|
| 1 | +# Repository Management |
| 2 | + |
| 3 | +When building package based images `image-builder` will use repositories to get packages from. `image-builder` ships with built-in definitions and repositories for a [list of distributions](../10-faq.md#built-in-distributions). These are used when building artifacts. |
| 4 | + |
| 5 | +A common request is to enable additional repositories, override the repositories used, redirect repositories, or include additional repositories in the produced artifact. For this we need to go through the way `image-builder` uses repositories for each step of the build process. |
| 6 | + |
| 7 | +## `force-data-dir` |
| 8 | + |
| 9 | +Using `image-builder` with the `force-data-dir` argument allows for overriding the built-in repositories. Repositories passed through `force-data-dir` are only used during the build of an artifact, they are not configured or available on the artifact after build. |
| 10 | + |
| 11 | +The expected layout of the data directory passed is as follows: |
| 12 | + |
| 13 | +``` |
| 14 | +data |
| 15 | +└── repositories |
| 16 | + ├── rhel-10.0.json |
| 17 | + └── rhel-10.1.json |
| 18 | +``` |
| 19 | + |
| 20 | +The `.json` files contain the repositories that are used for each distribution and must match one of the distributions in the definitions. The format of these repository files is: |
| 21 | + |
| 22 | +```json |
| 23 | +{ |
| 24 | + "x86_64": [ |
| 25 | + { |
| 26 | + "name": "BaseOS", |
| 27 | + "baseurl": "https://some/base/url", |
| 28 | + "gpgkey": "----BEGIN PGP PUBLIC KEY BLOCK-----\n...\n-----END PGP PUBLIC KEY BLOCK-----\n", |
| 29 | + "check_gpg": true |
| 30 | + }, |
| 31 | + { ... }, |
| 32 | + { ... } |
| 33 | + ], |
| 34 | + "aarch64": [ |
| 35 | + ] |
| 36 | +} |
| 37 | +``` |
| 38 | + |
| 39 | +When `image-builder` is used with `force-data-dir` only the repositories inside the passed data directory are available. This implies that only distributions which have repositories defined are available. In the following command we have the contents of the above example(s) in our `./data` directory. |
| 40 | + |
| 41 | +```shell |
| 42 | +$ image-builder --force-data-dir=./data list |
| 43 | +rhel-10.0 type:ami arch:x86_64 |
| 44 | +rhel-10.0 type:azure-cvm arch:x86_64 |
| 45 | +rhel-10.0 type:azure-rhui arch:x86_64 |
| 46 | +rhel-10.0 type:azure-sap-rhui arch:x86_64 |
| 47 | +rhel-10.0 type:azure-sapapps-rhui arch:x86_64 |
| 48 | +rhel-10.0 type:ec2 arch:x86_64 |
| 49 | +rhel-10.0 type:ec2-ha arch:x86_64 |
| 50 | +rhel-10.0 type:ec2-sap arch:x86_64 |
| 51 | +# ... |
| 52 | +``` |
| 53 | + |
| 54 | +The list only contains `rhel-10.0` and `rhel-10.1` image types as available. |
| 55 | + |
| 56 | +For more information on the format and available options see the [managing repositories](https://osbuild.org/docs/on-premises/installation/managing-repositories/) page. |
| 57 | + |
| 58 | +## `force-repo` / `extra-repo` |
| 59 | + |
| 60 | +It is also possible to override repositories directly from the command line. This offers fewer options to configure repositories. When repositories are passed through `force-repo` or `extra-repo` their contents are not verified. Repositories passed through `force-repo` or `extra-repo` are only used during the build of an artifact, they are not configured or available on the artifact after build. |
| 61 | + |
| 62 | +The following command will build a `minimal-raw-xz` image for Fedora 43 using *only* the repository passed by `--force-repo`. This means that whichever repository is passed must contain all packages necessary. |
| 63 | + |
| 64 | +```shell |
| 65 | +$ sudo image-builder build --distro fedora-43 --force-repo https://some/base/url minimal-raw-xz |
| 66 | +``` |
| 67 | + |
| 68 | +`force-repo` can be passed multiple times. When this is done all `force-repo` repositories are used but no built in repositories. |
| 69 | + |
| 70 | +It is also possible to use `extra-repo`. The following command will build a `minimal-raw-xz` image for Fedora 43 using the builtin repositories for the distribution *and* the repository passed by `extra-repo`: |
| 71 | + |
| 72 | +```shell |
| 73 | +$ sudo image-builder build --distro fedora-43 --extra-repo https://some/base/url minimal-raw-xz |
| 74 | +``` |
| 75 | + |
| 76 | +`extra-repo` can be passed multiple times and each repository will be used. |
| 77 | + |
| 78 | +When combining either `force-repo` or `extra-repo` with the `force-data-dir` argument the built in repositories refer to those passed in `force-data-dir`. |
| 79 | + |
| 80 | +## Blueprints |
| 81 | + |
| 82 | +Repositories can be configured through blueprints. When repositories are configured through blueprints they are not used during the build of an artifact: they are only configured inside the built artifact. |
| 83 | + |
| 84 | +```toml |
| 85 | +[[customizations.repositories]] |
| 86 | +id = "example" |
| 87 | +name="Example repo" |
| 88 | +baseurls=[ "https://example.com/yum/download" ] |
| 89 | +gpgcheck=true |
| 90 | +gpgkeys = [ "https://example.com/public-key.asc" ] |
| 91 | +enabled=true |
| 92 | +``` |
| 93 | + |
| 94 | +If the above is saved to a file called `blueprint.toml` and we build an image: |
| 95 | + |
| 96 | +```shell |
| 97 | +$ sudo image-builder build --distro fedora-43 --blueprint blueprint.toml minimal-raw-xz |
| 98 | +# ... |
| 99 | +``` |
| 100 | + |
| 101 | +Then the resulting artifact will contain the repository configuration inside `/etc/yum.repos.d` but will not use the repository during the build. |
| 102 | + |
| 103 | +For more information on what fields are available see the [blueprint reference](/docs/user-guide/blueprint-reference/#repositories) on repositories. |
0 commit comments