In order to improve the security of Kata, nothing should be able to modify
the images. It would be really bad if a malicious container or process
modified them.
fixes#631
Signed-off-by: Julio Montes <julio.montes@intel.com>
Previous tarball uploaded to github has a different hash length
this commit make the regex more flexible in case the commit
length is bigger.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Image tarball size is the same as the one defined
in lib, factor out to avoid future errors if is modified.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
When a repository holds more than one kata version
it is difficult to ask dnf or zypper for a kata version
because the version includes a git commit.
This commit removes the sha from the package version.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Update variables needed by osbuilder.
Also fix query to get the initrd base OS.
Fixes: #210
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
We find for the tarball name with the package name.
If this is a `-rc` tha package versoin will have `~rc`,
lets replace `~` for `-` before get the tarball name.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Fix image generation.
Instead of use agent code from the host checkout to the
agent source code in a clean GOPATH env.
Make sure that the agent `commit id` is the correct before
push to github or OBS.
Fixes: #166
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
If want to create pkgs based in new branch, this script will create
all the empty repositories in OBS for each kata package.
Then we can point use the rest of scripts to push changes to this new repo.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Add long name bash options.
Make xtrace optional when DEBUG variable is set.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
shift $((OPTIND-1)) can be unsafe.To prevent unwanted
word-splitting all parameter expansions should be
double-quoted. Use the safe form for the command:
shift "$((OPTIND-1))"
Fixes: #109
Signed-off-by: Nitesh Konkar niteshkonkar@in.ibm.com
Build image with agent and osbuilder with master by default.
If want to build a release tag just use -v <version> and
will use that osbuilder and agent tag.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
This repository is growing is due to different projects are living
here, kernel config and patches, obs scripts, kata-deploy, release tools.
Lets move the obs scripts to its own directory.
Fixes: #75
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
