I think that we can spare the users of clouadpi of writing "rhsm": "false"
into the requests so I decided to make this property optional and default
to false.
This is nice because it matches the behaviour of Weldr repositories and
sources so we can also use test/data/repositories without any changes after
openapi validation is enabled.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
All of the edge tests are being ran on every nightly compose inside
virt-qe Jenkins so no need to run all of them here as well. Keep just
ostree-raw-image.sh to cover edge testing for sign-off.
Before the instance was vulnerable to an OTA update while processing a
request. Because there is no way of retriggering a job in Composer, it
is better to avoid this situation.
The way we are doing it is by setting the `protected` flag onto the
instance when a job is being processed. This way the AWS scheduler
does hopefully not shutdown the machine at the wrong time.
Main caveats of this solution:
* Starvation: If a worker keeps accepting new jobs, then it might not be
updated.
* Inconsistency: There exist a window between the job acceptation and the
protection where the worker can be shutdown without having the time to
protect itself.
Added code in fedora/pipelines.go to add the subformat field in the
manifests
Added manifests for f34 and f35 for x86_64 only (image type not
available in aarch64)
* IoT image types now correctly point to the fedora-identity-iot package
* QCOW2, VMDK and OCI types use Fedora Cloud as identity package
* Changed default target for AMI from graphical.target to multi-user.target. This matches the behaviour with the RHEL types, which all target the multi-user.
* Readded the image-info field for some manifests which was missing due to issues regenerating the manifests.
* Removed specific function that packaged the fedora cloud package group to avoid collision between fedora-identity-cloud and fedora-identity-basic packages. With the introduction of the PackageSetChains() it is no longer necessary to filter the packages
The VMDK image is already produced as stream-optimized. Therefore stop
setting the `StreamOptimized` option in `OSBuildJob` structure by both,
Weldr and Cloud APIs.
Keep the handling of the option in worker for backward compatibility,
in case an older instance of Composer server is used, which does not
produce VMDK manifests as stream-optimized. In such case, the worker
needs to convert the image.
Modify pipelines in all distro definitions to produce stream-optimized VMDK
image.
Regenerate all VMDK test cases.
Bump worker dependency on osbuild to the version supporting VMDK
subformat in both QEMU assembler and stage
The staticfiles dependency updated to support Go 1.18 generics in the
2022.1 release. This prevents the devcontainer (which has Go 1.16) from
being built. This moves the container to Fedora 36 which provides Go
1.18.
entrypoint.py
-------------
Allow the user to set the port number also for the remote worker
Allow the user to set the binding address for the composer api or remote worker api
Set the default port of the composer API to 8080
Dockerfile-ubi
--------------
Remove setting the port for the composer API since the default is
already 8080
This is a bare minimum for our downstream testsuite to pass (otherwise
it will fail on non-existing 8.7 CDN repositories).
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
We would benefit from having support for 9.1 downstream so let's add it in
the form of an alias. This is a bare minimum for having a proper 9.1 support.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Check for the rpm database in $tree/usr/share/rpm and explicitly
also in $tree/var/lib/rpm and if the respective location exists
pass it as argument to rpm. This should fix the situation where
the default database on the host is in a different location than
in the tree. Fedora < 36 and RHEL have the location in /var but
Fedora starting 36 and rpm-ostree have it in /usr.
In the internal deployment, we want to talk with composer over a http/https
proxy. This proxy adds new composer.proxy field to the worker config that
causes the worker to connect to composer and the oauth server using
a specified proxy.
NB: The proxy is not supported when connection to composer via unix sockets.
For testing this, I added a small HTTP proxy implementation, pls don't
use this in production, it's just good enough for tests.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Just so we don't need to care about all the server-side setup in individual
test cases and we can just reuse the setup.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Firstly, let's use t.TempDir(), it's less code.
Secondly, let's remove all the code that touches distributions, we can just
use random values, both worker server and client actually do't inspect
any values so they can be completely random.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
