Commit Graph

1874 Commits

Author SHA1 Message Date
Brian C. Lane
0cb4d04479 Lock the root account, except on live-iso
If we leave the root account w/o a password people will use it that way,
leading to insecure images. Also if we use a default password. So lock
the root account in the templates.

Users will need to do one of these things:
 1. Use [[customizations.user]] in their blueprint to configure root or
    another user.
 2. Use [[customizations.sshkey]] to set a key for root
 2. Install a package that configures a user at install time
 3. Install a package that sets up a user at boot time (eg. cloud-init)

This also drops the auth line from the kickstart templates, allowing it
to use the default password algoritm instead of md5.

Resolves: rhbz#1626122
2018-10-09 15:11:51 -07:00
David Shea
3ea07ed44a Add new compose types to compose sanity test 2018-10-09 15:11:36 -07:00
Lars Karlitski
9ae690e3b6 Also run make check on travis 2018-10-09 15:10:45 -07:00
Lars Karlitski
d8cb1a19f8 Fix pylint errors and warnings
Remove `except` block which immediately raises the same exception again (it's
not a subclass of another caught exception, so this is safe).

Remove a false positive, because it is not emitted from the code base.

Disable subprocess-popen-preexec-fn in startProgram, which is not used
internally.
2018-10-09 15:04:43 -07:00
Alexander Todorov
ca1bf01b03 New cli test covering basic compose commands
- need to specify --sharedir so lorax-composer can find its
  kickstart files

- each test script writes results into a separate directory to
  avoid a passing test overwriting the results from a failing one.
  To avoid reporting failures in case of previously failing tests
  (e.g. during development) remove the temporary directories holding
  tets results before execution!
2018-10-09 15:03:24 -07:00
Alexander Todorov
ee62425388 Execute bash tests for composer-cli
these are built on top of beakerlib and we use its internal
protocol to figure out the result without relying on the full
test runner that is tipically used inside of a RHEL environment!

Includes a disabled test snippet for Issue #460
2018-10-09 15:02:57 -07:00
Stef Walter
e95c09dd7e Start a HACKING.md file and document how to run the tests 2018-10-09 15:02:38 -07:00
Stef Walter
5cb1748908 Ignore files created by tests 2018-10-09 15:01:26 -07:00
Stef Walter
5891879ae4 Makefile: Fix the 'make install' target
This fixes the 'make install' target to work on a typical RHEL or
Fedora system. We now by default install to a prefix of /usr instead
of /usr/local

The prefix is overridable like so:

     $ make install PREFIX=/opt/
2018-10-09 15:01:14 -07:00
Brian C. Lane
48f7ad780d lorax: Only run depmod on the installed kernels
In the near-future there may be /lib/modules/ directories for older
kernels with weak dependencies listed. These may not match the installed
kernel(s) so we cannot depend on them to drive generate_module_data.

Instead use the existing findkernels() function to get the list of
installed kernels and iterate those, running depmod on them.

Resolves: rhbz#1622213
2018-10-09 14:51:05 -07:00
David Shea
2304a73676 Add virt guest agents to the qcow2 compose
(cherry picked from commit d5a1993640)
2018-10-02 12:56:56 -04:00
David Shea
de6e1d027e Add a vmdk compose type.
This is similar to the AMI type, but also adds open-vm-tools and does not do
anything special to the partitioning

(cherry picked from commit 1056bfc25b)
2018-10-02 12:56:52 -04:00
David Shea
68c1a7aa96 Add a vhd compose type for Azure images
This does pretty much the same things as the AMI compose type, but also
replaces NetworkManager with the Azure linux agent.

(cherry picked from commit e0c236ff36)
2018-10-02 12:56:47 -04:00
David Shea
f79fd46f1f Add an ami compose type for AWS images
This differs from lmc's --make-ami in that creates a full disk image instead of
an fsimage. Create a raw disk image with a / and /boot partitions, and enable
sshd, chronyd, and cockpit by default.

(cherry picked from commit 18188bf6cf)
2018-10-02 12:56:33 -04:00
David Shea
09b34889bc Remove --fstype from the generated part line
Instead of specifying the fstype, just let anaconda use the default.

(cherry picked from commit 847fff4e11)
2018-10-02 12:56:03 -04:00
Brian C. Lane
7823d46747 New lorax documentation - 28.18 2018-09-06 10:41:38 -07:00
Brian C. Lane
6eb357e71e Fix /compose/cancel API documentation
It said /blueprints/cancel which is incorrect.
2018-08-29 10:08:15 -07:00
Brian C. Lane
a951bf083d Automatic commit of package [lorax] release [28.18-1].
Created by command:

/usr/bin/tito tag
2018-08-27 15:47:16 -07:00
Brian C. Lane
a286e9b3dc Fix composer-cli blueprints changes to get correct total
blueprints/changes is different, each blueprint has it's own total,
limited by the call's limit. So it needs to find the max total of all
the requested blueprints.

(cherry picked from commit 57674c9a1a)
2018-08-27 12:02:39 -07:00
Brian C. Lane
630df546e6 Fix blueprints/list and blueprints/changes to return the correct total
(cherry picked from commit ec908fcd2a)
2018-08-27 12:02:39 -07:00
Brian C. Lane
8838ee12bc Add tests for limit=0 routes
Passing ?limit=0 to the blueprints/list, blueprints/changes,
projects/list, modules/list should always return the total possible
results, not 0.

Also move the composer-cli test_diff to the end so that it will work
consistently. Do this by naming it test_z_diff.

(cherry picked from commit 972b5c4142)
2018-08-27 12:02:39 -07:00
Brian C. Lane
187cd935df Add a function to get_url_json_unlimited to retrieve the total
The blueprints/changes API is a bit different from the others, the total
that it includes is for each blueprint, not one total for all of them,
since there will be a different number of commits for each.

The function is passed the dict, and it can be used to select the total
to use for retrieving all of the results. If it isn't included it will
use data["total"] which works fine in most cases.

(cherry picked from commit 0a76d635ca)
2018-08-27 12:02:39 -07:00
Brian C. Lane
7773be2bda Fix tests related to blueprint name changes 2018-08-23 13:46:39 -07:00
Brian C. Lane
b198c6e498 Add 'example' to the example blueprint names 2018-08-23 13:45:32 -07:00
Brian C. Lane
9249d21d6f Use urllib.parse instead of urlparse
python3 moved this to a new module.

(cherry picked from commit 86d556e87c)
2018-08-21 16:50:53 -07:00
David Shea
e3ef3d9a29 In composer-cli, request all results
Add a limit argument to all potentially paginated results, equal to
whatever the composer backend is the total number of results. This still
has the potential to provide truncated data if the number of results
increases between the two HTTP requests.

Resolves: #404
(cherry picked from commit ee98d87cea)
2018-08-21 16:50:53 -07:00
David Shea
eedf1a9243 Add tests for /compose/status filter arguments
(cherry picked from commit c52ba4236a)
2018-08-21 16:50:53 -07:00
David Shea
bba0a85aaf Allow '*' as a uuid in /compose/status/<uuid>
This will display all UUIDs that match the filter arguments

(cherry picked from commit deff4d325f)
2018-08-21 16:50:53 -07:00
David Shea
5272be3127 Add filter arguments to /compose/status
This adds the following optional arguments to the /compose/status route:

  - type, matches the compose_type field
  - status, matches the queue_status field
  - blueprint, matches the blueprint field

(cherry picked from commit 40f23f093d)
2018-08-21 16:50:53 -07:00
Brian C. Lane
8694c7a7dc composer-cli should not log to a file by default
The user can pass --log /path/to/logfile.log if they want logging
enabled.

(cherry picked from commit 844ff9998b)
2018-08-21 11:59:12 -07:00
Brian C. Lane
93b207e752 Add documentation for using a DVD as the package source 2018-08-21 11:28:59 -07:00
Lars Karlitski
d55ff41870 Set TCP listen backlog for API socket to SOMAXCONN
A value of 1 is too low for heavy users of the API, such as the weldr-web
interface.

This is also systemd's default for sockets it opens. Using lorax-composer with
socket activation already results in a backlog of SOMAXCONN connections.

(cherry picked from commit be5d50e6f3)
2018-08-20 14:54:57 -07:00
Brian C. Lane
cef073d832 New lorax documentation - 28.17 2018-08-13 16:49:52 -07:00
Brian C. Lane
c2f96b3d3b Add a note about using lorax-composer.service
Update the docs to make it clear that .socket will be slow to respond to
the first request, and to use .service to speed it up.

(cherry picked from commit 83e5f3f885)
2018-08-13 16:47:12 -07:00
Brian C. Lane
64efb8b415 Ignore dnf.logging when building docs
(cherry picked from commit 07de4c371a)
2018-08-13 16:47:10 -07:00
Chris Lumens
312faf6275 Fix a little bug in running "modules list".
(cherry picked from commit 5dddef6f49)
2018-08-10 12:00:54 -04:00
Brian C. Lane
3a89828faf Automatic commit of package [lorax] release [28.17-1].
Created by command:

/usr/bin/tito tag
2018-08-09 16:38:21 -07:00
Brian C. Lane
77dc017c78 Fix bash_completion.d typo 2018-08-09 16:25:26 -07:00
Brian C. Lane
02dc3404a8 Move disklabel and UEFI support to compose.py
Currently we are making MBR disk images for qcow2 and partitioned disk,
so the UEFI packages aren't required at this point.

Move the clearpart command into compose.py so that in the futute it can
use clearpart --disklabel to create a GPT image, and add the required
packages to the package set.
2018-08-09 15:26:09 -07:00
Chris Lumens
a08c16158d Fix more tests.
These were broken due to me rebasing before sending a PR off.  They
should work now.

(cherry picked from commit 4cb15e0a0f)
2018-08-09 16:33:30 -04:00
Chris Lumens
a567157aa2 Change INVALID_NAME to INVALID_CHARS.
It's getting used in a whole lot more places now, so make it a bit more
generic sounding.

(cherry picked from commit bf0318eab6)
2018-08-09 16:33:26 -04:00
Chris Lumens
9c188b84a6 Update composer-cli for the new error return types.
(cherry picked from commit bc96f75992)
2018-08-09 16:33:19 -04:00
Chris Lumens
05e1a34687 Add default error IDs everywhere else.
The idea here is to make sure all return points have the same type for
the error cases.  There's not really all that many, so they just go in
one patch.  Some of these could potentially turn into more specialized
errors later.

(cherry picked from commit fd901c5e3f)
2018-08-09 16:33:06 -04:00
Chris Lumens
7c19be3792 Add error IDs to things that can go wrong when running a compose.
Note the exception string checking around compose_type.  I didn't really
want to introduce a new exception type just for this, but also didn't
want to duplicate strings.  I'd be open to other suggestions for how to
do this.

(cherry picked from commit b3bb438254)
2018-08-09 16:32:45 -04:00
Chris Lumens
23fe52dd70 Add error IDs for common source-related errors.
(cherry picked from commit e43adfc7af)
2018-08-09 16:32:40 -04:00
Chris Lumens
cb97c59079 Add error IDs for unknown modules and unknown projects.
(cherry picked from commit 2adcfc9563)
2018-08-09 16:32:36 -04:00
Chris Lumens
3a2716dec4 Add error IDs for when an unknown commit is requested.
(cherry picked from commit 07528a431e)
2018-08-09 16:32:27 -04:00
Chris Lumens
2a8a9bc506 Add error IDs for when an unknown blueprint is requested.
This adds some fairly redundant code to the beginning of all the
blueprint routes to attempt reading a commit from git for the
blueprint's recipe.  If it succeeds, the blueprint exists and the route
can continue.  Otherwise, return an error.  Hopefully this doesn't slow
things down too much.

(cherry picked from commit a925cc7ddb)
2018-08-09 16:32:22 -04:00
Chris Lumens
44b8b79af7 Add error IDs for when an unknown build UUID is requested.
Note that this also changes the return type of uuid_info to return None
when an unknown ID is given.  The other uuid_* functions are fine
because they are checked ahead of time.

(cherry picked from commit 6497b4fb65)
2018-08-09 16:32:05 -04:00
Chris Lumens
3e0ece3634 Add error IDs for bad state conditions.
(cherry picked from commit d76e24053a)
2018-08-09 16:31:34 -04:00