Make it clear that the services are added to services already listed in
the image templates, and that you can specify any systemd unit filename.
Older releases are more restrictive, and this documentation will need to
be updated when these changes are backported.
(cherry picked from commit 4f701e7e92)
Related: rhbz#1718473
Add support for enabling and disabling systemd services in the
blueprint. It works like this:
[customizations.services]
enabled = ["sshd", "cockpit.socket", "httpd"]
disabled = ["postfix", "telnetd"]
They are *added* to any existing settings in the kickstart templates.
(cherry picked from commit 1111aee92d)
Related: rhbz#1718473
You can now open ports in the firewall, using port numbers or service
names:
[customizations.firewall]
ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]
Or enable/disable services registered with firewalld:
[customizations.firewall.services]
enabled = ["ftp", "ntp", "dhcp"]
disabled = ["telnet"]
If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.
(cherry picked from commit 4d35668ab5)
Related: rhbz#1718473
You can now set the keyboard layout and language. Eg.
[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"
Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'
Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.
(cherry picked from commit e5a8700bdf)
Related: rhbz#1718473
For example:
[customizations.timezone]
timezone = "US/Samoa"
ntpservers = ["0.pool.ntp.org"]
Also includes tests.
This removes the timezone kickstart command from all of the templates
except for google.ks which needs to set it's own ntp servers and timezone.
If timezone isn't included in the blueprint, and it is not already in a
template, it will be set to 'timezone UTC' by default.
If timezone is set in a template it is left as-is, under the assumption
that the image type requires it to boot correctly.
(cherry picked from commit 9bdbb29662)
Related: rhbz#1718473
The goal here is to do the minimum needed to get the images setup for
use so they can have more complex customizations applied later.
I think this list is a pretty good minimal set of features without going
full kickstart.
(cherry picked from commit 95c288d829)
Related: rhbz#1718473
* If `$COCKPIT_BOTS_REF` is set, check out that bots version instead of
master.
* Use git cache in $XDG_CACHE_HOME if available. Our CI uses that to
save downloads, and it does not get in the way for local developers.
Adapted from https://github.com/cockpit-project/starter-kit/pull/233
Cherry-picked from master commit a2c67385e4.
export BLUEPRINTS_DIR for use in tests
Depending on the way the tests are run the directory may be a temporary
dir, or it may be the standard /var/lib/lorax/... path.
Related: rhbz#1749802
Skipping because:
larsu: I get `open failed: administratively prohibited: open failed`
larsu: ssh somehow disallows making a side channel for the forward
larsu: there's an option that controls it, but it's set to "yes"
larsu: I've straced the sshd, with no luck coming closer
We'll deal with this later, possibly together with the rest of
the skipped test cases.
Related: rhbz#1698366
- these files are executed under Python 3 while the linter
is Python 2 for RHEL 7 so we just ingore them
- also reverts the changes introduced to make these files Py2
compatible, making them the same as on master branch
Related: rhbz#1698366
this will report failing status in CI in case we have the
'Ran 0 tests in 46.486s' scenario.
Note: the check is placed after runner.run() to present the
message shown above which should make it more clear what went on.
Related: rhbz#1698366
0 run
The docker phase always failed because `-ti` was passed even though the
the output was not a terminal. Moreover docker service isn't running by
default on RHEL-7, so it's necessary to start it first explicitly.
Related: rhbz#1720224
These are used when running tests, so catch-up with changes in lorax.
Includes adding rootfs-size, extra kernel args, and using locking to
prevent temporary files from being deleted by systemd tmpfiles handling.
Related: rhbz#1668520
Related: rhbz#1715116
Related: rhbz#1689314
Because anaconda --dirinstall is used the kickstart's network like isn't
processed at all. So we need to remove the NetworkManager-server-config
package which disables networking.
Resolves: rhbz#1710877
It's necessary to make sure the blueprints directory doesn't contain
the git/ directory before the tests are run, so that we can just simply
modify the blueprint files without using blueprints push.
Related: rhbz#1698366
`setup_tests()` expected BLUEPRINTS_DIR to be set, but it wasn't when
running in automated mode (with $CLI set).
Fix this and move share and blueprint dirs to function arguments.
Related: rhbz#1698366
the version coming from RPM is older and prevents installing
ansible[azure] via pip. OTOH removing with yum also removes
lorax-composer and breaks tests when running against the RPM
instead of git checkout (which will be the default with Cockpit CI).
Related: rhbz#1715003
If a repository has `sslcacert`, `sslclientcert`, or `ssclientkey` set,
pass them to anaconda through the kickstart file. This is mostly the
case when using RHEL repositories that are accessed through a
subscription.
Resolves: rhbz#1701033
- verify SemVer .patch number will be automatically updated when
we push the blueprint a second time without changing version
- verify show displays the content in TOML format and it matches
what is on disk. Because of that also start with empty packages
and groups fields in the initial toml. If they are missing they
will be added automatically by lorax-composer and this simplifies
the test
- verify delete works
Related: rhbz#1698366