Commit Graph

2137 Commits

Author SHA1 Message Date
Brian C. Lane
9f0dd17e2f Change customizations.firewall to append items instead of replace
To maintain consistency with the other options this changes firewall to
combine the existing settings from the image template with the settings
from the blueprint.

Also updated the docs, added a new test for it, and sorted the output
for consistency.

(cherry picked from commit 3e08389a0f)

Resolves: rhbz#1709595
2019-05-29 16:29:17 -07:00
Brian C. Lane
e9231ae65e Update customizations.services documentation
Make it clear that the services are added to services already listed in
the image templates, and that you can specify any systemd unit filename.

Older releases are more restrictive, and this documentation will need to
be updated when these changes are backported.

(cherry picked from commit 4f701e7e92)

Related: rhbz#1709595
2019-05-29 15:23:31 -07:00
Brian C. Lane
cdf0cbbc5e lorax-composer: Add services support to blueprints
Add support for enabling and disabling systemd services in the
blueprint. It works like this:

    [customizations.services]
    enabled = ["sshd", "cockpit.socket", "httpd"]
    disabled = ["postfix", "telnetd"]

They are *added* to any existing settings in the kickstart templates.

(cherry picked from commit 1111aee92d)

Related: rhbz#1709595
2019-05-29 15:22:30 -07:00
Brian C. Lane
59bad712ad lorax-composer: Add firewall support to blueprints
You can now open ports in the firewall, using port numbers or service
names:

    [customizations.firewall]
    ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]

Or enable/disable services registered with firewalld:

     [customizations.firewall.services]
     enabled = ["ftp", "ntp", "dhcp"]
     disabled = ["telnet"]

If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.

(cherry picked from commit 4d35668ab5)

Related: rhbz#1709595
2019-05-29 15:21:34 -07:00
Brian C. Lane
ad6fe6cffd lorax-composer: Add locale support to blueprints
You can now set the keyboard layout and language. Eg.

[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"

Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'

Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.

(cherry picked from commit e5a8700bdf)

Related: rhbz#1709595
2019-05-29 15:20:28 -07:00
Brian C. Lane
86b595e13e lorax-composer: Fix customizations when creating a recipe
This fixes the customizations list problem earlier than in
add_customizations.

In the recipe it should be [customizations] not [[customizations]]
which creates a list. If it was used that way grab the first element and
replace the list with it.

(cherry picked from commit 67007dfa60)

Related: rhbz#1709595
2019-05-29 15:18:41 -07:00
Brian C. Lane
cf46a6db96 Update docs for new timezone section
(cherry picked from commit 2929deaf01)

Related: rhbz#1709595
2019-05-29 15:17:31 -07:00
Brian C. Lane
10e46c9178 lorax-composer: Add timezone support to blueprint
For example:

[customizations.timezone]
timezone = "US/Samoa"
ntpservers = ["0.pool.ntp.org"]

Also includes tests.

This removes the timezone kickstart command from all of the templates
except for google.ks which needs to set it's own ntp servers and timezone.

If timezone isn't included in the blueprint, and it is not already in a
template, it will be set to 'timezone UTC' by default.

If timezone is set in a template it is left as-is, under the assumption
that the image type requires it to boot correctly.

(cherry picked from commit 9bdbb29662)

Related: rhbz#1709595
2019-05-29 15:14:58 -07:00
Brian C. Lane
ad575e2475 Proposal for adding to the blueprint customizations
The goal here is to do the minimum needed to get the images setup for
use so they can have more complex customizations applied later.
I think this list is a pretty good minimal set of features without going
full kickstart.

(cherry picked from commit 95c288d829)

Related: rhbz#1709595
2019-05-29 15:04:29 -07:00
Brian C. Lane
bc3add51ed Automatic commit of package [lorax] release [28.14.28-1].
Created by command:

/bin/tito tag
2019-05-29 11:04:22 -07:00
Brian C. Lane
396efecf42 Create a lorax-docs package with the html docs
Also include the other top level .rst docs in the main lorax package.

Resolves: rhbz#1695274
(cherry picked from commit 2949edf733)
2019-05-29 10:41:41 -07:00
Jan Stodola
cfc5cea356 Fix path to generic.prm
Also quote ${extra_boot_args} as in the other templates

(cherry picked from commit f24877b06e)

Resolves: rhbz#1714107
2019-05-29 10:36:07 -07:00
Brian C. Lane
fe414df281 Automatic commit of package [lorax] release [28.14.27-1].
Created by command:

/bin/tito tag
2019-05-16 10:02:20 -07:00
Brian C. Lane
64fd1e9204 Add kernel to ext4-filesystem template
The filesystem was too small because Anaconda always adds the kernel,
but the template uses --nocore so it doesn't take that into account.
Add it to the template so that the filesystem size will be large enough
to hold the extra packages.

Resolves: rhbz#1709792
2019-05-16 09:37:01 -07:00
Brian C. Lane
d5fb43844f Switch the --virt-uefi method to use SecureBoot
This updates the qemu arguments so that it will actually work, and
switches to using SecureBoot OVMF firmware.

Resolves: rhbz#1691661
2019-05-16 09:30:53 -07:00
Brian C. Lane
6529b3e5e8 qemu wasn't restoring the terminal if it was terminated early
You would need to run reset to regain control of your terminal after
this happened, so this turns off the monitor and serial port mux to
stdout.

Resolves: rhbz#1691632
2019-05-16 09:23:42 -07:00
Brian C. Lane
59f0870940 Revert "lorax-composer: Add CDN repo checks to startup and compose start."
This reverts commit 6a2f574ed7.

Related: rhbz#1691969
2019-05-13 12:05:33 -07:00
Brian C. Lane
dbee219e13 Revert "lorax-composer: Check for CDN only repos"
This reverts commit f1af108e5b.

Related: rhbz#1691969
2019-05-13 12:03:39 -07:00
Jiri Kortus
755e71b542 Add test for passing custom option on kernel command line
Related: rhbz#1687743
2019-04-29 12:52:22 +03:00
Jiri Kortus
81ad0509f2 Use verify_image function as a helper for generic tests
Related: rhbz#1704172
2019-04-29 12:52:22 +03:00
Alexander Todorov
07a64aab07 Change [[modules]] to [[packages]] in tests
> bcl: this should really be [[packages]] since [[modules]] is
> going to change to actual modules at some point

Related: rhbz#1698368
2019-04-19 13:52:32 +03:00
Alexander Todorov
b735c8ce0c Add new test to verify compose paths exist
because they are mentioned in the official documentation

Related: rhbz#1698368
2019-04-19 13:52:32 +03:00
Alexander Todorov
c9978b800c Add new sanity tests for blueprints
- verify SemVer .patch number will be automatically updated when
  we push the blueprint a second time without changing version
- verify show displays the content in TOML format and it matches
  what is on disk. Because of that also start with empty packages
  and groups fields in the initial toml. If they are missing they
  will be added automatically by lorax-composer and this simplifies
  the test
- verify delete works

Related: rhbz#1698368
2019-04-19 13:52:32 +03:00
Chris Roberts
41d4d78f00 Update VMware info for VMware testing
Cluster and Network changed due to new hardware in RDU2 DC

Related: rhbz#1678937
2019-04-18 10:34:55 +03:00
Jiri Kortus
e5fb0b3f37 Add test for starting compose with deleted blueprint
Related: rhbz#1699303
2019-04-17 13:41:42 +03:00
Jiri Kortus
5962533e56 Fixes for locked root account test
Fixes related to a few issues in the locked root account test I somehow
managed to overlook in the initial commit.

Related: rhbz#1698473
2019-04-17 13:39:39 +03:00
Brian C. Lane
0c8a29ae63 Fix lorax.spec bz reference
You can't reference old bugs, even as Related, in new branches.

Related: rhbz#1678937
2019-04-05 11:41:06 -07:00
Brian C. Lane
67059b260f Automatic commit of package [lorax] release [28.14.26-1].
Created by command:

/bin/tito tag
2019-04-05 11:29:59 -07:00
Brian C. Lane
20a9b4fff3 Only use repos with valid urls for test_server.py
libdnf-0.22.5-5 changed something and now the repos with fake urls are
failing when loaded by test_server.py (they still work fine with
test_projects.py) so only use the 'good' repos with the test_server.py
tests -- the others weren't needed for any of its tests anyway.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
e85174abce Use strict=False when reading repo files
In some cases they may contain duplicate sections. With it set to False
the last one wins instead of causing a traceback.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
a30afe6e5c tests: Skip docs if not installed
And make buildstamp test ignore the version number, since it might be
devel or it might be an actual version when running against the
installed package.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
dd2446faf6 tests: Make sure example-development is present for delete test
Use it for the save, delete, push testing for composer-cli
tests. Otherwise the test runs fine the first time and fails after that
if you don't re-install the test environment.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
6242ae8b18 tests: Make it easier to update version globs
Use constants so we won't have to edit a dozen places in the test when
the package versions are bumped.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
a2252112d4 tests: Select the group to use based on the release
Use c-development on fedora and development on RHEL

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
Brian C. Lane
33dfeed5bb Add requirements-test.txt
This will help with testing outside of a container. Use pip3 install -r
requirements-test.txt to install the modules used for testing.

Related: rhbz#1678937
2019-04-05 11:05:58 -07:00
David Shea
87a47c6a00 Fix the google cloud boot console settings
Forgot the 'console=' part.

(cherry picked from commit 35e44ffb37)

Related: rhbz#1689140
2019-04-05 11:38:04 -04:00
David Shea
0467377810 Add a compose type for alibaba.
This compose type creates a partitioned disk as a qcow2 file, but with
only one partition instead of using a separate /boot.

(cherry picked from commit 44e14176bb)

Resolves: rhbz#1689140
2019-04-05 11:38:01 -04:00
David Shea
138db14acd Add a compose check for google cloud images.
(cherry picked from commit c6fcf9d1eb)

Related: rhbz#1689140
2019-04-05 11:32:30 -04:00
David Shea
49810847c4 Add a compose type for Google Compute Engine
(cherry picked from commit bd804c271b)

Resolved: rhbz#1689140
2019-04-05 11:31:56 -04:00
David Shea
d51a79d4fc Add a new output type, tar-disk.
This option will create an optionally compressed tarball containing a
disk image. This format is used by Google's Compute Engine.

This also adds a new option, tar_disk_name, to set the name of the disk
image that will be wrapped in the final tarball. opts.image_name
continues to be the final output file name.

(cherry picked from commit c941b82b0c)

Related: rhbz#1689140
2019-04-05 11:31:39 -04:00
David Shea
96c4f08358 Support compressing single files.
Modify imgutils.compress to allow the "rootdir" argument to be either a
directory or a single file to add to an archive.

(cherry picked from commit c585b91422)

Related: rhbz#1689140
2019-04-05 11:31:09 -04:00
David Shea
a9bb68b26f Add an option to align the image size to a multiplier.
If provided, round the disk image size up to a multiple of the value.
This allows for image formats with specific size-alignment requirements
(e.g., disk size must be in GiB).

(cherry picked from commit 8ef4f431d8)

Related: rhbz#1689140
2019-04-05 11:30:19 -04:00
Lars Karlitski
1511c0f9a2 Pass ssl certificate options to anaconda
If a repository has `sslcacert`, `sslclientcert`, or `ssclientkey` set,
pass them to anaconda through the kickstart file. This is mostly the
case when using RHEL repositories that are accessed through a
subscription.

(cherry picked from commit e194b5926c)

Resolves: rhbz#1663950
2019-04-04 08:46:44 -07:00
Jiri Kortus
9e0e2b718f Add checks for disabled root account
The root account checks are applied to generated and deployed images
to make sure that root account is locked, except for live ISO.

Related: rhbz#1626122
2019-03-29 23:13:01 +02:00
Brian C. Lane
a9a3016cae Fixup lorax.spec bugs
The first build for 8.1.0 contained some bugs that referenced old 8.0.0
bugs. I edited the spec in dist-git and the changes need to be reflected
here as well.

Related: rhbz#1678937
2019-03-27 12:53:09 -07:00
Brian C. Lane
fd883c86f7 Automatic commit of package [lorax] release [28.14.25-1].
Created by command:

/bin/tito tag
2019-03-27 12:43:42 -07:00
Brian C. Lane
0159d3ebd3 New lorax documentation - 28.14.25
Related: rhbz#1687743
2019-03-27 12:25:06 -07:00
Brian C. Lane
d7f5f3064b lorax-composer: pass customization.kernel append to extra_boot_args
This allows iso builds to include the extra kernel boot parameters by
passing them to the arch-specific live/*tmpl template.

Also adds tests to make sure it is written to config.toml in the build
metadata.

Resolves: rhbz#1687743
2019-03-27 11:32:19 -07:00
Brian C. Lane
f2ec60b9e4 Improve logging for template syntax errors
The shlex splitting can fail, resulting in error messages like:

ERROR livemedia-creator: No closing quotation

without any context in the log files. This logs the line that failed to
be split and expanded.

Related: rhbz#1687743
2019-03-27 11:32:19 -07:00
Brian C. Lane
a710d17294 Add extra boot args to the livemedia-creator iso templates
This adds a new livemedia-creator argument, --extra-boot-args, which can
be used to add arguments to the kernel command-line in the templates.

Related: rhbz#1687743
2019-03-27 11:32:19 -07:00