Skip to content

Instantly share code, notes, and snippets.

@lzap

lzap/image-builder.yaml

Created July 31, 2024 08:17
Show Gist options
  • Save lzap/55d2144c19d85b1072b6d32cfbe9a6c9 to your computer and use it in GitHub Desktop.
Save lzap/55d2144c19d85b1072b6d32cfbe9a6c9 to your computer and use it in GitHub Desktop.
Download ZIP
Problem with: CreateBlueprintResponse redeclared in this block
Raw
image-builder.yaml
---
openapi: 3.0.1
info:
version: "1.0"
title: Image-builder service
description: Service that relays image build requests
license:
name: Apache 2.0
url: https://www.apache.org/licenses/LICENSE-2.0.html
servers:
- url: "/api/image-builder/v1"
- url: "/api/image-builder/v1.0"
paths:
/version:
get:
summary: get the service version
description: "get the service version"
operationId: getVersion
tags:
- meta
responses:
'200':
description: a service version
content:
application/json:
schema:
$ref: '#/components/schemas/Version'
/ready:
get:
summary: return the readiness
operationId: getReadiness
tags:
- meta
responses:
'200':
description: readiness
content:
application/json:
schema:
$ref: '#/components/schemas/Readiness'
/openapi.json:
get:
summary: get the openapi json specification
operationId: getOpenapiJson
tags:
- meta
- noAuth
responses:
'200':
description: returns this document
content:
application/json:
schema:
type: object
/distributions:
get:
summary: get the distributions available to this user
operationId: getDistributions
tags:
- distribution
responses:
'200':
description: |
A list of distributions this user has access to. Some distributions are restricted, so
this list might not correspond to the Distributions (enum) schema for a given user.
content:
application/json:
schema:
$ref: '#/components/schemas/DistributionsResponse'
/architectures/{distribution}:
get:
summary: get the architectures and their image types available for a given distribution
parameters:
- in: path
name: distribution
schema:
$ref: '#/components/schemas/Distributions'
required: true
description: distribution for which to look up available architectures
example: 'rhel-84'
operationId: getArchitectures
tags:
- distribution
- architecture
responses:
'200':
description: a list of available architectures and their associated image types
content:
application/json:
schema:
$ref: '#/components/schemas/Architectures'
'403':
description: user is not allowed to build or query this distribution
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/blueprints:
get:
summary: get a collection of blueprints
description: "get a collection of blueprints, returns just the latest version of each blueprint"
operationId: getBlueprints
tags:
- blueprint
parameters:
- in: query
name: name
required: false
schema:
type: string
description: fetch blueprint with specific name
- in: query
name: search
required: false
schema:
type: string
description: search for blueprints by name or description
- in: query
name: limit
schema:
type: integer
default: 100
minimum: 1
maximum: 100
description: max amount of blueprints, default 100
- in: query
name: offset
schema:
type: integer
default: 0
minimum: 0
description: blueprint page offset, default 0
responses:
'200':
description: a list of blueprints
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintsResponse'
post:
summary: create blueprint
description: "create blueprint"
operationId: createBlueprint
tags:
- blueprint
requestBody:
required: true
description: details of blueprint
content:
application/json:
schema:
$ref: "#/components/schemas/CreateBlueprintRequest"
responses:
'201':
description: blueprint was saved
content:
application/json:
schema:
$ref: '#/components/schemas/CreateBlueprintResponse'
'422':
description: blueprint is malformed
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
'403':
description: user is not allowed to create blueprints
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/blueprints/{id}:
parameters:
- in: path
name: id
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: UUID of a blueprint
put:
summary: update blueprint
description: "update blueprint"
operationId: updateBlueprint
tags:
- blueprint
requestBody:
required: true
description: details of blueprint
content:
application/json:
schema:
$ref: "#/components/schemas/CreateBlueprintRequest"
responses:
'200':
description: blueprint was updated
content:
application/json:
schema:
$ref: '#/components/schemas/CreateBlueprintResponse'
'404':
description: blueprint was not found
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
get:
summary: get detail of a blueprint
description: "get a blueprint detail"
operationId: getBlueprint
tags:
- blueprint
responses:
'200':
description: detail of a blueprint
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintResponse'
'404':
description: blueprint was not found
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
delete:
summary: delete a blueprint
description: |
Deletes all versions of Blueprint, the compose will still count towards quota.
operationId: deleteBlueprint
tags:
- blueprint
responses:
'204':
description: Successfully deleted
'404':
description: Blueprint to delete was not found
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/blueprints/{id}/export:
parameters:
- in: path
name: id
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: UUID of a blueprint
get:
summary: export a blueprint
description: "export a blueprint"
operationId: exportBlueprint
tags:
- blueprint
responses:
'200':
description: detail of a blueprint
content:
application/json:
schema:
$ref: '#/components/schemas/BlueprintExportResponse'
'404':
description: blueprint was not found
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/blueprints/{id}/compose:
post:
parameters:
- in: path
name: id
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: UUID of a blueprint
summary: create new compose from blueprint
description: "create new compose from blueprint, optionally specifying the target image types to build"
operationId: composeBlueprint
tags:
- blueprint
requestBody:
required: false
description: "list of target image types that the user wants to build for this compose"
content:
application/json:
schema:
type: object
properties:
image_types:
type: array
items:
$ref: "#/components/schemas/ImageTypes"
example: ["azure", "aws"]
responses:
'201':
description: compose was created
content:
application/json:
schema:
type: array
items:
$ref: '#/components/schemas/ComposeResponse'
'403':
description: user is not allowed to compose from blueprints
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/blueprints/{id}/composes:
get:
summary: get composes associated with a blueprint
description: "get a collection of composes associated to a blueprint, allows for filtering by version"
operationId: getBlueprintComposes
tags:
- blueprint
parameters:
- in: path
name: id
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: UUID of a blueprint
- in: query
name: blueprint_version
schema:
type: integer
description: |
Filter by a specific version of the Blueprint we want to fetch composes for.
Pass special value -1 to fetch composes for latest version of the Blueprint.
- in: query
name: limit
schema:
type: integer
default: 100
minimum: 1
maximum: 100
description: max amount of composes, default 100
- in: query
name: offset
schema:
type: integer
default: 0
minimum: 0
description: composes page offset, default 0
- in: query
name: ignoreImageTypes
required: false
schema:
type: array
items:
$ref: '#/components/schemas/ImageTypes'
example: ['rhel-edge-installer', 'rhel-edge-commit', ...]
description: |
Filter the composes on image type. The filter is optional and can be specified multiple times.
responses:
'200':
description: a list of composes
content:
application/json:
schema:
$ref: '#/components/schemas/ComposesResponse'
'404':
description: blueprint was not found
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/composes:
get:
summary: get a collection of previous compose requests for the logged in user
operationId: getComposes
tags:
- compose
parameters:
- in: query
name: limit
schema:
type: integer
default: 100
minimum: 1
maximum: 100
description: max amount of composes, default 100
- in: query
name: offset
schema:
type: integer
default: 0
minimum: 0
description: composes page offset, default 0
- in: query
name: ignoreImageTypes
required: false
schema:
type: array
items:
$ref: '#/components/schemas/ImageTypes'
example: ['rhel-edge-installer', 'rhel-edge-commit', ...]
description: |
Filter the composes on image type. The filter is optional and can be specified multiple times.
responses:
'200':
description: a list of composes
content:
application/json:
schema:
$ref: '#/components/schemas/ComposesResponse'
/composes/{composeId}:
parameters:
- in: path
name: composeId
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: Id of compose
get:
summary: get status of an image compose
description: "status of an image compose"
operationId: getComposeStatus
tags:
- compose
responses:
'200':
description: compose status
content:
application/json:
schema:
$ref: '#/components/schemas/ComposeStatus'
delete:
summary: delete a compose
description: |
Deletes a compose, the compose will still count towards quota.
operationId: deleteCompose
responses:
200:
description: OK
/composes/{composeId}/metadata:
get:
summary: get metadata of an image compose
parameters:
- in: path
name: composeId
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: Id of compose metadata to get
description: "metadata for an image compose"
operationId: getComposeMetadata
tags:
- compose
responses:
'200':
description: compose metadata
content:
application/json:
schema:
$ref: '#/components/schemas/ComposeMetadata'
/composes/{composeId}/clone:
post:
summary: clone a compose
description: |
Clones a compose. Only composes with the 'aws' image type currently support cloning.
parameters:
- in: path
name: composeId
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: Id of compose to clone
operationId: cloneCompose
tags:
- compose
requestBody:
required: true
description: details of the new clone
content:
application/json:
schema:
$ref: "#/components/schemas/CloneRequest"
responses:
'201':
description: cloning has started
content:
application/json:
schema:
$ref: "#/components/schemas/CloneResponse"
/composes/{composeId}/clones:
get:
summary: get clones of a compose
parameters:
- in: path
name: composeId
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: Id of compose to get the clones of
- in: query
name: limit
schema:
type: integer
default: 100
minimum: 1
maximum: 100
description: max amount of clones, default 100
- in: query
name: offset
schema:
type: integer
default: 0
minimum: 0
description: clones page offset, default 0
description: |
Returns a list of all the clones which were started for a compose
operationId: getComposeClones
tags:
- compose
responses:
'200':
description: compose clones
content:
application/json:
schema:
$ref: '#/components/schemas/ClonesResponse'
/clones/{id}:
get:
summary: get status of a compose clone
parameters:
- in: path
name: id
schema:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
required: true
description: Id of clone status to get
description: status of a clone
operationId: getCloneStatus
tags:
- compose
responses:
'200':
description: clone status
content:
application/json:
schema:
$ref: '#/components/schemas/CloneStatusResponse'
/compose:
post:
summary: compose image
description: "compose image"
operationId: composeImage
tags:
- compose
requestBody:
required: true
description: details of image to be composed
content:
application/json:
schema:
$ref: "#/components/schemas/ComposeRequest"
responses:
'201':
description: compose has started
content:
application/json:
schema:
$ref: '#/components/schemas/ComposeResponse'
'400':
description: the compose request is malformed
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
'403':
description: user is not allowed to build this distribution
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/packages:
get:
parameters:
- in: query
name: distribution
required: true
schema:
$ref: '#/components/schemas/Distributions'
description: distribution to look up packages for
- in: query
name: architecture
required: true
schema:
type: string
enum: ['x86_64', 'aarch64']
description: architecture to look up packages for
- in: query
name: search
required: true
schema:
type: string
description: packages to look for
- in: query
name: limit
schema:
type: integer
default: 100
minimum: 1
maximum: 100
description: max amount of packages, default 100
- in: query
name: offset
schema:
type: integer
default: 0
minimum: 0
description: packages page offset, default 0
operationId: getPackages
tags:
- package
responses:
'200':
description: a list of packages
content:
application/json:
schema:
$ref: '#/components/schemas/PackagesResponse'
'403':
description: user is not allowed to build or query this distribution
content:
application/json:
schema:
$ref: '#/components/schemas/HTTPErrorList'
/oscap/{distribution}/profiles:
parameters:
- in: path
name: distribution
schema:
$ref: '#/components/schemas/Distributions'
required: true
get:
summary: get the available profiles for a given distribution. This is a temporary endpoint meant to be removed soon.
operationId: getOscapProfiles
tags:
- oscap
responses:
'200':
description: |
A list of profiles configurable for this distribution.
content:
application/json:
schema:
$ref: '#/components/schemas/DistributionProfileResponse'
/oscap/{distribution}/{profile}/customizations:
parameters:
- in: path
name: distribution
schema:
$ref: '#/components/schemas/Distributions'
required: true
- in: path
name: profile
schema:
$ref: '#/components/schemas/DistributionProfileItem'
required: true
description: Name of the profile to retrieve customizations from
get:
summary: get the customizations for a given distribution and profile. This is a temporary endpoint meant to be removed soon.
operationId: getOscapCustomizations
tags:
- oscap
responses:
'200':
description: |
A customizations array updated with the needed elements.
content:
application/json:
schema:
$ref: '#/components/schemas/Customizations'
/experimental/recommendations:
post:
summary: List recommended packages.
description: "Returns a list of recommended packages for given list of packages."
operationId: recommendPackage
tags:
- recommendations
requestBody:
content:
application/json:
schema:
"$ref": "#/components/schemas/RecommendPackageRequest"
required: true
responses:
'200':
description: Return the recommended packages.
content:
application/json:
schema:
$ref: "#/components/schemas/RecommendationsResponse"
components:
schemas:
HTTPError:
required:
- title
- detail
properties:
title:
type: string
detail:
type: string
HTTPErrorList:
required:
- errors
properties:
errors:
type: array
items:
$ref: '#/components/schemas/HTTPError'
Version:
required:
- version
properties:
version:
type: string
build_time:
type: string
build_commit:
type: string
Readiness:
type: object
required:
- readiness
properties:
readiness:
type: string
ListResponseMeta:
type: object
required:
- count
properties:
count:
type: integer
ListResponseLinks:
type: object
required:
- first
- last
properties:
first:
type: string
last:
type: string
DistributionsResponse:
type: array
description: |
List of distributions this user is allowed to build.
items:
$ref: '#/components/schemas/DistributionItem'
DistributionItem:
type: object
required:
- name
- description
properties:
description:
type: string
example: 'Red Hat Enterprise Linux (RHEL) 8.4'
name:
type: string
example: 'rhel-84'
Architectures:
type: array
items:
$ref: '#/components/schemas/ArchitectureItem'
ArchitectureItem:
type: object
required:
- arch
- image_types
- repositories
properties:
arch:
type: string
example: 'x86_64'
image_types:
type: array
items:
type: string
example: 'qcow2'
repositories:
type: array
items:
$ref: '#/components/schemas/Repository'
description: Base repositories for the given distribution and architecture.
ComposeStatus:
required:
- image_status
- request
properties:
image_status:
$ref: '#/components/schemas/ImageStatus'
request:
$ref: "#/components/schemas/ComposeRequest"
ImageStatus:
required:
- status
properties:
status:
type: string
enum: ['success', 'failure', 'pending', 'building', 'uploading', 'registering']
example: 'success'
upload_status:
$ref: '#/components/schemas/UploadStatus'
error:
$ref: '#/components/schemas/ComposeStatusError'
ComposeStatusError:
required:
- id
- reason
properties:
id:
type: integer
reason:
type: string
details: {}
CloneStatusResponse:
required:
- compose_id
allOf:
- type: object
properties:
compose_id:
type: string
format: uuid
- $ref: '#/components/schemas/UploadStatus'
UploadStatus:
required:
- status
- type
- options
properties:
status:
type: string
enum: ['success', 'failure', 'pending', 'running']
type:
$ref: '#/components/schemas/UploadTypes'
options:
oneOf:
- $ref: '#/components/schemas/AWSUploadStatus'
- $ref: '#/components/schemas/AWSS3UploadStatus'
- $ref: '#/components/schemas/GCPUploadStatus'
- $ref: '#/components/schemas/AzureUploadStatus'
- $ref: '#/components/schemas/OCIUploadStatus'
AWSUploadStatus:
type: object
required:
- ami
- region
properties:
ami:
type: string
example: 'ami-0c830793775595d4b'
region:
type: string
example: 'eu-west-1'
AWSS3UploadStatus:
type: object
required:
- url
properties:
url:
type: string
GCPUploadStatus:
type: object
required:
- project_id
- image_name
properties:
project_id:
type: string
example: 'ascendant-braid-303513'
image_name:
type: string
example: 'my-image'
AzureUploadStatus:
type: object
required:
- image_name
properties:
image_name:
type: string
example: 'my-image'
OCIUploadStatus:
type: object
required:
- url
properties:
url:
type: string
ComposeRequest:
type: object
additionalProperties: false
required:
- distribution
- image_requests
properties:
distribution:
$ref: '#/components/schemas/Distributions'
image_name:
type: string
example: "MyImageName"
maxLength: 100
image_description:
type: string
example: "MyImageDescription"
maxLength: 250
client_id:
$ref: '#/components/schemas/ClientId'
image_requests:
type: array
minItems: 1
maxItems: 1
items:
$ref: '#/components/schemas/ImageRequest'
uniqueItems: true
description: |
Array of exactly one image request. Having more image requests in one compose is currently not supported.
customizations:
$ref: '#/components/schemas/Customizations'
CreateBlueprintRequest:
type: object
additionalProperties: false
required:
- name
- distribution
- image_requests
- customizations
properties:
name:
type: string
example: "My Blueprint"
maxLength: 100
description:
type: string
example: "My blueprint description"
maxLength: 250
distribution:
$ref: '#/components/schemas/Distributions'
image_requests:
type: array
minItems: 1
items:
$ref: '#/components/schemas/ImageRequest'
uniqueItems: true
description: |
Array of image requests. Having more image requests in a single blueprint is currently not supported.
customizations:
$ref: '#/components/schemas/Customizations'
metadata:
$ref: '#/components/schemas/BlueprintMetadata'
CreateBlueprintResponse:
required:
- id
properties:
id:
type: string
format: uuid
BlueprintsResponse:
required:
- meta
- links
- data
properties:
meta:
$ref: '#/components/schemas/ListResponseMeta'
links:
$ref: '#/components/schemas/ListResponseLinks'
data:
type: array
items:
$ref: '#/components/schemas/BlueprintItem'
BlueprintItem:
required:
- id
- version
- name
- description
- last_modified_at
properties:
id:
type: string
format: uuid
version:
type: integer
name:
type: string
description:
type: string
last_modified_at:
type: string
BlueprintResponse:
required:
- id
- name
- description
- distribution
- image_requests
- customizations
properties:
id:
type: string
format: uuid
name:
type: string
description:
type: string
distribution:
$ref: '#/components/schemas/Distributions'
image_requests:
type: array
minItems: 1
items:
$ref: '#/components/schemas/ImageRequest'
uniqueItems: true
description: |
Array of image requests. Having more image requests in a single blueprint is currently not supported.
customizations:
$ref: '#/components/schemas/Customizations'
BlueprintExportResponse:
required:
- name
- description
- distribution
- customizations
- metadata
properties:
name:
type: string
description:
type: string
distribution:
$ref: '#/components/schemas/Distributions'
customizations:
$ref: '#/components/schemas/Customizations'
metadata:
$ref: '#/components/schemas/BlueprintMetadata'
BlueprintMetadata:
required:
- parent_id
- exported_at
properties:
parent_id:
type: string
format: uuid
nullable: true
exported_at:
type: string
Distributions:
type: string
description: |
List of all distributions that image builder supports. A user might not have access to
restricted distributions.
Restricted distributions include the RHEL nightlies and the Fedora distributions.
enum:
- rhel-8
- rhel-8-nightly
- rhel-84
- rhel-85
- rhel-86
- rhel-87
- rhel-88
- rhel-89
- rhel-8.10
- rhel-9
- rhel-9-nightly
- rhel-90
- rhel-91
- rhel-92
- rhel-93
- rhel-94
- rhel-10-nightly
- centos-9
- centos-10
- fedora-37
- fedora-38
- fedora-39
- fedora-40
- fedora-41
ImageRequest:
type: object
additionalProperties: false
required:
- architecture
- image_type
- upload_request
properties:
architecture:
type: string
enum:
- x86_64
- aarch64
description: |
CPU architecture of the image, x86_64 and aarch64 are currently supported.
image_type:
$ref: '#/components/schemas/ImageTypes'
upload_request:
$ref: '#/components/schemas/UploadRequest'
ostree:
$ref: '#/components/schemas/OSTree'
size:
x-go-type: uint64
example: 4294967296
description: |
Size of image, in bytes. When set to 0 the image size is a minimum
defined by the image type.
snapshot_date:
type: string
description: |
Snapshotted content will be used instead of the official repositories of the
distribution. The snapshot that was made closest to, but before the specified date will
be used. If no snapshots made before the specified date can be found, the snapshot
closest to, but after the specified date will be used. If no snapshots can be found at
all, the request will fail. The format must be YYYY-MM-DD (ISO 8601 extended).
ImageTypes:
type: string
enum:
- aws
- azure
- edge-commit
- edge-installer
- gcp
- guest-image
- image-installer
- oci
- vsphere
- vsphere-ova
- wsl
# backwards compatible aliases
- ami # == aws
- rhel-edge-commit # == edge-commit
- rhel-edge-installer # == edge-installer
- vhd # == azure
ComposesResponse:
required:
- meta
- links
- data
properties:
meta:
$ref: '#/components/schemas/ListResponseMeta'
links:
$ref: '#/components/schemas/ListResponseLinks'
data:
type: array
items:
$ref: '#/components/schemas/ComposesResponseItem'
ComposesResponseItem:
required:
- id
- request
- created_at
properties:
id:
type: string
format: uuid
request:
$ref: "#/components/schemas/ComposeRequest"
created_at:
type: string
image_name:
type: string
client_id:
$ref: '#/components/schemas/ClientId'
blueprint_id:
type: string
format: uuid
nullable: true
blueprint_version:
type: integer
nullable: true
ClientId:
type: string
enum: ["api", "ui"]
default: "api"
ComposeResponse:
required:
- id
properties:
id:
type: string
format: uuid
UploadRequest:
type: object
required:
- type
- options
properties:
type:
$ref: '#/components/schemas/UploadTypes'
options:
anyOf:
- $ref: '#/components/schemas/AWSUploadRequestOptions'
- $ref: '#/components/schemas/AWSS3UploadRequestOptions'
- $ref: '#/components/schemas/GCPUploadRequestOptions'
- $ref: '#/components/schemas/AzureUploadRequestOptions'
- $ref: '#/components/schemas/OCIUploadRequestOptions'
UploadTypes:
type: string
enum:
- aws
- gcp
- azure
- aws.s3
- oci.objectstorage
AWSUploadRequestOptions:
type: object
properties:
share_with_accounts:
type: array
example: ['123456789012']
items:
type: string
uniqueItems: true
share_with_sources:
type: array
example: ['12345']
items:
type: string
uniqueItems: true
AWSS3UploadRequestOptions:
type: object
GCPUploadRequestOptions:
type: object
properties:
share_with_accounts:
type: array
example: [
'user:alice@example.com',
'serviceAccount:my-other-app@appspot.gserviceaccount.com',
'group:admins@example.com',
'domain:example.com'
]
description: |
List of valid Google accounts to share the imported Compute Node image with.
Each string must contain a specifier of the account type. Valid formats are:
- 'user:{emailid}': An email address that represents a specific
Google account. For example, 'alice@example.com'.
- 'serviceAccount:{emailid}': An email address that represents a
service account. For example, 'my-other-app@appspot.gserviceaccount.com'.
- 'group:{emailid}': An email address that represents a Google group.
For example, 'admins@example.com'.
- 'domain:{domain}': The G Suite domain (primary) that represents all
the users of that domain. For example, 'google.com' or 'example.com'.
If not specified, the imported Compute Node image is not shared with any
account.
items:
type: string
uniqueItems: true
AzureUploadRequestOptions:
type: object
required:
- resource_group
properties:
source_id:
type: string
example: '12345'
description: |
ID of the source that will be used to resolve the tenant and subscription IDs.
Do not provide a tenant_id or subscription_id when providing a source_id.
tenant_id:
type: string
example: '5c7ef5b6-1c3f-4da0-a622-0b060239d7d7'
description: |
ID of the tenant where the image should be uploaded. This link explains how
to find it in the Azure Portal:
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-to-find-tenant
When providing a tenant_id, also be sure to provide a subscription_id and do not include a source_id.
subscription_id:
type: string
example: '4e5d8b2c-ab24-4413-90c5-612306e809e2'
description: |
ID of subscription where the image should be uploaded.
When providing a subscription_id, also be sure to provide a tenant_id and do not include a source_id.
resource_group:
type: string
example: 'ToucanResourceGroup'
description: |
Name of the resource group where the image should be uploaded.
image_name:
type: string
example: 'LinuxImage'
pattern: '(^[a-zA-Z0-9]$)|(^[a-zA-Z0-9][a-zA-Z0-9_\.-]*[a-zA-Z0-9_]$)'
minLength: 1
maxLength: 60
description: |
Name of the created image.
Must begin with a letter or number, end with a letter, number or underscore, and may contain only letters, numbers, underscores, periods, or hyphens.
The total length is limited to 60 characters.
OCIUploadRequestOptions:
type: object
OSTree:
type: object
properties:
url:
type: string
contenturl:
type: string
description: |
A URL which, if set, is used for fetching content. Implies that `url` is set as well,
which will be used for metadata only.
ref:
type: string
example: 'rhel/8/x86_64/edge'
parent:
type: string
description: >
Can be either a commit (example:
02604b2da6e954bd34b8b82a835e5a77d2b60ffa), or a branch-like
reference (example: rhel/8/x86_64/edge)
example: 'rhel/8/x86_64/edge'
rhsm:
type: boolean
description: |
Determines whether a valid subscription manager (candlepin) identity is required to
access this repository. Consumer certificates will be used as client certificates when
fetching metadata and content.
PackagesResponse:
type: object
required:
- meta
- links
- data
properties:
meta:
$ref: '#/components/schemas/ListResponseMeta'
links:
$ref: '#/components/schemas/ListResponseLinks'
data:
type: array
items:
$ref: '#/components/schemas/Package'
Package:
required:
- name
- summary
properties:
name:
type: string
summary:
type: string
ComposeMetadata:
type: object
properties:
packages:
type: array
items:
$ref: '#/components/schemas/PackageMetadata'
description: 'Package list including NEVRA'
ostree_commit:
type: string
description: 'ID (hash) of the built commit'
PackageMetadata:
required:
- type
- name
- version
- release
- arch
- sigmd5
properties:
type:
type: string
name:
type: string
version:
type: string
release:
type: string
epoch:
type: string
arch:
type: string
sigmd5:
type: string
signature:
type: string
RecommendPackageRequest:
required:
- packages
- recommendedPackages
type: object
properties:
packages:
type: array
items:
type: string
recommendedPackages:
type: integer
format: int32
default: 3
RecommendationsResponse:
required:
- packages
type: object
properties:
packages:
type: array
items:
type: string
ClonesResponse:
required:
- meta
- links
- data
properties:
meta:
$ref: '#/components/schemas/ListResponseMeta'
links:
$ref: '#/components/schemas/ListResponseLinks'
data:
type: array
items:
$ref: '#/components/schemas/ClonesResponseItem'
ClonesResponseItem:
required:
- id
- compose_id
- request
- created_at
properties:
id:
type: string
format: uuid
compose_id:
type: string
format: uuid
description: 'UUID of the parent compose of the clone'
request:
$ref: '#/components/schemas/CloneRequest'
created_at:
type: string
CloneRequest:
oneOf:
- $ref: '#/components/schemas/AWSEC2Clone'
AWSEC2Clone:
type: object
required:
- region
properties:
region:
type: string
description: |
A region as described in
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-regions
share_with_accounts:
type: array
maxItems: 100
example: ['123456789012']
description: |
An array of AWS account IDs as described in
https://docs.aws.amazon.com/IAM/latest/UserGuide/console_account-alias.html
items:
type: string
pattern: '^[0-9]{12}$'
share_with_sources:
type: array
example: ['12345']
items:
type: string
uniqueItems: true
CloneResponse:
required:
- id
properties:
id:
type: string
format: uuid
example: '123e4567-e89b-12d3-a456-426655440000'
DistributionProfileResponse:
type: array
description: |
List of profiles for a given distribution
items:
$ref: '#/components/schemas/DistributionProfileItem'
DistributionProfileItem:
type: string
enum:
- xccdf_org.ssgproject.content_profile_anssi_bp28_enhanced
- xccdf_org.ssgproject.content_profile_anssi_bp28_high
- xccdf_org.ssgproject.content_profile_anssi_bp28_intermediary
- xccdf_org.ssgproject.content_profile_anssi_bp28_minimal
- xccdf_org.ssgproject.content_profile_cis
- xccdf_org.ssgproject.content_profile_cis_server_l1
- xccdf_org.ssgproject.content_profile_cis_workstation_l1
- xccdf_org.ssgproject.content_profile_cis_workstation_l2
- xccdf_org.ssgproject.content_profile_cui
- xccdf_org.ssgproject.content_profile_e8
- xccdf_org.ssgproject.content_profile_hipaa
- xccdf_org.ssgproject.content_profile_ism_o
- xccdf_org.ssgproject.content_profile_ospp
- xccdf_org.ssgproject.content_profile_pci-dss
- xccdf_org.ssgproject.content_profile_standard
- xccdf_org.ssgproject.content_profile_stig
- xccdf_org.ssgproject.content_profile_stig_gui
# all customizations and sub-objects
Customizations:
type: object
properties:
containers:
type: array
items:
$ref: '#/components/schemas/Container'
description: Container images to embed into the final artfact
directories:
type: array
items:
$ref: '#/components/schemas/Directory'
description: Directories to create in the final artifact
files:
type: array
items:
$ref: '#/components/schemas/File'
description: Files to create in the final artifact
subscription:
$ref: '#/components/schemas/Subscription'
packages:
type: array
maxItems: 10000
example: ['postgresql']
items:
type: string
payload_repositories:
type: array
items:
$ref: '#/components/schemas/Repository'
custom_repositories:
type: array
items:
$ref: '#/components/schemas/CustomRepository'
openscap:
$ref: '#/components/schemas/OpenSCAP'
filesystem:
type: array
maxItems: 128
items:
$ref: '#/components/schemas/Filesystem'
users:
type: array
items:
$ref: '#/components/schemas/User'
description:
"list of users that a customer can add, also specifying their respective groups and SSH keys"
services:
$ref: '#/components/schemas/Services'
hostname:
type: string
description: Configures the hostname
example: myhostname
kernel:
$ref: '#/components/schemas/Kernel'
groups:
type: array
description: List of groups to create
items:
$ref: '#/components/schemas/Group'
timezone:
$ref: '#/components/schemas/Timezone'
locale:
$ref: '#/components/schemas/Locale'
firewall:
$ref: '#/components/schemas/FirewallCustomization'
installation_device:
type: string
description: |
Name of the installation device, currently only useful for the edge-simplified-installer type
example: /dev/sda
fdo:
$ref: '#/components/schemas/FDO'
ignition:
$ref: '#/components/schemas/Ignition'
partitioning_mode:
type: string
enum:
- raw
- lvm
- auto-lvm
description: |
Select how the disk image will be partitioned. 'auto-lvm' will use raw unless
there are one or more mountpoints in which case it will use LVM. 'lvm' always
uses LVM, even when there are no extra mountpoints. 'raw' uses raw partitions
even when there are one or more mountpoints.
fips:
$ref: '#/components/schemas/FIPS'
installer:
$ref: '#/components/schemas/Installer'
Container:
type: object
required:
- source
properties:
source:
type: string
description: Reference to the container to embed
example: 'registry.example.com/image:tag'
name:
type: string
description: Name to use for the container from the image
tls_verify:
type: boolean
description: Control TLS verifification
example: true
FirewallCustomization:
type: object
description: Firewalld configuration
additionalProperties: false
properties:
ports:
type: array
description: List of ports (or port ranges) and protocols to open
example: ["22:tcp", "80:tcp", "imap:tcp"]
items:
type: string
services:
type: object
description: Firewalld services to enable or disable
additionalProperties: false
properties:
enabled:
type: array
description: List of services to enable
example: ["ftp", "ntp"]
items:
type: string
disabled:
type: array
description: List of services to disable
example: ["telnet"]
items:
type: string
Directory:
type: object
description: |
A custom directory to create in the final artifact.
required:
- path
properties:
path:
type: string
description: Path to the directory
example: '/etc/mydir'
mode:
type: string
description: Permissions string for the directory in octal format
example: "0755"
user:
oneOf:
- type: string
- type: integer
description: Owner of the directory as a user name or a uid
example: 'root'
group:
oneOf:
- type: string
- type: integer
description: Group of the directory as a group name or a gid
example: 'root'
ensure_parents:
type: boolean
description: Ensure that the parent directories exist
default: false
File:
type: object
description: |
A custom file to create in the final artifact.
required:
- path
properties:
path:
type: string
description: Path to the file
example: '/etc/myfile'
mode:
type: string
description: Permissions string for the file in octal format
example: "0644"
user:
oneOf:
- type: string
- type: integer
description: Owner of the file as a uid or a user name
example: 'root'
group:
oneOf:
- type: string
- type: integer
description: Group of the file as a gid or a group name
example: 'root'
data:
type: string
description: Contents of the file as plain text
data_encoding:
type: string
enum: ['plain', 'base64']
description: When data is base64-encoded to prevent Akamai content filter false positives
default: 'plain'
ensure_parents:
type: boolean
description: Ensure that the parent directories exist
example: true
default: false
Kernel:
type: object
additionalProperties: false
properties:
name:
type: string
description: Name of the kernel to use
example: kernel-debug
append:
type: string
description: Appends arguments to the bootloader kernel command line
example: nosmt=force
Services:
type: object
additionalProperties: false
properties:
enabled:
description: List of services to enable by default
type: array
minItems: 1
items:
type: string
example: "nftables"
disabled:
description: List of services to disable by default
type: array
minItems: 1
items:
type: string
example: "firewalld"
masked:
description: List of services to mask by default
type: array
minItems: 1
items:
type: string
example: "telnet"
Timezone:
type: object
description: Timezone configuration
additionalProperties: false
properties:
timezone:
type: string
description: Name of the timezone, defaults to UTC
example: US/Eastern
ntpservers:
type: array
description: List of ntp servers
example: ["0.north-america.pool.ntp.org", "1.north-america.pool.ntp.org"]
items:
type: string
Locale:
type: object
description: Locale configuration
additionalProperties: false
properties:
languages:
type: array
description: |
List of locales to be installed, the first one becomes primary, subsequent ones are secondary
example: ["en_US.UTF-8"]
items:
type: string
keyboard:
type: string
description: Sets the keyboard layout
example: us
FDO:
type: object
additionalProperties: false
description: FIDO device onboard configuration
properties:
manufacturing_server_url:
type: string
diun_pub_key_insecure:
type: string
diun_pub_key_hash:
type: string
diun_pub_key_root_certs:
type: string
FIPS:
type: object
additionalProperties: false
description: System FIPS mode setup
properties:
enabled:
type: boolean
description: Enables the system FIPS mode
default: false
Installer:
type: object
additionalProperties: false
description: Anaconda installer configuration
properties:
unattended:
type: boolean
description: |
Create a kickstart file for a fully automated installation
sudo-nopasswd:
type: array
items:
type: string
description: |
Enable passwordless sudo for users or groups (groups must be prefixed by %)
Ignition:
type: object
additionalProperties: false
description: Ignition configuration
properties:
embedded:
$ref: '#/components/schemas/IgnitionEmbedded'
firstboot:
$ref: '#/components/schemas/IgnitionFirstboot'
IgnitionEmbedded:
type: object
additionalProperties: false
required:
- config
properties:
config:
type: string
IgnitionFirstboot:
type: object
additionalProperties: false
required:
- url
properties:
url:
type: string
description: Provisioning URL
Group:
type: object
additionalProperties: false
required:
- name
properties:
name:
type: string
description: Name of the group to create
gid:
type: integer
description: Group id of the group to create (optional)
User:
type: object
required:
- name
- ssh_key
properties:
name:
type: string
example: "user1"
ssh_key:
type: string
example: "ssh-rsa AAAAB3NzaC1"
Filesystem:
type: object
required:
- mountpoint
- min_size
properties:
mountpoint:
type: string
example: '/var'
min_size:
x-go-type: uint64
example: 2147483648
description: 'size of the filesystem in bytes'
Subscription:
type: object
required:
- organization
- activation-key
- server-url
- base-url
- insights
properties:
organization:
type: integer
example: 2040324
activation-key:
type: string
format: password
example: 'my-secret-key'
server-url:
type: string
example: 'subscription.rhsm.redhat.com'
base-url:
type: string
example: http://cdn.redhat.com/
insights:
type: boolean
example: true
rhc:
type: boolean
default: false
example: true
description: |
Optional flag to use rhc to register the system, which also always enables Insights.
OpenSCAP:
type: object
required:
- profile_id
properties:
profile_id:
type: string
example: "xccdf_org.ssgproject.content_profile_cis"
description: "The policy reference ID"
profile_name:
type: string
description: "The policy type"
profile_description:
type: string
description: "The longform policy description"
CustomRepository:
type: object
required:
- id
description: |
Repository configuration for custom repositories.
At least one of the 'baseurl', 'mirrorlist', 'metalink' properties must
be specified. If more of them are specified, the order of precedence is
the same as listed above. Id is required.
properties:
id:
type: string
name:
type: string
filename:
type: string
baseurl:
type: array
example: [ 'https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/' ]
items:
type: string
format: uri
mirrorlist:
type: string
format: uri
example: 'http://mirrorlist.centos.org/?release=9-stream&arch=aarch64&repo=BaseOS'
metalink:
type: string
format: uri
example: 'https://mirrors.fedoraproject.org/metalink?repo=fedora-32&arch=x86_64'
gpgkey:
type: array
example: [ "-----BEGIN PGP PUBLIC KEY BLOCK-----\n\nmQINBGAcScoBEADLf8YHkezJ6adlMYw7aGGIlJalt8Jj2x/B2K+hIfIuxGtpVj7e\nLRgDU76jaT5pVD5mFMJ3pkeneR/cTmqqQkNyQshX2oQXwEzUSb1CNMCfCGgkX8Q2\nzZkrIcCrF0Q2wrKblaudhU+iVanADsm18YEqsb5AU37dtUrM3QYdWg9R+XiPfV8R\nKBjT03vVBOdMSsY39LaCn6Ip1Ovp8IEo/IeEVY1qmCOPAaK0bJH3ufg4Cueks+TS\nwQWTeCLxuZL6OMXoOPKwvMQfxbg1XD8vuZ0Ktj/cNH2xau0xmsAu9HJpekvOPRxl\nyqtjyZfroVieFypwZgvQwtnnM8/gSEu/JVTrY052mEUT7Ccb74kcHFTFfMklnkG/\n0fU4ARa504H3xj0ktbe3vKcPXoPOuKBVsHSv00UGYAyPeuy+87cU/YEhM7k3SVKj\n6eIZgyiMO0wl1YGDRKculwks9A+ulkg1oTb4s3zmZvP07GoTxW42jaK5WS+NhZee\n860XoVhbc1KpS+jfZojsrEtZ8PbUZ+YvF8RprdWArjHbJk2JpRKAxThxsQAsBhG1\n0Lux2WaMB0g2I5PcMdJ/cqjo08ccrjBXuixWri5iu9MXp8qT/fSzNmsdIgn8/qZK\ni8Qulfu77uqhW/wt2btnitgRsqjhxMujYU4Zb4hktF8hKU/XX742qhL5KwARAQAB\ntDFGZWRvcmEgKDM1KSA8ZmVkb3JhLTM1LXByaW1hcnlAZmVkb3JhcHJvamVjdC5v\ncmc+iQJOBBMBCAA4FiEEeH6mrhFH7uVsQLMM20Y5cZhnxY8FAmAcScoCGw8FCwkI\nBwIGFQoJCAsCBBYCAwECHgECF4AACgkQ20Y5cZhnxY+NYA/7BYpglySAZYHhjyKh\n/+f6zPfVvbH20Eq3kI7OFBN0nLX+BU1muvS+qTuS3WLrB3m3GultpKREJKLtm5ED\n1rGzXAoT1yp9YI8LADdMCCOyjAjsoWU87YUuC+/bnjrTeR2LROCfyPC76W985iOV\nm5S+bsQDw7C2LrldAM4MDuoyZ1SitGaZ4KQLVt+TEa14isYSGCjzo7PY8V3JOk50\ngqWg82N/bm2EzS7T83WEDb1lvj4IlvxgIqKeg11zXYxmrYSZJJCfvzf+lNS6uxgH\njx/J0ylZ2LibGr6GAAyO9UWrAZSwSM0EcjT8wECnxkSDuyqmWwVvNBXuEIV8Oe3Y\nMiU1fJN8sd7DpsFx5M+XdnMnQS+HrjTPKD3mWrlAdnEThdYV8jZkpWhDys3/99eO\nhk0rLny0jNwkauf/iU8Oc6XvMkjLRMJg5U9VKyJuWWtzwXnjMN5WRFBqK4sZomMM\nftbTH1+5ybRW/A3vBbaxRW2t7UzNjczekSZEiaLN9L/HcJCIR1QF8682DdAlEF9d\nk2gQiYSQAaaJ0JJAzHvRkRJLLgK2YQYiHNVy2t3JyFfsram5wSCWOfhPeIyLBTZJ\nvrpNlPbefsT957Tf2BNIugzZrC5VxDSKkZgRh1VGvSIQnCyzkQy6EU2qPpiW59G/\nhPIXZrKocK3KLS9/izJQTRltjMA=\n=PfT7\n-----END PGP PUBLIC KEY BLOCK-----\n" ]
description: 'GPG key used to sign packages in this repository. Can be a gpg key or a URL'
items:
type: string
check_gpg:
type: boolean
check_repo_gpg:
type: boolean
enabled:
type: boolean
priority:
type: integer
ssl_verify:
type: boolean
module_hotfixes:
type: boolean
Repository:
type: object
required:
- rhsm
properties:
rhsm:
type: boolean
baseurl:
type: string
format: uri
example: 'https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/'
mirrorlist:
type: string
format: uri
example: 'http://mirrorlist.centos.org/?release=9-stream&arch=aarch64&repo=BaseOS'
metalink:
type: string
format: uri
example: 'https://mirrors.fedoraproject.org/metalink?repo=fedora-32&arch=x86_64'
gpgkey:
type: string
check_gpg:
type: boolean
check_repo_gpg:
type: boolean
default: false
description: |
Enables gpg verification of the repository metadata
ignore_ssl:
type: boolean
module_hotfixes:
type: boolean
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment