Add support for enabling and disabling systemd services in the
blueprint. It works like this:
[customizations.services]
enabled = ["sshd", "cockpit.socket", "httpd"]
disabled = ["postfix", "telnetd"]
They are *added* to any existing settings in the kickstart templates.
(cherry picked from commit 1111aee92d)
Related: rhbz#1718473
You can now open ports in the firewall, using port numbers or service
names:
[customizations.firewall]
ports = ["22:tcp", "80:tcp", "imap:tcp", "53:tcp", "53:udp"]
Or enable/disable services registered with firewalld:
[customizations.firewall.services]
enabled = ["ftp", "ntp", "dhcp"]
disabled = ["telnet"]
If the template contains firewall --disabled it cannot be overridden,
under the assumption that it is required for the image to boot in the
selected environment.
(cherry picked from commit 4d35668ab5)
Related: rhbz#1718473
You can now set the keyboard layout and language. Eg.
[customizations.locale]
languages = ["en_CA.utf8", "en_HK.utf8"]
keyboard = "de (dvorak)"
Existing entries in the kickstart templates are replaced with the new
ones. If there are no entries then it will default to 'keyboard us' and
'lang en_US.UTF-8'
Includes tests, and leaves the existing keyboard and lang entries in the
templates with a note that they can be replaced by the blueprint.
(cherry picked from commit e5a8700bdf)
Related: rhbz#1718473
For example:
[customizations.timezone]
timezone = "US/Samoa"
ntpservers = ["0.pool.ntp.org"]
Also includes tests.
This removes the timezone kickstart command from all of the templates
except for google.ks which needs to set it's own ntp servers and timezone.
If timezone isn't included in the blueprint, and it is not already in a
template, it will be set to 'timezone UTC' by default.
If timezone is set in a template it is left as-is, under the assumption
that the image type requires it to boot correctly.
(cherry picked from commit 9bdbb29662)
Related: rhbz#1718473
export BLUEPRINTS_DIR for use in tests
Depending on the way the tests are run the directory may be a temporary
dir, or it may be the standard /var/lib/lorax/... path.
Related: rhbz#1749802
- these files are executed under Python 3 while the linter
is Python 2 for RHEL 7 so we just ingore them
- also reverts the changes introduced to make these files Py2
compatible, making them the same as on master branch
Related: rhbz#1698366
The docker phase always failed because `-ti` was passed even though the
the output was not a terminal. Moreover docker service isn't running by
default on RHEL-7, so it's necessary to start it first explicitly.
Related: rhbz#1720224
It's necessary to make sure the blueprints directory doesn't contain
the git/ directory before the tests are run, so that we can just simply
modify the blueprint files without using blueprints push.
Related: rhbz#1698366
`setup_tests()` expected BLUEPRINTS_DIR to be set, but it wasn't when
running in automated mode (with $CLI set).
Fix this and move share and blueprint dirs to function arguments.
Related: rhbz#1698366
the version coming from RPM is older and prevents installing
ansible[azure] via pip. OTOH removing with yum also removes
lorax-composer and breaks tests when running against the RPM
instead of git checkout (which will be the default with Cockpit CI).
Related: rhbz#1715003
- verify SemVer .patch number will be automatically updated when
we push the blueprint a second time without changing version
- verify show displays the content in TOML format and it matches
what is on disk. Because of that also start with empty packages
and groups fields in the initial toml. If they are missing they
will be added automatically by lorax-composer and this simplifies
the test
- verify delete works
Related: rhbz#1698366
Make sure this is really fixed by running the template tests with both
variations. NOTE: [customizations] is the correct form. An early
documentation bug led to both being accepted.
Related: rhbz#1688335
This allows iso builds to include the extra kernel boot parameters by
passing them to the arch-specific live/*tmpl template.
Also adds tests to make sure it is written to config.toml in the build
metadata.
Resolves: rhbz#1688335
Sometimes it is necessary to modify the kernel command-line of the
image, this adds support for a [customizations.kernel] section to the
blueprint:
[customizations.kernel]
append = "nosmt=force"
This will be appended to the kickstart's bootloader --append argument.
Includes tests for modifying the bootloader line, the kickstart
template, and examining the final-kickstart.ks created for a compose.
Related: rhbz#1688335
Reading a blueprint wasn't checking to see if it had been deleted so it
was returning the most recent commit before it had been deleted. This
allowed things like starting a compose with a blueprint that technically
doesn't exist.
One exception to this is the /changes/ route, it must be available so
that you can use the commit hash to undo a delete.
This also adds tests for the various operations.
(cherry picked from commit d32f477e0b)
Resolves: rhbz#1683442
The root account checks are applied to generated and deployed images
to make sure that root account is locked, except for live ISO.
Related: rhbz#1687595
Add the correct composer-cli command 'compose details' in places
where 'compose info' was still used on RHEL-7
(see commit 808454b561)
Related: rhbz#1687595
this will allow you to test against installed RPM like so:
# export CLI="/usr/bin/composer-cli"
# make test_images
If you already have lorax-composer running then you can directly
execute test scripts:
# ./tests/cli/test_build_and_deploy_aws.sh
Related: rhbz#1687595
- on some arches (also Fedora x86_64) systemd-nspawn may not be
available
- delete composes from other tests in rlPhaseStartCleanup because
we're seeing the tar compose kind of hanging in Jenkins and that
test script is executed last so the slave may be running out of
disk space. Be a good citizen and clean up after the previous
tests.
Related: rhbz#1656105
b/c we've migrated to Upshift we must use different instance type,
specify the desired network to connect to and update how we get
the ip address of the launched VM.
Related: rhbz#1656105
