particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test: use new installer customizations

Browse source 
Use the new installer customizations to build and boot an unattended
installation and add the users to the sudoers with NOPASSWD enabled.

This is added both to he base installer test (installers.sh) and the
ostree test (ostree-ng.sh).  For the ostree test, we keep the mkksiso
step to retain the remote configuration change.  The modksiso() function
is changed to explicitly read the osbuild.ks file since we don't want to
modify the osbuild-base.ks file and we want to ensure that the kernel
command line argument points to the osbuild.ks file.
This commit is contained in:
Achilleas Koutsou 2024-03-12 17:19:44 +01:00 committed by Tomáš Hozza
parent bd57d95e49
commit eccdcfcab0
2 changed files with 17 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

63
test/cases/installers.sh
View file

@ -15,62 +15,6 @@ set -euo pipefail
source /usr/libexec/osbuild-composer-test/set-env-variables.sh source /usr/libexec/osbuild-composer-test/set-env-variables.sh
source /usr/libexec/tests/osbuild-composer/shared_lib.sh source /usr/libexec/tests/osbuild-composer/shared_lib.sh
# modify existing kickstart by prepending and appending commands
function modksiso {
sudo dnf install -y lorax # for mkksiso
isomount=$(mktemp -d)
kspath=$(mktemp -d)
iso="$1"
newiso="$2"
echo "Mounting ${iso} -> ${isomount}"
sudo mount -v -o ro "${iso}" "${isomount}"
cleanup() {
sudo umount -v "${isomount}"
rmdir -v "${isomount}"
rm -rv "${kspath}"
}
trap cleanup RETURN
ksfiles=("${isomount}"/*.ks)
ksfile="${ksfiles[0]}" # there shouldn't be more than one anyway
echo "Found kickstart file ${ksfile}"
ksbase=$(basename "${ksfile}")
newksfile="${kspath}/${ksbase}"
oldks=$(cat "${ksfile}")
echo "Preparing modified kickstart file"
cat > "${newksfile}" << EOFKS
text --non-interactive
zerombr
clearpart --all --initlabel --disklabel=gpt
autopart --noswap --type=plain
network --bootproto=dhcp --device=link --activate --onboot=on
${oldks}
poweroff
%post --log=/var/log/anaconda/post-install.log --erroronfail
# no sudo password for user admin
echo -e 'admin\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
%end
EOFKS
echo "Writing new ISO"
if nvrGreaterOrEqual "lorax" "34.9.18"; then
sudo mkksiso -c "console=ttyS0,115200" --ks "${newksfile}" "${iso}" "${newiso}"
else
sudo mkksiso -c "console=ttyS0,115200" "${newksfile}" "${iso}" "${newiso}"
fi
echo "==== NEW KICKSTART FILE ===="
cat "${newksfile}"
echo "============================"
}
# Start libvirtd and test it. # Start libvirtd and test it.
greenprint "🚀 Starting libvirt daemon" greenprint "🚀 Starting libvirt daemon"
sudo systemctl start libvirtd sudo systemctl start libvirtd
@ -310,6 +254,10 @@ password = "\$6\$GRmb7S0p8vsYmXzH\$o0E020S.9JQGaHkszoog4ha4AQVs3sk8q0DvLjSMxoxHB
key = "${SSH_KEY_PUB}" key = "${SSH_KEY_PUB}"
home = "/home/${SSH_USER}/" home = "/home/${SSH_USER}/"
groups = ["wheel", "testers"] groups = ["wheel", "testers"]
[customizations.installer]
unattended = true
sudo-nopasswd = ["admin"]
EOF EOF
greenprint "📄 installer blueprint" greenprint "📄 installer blueprint"
@ -328,8 +276,7 @@ greenprint "📥 Downloading the installer image"
sudo composer-cli compose image "${COMPOSE_ID}" > /dev/null sudo composer-cli compose image "${COMPOSE_ID}" > /dev/null
ISO_FILENAME="${COMPOSE_ID}-installer.iso" ISO_FILENAME="${COMPOSE_ID}-installer.iso"
greenprint "🖥 Modify kickstart file and create new ISO" greenprint "🖥 Modify kickstart file and create new ISO"
modksiso "${ISO_FILENAME}" "/var/lib/libvirt/images/${ISO_FILENAME}" sudo mv "${ISO_FILENAME}" "/var/lib/libvirt/images/${ISO_FILENAME}"
sudo rm "${ISO_FILENAME}"
# Clean compose and blueprints. # Clean compose and blueprints.
greenprint "🧹 Clean up installer blueprint and compose" greenprint "🧹 Clean up installer blueprint and compose"

24
test/cases/ostree-ng.sh
View file

@ -177,26 +177,22 @@ function modksiso {
trap cleanup RETURN trap cleanup RETURN
ksfiles=("${isomount}"/*.ks) # When sudo-nopasswd is specified, a second kickstart file is added which
ksfile="${ksfiles[0]}" # there shouldn't be more than one anyway # includes the %post section for creating sudoers drop-in files. This
echo "Found kickstart file ${ksfile}" # kickstart file is called osbuild.ks and it %includes osbuild-base.ks at
# the top, which is the main kickstart file created by osbuild. To inject
# our extra %post section, lets modify the osbuild.ks file and start that
# one so that the %include chain isn't disrupted.
ksfile="${isomount}/osbuild.ks"
echo "Modifying kickstart file ${ksfile}"
ksbase=$(basename "${ksfile}") ksbase=$(basename "${ksfile}")
newksfile="${kspath}/${ksbase}" newksfile="${kspath}/${ksbase}"
oldks=$(cat "${ksfile}") oldks=$(cat "${ksfile}")
echo "Preparing modified kickstart file" echo "Preparing modified kickstart file"
cat > "${newksfile}" << EOFKS cat > "${newksfile}" << EOFKS
text
network --bootproto=dhcp --device=link --activate --onboot=on
zerombr
clearpart --all --initlabel --disklabel=msdos
autopart --nohome --noswap --type=plain
${oldks} ${oldks}
poweroff
%post --log=/var/log/anaconda/post-install.log --erroronfail %post --log=/var/log/anaconda/post-install.log --erroronfail
# no sudo password for user admin and installeruser
echo -e 'admin\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
echo -e 'installeruser\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
# delete local ostree repo and add external prod edge repo # delete local ostree repo and add external prod edge repo
ostree remote delete ${OSTREE_OSNAME} ostree remote delete ${OSTREE_OSNAME}
ostree remote add --no-gpg-verify --no-sign-verify ${OSTREE_OSNAME} ${PROD_REPO_URL} ostree remote add --no-gpg-verify --no-sign-verify ${OSTREE_OSNAME} ${PROD_REPO_URL}
@ -521,6 +517,10 @@ password = "${EDGE_USER_PASSWORD_SHA512}"
key = "${SSH_KEY_PUB}" key = "${SSH_KEY_PUB}"
home = "/home/installeruser/" home = "/home/installeruser/"
groups = ["wheel"] groups = ["wheel"]
[customizations.installer]
unattended = true
sudo-nopasswd = ["admin", "installeruser"]
EOF EOF
greenprint "📄 installer blueprint" greenprint "📄 installer blueprint"