PE-4370: kairos version bump and readme update

Earthfile

@@ -13,7 +13,7 @@ FROM $SPECTRO_PUB_REPO/canvos/alpine-cert:v1.0.0
 ## Spectro Cloud and Kairos Tags ##
 ARG PE_VERSION=v4.3.2
 ARG SPECTRO_LUET_VERSION=v1.2.7
-ARG KAIROS_VERSION=v3.0.9
+ARG KAIROS_VERSION=v3.0.10
 ARG K3S_FLAVOR_TAG=k3s1
 ARG RKE2_FLAVOR_TAG=rke2r1
 ARG BASE_IMAGE_URL=quay.io/kairos
@@ -182,42 +182,46 @@ build-provider-images:
     END
 
 build-provider-images-fips:
-    IF [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ]
-       BUILD  +provider-image --K8S_VERSION=1.24.13
-       BUILD  +provider-image --K8S_VERSION=1.25.9
-       BUILD  +provider-image --K8S_VERSION=1.26.4
-       BUILD  +provider-image --K8S_VERSION=1.27.2
-       BUILD  +provider-image --K8S_VERSION=1.29.0
-       BUILD  +provider-image --K8S_VERSION=1.27.9
-       BUILD  +provider-image --K8S_VERSION=1.26.12
-       BUILD  +provider-image --K8S_VERSION=1.28.5
-    ELSE IF [ "$K8S_DISTRIBUTION" = "rke2" ]
-       BUILD  +provider-image --K8S_VERSION=1.24.6
-       BUILD  +provider-image --K8S_VERSION=1.25.2
-       BUILD  +provider-image --K8S_VERSION=1.25.0
-       BUILD  +provider-image --K8S_VERSION=1.26.4
-       BUILD  +provider-image --K8S_VERSION=1.26.14
-       BUILD  +provider-image --K8S_VERSION=1.27.2
-       BUILD  +provider-image --K8S_VERSION=1.26.12
-       BUILD  +provider-image --K8S_VERSION=1.27.9
-       BUILD  +provider-image --K8S_VERSION=1.27.11
-       BUILD  +provider-image --K8S_VERSION=1.28.5
-       BUILD  +provider-image --K8S_VERSION=1.28.7
-       BUILD  +provider-image --K8S_VERSION=1.29.0
-       BUILD  +provider-image --K8S_VERSION=1.29.3
+    IF [ "$K8S_VERSION" = "" ]
+        IF [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ]
+           BUILD  +provider-image --K8S_VERSION=1.24.13
+           BUILD  +provider-image --K8S_VERSION=1.25.9
+           BUILD  +provider-image --K8S_VERSION=1.26.4
+           BUILD  +provider-image --K8S_VERSION=1.27.2
+           BUILD  +provider-image --K8S_VERSION=1.29.0
+           BUILD  +provider-image --K8S_VERSION=1.27.9
+           BUILD  +provider-image --K8S_VERSION=1.26.12
+           BUILD  +provider-image --K8S_VERSION=1.28.5
+        ELSE IF [ "$K8S_DISTRIBUTION" = "rke2" ]
+           BUILD  +provider-image --K8S_VERSION=1.24.6
+           BUILD  +provider-image --K8S_VERSION=1.25.2
+           BUILD  +provider-image --K8S_VERSION=1.25.0
+           BUILD  +provider-image --K8S_VERSION=1.26.4
+           BUILD  +provider-image --K8S_VERSION=1.26.14
+           BUILD  +provider-image --K8S_VERSION=1.27.2
+           BUILD  +provider-image --K8S_VERSION=1.26.12
+           BUILD  +provider-image --K8S_VERSION=1.27.9
+           BUILD  +provider-image --K8S_VERSION=1.27.11
+           BUILD  +provider-image --K8S_VERSION=1.28.5
+           BUILD  +provider-image --K8S_VERSION=1.28.7
+           BUILD  +provider-image --K8S_VERSION=1.29.0
+           BUILD  +provider-image --K8S_VERSION=1.29.3
+        ELSE
+           BUILD  +provider-image --K8S_VERSION=1.24.6
+           BUILD  +provider-image --K8S_VERSION=1.25.2
+           BUILD  +provider-image --K8S_VERSION=1.26.4
+           BUILD  +provider-image --K8S_VERSION=1.27.2
+           BUILD  +provider-image --K8S_VERSION=1.26.12
+           BUILD  +provider-image --K8S_VERSION=1.26.14
+           BUILD  +provider-image --K8S_VERSION=1.27.9
+           BUILD  +provider-image --K8S_VERSION=1.27.11
+           BUILD  +provider-image --K8S_VERSION=1.28.5
+           BUILD  +provider-image --K8S_VERSION=1.28.7
+           BUILD  +provider-image --K8S_VERSION=1.29.0
+           BUILD  +provider-image --K8S_VERSION=1.29.2
+        END
     ELSE
-       BUILD  +provider-image --K8S_VERSION=1.24.6
-       BUILD  +provider-image --K8S_VERSION=1.25.2
-       BUILD  +provider-image --K8S_VERSION=1.26.4
-       BUILD  +provider-image --K8S_VERSION=1.27.2
-       BUILD  +provider-image --K8S_VERSION=1.26.12
-       BUILD  +provider-image --K8S_VERSION=1.26.14
-       BUILD  +provider-image --K8S_VERSION=1.27.9
-       BUILD  +provider-image --K8S_VERSION=1.27.11
-       BUILD  +provider-image --K8S_VERSION=1.28.5
-       BUILD  +provider-image --K8S_VERSION=1.28.7
-       BUILD  +provider-image --K8S_VERSION=1.29.0
-       BUILD  +provider-image --K8S_VERSION=1.29.2
+        BUILD  +provider-image --K8S_VERSION="$K8S_VERSION"
     END
 
 BASE_ALPINE:

README.md

@@ -110,7 +110,7 @@ cp .arg.template .arg
 6. To build RHEL core, RHEL FIPS or Ubuntu fips, sles base images switch to respective directories and build the base image.
    The base image built can be passed as argument to build the installer and provider images.
    Follow the instructions in the respective sub-folders (rhel-fips, ubuntu-fips) to create base images.
-   For ubuntu-fips, this image can be used as base image - `gcr.io/spectro-dev-public/ubuntu-focal-fips:v4.2_20231226`
+   For ubuntu-fips, this image can be used as base image - `gcr.io/spectro-images-public/ubuntu-fips:v3.0.10`
    Skip this step if your base image is ubuntu or opensuse-leap. If you are building ubuntu or opensuse-leap installer images, do not pass the BASE_IMAGE attribute as an arg to build command.
 
 7. Modify the `.arg` file as needed. Primarily, you must define the tag you want to use for your images. For example, if the operating system is `ubuntu` and the tag is `demo`, the image artefact will name as `ttl.sh/ubuntu:k3s-1.25.2-v3.4.3-demo`. The **.arg** file defines the following variables:
@@ -165,7 +165,7 @@ To build the provider images
 To build the fips enabled ubuntu installer image
 
 ```shell
-./earthly.sh +iso --BASE_IMAGE=gcr.io/spectro-dev-public/ubuntu-focal-fips:v4.2_20231226 --FIPS_ENABLED=true --ARCH=amd64 --PE_VERSION=v4.2.3
+./earthly.sh +iso --BASE_IMAGE=gcr.io/spectro-images-public/ubuntu-fips:v3.0.10 --FIPS_ENABLED=true --ARCH=amd64 --PE_VERSION=v4.3.2
 ```
 
 Output

rhel-core-images/Dockerfile.rhel8

@@ -57,7 +57,7 @@ RUN uuidgen > /etc/machine-id && dnf install -y \
     rsync jq && dnf clean all
 
 
-COPY --from=quay.io/kairos/framework:v2.7.31 / /
+COPY --from=quay.io/kairos/framework:v2.7.32 / /
 
 RUN sed -i 's/\bsource\b/./g' /system/oem/00_rootfs.yaml
 RUN sed -i 's/\bsource\b/./g' /system/oem/09_openrc_services.yaml

rhel-fips/Dockerfile

@@ -84,7 +84,7 @@ RUN mkdir -p /run/lock && \
 # Copy the os-release file to identify the OS
 COPY --from=osbuilder /workspace/os-release /etc/os-release
 
-COPY --from=quay.io/kairos/framework:v2.7.31-fips / /
+COPY --from=quay.io/kairos/framework:v2.7.32-fips / /
 
 RUN sed -i 's/\bsource\b/./g' /system/oem/00_rootfs.yaml
 RUN sed -i 's/\bsource\b/./g' /system/oem/09_openrc_services.yaml

rhel-fips/README.md

@@ -1,6 +1,6 @@
 # Kairos Fedora fips
 
-- run `bash build.sh`
+- run `bash build.sh <username> <password> [<base image>]`
 - start the ISO with qemu `bash run.sh`
 
 The system is not enabling FIPS by default in kernel space. 

slem/Dockerfile

@@ -28,7 +28,7 @@ RUN mkdir -p /run/lock
 RUN mkdir -p /usr/libexec
 RUN touch /usr/libexec/.keep
 
-COPY --from=quay.io/kairos/framework:v2.7.31 / /
+COPY --from=quay.io/kairos/framework:v2.7.32 / /
 
 RUN sed -i 's/\bsource\b/./g' /system/oem/00_rootfs.yaml
 RUN sed -i 's/\bsource\b/./g' /system/oem/09_openrc_services.yaml

slem/README.md

@@ -6,4 +6,4 @@
 * If you wish to override the BASE_IMAGE, make sure to use a container image that has zypper installed in it 
 
 ## Steps to build the image:
-./build.sh <REGISTRATION_CODE>
+`./build.sh <REGISTRATION_CODE> [<BASE_IMAGE>]`

slem/build.sh

@@ -7,6 +7,7 @@ if [[ -z "$1" ]]; then
   exit 1
 fi
 REGISTRATION_CODE=$1
+BASE_IMAGE="${2:-slem-base:latest}"
 
 set -ex
 
@@ -37,4 +38,4 @@ transactional-update register -r $REGISTRATION_CODE
 transactional-update -n pkg install docker
 transactional-update -n register -p PackageHub/15.5/x86_64
 
-docker build -t slem-base:kairos-v2.4.3 .
+docker build -t $BASE_IMAGE .

ubuntu-fips/Dockerfile

@@ -1,6 +1,6 @@
 
 # Kairos framework packages for ubuntu fips
-FROM quay.io/kairos/framework:v2.7.31-fips as kairos-fips
+FROM quay.io/kairos/framework:v2.7.32-fips as kairos-fips
 
 # Base ubuntu image (focal)
 FROM ubuntu:focal as base

ubuntu-fips/README.md

@@ -1,7 +1,7 @@
 # Kairos Ubuntu focal fips
 
 - Edit `pro-attach-config.yaml` with your token
-- run `bash build.sh`
+- run `bash build.sh [<base image>]`
 - start the ISO with qemu `bash run.sh`
 
 The system is not enabling FIPS by default in kernel space.