test: use new installer customizations
Use the new installer customizations to build and boot an unattended installation and add the users to the sudoers with NOPASSWD enabled. This is added both to he base installer test (installers.sh) and the ostree test (ostree-ng.sh). For the ostree test, we keep the mkksiso step to retain the remote configuration change. The modksiso() function is changed to explicitly read the osbuild.ks file since we don't want to modify the osbuild-base.ks file and we want to ensure that the kernel command line argument points to the osbuild.ks file.
This commit is contained in:
Achilleas Koutsou
Tomáš Hozza
parent
bd57d95e49
commit
eccdcfcab0
2 changed files with 17 additions and 70 deletions
|
|
@ -15,62 +15,6 @@ set -euo pipefail
|
|||
source /usr/libexec/osbuild-composer-test/set-env-variables.sh
|
||||
source /usr/libexec/tests/osbuild-composer/shared_lib.sh
|
||||
|
||||
# modify existing kickstart by prepending and appending commands
|
||||
function modksiso {
|
||||
sudo dnf install -y lorax # for mkksiso
|
||||
isomount=$(mktemp -d)
|
||||
kspath=$(mktemp -d)
|
||||
|
||||
iso="$1"
|
||||
newiso="$2"
|
||||
|
||||
echo "Mounting ${iso} -> ${isomount}"
|
||||
sudo mount -v -o ro "${iso}" "${isomount}"
|
||||
|
||||
cleanup() {
|
||||
sudo umount -v "${isomount}"
|
||||
rmdir -v "${isomount}"
|
||||
rm -rv "${kspath}"
|
||||
}
|
||||
|
||||
trap cleanup RETURN
|
||||
|
||||
ksfiles=("${isomount}"/*.ks)
|
||||
ksfile="${ksfiles[0]}" # there shouldn't be more than one anyway
|
||||
echo "Found kickstart file ${ksfile}"
|
||||
|
||||
ksbase=$(basename "${ksfile}")
|
||||
newksfile="${kspath}/${ksbase}"
|
||||
oldks=$(cat "${ksfile}")
|
||||
echo "Preparing modified kickstart file"
|
||||
cat > "${newksfile}" << EOFKS
|
||||
text --non-interactive
|
||||
zerombr
|
||||
clearpart --all --initlabel --disklabel=gpt
|
||||
autopart --noswap --type=plain
|
||||
network --bootproto=dhcp --device=link --activate --onboot=on
|
||||
${oldks}
|
||||
poweroff
|
||||
|
||||
%post --log=/var/log/anaconda/post-install.log --erroronfail
|
||||
|
||||
# no sudo password for user admin
|
||||
echo -e 'admin\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
|
||||
%end
|
||||
EOFKS
|
||||
|
||||
echo "Writing new ISO"
|
||||
if nvrGreaterOrEqual "lorax" "34.9.18"; then
|
||||
sudo mkksiso -c "console=ttyS0,115200" --ks "${newksfile}" "${iso}" "${newiso}"
|
||||
else
|
||||
sudo mkksiso -c "console=ttyS0,115200" "${newksfile}" "${iso}" "${newiso}"
|
||||
fi
|
||||
|
||||
echo "==== NEW KICKSTART FILE ===="
|
||||
cat "${newksfile}"
|
||||
echo "============================"
|
||||
}
|
||||
|
||||
# Start libvirtd and test it.
|
||||
greenprint "🚀 Starting libvirt daemon"
|
||||
sudo systemctl start libvirtd
|
||||
|
|
@ -310,6 +254,10 @@ password = "\$6\$GRmb7S0p8vsYmXzH\$o0E020S.9JQGaHkszoog4ha4AQVs3sk8q0DvLjSMxoxHB
|
|||
key = "${SSH_KEY_PUB}"
|
||||
home = "/home/${SSH_USER}/"
|
||||
groups = ["wheel", "testers"]
|
||||
|
||||
[customizations.installer]
|
||||
unattended = true
|
||||
sudo-nopasswd = ["admin"]
|
||||
EOF
|
||||
|
||||
greenprint "📄 installer blueprint"
|
||||
|
|
@ -328,8 +276,7 @@ greenprint "📥 Downloading the installer image"
|
|||
sudo composer-cli compose image "${COMPOSE_ID}" > /dev/null
|
||||
ISO_FILENAME="${COMPOSE_ID}-installer.iso"
|
||||
greenprint "🖥 Modify kickstart file and create new ISO"
|
||||
modksiso "${ISO_FILENAME}" "/var/lib/libvirt/images/${ISO_FILENAME}"
|
||||
sudo rm "${ISO_FILENAME}"
|
||||
sudo mv "${ISO_FILENAME}" "/var/lib/libvirt/images/${ISO_FILENAME}"
|
||||
|
||||
# Clean compose and blueprints.
|
||||
greenprint "🧹 Clean up installer blueprint and compose"
|
||||
|
|
|
|||
|
|
@ -177,26 +177,22 @@ function modksiso {
|
|||
|
||||
trap cleanup RETURN
|
||||
|
||||
ksfiles=("${isomount}"/*.ks)
|
||||
ksfile="${ksfiles[0]}" # there shouldn't be more than one anyway
|
||||
echo "Found kickstart file ${ksfile}"
|
||||
# When sudo-nopasswd is specified, a second kickstart file is added which
|
||||
# includes the %post section for creating sudoers drop-in files. This
|
||||
# kickstart file is called osbuild.ks and it %includes osbuild-base.ks at
|
||||
# the top, which is the main kickstart file created by osbuild. To inject
|
||||
# our extra %post section, lets modify the osbuild.ks file and start that
|
||||
# one so that the %include chain isn't disrupted.
|
||||
ksfile="${isomount}/osbuild.ks"
|
||||
echo "Modifying kickstart file ${ksfile}"
|
||||
|
||||
ksbase=$(basename "${ksfile}")
|
||||
newksfile="${kspath}/${ksbase}"
|
||||
oldks=$(cat "${ksfile}")
|
||||
echo "Preparing modified kickstart file"
|
||||
cat > "${newksfile}" << EOFKS
|
||||
text
|
||||
network --bootproto=dhcp --device=link --activate --onboot=on
|
||||
zerombr
|
||||
clearpart --all --initlabel --disklabel=msdos
|
||||
autopart --nohome --noswap --type=plain
|
||||
${oldks}
|
||||
poweroff
|
||||
%post --log=/var/log/anaconda/post-install.log --erroronfail
|
||||
# no sudo password for user admin and installeruser
|
||||
echo -e 'admin\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
|
||||
echo -e 'installeruser\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
|
||||
# delete local ostree repo and add external prod edge repo
|
||||
ostree remote delete ${OSTREE_OSNAME}
|
||||
ostree remote add --no-gpg-verify --no-sign-verify ${OSTREE_OSNAME} ${PROD_REPO_URL}
|
||||
|
|
@ -521,6 +517,10 @@ password = "${EDGE_USER_PASSWORD_SHA512}"
|
|||
key = "${SSH_KEY_PUB}"
|
||||
home = "/home/installeruser/"
|
||||
groups = ["wheel"]
|
||||
|
||||
[customizations.installer]
|
||||
unattended = true
|
||||
sudo-nopasswd = ["admin", "installeruser"]
|
||||
EOF
|
||||
|
||||
greenprint "📄 installer blueprint"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue