mirror of
https://github.com/coreos/fedora-coreos-config.git
synced 2026-02-05 09:45:30 +01:00
tree: import changes from testing-devel at eb3d40da8c
This commit is contained in:
CoreOS Bot
@@ -1,7 +1,7 @@
|
||||
These files will be copied to the target live ISO
|
||||
via the CoreOS Assembler buildextend-live call. It
|
||||
picks up all files in the coreos/fedora-coreos-config/live/
|
||||
directory and copies them to the base of the ISO.
|
||||
directory and copies them to the base of the ISO.
|
||||
|
||||
Files currently copied are:
|
||||
|
||||
@@ -10,4 +10,4 @@ Files currently copied are:
|
||||
|
||||
Files that get copied into efiboot.img in the ISO:
|
||||
|
||||
- EFI/grub.cfg
|
||||
- EFI/grub.cfg
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# Note this file mostly matches the isolinux.cfg file from the Fedora
|
||||
# Note this file mostly matches the isolinux.cfg file from the Fedora
|
||||
# Server DVD iso. Diff this file with that file in the future to pick up
|
||||
# changes.
|
||||
serial 0
|
||||
|
||||
@@ -173,7 +173,7 @@ packages:
|
||||
# Anyways, it was requested by the Red Hat perf team for RHCOS, so we have it here.
|
||||
# https://serverfault.com/questions/513807/is-there-still-a-use-for-irqbalance-on-modern-hardware
|
||||
# https://access.redhat.com/solutions/41535
|
||||
#
|
||||
#
|
||||
# Include the qemu-user-static-x86 package on aarch64 and s390x FCOS images
|
||||
# to allow access to the large inventory of containers only built for x86_64.
|
||||
# https://github.com/coreos/fedora-coreos-tracker/issues/1237
|
||||
|
||||
@@ -107,7 +107,7 @@ postprocess:
|
||||
'/usr/lib/.build-id/'
|
||||
)
|
||||
|
||||
# It is not possible to remove files from usr after first boot so that is
|
||||
# It is not possible to remove files from usr after first boot so that is
|
||||
# why we are removing them in the postprocess scripts here.
|
||||
# The .build-id links are pointing to binaries that we remove in other parts of the FCOS manifest.
|
||||
list_known_removed_folders=(
|
||||
|
||||
@@ -7,7 +7,7 @@ packages:
|
||||
- NetworkManager hostname
|
||||
# Interactive Networking configuration during coreos-install
|
||||
- NetworkManager-tui
|
||||
# Teaming https://github.com/coreos/fedora-coreos-config/pull/289
|
||||
# Teaming https://github.com/coreos/fedora-coreos-config/pull/289
|
||||
# and http://bugzilla.redhat.com/1758162
|
||||
- NetworkManager-team teamd
|
||||
# Support for cloud quirks and dynamic config in real rootfs:
|
||||
|
||||
@@ -6,7 +6,7 @@
|
||||
container-cmd:
|
||||
- /usr/bin/bash
|
||||
|
||||
# These packages are either widely used utilities/services or
|
||||
# These packages are either widely used utilities/services or
|
||||
# are targeted for improving the general CoreOS user experience.
|
||||
# It is intended to be kept generic so that it may be shared downstream with
|
||||
# RHCOS.
|
||||
|
||||
@@ -4,17 +4,17 @@ ConditionPathExists=/etc/initrd-release
|
||||
ConditionPathExists=/run/coreos-kargs-reboot
|
||||
DefaultDependencies=false
|
||||
Before=ignition-complete.target
|
||||
|
||||
|
||||
# This runs after ignition-kargs & before ignition-disks so that it can optionally reboot
|
||||
# if kargs were modified via Ignition. This is done in a two-stage fashion so that other
|
||||
# mechanisms which may want to reboot (e.x. FIPS) can also hook in here and only reboot
|
||||
# once from the initrd.
|
||||
After=ignition-kargs.service
|
||||
Before=ignition-disks.service
|
||||
|
||||
|
||||
OnFailure=emergency.target
|
||||
OnFailureJobMode=isolate
|
||||
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
RemainAfterExit=yes
|
||||
|
||||
@@ -7,7 +7,7 @@ arch=$(uname -p)
|
||||
# Butane sugar will tell ignition to mount /boot to /sysroot/boot. We can simply check if
|
||||
# the file exists to see whether the check needs to be performed.
|
||||
# It is possible that the user creates a config, which will mount /boot at a different path
|
||||
# but that case is not officially supported.
|
||||
# but that case is not officially supported.
|
||||
if [ -f /sysroot/boot/grub2/user.cfg ]; then
|
||||
# s390x does not use GRUB, ppcle64 uses petitboot with a GRUB config parser which does not support passwords
|
||||
# So in both these cases, GRUB password is not supported
|
||||
|
||||
@@ -45,7 +45,7 @@ install() {
|
||||
|
||||
inst_script "$moddir/coreos-post-ignition-checks.sh" \
|
||||
"/usr/sbin/coreos-post-ignition-checks"
|
||||
|
||||
|
||||
install_ignition_unit coreos-post-ignition-checks.service
|
||||
|
||||
# For consistency tear down the network and persist multipath between the initramfs and
|
||||
|
||||
@@ -19,7 +19,7 @@ _wait_for_journalctl_to_stop() {
|
||||
done
|
||||
}
|
||||
|
||||
_display_relevant_errors() {
|
||||
_display_relevant_errors() {
|
||||
failed=$(systemctl --failed --no-legend --plain | cut -f 1 -d ' ')
|
||||
if [ -n "${failed}" ]; then
|
||||
# Something failed, suppress kernel logs so that it's more likely
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
[Journal]
|
||||
# For now we are using kmsg for multiplexing output to
|
||||
# multiple console devices during early boot.
|
||||
#
|
||||
#
|
||||
# We do not want to use kmsg in the future as there may be sensitive
|
||||
# ignition data that leaks to non-root users (by reading the kernel
|
||||
# ring buffer using `dmesg`). In the future we will rely on kernel
|
||||
# console multiplexing (link below) for this and will not use kmsg.
|
||||
#
|
||||
#
|
||||
# https://github.com/coreos/fedora-coreos-tracker/issues/136
|
||||
ForwardToKMsg=yes
|
||||
MaxLevelKMsg=info
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# This service writes issue files describing status
|
||||
# information about the Ignition run, which includes
|
||||
# Ignition warnings and information if no Ignition
|
||||
# This service writes issue files describing status
|
||||
# information about the Ignition run, which includes
|
||||
# Ignition warnings and information if no Ignition
|
||||
# config is provided.
|
||||
[Unit]
|
||||
Description=Create Ignition Status Issue Files
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# https://github.com/coreos/coreos-installer/commit/15a79263d0bd5d72056a6080f6687dc10cba2dda
|
||||
# https://github.com/systemd/systemd/pull/10397
|
||||
# We want things like `systemd.unit=emergency.target` and `single` on the
|
||||
# We want things like `systemd.unit=emergency.target` and `single` on the
|
||||
# kernel command line to just work even with our locked root account.
|
||||
# This file is used as an override for both emergency.target and rescue.target.
|
||||
[Service]
|
||||
|
||||
@@ -21,32 +21,32 @@ if [ $(cat /proc/sys/kernel/random/boot_id) = "${ignitionBoot}" ]; then
|
||||
cat << EOF > /etc/issue.d/30_coreos_ignition_run_more_than_once.issue
|
||||
${WARN}
|
||||
############################################################################
|
||||
WARNING: Ignition previously ran on ${prevdate}. Unexpected
|
||||
WARNING: Ignition previously ran on ${prevdate}. Unexpected
|
||||
behavior may occur. Ignition is not designed to run more than once per system.
|
||||
############################################################################
|
||||
${RESET}
|
||||
EOF
|
||||
fi
|
||||
# In Ignition, we've two config validation checks, the one after
|
||||
# fetching a config and the second after merging configs. Sometimes,
|
||||
# a warning goes away after merging, however, it's possible that a
|
||||
# warning appears in case merging creates a contradiction between
|
||||
# two fields. So this workflow eventually sends duplicate warnings
|
||||
# in journal entries. Hence, we need to avoid displaying duplicate
|
||||
# In Ignition, we've two config validation checks, the one after
|
||||
# fetching a config and the second after merging configs. Sometimes,
|
||||
# a warning goes away after merging, however, it's possible that a
|
||||
# warning appears in case merging creates a contradiction between
|
||||
# two fields. So this workflow eventually sends duplicate warnings
|
||||
# in journal entries. Hence, we need to avoid displaying duplicate
|
||||
# Ignition warnings on the console.
|
||||
# For e.g. In the journal entries, we might see the following logs:
|
||||
#
|
||||
# warning at $.systemd.units.0.contents, line 1 col 997: unit "echo@.service" is enabled, but has no install section so enable does nothing
|
||||
# warning at $.systemd.units.0.contents, line 1 col 997: unit "echo@.service" is enabled, but has no install section so enable does nothing
|
||||
# warning at $.systemd.units.0.contents: unit "echo@.service" is enabled, but has no install section so enable does nothing
|
||||
#
|
||||
# In order to normalize these logs, we'd need to get rid of the line
|
||||
# and column numbers entirely using the sed command, and then use
|
||||
# `sort -u` to remove duplicate content. After this, we'd see the
|
||||
#
|
||||
# In order to normalize these logs, we'd need to get rid of the line
|
||||
# and column numbers entirely using the sed command, and then use
|
||||
# `sort -u` to remove duplicate content. After this, we'd see the
|
||||
# following warning on the console:
|
||||
#
|
||||
# warning at $.systemd.units.0.contents: unit "echo@.service" is enabled, but has no install section so enable does nothing
|
||||
#
|
||||
# TODO: find a way to query journal entries recorded before the
|
||||
# TODO: find a way to query journal entries recorded before the
|
||||
# system switches to real root
|
||||
journalctl -t ignition -o cat -p warning | sed -r 's/, line [0-9]+ col [0-9]+//g' | sort -u | while read line; do
|
||||
echo -e "${WARN}Ignition: $line${RESET}" >> /etc/issue.d/30_coreos_ignition_warnings.issue
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
# Stop NetworkManager from trying to load the ifcfg-rh plugin by default,
|
||||
# which we don't ship. This actually disables all default plugins, of which
|
||||
# ifcfg-rh is currently the only one.
|
||||
# ifcfg-rh is currently the only one.
|
||||
#
|
||||
# Note that we must do this for now because `-=` syntax doesn't work
|
||||
# with compiled-in defaults. Proposed upstream fix:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# This service is used for printing a message if no ssh keys were added
|
||||
# This service is used for printing a message if no ssh keys were added
|
||||
# by Ignition/Afterburn
|
||||
[Unit]
|
||||
Description=Check that ssh-keys are added by Afterburn/Ignition
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
#!/usr/bin/bash
|
||||
# This script will print a message in the serial console
|
||||
# This script will print a message in the serial console
|
||||
# if no ssh keys were added by Ignition/Afterburn.
|
||||
main() {
|
||||
# Change the output color to yellow
|
||||
@@ -7,8 +7,8 @@ main() {
|
||||
# No color
|
||||
nc='\033[0m'
|
||||
|
||||
# See https://github.com/coreos/ignition/pull/964 for the MESSAGE_ID
|
||||
# source. It will track the authorized-ssh-keys entries in journald
|
||||
# See https://github.com/coreos/ignition/pull/964 for the MESSAGE_ID
|
||||
# source. It will track the authorized-ssh-keys entries in journald
|
||||
# provided via Ignition. Limit journal output to the most recent boot
|
||||
# so we don't get output from re-used /var/ partitions.
|
||||
ignitionusers=$(
|
||||
@@ -16,8 +16,8 @@ main() {
|
||||
jq -r '.MESSAGE' | \
|
||||
xargs -I{} echo "Ignition: {}")
|
||||
|
||||
# See https://github.com/coreos/afterburn/pull/397 for the MESSAGE_ID
|
||||
# source. It will track the authorized-ssh-keys entries in journald
|
||||
# See https://github.com/coreos/afterburn/pull/397 for the MESSAGE_ID
|
||||
# source. It will track the authorized-ssh-keys entries in journald
|
||||
# provided via Afterburn.Limit journal output to the most recent boot
|
||||
# so we don't get output from re-used /var/ partitions.
|
||||
|
||||
|
||||
@@ -1,9 +1,9 @@
|
||||
#!/bin/bash
|
||||
# kola: { "tags": "needs-internet", "platforms": "qemu-unpriv", "timeoutMin": 15, "minMemory": 1536 }
|
||||
# This script creates two veth interfaces i.e. one for the host machine
|
||||
# This script creates two veth interfaces i.e. one for the host machine
|
||||
# and other for the container(dnsmasq server). This setup will be helpful
|
||||
# to verify the DHCP propagation of NTP servers. This will also avoid any
|
||||
# regression that might cause in RHCOS or FCOS when the upstream changes
|
||||
# to verify the DHCP propagation of NTP servers. This will also avoid any
|
||||
# regression that might cause in RHCOS or FCOS when the upstream changes
|
||||
# come down and obsolete the temporary work (https://github.com/coreos/fedora-coreos-config/pull/412)
|
||||
#
|
||||
# - tags: needs-internet
|
||||
|
||||
@@ -2,7 +2,7 @@ variant: fcos
|
||||
version: 1.1.0
|
||||
systemd:
|
||||
# This systemd unit doesn't have the Install
|
||||
# section in it, so as part of the validation
|
||||
# section in it, so as part of the validation
|
||||
# step, Ignition will throw the following warning:
|
||||
# 'warning at $.systemd.units.0.contents: unit "echo@.service" is enabled, but has no install section so enable does nothing'
|
||||
units:
|
||||
|
||||
@@ -1,27 +1,30 @@
|
||||
#!/bin/bash
|
||||
# kola: { "exclusive": false }
|
||||
|
||||
# This test runs on both, FCOS&RHCOS. The initrd includes specific files which,
|
||||
# This test runs on both, FCOS&RHCOS. The initrd includes specific files which,
|
||||
# if omitted from the image will cause some failures with certain ingnition
|
||||
# configurations. This test doesnt assert the functionality of any files, it
|
||||
# simply gives a high level check to see if the files are available.
|
||||
# simply gives a high level check to see if the files are available.
|
||||
# See https://github.com/coreos/fedora-coreos-config/issues/1775
|
||||
|
||||
set -xeuo pipefail
|
||||
|
||||
. $KOLA_EXT_DATA/commonlib.sh
|
||||
|
||||
|
||||
required_initrd_files=(
|
||||
"/usr/lib/udev/rules.d/66-azure-storage.rules"
|
||||
"/usr/lib/udev/rules.d/99-azure-product-uuid.rules"
|
||||
)
|
||||
|
||||
tmpd=$(mktemp -d)
|
||||
trap "rm -r ${tmpd}" EXIT
|
||||
cleanup() {
|
||||
rm -r "${tmpd}"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
( cd "${tmpd}" && lsinitrd --unpack /boot/ostree/*/init* )
|
||||
|
||||
for file in ${required_initrd_files[@]}; do
|
||||
if [ ! -e "${tmpd}/${file}" ]; then
|
||||
for file in "${required_initrd_files[@]}"; do
|
||||
if [ ! -e "${tmpd}/${file}" ]; then
|
||||
fatal "${file} was not found in initrd"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -217,7 +217,7 @@ if [ "$ID" == "fedora" ]; then
|
||||
elif [[ "${ID_LIKE}" =~ "rhel" ]]; then
|
||||
# For the version comparison use string substitution to remove the
|
||||
# '.` from the version so we can use integer comparison
|
||||
|
||||
|
||||
# scos includes NetworkManager-1.39.10-1.el9.x86_64, update scripts
|
||||
# according to F37
|
||||
if is_scos; then
|
||||
|
||||
@@ -37,10 +37,10 @@ runascoreuser() {
|
||||
main() {
|
||||
echo "$runascoreuserscript" > /tmp/runascoreuserscript
|
||||
chmod +x /tmp/runascoreuserscript
|
||||
if ! runascoreuser /tmp/runascoreuserscript ; then
|
||||
fatal "DNS in rootless podman testnetwork failed. Test Fails"
|
||||
else
|
||||
ok "DNS in rootless podman testnetwork Suceeded. Test Passes"
|
||||
if ! runascoreuser /tmp/runascoreuserscript ; then
|
||||
fatal "DNS in rootless podman testnetwork failed. Test Fails"
|
||||
else
|
||||
ok "DNS in rootless podman testnetwork Suceeded. Test Passes"
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@@ -31,7 +31,15 @@ else
|
||||
# check for the UUID dropins
|
||||
[ -f /boot/grub2/bootuuid.cfg ]
|
||||
mount -o ro /dev/disk/by-label/EFI-SYSTEM /boot/efi
|
||||
[ -f /boot/efi/EFI/*/bootuuid.cfg ]
|
||||
found_bootuuid="false"
|
||||
for f in /boot/efi/EFI/*/bootuuid.cfg; do
|
||||
if [ -f "$f" ]; then
|
||||
found_bootuuid="true"
|
||||
fi
|
||||
done
|
||||
if [[ "${found_bootuuid}" == "false" ]]; then
|
||||
fatal "No /boot/efi/EFI/*/bootuuid.cfg found"
|
||||
fi
|
||||
umount /boot/efi
|
||||
fi
|
||||
|
||||
@@ -43,12 +51,12 @@ case "${AUTOPKGTEST_REBOOT_MARK:-}" in
|
||||
|
||||
rebooted)
|
||||
# check for expected default kargs
|
||||
grep root=UUID=$(cat /boot/.root_uuid) /proc/cmdline
|
||||
grep root=UUID="$(cat /boot/.root_uuid)" /proc/cmdline
|
||||
ok "found root karg"
|
||||
|
||||
bootsrc=$(findmnt -nvr /boot -o SOURCE)
|
||||
eval $(blkid -o export "${bootsrc}")
|
||||
grep boot=UUID=${UUID} /proc/cmdline
|
||||
grep boot=UUID="${UUID}" /proc/cmdline
|
||||
ok "found boot karg"
|
||||
|
||||
ok "second boot"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
#!/bin/bash
|
||||
set -xeuo pipefail
|
||||
# This is to verify udev rules /dev/disk/by-id/scsi-*
|
||||
# This is to verify udev rules /dev/disk/by-id/scsi-*
|
||||
# symlinks present in initramfs
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1990506
|
||||
|
||||
|
||||
@@ -313,7 +313,7 @@ butane_dhcpvlanbond='
|
||||
|
||||
check_requirement() {
|
||||
req=$1
|
||||
if ! which $req &>/dev/null; then
|
||||
if ! which "$req" &>/dev/null; then
|
||||
echo "No $req. Can't continue" 1>&2
|
||||
return 1
|
||||
fi
|
||||
@@ -332,8 +332,8 @@ check_requirements() {
|
||||
virt-install
|
||||
virt-ls
|
||||
)
|
||||
for req in ${reqs[@]}; do
|
||||
check_requirement $req
|
||||
for req in "${reqs[@]}"; do
|
||||
check_requirement "$req"
|
||||
done
|
||||
}
|
||||
|
||||
@@ -343,11 +343,11 @@ start_vm() {
|
||||
local ignitionfile=$1; shift
|
||||
local kernel=$1; shift
|
||||
local initramfs=$1; shift
|
||||
local kernel_args=$@
|
||||
local kernel_args=$*
|
||||
virt-install --name $vmname --ram 3096 --vcpus 2 --graphics=none \
|
||||
--quiet --network bridge=virbr0 --network bridge=virbr0 \
|
||||
--disk size=20,backing_store=${disk} \
|
||||
--install kernel=${kernel},initrd=${initramfs},kernel_args_overwrite=yes,kernel_args="${kernel_args}" \
|
||||
--disk size=20,backing_store="${disk}" \
|
||||
--install kernel="${kernel}",initrd="${initramfs}",kernel_args_overwrite=yes,kernel_args="${kernel_args}" \
|
||||
--qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=$ignitionfile"
|
||||
}
|
||||
|
||||
@@ -365,8 +365,8 @@ create_ignition_file() {
|
||||
local ignitionfile=$2
|
||||
# uncomment and use ign-converter instead if on rhcos less than 4.6
|
||||
#echo "$butaneconfig" | butane --strict | ign-converter -downtranslate -output $ignitionfile
|
||||
echo "$butaneconfig" | butane --strict --output $ignitionfile
|
||||
chcon --verbose unconfined_u:object_r:svirt_home_t:s0 $ignitionfile &>/dev/null
|
||||
echo "$butaneconfig" | butane --strict --output "$ignitionfile"
|
||||
chcon --verbose unconfined_u:object_r:svirt_home_t:s0 "$ignitionfile" &>/dev/null
|
||||
}
|
||||
|
||||
main() {
|
||||
@@ -392,11 +392,11 @@ main() {
|
||||
local ignitionfile="${PWD}/coreos-nettest-config.ign"
|
||||
local sshpubkey
|
||||
local butane
|
||||
|
||||
|
||||
check_requirements
|
||||
|
||||
# Find out which partition is the boot partition
|
||||
partition=$(guestfish --ro -a $qcow <<EOF
|
||||
partition=$(guestfish --ro -a "$qcow" <<EOF
|
||||
run
|
||||
findfs-label boot
|
||||
exit
|
||||
@@ -404,17 +404,17 @@ EOF
|
||||
)
|
||||
|
||||
# Grab kernel/initramfs from the disk
|
||||
files=$(virt-ls -a $qcow -m $partition -R /ostree/)
|
||||
files=$(virt-ls -a "$qcow" -m "$partition" -R /ostree/)
|
||||
for f in $files; do
|
||||
if [[ "${f}" =~ hmac$ ]]; then
|
||||
# ignore .vmlinuz-5.5.9-200.fc31.x86_64.hmac
|
||||
true
|
||||
elif [[ "${f}" =~ img$ ]]; then
|
||||
# grab initramfs in the form initramfs-5.5.9-200.fc31.x86_64.img
|
||||
virt-cat -a $qcow -m $partition "/ostree/${f}" > $initramfs
|
||||
virt-cat -a "$qcow" -m "$partition" "/ostree/${f}" > "$initramfs"
|
||||
elif [[ "${f}" =~ '/vmlinuz' ]]; then
|
||||
# grab kernel in the form vmlinuz-5.5.9-200.fc31.x86_64
|
||||
virt-cat -a $qcow -m $partition "/ostree/${f}" > $kernel
|
||||
virt-cat -a "$qcow" -m "$partition" "/ostree/${f}" > "$kernel"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -435,7 +435,7 @@ EOF
|
||||
# Grab kernel arguments from the disk and use them
|
||||
# - strip `options ` from the front of the line
|
||||
# - strip `$ignition_firstboot`
|
||||
common_args=$(virt-cat -a $qcow -m $partition "/loader.1/entries/${bls_file}" | \
|
||||
common_args=$(virt-cat -a "$qcow" -m "$partition" "/loader.1/entries/${bls_file}" | \
|
||||
grep -P '^options' | \
|
||||
sed -e 's/options //' | \
|
||||
sed -e 's/$ignition_firstboot//')
|
||||
@@ -512,7 +512,7 @@ EOF
|
||||
)
|
||||
|
||||
create_ignition_file "$butane_none" $ignitionfile
|
||||
for net in ${loopitems[@]}; do
|
||||
for net in "${loopitems[@]}"; do
|
||||
var="initramfs_${net}"
|
||||
kernel_args=${!var}
|
||||
var="butane_initramfs_${net}"
|
||||
@@ -522,7 +522,7 @@ EOF
|
||||
destroy_vm
|
||||
done
|
||||
|
||||
for net in ${loopitems[@]}; do
|
||||
for net in "${loopitems[@]}"; do
|
||||
var="butane_${net}"
|
||||
butaneconfig=${!var}
|
||||
kernel_args=${common_args}
|
||||
@@ -539,5 +539,5 @@ EOF
|
||||
}
|
||||
|
||||
|
||||
main $@
|
||||
main "$@"
|
||||
|
||||
|
||||
@@ -238,7 +238,7 @@ butane_static_br0='
|
||||
|
||||
check_requirement() {
|
||||
req=$1
|
||||
if ! which $req &>/dev/null; then
|
||||
if ! which "$req" &>/dev/null; then
|
||||
echo "No $req. Can't continue" 1>&2
|
||||
return 1
|
||||
fi
|
||||
@@ -257,8 +257,8 @@ check_requirements() {
|
||||
virt-install
|
||||
virt-ls
|
||||
)
|
||||
for req in ${reqs[@]}; do
|
||||
check_requirement $req
|
||||
for req in "${reqs[@]}"; do
|
||||
check_requirement "$req"
|
||||
done
|
||||
}
|
||||
|
||||
@@ -268,11 +268,11 @@ start_vm() {
|
||||
local ignitionfile=$1; shift
|
||||
local kernel=$1; shift
|
||||
local initramfs=$1; shift
|
||||
local kernel_args=$@
|
||||
local kernel_args=$*
|
||||
virt-install --name $vmname --ram 3096 --vcpus 2 --graphics=none --noautoconsole \
|
||||
--quiet --network bridge=virbr0 --network bridge=virbr0 \
|
||||
--disk size=20,backing_store=${disk} \
|
||||
--install kernel=${kernel},initrd=${initramfs},kernel_args_overwrite=yes,kernel_args="${kernel_args}" \
|
||||
--disk size=20,backing_store="${disk}" \
|
||||
--install kernel="${kernel}",initrd="${initramfs}",kernel_args_overwrite=yes,kernel_args="${kernel_args}" \
|
||||
--qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=$ignitionfile"
|
||||
}
|
||||
|
||||
@@ -290,7 +290,7 @@ check_vm() {
|
||||
ssh_config+=' -o StrictHostKeyChecking=no'
|
||||
ssh_config+=" -i $sshkeyfile"
|
||||
|
||||
if [ $dhcp == 'dhcp' ]; then
|
||||
if [ "$dhcp" == 'dhcp' ]; then
|
||||
macinfo=$(virsh dumpxml $vmname | grep 'mac address' | head -n 1)
|
||||
macregex='(..:..:..:..:..:..)'
|
||||
if ! [[ $macinfo =~ $macregex ]]; then
|
||||
@@ -379,7 +379,7 @@ check_vm() {
|
||||
# verify that the right number of NetworkManager keyfiles got created
|
||||
# use `echo -n | wc -l` so we can properly detect 0. Wasn't working
|
||||
# with `wc -l <<< $keyfiles`.
|
||||
if [ ${detectedkeyfiles} != ${numkeyfiles} ]; then
|
||||
if [ "${detectedkeyfiles}" != "${numkeyfiles}" ]; then
|
||||
rc=1
|
||||
echo "ERROR: Expected ${numkeyfiles} NM keyfiles, found ${detectedkeyfiles}" 1>&2
|
||||
fi
|
||||
@@ -390,38 +390,38 @@ check_vm() {
|
||||
else
|
||||
nameserverinfo="$resolvedotconf"
|
||||
fi
|
||||
if ! grep $nameserver &>/dev/null <<< "$nameserverinfo"; then
|
||||
if ! grep "$nameserver" &>/dev/null <<< "$nameserverinfo"; then
|
||||
rc=1
|
||||
echo "ERROR: Nameserver information was not what was expected" 1>&2
|
||||
fi
|
||||
|
||||
# verify that there are the right number of ipv4 devices "up"
|
||||
if [ $(jq length <<< $ipinfo) != "$((interfaces+1))" ]; then
|
||||
if [ "$(jq length <<< "$ipinfo")" != "$((interfaces+1))" ]; then
|
||||
rc=1
|
||||
echo "ERROR: More interfaces up than expected" 1>&2
|
||||
echo "ERROR: More interfaces up than expected" 1>&2
|
||||
fi
|
||||
# verify that the first one in loopback
|
||||
if [ $(jq -r .[0].addr_info[0].dev <<< $ipinfo) != 'lo' ]; then
|
||||
if [ "$(jq -r .[0].addr_info[0].dev <<< "$ipinfo")" != 'lo' ]; then
|
||||
rc=1
|
||||
echo "ERROR: The first active interface is not 'lo'" 1>&2
|
||||
echo "ERROR: The first active interface is not 'lo'" 1>&2
|
||||
fi
|
||||
# verify that the second one is the expected device
|
||||
if [ $(jq -r .[1].addr_info[0].dev <<< $ipinfo) != "${dev}" ]; then
|
||||
if [ "$(jq -r .[1].addr_info[0].dev <<< "$ipinfo")" != "${dev}" ]; then
|
||||
rc=1
|
||||
echo "ERROR: The second active interface is not ${dev}" 1>&2
|
||||
echo "ERROR: The second active interface is not ${dev}" 1>&2
|
||||
fi
|
||||
# verify that the second one has the IP we assigned
|
||||
if [ $(jq -r .[1].addr_info[0].local <<< $ipinfo) != "${ip}" ]; then
|
||||
if [ "$(jq -r .[1].addr_info[0].local <<< "$ipinfo")" != "${ip}" ]; then
|
||||
rc=1
|
||||
echo "ERROR: The second active interface does not have expected ip" 1>&2
|
||||
echo "ERROR: The second active interface does not have expected ip" 1>&2
|
||||
fi
|
||||
|
||||
if [ "$rc" != '0' ]; then
|
||||
echo "$hostnameinfo"
|
||||
echo "$nameserverinfo"
|
||||
echo "$keyfiles"
|
||||
jq -r .[].addr_info[].dev 1>&2 <<< $ipinfo
|
||||
jq -r .[].addr_info[].local 1>&2 <<< $ipinfo
|
||||
jq -r .[].addr_info[].dev 1>&2 <<< "$ipinfo"
|
||||
jq -r .[].addr_info[].local 1>&2 <<< "$ipinfo"
|
||||
true
|
||||
else
|
||||
echo "Check for ${hostname} + dns:${nameserver} + ${dev}/${ip} passed!"
|
||||
@@ -452,8 +452,8 @@ create_ignition_file() {
|
||||
local ignitionfile=$2
|
||||
# uncomment and use ign-converter instead if on rhcos less than 4.6
|
||||
#echo "$butaneconfig" | butane --strict | ign-converter -downtranslate -output $ignitionfile
|
||||
echo "$butaneconfig" | butane --strict --output $ignitionfile
|
||||
chcon --verbose unconfined_u:object_r:svirt_home_t:s0 $ignitionfile &>/dev/null
|
||||
echo "$butaneconfig" | butane --strict --output "$ignitionfile"
|
||||
chcon --verbose unconfined_u:object_r:svirt_home_t:s0 "$ignitionfile" &>/dev/null
|
||||
}
|
||||
|
||||
|
||||
@@ -473,16 +473,16 @@ main() {
|
||||
local ignitionfile="${PWD}/coreos-nettest-config.ign"
|
||||
local sshpubkey
|
||||
local butane
|
||||
|
||||
|
||||
check_requirements
|
||||
|
||||
# generate an ssh key to use:
|
||||
rm -f $sshkeyfile $sshpubkeyfile
|
||||
ssh-keygen -N '' -C '' -f $sshkeyfile &>/dev/null
|
||||
sshpubkey=$(cat $sshpubkeyfile)
|
||||
rm -f "$sshkeyfile" "$sshpubkeyfile"
|
||||
ssh-keygen -N '' -C '' -f "$sshkeyfile" &>/dev/null
|
||||
sshpubkey="$(cat "$sshpubkeyfile")"
|
||||
|
||||
# Find out which partition is the boot partition
|
||||
partition=$(guestfish --ro -a $qcow <<EOF
|
||||
partition=$(guestfish --ro -a "$qcow" <<EOF
|
||||
run
|
||||
findfs-label boot
|
||||
exit
|
||||
@@ -490,17 +490,17 @@ EOF
|
||||
)
|
||||
|
||||
# Grab kernel/initramfs from the disk
|
||||
files=$(virt-ls -a $qcow -m $partition -R /ostree/)
|
||||
files=$(virt-ls -a "$qcow" -m "$partition" -R /ostree/)
|
||||
for f in $files; do
|
||||
if [[ "${f}" =~ hmac$ ]]; then
|
||||
# ignore .vmlinuz-5.5.9-200.fc31.x86_64.hmac
|
||||
true
|
||||
elif [[ "${f}" =~ img$ ]]; then
|
||||
# grab initramfs in the form initramfs-5.5.9-200.fc31.x86_64.img
|
||||
virt-cat -a $qcow -m $partition "/ostree/${f}" > $initramfs
|
||||
virt-cat -a "$qcow" -m "$partition" "/ostree/${f}" > "$initramfs"
|
||||
elif [[ "${f}" =~ '/vmlinuz' ]]; then
|
||||
# grab kernel in the form vmlinuz-5.5.9-200.fc31.x86_64
|
||||
virt-cat -a $qcow -m $partition "/ostree/${f}" > $kernel
|
||||
virt-cat -a "$qcow" -m "$partition" "/ostree/${f}" > "$kernel"
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -530,7 +530,7 @@ EOF
|
||||
# Grab kernel arguments from the disk and use them
|
||||
# - strip `options ` from the front of the line
|
||||
# - strip `$ignition_firstboot`
|
||||
common_args=$(virt-cat -a $qcow -m $partition "/loader.1/entries/${bls_file}" | \
|
||||
common_args=$(virt-cat -a "$qcow" -m "$partition" "/loader.1/entries/${bls_file}" | \
|
||||
grep -P '^options' | \
|
||||
sed -e 's/options //' | \
|
||||
sed -e 's/$ignition_firstboot//')
|
||||
@@ -633,13 +633,13 @@ EOF
|
||||
# namesever= before ip= kargs doesn't yield an extra default.nm_connection
|
||||
# file. The second is to verify that the nameserver entry gets placed into
|
||||
# all connections that get created (i.e. ens2.nm_connection and ens3.nm_connection).
|
||||
#
|
||||
#
|
||||
# We'll perform the first check automatically in check_vm by verifying the
|
||||
# number of keyfiles is 2, along with checking that the dns server did make
|
||||
# it into the resolv.conf or resolvectl (systemd-resolvd). We won't
|
||||
# automatically check that each file has the dns entry for now, but anyone
|
||||
# can manually run this and grab a console to the VM and verify that.
|
||||
#
|
||||
#
|
||||
# [1] https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/391
|
||||
echo -e "\n###### Testing initramfs nameserver= option\n"
|
||||
create_ignition_file "$butane_none" $ignitionfile
|
||||
@@ -674,17 +674,17 @@ EOF
|
||||
static_team0
|
||||
static_br0
|
||||
)
|
||||
|
||||
for initramfsnet in ${initramfsloop[@]}; do
|
||||
for butanenet in ${butaneloop[@]}; do
|
||||
|
||||
for initramfsnet in "${initramfsloop[@]}"; do
|
||||
for butanenet in "${butaneloop[@]}"; do
|
||||
method='none'; interfaces=1;
|
||||
nameserver=${nameserverstatic}
|
||||
numkeyfiles=3
|
||||
if [ "${butanenet}" == 'none' ]; then
|
||||
# because we propagate initramfs networking if no real root networking
|
||||
# because we propagate initramfs networking if no real root networking
|
||||
devname=${initramfsnet##*_}
|
||||
hostname=${initramfshostname}
|
||||
# If we're using dhcp for initramfs and not providing any real root
|
||||
# If we're using dhcp for initramfs and not providing any real root
|
||||
# networking then we need to tell check_vm we're using DHCP and set
|
||||
# a few other values.
|
||||
if [ "${initramfsnet}" == 'dhcp_nic0' ]; then
|
||||
@@ -734,5 +734,5 @@ EOF
|
||||
}
|
||||
|
||||
|
||||
main $@
|
||||
main "$@"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user