Implement squashfs-seeded Ubuntu genimage for live-server media

[viniciusferrao]

Problem

Modern Ubuntu live-server ISOs are installer media, not complete apt package mirrors. copycds can copy the media and create install osimages, but Ubuntu netboot/statelite image generation still assumes genimage can build a root image with debootstrap from linuximage.pkgdir.

That assumption breaks when linuximage.pkgdir points only at copied live-server media. The ISO may contain a usable live root filesystem under casper/, but it does not reliably contain every .deb and apt index needed for debootstrap or for all xCAT netboot package requirements.

The guardrail fix makes this explicit and removes hidden public archive fallback behavior. It does not solve the real offline root-image build path.

Goal

Teach Ubuntu genimage to build from deterministic configured sources:

• keep the existing debootstrap flow when linuximage.pkgdir includes an explicit complete apt repository or an explicitly configured HTTP/HTTPS Ubuntu apt repository
• when only copied Ubuntu live-server media is configured, seed rootimg from the ISO's casper squashfs content instead of using debootstrap
• install only missing packages from configured pkgdir / otherpkgdir sources
• fail clearly when required packages are absent from both the squashfs root and configured package sources
• never silently fall back to an unconfigured network archive

Proposed implementation

1. Detect copied Ubuntu live media in genimage:

   • casper/install-sources.yaml
   • casper/*.squashfs

2. Parse install-sources.yaml enough to select the server root source:

   • support fsimage
   • support fsimage-layered
   • prefer the server/default source over desktop or installer-only sources

3. Seed rootimg from squashfs:

   • for a single fsimage, extract or mount/copy that image
   • for layered images, combine base and layer with overlay semantics, then copy the merged filesystem into rootimg
   • clean up mounts reliably on failure

4. Validate the seeded root:

   • root is chrootable
   • kernel and modules are present
   • expected package database exists

5. Reconcile xCAT package lists:

   • read the selected pkglist as today
   • use dpkg-query inside rootimg to skip packages already present
   • install missing packages only from configured package sources
   • report missing packages as a single actionable error

6. Keep existing explicit-repo behavior:

   • if an admin configures a full local apt mirror or explicit HTTP/HTTPS apt repository, debootstrap remains supported

Known blocker

Current Ubuntu netboot/statelite initrd generation depends on NFS client tooling such as mount.nfs, which comes from nfs-common. Public Ubuntu live-server media does not reliably include nfs-common.

The first implementation should not pretend ISO-only statelite/NFS is solved. It should either:

• install nfs-common from configured package sources, or
• fail clearly and tell the admin which package source is missing

A later follow-up can redesign the Ubuntu initrd path if xCAT should support statelite/NFS without nfs-common from an apt repository.

Validation plan

Static and unit coverage:

• parser tests for install-sources.yaml
• tests for selecting server fsimage and fsimage-layered sources
• tests that public archive fallback remains absent
• tests that installed packages are skipped and missing packages are reported clearly
• perl -c and perlcritic on touched Perl files, with pre-existing findings separated

Functional coverage:

• copycds of representative Ubuntu live-server media
• genimage with copied media only, proving the squashfs root path is selected
• genimage with explicit apt repository configured, proving the existing debootstrap path still works
• negative test where required packages are missing, proving the error lists the missing packages and configured source requirement
• at least one x86_64 netboot/stateless smoke when required package sources are available

Non-goals

• no automatic package downloading outside configured sources
• no hardcoded public Ubuntu mirror
• no broad rewrite of Ubuntu provisioning templates
• no claim that ISO-only statelite/NFS works until the NFS client dependency is solved