Last active
June 12, 2024 14:36
-
-
Save lzap/4845b2a68ad70180d3f81cb628d58c7e to your computer and use it in GitHub Desktop.
Fedora netbootc files POC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM quay.io/fedora/fedora-minimal:40 as builder | |
| ARG name=Fedora | |
| ARG version=40 | |
| ARG arch=aa64 | |
| RUN mkdir /b | |
| WORKDIR /b | |
| # Artifacts from kickstart repository. | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/.treeinfo | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/vmlinuz | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/initrd.img | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/install.img | |
| # Artifacts from RPM repository. | |
| RUN microdnf -y install shim-${arch} grub2-efi-${arch} | |
| RUN cp -p /boot/efi/EFI/fedora/{shim,grub${arch}}.efi . | |
| # Creation of a digest file and a version file. | |
| RUN export LATEST=$(ls -t1|head -n1);\ | |
| mv .treeinfo VERSION ;\ | |
| echo -e "\n[packages]" >> VERSION ;\ | |
| rpm -q shim-${arch} grub2-efi-${arch} >> VERSION ;\ | |
| sha256sum * | tee SHA256SUM ;\ | |
| touch -r $LATEST VERSION SHA256SUM | |
| FROM scratch | |
| ARG name=Fedora | |
| ARG version=40 | |
| ARG arch=aa64 | |
| LABEL org.pulpproject.netboot.version=1 \ | |
| org.pulpproject.netboot.os.name="${name}" \ | |
| org.pulpproject.netboot.os.version="${version}" | |
| # The first layer MUST be the digest file and optional additional data. | |
| COPY --from=builder --chmod=444 /b/SHA256SUM /b/VERSION / | |
| # Each payloud SHOULD be in a separate layer. | |
| COPY --from=builder --chmod=444 /b/vmlinuz /b/initrd.img / | |
| COPY --from=builder --chmod=444 /b/install.img / | |
| COPY --from=builder --chmod=444 /b/shim.efi / | |
| COPY --from=builder --chmod=444 /b/grub${arch}.efi / | |
| # Entrypoints: regular, alternate and legacy boot. | |
| LABEL org.pulpproject.netboot.boot=shim.efi \ | |
| org.pulpproject.netboot.boota=grub${arch}.efi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM quay.io/fedora/fedora-minimal:40 as builder | |
| ARG name=Fedora | |
| ARG version=40 | |
| ARG arch=x64 | |
| RUN mkdir /b | |
| WORKDIR /b | |
| # Artifacts from kickstart repository. | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/.treeinfo | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/vmlinuz | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/initrd.img | |
| RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/install.img | |
| # Artifacts from RPM repository. | |
| RUN microdnf -y install shim-${arch} grub2-efi-${arch} syslinux-tftpboot | |
| RUN cp -p /tftpboot/pxelinux.0 . && cp -p /boot/efi/EFI/fedora/{shim,grub${arch}}.efi . | |
| # Creation of a digest file and a version file. | |
| RUN export LATEST=$(ls -t1|head -n1);\ | |
| mv .treeinfo VERSION ;\ | |
| echo -e "\n[packages]" >> VERSION ;\ | |
| rpm -q shim-${arch} grub2-efi-${arch} syslinux-tftpboot >> VERSION ;\ | |
| sha256sum * | tee SHA256SUM ;\ | |
| touch -r $LATEST VERSION SHA256SUM | |
| FROM scratch | |
| ARG name=Fedora | |
| ARG version=40 | |
| ARG arch=x64 | |
| LABEL org.pulpproject.netboot.version=1 \ | |
| org.pulpproject.netboot.os.name="${name}" \ | |
| org.pulpproject.netboot.os.version="${version}" | |
| # The first layer MUST be the digest file and optional additional data. | |
| COPY --from=builder --chmod=444 /b/SHA256SUM /b/VERSION / | |
| # Each payloud SHOULD be in a separate layer. | |
| COPY --from=builder --chmod=444 /b/vmlinuz /b/initrd.img / | |
| COPY --from=builder --chmod=444 /b/install.img / | |
| COPY --from=builder --chmod=444 /b/pxelinux.0 / | |
| COPY --from=builder --chmod=444 /b/shim.efi / | |
| COPY --from=builder --chmod=444 /b/grub${arch}.efi / | |
| # Entrypoints: regular, alternate and legacy boot. | |
| LABEL org.pulpproject.netboot.boot=shim.efi \ | |
| org.pulpproject.netboot.boota=grub${arch}.efi \ | |
| org.pulpproject.netboot.bootl=pxelinux.0 |
$ skopeo inspect docker://quay.io/lzapletal/fedora-bootfiles@sha256:be499ae4824972aea34b0e5bcdfd552a1ad576ea15028a5791304457a84a27df
{
"Name": "quay.io/lzapletal/fedora-bootfiles",
"Digest": "sha256:be499ae4824972aea34b0e5bcdfd552a1ad576ea15028a5791304457a84a27df",
"RepoTags": [
"latest"
],
"Created": "2024-06-12T13:43:44.377858934Z",
"DockerVersion": "",
"Labels": {
"io.buildah.version": "1.35.3",
"org.pulpproject.netboot.boot": "shim.efi",
"org.pulpproject.netboot.boota": "grubx64.efi",
"org.pulpproject.netboot.bootl": "pxelinux.0",
"org.pulpproject.netboot.os.name": "Fedora",
"org.pulpproject.netboot.os.version": "40",
"org.pulpproject.netboot.version": "1"
},
"Architecture": "amd64",
"Os": "linux",
"Layers": [
"sha256:a4851b9340adaddac08468d80340712202816cd4128be0478c517011b21c5e02",
"sha256:17fc1def47696a3bcf9258d00a75297f48610fc427729f086a10ea618bc1dd74",
"sha256:dd8632368ae661d7bb7c12033a54ff1f56db5296c787f556a9957cfbd387a951",
"sha256:157c0658165b2c99a490e3a69fdc19194e839d19ed0b3a5a3620a55bec4cc367",
"sha256:03e2f81c69c61a0cc62292aff0f6e1b4cc226f53862b3a580e266b24d802e297",
"sha256:6f746c791dff6ffbf0ddff891f8ea701b42fdea4ba58293209ef1a971687c05e"
],
"LayersData": [
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:a4851b9340adaddac08468d80340712202816cd4128be0478c517011b21c5e02",
"Size": 1098,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:17fc1def47696a3bcf9258d00a75297f48610fc427729f086a10ea618bc1dd74",
"Size": 164199657,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:dd8632368ae661d7bb7c12033a54ff1f56db5296c787f556a9957cfbd387a951",
"Size": 618058694,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:157c0658165b2c99a490e3a69fdc19194e839d19ed0b3a5a3620a55bec4cc367",
"Size": 41375,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:03e2f81c69c61a0cc62292aff0f6e1b4cc226f53862b3a580e266b24d802e297",
"Size": 410095,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:6f746c791dff6ffbf0ddff891f8ea701b42fdea4ba58293209ef1a971687c05e",
"Size": 1861496,
"Annotations": null
}
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
]
}
$ skopeo inspect --config docker://quay.io/lzapletal/fedora-bootfiles@sha256:be499ae4824972aea34b0e5bcdfd552a1ad576ea15028a5791304457a84a27df
{
"created": "2024-06-12T13:43:44.377858934Z",
"architecture": "amd64",
"os": "linux",
"config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Labels": {
"io.buildah.version": "1.35.3",
"org.pulpproject.netboot.boot": "shim.efi",
"org.pulpproject.netboot.boota": "grubx64.efi",
"org.pulpproject.netboot.bootl": "pxelinux.0",
"org.pulpproject.netboot.os.name": "Fedora",
"org.pulpproject.netboot.os.version": "40",
"org.pulpproject.netboot.version": "1"
}
},
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:f65a3e3696b12e82a5f5ccd9a1d6dc876b77dbf5d9d7a209c985fa18475fcad5",
"sha256:c730f3ea694582a0101d4a064fa752ad7bfe1bdfe2cb6a46fc5b7d78eacf7fd6",
"sha256:175b5526346ab3db21c94d9afc8651f4870583d5e4de48aba9faee6371b39825",
"sha256:b96c026e8f3aed2c4a8981a73a702760c5e5575713f3e3a7b345f49e318de5c7",
"sha256:1d479a0f0b6e8548962d269456634a8ed2d63c2fdb73681ca963e44ba6ce1c98",
"sha256:cd6d98ff891aafb92518a52b2f71fff2c41c1e6448ebe481ed2c79a458c454bc"
]
},
"history": [
{
"created": "2024-06-12T13:43:39.52589917Z",
"created_by": "/bin/sh -c #(nop) ARG name",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.562255383Z",
"created_by": "/bin/sh -c #(nop) ARG name version",
"comment": "FROM 9dd75eb8f2d0",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.597527842Z",
"created_by": "/bin/sh -c #(nop) ARG arch name version",
"comment": "FROM effc69a647ec",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.633658345Z",
"created_by": "/bin/sh -c #(nop) LABEL org.pulpproject.netboot.version=1 \torg.pulpproject.netboot.os.name=\"${name}\" \torg.pulpproject.netboot.os.version=\"${version}\"",
"comment": "FROM 3a0338b369dd",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.810643588Z",
"created_by": "/bin/sh -c #(nop) COPY multi:c4d1b182a1ad308bdb98949c3641704df0f1a10d31646f2d0bd5eeb05ffbe92b in / ",
"comment": "FROM 7fbeeca2b25c"
},
{
"created": "2024-06-12T13:43:40.364044726Z",
"created_by": "/bin/sh -c #(nop) COPY multi:7279b1e022505144da0d404c2b75b11ffa1272bc33b744d71b71e4028fb1464e in / ",
"comment": "FROM 4e7652b27dc5"
},
{
"created": "2024-06-12T13:43:42.17028054Z",
"created_by": "/bin/sh -c #(nop) COPY file:0b214e66e1b552bb92a6a38584c92e698a34adf4140bf53ee85d81ed90ff2153 in / ",
"comment": "FROM 800dc5a3aa00"
},
{
"created": "2024-06-12T13:43:43.88928211Z",
"created_by": "/bin/sh -c #(nop) COPY file:a0c80473cd6685a09c58930f193f025bea2414b25619c0ff27f7c74ec418862f in / ",
"comment": "FROM f670e1975950"
},
{
"created": "2024-06-12T13:43:44.085060719Z",
"created_by": "/bin/sh -c #(nop) COPY file:4dc3d77640a7fdb19fd318fb737ca3d725bcfa74519306c5d172fff18a036d80 in / ",
"comment": "FROM b3f3d3d7d5d8"
},
{
"created": "2024-06-12T13:43:44.280091103Z",
"created_by": "/bin/sh -c #(nop) COPY file:e461c16e485e62fac4e11e762a80ce628c17bb5f681a9607b78321035fc80b15 in / ",
"comment": "FROM abe6ea16f3d3"
},
{
"created": "2024-06-12T13:43:44.377986453Z",
"created_by": "/bin/sh -c #(nop) LABEL org.pulpproject.netboot.boot=shim.efi \torg.pulpproject.netboot.boota=grub${arch}.efi \torg.pulpproject.netboot.bootl=pxelinux.0",
"comment": "FROM a2df9ed2bb3b",
"empty_layer": true
}
]
}
$ skopeo inspect docker://quay.io/lzapletal/fedora-bootfiles@sha256:85f22b4747db52f56d8855f12e4f8355bdda5b31ce748e0a3fa4f27ba9103dd0
{
"Name": "quay.io/lzapletal/fedora-bootfiles",
"Digest": "sha256:85f22b4747db52f56d8855f12e4f8355bdda5b31ce748e0a3fa4f27ba9103dd0",
"RepoTags": [
"latest"
],
"Created": "2024-06-12T13:56:01.998165123Z",
"DockerVersion": "",
"Labels": {
"io.buildah.version": "1.35.3",
"org.pulpproject.netboot.boot": "shim.efi",
"org.pulpproject.netboot.boota": "grubaa64.efi",
"org.pulpproject.netboot.os.name": "Fedora",
"org.pulpproject.netboot.os.version": "40",
"org.pulpproject.netboot.version": "1"
},
"Architecture": "arm64",
"Os": "linux",
"Layers": [
"sha256:b2139002159d23cfe086c154858c76cfc32796139fcafdfc3303c0cee25afa56",
"sha256:19b905ef2a436903aea9bb9e1991035d8d161155e963b1dbe0c25e7ee14d24fa",
"sha256:259c53c88f62f066dbe98ae1458711392bb1d54bc654ab419810d84d88517c3a",
"sha256:d7870fb4e438b824eab2b4e78a5e055fa57b0853ae35e8584755f1d7c5b23619",
"sha256:b9aee0f1c99f9c82f369cb9f04919f4d94e1d519325016e4009ea2326c59eea8"
],
"LayersData": [
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:b2139002159d23cfe086c154858c76cfc32796139fcafdfc3303c0cee25afa56",
"Size": 1006,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:19b905ef2a436903aea9bb9e1991035d8d161155e963b1dbe0c25e7ee14d24fa",
"Size": 157380099,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:259c53c88f62f066dbe98ae1458711392bb1d54bc654ab419810d84d88517c3a",
"Size": 662651461,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:d7870fb4e438b824eab2b4e78a5e055fa57b0853ae35e8584755f1d7c5b23619",
"Size": 396364,
"Annotations": null
},
{
"MIMEType": "application/vnd.oci.image.layer.v1.tar+gzip",
"Digest": "sha256:b9aee0f1c99f9c82f369cb9f04919f4d94e1d519325016e4009ea2326c59eea8",
"Size": 1929771,
"Annotations": null
}
],
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
]
}
$ skopeo inspect --config docker://quay.io/lzapletal/fedora-bootfiles@sha256:85f22b4747db52f56d8855f12e4f8355bdda5b31ce748e0a3fa4f27ba9103dd0
{
"created": "2024-06-12T13:56:01.998165123Z",
"architecture": "arm64",
"os": "linux",
"config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
],
"Labels": {
"io.buildah.version": "1.35.3",
"org.pulpproject.netboot.boot": "shim.efi",
"org.pulpproject.netboot.boota": "grubaa64.efi",
"org.pulpproject.netboot.os.name": "Fedora",
"org.pulpproject.netboot.os.version": "40",
"org.pulpproject.netboot.version": "1"
}
},
"rootfs": {
"type": "layers",
"diff_ids": [
"sha256:eefd53b4b85d965b79ec3be3f7edb2be25fc4b8751875626da6554f8ab72cc2a",
"sha256:ebca462afdc78e0c4bb8ee70206a2bacf568aadbb50ca68bc9047ebf1d5b3047",
"sha256:f6d5501f675c642cbec24c9a077e55cb14d11867a49184343f6ba42a218d79f1",
"sha256:5be558d018ca882e2545dd8afe44a2c0695d7a08d980c5c4c5b5d3c78e69a125",
"sha256:88ff71939613543cbb7512306b5f279de1131038384892933a41565463fe3d30"
]
},
"history": [
{
"created": "2024-06-12T13:43:39.52589917Z",
"created_by": "/bin/sh -c #(nop) ARG name",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.562255383Z",
"created_by": "/bin/sh -c #(nop) ARG name version",
"comment": "FROM 9dd75eb8f2d0",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.597527842Z",
"created_by": "/bin/sh -c #(nop) ARG arch name version",
"comment": "FROM effc69a647ec",
"empty_layer": true
},
{
"created": "2024-06-12T13:43:39.633658345Z",
"created_by": "/bin/sh -c #(nop) LABEL org.pulpproject.netboot.version=1 \torg.pulpproject.netboot.os.name=\"${name}\" \torg.pulpproject.netboot.os.version=\"${version}\"",
"comment": "FROM 3a0338b369dd",
"empty_layer": true
},
{
"created": "2024-06-12T13:55:57.432074704Z",
"created_by": "/bin/sh -c #(nop) COPY multi:2559e5c689fe837de3c362fe283383f76a9eee7aab11159d43cc5c6a8f312cef in / ",
"comment": "FROM 7fbeeca2b25c"
},
{
"created": "2024-06-12T13:55:57.977958168Z",
"created_by": "/bin/sh -c #(nop) COPY multi:fccc2371ff98677e3decc2c0a3f3fb24ac7380deb004f1073c03ae7f82b6149e in / ",
"comment": "FROM d775d3018b4e"
},
{
"created": "2024-06-12T13:55:59.874830533Z",
"created_by": "/bin/sh -c #(nop) COPY file:191c75cdeaf716764163af1b65cbb21b38c4a4b9a3a6a5cdb5ca1a5a1c57b4ad in / ",
"comment": "FROM a17bad55b543"
},
{
"created": "2024-06-12T13:56:01.710600514Z",
"created_by": "/bin/sh -c #(nop) COPY file:a8b873f696ec18bc95dff952c201cde6bea1ade39ee54e772135e6a9850c2847 in / ",
"comment": "FROM e245e26ca9a4"
},
{
"created": "2024-06-12T13:56:01.896389647Z",
"created_by": "/bin/sh -c #(nop) COPY file:5ac9fbbacac4864f514bcd761d05e97e7f583fc65c1b9740aaacf67b5b6c76d8 in / ",
"comment": "FROM 7bad078cbd26"
},
{
"created": "2024-06-12T13:56:01.998283191Z",
"created_by": "/bin/sh -c #(nop) LABEL org.pulpproject.netboot.boot=shim.efi \torg.pulpproject.netboot.boota=grub${arch}.efi",
"comment": "FROM ebef12b3b7be",
"empty_layer": true
}
]
}
Need to be done:
- Digital signature (
cosign?)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Build process:
The result is at quay.io/lzapletal/fedora-bootfiles