When the blueprint sets a specific distribution it should be used
instead of the distribution from the compose request.
Includes a test to make sure it uses repositories from the blueprint,
not the request.
Nightly pipelines test against older osbuild-composer versions so we
need to still modify the kickstart file until the feature reaches the
nightly composes.
Use the new installer customizations to build and boot an unattended
installation and add the users to the sudoers with NOPASSWD enabled.
This is added both to he base installer test (installers.sh) and the
ostree test (ostree-ng.sh). For the ostree test, we keep the mkksiso
step to retain the remote configuration change. The modksiso() function
is changed to explicitly read the osbuild.ks file since we don't want to
modify the osbuild-base.ks file and we want to ensure that the kernel
command line argument points to the osbuild.ks file.
We now have a proper rhel-10.0 distribution, and this alias is clashing
with it, so we are seeing the following message in production:
failed to configure distro aliases: invalid aliases: ["alias 'rhel-10.0' masks an existing distro"]
Let's fix it by removing the alias, it's obviously not needed anymore.
In order to support cloudapi blueprint requests from the cmdline using
composer-cli it needs to select the repositories based on the selected
distribution instead of requiring the user to include them with the
request.
If the image request includes repositories they are used, which matches
the current behavior. If the repository list is empty it will use the
distribution name to select from the repositories shipped with
osbuild-composer.
If the /tmp/cloud_init_vars contained OSBUILD_EXECUTOR_CLOUDWATCH_GROUP
variable set, the worker configuration file would contain a line with
escaped newline character at the end of the value configuring
`cloudwatch_group` for the `osbuild_executor`. This makes the worker
fail to start when loading the configuration.
Remove the newline from the value appended to the worker config by the
initialization script.
Fix#4001
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Set the 'cloudwatch_group' value in the worker configuration if provided
in /tmp/cloud_init_vars, so that it is used by the worker when spinning
up an osbuild-executor instance.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
We need the ability to use different CloudWatch group for the
osbuild-executor on Fedora workers in staging and production
environment.
Extend the worker confguration to allow configuring the CloudWatch group
name used by the osbuild-executor. Extend the secure instance code to
instruct cloud-init via user data to create /tmp/cloud_init_vars file
with the CloudWatch group name in the osbuild-executor instance, to make
it possible for the executor to configure its logging differently based
on the value.
Cover new changes by unit tests.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Test `koji.sh` with cloud upload on the latest RHEL-8.9 and RHEL9.3 GA
releases, which we use on our Brew workers.
Test the `koji.sh` only on the latest RHEL-8.9, RHEL-9.3 and Fedora
releases, which we use on our Brew and Koji workers.
There's no value in testing this case on CentOS Stream, RHEL EUS
releases or nightly composes.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The /tmp/cloud_init_vars is not created on the worker executor, so
sourcing it will make the script fail. Comment the line out, until we
change the worker implementation to inject this file into the worker
executor using cloud-init.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
We need to use custom IAM policy name used by the worker for
osbuild-executor on Fedora workers (in prod vs. stage). And we have the
same requirement for the CloudWatch log group used by the
osbuild-executor.
Modify the Ansible playbook used by Packer to use the values from
/tmp/cloud_init_vars if set and defaulting to the current values if not
set.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
