From c2ff7e29c3d74a9d037a91f6ad9529cf4f032cff Mon Sep 17 00:00:00 2001
From: wangyueliang <wangyueliang@kylinos.cn>
Date: Mon, 1 Apr 2024 15:56:32 +0800
Subject: [PATCH] Block useless or unsupported functional for NestOS

---
 build.sh             |  7 ++++---
 src/cmd-build-fast   |  2 +-
 src/coreos-assembler | 36 ++++++++++++++++++++++++------------
 src/deps.txt         | 14 ++++++++------
 src/vmdeps.txt       |  3 ++-
 5 files changed, 39 insertions(+), 23 deletions(-)

diff --git a/build.sh b/build.sh
index 2c05b828..a0a4130f 100755
--- a/build.sh
+++ b/build.sh
@@ -28,9 +28,10 @@ configure_yum_repos() {
     rm -rf /etc/yum.repos.d/*
 
     # Consistent with the base image, current: openeuler 22.03-LTS-SP3
-    echo -e "[${version_id}-SP3-NestOS]\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/EPOL/multi_version/NestOS/For-Container/20231231/$arch/\ngpgcheck=0\npriority=2\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
-    echo -e "[${version_id}-SP3-everything]\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/everything/$arch/\ngpgcheck=0\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
-    echo -e "[${version_id}-SP3-EPOL]\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/EPOL/main/$arch/\ngpgcheck=0\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
+    echo -e "[${version_id}-SP3-NestOS]\nname=NestOS\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/EPOL/multi_version/NestOS/For-Container/20231231/$arch/\ngpgcheck=0\npriority=2\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
+    echo -e "[${version_id}-SP3-everything]\nname=everything\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/everything/$arch/\ngpgcheck=0\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
+    echo -e "[${version_id}-SP3-EPOL]\nname=EPOL\nenabled=1\nmetadata_expire=1m\nbaseurl=https://repo.openeuler.org/openEuler-22.03-LTS-SP3/EPOL/main/$arch/\ngpgcheck=0\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
+    echo -e "[${version_id}-SP3-extra]\nname=extra\nenabled=1\nmetadata_expire=1m\nbaseurl=http://nestos.org.cn/NestOS-22.03-LTS-SP3/For-Container/20231231/$arch/\ngpgcheck=0\npriority=1\nskip_if_unavailable=False\n" >> /etc/yum.repos.d/nestos-sp3.repo
 }
 
 install_rpms() {
diff --git a/src/cmd-build-fast b/src/cmd-build-fast
index 49da7912..8addc35f 100755
--- a/src/cmd-build-fast
+++ b/src/cmd-build-fast
@@ -134,7 +134,7 @@ fi
 if ! ostree --repo="${tmprepo}" commit -b "${fastref}" --base="${previous_commit}" --tree=dir="${rootfsoverrides}" \
     --owner-uid 0 --owner-gid 0 --selinux-policy-from-base --link-checkout-speedup --no-bindings --no-xattrs \
     --add-metadata-string=version="${version}" --parent="${previous_commit}" --keep-metadata='coreos-assembler.basearch' \
-    --keep-metadata='fedora-coreos.stream' --fsync=0 "${commit_args[@]}"; then
+    --keep-metadata='nestos.stream' --fsync=0 "${commit_args[@]}"; then
     restore_etc
     exit 1
 fi
diff --git a/src/coreos-assembler b/src/coreos-assembler
index 29448249..5e60d633 100755
--- a/src/coreos-assembler
+++ b/src/coreos-assembler
@@ -17,14 +17,14 @@ export USER="${USER:-$(id -nu)}"
 # for uid" errors if there is no entry for our UID in /etc/passwd.
 # This was taken from 'Support Arbitrary User IDs' section of:
 #   https://docs.openshift.com/container-platform/3.10/creating_images/guidelines.html
-if ! whoami &> /dev/null; then
-  # We need to make sure we set $HOME in the /etc/passwd file because
-  # if we don't libvirt will try to use `/` and we will get permission
-  # issues
-  export HOME="/var/tmp/${USER_NAME:-default}" && mkdir -p "$HOME"
-  if [ -w /etc/passwd ]; then
-      echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >> /etc/passwd
-  fi
+if ! whoami &>/dev/null; then
+    # We need to make sure we set $HOME in the /etc/passwd file because
+    # if we don't libvirt will try to use `/` and we will get permission
+    # issues
+    export HOME="/var/tmp/${USER_NAME:-default}" && mkdir -p "$HOME"
+    if [ -w /etc/passwd ]; then
+        echo "${USER_NAME:-default}:x:$(id -u):0:${USER_NAME:-default} user:${HOME}:/sbin/nologin" >>/etc/passwd
+    fi
 fi
 
 # Ensure we've unshared our mount namespace so
@@ -43,10 +43,15 @@ cmd=${1:-}
 # commands we'd expect to use in the local dev path
 build_commands="init fetch build run prune clean list"
 # commands more likely to be used in a prod pipeline only
-advanced_build_commands="buildfetch buildupload oc-adm-release push-container upload-oscontainer"
-buildextend_commands="aliyun aws azure digitalocean exoscale gcp ibmcloud live metal metal4k nutanix openstack qemu vmware vultr"
-utility_commands="aws-replicate compress generate-hashlist koji-upload kola remote-prune sign tag"
+advanced_build_commands="build-fast push-container"
+buildextend_commands="live metal metal4k openstack qemu"
+utility_commands="basearch compress kola kola-run runc tag virt-install"
 other_commands="shell meta"
+
+nestos_unsupport_advanced_build_commands="buildfetch buildupload buildinitramfs-fast oc-adm-release upload-oscontainer"
+nestos_unsupport_buildextend_commands="aliyun aws azure azurestack dasd digitalocean exoscale gcp ibmcloud nutanix powervs vmware vultr"
+nestos_unsupport_utility_commands="aws-replicate aliyun-replicate koji-upload generate-hashlist remote-prune sign"
+
 if [ -z "${cmd}" ]; then
     echo Usage: "coreos-assembler CMD ..."
     echo "Build commands:"
@@ -74,6 +79,14 @@ if [ -z "${cmd}" ]; then
 fi
 shift
 
+# Determine if the function is currently not supported by Nestos
+if [[ "${nestos_unsupport_advanced_build_commands}" =~ (^| )"${cmd}"($| ) ]] || \
+[[ "${nestos_unsupport_utility_commands}" =~ (^| )"${cmd}"($| ) ]] || \
+[[ "${cmd}" =~ ^buildextend-.* && "${nestos_unsupport_buildextend_commands}" =~ (^| )"${cmd#buildextend-}"($| ) ]]; then
+    echo "Command ${cmd} is not applicable to NestOS"
+    exit 1
+fi
+
 COSA_META_SCHEMA="${COSA_META_SCHEMA:-/usr/lib/coreos-assembler/v1.json}"
 schema_override="${PWD}/src/config/schema.json"
 if [ -e "${schema_override}" ]; then
@@ -81,7 +94,6 @@ if [ -e "${schema_override}" ]; then
 fi
 export COSA_META_SCHEMA
 
-
 target=/usr/lib/coreos-assembler/cmd-${cmd}
 if test -x "${target}"; then
     exec "${target}" "$@"
diff --git a/src/deps.txt b/src/deps.txt
index d3cfb07a..c0b7bf8a 100644
--- a/src/deps.txt
+++ b/src/deps.txt
@@ -38,7 +38,8 @@ rsync
 python3-gobject-base
 
 # To support recursive containerization and manipulating images
-podman buildah skopeo
+# podman buildah skopeo
+podman skopeo
 
 # Miscellaneous tools
 jq
@@ -65,7 +66,7 @@ python3-libvirt
 openssl
 
 # Support for Koji uploads.
-#krb5-libs krb5-workstation
+# krb5-libs krb5-workstation
 
 # LUKS support
 cryptsetup
@@ -85,14 +86,15 @@ nestos-installer
 butane
 
 # Support for meta.json file locking
-#python3-flufl-lock
+# python3-flufl-lock
+python3-flufl.lock
 
 # entrypoint uses bsdtar for automatic compression detection
 bsdtar
 
 # For pulling from the prod OSTree repo, e.g. during release jobs
-#fedora-repos-ostree
+# fedora-repos-ostree
 
-python3-flufl.lock python3-pyyaml
+python3-pyyaml
 
-#guestfs-tools
+# guestfs-tools
diff --git a/src/vmdeps.txt b/src/vmdeps.txt
index 50049fe0..ee05b973 100644
--- a/src/vmdeps.txt
+++ b/src/vmdeps.txt
@@ -18,7 +18,8 @@ dhcp-client iproute
 selinux-policy selinux-policy-targeted policycoreutils
 
 # coreos-assembler
-python3 python3-gobject-base buildah podman skopeo iptables iptables-libs
+# python3 python3-gobject-base buildah podman skopeo iptables iptables-libs
+python3 python3-gobject-base podman skopeo iptables iptables-libs
 
 # luks
 cryptsetup
-- 
Gitee