particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/tools
History
Tomas Hozza a4b0efb278 provision.sh: add none authentication method for on-premise scenario 
`tools/provision.sh` is provisioning SUT always in the same way for
both, the Service scenario and the on-premise scenario. While this is
not causing any issues, it does not realistically represent how we
expect osbuild-composer and worker to be used in these scenarios.

The script currently supports the following authentication options:
- `none`
  - Intended for the on-premise scenario with Weldr API.
  - NO certificates are generated.
  - NO osbuild-composer configuration file is created.
  - NO osbuild-worker configuration file is created. This means that no
    cloud provider credentials are configured directly in the worker.
  - Only the local worker is started and used.
  - Only the Weldr API socker is started.
  - Appropriate repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
- `jwt`
  - Intended for the Service scenario with Cloud API.
  - Should be the only method supported in the Service scenario in the
    future.
  - Certificates are generated and copied to `/etc/osbuild-composer`.
  - osbuild-composer configuration file is created and configured for
    JWT authentication.
  - osbuild-worker configuration file is created, configured for JWT
    authentication and with appropriate cloud provider credentials.
  - Local worker unit is masked. Only the remote worker is used (the
    socket is started and one remote-worker instance is created).
  - Only the Cloud API socket is started (Weldr API socket is stopped).
  - NO repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
- `tls`
  - Intended for the Service scenario with Cloud API.
  - Should eventually go away.
  - Certificates are generated and copied to `/etc/osbuild-composer`.
  - osbuild-composer configuration file is created and configured for
    TLS client cert authentication.
  - osbuild-worker configuration file is created, configured for TLS
    authentication and with appropriate cloud provider credentials.
  - Services and sockets are started as they used to be originally:
    - Both local and remote worker sockets are started.
    - Both Weldr and Cloud API sockets are started.
    - Only the local worker unit will be started automatically.
  - NO repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
2022-08-04 11:55:43 +02:00
..
appsre-ansible tools/appsre-ansible: Explicitly specific mock config 2022-02-09 18:33:14 +01:00
deploy/test generate-all-test-cases: use SSH keys instead of password for VMs 2021-09-22 09:12:57 +02:00
test-case-generators Add fedora-36.json repo definitions 2022-07-21 12:19:38 +03:00
appsre-build-deploy.sh osbuild-service-maintenance: Clean up expired images 2021-12-03 00:14:09 +00:00
appsre-build-worker-packer.sh packer: use 8.6 as a base for RHEL images 2022-07-05 11:54:12 +02:00
define-compose-url.sh tools/define-compose-url: change url back to nightly 2022-04-04 12:11:59 +02:00
deploy-openstack tools: improve deploy-openstack script 2021-09-22 12:24:08 +01:00
deploy-qemu tools/deploy-qemu: use sys.exit instead of exit 2021-06-22 14:45:54 +02:00
gen-certs.sh tools: Add internal container names to certs 2021-01-30 13:20:11 +00:00
gen-ssh.sh test: Replace hard coded ssh keys on some test 2021-07-29 09:38:03 +03:00
gen-user-data Return error when write_files exists in cloud-init (#1644) 2021-08-20 22:24:38 +02:00
generic_s3_https_test.sh Upload to HTTPS S3 - Support self signed certificate 2022-05-26 13:46:00 +03:00
generic_s3_test.sh tools/generic_s3: remove unused condition 2022-07-01 13:00:52 +03:00
image-info image-info: add ability to read container images 2022-07-21 13:32:07 +02:00
koji-compose.py tools/koji-compose.py: test with pylint and fix found issues 2022-08-04 11:55:43 +02:00
libvirt_test.sh ci/tests: Change the way artifacts are collected 2022-07-18 11:33:57 +03:00
prepare-source.sh bump the minimum Go version to 1.16 2022-01-12 11:35:06 +01:00
provision.sh provision.sh: add none authentication method for on-premise scenario 2022-08-04 11:55:43 +02:00
rpm_spec_add_provides_bundle.sh Fedora - Use vendor instead of rpm dependencies 2022-06-23 18:02:09 +02:00
run-koji-container.sh tools: move to new utility-container builds 2021-02-23 09:47:17 +01:00
run-mock-auth-servers.sh test: extract common JTW code from the multi-tenancy.sh test 2022-08-04 11:55:43 +02:00
s3_test.sh ci/tests: Change the way artifacts are collected 2022-07-18 11:33:57 +03:00
set-env-variables.sh test: use hyphen in DISTRO_CODE instead of underscore 2021-09-24 17:03:53 +02:00
update-distgit.py docs: document the release process 2021-07-14 12:11:35 +02:00