These changes enable the use of weldr-client with the test and also
there was a need to change the vm.create command a little bit. Without
the increased CPU and RAM RHEL-9 would not boot and a network adapter
had to be specified to use a newer one because the default one does not
work with RHEL-9.
the prepare-rhel-internal.sh script should be executed on a single
runner and it will loop through all architectures to prepare the
necessary definitions inside .json and .repo files. The resulting
osbuild-composer-tests repository is not multi-arch, containing all
versions of osbuild-composer-tests.rpm downloaded from Brew.
This is needed because jobs from subsequent stages will download
artifacts (.json & .repo files) from the prepare job but there's no
mechanism to control this easily. As a result artifacts are downloaded
from all of the prepare jobs and they overwrite themselves resulting in
test systems being configured with repo files for different CPU
architecture which leads to dnf errors.
2 configurations for the listeners are now possible:
- enableJWT=false with client ssl auth
- enableJWT=true with https
Actual verification of the tokens is handled by
https://github.com/openshift-online/ocm-sdk-go.
An authentication handler is run as the top level handler, before any
routing is done. Routes which do not require authentication should be
listed as exceptions.
Authentication can be restricted using an ACL file which allows
filtering based on JWT claims. For more information see the inline
comments in ocm-sdk/authentication.
As an added quirk the `-v` flag for the osbuild-composer executable was
changed to `-verbose` to avoid flag collision with glog which declares
the `-v` flag in the package `init()` function. The ocm-sdk depends on
glog and pulls it in.
The 'google-cloud-sdk' RPM built by Google for RHEL, which provides
the 'gcloud' command, is built only with Python 2. Since Python 2.7
is already EOL in upstream and not available in CentOS Stream 9, we
can not use 'gcloud' from the 'google-cloud-sdk' RPM.
The 'awscli' is not available in RHEL-9 repositories.
The Azure CLI 'az' available in official upstream repositories has
broken dependencies on RHEL-9 and can not be successfully installed. To
workaround the issue, run the tool from the official container image
provided by Microsoft.
Use the `quay.io/osbuild/cloud-tools` F34-based container image instead
of locally installed cloud CLI tools.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
The RHEL-8.5 and RHEL-9.0 `ami` images are now based on the official
RHEL EC2 images. As a result, they use a different default user -
`ec2-user`.
Fix the `api.sh` test case to use the correct user when testing RHEL-9
`ami` images.
Fix#1632
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Move the ostree repository and the tar image to the root of the
boot iso. This has several advantages: we do no longer have to
correctly guess the size of the anaconda image. Also we do not
need to compress the payload within the squashfs.
Update the image installer's test data. NB: the changes to the
package list were introduced earlier and should mostly affect
the build pipeline. Should have caught is in the corresponding
change, but was apparently not picked up by CI.
Add an argument to `dracutStageOptions` so that additional dracut
modules can be supplied. Remove `anaconda` from the list of mods
that are included by default, and manually include it for the
anaconda based installer.
Co-Developed-by: Achilleas Koutsou <achilleas@koutsou.net>
Co-Developed-by: Antonio Murdaca <runcom@linux.com>
Update the first blueprint to use "normal" kernel instead of to
use "rt" kernel. Then upgrade to "rt" kernel.
To work with this bug fix, we need osbuild fix and have to pin to
osbuild latest commit.
The customizations.user is removed from upgrade blueprint to work
with this bug fix. But it's for RHEL 8.5 only.
Change the x86_64-specific dracut configuration of RHEL-8.5 and RHEL-9.0
EC2 and AMI images to not include `xen-netfront` driver and add `nvme`
driver, which was previously not included. Since the configuration is no
longer Xen-specific, rename the configuration file to `ec2.conf`.
Justification:
There is no reason to put `xen-netfront` to initramfs as EC2 images don't
boot from network root. In addition, add `nvme` driver to handle the case
when initramfs is getting forcefully rebuild on a Xen instance (and not able
to boot on Nitro after that).
Related to https://issues.redhat.com/browse/COMPOSER-1096.
Signed-off-by: Tomas Hozza <thozza@redhat.com>
Feodra 34 and thus RHEL 9 switched to a unified grub configuration,
which means that the main grub config is always located in the same
location, /boot/grub2/grub.cfg.[1] osbuild has used this scheme for
hybrid boot on x64 but not on pure efi systems like aarch64. The
new osbuild option `uefi.unified` was introduced to select that new
unified grug cfg scheme also for those, pure efi, systems. Use that.
[1] https://fedoraproject.org/wiki/Changes/UnifyGrubConfig
Use TEST_ID for any resources created in Azure. Also create all
necessary vm network resources in advance to have predictable names
using TEST_ID as well.
RHEL 9.0 isn't yet in .gitlab-ci.yml so this actually doesn't change in test
runs but it should make enabling of the tests easier.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
