-
Notifications
You must be signed in to change notification settings - Fork 20
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Feature: Allow running and testing the role with ostree managed nodes. Reason: We have users who want to use the role to manage ostree systems. Result: Users can use the role to manage ostree managed nodes. Signed-off-by: Rich Megginson <[email protected]>
- Loading branch information
Showing
15 changed files
with
261 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
*NOTE*: The `*.txt` files are used by `get_ostree_data.sh` to create the lists | ||
of packages, and to find other system roles used by this role. DO NOT use them | ||
directly. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,123 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
role_collection_dir="${ROLE_COLLECTION_DIR:-fedora/linux_system_roles}" | ||
ostree_dir="${OSTREE_DIR:-"$(dirname "$(realpath "$0")")"}" | ||
|
||
if [ -z "${4:-}" ] || [ "${1:-}" = help ] || [ "${1:-}" = -h ]; then | ||
cat <<EOF | ||
Usage: $0 packages [runtime|testing] DISTRO-MAJOR[.MINOR] [json|yaml|raw|toml] | ||
The script will use the packages and roles files in $ostree_dir to | ||
construct the list of packages needed to build the ostree image. The script | ||
will output the list of packages in the given format | ||
- json is a JSON list like ["pkg1","pkg2",....,"pkgN"] | ||
- yaml is the YAML list format | ||
- raw is the list of packages, one per line | ||
- toml is a list of [[packages]] elements as in https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/composing_installing_and_managing_rhel_for_edge_images/index#creating-an-image-builder-blueprint-for-a-rhel-for-edge-image-using-the-command-line-interface_composing-a-rhel-for-edge-image-using-image-builder-command-line | ||
The DISTRO-MAJOR.MINOR is the same format used by Ansible for distribution e.g. CentOS-8, RedHat-8.9, etc. | ||
EOF | ||
exit 1 | ||
fi | ||
category="$1" | ||
pkgtype="$2" | ||
distro_ver="$3" | ||
format="$4" | ||
pkgtypes=("$pkgtype") | ||
if [ "$pkgtype" = testing ]; then | ||
pkgtypes+=(runtime) | ||
fi | ||
|
||
get_rolepath() { | ||
local ostree_dir role rolesdir roles_parent_dir | ||
ostree_dir="$1" | ||
role="$2" | ||
roles_parent_dir="$(dirname "$(dirname "$ostree_dir")")" | ||
rolesdir="$roles_parent_dir/$role/.ostree" | ||
# assumes collection format | ||
if [ -d "$rolesdir" ]; then | ||
echo "$rolesdir" | ||
return 0 | ||
fi | ||
# assumes legacy role format like linux-system-roles.$role/ | ||
for rolesdir in "$roles_parent_dir"/*-system-roles."$role"/.ostree; do | ||
if [ -d "$rolesdir" ]; then | ||
echo "$rolesdir" | ||
return 0 | ||
fi | ||
done | ||
# look elsewhere | ||
if [ -n "${ANSIBLE_COLLECTIONS_PATHS:-}" ]; then | ||
for pth in ${ANSIBLE_COLLECTIONS_PATHS//:/ }; do | ||
rolesdir="$pth/ansible_collections/$role_collection_dir/roles/$role/.ostree" | ||
if [ -d "$rolesdir" ]; then | ||
echo "$rolesdir" | ||
return 0 | ||
fi | ||
done | ||
fi | ||
return 1 | ||
} | ||
|
||
get_packages() { | ||
local ostree_dir pkgtype pkgfile rolefile | ||
ostree_dir="$1" | ||
for pkgtype in "${pkgtypes[@]}"; do | ||
for suff in "" "-$distro" "-${distro}-${major_ver}" "-${distro}-${ver}"; do | ||
pkgfile="$ostree_dir/packages-${pkgtype}${suff}.txt" | ||
if [ -f "$pkgfile" ]; then | ||
cat "$pkgfile" | ||
fi | ||
done | ||
rolefile="$ostree_dir/roles-${pkgtype}.txt" | ||
if [ -f "$rolefile" ]; then | ||
local roles role rolepath | ||
roles="$(cat "$rolefile")" | ||
for role in $roles; do | ||
rolepath="$(get_rolepath "$ostree_dir" "$role")" | ||
get_packages "$rolepath" | ||
done | ||
fi | ||
done | sort -u | ||
} | ||
|
||
format_packages_json() { | ||
local comma pkgs pkg | ||
comma="" | ||
pkgs="[" | ||
while read -r pkg; do | ||
pkgs="${pkgs}${comma}\"${pkg}\"" | ||
comma=, | ||
done | ||
pkgs="${pkgs}]" | ||
echo "$pkgs" | ||
} | ||
|
||
format_packages_raw() { | ||
cat | ||
} | ||
|
||
format_packages_yaml() { | ||
while read -r pkg; do | ||
echo "- $pkg" | ||
done | ||
} | ||
|
||
format_packages_toml() { | ||
while read -r pkg; do | ||
echo "[[packages]]" | ||
echo "name = \"$pkg\"" | ||
echo "version = \"*\"" | ||
done | ||
} | ||
|
||
distro="${distro_ver%%-*}" | ||
ver="${distro_ver##*-}" | ||
if [[ "$ver" =~ ^([0-9]*) ]]; then | ||
major_ver="${BASH_REMATCH[1]}" | ||
else | ||
echo ERROR: cannot parse major version number from version "$ver" | ||
exit 1 | ||
fi | ||
|
||
"get_$category" "$ostree_dir" | "format_${category}_$format" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
postfix |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
firewall | ||
selinux |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
roles/postfix/.ostree/get_ostree_data.sh shebang!skip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
roles/postfix/.ostree/get_ostree_data.sh shebang!skip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
roles/postfix/.ostree/get_ostree_data.sh shebang!skip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
roles/postfix/.ostree/get_ostree_data.sh shebang!skip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
roles/postfix/.ostree/get_ostree_data.sh shebang!skip |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# rpm-ostree | ||
|
||
The role supports running on [rpm-ostree](https://coreos.github.io/rpm-ostree/) | ||
systems. The primary issue is that the `/usr` filesystem is read-only, and the | ||
role cannot install packages. Instead, it will just verify that the necessary | ||
packages and any other `/usr` files are pre-installed. The role will change the | ||
package manager to one that is compatible with `rpm-ostree` systems. | ||
|
||
## Building | ||
|
||
To build an ostree image for a particular operating system distribution and | ||
version, use the script `.ostree/get_ostree_data.sh` to get the list of | ||
packages. If the role uses other system roles, then the script will include the | ||
packages for the other roles in the list it outputs. The list of packages will | ||
be sorted in alphanumeric order. | ||
|
||
Usage: | ||
|
||
```bash | ||
.ostree/get_ostree_data.sh packages runtime DISTRO-VERSION FORMAT | ||
``` | ||
|
||
`DISTRO-VERSION` is in the format that Ansible uses for `ansible_distribution` | ||
and `ansible_distribution_version` - for example, `Fedora-38`, `CentOS-8`, | ||
`RedHat-9.4` | ||
|
||
`FORMAT` is one of `toml`, `json`, `yaml`, `raw` | ||
|
||
* `toml` - each package in a TOML `[[packages]]` element | ||
|
||
```toml | ||
[[packages]] | ||
name = "package-a" | ||
version = "*" | ||
[[packages]] | ||
name = "package-b" | ||
version = "*" | ||
... | ||
``` | ||
|
||
* `yaml` - a YAML list of packages | ||
|
||
```yaml | ||
- package-a | ||
- package-b | ||
... | ||
``` | ||
|
||
* `json` - a JSON list of packages | ||
|
||
```json | ||
["package-a","package-b",...] | ||
``` | ||
|
||
* `raw` - a plain text list of packages, one per line | ||
|
||
```bash | ||
package-a | ||
package-b | ||
... | ||
``` | ||
|
||
What format you choose depends on which image builder you are using. For | ||
example, if you are using something based on | ||
[osbuild-composer](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/composing_installing_and_managing_rhel_for_edge_images/index#creating-an-image-builder-blueprint-for-a-rhel-for-edge-image-using-the-command-line-interface_composing-a-rhel-for-edge-image-using-image-builder-command-line), | ||
you will probably want to use the `toml` output format. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,7 +20,9 @@ If the `postfix` is a role from the `fedora.linux_system_roles` | |
collection or from the Fedora RPM package, the requirement is already | ||
satisfied. | ||
|
||
Otherwise, please run the following command line to install the collection. | ||
The role requires additional collections to manage `rpm-ostree` systems. | ||
If you need to manage `rpm-ostree` systems, run the below command to | ||
install the collections. | ||
|
||
```bash | ||
ansible-galaxy collection install -r meta/collection-requirements.yml | ||
|
@@ -48,6 +50,10 @@ package and replaces the existing `/etc/postfix/main.cf` and | |
`/etc/postfix/master.cf` files. <!--- wokeignore:rule=master --> | ||
Ensure to back up those files to preserve your settings. | ||
|
||
**WARNING**: When managing `rpm-ostree` systems, the role cannot reinstall the | ||
postfix package, so it just replaces the modified config files with empty files. | ||
This is not idempotent. | ||
|
||
If you specify only `previous: replaced` under the `postfix_conf` dictionary, | ||
the role re-installs the `postfix` package and enables the `postfix` service | ||
without applying any configuration. | ||
|
@@ -191,6 +197,10 @@ set to true `postfix_backup` is ignored): | |
- linux-system-roles.postfix | ||
``` | ||
|
||
## rpm-ostree | ||
|
||
See README-ostree.md | ||
|
||
## License | ||
|
||
Copyright (C) 2017 Jaroslav Škarvada <[email protected]> | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,6 @@ | ||
# SPDX-License-Identifier: MIT | ||
--- | ||
collections: | ||
- ansible.posix | ||
- ansible.utils | ||
- fedora.linux_system_roles |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters