Add coreos and sle micro to selinux support (#6945)

* Add coreos and sle micro to selinux support Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> * Add fix for rpm-ostree Signed-off-by: Derek Nola <derek.nola@suse.com> * Add uninstall for rpm-ostree (coreos) Signed-off-by: Derek Nola <derek.nola@suse.com> * Don't start k3s on coreos Signed-off-by: Derek Nola <derek.nola@suse.com> * Don't apply live Signed-off-by: Derek Nola <derek.nola@suse.com> * Typo fix Signed-off-by: Derek Nola <derek.nola@suse.com> --------- Signed-off-by: galal-hussein <hussein.galal.ahmed.11@gmail.com> Signed-off-by: Derek Nola <derek.nola@suse.com> Co-authored-by: Derek Nola <derek.nola@suse.com>
k3s-io · Apr 6, 2023 · 027cc18 · 027cc18
1 parent 3063807
commit 027cc18
Showing 1 changed file with 30 additions and 3 deletions.
diff --git a/install.sh b/install.sh
@@ -470,28 +470,47 @@ setup_selinux() {
         rpm_target=sle
         rpm_site_infix=microos
         package_installer=zypper
+        if [ "${ID_LIKE:-}" = suse ] && [ "${VARIANT_ID:-}" = sle-micro ]; then
+            rpm_target=sle
+            rpm_site_infix=slemicro
+            package_installer=zypper
+        fi
     elif [ "${VERSION_ID%%.*}" = "7" ]; then
         rpm_target=el7
         rpm_site_infix=centos/7
         package_installer=yum
+    elif [ "${ID_LIKE:-}" = coreos ] || [ "${VARIANT_ID:-}" = coreos ]; then
+        rpm_target=coreos
+        rpm_site_infix=coreos
+        package_installer=rpm-ostree
     else
         rpm_target=el8
         rpm_site_infix=centos/8
         package_installer=yum
     fi
 
+    if [ "${package_installer}" = "rpm-ostree" ] && [ -x /bin/yum ]; then
+        package_installer=yum
+    fi
+
     if [ "${package_installer}" = "yum" ] && [ -x /usr/bin/dnf ]; then
         package_installer=dnf
     fi
 
+    if [ "${rpm_channel}" = "testing" ]; then
+        available_version=$(curl -s https://api.github.com/repos/k3s-io/k3s-selinux/releases |  grep -oP '(?<="browser_download_url": ")[^"]*' | grep -oE "[^\/]+${rpm_target}\.noarch\.rpm" | head -n 1)
+    else
+        available_version=$(curl -s https://api.github.com/repos/k3s-io/k3s-selinux/releases/latest |  grep -oP '(?<="browser_download_url": ")[^"]*' | grep -oE "[^\/]+${rpm_target}\.noarch\.rpm" )
+    fi
+
     policy_hint="please install:
     ${package_installer} install -y container-selinux
-    ${package_installer} install -y https://${rpm_site}/k3s/${rpm_channel}/common/${rpm_site_infix}/noarch/k3s-selinux-1.2-2.${rpm_target}.noarch.rpm
+    ${package_installer} install -y https://${rpm_site}/k3s/${rpm_channel}/common/${rpm_site_infix}/noarch/${available_version}
 "
 
     if [ "$INSTALL_K3S_SKIP_SELINUX_RPM" = true ] || can_skip_download_selinux || [ ! -d /usr/share/selinux ]; then
         info "Skipping installation of SELinux RPM"
-    elif  [ "${ID_LIKE:-}" != coreos ] && [ "${VARIANT_ID:-}" != coreos ]; then
+    else
         install_selinux_rpm ${rpm_site} ${rpm_channel} ${rpm_target} ${rpm_site_infix}
     fi
 
@@ -514,7 +533,7 @@ setup_selinux() {
 }
 
 install_selinux_rpm() {
-    if [ -r /etc/redhat-release ] || [ -r /etc/centos-release ] || [ -r /etc/oracle-release ] || [ "${ID_LIKE%%[ ]*}" = "suse" ]; then
+    if [ -r /etc/redhat-release ] || [ -r /etc/centos-release ] || [ -r /etc/oracle-release ] || [ -r /etc/fedora-release ] || [ "${ID_LIKE%%[ ]*}" = "suse" ]; then
         repodir=/etc/yum.repos.d
         if [ -d /etc/zypp/repos.d ]; then
             repodir=/etc/zypp/repos.d
@@ -543,6 +562,11 @@ EOF
                 : "${INSTALL_K3S_SKIP_START:=true}"
             fi
             ;;
+        coreos)
+            rpm_installer="rpm-ostree"
+            # rpm_install_extra_args="--apply-live"
+            : "${INSTALL_K3S_SKIP_START:=true}"
+            ;;
         *)
             rpm_installer="yum"
             ;;
@@ -738,6 +762,9 @@ rm -f ${KILLALL_K3S_SH}
 if type yum >/dev/null 2>&1; then
     yum remove -y k3s-selinux
     rm -f /etc/yum.repos.d/rancher-k3s-common*.repo
+elif type rpm-ostree >/dev/null 2>&1; then
+    rpm-ostree uninstall k3s-selinux
+    rm -f /etc/yum.repos.d/rancher-k3s-common*.repo
 elif type zypper >/dev/null 2>&1; then
     uninstall_cmd="zypper remove -y k3s-selinux"
     if [ "\${TRANSACTIONAL_UPDATE=false}" != "true" ] && [ -x /usr/sbin/transactional-update ]; then