Skip to content

Commit

Permalink
K3s selinux rpm changes (#566)
Browse files Browse the repository at this point in the history 
* k8s selinux rpm changes

* Update pkg/image/context.go

Co-authored-by: Atanas Dinov <[email protected]>

* Update pkg/image/context.go

Co-authored-by: Atanas Dinov <[email protected]>

* Update RELEASE_NOTES.md

Co-authored-by: Atanas Dinov <[email protected]>

* Update selinux.go

---------

Co-authored-by: Atanas Dinov <[email protected]>
  • Loading branch information
@dbw7 @atanasdinov
dbw7 and atanasdinov authored Sep 19, 2024
1 parent 2ade744 commit b58f635
Show file tree
Hide file tree
Showing 5 changed files with 29 additions and 17 deletions.
4 changes: 4 additions & 0 deletions RELEASE_NOTES.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

## General

* Extracted the K3S and RKE2 SELinux package and repository definitions into artifacts.yaml

## API

### Image Definition Changes
Expand All @@ -12,6 +14,8 @@

## Bug Fixes

* [#565](https://github.com/suse-edge/edge-image-builder/issues/565) - K3S SELinux uses an outdated package

---

# v1.1.0-rc2
Expand Down
7 changes: 7 additions & 0 deletions config/artifacts.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,10 @@ endpoint-copier-operator:
elemental:
register-repository: https://download.opensuse.org/repositories/isv:/Rancher:/Elemental:/Staging/standard
system-agent-repository: https://download.opensuse.org/repositories/isv:/Rancher:/Elemental:/Staging/standard
kubernetes:
k3s:
selinuxPackage: k3s-selinux-1.6-1.slemicro.noarch
selinuxRepository: https://rpm.rancher.io/k3s/stable/common/slemicro/noarch
rke2:
selinuxPackage: rke2-selinux
selinuxRepository: https://rpm.rancher.io/rke2/stable/common/slemicro/noarch
4 changes: 2 additions & 2 deletions pkg/eib/eib.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,12 +62,12 @@ func appendKubernetesSELinuxRPMs(ctx *image.Context) error {
log.AuditInfo("SELinux is enabled in the Kubernetes configuration. " +
"The necessary RPM packages will be downloaded.")

selinuxPackage, err := kubernetes.SELinuxPackage(ctx.ImageDefinition.Kubernetes.Version)
selinuxPackage, err := kubernetes.SELinuxPackage(ctx.ImageDefinition.Kubernetes.Version, ctx.ArtifactSources)
if err != nil {
return fmt.Errorf("identifying selinux package: %w", err)
}

repository, err := kubernetes.SELinuxRepository(ctx.ImageDefinition.Kubernetes.Version)
repository, err := kubernetes.SELinuxRepository(ctx.ImageDefinition.Kubernetes.Version, ctx.ArtifactSources)
if err != nil {
return fmt.Errorf("identifying selinux repository: %w", err)
}
Expand Down
10 changes: 10 additions & 0 deletions pkg/image/context.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,4 +39,14 @@ type ArtifactSources struct {
RegisterRepository string `yaml:"register-repository"`
SystemAgentRepository string `yaml:"system-agent-repository"`
} `yaml:"elemental"`
Kubernetes struct {
K3s struct {
SELinuxPackage string `yaml:"selinuxPackage"`
SELinuxRepository string `yaml:"selinuxRepository"`
} `yaml:"k3s"`
Rke2 struct {
SELinuxPackage string `yaml:"selinuxPackage"`
SELinuxRepository string `yaml:"selinuxRepository"`
} `yaml:"rke2"`
} `yaml:"kubernetes"`
}
21 changes: 6 additions & 15 deletions pkg/kubernetes/selinux.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,35 +10,26 @@ import (
"github.com/suse-edge/edge-image-builder/pkg/image"
)

func SELinuxPackage(version string) (string, error) {
const (
k3sPackage = "k3s-selinux"
rke2Package = "rke2-selinux"
)
func SELinuxPackage(version string, sources *image.ArtifactSources) (string, error) {

switch {
case strings.Contains(version, image.KubernetesDistroK3S):
return k3sPackage, nil
return sources.Kubernetes.K3s.SELinuxPackage, nil
case strings.Contains(version, image.KubernetesDistroRKE2):
return rke2Package, nil
return sources.Kubernetes.Rke2.SELinuxPackage, nil
default:
return "", fmt.Errorf("invalid kubernetes version: %s", version)
}
}

func SELinuxRepository(version string) (image.AddRepo, error) {
const (
k3sRepository = "https://rpm.rancher.io/k3s/stable/common/slemicro/noarch"
rke2Repository = "https://rpm.rancher.io/rke2/stable/common/slemicro/noarch"
)

func SELinuxRepository(version string, sources *image.ArtifactSources) (image.AddRepo, error) {
var url string

switch {
case strings.Contains(version, image.KubernetesDistroK3S):
url = k3sRepository
url = sources.Kubernetes.K3s.SELinuxRepository
case strings.Contains(version, image.KubernetesDistroRKE2):
url = rke2Repository
url = sources.Kubernetes.Rke2.SELinuxRepository
default:
return image.AddRepo{}, fmt.Errorf("invalid kubernetes version: %s", version)
}
Expand Down

0 comments on commit b58f635

Please sign in to comment.