Do not run `set-env-variables.sh` to set ARCH and OS variables
to avoid the CI failing because of shellcheck lint problems.
Signed-off-by: Miguel Martín <mmartinv@redhat.com>
Make it possible to test if system FIPS mode has been enabled
in the resulting images by running the scripts with a FIPS="true"
environment variable
Signed-off-by: Miguel Martín <mmartinv@redhat.com>
Check if the os has the system FIPS mode enabled
when `fips="true"` is passed as an ansible variable.
Signed-off-by: Miguel Martín <mmartinv@redhat.com>
Update the `osbuild` commit to a version that
includes `org.osbuild.update-crypto-policies` stage
required for the tests.
Signed-off-by: Miguel Martín <mmartinv@redhat.com>
Fix verbiage of groups customization, fields which accept an array
should be plural.
Remove the sshkey customization, sshkeys are merged into user
customizations anyway, so users should use the "users" customization
instead.
Since these customizations aren't in use yet, this edit should be fine.
See #3716
Sends a status update to the worker server every 5 minutes.
Also fixes a bug where the body the worker client sent would be empty if
it had to refresh the JWT token. Instead of io.Reader use io.ReadSeeker
so the body can be reread to create the second request (after the token
refresh).
Unresponsive workers (>=1 hour of no status update) are cleaned up.
Several things are enabled by keeping track of workers, in future the
worker server could:
- keep track of how many workers are active
- see if a worker for a specific architecture is available
After documentation refactoring "developer guide" link was pointing
to non existing page. This commit updates the link to point to the
latest upstream developer guide page.
The oscap remediation is failing due to an issue with remediating the
firewall loopback traffic. The remediation fails and bails out early
resulting in a lower score and causing a regression in the test. This
will need to be fixed on the OpenSCAP side, so as a workaround, we can
remove this rule from the remediation.
Update the images dependency to v0.18.0
This includes a change in the Fedora IoT remote configuration which is
now installed through an RPM instead of being hard-coded in the image
definitions.
This handles corrupt job json files by skipping them. They still exist,
and errors are logged, but the system keeps working.
If one or more of the json files in /var/lib/osbuild-composer/jobs/
becomes corrupt they can stop the osbuild-composer service from
starting, or stop commands like 'composer-cli compose status' from
working because they quit on the first error and miss any job that
aren't broken.
When making the upload request for edge commit image types, use the new
upload_targets array to define the aws.s3 upload options.
Leave other upload target definitions as is for now to test the old
options.
Add the new upload_statuses under the image_status in the result of the
ComposeStatus object. The first status is also included in the old
top-level 'upload_status' property for backwards compatibility.
Tests are updated to match the new results.
Test some valid and invalid combinations for the GetTargets() upload
target selection.
Includes tests with and without the upload options for the default
target.
Read the upload target types and options in the UploadTargets array of
the ImageRequest and initialise the Target array. If the top-level
(old) UploadOptions are also specified, prepend them to the array using
the image type's default target type.
Each upload target type is checked against a support map for
compatibility.
Add an array of targets in the imageRequest and return an array from
ImageRequest.GetTargets() (renamed from GetTarget()). Currently, the
function still only returns one target, the default for the image type
with the top level upload options.
Separate the target selection in GetTarget() into two steps. First
determine the default target name for the image type and then use the
name to initialise the target object. This is a bit more work (and
double switching) but will be needed to support selecting targets
externally.
