From 9127d81e03aa8a82ae093050815b473d16034b0d Mon Sep 17 00:00:00 2001 From: Robert Fairley Date: Wed, 22 May 2019 11:20:09 -0400 Subject: [PATCH] Add afterburn-sshkeys@.service patches to enable the unit on supported platfoms only See upstream changes: https://github.com/coreos/afterburn/pull/217 Signed-off-by: Robert Fairley --- ...-sshkeys-unit-on-supported-platforms.patch | 32 +++++++++++++++++++ ...stemd-add-comment-to-sshkeys-service.patch | 25 +++++++++++++++ rust-afterburn.spec | 7 +++- 3 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 0002-systemd-enable-sshkeys-unit-on-supported-platforms.patch create mode 100644 0003-systemd-add-comment-to-sshkeys-service.patch diff --git a/0002-systemd-enable-sshkeys-unit-on-supported-platforms.patch b/0002-systemd-enable-sshkeys-unit-on-supported-platforms.patch new file mode 100644 index 0000000..aa489fb --- /dev/null +++ b/0002-systemd-enable-sshkeys-unit-on-supported-platforms.patch @@ -0,0 +1,32 @@ +From 25ed3f304937ef502cf0a2562f108511f927b70f Mon Sep 17 00:00:00 2001 +From: Robert Fairley +Date: Tue, 14 May 2019 17:22:14 -0400 +Subject: [PATCH] systemd: enable sshkeys unit on supported platforms + +Add `ConditionKernelCommandLine` triggering conditions so that +the `afterburn-sshkeys@.service` unit is enabled on supported +platforms only. + +Note this only adds conditions for platforms where the cloud +metadata provider is also identified through `ignition.platform.id`. + +Part of: https://github.com/coreos/fedora-coreos-tracker/issues/4 +--- + systemd/afterburn-sshkeys@.service.in | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/systemd/afterburn-sshkeys@.service.in b/systemd/afterburn-sshkeys@.service.in +index 3bc8ff4..f0677e0 100644 +--- a/systemd/afterburn-sshkeys@.service.in ++++ b/systemd/afterburn-sshkeys@.service.in +@@ -1,5 +1,10 @@ + [Unit] + Description=Afterburn (SSH Keys) ++ConditionKernelCommandLine=|ignition.platform.id=aws ++ConditionKernelCommandLine=|ignition.platform.id=azure ++ConditionKernelCommandLine=|ignition.platform.id=digitalocean ++ConditionKernelCommandLine=|ignition.platform.id=gcp ++ConditionKernelCommandLine=|ignition.platform.id=packet + + [Service] + Type=oneshot diff --git a/0003-systemd-add-comment-to-sshkeys-service.patch b/0003-systemd-add-comment-to-sshkeys-service.patch new file mode 100644 index 0000000..eefb260 --- /dev/null +++ b/0003-systemd-add-comment-to-sshkeys-service.patch @@ -0,0 +1,25 @@ +From 97e21b89edc80d52f2ddf0f34890752e0ab1c4b4 Mon Sep 17 00:00:00 2001 +From: Jonathan Lebon +Date: Fri, 17 May 2019 12:05:04 -0400 +Subject: [PATCH] systemd: add comment to sshkeys@.service + +This should help readers trying to piece together how SSH key +provisioning is wired up. +--- + systemd/afterburn-sshkeys@.service.in | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/systemd/afterburn-sshkeys@.service.in b/systemd/afterburn-sshkeys@.service.in +index f0677e0..f5a94d6 100644 +--- a/systemd/afterburn-sshkeys@.service.in ++++ b/systemd/afterburn-sshkeys@.service.in +@@ -1,5 +1,9 @@ + [Unit] + Description=Afterburn (SSH Keys) ++# Platforms which support SSH keys and provide a consistent source of metadata. ++# Platforms which support SSH keys but require selecting from multiple metadata ++# sources are not listed here; for those platforms, CT writes a drop-in which ++# adds the appropriate triggering condition and sets AFTERBURN_OPT_PROVIDER. + ConditionKernelCommandLine=|ignition.platform.id=aws + ConditionKernelCommandLine=|ignition.platform.id=azure + ConditionKernelCommandLine=|ignition.platform.id=digitalocean diff --git a/rust-afterburn.spec b/rust-afterburn.spec index 1ac22cf..01b935b 100644 --- a/rust-afterburn.spec +++ b/rust-afterburn.spec @@ -5,7 +5,7 @@ Name: rust-%{crate} Version: 4.1.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Simple cloud provider agent # Upstream license specification: Apache-2.0 @@ -18,6 +18,8 @@ Source: %{crates_source} Patch0: afterburn-fix-metadata.diff # Finish splitting pnet_* Patch0001: 0001-Use-pnet_-subcrates.patch +Patch0002: 0002-systemd-enable-sshkeys-unit-on-supported-platforms.patch +Patch0003: 0003-systemd-add-comment-to-sshkeys-service.patch ExclusiveArch: %{rust_arches} @@ -115,5 +117,8 @@ sed -e 's,@DEFAULT_INSTANCE@,core,' < \ %endif %changelog +* Wed May 22 17:17:00 CEST 2019 Robert Fairley - 4.1.0-2 +- Add afterburn-sshkeys@.service patches to enable the unit on supported platfoms only + * Sat Apr 27 09:55:54 CEST 2019 Igor Gnatenko - 4.1.0-1 - Initial package