Patches should be submitted in the form of pull requests at [github][github].
Standard PEP-8 formatting is used project wide for Python, with a few
relaxations, like maximum line length (120). A pylint config file
.pylintrc
is provided. The ./run-test.sh
will lint
the source code using this (see Testing below).
Please refer to the developer guide to learn about our workflow, code style and more.
To support local development an container test/Dockerfile
contains
the environment to test all three plugins. It can be built and run
via ./run-test.sh
. This will execute the unit tests as well as
run pylint
and ShellCheck on the source code.
This assumes that osbuild-composer, version greater than 21, is installed on the host and the koji API is enabled.
Make certificates for osbuild-composer. This is needed to authorize
clients to use the composer API. There is a script that will create
the certificates and also copy it to the correct places in /etc
.
sudo test/make-certs.sh
Build the containers:
sudo test/build-container.sh
Run the infra containers, i.e. the database server, the kerberos kdc, and koji hub. This will also create the kerberos keytabs needed for the koji builder to authorize itself to koji hub.
sudo test/run-koji-container.sh start
Koji web will now be running at: http://localhost:8080/koji/
Copy the credentials: The TLS certificates for the koji builder plugin to make authorize requests to composer and the kerberos keytabs needed for composer and worker (of composer) to reserve and import the build via the koji XML RPC.
sudo test/copy-creds.sh
The koji builder plugin needs to be authorized in order to be able
to start a compose via Composer. The default authentication scheme
is OAuth2
. For testing purposes we can use the mock OpenID server
that is included in the osbuild-composer-tests
package. A helper
script is included to start and stop the server with the correct
parameters.
sudo test/run-openid.sh start
Run the koji builder instance can be started. Here fg
means that
it will be running in the foreground, so logs can be inspected and
the container stopped via ctrl+c
.
sudo test/run-builder.sh fg
Verify we can talk to koji hub via the koji command line client:
$ koji --server=http://localhost:8080/kojihub --user=osbuild --password=osbuildpass --authtype=password hello
grüezi, osbuild!
You are using the hub at http://localhost:8080/kojihub
Authenticated via password
In order to build an image, a series of tags needs to be created. Specifically:
- the target tag
- the build tag, which contains the architectures
- destination tag, which contains the list of packages
A helper script will create a minimum set that is necessary to build
an image call Fedora-Cloud
for f33-candidate
:
test/make-tags.sh
The client plugin needs to be installed either by creating the RPMs first via meson, or via a symlink from the checkout to the koji cli plugin directory:
mkdir -p /usr/lib/python3.8/site-packages/koji_cli_plugins/
ln -s $(pwd)/plugins/cli/osbuild.py \
/usr/lib/python3.8/site-packages/koji_cli_plugins/osbuild.py
Now that all is setup a build can be created via:
koji --server=http://localhost:8080/kojihub \
--user=kojiadmin \
--password=kojipass \
--authtype=password \
osbuild-image \
fedora-guest \
33 \
fedora-33 \
fedora33-candidate \
x86_64 \
--repo 'http://download.fedoraproject.org/pub/fedora/linux/releases/33/Everything/$arch/os/' \
--image-type guest-image \
--release 1
Check logs:
sudo podman logs org.osbuild.koji.koji # koji hub
sudo podman logs org.osbuild.koji.kdc # kerberos kdc
Execute into the container:
sudo podman exec -it org.osbuild.koji.koji /bin/bash
sudo podman exec -it org.osbuild.koji.kdc /bin/bash
sudo podman exec -it org.osbuild.koji.kojid /bin/bash
Stopping the container:
sudo test/run-koji-container.sh stop
Cleanup of kerberos tickets:
sudo kdestroy -A
sudo -u _osbuild-composer kdestroy -A