Description
Describe the bug
Hi Oliver,
the issue as described in #33 happens on Ph4 x86_64 as well.
The correct initrd container including stig-hardening - is it this one?
projects5-proxy.projects.packages.broadcom.com/photon/installer:sha256__e95ed1f06d478a5b2c6cc49bb976c48bc763afeb37e17067f4cd47171c333219
That projects5-proxy-prefix is correct, right?
Github repository for Photon OS 4 does not include a https://github.com/vmware/photon/tree/4.0/support/poi subdirectory, right?
You've said For the future, you can also build these container images yourself, see https://github.com/vmware/photon-os-installer/tree/master/docker#readme .
Is it allowed to integrate it the classic way?
pip3 install git+https://github.com/vmware/photon-os-installer.git
PHOTON_RELEASE="4.0"
git clone -b $PHOTON_RELEASE https://github.com/vmware/photon.git
cd photon/
# TODO inject support/poi in photon/
# modifications in poi.py
# if THIS_ARCH == "x86_64":
# POI_IMAGE = "projects5-proxy.projects.packages.broadcom.com/photon/installer:sha256__e95ed1f06d478a5b2c6cc49bb976c48bc763afeb37e17067f4cd47171c333219"
# elif THIS_ARCH == "aarch64":
# POI_IMAGE = "projects5-proxy.projects.packages.broadcom.com/photon/installer-arm64:ob-22815437"
# else:
# raise Exception(f"unknown arch {THIS_ARCH}")# use ":latest" tag for latest version and reproducibility is not important
make image IMG_NAME=iso
Reproduction steps
Make build of Ph4 x86_64 (photon-4.0-492d03156.iso)
Boot from iso on VMware Workstation 17 vm. Provisioning with photon minimal, stig hardening = yes
Expected behavior
Installation with stig hardening = yes
Additional context
The flexibility of initrd containers creates different levels of complexity. The custom bits should be governed, because tdnf highly depends on it -> cpu architecture, flavors, mbr/uefi, security features like secure boot/encryption/hardening/hashingtype, and more.