Applying a `Name` tag to the snapshot makes the name of the image appear
in the snapshot listing in EC2's console. It also makes it easier to
remove a snapshot after deregistering the AMI.
Signed-off-by: Major Hayden <major@redhat.com>
Although the obuild-remote-worker@.service unit can be started, it can't
be enabled at boot time since the `Install` section is missing in the
unit file.
Add a small `[Install]` section with the same `WantedBy` as
osbuild-composr.service.
Fixes#924.
Signed-off-by: Major Hayden <major@redhat.com>
For reasons unknown, golangci-lint's default 1m0s timeout is *slightly*
too short for CI runs occasionally. Extend it to 5 minutes to ensure the
job always has enough time to run.
Signed-off-by: Major Hayden <major@redhat.com>
acf91a4 enabled fastestmirror but also calls `base.init_plugins()` to
initialize dnf plugins. This is not necessary and not what we want
conceptually.
Not necessary, because `fastestmirror` is a dnf built-in (it was a
plugin during yum-times [1]). The same patch sets the `fastestmirror`
option as well. Thus, this patch does not revert functionality.
Not what we want, because we're using dnf more as a library, explicitly
passing all options. Plugins depend on additional host configuration,
which we'd like to avoid pulling in. In particular, the
subscription-manager plugin tries reading certificates in `/etc/pki`,
which are not readable by the `osbuild-composer` user. This leads to
these errors in the journal:
[ERROR] dnf-json:54297:MainThread @logutil.py:194 -
[Errno 13] Permission denied: '/var/log/rhsm/rhsm.log' -
Further logging output will be written to stderr
[ERROR] dnf-json:54297:MainThread @identity.py:156 -
Reload of consumer identity cert /etc/pki/consumer/cert.pem
raised an exception with msg:
[Errno 13] Permission denied: '/etc/pki/consumer/key.pem'
These errors are not fatal, but could confuse people when inspecting
logs to find unrelated problems. This patch makes them disappear.
[1] https://fedoraproject.org/wiki/Yum_to_DNF_Cheatsheet
The vmdk images are meant to be imported into VMWare vCenter, not to be
booted directly.
Our image-info tests verifies that this work, they should be converted
into integration tests similar to the aws.sh script in the future.
Signed-off-by: Tom Gundersen <teg@jklm.no>
vCenter requires images to be uploaded as vmdk StreamOptimized. Lorax
always produced images on this format, so we should make sure to do the
same for our VMWare images.
Allow LocalTarget to request the images produced by osbuild be converted
to be streamOptimized before saving in composer, and hook the weldr API
up to enable this option for vmdk images.
Ideally this should simply be an option in osbuild, but that would
require some more work, which we will not manage in time for RHEL8.3.
Therefore do this minimal fix.
Note that that means the images produced by our manifests (including in
our image-test test cases) are not on the format that the weldr API
returns, so the tests we run on them would also, for now, need to
convert before uploading to vCenter.
Signed-off-by: Tom Gundersen <teg@jklm.no>
This is not shipped in RHEL, so use the library directly to query the IP
address. This is a massive hack, but let us revisit this after the next
release.
Signed-off-by: Tom Gundersen <teg@jklm.no>
We will automatically detect whether to use GA or Beta content, so we
can drop the override as 8.2 is GA so will get GA content.
Signed-off-by: Tom Gundersen <teg@jklm.no>
We need the same RPMs to work equally well on a host running a beta
release (pulling beta content) as on a machine running GA (pulling GA
content). Detect this at run-time and point at the right repository.
Testing this is a bit hairy as we are building 8.3 images, but obviously
there is currently no 8.3 content at the GA URLs.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Change the translation from our internal structs to the structs used for
weldr serialization to drop account details. These must obviously be
passed in to configure an upload, but exposing them in the logs may be
surprising.
There is no notion of user accounts in the weldr API, and the state
should not be considered private. However, this is likely to take people
by surprise, so let us guard the secrets entrusted to us.
Fixes#907.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Improve the message returned by osbuild-composer when a user asks for
logs of a compose that is still running.
Signed-off-by: Major Hayden <major@redhat.com>
in the same way this is done for Azure we read the OS credentials
and provide them as ENV variables for the test
Note: uses `psi-openstack-creds` and not `psi-openstack-clouds-yaml`
which is a yaml file.
Using `cp` to copy the repo content caused the last part of the path to
be duplicated:
Current: `master/latest/rhel82_x86_64/rhel82_x86_64/repodata/repomd.xml`
Desired: `master/latest/rhel82_x86_64/repodata/repomd.xml`
Remove the VERSION_ID/ARCH from the destination to remove the duplicated
path.
Signed-off-by: Major Hayden <major@redhat.com>
The API was crashing if the freeze request was called on a non-existent
blueprint. This changes it to return an empty string, matching
lorax-composer's behavior (since the output is toml it shouldn't return
json).
The inputhash represents pipeline id, which is calculated from the
pipeline dictionary defined in the test case. The definition has been
modified without correction of the inputhash (because we did not run it
in our CI :-) ).
This patch fixed the inputhash to reflect the changes in the pipeline.
copy() will not append to a slice, so if the length is 0 nothing will be
copied. Initialize the slice with the length instead of the capacity.
This fixes a problem with blueprint commits vanishing when the server is
restarted.
This commit also includes a new test in json_test for the
newCommitsFromV0() function.
Checking out the code from git during the prepare step is a waste of
time and disk space since we don't need the git repository cloned there.
Signed-off-by: Major Hayden <major@redhat.com>
Although rsync works just fine, it would reduce our package list if we
just used `cp` to create the latest repo.
Signed-off-by: Major Hayden <major@redhat.com>
The image tests for RHEL 8 still download packages from a server that is
only available inside the Red Hat network. 😢
Signed-off-by: Major Hayden <major@redhat.com>
Allow anyone to set up a dnf repository to point to the latest
build for the branch by using a repo file pointing to that build.
This would allow anyone to get the latest set of RPMs for a particular
pull request or branch (especially the master branch.
Signed-off-by: Major Hayden <major@redhat.com>
Remove the nightly repos from the RHEL 8.3 jobs and replace them with
CDN registration for beta content.
Signed-off-by: Major Hayden <major@redhat.com>
This changes the response to match lorax-composer's behavior. If any of
the blueprints in the list passed to /blueprints/depsolve/... have an
error that error should be appended to the error list, and the blueprint
included in the blueprints list with an empty dependencies section.
It was returning an error 400 and a single error if it hit any depsolve
problems, skipping any other blueprints and returning the wrong
response.
This also adjusts the tests to account for the change.
Fixes#890
