Failing CPC tests show that the preseeded apparmor features don't
include policy:permstable32 for the 6.8 kernel. This change adds the
feature preseed with values based on a successfully booted instance.
patch create_manifest to produce an sbom when called by an ubuntu-cpc
project. Patch all the ubuntu-cpc hooks and series files to include the
newly generated manifests, filelists, and sboms. Generates a number of
new artifacts in the builds. the snap utilized, cpc-sbom, is an open
source repo and a provided via a hidden snap. there is no intention of
publisizing the snap or how we generate sboms, however partners require
the ability to audit if required.
defensively checks if the snap is already installed, in the case of
multiple hooks being called in a single build (thus sharing a build
host), and only if called in an ubuntu-cpc project.
(cherry picked from commit 7c7b7df89dc96169db1f255d6bba901ebb63a43c)
unminimize is currently present at /usr/local/sbin/unminimize,
which is spit out by livecd-rootfs currently. We'd like to switch
that to use the packaged unminimize, which will be at
/usr/bin/unminimize instead.
(cherry picked from commit 7535bf7bc7)
And prefer the one that is packaged separately as
src:unminimize, which installs the package in
/usr/bin/unminimize
(cherry picked from commit 34482819f0)
The ubuntu-core-installer image is an installer that installs ubuntu
core. The environment the installer runs in is similar to the server
installer but it has a source catalog entry that points to the model
created in ubuntu-core-installer/hooks/05-prepare-image.binary, which
subiquity knows how to install.
There was a change made by me in https://code.launchpad.net/~philroche/livecd-rootfs/+git/livecd-rootfs/+merge/466388
as part of LP: #2066905 to remove references to LXD in the unminimize scripts
but I also removed the calls to `unminimize` in error.
This still needs to run but without any references to LXD which no longer
needs to be `unminimized` via snap installation.
(cherry picked from commit f574fc8200)
With current kernel we need to specify the SBI driver
for the early console to work.
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
feat: Re-enable ability to build HyperV desktop images (LP: #2064280)
We have not built Hyperv desktop images since Jammy and with the re-introduction of
HyperV for Noble we have encountered build issues caused by refactoring and removals
of code assumed to be redundant but the HyperV desktop images were actually using
these code paths.
This is a backport/SRU from oracular.
MP: https://code.launchpad.net/~philroche/livecd-rootfs/+git/livecd-rootfs/+merge/466385
# Conflicts:
# debian/changelog
The LXD snap is no longer seeded in any images since Noble+ so the LXD related unminimize logic in
./live-build/auto/build?h=ubuntu/noble and ./live-build/ubuntu-server/hooks/01-unminimize.chroot_early
is no longer required.
lxd-installer can remain installed.
(cherry picked from commit 46c19dfa91)
For Ubuntu 24.04 and later cloud-init is included in desktop images. This is not applicable for Hyperv images so
we can disable cloud-init. This leaves the cloud-init package installed but disabled so users can still
use it if they want.
This is a documented way to disable cloud-init. See https://cloudinit.readthedocs.io/en/latest/howto/disable_cloud_init.html
(cherry picked from commit ff47664d8c)
A change in 8fb21808 also removed many of the dependencies that the hyperv images require.
This removal has been restored in this commit by adding them expliciltly in the hyperv hook.
(cherry picked from commit c459e5e5af)
We have not built Hyperv desktop images since Jammy and with the re-introduction of HyperV for Noble we have encountered build issues caused by refactoring and removals of code assumed to be redundant but the HyperV desktop images were actually using these code paths.
In bbedffe6 we split the building of cloud images and non cloud to using an ddisk-image-uefi.binary and disk-image-uefi-non-cloud.binary respectively. In e38264ca there was a change which meant that any attempt to build hyperv images would result in incorrect disk size and incorrect disk label.
This has been fixed by ensuring that the ubuntu:desktop-preinstalled $PROJECT:$SUBPROJECT matches and sets the correct disk size and correct disk label.
A change in 76d79466 changed the logic of how the image size for amd64 images were being set. This overrode the sizes set for the desktop images incorrectly.
This commit ensures that any desktop image being created uses the correct image size.
(cherry picked from commit 48aed40194)
do_layered_desktop_image() is now the standard entry point for flavors using
ubuntu-desktop-bootstrap and handles minimal/standard/live layers in a
configurable and flavor-agnostic way to reduce code duplication.
Failing CPC tests show that the preseeded apparmor features don't
include policy:unconfined_restrictions for the 6.8 kernel. This
change adds the feature preseed with values based on a successfully
booted instance.
Fixes: LP: #2060558