The 'google-cloud-sdk' RPM built by Google for RHEL, which provides
the 'gcloud' command, is built only with Python 2. Since Python 2.7
is already EOL in upstream and not available in CentOS Stream 9, we
can not use 'gcloud' from the 'google-cloud-sdk' RPM.
The 'awscli' is not available in RHEL-9 repositories.
The Azure CLI 'az' available in official upstream repositories has
broken dependencies on RHEL-9 and can not be successfully installed. To
workaround the issue, run the tool from the official container image
provided by Microsoft.
Use the `quay.io/osbuild/cloud-tools` F34-based container image instead
of locally installed cloud CLI tools.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
The RHEL-8.5 and RHEL-9.0 `ami` images are now based on the official
RHEL EC2 images. As a result, they use a different default user -
`ec2-user`.
Fix the `api.sh` test case to use the correct user when testing RHEL-9
`ami` images.
Fix#1632
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Update the first blueprint to use "normal" kernel instead of to
use "rt" kernel. Then upgrade to "rt" kernel.
To work with this bug fix, we need osbuild fix and have to pin to
osbuild latest commit.
The customizations.user is removed from upgrade blueprint to work
with this bug fix. But it's for RHEL 8.5 only.
Use TEST_ID for any resources created in Azure. Also create all
necessary vm network resources in advance to have predictable names
using TEST_ID as well.
RHEL 9.0 isn't yet in .gitlab-ci.yml so this actually doesn't change in test
runs but it should make enabling of the tests easier.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
Renamed tar-installer to image-installer.
This is a more appropriate name:
- It disassociates the image type from the "tar" image type. The two
should not be perceived to be connected.
- It's more descriptive. The format of the payload (tar) isn't relevant
to the purpose of the image type.
The test case used to work only on Fedora 33. This patch introduces
support for all future Fedoras and RHEL 8.
It uses a fair bit of magic because it needs to dynamically discover if
a RHEL runner uses the rhel-8.json or the rhel-8-beta.json repository
override. Furthemore it needs to discover a redirection URL, if any, of
the repository override to correctly configure HTTP proxy.
It is designed for RHEL only. The switch for distros used to live in the
regression.sh script but it was removed so now the tests need to know if
they are running on a compatible system themselves.
Introduce a test case where 2 httpd proxies are used to simulate custom
repos with custom subscriptions. That is, every repo requires
client-side tls certificate with its own CA. Make sure both osbuild and
osbuild-composer can use these repositories by issuing an image build.
Several changes required to get the installer test working in CI.
Blueprint:
- Add packages for SSH and networking
- Use generated SSH key and username variable for user setup
Kickstart:
- The ISO contains a kickstart file with the `liveimg` command. Instead
of trying to inject a kickstart during virt-install, we override the
existing file on the ISO. The `modksiso` function reads a kickstart
file from an existing ISO, adds commands to make the installation
fully automatic (partitioning, text --non-interactive) and creates a
new ISO with the modified kickstart file using mkksiso.
- Simple networking added to kickstart file.
- Kernel command line args for installer added via the mkksiso command
since the `--cdrom` installation source doesn't support injecting
command line arguments.
virt-install:
- Using `--cdrom` instead of `--location`: latter was failing to
install.
- No longer injects a kickstart file (since we handle it separately) and
doesn't add extra Kernel args.
Redefine the `ami` image type in RHEL-8.5 to be based on RHEL
ec2 images. The pipeline has different default settings, therefore the
common "os" pipeline is not used. The RHEL ec2 images have a different
default size than the original `ami` image definition. The RHEL ec2
images use a different default partitioning scheme. Their configuration
is slightly different for each architecture and the x86_64 version
of the image does not support UEFI.
Update rpmrepo snapshots used to generate RHEL-8.5 x86_64 and aarch64
image test cases.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Cloud api now exposes user customization that let a customer able to add
a new user with a set of groups and a ssh key.
Testing:
* adds 2 users to the AWS image, accessible with a temp ssh key.
* the first one is in the group wheel, the other is not
Fixes#1574
Instead of inspecting the tarball directly, extract it and use ostree to
verify the ref and commit ID.
Adds some data to the CI artifacts directory:
- Build manifest
- Tarball file list for s3 edge commit with s3 upload
- Build metadata
Unlike the original regression test which explicitly names the excluded
dependency, this test installs a package that depends on the excluded
package without naming it. Based on the new way we depsolve blueprint
packages in RHEL 8.5, this should now work as well.
- Rewrote regression.sh to be like base tests with list of regression
test scripts to be run and fail counts
- Separate regression tests in CI to have better control of distro
runners
Previously a bad error code was returned, fixes#1477.
Testing:
I have two test cases to test the solution. The first is a request that
makes depsolve crash by changing the dnf-json script by an almost empty
one that only throws an exception. The second one fails because it
requests a non existing package. The former ends with a 500 error and
the later with a 400.
----8<-----
HTTP/1.1 500 Internal Server Error
Failed to depsolve base packages for ami/x86_64/centos-8: ailed to
depsolve base packages for ami/x86_64/centos-8: unexpected end of JSON
input
----8<-----
HTTP/1.1 400 Bad Request
Content-Length: 226Failed to depsolve base packages for
ami/x86_64/centos-8: DNF error occured: MarkingErrors: Error occurred
when marking packages for installation: Problems in request:
missing packages: jesuisunpaquetquinexistepas_idonotexist
The `api.sh` test currently always defaults to "<REGION>-a" zone when
creating instance using the built image. The resources in a zone may get
exhausted and the solution is to use a different zone. Currently even a
CI job retry won't help with mitigation of such error during a CI run.
Modify `api.sh` to pick random GCP zone for a given region when creating
a compute instance. Use only GCP zones which are "UP".
The `cloud-cleaner` relied on the behavior of `api.sh` to always choose
the "<REGION>-a" zone. Guessing the chosen zone in `cloud-cleaner` is
not viable, but thankfully the instance name is by default unique for
the whole GCP project. Modify `cloud-cleaner` to iterate over all
available zones in the used region and try to delete the specific
instance in each of them.
Make `ComputeZonesInRegion` method from the `internal/cloud/gcp` package
exported and use it in `cloud-cleaner` for getting the list of available
zones in a region.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
The `test/cases/api.sh` script relied on environment variables specific
to Jenkins for detecting it if is running in a CI environment. If this
was the case, it used other environment variables to construct a
predictable `TEST_ID` which could be used for names of resources created
in cloud-provider environment as part of the test. This is important to
ensure that `cloud-cleaner` can "guess" resource names and delete them
in case the test script fails to clean up after itself.
With the move from Jenkins to GitLab CI, this stopped to work and the
script started to generate random `TEST_ID`, which can not be guessed by
the `cloud-cleaner` tool.
Modify the `test/cases/api.sh` to detect the CI environment using the
`CI` environment variable, which is always predefined in the GitLab CI
environment [1].
[1] https://docs.gitlab.com/ee/ci/variables/predefined_variables.html
Signed-off-by: Tomas Hozza <thozza@redhat.com>
An occupied worker checks about every 15 seconds if it's current job was
cancelled. Use this to introduce a heartbeat mechanism, where if
composer hasn't heard from the worker in 2 minutes, the job times out
and is set to fail.
For RHEL 8.5, user and ssh key are added in blueprint.
For Fedora 33, RHEL 8.3 and 8.4, user and ssh key have to be
added in ks file due to bz#1896178.
bz#1896178 has been fixed already on RHEL 8.5 only, but still exists
on Fedora 33, RHEL 8.3 and 8.4. This update covers Fedora 33,
RHEL 8.5, RHEL 8.4 and RHEL 8.3.
