org.osbuild.rpm
Verify, and install RPM packages
The exclude.docs option can be used to tell rpm to not install docs.
gpgkeys should be an array of strings containing each GPG key to be used
to verify the packages. Alternatively, the keys can be imported via files
located in the tree via gpgkeys.fromtree. This is done after the packages
are installed so it is possible to import keys packaged in rpms.
packages is an array of objects representing RPMs. Each RPM is identified by
its checksums. Specifically, the content hash of the rpm, not the checksums
found in the rpm header. The check_gpg property indicates that the RPM's
must be signed by one of the given GPG keys, and that the transaction should
fail otherwise.
This stage will fail if any of the packages can't be found, or if any
RPM fails signature verification.
Uses the following binaries from the host:
rpmkeysto import keys and to verify signatures for each packagesh,mkdir,mount,chmodto prepare the target tree forrpmrpmto install packages into the target tree This stage will return the following metadata via the osbuild API: packages: a list of objects representing the installed packages, with information about: name, version, release, and optionally: epoch, arch, sigmd5, sigpgp, siggpg
Schema 1
{
"additionalProperties": false,
"properties": {
"dbpath": {
"desription": "Use the given path as RPM database",
"type": "string"
},
"disable_dracut": {
"description": "Prevent dracut from running",
"type": "boolean"
},
"exclude": {
"type": "object",
"additionalProperties": false,
"properties": {
"docs": {
"type": "boolean",
"description": "Do not install documentation.",
"default": false
}
}
},
"gpgkeys": {
"description": "Array of GPG key contents to import",
"type": "array",
"items": {
"type": "string"
}
},
"gpgkeys.fromtree": {
"description": "Array of files in the tree with GPG keys to import",
"type": "array",
"items": {
"type": "string"
}
},
"packages": {
"description": "Array of RPM content hashes",
"type": "array",
"items": {
"oneOf": [
{
"type": "string",
"description": ".rpm file checksum, prefixed with 'md5:', 'sha1:', 'sha256:', 'sha384:', or 'sha512:', indicating the algorithm used."
},
{
"type": "object",
"additionalProperties": false,
"required": [
"checksum"
],
"properties": {
"checksum": {
"type": "string",
"description": ".rpm file checksum, prefixed with 'md5:', 'sha1:', 'sha256:', 'sha384:', or 'sha512:', indicating the algorithm used."
},
"check_gpg": {
"type": "boolean",
"description": "Whether the GPG signatures of the RPM should be verified.",
"default": false
}
}
}
]
}
},
"ostree_booted": {
"type": "boolean",
"description": "Create the '/run/ostree-booted' marker"
}
}
}
Schema 2
{
"options": {
"type": "object",
"additionalProperties": false,
"properties": {
"dbpath": {
"desription": "Use the given path as RPM database",
"type": "string"
},
"gpgkeys": {
"description": "Array of GPG key contents to import",
"type": "array",
"items": {
"type": "string"
}
},
"gpgkeys.fromtree": {
"description": "Array of files in the tree with GPG keys to import",
"type": "array",
"items": {
"type": "string"
}
},
"disable_dracut": {
"description": "Prevent dracut from running",
"type": "boolean"
},
"exclude": {
"type": "object",
"additionalProperties": false,
"properties": {
"docs": {
"type": "boolean",
"description": "Do not install documentation.",
"default": false
}
}
},
"install_langs": {
"description": "Only install certain locales (sets `_install_langs` RPM macro)",
"type": "array",
"minItems": 1,
"uniqueItems": true,
"items": {
"type": "string"
}
},
"ostree_booted": {
"type": "boolean",
"description": "Create the '/run/ostree-booted' marker"
}
}
},
"inputs": {
"type": "object",
"additionalProperties": false,
"required": [
"packages"
],
"properties": {
"packages": {
"type": "object",
"additionalProperties": true
}
}
}
}