Fedora netbootc files POC

Containerfile-fedora-aa64

FROM quay.io/fedora/fedora-minimal:40 as builder
ARG name=Fedora
ARG version=40
ARG arch=aa64
RUN mkdir /b
WORKDIR /b

# Artifacts from kickstart repository.
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/.treeinfo
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/vmlinuz
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/initrd.img
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/install.img

# Artifacts from RPM repository.
RUN microdnf -y install shim-${arch} grub2-efi-${arch}
RUN cp -p /boot/efi/EFI/fedora/{shim,grub${arch}}.efi .

# Creation of a digest file and a version file.
RUN export LATEST=$(ls -t1|head -n1);\
        mv .treeinfo VERSION ;\
        echo -e "\n[packages]" >> VERSION ;\
        rpm -q shim-${arch} grub2-efi-${arch} >> VERSION ;\
        sha256sum * | tee SHA256SUM ;\
        touch -r $LATEST VERSION SHA256SUM

FROM scratch
ARG name=Fedora
ARG version=40
ARG arch=aa64
LABEL org.pulpproject.netboot.version=1 \
        org.pulpproject.netboot.os.name="${name}" \
        org.pulpproject.netboot.os.version="${version}"

# The first layer MUST be the digest file and optional additional data.
COPY --from=builder --chmod=444 /b/SHA256SUM /b/VERSION /

# Each payloud SHOULD be in a separate layer.
COPY --from=builder --chmod=444 /b/vmlinuz /b/initrd.img /
COPY --from=builder --chmod=444 /b/install.img /
COPY --from=builder --chmod=444 /b/shim.efi /
COPY --from=builder --chmod=444 /b/grub${arch}.efi /

# Entrypoints: regular, alternate and legacy boot.
LABEL org.pulpproject.netboot.boot=shim.efi \
        org.pulpproject.netboot.boota=grub${arch}.efi

Containerfile-fedora-x86

FROM quay.io/fedora/fedora-minimal:40 as builder
ARG name=Fedora
ARG version=40
ARG arch=x64
RUN mkdir /b
WORKDIR /b

# Artifacts from kickstart repository.
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/.treeinfo
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/vmlinuz
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/pxeboot/initrd.img
RUN curl -RLO https://dl.fedoraproject.org/pub/fedora/linux/releases/${version}/Everything/$(uname -m)/os/images/install.img

# Artifacts from RPM repository.
RUN microdnf -y install shim-${arch} grub2-efi-${arch} syslinux-tftpboot
RUN cp -p /tftpboot/pxelinux.0 . && cp -p /boot/efi/EFI/fedora/{shim,grub${arch}}.efi .

# Creation of a digest file and a version file.
RUN export LATEST=$(ls -t1|head -n1);\
        mv .treeinfo VERSION ;\
        echo -e "\n[packages]" >> VERSION ;\
        rpm -q shim-${arch} grub2-efi-${arch} syslinux-tftpboot >> VERSION ;\
        sha256sum * | tee SHA256SUM ;\
        touch -r $LATEST VERSION SHA256SUM

FROM scratch
ARG name=Fedora
ARG version=40
ARG arch=x64
LABEL org.pulpproject.netboot.version=1 \
        org.pulpproject.netboot.os.name="${name}" \
        org.pulpproject.netboot.os.version="${version}"

# The first layer MUST be the digest file and optional additional data.
COPY --from=builder --chmod=444 /b/SHA256SUM /b/VERSION /

# Each payloud SHOULD be in a separate layer.
COPY --from=builder --chmod=444 /b/vmlinuz /b/initrd.img /
COPY --from=builder --chmod=444 /b/install.img /
COPY --from=builder --chmod=444 /b/pxelinux.0 /
COPY --from=builder --chmod=444 /b/shim.efi /
COPY --from=builder --chmod=444 /b/grub${arch}.efi /

# Entrypoints: regular, alternate and legacy boot.
LABEL org.pulpproject.netboot.boot=shim.efi \
        org.pulpproject.netboot.boota=grub${arch}.efi \
        org.pulpproject.netboot.bootl=pxelinux.0

Need to be done:

• Digital signature (cosign?)