On Fedora 31 passworless root login is no longer working. We already
install a ssh key, may as well use it.
This also reduces the live boot timeout to 2s from 60s, which should
help with timeout problems when booting.
Cherry-picked from e3654e8297
Related: rhbz#1770193
Nested virt is not reliable enough, especially on other arches, to rely
on for testing the created images. This moves the test code into
test_boot_* scripts to be run from inside the booted images.
It also adds copying the results of the build into
/var/tmp/test-results/, and includes the generated ssh key so that
whatever boots the image can also log in.
The tests/test_image.sh script has been added to handle running the
test_boot_* scripts without any of the extra lorax-composer specific
setup.
Cherry-picked from b8bf258a3c
Related: rhbz#1770193
This splits out the lorax-composer specific execution so that the built
image can be downloaded from the build vm and booted by the host instead
of using nested virt to try and boot it inside the build vm.
Also adds copying the ssh key from the build vm so that it can log into
the image and run the test_boot_* scripts.
Cherry-picked from df7a018ee2
Related: rhbz#1770193
- save compose logs under /var/log/$TEST
- save qemu logs under /var/log/$TEST/qemu.log
- download everything to $TEST_ATTACHMENTS so it can be saved
in CI results
Cherry-picked from 8af9723c
Related: rhbz#1770193
The function is meant to replace the duplicate pieces of code used in various
tests, the polling interval is unified to 20 seconds.
Cherry-picked from 836f0ddf
Related: rhbz#1770193
In py3 dicts are not predictable, make sure the keys are sorted so that
the tests are useful.
Use StringIO.StringIO instead of io.StringIO which requires unicode
text.
kickstart timezone.ntpservers is a set() so adjust the test for it.
Related: rhbz#1718473
composer-cli will now output information about changes to customizations
entries and the repos.git entries.
(cherry picked from commit 156ef0acfd)
Related: rhbz#1718473
This also includes extensive tests for each of the currently supported
customizations. It should be generic enough to continue working as long
as the list of dicts includes a 'name' or 'user' field in the dict.
Otherwise support for a new dict key will need to be added to the
customizations_diff function.
(cherry picked from commit 850c490b6e)
Related: rhbz#1718473
To maintain consistency with the other options this changes firewall to
combine the existing settings from the image template with the settings
from the blueprint.
Also updated the docs, added a new test for it, and sorted the output
for consistency.
(cherry picked from commit 3e08389a0f)
Related: rhbz#1718473
Make it clear that the services are added to services already listed in
the image templates, and that you can specify any systemd unit filename.
Older releases are more restrictive, and this documentation will need to
be updated when these changes are backported.
(cherry picked from commit 4f701e7e92)
Related: rhbz#1718473
Add support for enabling and disabling systemd services in the
blueprint. It works like this:
[customizations.services]
enabled = ["sshd", "cockpit.socket", "httpd"]
disabled = ["postfix", "telnetd"]
They are *added* to any existing settings in the kickstart templates.
(cherry picked from commit 1111aee92d)
Related: rhbz#1718473
You can now open ports in the firewall, using port numbers or service
names:
[customizations.firewall]
ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]
Or enable/disable services registered with firewalld:
[customizations.firewall.services]
enabled = ["ftp", "ntp", "dhcp"]
disabled = ["telnet"]
If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.
(cherry picked from commit 4d35668ab5)
Related: rhbz#1718473
You can now set the keyboard layout and language. Eg.
[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"
Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'
Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.
(cherry picked from commit e5a8700bdf)
Related: rhbz#1718473
For example:
[customizations.timezone]
timezone = "US/Samoa"
ntpservers = ["0.pool.ntp.org"]
Also includes tests.
This removes the timezone kickstart command from all of the templates
except for google.ks which needs to set it's own ntp servers and timezone.
If timezone isn't included in the blueprint, and it is not already in a
template, it will be set to 'timezone UTC' by default.
If timezone is set in a template it is left as-is, under the assumption
that the image type requires it to boot correctly.
(cherry picked from commit 9bdbb29662)
Related: rhbz#1718473
The goal here is to do the minimum needed to get the images setup for
use so they can have more complex customizations applied later.
I think this list is a pretty good minimal set of features without going
full kickstart.
(cherry picked from commit 95c288d829)
Related: rhbz#1718473
* If `$COCKPIT_BOTS_REF` is set, check out that bots version instead of
master.
* Use git cache in $XDG_CACHE_HOME if available. Our CI uses that to
save downloads, and it does not get in the way for local developers.
Adapted from https://github.com/cockpit-project/starter-kit/pull/233
Cherry-picked from master commit a2c67385e4.
export BLUEPRINTS_DIR for use in tests
Depending on the way the tests are run the directory may be a temporary
dir, or it may be the standard /var/lib/lorax/... path.
Related: rhbz#1749802
Skipping because:
larsu: I get `open failed: administratively prohibited: open failed`
larsu: ssh somehow disallows making a side channel for the forward
larsu: there's an option that controls it, but it's set to "yes"
larsu: I've straced the sshd, with no luck coming closer
We'll deal with this later, possibly together with the rest of
the skipped test cases.
Related: rhbz#1698366
- these files are executed under Python 3 while the linter
is Python 2 for RHEL 7 so we just ingore them
- also reverts the changes introduced to make these files Py2
compatible, making them the same as on master branch
Related: rhbz#1698366
this will report failing status in CI in case we have the
'Ran 0 tests in 46.486s' scenario.
Note: the check is placed after runner.run() to present the
message shown above which should make it more clear what went on.
Related: rhbz#1698366
0 run
The docker phase always failed because `-ti` was passed even though the
the output was not a terminal. Moreover docker service isn't running by
default on RHEL-7, so it's necessary to start it first explicitly.
Related: rhbz#1720224
These are used when running tests, so catch-up with changes in lorax.
Includes adding rootfs-size, extra kernel args, and using locking to
prevent temporary files from being deleted by systemd tmpfiles handling.
Related: rhbz#1668520
Related: rhbz#1715116
Related: rhbz#1689314
Because anaconda --dirinstall is used the kickstart's network like isn't
processed at all. So we need to remove the NetworkManager-server-config
package which disables networking.
Resolves: rhbz#1710877