diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5712b46fcd0..65602859280 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,4 +1,4 @@ -# CBL-Mariner's Contribution Guide +# Azure Linux's Contribution Guide ## Table of Contents @@ -63,20 +63,20 @@ Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https: -## Develop for CBL-Mariner +## Develop for Azure Linux -When starting to develop for CBL-Mariner, use the [CBL-MarinerTutorials](https://github.com/microsoft/CBL-MarinerTutorials) repo. This repository guides developers on using CBL-Mariner's tools to customize or add new packages or images. Once you have confirmed your change builds and functions as expected, consider whether it should be added to the core repo, [CBL-Mariner](https://github.com/microsoft/CBL-Mariner). Please see our [quickstart](toolkit/docs/quick_start/quickstart.md) for a tutorial and [building instructions](toolkit/docs/building/building.md) for an in-depth overview of building within CBL-Mariner. Please adhere to the [Pull Request guidelines](pull-request-guidelines) when contributing. +When starting to develop for Azure Linux, use the [Azure LinuxTutorials](https://github.com/microsoft/AzureLinux-Tutorials) repo. This repository guides developers on using Azure Linux's tools to customize or add new packages or images. Once you have confirmed your change builds and functions as expected, consider whether it should be added to the core repo, [Azure Linux](https://github.com/microsoft/azurelinux). Please see our [quickstart](toolkit/docs/quick_start/quickstart.md) for a tutorial and [building instructions](toolkit/docs/building/building.md) for an in-depth overview of building within Azure Linux. Please adhere to the [Pull Request guidelines](pull-request-guidelines) when contributing. ### Packages -CBL-Mariner packages live in either [SPECS](SPECS) or [SPECS-EXTENDED](SPECS-EXTENDED). CBL-Mariner packages that are in the `SPECS` directory have full support and coverage with timely CVE maintenance. Packages in `SPECS-EXTENDED` are for experimentation or proof-of-concept purposes only. `SPECS-EXTENDED` can be used as a staging area for iterating on packages with the possiblity of the package being graduated to `SPECS`. +Azure Linux packages live in either [SPECS](SPECS) or [SPECS-EXTENDED](SPECS-EXTENDED). Azure Linux packages that are in the `SPECS` directory have full support and coverage with timely CVE maintenance. Packages in `SPECS-EXTENDED` are for experimentation or proof-of-concept purposes only. `SPECS-EXTENDED` can be used as a staging area for iterating on packages with the possiblity of the package being graduated to `SPECS`. | Package Support Level | Published | Supported | Comments |:----------------------|:----------|:--------|:------------ |SPECS-EXTENDED |**Yes** |No | - Package needs a viable upstream source which actively addresses CVEs
- Package must not include project specific code |SPECS |**Yes** |**Yes** | - Package needs a viable upstream source which actively addresses CVEs
- Package must not include project specific code
- Package needs to offer value for multiple use cases -When looking to graduate a package from `SPECS-EXTENDED` to `SPECS`, file a [GitHub issue](https://github.com/microsoft/CBL-Mariner/issues) highlighting the package's value and ensure that the following steps are completed for associated PRs. +When looking to graduate a package from `SPECS-EXTENDED` to `SPECS`, file a [GitHub issue](https://github.com/microsoft/azurelinux/issues) highlighting the package's value and ensure that the following steps are completed for associated PRs. 1. Increment the spec's `Release` value 1. Add changelog entries "Package promoted from SPECS-EXTENDED to SPECS" and "License verified" @@ -87,7 +87,7 @@ When looking to graduate a package from `SPECS-EXTENDED` to `SPECS`, file a [Git ### Toolkit -We welcome tooling improvements. When contributing to the toolkit, please adhere to `golang` formatting as described by the [fmt](https://pkg.go.dev/fmt) package. To format using this package, you can run `make go-tidy-all` in your CBL-Mariner toolkit. For guidance on building with the toolkit, see our [building instructions](toolkit/docs/building/building.md). +We welcome tooling improvements. When contributing to the toolkit, please adhere to `golang` formatting as described by the [fmt](https://pkg.go.dev/fmt) package. To format using this package, you can run `make go-tidy-all` in your Azure Linux toolkit. For guidance on building with the toolkit, see our [building instructions](toolkit/docs/building/building.md). ### Documentation @@ -151,11 +151,11 @@ When creating your PR, please ensure the following: * Any updated packages successfully build (or no packages were changed). For guidance on building packages, see our [building instructions](toolkit/docs/building/building.md). Please ensure the package is located in the [appropriate folder](#packages). -* Packages depending on static components modified in this PR (Golang, *-static subpackages, etc.) have had their `Release` tag incremented. Dependent packages are packages which contain a `BuildRequires` on the package you are updating and create static links from your package. This can be difficult to discern based on spec files alone and may require investigating `make` commands in dependent packages or consulting a CBL-Mariner dev. +* Packages depending on static components modified in this PR (Golang, *-static subpackages, etc.) have had their `Release` tag incremented. Dependent packages are packages which contain a `BuildRequires` on the package you are updating and create static links from your package. This can be difficult to discern based on spec files alone and may require investigating `make` commands in dependent packages or consulting an Azure Linux dev. * Package tests (%check section) have been verified with RUN_CHECK=y for existing SPEC files, or added to new SPEC files. When running the check section, results will not fail a build. Check the logs for the results of this section. -* All package sources are available. The sources are either in the source server or local `SPECS` folder (`SPECS//SOURCES` or `SPECS/`). While it is possible to build packages with all sources inside the repo, our policy is generally to have the source compressed and placed on the source server. Uploading to the source server can only be accomplished by a CBL-Mariner developer. Please request help in your PR for uploading your sources to the source server. To check the source server see [https://cblmarinerstorage.blob.core.windows.net/sources/core/< source tar >]. +* All package sources are available. The sources are either in the source server or local `SPECS` folder (`SPECS//SOURCES` or `SPECS/`). While it is possible to build packages with all sources inside the repo, our policy is generally to have the source compressed and placed on the source server. Uploading to the source server can only be accomplished by an Azure Linux developer. Please request help in your PR for uploading your sources to the source server. To check the source server see [https://cblmarinerstorage.blob.core.windows.net/sources/core/< source tar >]. * cgmanifest files are up-to-date and alphabetically sorted. The cgmanifest files are used to record all package sources. They include the following files: @@ -164,13 +164,13 @@ When creating your PR, please ensure the following: * ./toolkit/scripts/toolchain/cgmanifest.json, * .github/workflows/cgmanifest.json - To validate, run the following in a CBL-Mariner container or Ubuntu >= 22.04 + To validate, run the following in an Azure Linux container or Ubuntu >= 22.04 ```bash .github/workflows/validate-cg-manifest.sh SPECS//.spec ``` -* LICENSE-MAP files are up-to-date. These files indicate which licenses are being used by CBL-Mariner's packages and where the package may be derived from. The license files include the following files: +* LICENSE-MAP files are up-to-date. These files indicate which licenses are being used by Azure Linux's packages and where the package may be derived from. The license files include the following files: * ./SPECS/LICENSES-AND-NOTICES/data/licenses.json * ./SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md @@ -206,4 +206,4 @@ When creating your PR, please ensure the following: ## Bugs -If the bug is security related, please use the [security guidelines](#security-vulnerabilities) above. Otherwise, please use the [issues page](https://github.com/microsoft/CBL-Mariner/issues) on CBL-Mariner to file bugs. +If the bug is security related, please use the [security guidelines](#security-vulnerabilities) above. Otherwise, please use the [issues page](https://github.com/microsoft/azurelinux/issues) on Azure Linux to file bugs. diff --git a/README.md b/README.md index b5b34a2b163..6677359d826 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,25 @@ -# CBL-Mariner +# Azure Linux -CBL-Mariner is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services. CBL-Mariner is designed to provide a consistent platform for these devices and services and will enhance Microsoft’s ability to stay current on Linux updates. This initiative is part of Microsoft’s increasing investment in a wide range of Linux technologies, such as [SONiC](https://azure.microsoft.com/en-us/blog/sonic-the-networking-switch-software-that-powers-the-microsoft-global-cloud/) and [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/about). CBL-Mariner is being shared publicly as part of Microsoft’s commitment to Open Source and to contribute back to the Linux community. CBL-Mariner does not change our approach or commitment to any existing third-party Linux distribution offerings. +Azure Linux is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services. Azure Linux is designed to provide a consistent platform for these devices and services and will enhance Microsoft’s ability to stay current on Linux updates. This initiative is part of Microsoft’s increasing investment in a wide range of Linux technologies, such as [SONiC](https://azure.microsoft.com/en-us/blog/sonic-the-networking-switch-software-that-powers-the-microsoft-global-cloud/) and [Windows Subsystem for Linux (WSL)](https://docs.microsoft.com/en-us/windows/wsl/about). Azure Linux is being shared publicly as part of Microsoft’s commitment to Open Source and to contribute back to the Linux community. Azure Linux does not change our approach or commitment to any existing third-party Linux distribution offerings. -CBL-Mariner has been engineered with the notion that a small common core set of packages can address the universal needs of first party cloud and edge services while allowing individual teams to layer additional packages on top of the common core to produce images for their workloads. This is made possible by a simple build system that enables: +Azure Linux has been engineered with the notion that a small common core set of packages can address the universal needs of first party cloud and edge services while allowing individual teams to layer additional packages on top of the common core to produce images for their workloads. This is made possible by a simple build system that enables: - **Package Generation:** This produces the desired set of RPM packages from SPEC files and source files. - **Image Generation:** This produces the desired image artifacts like ISOs or VHDs from a given set of packages. -Whether deployed as a container or a container host, CBL-Mariner consumes limited disk and memory resources. The lightweight characteristics of CBL-Mariner also provides faster boot times and a minimal attack surface. By focusing the features in the core image to just what is needed for our internal cloud customers there are fewer services to load, and fewer attack vectors. +Whether deployed as a container or a container host, Azure Linux consumes limited disk and memory resources. The lightweight characteristics of Azure Linux also provides faster boot times and a minimal attack surface. By focusing the features in the core image to just what is needed for our internal cloud customers there are fewer services to load, and fewer attack vectors. -When security vulnerabilities arise, CBL-Mariner supports both a package-based update model and an image based update model. Leveraging the common [RPM Package Manager](https://rpm.org/) system, CBL-Mariner makes the latest security patches and fixes available for download with the goal of fast turn-around times. +When security vulnerabilities arise, Azure Linux supports both a package-based update model and an image based update model. Leveraging the common [RPM Package Manager](https://rpm.org/) system, Azure Linux makes the latest security patches and fixes available for download with the goal of fast turn-around times. -## Getting Started with CBL-Mariner +## Getting Started with Azure Linux ### Build -Instructions for building CBL-Mariner may be found here: [Toolkit Documentation](./toolkit/README.md). +Instructions for building Azure Linux may be found here: [Toolkit Documentation](./toolkit/README.md). ### ISO -You can try CBL-Mariner with the following ISO images: +You can try Azure Linux with the following ISO images: - [Mariner 2.0 x86_64 ISO](https://aka.ms/mariner-2.0-x86_64-iso). - [Mariner 1.0 x86_64 ISO](https://aka.ms/mariner-1.0-x86_64-iso). @@ -28,7 +28,7 @@ Before using a downloaded ISO, [verify the checksum and signature of the image]( After downloading the ISO, use [the quickstart instructions](toolkit/docs/quick_start/quickstart.md) to install and use the image in a Hyper-V VM. -Note: Support for the ISO is community based. Before filing a new bug or feature request, please search the list of Github Issues. If you are unable to find a matching issue, please report new bugs by clicking [here](https://github.com/microsoft/CBL-Mariner/issues) or create a new feature request by clicking [here](https://github.com/microsoft/CBL-Mariner/issues/new). For additional information refer to the [support.md](https://github.com/microsoft/CBL-Mariner/blob/2.0/SUPPORT.md) file. +Note: Support for the ISO is community based. Before filing a new bug or feature request, please search the list of Github Issues. If you are unable to find a matching issue, please report new bugs by clicking [here](https://github.com/microsoft/azurelinux/issues) or create a new feature request by clicking [here](https://github.com/microsoft/azurelinux/issues/new). For additional information refer to the [support.md](https://github.com/microsoft/azurelinux/blob/3.0/SUPPORT.md) file. ## Getting Help @@ -46,7 +46,7 @@ This project may contain trademarks or logos for projects, products, or services ## Acknowledgments -Any Linux distribution, including CBL-Mariner, benefits from contributions by the open software community. We gratefully acknowledge all contributions made from the broader open source community, in particular: +Any Linux distribution, including Azure Linux, benefits from contributions by the open software community. We gratefully acknowledge all contributions made from the broader open source community, in particular: 1) The [Photon OS Project](https://vmware.github.io/photon/) for SPEC files originating from the Photon distribution. diff --git a/SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md b/SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md index 9c34a26635d..188f13b5761 100644 --- a/SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md +++ b/SPECS/LICENSES-AND-NOTICES/LICENSES-MAP.md @@ -1,4 +1,4 @@ -The CBL-Mariner SPEC files originated from a variety of sources with varying licenses. The changelog for each SPEC file declares provenance for CBL-Mariner. Some of the SPEC files that originated from other distributions might already have been derived from alternate sources. Their licenses can be found in LICENSE-EXCEPTION.xxx files in this folder. +The Azure Linux SPEC files originated from a variety of sources with varying licenses. The changelog for each SPEC file declares provenance for Azure Linux. Some of the SPEC files that originated from other distributions might already have been derived from alternate sources. Their licenses can be found in LICENSE-EXCEPTION.xxx files in this folder. | Origin | License | Specs | | --- | --- | --- | diff --git a/SPECS/LICENSES-AND-NOTICES/data/licenses.json b/SPECS/LICENSES-AND-NOTICES/data/licenses.json index 08ea111ff33..d88753d757a 100644 --- a/SPECS/LICENSES-AND-NOTICES/data/licenses.json +++ b/SPECS/LICENSES-AND-NOTICES/data/licenses.json @@ -1,5 +1,5 @@ { - "header": "The CBL-Mariner SPEC files originated from a variety of sources with varying licenses. The changelog for each SPEC file declares provenance for CBL-Mariner. Some of the SPEC files that originated from other distributions might already have been derived from alternate sources. Their licenses can be found in LICENSE-EXCEPTION.xxx files in this folder.", + "header": "The Azure Linux SPEC files originated from a variety of sources with varying licenses. The changelog for each SPEC file declares provenance for Azure Linux. Some of the SPEC files that originated from other distributions might already have been derived from alternate sources. Their licenses can be found in LICENSE-EXCEPTION.xxx files in this folder.", "table_headers": [ "Origin", "License", diff --git a/SPECS/tboot/README.md b/SPECS/tboot/README.md index 07d49d4e19a..743ef32a1a0 100644 --- a/SPECS/tboot/README.md +++ b/SPECS/tboot/README.md @@ -1,9 +1,9 @@ -# CBL-Mariner TBOOT +# Azure Linux TBOOT Platform Prerequisites: Real hardware platform that supports Intel TXT (Trusted Execution Technology) and TPM 2.0 -------------------------- -Enabling TBOOT in CBL-Mariner: +Enabling TBOOT in Azure Linux: 1. Install the tboot rpm package 2. Check the cpu info of the platform and download the corresponding SINIT ACM module from: https://www.intel.com/content/www/us/en/developer/articles/tool/intel-trusted-execution-technology.html to /boot diff --git a/SUPPORT.md b/SUPPORT.md index 5a1e827611f..f593f1fe9dc 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -4,14 +4,14 @@ This project uses [GitHub issues][gh-issue] to [track bugs][gh-bug] and [feature requests][gh-feature]. Please search the existing issues before filing new issues to avoid duplicates. For new topics, file your bug or feature request as a new issue. -For questions about using this project, please look at the [Tutorials repo for CBL-Mariner][tutorial] and our [Contributor's Guide][contributor] if you want to work on CBL-Mariner. +For questions about using this project, please look at the [Tutorials repo for Azure Linux][tutorial] and our [Contributor's Guide][contributor] if you want to work on Azure Linux. ## Microsoft Support Policy -Support for CBL-Mariner is limited to the resources listed above. +Support for Azure Linux is limited to the resources listed above. -[gh-issue]: https://github.com/microsoft/CBL-Mariner/issues/new/choose -[gh-bug]: https://github.com/microsoft/CBL-Mariner/issues/new?labels=bug -[gh-feature]: https://github.com/microsoft/CBL-Mariner/issues/new?labels=enhancement -[tutorial]: https://github.com/Microsoft/CBL-MarinerTutorials -[contributor]: https://github.com/microsoft/CBL-Mariner/blob/main/CONTRIBUTING.md +[gh-issue]: https://github.com/microsoft/azurelinux/issues/new/choose +[gh-bug]: https://github.com/microsoft/azurelinux/issues/new?labels=bug +[gh-feature]: https://github.com/microsoft/azurelinux/issues/new?labels=enhancement +[tutorial]: https://github.com/microsoft/azurelinux-Tutorials +[contributor]: https://github.com/microsoft/azurelinux/blob/main/CONTRIBUTING.md diff --git a/toolkit/README.md b/toolkit/README.md index 43f18a6f479..c630a4b5912 100644 --- a/toolkit/README.md +++ b/toolkit/README.md @@ -1,21 +1,21 @@ ## [Quick Start Guide](docs/quick_start/quickstart.md) -- **Recommended if you want to try CBL-Mariner.** -- Quickly build the **Standard CBL-Mariner** image, install and use. +- **Recommended if you want to try Azure Linux.** +- Quickly build the **Standard Azure Linux** image, install and use. -## [Tutorial for Building Custom Mariner Based Images](https://github.com/microsoft/CBL-MarinerTutorials) +## [Tutorial for Building Custom Mariner Based Images](https://github.com/microsoft/azurelinux-tutorials) -- **Recommended if you are a developer and want to experiment with CBL-Mariner.** -- Quickly build a **Custom CBL-Mariner** image, install and use. -- Learn how to add new or existing packages to CBL-Mariner at build time. -- Learn how to customize the CBL-Mariner Kernel. +- **Recommended if you are a developer and want to experiment with Azure Linux.** +- Quickly build a **Custom Azure Linux** image, install and use. +- Learn how to add new or existing packages to Azure Linux at build time. +- Learn how to customize the Azure Linux Kernel. - Learn how to create an Unattended Installer. - Other Advanced Topics. ## [Build Users Guide](docs/building/building.md) -- **Recommended if you are a developer and want to learn how to fully build CBL-Mariner.** -- Build CBL-Mariner end-to-end. +- **Recommended if you are a developer and want to learn how to fully build Azure Linux.** +- Build Azure Linux end-to-end. - Advanced building topics. - Build parameters and environment variables. - packages.microsoft.com repository structure breakdown. diff --git a/toolkit/docs/building/building.md b/toolkit/docs/building/building.md index 3a15e060c92..7d3f82d1a92 100644 --- a/toolkit/docs/building/building.md +++ b/toolkit/docs/building/building.md @@ -21,8 +21,8 @@ - [Ignoring Packages](#ignoring-packages) - [Source Hashes](#source-hashes) - [packages.microsoft.com Repository Structure](#packagesmicrosoftcom-repository-structure) - - [CBL-Mariner 1.0](#cbl-mariner-10) - - [CBL-Mariner 2.0](#cbl-mariner-20) + - [Azure Linux 1.0](#azure-linux-10) + - [Azure Linux 2.0](#azure-linux-20) - [Keys, Certs, and Remote Sources](#keys-certs-and-remote-sources) - [Sources](#sources) - [Authentication](#authentication) @@ -83,11 +83,11 @@ ## Overview -The following documentation describes how to fully build CBL-Mariner end-to-end as well as advanced techniques for performing toolchain, or package builds. Full builds of CBL-Mariner _**is not**_ generally needed. All CBL-Mariner packages are built signed and released to an RPM repository at [packages.microsoft.com](https://packages.microsoft.com/cbl-mariner/2.0/prod/) +The following documentation describes how to fully build Azure Linux end-to-end as well as advanced techniques for performing toolchain, or package builds. Full builds of Azure Linux _**is not**_ generally needed. All Azure Linux packages are built signed and released to an RPM repository at [packages.microsoft.com](https://packages.microsoft.com/azurelinux/2.0/prod/) -If you simply want to test-drive CBL-Mariner you may download and install the ISO (see: [readme.md](../../README.md)). If you want to experiment with CBL-Mariner and build custom images or add packages in a more focused environment, refer to the tutorial in the [CBL-MarinerTutorials](https://github.com/microsoft/CBL-MarinerTutorials) repository. +If you simply want to test-drive Azure Linux you may download and install the ISO (see: [readme.md](../../README.md)). If you want to experiment with Azure Linux and build custom images or add packages in a more focused environment, refer to the tutorial in the [AzureLinux-Tutorials](https://github.com/microsoft/AzureLinux-Tutorials) repository. -The CBL-Mariner build system consists of several phases and tools, but at a high level it can be viewed simply as 3 distinct build stages: +The Azure Linux build system consists of several phases and tools, but at a high level it can be viewed simply as 3 distinct build stages: - **Toolchain** This stage builds a bootstrap toolchain and then builds the official toolchain. The official toolchain is used in the subsequent package build stage. Building is highly scripted and serialized in this stage. @@ -108,20 +108,20 @@ Prepare your system by installing the necessary prerequisites [here](prerequisit ## **Clone and Sync To Stable Commit** -Clone the 2.0-stable build of CBL-Mariner as shown here. +Clone the 2.0-stable build of Azure Linux as shown here. ```bash # Get the source code -git clone https://github.com/microsoft/CBL-Mariner.git -cd CBL-Mariner/toolkit +git clone https://github.com/microsoft/azurelinux.git +cd azurelinux/toolkit # Checkout the desired release branch. The 2.0-stable tag tracks the most recent successful release of the 2.0 branch. git checkout 2.0-stable ``` -**IMPORTANT:** The 2.0-stable tag always points to the latest known good build of CBL-Mariner of the 2.0 branch. A similar tag, 1.0-stable, exists for the 1.0 branch. Other branchses are also buildable but not guarnateed to be stable. The 1.0 and 2.0 branches are periodically updated with bug fixes, security vulnerability fixes or occasional feature enhancements. As those fixes are integrated into the branch the head of a branch may be temporarily unstable. The 2.0-stable tag will remain fixed until the tip of the branch is validated and the latest source and binary packages (SRPMs and RPMs) are published. At that point, the 2.0-stable tag is advanced. To ensure you have the latest invoke _git fetch --tags_ before building. +**IMPORTANT:** The 2.0-stable tag always points to the latest known good build of Azure Linux of the 2.0 branch. A similar tag, 1.0-stable, exists for the 1.0 branch. Other branchses are also buildable but not guarnateed to be stable. The 1.0 and 2.0 branches are periodically updated with bug fixes, security vulnerability fixes or occasional feature enhancements. As those fixes are integrated into the branch the head of a branch may be temporarily unstable. The 2.0-stable tag will remain fixed until the tip of the branch is validated and the latest source and binary packages (SRPMs and RPMs) are published. At that point, the 2.0-stable tag is advanced. To ensure you have the latest invoke _git fetch --tags_ before building. -It is also possible to build an older version of CBL-Mariner from the 2.0 branch. CBL-Mariner may be updated at any time, but an aggregate release is declared monthly and [tagged in github](https://github.com/microsoft/CBL-Mariner/releases). These monthly builds are stable and their tags can be substituted for the 2.0-stable label above. +It is also possible to build an older version of Azure Linux from the 2.0 branch. Azure Linux may be updated at any time, but an aggregate release is declared monthly and [tagged in github](https://github.com/microsoft/azurelinux/releases). These monthly builds are stable and their tags can be substituted for the 2.0-stable label above. Alternate branches are not generally buildable because community builds require the SRPMs and/or RPMs be published. At this time, published files are only available for the 2.0 branch. @@ -135,7 +135,7 @@ For expediency, the toolchain may be populated from upstream binaries, or may be ### **Populate Toolchain** -A set of bootstrapped toolchain packages (gcc etc.) are used to build CBL-Mariner packages and images. Rather than build the toolchain, the prebuilt binaries can be downloaded to your local machine. This happens automatically when the `REBUILD_TOOLCHAIN=` parameter is set to `n` (the default). +A set of bootstrapped toolchain packages (gcc etc.) are used to build Azure Linux packages and images. Rather than build the toolchain, the prebuilt binaries can be downloaded to your local machine. This happens automatically when the `REBUILD_TOOLCHAIN=` parameter is set to `n` (the default). ```bash # Populate Toolchain from pre-existing binaries @@ -153,7 +153,7 @@ sudo make toolchain REBUILD_TOOLS=y REBUILD_TOOLCHAIN=y ## **Package Stage** -After the toolchain is built or populated, package building is possible. The CBL-Mariner ecosystem provides a significant number of packages, but most of those packages are not used in an image. When rebuilding packages, you can choose to build everything, or you can choose to build just what you need for a specific image. This can save significant time because only the subset of the CBL-Mariner packages needed for an image are built. +After the toolchain is built or populated, package building is possible. The Azure Linux ecosystem provides a significant number of packages, but most of those packages are not used in an image. When rebuilding packages, you can choose to build everything, or you can choose to build just what you need for a specific image. This can save significant time because only the subset of the Azure Linux packages needed for an image are built. The CONFIG_FILE argument provides a quick way to declare what to build. To manually build **all** packages you can use the default configuration (`CONFIG_FILE=""`) and invoke the package build target. To build packages needed for a specific image, you must set the CONFIG_FILE= parameter to an image configuration file of your choice. The standard image configuration files are in the toolkit/imageconfigs folder. @@ -163,11 +163,11 @@ There are several more package build options. For example it's possible to buil ### **Rebuild All Packages** -The following command rebuilds all CBL-Mariner packages. +The following command rebuilds all Azure Linux packages. ```bash # Build ALL packages -# (NOTE: CBL-Mariner compiles natively, an ARM64 build machine is required to create ARM64 packages/images) +# (NOTE: Azure Linux compiles natively, an ARM64 build machine is required to create ARM64 packages/images) sudo make build-packages -j$(nproc) REBUILD_TOOLS=y ``` @@ -177,14 +177,14 @@ The following command rebuilds packages for the basic VHD. ```bash # Build the subset of packages needed to build the basic VHD -# (NOTE: CBL-Mariner compiles natively, an ARM64 build machine is required to create ARM64 packages/images) +# (NOTE: Azure Linux compiles natively, an ARM64 build machine is required to create ARM64 packages/images) sudo make build-packages -j$(nproc) CONFIG_FILE=./imageconfigs/core-legacy.json REBUILD_TOOLS=y ``` Note that the image config file passed to the CONFIG_FILE option _only_ builds the packages included in the image plus all packages needed to build those packages. That is, more will be built than needed by the image, but only a subset of packages will be built. ### **Targeted Package Building** -Beginning with the CBL-Mariner 2.0's 2022 October Release (2.0.20221007) it is possible to rapidly build one or more packages "in-tree". This technique can be helpful for modifying an existing SPEC file or adding a new one to CBL-Mariner. +Beginning with the Azure Linux 2.0's 2022 October Release (2.0.20221007) it is possible to rapidly build one or more packages "in-tree". This technique can be helpful for modifying an existing SPEC file or adding a new one to Azure Linux. ```bash # Build targeted packages @@ -205,7 +205,7 @@ sudo make build-packages -j$(nproc) REBUILD_TOOLS=y SRPM_PACK_LIST="at" PACKAGE_ ## **Image Stage** -Different images and image formats can be produced from the build system. Images are assembled from a combination of _Image Configuration_ files and _Package list_ files. Each [Package List](https://github.com/microsoft/CBL-MarinerTutorials#package-lists) file (in [toolkit/imageconfigs/packagelists](https://github.com/microsoft/CBL-Mariner/tree/2.0/toolkit/imageconfigs/packagelists)) describes a set of packages to install in an image. Each Image Configuration file defines the image output format and selects one or more Package Lists to include in the image. +Different images and image formats can be produced from the build system. Images are assembled from a combination of _Image Configuration_ files and _Package list_ files. Each [Package List](https://github.com/microsoft/AzureLinux-Tutorials#package-lists) file (in [toolkit/imageconfigs/packagelists](https://github.com/microsoft/azurelinux/tree/2.0/toolkit/imageconfigs/packagelists)) describes a set of packages to install in an image. Each Image Configuration file defines the image output format and selects one or more Package Lists to include in the image. By default, the `make image` and `make iso` commands (discussed below) build missing packages before starting the image build sequence. By adding the `REBUILD_PACKAGES=n` argument, the image build phase will supplement missing packages with those on packages.microsoft.com. This can accelerate the image build process, especially when performing targeted package builds ([targeted Package Building](#targeted-package-building) @@ -225,18 +225,18 @@ sudo make image CONFIG_FILE=./imageconfigs/core-container.json REBUILD_TOOLS=y ``` ### ISO Images -ISOs are bootable images that install CBL-Mariner to either a physical or virtual machine. The installation process can be manually guided through user prompting, or automated through unattended installation. +ISOs are bootable images that install Azure Linux to either a physical or virtual machine. The installation process can be manually guided through user prompting, or automated through unattended installation. NOTE: ISOs require additional packaging and build steps (such as the creation of a separate `initrd` installer image used to install the final image to disk). These additional resources are stored in the toolkit/resources/imagesconfigs folder. The following builds an ISO with an interactive UI and selectable image configurations. ```bash -# To build a CBL-Mariner ISO Image (ISO folder: ../out/images/full) +# To build an Azure Linux ISO Image (ISO folder: ../out/images/full) sudo make iso CONFIG_FILE=./imageconfigs/full.json REBUILD_TOOLS=y ``` -To create an unattended ISO installer (no interactive UI) use `UNATTENDED_INSTALLER=y` and run with a [`CONFIG_FILE`](https://github.com/microsoft/CBL-MarinerTutorials#image-config-file) that only specifies a _single_ SystemConfig. +To create an unattended ISO installer (no interactive UI) use `UNATTENDED_INSTALLER=y` and run with a [`CONFIG_FILE`](https://github.com/microsoft/AzureLinux-Tutorials#image-config-file) that only specifies a _single_ SystemConfig. ```bash # Build the standard ISO with unattended installer that installs onto the default Gen1 HyperV VM. Needs to cloud-init provision the user once unattended installation finishes. @@ -247,7 +247,7 @@ sudo make iso -j$(nproc) CONFIG_FILE=./imageconfigs/core-legacy-unattended-hyper ## Packages -The toolkit can download packages from remote RPM repositories, or build them locally. By default any `*.spec` files found in `SPECS_DIR="./SPECS"` will be built locally. Dependencies will be downloaded as needed. Only those packages needed to build the current [config](https://github.com/microsoft/CBL-MarinerTutorials#image-config-file) will be built (`core-efi.json` by default). An additional space separated list of packages may be added using the `PACKAGE_BUILD_LIST=` variable. +The toolkit can download packages from remote RPM repositories, or build them locally. By default any `*.spec` files found in `SPECS_DIR="./SPECS"` will be built locally. Dependencies will be downloaded as needed. Only those packages needed to build the current [config](https://github.com/microsoft/AzureLinux-Tutorials#image-config-file) will be built (`core-efi.json` by default). An additional space separated list of packages may be added using the `PACKAGE_BUILD_LIST=` variable. Build all local packages needed for the default `core-efi.json`: @@ -301,30 +301,30 @@ sudo make input-srpms SRPM_FILE_SIGNATURE_HANDLING=update ### packages.microsoft.com Repository Structure -CBL-Mariner packages are available on [packages.microsoft.com](https://packages.microsoft.com/cbl-mariner/). The CBL-Mariner repositories are divided into major release folders (1.0, 2.0, etc). Each top level folder is subdivided into "preview" and "production" (prod) repositories. +Azure Linux packages are available on [packages.microsoft.com](https://packages.microsoft.com/azurelinux/). The Azure Linux repositories are divided into major release folders (1.0, 2.0, etc). Each top level folder is subdivided into "preview" and "production" (prod) repositories. The "preview" and "production" folders are further subdivided into purpose, and then again for architecture. This includes locations for source-rpms. -#### CBL-Mariner 1.0 +#### Azure Linux 1.0 -For CBL-Mariner 1.0, the repositories are structured as follows: +For Azure Linux 1.0, the repositories are structured as follows: -- **Base:** Packages released with CBL-Mariner 1.0. -- **Update:** Base packages added or updated since CBL-Mariner 1.0's release date. +- **Base:** Packages released with Azure Linux 1.0. +- **Update:** Base packages added or updated since Azure Linux 1.0's release date. - **CoreUI:** Targeted UI related packages. -- **Extras:** CBL-Mariner 1.0 packages that are built by Microsoft and are closed source. +- **Extras:** Azure Linux 1.0 packages that are built by Microsoft and are closed source. - **NVIDIA:** Specially licensed NVIDIA packages. -- **Microsoft:** Packages built by other, non-CBL-Mariner, Microsoft teams. +- **Microsoft:** Packages built by other, non-Azure Linux, Microsoft teams. -#### CBL-Mariner 2.0 +#### Azure Linux 2.0 -For CBL-Mariner 2.0, the repositories are structured as follows: +For Azure Linux 2.0, the repositories are structured as follows: -- **Base:** Packages released with CBL-Mariner 2.0 and their updates. -- **Extras:** CBL-Mariner 2.0 packages that are built by Microsoft and are closed source -- **Extended:** CBL-Mariner 2.0 packages that are not considered part of core. Generally, viewed as experimental or for development purposes. +- **Base:** Packages released with Azure Linux 2.0 and their updates. +- **Extras:** Azure Linux 2.0 packages that are built by Microsoft and are closed source +- **Extended:** Azure Linux 2.0 packages that are not considered part of core. Generally, viewed as experimental or for development purposes. - **NVIDIA:** Specially licensed NVIDIA packages. -- **Microsoft:** Packages built by other, non-CBL-Mariner, Microsoft teams. +- **Microsoft:** Packages built by other, non-Azure Linux, Microsoft teams. ## Keys, Certs, and Remote Sources @@ -339,8 +339,8 @@ Direct file downloads are by default pulled from: ```makefile SOURCE_URL ?= -PACKAGE_URL_LIST ?= https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch) -SRPM_URL_LIST ?= https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/srpms +PACKAGE_URL_LIST ?= https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch) +SRPM_URL_LIST ?= https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/srpms ``` While `tdnf` uses a list of repo files: @@ -350,7 +350,7 @@ REPO_LIST ?= ``` The `REPO_LIST` variable supports multiple repo files, and they are prioritized in the order they appear in the list. -The CBL-Mariner base repo is implicitly provided and an optional preview repo is available by setting `USE_PREVIEW_REPO=y`. +The Azure Linux base repo is implicitly provided and an optional preview repo is available by setting `USE_PREVIEW_REPO=y`. If `DISABLE_UPSTREAM_REPOS=y` is set, any repo that is accessed through the network is disabled. ### Authentication @@ -369,8 +369,8 @@ The build system can operate without using pre-built components if desired. Ther ```makefile SOURCE_URL ?= https://cblmarinerstorage.blob.core.windows.net/sources/core -PACKAGE_URL_LIST ?= https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch) -SRPM_URL_LIST ?= https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/srpms +PACKAGE_URL_LIST ?= https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch) +SRPM_URL_LIST ?= https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/srpms REPO_LIST ?= ``` @@ -472,12 +472,12 @@ If that is not desired all remote sources can be disabled by clearing the follow #### `REPO_LIST=...` -> Space separated list of `.repo` files pointing to RPM repositories to pull packages from. These packages are used to satisfy dependencies during the build process, and to compose a final image. Locally available packages are always prioritized. The repos are prioritized based on the order they appear in the list: repos earlier in the list are higher priority. CBL-Mariner provides a set of pre-populated RPM repositories accessible inside the toolkit folder under `toolkit/repos`: +> Space separated list of `.repo` files pointing to RPM repositories to pull packages from. These packages are used to satisfy dependencies during the build process, and to compose a final image. Locally available packages are always prioritized. The repos are prioritized based on the order they appear in the list: repos earlier in the list are higher priority. Azure Linux provides a set of pre-populated RPM repositories accessible inside the toolkit folder under `toolkit/repos`: > -> - `mariner-official-base.repo` and `mariner-official-update.repo` - default, always-on CBL-Mariner repositories. -> - `mariner-preview.repo` - CBL-Mariner repository containing pre-release versions of RPMs **subject to change without notice**. Using this .repo file is equivalent to adding the [`USE_PREVIEW_REPO=y`](#use_preview_repoy) argument to your build command. -> - `mariner-ui.repo` and `mariner-ui-preview.repo` - CBL-Mariner repository containing packages related to any UI components. The preview version serves the same purpose as the official preview repo. -> - `mariner-extras.repo` and `mariner-extras-preview.repo` - CBL-Mariner repository containing proprietory RPMs with sources not viewable to the public. The preview version serves the same purpose as the official preview repo. +> - `mariner-official-base.repo` and `mariner-official-update.repo` - default, always-on Azure Linux repositories. +> - `mariner-preview.repo` - Azure Linux repository containing pre-release versions of RPMs **subject to change without notice**. Using this .repo file is equivalent to adding the [`USE_PREVIEW_REPO=y`](#use_preview_repoy) argument to your build command. +> - `mariner-ui.repo` and `mariner-ui-preview.repo` - Azure Linux repository containing packages related to any UI components. The preview version serves the same purpose as the official preview repo. +> - `mariner-extras.repo` and `mariner-extras-preview.repo` - Azure Linux repository containing proprietory RPMs with sources not viewable to the public. The preview version serves the same purpose as the official preview repo. > #### Build Enable/Disable Flags @@ -717,7 +717,7 @@ Since the summary files are regenerated every build, if you wish to reproduce a | Image Build | `$(IMAGEGEN_DIR)/{imagename}/image_deps.json` | Generated every image build. Can be saved and used later with the `IMAGE_CACHE_SUMMARY` variable to reproduce an image build. Contains **all (both external and local)** packages required to build the image. | Initrd Build | `$(IMAGEGEN_DIR)/iso_initrd/image_deps.json` | Generated every initrd and ISO build. Can be saved and used later with the `INITRD_CACHE_SUMMARY` variable to reproduce an initrd build. Contains **all (both external and local)** packages required to build the image. However, unless you modified the initrd image packages JSON or have your own version of its PMC packages locally, all the required packages are external. -**WARNING**: the `graph_external_deps.json` contains **ALL** external packages required to build your local spec files. If you depend on any external packages outside the core CBL-Mariner's PMC repository, you **MUST** make sure you still have access to them when attempting to reproduce a build. +**WARNING**: the `graph_external_deps.json` contains **ALL** external packages required to build your local spec files. If you depend on any external packages outside the core Azure Linux's PMC repository, you **MUST** make sure you still have access to them when attempting to reproduce a build. ### Building From Summaries @@ -759,8 +759,8 @@ To reproduce an ISO build, run the same make invocation as before, but set: | Variable | Default | Description |:------------------------------|:-------------------------------------------------------------------------------------------------------|:--- -| CONFIG_FILE | `""` | [Image config file](https://github.com/microsoft/CBL-MarinerTutorials#image-config-file) to build. -| CONFIG_BASE_DIR | `$(dir $(CONFIG_FILE))` | Base directory on the **build machine** to search for any **relative** file paths mentioned inside the [image config file](https://github.com/microsoft/CBL-MarinerTutorials#image-config-file). This has no effect on **absolute** file paths or file paths on the **built image**. +| CONFIG_FILE | `""` | [Image config file](https://github.com/microsoft/AzureLinux-Tutorials#image-config-file) to build. +| CONFIG_BASE_DIR | `$(dir $(CONFIG_FILE))` | Base directory on the **build machine** to search for any **relative** file paths mentioned inside the [image config file](https://github.com/microsoft/AzureLinux-Tutorials#image-config-file). This has no effect on **absolute** file paths or file paths on the **built image**. | UNATTENDED_INSTALLER | | Create unattended ISO installer if set. Overrides all other installer options. | PACKAGE_BUILD_LIST | | Explicit list of packages to build. The package will be skipped if the build system thinks it is already up-to-date. The argument accepts both spec and package names. Example: for `python-werkzeug.spec`, which builds the `python3-werkzeug` package both `python-werkzeug` and `python3-werkzeug` are correct. | PACKAGE_REBUILD_LIST | | Always rebuild this package, even if it is up-to-date. Base package name, will match all virtual packages produced as well. The argument accepts both spec and package names. Example: for `python-werkzeug.spec`, which builds the `python3-werkzeug` package both `python-werkzeug` and `python3-werkzeug` are correct. @@ -795,8 +795,8 @@ To reproduce an ISO build, run the same make invocation as before, but set: | Variable | Default | Description |:------------------------------|:---------------------------------------------------------------------------------------------------------|:--- | SOURCE_URL | | URL to request package sources from -| SRPM_URL_LIST | `https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/srpms` | Space separated list of URLs to request packed SRPMs from if `$(DOWNLOAD_SRPMS)` is set to `y` -| PACKAGE_URL_LIST | `https://packages.microsoft.com/cbl-mariner/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch)`... | Space separated list of URLs to download toolchain RPM packages from, used to populate the toolchain packages if `$(REBUILD_TOOLCHAIN)` is set to `y`. +| SRPM_URL_LIST | `https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/srpms` | Space separated list of URLs to request packed SRPMs from if `$(DOWNLOAD_SRPMS)` is set to `y` +| PACKAGE_URL_LIST | `https://packages.microsoft.com/azurelinux/$(RELEASE_MAJOR_ID)/prod/base/$(build_arch)`... | Space separated list of URLs to download toolchain RPM packages from, used to populate the toolchain packages if `$(REBUILD_TOOLCHAIN)` is set to `y`. | REPO_LIST | | Space separated list of repo files for tdnf to pull packages form | CA_CERT | | CA cert to access the above resources, in addition to the system certificate store | TLS_CERT | | TLS cert to access the above resources diff --git a/toolkit/docs/building/developer-tools.md b/toolkit/docs/building/developer-tools.md index 0c0c5d3e1ec..b5bfca57b0a 100644 --- a/toolkit/docs/building/developer-tools.md +++ b/toolkit/docs/building/developer-tools.md @@ -8,7 +8,7 @@ This [tool](./../../scripts/containerized-build/) enables the user to build/test The user can optionally add arguments. REPO_PATH defines directory to use as Mariner repo, default is current directory. MODE can be build (default) or test. Mariner VERSION may be 2.0 (default) or 1.0. MOUNTS specify directories to mount into the container, besides the default ones. BUILD_MOUNT defines directory to mount as build directory into container, default is $REPO_PATH/build. EXTRA_PACKAGES to install into container besides the default ones. ENABLE_REPO to use local RPMs to satisfy build depenedencies. KEEP_CONTAINER to keep container on exit. By default, it is cleaned up upon exit. In addition, user may override any Mariner make definitions e.g. SPECS_DIR, SRPM_PACK_LIST, etc. ```bash -cd CBL-Mariner/toolkit +cd azurelinux/toolkit sudo make containerized-rpmbuild # To see optional arguments and usage diff --git a/toolkit/docs/building/prerequisites-mariner.md b/toolkit/docs/building/prerequisites-mariner.md index 139dc759ca6..20ebe0f98f6 100644 --- a/toolkit/docs/building/prerequisites-mariner.md +++ b/toolkit/docs/building/prerequisites-mariner.md @@ -3,7 +3,7 @@ ## Requirements were validated on `Mariner 2.0` -This page lists host machine requirements for building with the CBL-Mariner toolkit. They cover building the toolchain, packages, and images on a Mariner host. +This page lists host machine requirements for building with the Azure Linux toolkit. They cover building the toolchain, packages, and images on a Mariner host. ```bash # Install required dependencies. diff --git a/toolkit/docs/building/prerequisites-ubuntu.md b/toolkit/docs/building/prerequisites-ubuntu.md index 4cedf4d44ea..066f13e29a6 100644 --- a/toolkit/docs/building/prerequisites-ubuntu.md +++ b/toolkit/docs/building/prerequisites-ubuntu.md @@ -3,7 +3,7 @@ ## Requirements were validated on `Ubuntu 22.04` -This page lists host machine requirements for building with the CBL-Mariner toolkit. They cover building the toolchain, packages, and images on an Ubuntu 22.04 host. +This page lists host machine requirements for building with the Azure Linux toolkit. They cover building the toolchain, packages, and images on an Ubuntu 22.04 host. ```bash sudo apt-get update diff --git a/toolkit/docs/building/prerequisites.md b/toolkit/docs/building/prerequisites.md index 7c2e7a1b36e..f1b8b67feb5 100644 --- a/toolkit/docs/building/prerequisites.md +++ b/toolkit/docs/building/prerequisites.md @@ -1,9 +1,9 @@ # Build Requirements -## CBL-Mariner +## Azure Linux -Build Requirements on CBL-Mariner listed [here](./prerequisites-mariner.md). +Build Requirements on Azure Linux listed [here](./prerequisites-mariner.md). ## Ubuntu diff --git a/toolkit/docs/formats/imageconfig.md b/toolkit/docs/formats/imageconfig.md index 02236c581a6..bbe6efc0b16 100644 --- a/toolkit/docs/formats/imageconfig.md +++ b/toolkit/docs/formats/imageconfig.md @@ -9,7 +9,7 @@ Disks entry specifies the disk configuration like its size (for virtual disks), Required when building unattended ISO installer. This field defines the physical disk to which Mariner should be installed. The `Type` field must be set to `path` and the `Value` field must be set to the desired target disk path. ### Artifacts -Artifact (non-ISO image building only) defines the name, type and optional compression of the output CBL-Mariner image. +Artifact (non-ISO image building only) defines the name, type and optional compression of the output Azure Linux image. Sample Artifacts entry, creating a raw rootfs, compressed to .tar.gz format(note that this format does not support partitions, so there would be no "Partitions" entry): @@ -366,7 +366,7 @@ Since users are controlled by files in `/etc`, these files are read-only when th Since the root partition's hash tree is stored as part of the initramfs, the initramfs cannot be stored on the same root partition (it would invalidate the measurements). To avoid this a separate `/boot` partition is needed to house the hash tree (via the initramfs). ##### ISO -The ISO command line installer supports enabling read-only roots if they are configured through the configuration JSON file (see [full.json's](../../imageconfigs/full.json) `"CBL-Mariner Core Read-Only"` entry). The automatic partition creation mode will create the required `/boot` partition if the read-only root is enabled. +The ISO command line installer supports enabling read-only roots if they are configured through the configuration JSON file (see [full.json's](../../imageconfigs/full.json) `"Azure Linux Core Read-Only"` entry). The automatic partition creation mode will create the required `/boot` partition if the read-only root is enabled. The GUI installer does not currently support read-only roots. - `Enable`: Enable dm-verity on the root filesystem diff --git a/toolkit/docs/how_it_works/2_local_packages.md b/toolkit/docs/how_it_works/2_local_packages.md index 1e992d9a57f..2c0445dd47d 100644 --- a/toolkit/docs/how_it_works/2_local_packages.md +++ b/toolkit/docs/how_it_works/2_local_packages.md @@ -3,7 +3,7 @@ Local Packages ## Prev: [Initial Prep](1_initial_prep.md), Next: [Package Building](3_package_building.md) ## SPEC Files -A CBL-Mariner repository normally consists of a SPECS folder (specified with `$(SPEC_DIR)`), a set of image configurations (`$(CONFIG_FILE)`), and this toolkit. The SPECS folder is a root directory containing subdirectories for each local package which will be available to a build. The subdirectories avoid name collisions between sources files. +An Azure Linux repository normally consists of a SPECS folder (specified with `$(SPEC_DIR)`), a set of image configurations (`$(CONFIG_FILE)`), and this toolkit. The SPECS folder is a root directory containing subdirectories for each local package which will be available to a build. The subdirectories avoid name collisions between sources files. Each SPEC file is accompanied by a `*.signature.json` file which records the expected hashes for every source file used in the package. diff --git a/toolkit/docs/nvidia/nvidia.md b/toolkit/docs/nvidia/nvidia.md index 75651ec5290..0843dfd0b8a 100644 --- a/toolkit/docs/nvidia/nvidia.md +++ b/toolkit/docs/nvidia/nvidia.md @@ -1,7 +1,7 @@ # Nvidia Repository Configuration ## Overview -The following documentation describes how to access CBL-Mariner packages from the NVIDIA RPM repository at [packages.microsoft.com](https://packages.microsoft.com/cbl-mariner/2.0/prod/nvidia/) +The following documentation describes how to access Azure Linux packages from the NVIDIA RPM repository at [packages.microsoft.com](https://packages.microsoft.com/azurelinux/2.0/prod/nvidia/) ## Licensing The software in the NVIDIA RPM repository is subject to the following: diff --git a/toolkit/docs/quick_start/quickstart.md b/toolkit/docs/quick_start/quickstart.md index 0057d753047..45ade9e76ad 100644 --- a/toolkit/docs/quick_start/quickstart.md +++ b/toolkit/docs/quick_start/quickstart.md @@ -1,6 +1,6 @@ # Quick Start Guide - [Install Prerequisites](#install-prerequisites) - - [Clone CBL-Mariner](#clone-cbl-mariner) + - [Clone Azure Linux](#clone-azure-linux) - [Build and Boot an Image](#build-and-boot-an-image) - [VHDX and VHD Images](#vhdx-and-vhd-images) - [ISO Image](#iso-image) @@ -8,13 +8,13 @@ ## **Install Prerequisites** Install prerequisites [here](../building/prerequisites.md). -## **Clone CBL-Mariner** -From a bash terminal window, clone the CBL-Mariner Repository and check-out a stable build. +## **Clone Azure Linux** +From a bash terminal window, clone the Azure Linux Repository and check-out a stable build. ```bash -# Clone the CBL-Mariner repo -git clone https://github.com/microsoft/CBL-Mariner.git -cd CBL-Mariner +# Clone the Azure Linux repo +git clone https://github.com/microsoft/azurelinux.git +cd azurelinux # Sync to the latest stable build git checkout 2.0-stable @@ -25,7 +25,7 @@ git checkout 2.0-stable ### **VHDX and VHD images** -The following builds a bootable, VHDX or VHD CBL-Mariner image from precompiled RPMs in the CBL-Mariner package repository at https://packages.microsoft.com/cbl-mariner/2.0/prod/. +The following builds a bootable, VHDX or VHD Azure Linux image from precompiled RPMs in the Azure Linux package repository at https://packages.microsoft.com/azurelinux/2.0/prod/. No user account is provisioned by default. To sign-in to these images, the sample meta-user-data.iso image must also be built and installed in your VM's CD drive. The cloud-init service will detect the iso and provision a user account and password. @@ -87,11 +87,11 @@ choose DVD Drive and press Add. 1. Right click your VM and select _Connect..._. 1. Select _Start_. -1. Wait for CBL-Mariner to boot to the login prompt, then sign in with the username and password you provisioned in the meta-user-data.iso above. +1. Wait for Azure Linux to boot to the login prompt, then sign in with the username and password you provisioned in the meta-user-data.iso above. ### ISO Image -The following builds a bootable ISO image from precompiled RPMs in the CBL-Mariner package repository at https://packages.microsoft.com/cbl-mariner/2.0/prod/. +The following builds a bootable ISO image from precompiled RPMs in the Azure Linux package repository at https://packages.microsoft.com/azurelinux/2.0/prod/. ```bash # Switch to the toolkit folder @@ -112,7 +112,7 @@ Copy your binary image(s) to your VM Host Machine using your preferred technique 1. Change Memory size if desired, then press _Next >_. 1. Select a virtual switch, then press _Next >_. 1. Select _Create a virtual hard disk_, choose a location for your VHD(X) and set your desired disk Size. Then press _Next >_. -1. Select _Install an operating system from a bootable image file_ and browse to your CBL-Mariner ISO. +1. Select _Install an operating system from a bootable image file_ and browse to your Azure Linux ISO. 1. Press _Finish_. **[Gen2/VHDX Only] Fix Boot Options** @@ -128,4 +128,4 @@ Copy your binary image(s) to your VM Host Machine using your preferred technique 1. Select _Start_. 1. Follow the Installer Prompts to Install your image 1. When installation completes, select restart to reboot the machine. The installation ISO will be automatically ejected. -1. When prompted sign in to your CBL-Mariner using the user name and password provisioned through the Installer. +1. When prompted sign in to your Azure Linux using the user name and password provisioned through the Installer. diff --git a/toolkit/docs/security/read-only-roots.md b/toolkit/docs/security/read-only-roots.md index c553da18bff..9d48b274b1d 100644 --- a/toolkit/docs/security/read-only-roots.md +++ b/toolkit/docs/security/read-only-roots.md @@ -108,4 +108,4 @@ Once the writable mount is created it is possible to write data back to the unde If enough blocks are corrupted the system will eventually be unable to recover them with FEC and the error handling behavior will trigger. The default behavior is to simply return an IO error, but other options are available by setting the `"VerityErrorBehavior"` key in the configuration file. ## ISO Installers -If a configuration used to create an ISO has a read-only root configured, the ISO installer will honor that configuration. (See `full.json`'s `"CBL-Mariner Core Read-Only"` entry). +If a configuration used to create an ISO has a read-only root configured, the ISO installer will honor that configuration. (See `full.json`'s `"Azure Linux Core Read-Only"` entry). diff --git a/toolkit/docs/security/security-features.md b/toolkit/docs/security/security-features.md index be57459f5a9..368505703fb 100644 --- a/toolkit/docs/security/security-features.md +++ b/toolkit/docs/security/security-features.md @@ -1,4 +1,4 @@ -# CBL-Mariner operating system security features +# Azure Linux operating system security features | **Type** | **Feature** | **Status** |**Additional information** | |-----------------------|---------------------------------------|------------|---------------------------| diff --git a/toolkit/imageconfigs/full-aarch64.json b/toolkit/imageconfigs/full-aarch64.json index e57987491c4..7c02d0c841b 100644 --- a/toolkit/imageconfigs/full-aarch64.json +++ b/toolkit/imageconfigs/full-aarch64.json @@ -1,7 +1,7 @@ { "SystemConfigs": [ { - "Name": "CBL-Mariner Full", + "Name": "Azure Linux Full", "PackageLists": [ "packagelists/hyperv-packages.json", "packagelists/developer-packages.json", @@ -18,7 +18,7 @@ } }, { - "Name": "CBL-Mariner Core", + "Name": "Azure Linux Core", "PackageLists": [ "packagelists/hyperv-packages.json", "packagelists/core-packages-image-aarch64.json" diff --git a/toolkit/imageconfigs/full.json b/toolkit/imageconfigs/full.json index a39fb5de461..1eb68cc3cc8 100644 --- a/toolkit/imageconfigs/full.json +++ b/toolkit/imageconfigs/full.json @@ -1,7 +1,7 @@ { "SystemConfigs": [ { - "Name": "CBL-Mariner Full", + "Name": "Azure Linux Full", "PackageLists": [ "packagelists/developer-packages.json", "packagelists/virtualization-host-packages.json", @@ -20,7 +20,7 @@ } }, { - "Name": "CBL-Mariner Core", + "Name": "Azure Linux Core", "PackageLists": [ "packagelists/hyperv-packages.json", "packagelists/core-packages-image.json"