feat: Support building offline OS bundles for Oracle Linux 9.4 (#1192)

* feat: Builds oracle-9.4 offline package

feat: add Oracle Linux 9.4 vSphere build configuration

* chore: removed debug statement and comments from GHA

* removes pre-commit changes

* removes the non-offline oracle-9.4 tests from the GHA files

* installs tar and container-selinux packages for oracle-9.4 offline/online modes

* Adds online modes 'basic' and 'fips' for oracle-9.4 on vsphere to e2e tests GHA

.github/workflows/release-vsphere-template.yaml

@@ -31,6 +31,10 @@ jobs:
             buildConfig: "basic"
           - os: "oracle 9.4"
             buildConfig: "fips"
+          - os: "oracle 9.4"
+            buildConfig: "offline"
+          - os: "oracle 9.4"
+            buildConfig: "offline-fips"
           - os: "flatcar"
             buildConfig: "basic"
     runs-on:
@@ -55,7 +59,7 @@ jobs:
         with:
           username: ${{ secrets.NEXUS_USERNAME }}
           password: ${{ secrets.NEXUS_PASSWORD }}
-      
+
       - name: Login to D2iQ's Mirror Registry
         uses: docker/login-action@v3
         with:

.github/workflows/vsphere-e2e.yaml

@@ -35,6 +35,10 @@ jobs:
           buildConfig: "basic"
         - os: "oracle 9.4"
           buildConfig: "fips"
+        - os: "oracle 9.4"
+          buildConfig: "offline"
+        - os: "oracle 9.4"
+          buildConfig: "offline-fips"
         - os: "flatcar"
           buildConfig: "basic"
     runs-on:
@@ -58,7 +62,7 @@ jobs:
         with:
           username: ${{ secrets.NEXUS_USERNAME }}
           password: ${{ secrets.NEXUS_PASSWORD }}
-      
+
       - name: Login to D2iQ's Mirror Registry
         uses: docker/login-action@v3
         with:
@@ -73,7 +77,7 @@ jobs:
         uses: webfactory/[email protected]
         with:
           ssh-private-key: ${{ secrets.SSH_BASTION_KEY_CONTENTS }}
-      
+
       # configure git to access private repo hosting vsphere module mesosphere/vcenter-tools
       - name: Configure git to clone private registry from mesosphere org
         run: |

ansible/roles/containerd/tasks/redhat.yaml

@@ -26,12 +26,13 @@
   retries: 5
   delay: 6
 
-
-- name: install tar rpm package
+- name: install tar and container-selinux rpm package
   yum:
     name: "{{ item }}"
     state: present
     update_cache: true
+    enablerepo: "{{ 'offline' if offline_mode_enabled else '' }}"
+    disablerepo: "{{ '*' if offline_mode_enabled else '' }}"
   register: result
   until: result is success
   retries: 5

bundles/oracle9.4/bundle.sh.gotmpl

@@ -0,0 +1,35 @@
+#!/bin/bash
+set -x
+set -euo pipefail
+
+# When yum operates on multiple packages, it does not, by default, return an error if a subset
+# of packages is not found. This makes yum return an error.
+echo skip_missing_names_on_install=False >> /etc/yum.conf
+
+# Install required tools for repository creation
+yum -y install epel-release gettext dnf-utils createrepo modulemd-tools yum-utils
+yum clean all
+
+TMP_DIR="$(mktemp -d repodata-XXXX)"
+chmod 777 -R "${TMP_DIR}"
+cp packages.txt "${TMP_DIR}"
+pushd "${TMP_DIR}"
+#shellcheck disable=SC2046
+repoquery --archlist=x86_64,noarch  --resolve --requires --recursive  $(< packages.txt) | xargs -r yumdownloader --archlist=x86_64,noarch -x \*i686
+#shellcheck disable=SC2046
+yumdownloader  --archlist=x86_64,noarch -x \*i686 $(< packages.txt)
+rm packages.txt
+
+createrepo -v .
+repo2module . --module-name offline
+createrepo_mod .
+
+# Package the repository into a tarball with proper permissions
+#shellcheck disable=SC1083,SC2035
+tar -czf {{ .OutputDirectory }}/{{ .KubernetesVersion }}_oraclelinux_9.4_x86_64{{ .FipsSuffix }}.tar.gz *
+#shellcheck disable=SC1083,SC2035
+chmod 777 {{ .OutputDirectory }}/{{ .KubernetesVersion }}_oraclelinux_9.4_x86_64{{ .FipsSuffix }}.tar.gz
+
+# Return to the original directory and clean up
+popd
+rm -rf "${TMP_DIR}"

bundles/oracle9.4/packages.txt.gotmpl

@@ -0,0 +1,33 @@
+audit
+ca-certificates
+conntrack-tools
+chrony
+open-vm-tools
+python3-pip
+socat
+sysstat
+dnf-utils
+yum-utils
+yum-plugin-versionlock
+NetworkManager
+cloud-init
+cloud-utils-growpart
+container-selinux
+{{ if .FetchKubernetesRPMs -}}
+kubectl-{{ .KubernetesVersion }}-0
+kubelet-{{ .KubernetesVersion }}-0
+kubeadm-{{ .KubernetesVersion }}-0
+cri-tools
+{{- end }}
+conntrack
+ebtables
+ethtool
+iproute
+iptables
+socat
+gcc
+libseccomp
+nfs-utils
+sssd-kcm
+iptables-libs
+libnftnl

bundles/oracle9.4/repo-templates/kubernetes.repo.gotmpl

@@ -0,0 +1,5 @@
+[kubernetes]
+name=Konvoy Kubernetes package repository
+baseurl=https://packages.d2iq.com/konvoy/stable/linux/repos/el/kubernetes-v{{ .KubernetesVersion }}-{{ .RepoSuffix }}/x86_64
+gpgcheck=1
+gpgkey=https://packages.d2iq.com/konvoy/stable/linux/repos/d2iq-sign-authority-gpg-public-key

bundles/redhat8.6/packages.txt.gotmpl

@@ -11,7 +11,6 @@ sysstat
 yum-utils
 yum-plugin-versionlock
 NetworkManager
-yum-utils
 cloud-init
 cloud-utils-growpart
 container-selinux

bundles/redhat8.8/packages.txt.gotmpl

@@ -11,7 +11,6 @@ sysstat
 yum-utils
 yum-plugin-versionlock
 NetworkManager
-yum-utils
 cloud-init
 cloud-utils-growpart
 container-selinux

bundles/rocky9.1/packages.txt.gotmpl

@@ -10,7 +10,6 @@ sysstat
 yum-utils
 yum-plugin-versionlock
 NetworkManager
-yum-utils
 cloud-init
 cloud-utils-growpart
 container-selinux

cmd/konvoy-image-wrapper/cmd/create-package-bundle.go

@@ -47,6 +47,10 @@ var osToConfig = map[string]OSConfig{
 		configDir:      "bundles/ubuntu20.04",
 		containerImage: "docker.io/library/ubuntu:20.04",
 	},
+	"oracle-9.4": {
+		configDir:      "bundles/oracle9.4",
+		containerImage: "docker.io/library/oraclelinux:9",
+	},
 }
 
 func getKubernetesVerisonFromAnsible() (string, error) {

cmd/konvoy-image/cmd/create-package-bundle.go

@@ -18,6 +18,7 @@ var (
 		"rocky-9.1",
 		"ubuntu-18.04",
 		"ubuntu-20.04",
+		"oracle-9.4",
 	}
 )
 

docs/cli/konvoy-image_create-package-bundle.md

@@ -19,7 +19,7 @@ create-package-bundle --os redhat-8.4 --output-directory=artifacts
       --fips                        If the package bundle should include fips packages.
   -h, --help                        help for create-package-bundle
       --kubernetes-version string   The version of kubernetes to download packages for.
-      --os string                   The target OS you wish to create a package bundle for. Must be one of [centos-7.9 redhat-7.9 redhat-8.4 redhat-8.6 redhat-8.8 rocky-9.1 ubuntu-18.04 ubuntu-20.04]
+      --os string                   The target OS you wish to create a package bundle for. Must be one of [centos-7.9 redhat-7.9 redhat-8.4 redhat-8.6 redhat-8.8 rocky-9.1 ubuntu-18.04 ubuntu-20.04 oracle-9.4]
       --output-directory string     The directory to place the bundle in. (default "artifacts")
 ```
 

magefile.go

@@ -447,12 +447,15 @@ func fetchPipPackages(downloadDir string) error {
 
 func fetchContainerd(osName, downloadDir, containerdVersion string, fips bool) error {
 	osInfo := strings.Split(osName, " ")
-	osDist := osInfo[0]
 	// TODO: improve this
 	osMajorMinor := strings.Split(osInfo[1], ".")
 	osMajor := osMajorMinor[0]
 	osMinor := osMajorMinor[1]
+
+	osDist := osInfo[0]
 	osDist = strings.Replace(osDist, "redhat", "rhel", 1)
+	osDist = strings.Replace(osDist, "oracle", "ol", 1)
+
 	containerdFile := fmt.Sprintf("containerd-%s-d2iq.1-%s-%s.%s-x86_64", containerdVersion, osDist, osMajor, osMinor)
 	if fips {
 		containerdFile += "_fips"