4
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
aa92eff
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
8265b85
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
c9f4fb0
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
92df6a0
fix: Don't quote the flags, else dnf will see it as an empty argument…
fiftydinar Dec 24, 2024
e66b176
Merge branch 'main' into dnf-module
fiftydinar Dec 25, 2024
4920cc4
chore: Add separate `copr` array
fiftydinar Dec 25, 2024
7612cc2
fix: Assume yes for copr enable
gmpinder Dec 26, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions modules.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
"https://raw.githubusercontent.com/blue-build/modules/main/modules/gschema-overrides/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/justfiles/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/rpm-ostree/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/dnf/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/initramfs/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/script/module.yml",
"https://raw.githubusercontent.com/blue-build/modules/main/modules/signing/module.yml",
Expand Down
35 changes: 35 additions & 0 deletions modules/dnf/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# `dnf`

The [`dnf`](https://docs.fedoraproject.org/en-US/quick-docs/dnf/) module offers pseudo-declarative package and repository management using `dnf`.

The module first downloads the repository files from URLs declared under `repos:` into `/etc/yum.repos.d/`. The magic string `%OS_VERSION%` can be substituted with the current VERSION_ID (major Fedora version), which can be used, for example, for pulling correct versions of repositories which have fixed Fedora version in the URL.

You can also add repository files directly into your git repository if URLs are not provided. For example:
```yml
repos:
- my-repository.repo # copies in .repo file from files/dnf/my-repository.repo to /etc/yum.repos.d/
```

Specific COPR repositories can also be specified in `copr: user/project` format & is prefered over using direct COPR URL.

If you use a repo that requires adding custom keys (eg. Brave Browser), you can import the keys by declaring the key URLs under `keys:`. The magic string acts the same as it does in `repos`.

Then the module installs the packages declared under `install:` using `dnf -y install`, it removes the packages declared under `remove:` using `dnf -y remove`. If there are packages declared under both `install:` and `remove:` then removal is performed 1st & install 2nd.

Installing RPM packages directly from a `http(s)` url that points to the RPM file is also supported, you can just put the URLs under `install:` and they'll be installed along with the other packages. The magic string `%OS_VERSION%` is substituted with the current VERSION_ID (major Fedora version) like with the `repos:` property.

If an RPM is not available in a repository or as an URL, you can also install it directly from a file in your git repository. For example:
```yml
install:
- weird-package.rpm # tries to install files/dnf/weird-package.rpm
```

Additionally, the `dnf` module supports a fix for packages that install into `/opt/`. Installation for packages that install into folder names declared under `optfix:` are fixed using some symlinks. Directory path in `/opt/` for those packages should be provided in recipe, like in Example Configuration.

The module can also replace base RPM packages with packages from any repo. Under `replace:`, the module finds every pair of keys `- from-repo:` and `packages:`. (Multiple pairs are supported.) The module uses `- from-repo:` key to gather the repo for package replacement, then it replaces packages declared under `packages:` using the command `dnf -y distro-sync --refresh --repo "${repo}" "${packages}"`. The magic string `%OS_VERSION%` is substituted with the current VERSION_ID (major Fedora version) as already said above. You need to assure that you provided the repo in `repos:` before using replacement functionality. To gather the repo ID that you need to input, you can use `dnf repo list` command.

:::note
[Removed packages are still present in the underlying ostree repository](https://coreos.github.io/rpm-ostree/administrator-handbook/#removing-a-base-package), what `remove` does is kind of like hiding them from the system, it doesn't free up storage space.
:::

There is also a `weak-dependencies:` option to enable or disable installation of weak dependencies for every install operation. Weak dependencies are installed by default. Which kind of dependencies are considered weak can be seen [here](https://docs.fedoraproject.org/en-US/packaging-guidelines/WeakDependencies/).
184 changes: 184 additions & 0 deletions modules/dnf/dnf.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,184 @@
#!/usr/bin/env bash

# Tell build process to exit if there are any errors.
set -euo pipefail

# Fail the build if dnf5 isn't installed
if ! rpm -q dnf5 &>/dev/null; then
echo "ERROR: Main dependency 'dnf5' is not installed. Install 'dnf5' before using this module to solve this error."
exit 1
fi

# Fail the build if dnf5 plugins aren't installed
if ! rpm -q dnf5-plugins &>/dev/null; then
echo "ERROR: Dependency 'dnf5-plugins' is not installed. It is needed for cleanly adding COPR repositories."
echo " Install 'dnf5-plugins' before using this module to solve this error."
exit 1
fi
fiftydinar marked this conversation as resolved.
Show resolved Hide resolved

# Check if option for weak dependencies is enabled or disabled
WEAK_DEPENDENCIES=$(echo "${1}" | jq -r 'try .["weak-dependencies"]')

if [[ -z "${WEAK_DEPENDENCIES}" ]] || [[ "${WEAK_DEPENDENCIES}" == "null" ]] || [[ "${WEAK_DEPENDENCIES}" == "true" ]]; then
WEAK_DEPS_FLAG="--setopt=install_weak_deps=True"
elif [[ "${WEAK_DEPENDENCIES}" == false ]]; then
WEAK_DEPS_FLAG="--setopt=install_weak_deps=False"
fi

# Pull in repos
get_json_array REPOS 'try .["repos"][]' "${1}"
if [[ ${#REPOS[@]} -gt 0 ]]; then
echo "Adding repositories"
# Substitute %OS_VERSION% & remove newlines/whitespaces from all repo entries
for i in "${!REPOS[@]}"; do
repo="${REPOS[$i]}"
repo="${repo//%OS_VERSION%/${OS_VERSION}}"
# Extract copr repo array element properly here without JSON brackets (jq doesn't extract elements with spaces properly like yq does)
if [[ "${repo}" == "{\"copr\":\""*"\"}" ]]; then
REPOS[$i]="copr: $(echo "${repo}" | jq -r '.copr')"
else
# Trim all whitespaces/newlines for other repos
REPOS[$i]="${repo//[$'\t\r\n ']}"
fi
done
# dnf config-manager & dnf copr don't support adding multiple repositories at once, hence why for/done loop is used
for repo in "${REPOS[@]}"; do
if [[ "${repo}" =~ ^https?:\/\/.* ]]; then
echo "Adding repository URL: '${repo}'"
dnf -y config-manager addrepo --from-repofile="${repo}"
elif [[ "${repo}" == *".repo" ]] && [[ -f "${CONFIG_DIRECTORY}/dnf/${repo}" ]]; then
echo "Adding repository file: '${repo}'"
dnf -y config-manager addrepo --from-repofile="${repo}"
elif [[ "${repo}" == "copr: "* ]]; then
echo "Adding COPR repository: '${repo#copr: }'"
dnf -y copr enable "${repo#copr: }"
fi
done
fi

# Install RPM keys if they are provided
get_json_array KEYS 'try .["keys"][]' "${1}"
if [[ ${#KEYS[@]} -gt 0 ]]; then
echo "Adding keys"
for KEY in "${KEYS[@]}"; do
KEY="${KEY//%OS_VERSION%/${OS_VERSION}}"
rpm --import "${KEY//[$'\t\r\n ']}"
done
fi

# Create symlinks to fix packages that create directories in /opt
get_json_array OPTFIX 'try .["optfix"][]' "${1}"
if [[ ${#OPTFIX[@]} -gt 0 ]]; then
echo "Creating symlinks to fix packages that install to /opt"
# Create symlink for /opt to /var/opt since it is not created in the image yet
mkdir -p "/var/opt"
ln -snf "/var/opt" "/opt"
# Create symlinks for each directory specified in recipe.yml
for OPTPKG in "${OPTFIX[@]}"; do
OPTPKG="${OPTPKG%\"}"
OPTPKG="${OPTPKG#\"}"
mkdir -p "/usr/lib/opt/${OPTPKG}"
ln -s "../../usr/lib/opt/${OPTPKG}" "/var/opt/${OPTPKG}"
echo "Created symlinks for ${OPTPKG}"
done
fi

get_json_array INSTALL_PKGS 'try .["install"][]' "${1}"
get_json_array REMOVE_PKGS 'try .["remove"][]' "${1}"

CLASSIC_INSTALL=false
HTTPS_INSTALL=false
LOCAL_INSTALL=false

# Sort classic, URL & local install packages
if [[ ${#INSTALL_PKGS[@]} -gt 0 ]]; then
for i in "${!INSTALL_PKGS[@]}"; do
PKG="${INSTALL_PKGS[$i]}"
if [[ "${PKG}" =~ ^https?:\/\/.* ]]; then
INSTALL_PKGS[$i]="${PKG//%OS_VERSION%/${OS_VERSION}}"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[shellcheck] reported by reviewdog 🐶
$/${} is unnecessary on arithmetic variables. SC2004

HTTPS_INSTALL=true
HTTPS_PKGS+=("${INSTALL_PKGS[$i]}")
elif [[ ! "${PKG}" =~ ^https?:\/\/.* ]] && [[ -f "${CONFIG_DIRECTORY}/rpm-ostree/${PKG}" ]]; then
LOCAL_INSTALL=true
LOCAL_PKGS+=("${CONFIG_DIRECTORY}/rpm-ostree/${PKG}")
else
CLASSIC_INSTALL=true
CLASSIC_PKGS+=("${PKG}")
fi
done
fi

# Function to inform the user about which type of packages is he installing
echo_rpm_install() {
if ${CLASSIC_INSTALL} && ! ${HTTPS_INSTALL} && ! ${LOCAL_INSTALL}; then
echo "Installing: ${CLASSIC_PKGS[*]}"
elif ! ${CLASSIC_INSTALL} && ${HTTPS_INSTALL} && ! ${LOCAL_INSTALL}; then
echo "Installing package(s) directly from URL: ${HTTPS_PKGS[*]}"
elif ! ${CLASSIC_INSTALL} && ! ${HTTPS_INSTALL} && ${LOCAL_INSTALL}; then
echo "Installing local package(s): ${LOCAL_PKGS[*]}"
elif ${CLASSIC_INSTALL} && ${HTTPS_INSTALL} && ! ${LOCAL_INSTALL}; then
echo "Installing: ${CLASSIC_PKGS[*]}"
echo "Installing package(s) directly from URL: ${HTTPS_PKGS[*]}"
elif ${CLASSIC_INSTALL} && ! ${HTTPS_INSTALL} && ${LOCAL_INSTALL}; then
echo "Installing: ${CLASSIC_PKGS[*]}"
echo "Installing local package(s): ${LOCAL_PKGS[*]}"
elif ! ${CLASSIC_INSTALL} && ${HTTPS_INSTALL} && ${LOCAL_INSTALL}; then
echo "Installing package(s) directly from URL: ${HTTPS_PKGS[*]}"
echo "Installing local package(s): ${LOCAL_PKGS[*]}"
elif ${CLASSIC_INSTALL} && ${HTTPS_INSTALL} && ${LOCAL_INSTALL}; then
echo "Installing: ${CLASSIC_PKGS[*]}"
echo "Installing package(s) directly from URL: ${HTTPS_PKGS[*]}"
echo "Installing local package(s): ${LOCAL_PKGS[*]}"
fi
fiftydinar marked this conversation as resolved.
Show resolved Hide resolved
}

# Remove & install RPM packages
if [[ ${#INSTALL_PKGS[@]} -gt 0 && ${#REMOVE_PKGS[@]} -gt 0 ]]; then
echo "Removing & Installing RPMs"
echo "Removing: ${REMOVE_PKGS[*]}"
echo_rpm_install
dnf -y "${WEAK_DEPS_FLAG}" remove "${REMOVE_PKGS[@]}"
dnf -y "${WEAK_DEPS_FLAG}" install "${INSTALL_PKGS[@]}"
elif [[ ${#INSTALL_PKGS[@]} -gt 0 ]]; then
echo "Installing RPMs"
echo_rpm_install
dnf -y "${WEAK_DEPS_FLAG}" install "${INSTALL_PKGS[@]}"
elif [[ ${#REMOVE_PKGS[@]} -gt 0 ]]; then
echo "Removing RPMs"
echo "Removing: ${REMOVE_PKGS[*]}"
dnf -y "${WEAK_DEPS_FLAG}" remove "${REMOVE_PKGS[@]}"
fi

get_json_array REPLACE 'try .["replace"][]' "$1"

# Replace RPM packages from any repository
if [[ ${#REPLACE[@]} -gt 0 ]]; then
for REPLACEMENT in "${REPLACE[@]}"; do

# Get repository
REPO=$(echo "${REPLACEMENT}" | jq -r 'try .["from-repo"]')
REPO="${REPO//%OS_VERSION%/${OS_VERSION}}"
REPO="${REPO//[$'\t\r\n ']}"

# Ensure repository is provided
if [[ "${REPO}" == "null" ]]; then
echo "Error: Key 'from-repo' was declared, but repository URL was not provided."
exit 1
fi

# Get packages to replace
get_json_array PACKAGES 'try .["packages"][]' "${REPLACEMENT}"

# Ensure packages are provided
if [[ ${#PACKAGES[@]} == 0 ]]; then
echo "Error: No packages were provided for repository '${REPO}'."
exit 1
fi

echo "Replacing packages from repository: '${REPO}'"
echo "Replacing: ${REPLACE_STR}"

dnf -y "${WEAK_DEPS_FLAG}" distro-sync --refresh --repo "${REPO}" "${PACKEGES[@]}"

done
fi
36 changes: 36 additions & 0 deletions modules/dnf/dnf.tsp
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
import "@typespec/json-schema";
using TypeSpec.JsonSchema;

@jsonSchema("/modules/dnf.json")
model RpmOstreeModule {
/** The dnf module offers pseudo-declarative package and repository management using dnf.
* https://blue-build.org/reference/modules/dnf/
*/
type: "dnf";

/** List of links to .repo files to download into /etc/yum.repos.d/. */
repos?: Array<string>;

/** List of links to key files to import for installing from custom repositories. */
keys?: Array<string>;

/** List of folder names under /opt/ to enable for installing into. */
optfix?: Array<string>;

/** List of RPM packages to install. */
install?: Array<string>;

/** List of RPM packages to remove. */
remove?: Array<string>;

/** List of configurations for `rpm-ostree override replace`ing packages. */
replace?: Array<{
/** URL to the source COPR repo for the new packages. */
"from-repo": string,
/** List of packages to replace using packages from the defined repo. */
packages: Array<string>,
}>;

/** Whether to install weak dependencies during install operation or not. */
"weak-dependencies"?: boolean = true;
}
26 changes: 26 additions & 0 deletions modules/dnf/module.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
name: dnf
shortdesc: The dnf module offers pseudo-declarative package and repository management using dnf.
example: |
type: dnf
weak-dependencies: true
repos:
- copr: atim/starship
gmpinder marked this conversation as resolved.
Show resolved Hide resolved
- https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo
keys:
- https://brave-browser-rpm-release.s3.brave.com/brave-core.asc
optfix:
- Tabby # needed because tabby installs into /opt/Tabby
- brave.com
install:
- starship
- brave-browser
- https://github.com/Eugeny/tabby/releases/download/v1.0.209/tabby-1.0.209-linux-x64.rpm
remove:
- firefox
- firefox-langpacks
replace:
- from-repo: copr:copr.fedorainfracloud.org:trixieua:mutter-patched
packages:
- mutter
- mutter-common
- gdm
2 changes: 1 addition & 1 deletion modules/rpm-ostree/rpm-ostree.sh
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📝 [shellcheck] reported by reviewdog 🐶
Possible misspelling: REPOS may not be assigned. Did you mean REPO? SC2153

if [[ ${#REPOS[@]} -gt 0 ]]; then

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[shellcheck] reported by reviewdog 🐶
$/${} is unnecessary on arithmetic variables. SC2004

INSTALL_PKGS[$i]="${PKG//%OS_VERSION%/${OS_VERSION}}"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ [shellcheck] reported by reviewdog 🐶
Quote this to prevent word splitting. SC2046

rpm-ostree override remove "${REMOVE_PKGS[@]}" $(printf -- "--install=%s " "${CLASSIC_PKGS[@]}")

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ [shellcheck] reported by reviewdog 🐶
Quote this to prevent word splitting. SC2046

rpm-ostree override remove "${REMOVE_PKGS[@]}" $(printf -- "--install=%s " "${CLASSIC_PKGS[@]}")

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ [shellcheck] reported by reviewdog 🐶
Quote this to prevent word splitting. SC2046

rpm-ostree override remove "${REMOVE_PKGS[@]}" $(printf -- "--install=%s " "${CLASSIC_PKGS[@]}")

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ [shellcheck] reported by reviewdog 🐶
Quote this to prevent word splitting. SC2046

rpm-ostree override remove "${REMOVE_PKGS[@]}" $(printf -- "--install=%s " "${CLASSIC_PKGS[@]}")

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📝 [shellcheck] reported by reviewdog 🐶
Double quote to prevent globbing and word splitting. SC2086

rpm-ostree override replace --experimental --from "repo=copr:copr.fedorainfracloud.org:${MAINTAINER}:${REPO_NAME}" ${REPLACE_STR}

Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ if [[ ${#OPTFIX[@]} -gt 0 ]]; then
echo "Creating symlinks to fix packages that install to /opt"
# Create symlink for /opt to /var/opt since it is not created in the image yet
mkdir -p "/var/opt"
ln -s "/var/opt" "/opt"
ln -snf "/var/opt" "/opt"
# Create symlinks for each directory specified in recipe.yml
for OPTPKG in "${OPTFIX[@]}"; do
OPTPKG="${OPTPKG%\"}"
Expand Down
Loading