From 437643687cdd9aaaa154d276c91703981dc33479 Mon Sep 17 00:00:00 2001 From: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com> Date: Wed, 30 Jul 2025 22:30:05 +0200 Subject: [PATCH 1/4] feat: configure S3 upload metadata based on {cname}.requirements file instead of hardcoded feature mappings --- src/gardenlinux/s3/s3_artifacts.py | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/gardenlinux/s3/s3_artifacts.py b/src/gardenlinux/s3/s3_artifacts.py index a37ca7ba..71e96242 100644 --- a/src/gardenlinux/s3/s3_artifacts.py +++ b/src/gardenlinux/s3/s3_artifacts.py @@ -140,6 +140,20 @@ def upload_from_directory( feature_set = release_config.get(UNNAMED_SECTION, "GARDENLINUX_FEATURES") feature_list = feature_set.split(",") + requirements_file = artifacts_dir.joinpath(f"{cname}.requirements") + req = {} + if requirements_file.exists(): + with requirements_file.open("r", encoding="utf-8") as req_fp: + for line in req_fp: + line = line.strip() + if not line: + continue + key, value = line.split("=", 1) + req[key.strip()] = value.strip() + + require_uefi = req.get("uefi", "false").lower() == "true" + secureboot = req.get("secureboot", "false").lower() == "true" + metadata = { "platform": cname_object.platform, "architecture": cname_object.arch, @@ -149,8 +163,8 @@ def upload_from_directory( "gardenlinux_epoch": int(cname_object.version.split(".", 1)[0]), "logs": None, "modifiers": feature_list, - "require_uefi": "_usi" in feature_list, - "secureboot": "_trustedboot" in feature_list, + "require_uefi": require_uefi, + "secureboot": secureboot, "published_image_metadata": None, "s3_bucket": self._bucket.name, "s3_key": f"meta/singles/{cname}", From 7655881b4227930719adb312b99389a7d61c58c2 Mon Sep 17 00:00:00 2001 From: nkraetzschmar <9020053+nkraetzschmar@users.noreply.github.com> Date: Thu, 31 Jul 2025 10:29:48 +0200 Subject: [PATCH 2/4] feat: use ConfigParser for reading .requirements file also add fallback to feature based decision if no .requirements file or if keys are missing in order to provide backwards compatibility --- src/gardenlinux/s3/s3_artifacts.py | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/src/gardenlinux/s3/s3_artifacts.py b/src/gardenlinux/s3/s3_artifacts.py index 71e96242..bf3836de 100644 --- a/src/gardenlinux/s3/s3_artifacts.py +++ b/src/gardenlinux/s3/s3_artifacts.py @@ -141,18 +141,24 @@ def upload_from_directory( feature_list = feature_set.split(",") requirements_file = artifacts_dir.joinpath(f"{cname}.requirements") - req = {} + require_uefi = None + secureboot = None + if requirements_file.exists(): - with requirements_file.open("r", encoding="utf-8") as req_fp: - for line in req_fp: - line = line.strip() - if not line: - continue - key, value = line.split("=", 1) - req[key.strip()] = value.strip() - - require_uefi = req.get("uefi", "false").lower() == "true" - secureboot = req.get("secureboot", "false").lower() == "true" + requirements_config = ConfigParser(allow_unnamed_section=True) + requirements_config.read(requirements_file) + + if requirements_config.has_option(UNNAMED_SECTION, "uefi"): + require_uefi = requirements_config.getboolean(UNNAMED_SECTION, "uefi") + + if requirements_config.has_option(UNNAMED_SECTION, "secureboot"): + secureboot = requirements_config.getboolean(UNNAMED_SECTION, "secureboot") + + if require_uefi is None: + require_uefi = "_usi" in feature_list + + if secureboot is None: + secureboot = "_trustedboot" in feature_list metadata = { "platform": cname_object.platform, From 79be8d18de39afe569322059f7e2ffac3c381ab9 Mon Sep 17 00:00:00 2001 From: Tobias Wolf Date: Thu, 31 Jul 2025 17:41:10 +0200 Subject: [PATCH 3/4] Code cleanup Signed-off-by: Tobias Wolf --- src/gardenlinux/s3/s3_artifacts.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/gardenlinux/s3/s3_artifacts.py b/src/gardenlinux/s3/s3_artifacts.py index bf3836de..0bccf557 100644 --- a/src/gardenlinux/s3/s3_artifacts.py +++ b/src/gardenlinux/s3/s3_artifacts.py @@ -152,7 +152,9 @@ def upload_from_directory( require_uefi = requirements_config.getboolean(UNNAMED_SECTION, "uefi") if requirements_config.has_option(UNNAMED_SECTION, "secureboot"): - secureboot = requirements_config.getboolean(UNNAMED_SECTION, "secureboot") + secureboot = requirements_config.getboolean( + UNNAMED_SECTION, "secureboot" + ) if require_uefi is None: require_uefi = "_usi" in feature_list From 755ce8dc79988c77279985b223f346a3e12aeb01 Mon Sep 17 00:00:00 2001 From: Tobias Wolf Date: Sat, 2 Aug 2025 10:08:29 +0200 Subject: [PATCH 4/4] Add `requirements` with `application/io.gardenlinux.image.requirements` Signed-off-by: Tobias Wolf --- src/gardenlinux/constants.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/gardenlinux/constants.py b/src/gardenlinux/constants.py index 71993cf1..d73c29fc 100644 --- a/src/gardenlinux/constants.py +++ b/src/gardenlinux/constants.py @@ -79,6 +79,7 @@ "pxe.tar.gz.log", "root.squashfs", "manifest.log", + "requirements", "squashfs.log", "release.log", "vmlinuz.log", @@ -123,6 +124,7 @@ "gcpimage.tar.gz": "application/io.gardenlinux.image.format.gcpimage.tar.gz", "vmdk": "application/io.gardenlinux.image.format.vmdk", "ova": "application/io.gardenlinux.image.format.ova", + "requirements": "application/io.gardenlinux.image.requirements", "efi": "application/io.gardenlinux.efi", "uki": "application/io.gardenlinux.uki", "uki.log": "application/io.gardenlinux.log",