Build new images

Bump debian tar timebomb, remove manual crun install as the package is stable now and most importantly remove IMA workaround as the issue[1], we will see if that is true. [1] containers/podman#18543 Signed-off-by: Paul Holzinger <[email protected]>
containers · Oct 10, 2024 · ef2c8f2 · ef2c8f2
1 parent aa36f71
commit ef2c8f2
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 20 deletions.
diff --git a/IMG_SFX b/IMG_SFX
@@ -1 +1 @@
-20240911t151000z-f40f39d13
+20241010t105554z-f40f39d13
diff --git a/base_images/debian_base-setup.sh b/base_images/debian_base-setup.sh
@@ -58,7 +58,7 @@ source "$REPO_DIRPATH/lib.sh"
 #     https://bugzilla.redhat.com/show_bug.cgi?id=2230127
 # 2024-01-25 dfsg-3 also has the bug
 # 2024-09-06 trixy still has 1.35+dfsg-3 (https://packages.debian.org/trixie/tar)
-timebomb 20241001 "prevent us from getting broken tar-1.35+dfsg-3"
+timebomb 20241201 "prevent us from getting broken tar-1.35+dfsg-3"
 $SUDO tee /etc/apt/preferences.d/$(date +%Y%m%d)-tar <<EOF
 Package: tar
 Pin: version 1.35+dfsg-[23]

diff --git a/cache_images/fedora_packaging.sh b/cache_images/fedora_packaging.sh
@@ -199,16 +199,6 @@ DOWNLOAD_PACKAGES=(\
 msg "Installing general build/test dependencies"
 bigto $SUDO dnf install -y "${INSTALL_PACKAGES[@]}"
 
-# 2024-09-11 early testing of crun 1.17
-timebomb 20240930 "crun 1.17 should be stable by now"
-arch=$(uname -m)
-n=crun
-v=1.17
-r=1.fc$OS_RELEASE_VER
-bigto $SUDO dnf install -y  \
-      https://kojipkgs.fedoraproject.org/packages/$n/$v/$r/$arch/$n-$v-$r.$arch.rpm \
-      https://kojipkgs.fedoraproject.org/packages/$n/$v/$r/$arch/$n-wasm-$v-$r.$arch.rpm
-
 msg "Downloading packages for optional installation at runtime, as needed."
 $SUDO mkdir -p "$PACKAGE_DOWNLOAD_DIR"
 cd "$PACKAGE_DOWNLOAD_DIR"
@@ -224,11 +214,3 @@ cd -
 # Occasionally following an install, there are more updates available.
 # This may be due to activation of suggested/recommended dependency resolution.
 lilto $SUDO dnf update -y
-
-# Gah. FIXME 2024-06-20: rawhide now includes rpm-plugin-ima,
-# which causes rootless podman pods to fail.
-# https://github.com/containers/podman/issues/18543
-if ! ((CONTAINER)); then
-    timebomb 20241001 "Temporary workaround for signed rpms (ima) in rawhide"
-    $SUDO setfattr -x  security.ima /usr/libexec/catatonit/catatonit || true
-fi
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		20240911t151000z-f40f39d13
		20241010t105554z-f40f39d13