particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
6124 commits 1 branch 0 tags 688 MiB
Commit graph

6124 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sanne Raymaekers
c6aa7d88d2 internal/weldr: specify architecture of compose 
This is useful in environments with multi-arch remote workers.
Defaults to the host architecture.
 2023-12-14 21:25:32 +01:00
Sanne Raymaekers
e24772dc57 worker/server: check if worker is available for architecture 2023-12-14 21:25:32 +01:00
Sanne Raymaekers
850e44589b worker/server: split out jobqueue call from PostWorker handler 2023-12-14 21:25:32 +01:00
Sanne Raymaekers
ac854b7cc8 pkg/jobqueue: add arch to worker 2023-12-14 21:25:32 +01:00
Xiaofeng Wang
8a8b1406fb test: update osbuild dependency sha for RHEL 9.4 2023-12-14 17:18:40 +08:00
Miguel Martín
991293a897 Generate FIPS compliant SSH keys 
Generate FIPS compliant SSH keys required
for testing system FIPS mode support
 2023-12-13 10:19:47 +01:00
Miguel Martín
38f9687cc1 Clean up libvirt network 
Clean up libvirt network once the script has
finished successfully.
 2023-12-13 10:19:47 +01:00
Miguel Martín
53955af7ca Do not run set-env-variables.sh 
Do not run `set-env-variables.sh` to set ARCH and OS variables
to avoid the CI failing because of shellcheck lint problems.

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
20c8892ec9 Do not harcode user's password hash in scripts 
Generate user's password hash based on `EDGE_USER_PASSWORD`
variable instead of hardcoding it

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
a0d357c66b Enable FIPS tests 
Make it possible to test if system FIPS mode has been enabled
in the resulting images by running the scripts with a FIPS="true"
environment variable

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
10ccb3b385 feature: check FIPS mode within the ostree images 
Check if the os has the system FIPS mode enabled
when `fips="true"` is passed as an ansible variable.

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
98847f7494 Expose the FIPS blueprint customization 
Expose the FIPS blueprint customization through
the cloud API.

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
3c64edfcb9 Define the FIPS blueprint customization 
Define a new blueprint customization that
allows to enable the system FIPS mode

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
Miguel Martín
49f99e1299 Update the osbuild commit 
Update the `osbuild` commit to a version that
includes `org.osbuild.update-crypto-policies` stage
required for the tests.

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
 2023-12-13 10:19:47 +01:00
schutzbot
1ba19ad8e0 Post release version bump 
[skip ci]
 2023-12-13 08:22:34 +00:00
Xiaofeng Wang
0e08ecf079 test: fix ansible playbook conditional statements error 2023-12-12 15:25:29 +01:00
Michael Vogt
614593084c .gitlab-ci.yml: upgade neetle early to workaround RHEL-17890 2023-12-12 14:10:59 +04:00
Sanne Raymaekers
6cdd95a072 README: remove IRC in favour of matrix channel 2023-12-11 18:37:07 +01:00
Xiaofeng Wang
15a94899a8 test: remove persistent log checking on minimal raw test 
Persistent log is not related with minimal raw image itself and
it is not stable. After discuss with team, remove this test
 2023-12-11 15:12:04 +01:00
Sanne Raymaekers
bfad6d50e1 cloudapi/v2: tweak customizations 
Fix verbiage of groups customization, fields which accept an array
should be plural.

Remove the sshkey customization, sshkeys are merged into user
customizations anyway, so users should use the "users" customization
instead.

Since these customizations aren't in use yet, this edit should be fine.

See #3716
 2023-12-08 15:31:56 +01:00
Tomáš Hozza
1afe7d20c8 Adjust code to new version of osbuild/images 
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
 2023-12-06 17:32:18 +01:00
dependabot[bot]
016051a4b8 build(deps): bump the go-deps group with 5 updates 
Bumps the go-deps group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) | `1.48.1` | `1.48.13` |
| [github.com/gophercloud/gophercloud](https://github.com/gophercloud/gophercloud) | `1.7.0` | `1.8.0` |
| [github.com/openshift-online/ocm-sdk-go](https://github.com/openshift-online/ocm-sdk-go) | `0.1.385` | `0.1.388` |
| [github.com/osbuild/images](https://github.com/osbuild/images) | `0.18.0` | `0.21.0` |
| [google.golang.org/api](https://github.com/googleapis/google-api-go-client) | `0.152.0` | `0.153.0` |


Updates `github.com/aws/aws-sdk-go` from 1.48.1 to 1.48.13
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.48.1...v1.48.13)

Updates `github.com/gophercloud/gophercloud` from 1.7.0 to 1.8.0
- [Release notes](https://github.com/gophercloud/gophercloud/releases)
- [Changelog](https://github.com/gophercloud/gophercloud/blob/v1.8.0/CHANGELOG.md)
- [Commits](https://github.com/gophercloud/gophercloud/compare/v1.7.0...v1.8.0)

Updates `github.com/openshift-online/ocm-sdk-go` from 0.1.385 to 0.1.388
- [Release notes](https://github.com/openshift-online/ocm-sdk-go/releases)
- [Changelog](https://github.com/openshift-online/ocm-sdk-go/blob/main/CHANGES.md)
- [Commits](https://github.com/openshift-online/ocm-sdk-go/compare/v0.1.385...v0.1.388)

Updates `github.com/osbuild/images` from 0.18.0 to 0.21.0
- [Release notes](https://github.com/osbuild/images/releases)
- [Commits](https://github.com/osbuild/images/compare/v0.18.0...v0.21.0)

Updates `google.golang.org/api` from 0.152.0 to 0.153.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.152.0...v0.153.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/gophercloud/gophercloud
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: github.com/openshift-online/ocm-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/osbuild/images
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-06 17:32:18 +01:00
Sanne Raymaekers
d3dd83aceb internal/test: return in TestRouteWithReply on empty body 
Check if the response is empty, and return instead of continuing.
 2023-12-06 17:22:36 +01:00
Sanne Raymaekers
fd4a3a941a worker: let client register itself with the worker server 
Sends a status update to the worker server every 5 minutes.

Also fixes a bug where the body the worker client sent would be empty if
it had to refresh the JWT token. Instead of io.Reader use io.ReadSeeker
so the body can be reread to create the second request (after the token
refresh).
 2023-12-06 17:22:36 +01:00
Sanne Raymaekers
794acd8e34 worker: add ability to track workers serverside 
Unresponsive workers (>=1 hour of no status update) are cleaned up.

Several things are enabled by keeping track of workers, in future the
worker server could:
- keep track of how many workers are active
- see if a worker for a specific architecture is available
 2023-12-06 17:22:36 +01:00
Sanne Raymaekers
d784075d31 jobqueue: add ability to track workers 2023-12-06 17:22:36 +01:00
Jakub Rusz
2410b00eb9 rpmbuild: add fedora-40 2023-12-06 16:52:40 +01:00
Paweł Poławski
c1fae1ef7a Makefile: Fix typo in printed project name 2023-12-06 11:38:01 +01:00
dependabot[bot]
5e46230182 build(deps): bump actions/github-script from 6 to 7 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-06 09:11:10 +01:00
Paweł Poławski
7deaa293d2 Readme: Fix broken link 
After documentation refactoring "developer guide" link was pointing
to non existing page. This commit updates the link to point to the
latest upstream developer guide page.
 2023-12-04 12:56:59 +01:00
schutzbot
2a6bad7283 Post release version bump 
[skip ci]
 2023-11-29 08:24:21 +00:00
Diaa Sami
6cfa26399f composer: use logrus hook instead of k8s sidecar 
for splunk log forwarding
Fixes COMPOSER-2051
 2023-11-28 12:42:00 +01:00
Diaa Sami
6b6af41e1d Revert "containers/osbuild-composer: wait for fluentd in entrypoint" 
This reverts commit b4cf032239.
No longer needed after removing sidecar COMPOSER-2051
 2023-11-28 12:41:46 +01:00
Jakub Rusz
4050aa92fe test/cases: Additional migration updates 
Mostly addressing comments from review.
 2023-11-27 10:04:47 +01:00
Jakub Rusz
5cbc87eade test/cases: clean up older distros in ostree.sh 2023-11-27 10:04:47 +01:00
Jakub Rusz
0bdc94ea94 test/cases: run upgrade test using new nightlies 2023-11-27 10:04:47 +01:00
Xiaofeng Wang
1cbcba92e1 test: fix repo file for 9.4 and 8.10 and fix check-minimal 2023-11-27 10:04:47 +01:00
Jakub Rusz
8960a51d2f Fix filesystems test 
The new partition rules are in osbuild-composer v94 and higher.
 2023-11-27 10:04:47 +01:00
Jakub Rusz
04ba4b81d8 Switch testing to 8.10 and 9.4 nightly 2023-11-27 10:04:47 +01:00
Jakub Rusz
c77b73a888 test/cases: Add workaround for oscap firewalld rules 
The oscap remediation is failing due to an issue with remediating the
firewall loopback traffic. The remediation fails and bails out early
resulting in a lower score and causing a regression in the test. This
will need to be fixed on the OpenSCAP side, so as a workaround, we can
remove this rule from the remediation.
 2023-11-24 16:29:32 +01:00
Achilleas Koutsou
5b19bd6809 deps: update images to v0.18.0 
Update the images dependency to v0.18.0
This includes a change in the Fedora IoT remote configuration which is
now installed through an RPM instead of being hard-coded in the image
definitions.
 2023-11-22 09:56:08 +01:00
Jakub Rusz
bb76ddb2b1 tests/repositories: Update snapshtos for 9.4 and 8.10 
We need this to udpate CIV testing.
 2023-11-21 13:43:16 +01:00
Brian C. Lane
aca748bc14 Don't Panic in getComposeStatus and skip invalid jobs in fsjobqueue New 
This handles corrupt job json files by skipping them. They still exist,
and errors are logged, but the system keeps working.

If one or more of the json files in /var/lib/osbuild-composer/jobs/
becomes corrupt they can stop the osbuild-composer service from
starting, or stop commands like 'composer-cli compose status' from
working because they quit on the first error and miss any job that
aren't broken.
 2023-11-20 13:34:40 +01:00
Diaa Sami
e969a9dc3c pkg/splunk_logger: make it a module that can be imported seprately 
Fixes COMPOSER-2051
 2023-11-17 18:48:45 +01:00
Achilleas Koutsou
901393d791 test/api: add some greenprints 2023-11-17 16:48:16 +01:00
Achilleas Koutsou
894c7046d9 test: compare upload_statuses[0] with upload_status 
Check that the first element of the upload_statuses array matches the
top-level upload_status.
We only test one upload target for now.
 2023-11-17 16:48:16 +01:00
Achilleas Koutsou
d3921dcc31 test: use upload_targets for edge in api s3.sh 
When making the upload request for edge commit image types, use the new
upload_targets array to define the aws.s3 upload options.
Leave other upload target definitions as is for now to test the old
options.
 2023-11-17 16:48:16 +01:00
Achilleas Koutsou
fbf63f6a1f cloudapi: add upload targets to route handler tests 2023-11-17 16:48:16 +01:00
Achilleas Koutsou
38664d1b64 cloudapi: add GetTarget() test case for pulp.ostree 2023-11-17 16:48:16 +01:00
Gianluca Zuccarelli
b711e302ba cloudapi: add pulp upload target 
Add the pulp.ostree upload target to the cloud API and enable it for
edge/iot commits.

Co-Authored-By: Achilleas Koutsou <achilleas@koutsou.net>
 2023-11-17 16:48:16 +01:00