Previously, the worker was determining the GCE image guest OS Features
on its own, based on the OS name. This caused problems, in case the
osbuild-composer was of a newer version than the worker.
Example:
osbuild-composer contained support for c10s GCE image type and its
implementation also contained the proper guest OS Features list for it.
However, when the worker got the osbuild job, it built it and tried to
fetch the guest OS Features for the distro. Since its implementation was
too old, it didn't contain the code that added the actual support for
c10s GCE images and got no guest OS features list (which is the default
for unsupported distros). The image was successfully uploaded and
shared, but it does not boot in GCP, because it does not know that it
should use UEFI to boot it.
This behavior could be considered a bug. The worker should be dumb. It
should not be making decisions about the image features, but instead it
should take them from the upload target options. And composer should be
the authoritative source of truth for this. Because otherwise, we
basically have two components that need to be updated in sync to add
support for GCE images on a new distro.
Move the GCE image guest OS features to the GCP upload target options.
The worker will just take what is specified there and use it when
importing the image to GCP. As a compatibility layer for the case when
the composer would be older than the worker (unlikely, but still),
worker will try to determine the image guest OS features in case the
list in the upload target options is empty.
Extend the GCP functional tests to check that the imported image has at
least some guest OS features set.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Enable testing of GCE image type on el10 / c10s. The el10 / c10s image
type temporarily uses cloud-init, because there are no GCP guest tools
for el10 / c10s yet and el9 version can't be installed. This implies
that we need to set the SSH key in the instance metadata and use SSH
directly.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The reason is that the key that we use to test the customization uses
SHA-1 in its signature. And this algorithm is no longer allowed by
default on el10 / c10s.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for RHSM customizations, which currently allow various
aspects of RHSM. Specifically enabling / disabling DNF plugins shipped
by subscription-manager package and setting a subset of options in the
rhsm.conf.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Add support for RPM customizations, which currently allow to import RPM
GPG key from a file installed in the image. This is e.g. done for the
Azure RHUI image type.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Do not schedule gcp.sh on rhel-10 and centos-stream-10. Also improve
loggin for aws.sh and azure.sh as the cloud-image-val testing is
currently not preformed there.
both are defined in CI, but the GOVC_ prefix doesn't match anything
else. Additionally this value is slightly different for vCenter8 and may
lead to failures if not unified.
The cleanup() function cats the httpd log and error file, but did not
use sudo, which failed on permissions. Fix that.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
The test case mistakenly takes into consideration also upstream repo
definitions with the 'no-aux-key' suffix, which are however never
installed by RPMs with this name.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
When cleaning up api tests, the build job results are dumped from the
database to store in build-result.txt and are printed to the runner log
at the same time. This makes it very difficult to read results as the
database dump prints very long lines that flood the job log. The result
isn't really readable (or useful) unless the file is downloaded
separately.
Silence the `tee` command so that the file is created but no output is
printed from the db dump.
The regex check is now not needed since we create other shared image metadata on the fly. Plus it was not a good solution for an upstream project, as the regex was only affecting our RH teams internally.
- Change the alias example at the top of the file to use RHEL 9 -> 9.4
instead of 8 -> 8.10 which is no longer true for the test.
- Fix some comment typos.
- Clean trailing whitespaces.
The test relies on the existence of the /etc/dnf/vars/releasever file
and the value it specifies. In SAP images, this file specifies the
locked release version for the system and it is written by the image
definition itself. This makes it a good candidate for ensuring we are
using the correct distro version when building the image.
However, RHEL 8.10 SAP images don't lock the distro version because 8.10
is the last minor version in the RHEL 8 cycle.
Let's override the alias for RHEL 8 to point to 8.8, which is a version
that should contain a releasever. The exact value we use isn't
important. What we are testing here is the mechanism for resolving
aliases.
for these 2 scripts we make cleanup() defined in the outer scope and
make sure that it executes on EXIT rather than RETURN which makes it
possible to stick the journalctl killing functionality inside of the
same function.
in many files there was a secondary call to `trap` for the sole purpose
of killing jornalctl (watching worker logs) so that GitLab CI doesn't
hang.
The issue with this is that sometimes the cleared the trap which invokes
the cleanup() function without reinstating it again (not everywhere).
Instead of doing this back-and-forth just make sure we don't leave any
journalctl processes dangling in the background!
NOTES:
- for some scripts, mainly ostree- ones there was no cleanup trap
present, but instead `trap` was configured inside the build_image() function.
The trouble is that this function is executed multiple times and
$WORKER_JOURNAL_PID changes value between these multiple executions.
That's why these scripts introduce the cleanup_on_exit() function where
we make sure to kill any possible dangling journalctl processes.
- The name `cleanup_on_exit()` is chosed because these same scripts
often have a helper function named clean_up() which is sometimes used to remove
virtual machines and other artifacts between calls of build_image().
The osbuild version should correspond to the version in the Schutzfile
for the old worker.
Furthermore the commits should be pulled from the rhel-9-cdn
repositories.
