FROM registry.gitlab.com/centos/cloud/sagano/centos-boot-tier-1:stream9
USER root
COPY 80-iot.preset /usr/lib/systemd/system-preset
COPY 01-edge-base.conf /usr/lib/dracut/dracut.conf.d
RUN update-crypto-policies --set DEFAULT:SHA1 && \
    rpm-ostree install \
	ignition \
	ignition-edge \
	ssh-key-dir \
	grub2 \
	grub2-efi-x64 \
	efibootmgr \
	shim-x64 \
	microcode_ctl \
	iwl1000-firmware \
	iwl100-firmware \
	iwl105-firmware \
	iwl135-firmware \
	iwl2000-firmware \
	iwl2030-firmware \
	iwl3160-firmware \
	iwl5000-firmware \
	iwl5150-firmware \
	iwl6050-firmware \
	iwl7260-firmware \
	redhat-release \
	glibc \
	rpm \
	rpm-ostree \
	glibc-minimal-langpack \
	nss-altfiles \
	dracut-config-generic \
	dracut-network \
	basesystem \
	bash \
	platform-python \
	shadow-utils \
	chrony \
	setup \
	shadow-utils \
	sudo \
	systemd \
	coreutils \
	util-linux \
	curl \
	vim-minimal \
	polkit \
	lvm2 \
	cryptsetup \
	pinentry \
	e2fsprogs \
	dosfstools \
	keyutils \
	gnupg2 \
	attr \
	xz \
	gzip \
	firewalld \
	iptables \
	NetworkManager \
	NetworkManager-wifi \
	NetworkManager-wwan \
	wpa_supplicant \
	dnsmasq \
	traceroute \
	hostname \
	iproute \
	iputils \
	procps-ng \
	#rootfiles \
	passwd \
	policycoreutils \
	policycoreutils-python-utils \
	setools-console \
	less \
	tar \
	rsync \
	usbguard \
	bash-completion \
	tmux \
	ima-evm-utils \
	audit \
	podman \
	containernetworking-plugins \
	container-selinux \
	skopeo \
	criu \
	slirp4netns \
	fuse-overlayfs \
	clevis \
	clevis-dracut \
	clevis-luks \
	greenboot \
	greenboot-default-health-checks \
	fdo-client \
	fdo-owner-cli \
	sos \
	&& ostree container commit
RUN KERNEL_VERSION=$(rpm -q kernel | cut -c 8-); \
    dracut --reproducible -v -f \
    /lib/modules/$KERNEL_VERSION/initramfs.img $KERNEL_VERSION && \
    ostree container commit