diff --git a/ci-operator/step-registry/ipi/conf/aws/proxy/ipi-conf-aws-proxy-commands.sh b/ci-operator/step-registry/ipi/conf/aws/proxy/ipi-conf-aws-proxy-commands.sh index b32748745a092..211d8ac6b3d41 100644 --- a/ci-operator/step-registry/ipi/conf/aws/proxy/ipi-conf-aws-proxy-commands.sh +++ b/ci-operator/step-registry/ipi/conf/aws/proxy/ipi-conf-aws-proxy-commands.sh @@ -74,24 +74,6 @@ cat > /tmp/proxy.ign << EOF "mode": 420 } ] - }, - "systemd": { - "units": [ - { - "contents": "[Service]\n\nExecStart=bash /etc/squid.sh\n\n[Install]\nWantedBy=multi-user.target\n", - "enabled": true, - "name": "squid.service" - }, - { - "dropins": [ - { - "contents": "[Service]\nExecStart=\nExecStart=/usr/lib/systemd/systemd-journal-gatewayd \\\n --key=/opt/openshift/tls/journal-gatewayd.key \\\n --cert=/opt/openshift/tls/journal-gatewayd.crt \\\n --trust=/opt/openshift/tls/root-ca.crt\n", - "name": "certs.conf" - } - ], - "name": "systemd-journal-gatewayd.service" - } - ] } } EOF @@ -308,6 +290,9 @@ EOF # define squid.sh SQUID_SH="$(base64 -w0 << EOF #!/bin/bash + +set -x + podman run --entrypoint='["bash", "/squid/proxy.sh"]' --expose=3128 --net host --volume /etc/squid:/squid:Z ${PROXY_IMAGE} EOF )" @@ -326,6 +311,7 @@ squid -N -f /squid/squid.conf EOF )" +# no-op # create ignition entries for certs and script to start squid and systemd unit entry # create the proxy stack and then get its IP @@ -385,3 +371,5 @@ proxy: httpsProxy: ${PROXY_URL} httpProxy: ${PROXY_URL} EOF + +echo "using ignition: $(cat /tmp/proxy.ign)" \ No newline at end of file diff --git a/ci-operator/step-registry/ipi/deprovision/proxy/ipi-deprovision-proxy-commands.sh b/ci-operator/step-registry/ipi/deprovision/proxy/ipi-deprovision-proxy-commands.sh index 9b9d63cfd5413..5d398ebdaebd6 100644 --- a/ci-operator/step-registry/ipi/deprovision/proxy/ipi-deprovision-proxy-commands.sh +++ b/ci-operator/step-registry/ipi/deprovision/proxy/ipi-deprovision-proxy-commands.sh @@ -3,6 +3,8 @@ set -o nounset set -o errexit set -o pipefail +set -x + trap 'CHILDREN=$(jobs -p); if test -n "${CHILDREN}"; then kill ${CHILDREN} && wait; fi' TERM export AWS_SHARED_CREDENTIALS_FILE="${CLUSTER_PROFILE_DIR}/.awscred"