Merge remote-tracking branch 'origin/master' into merge-branch

Change-Id: I05cc51c699008018d557ed3874d71af26fd60240

bin/dib-lint

@@ -85,10 +85,15 @@ for i in $(find $ELEMENTS_DIR -type f   \
             error "$i is not executable"
         fi
 
-        # Ensure 4 spaces indent are used
-        if [[ "$(file -b -k --mime-type $i)" =~ "text/x-python" ]]; then
+        # run flake8 over python files.  note our "dib-python"
+        # interpreter can confuse the magic matching being done in
+        # "file" and make it think the file is not python;
+        # special-case it.
+        if [[ "$(file -b -k --mime-type $i)" =~ "text/x-python" ]] || \
+               [[ $firstline =~ "dib-python" ]]; then
             flake8 $i || error "$i failed flake8"
         else
+            # Ensure 4 spaces indent are used
             if ! excluded indent ; then
                 indent_regex='^\( \{4\}\)* \{1,3\}[^ ]'
                 if grep -q "$indent_regex" ${i}; then

diskimage_builder/elements/architecture-emulation-binaries/extra-data.d/01-copy-binary

@@ -53,7 +53,7 @@ case "$ARCH" in
         qemu_binary_file="/usr/bin/qemu-arm-static"
         copy_binary $qemu_binary_file $ARCH
     ;;
-    "arm64")
+    "arm64" | "aarch64")
         qemu_binary_file="/usr/bin/qemu-aarch64-static"
         copy_binary $qemu_binary_file $ARCH
     ;;

diskimage_builder/elements/debian/element-deps

@@ -1 +1,2 @@
 debian-minimal
+openssh-server

diskimage_builder/elements/debian/package-installs.yaml

@@ -1,4 +1,3 @@
-openssh-server:
 file:
 less:
 kbd:

diskimage_builder/elements/dynamic-login/element-deps

@@ -1,3 +1,3 @@
 dib-init-system
 install-static
-package-installs
+openssh-server

diskimage_builder/elements/local-config/package-installs.yaml

@@ -1 +0,0 @@
-openssh-server:

diskimage_builder/elements/openssh-server/README.rst

@@ -0,0 +1,14 @@
+==============
+openssh-server
+==============
+This element ensures that openssh server is installed and enabled during boot.
+
+
+Note
+----
+Most cloud images come with the openssh server service installed and enabled
+during boot. However, certain cloud images, especially those created by the
+\*-minimal elements may not have it installed or enabled. In these cases,
+using this element may be helpful to ensure your image will accessible via SSH.
+It's usually helpful to combine this element with others such as the
+`runtime-ssh-host-keys`.

diskimage_builder/elements/openssh-server/element-deps

@@ -0,0 +1,3 @@
+dib-init-system
+package-installs
+runtime-ssh-host-keys

diskimage_builder/elements/openssh-server/pkg-map

@@ -0,0 +1,10 @@
+{
+  "family": {
+    "suse": {
+      "openssh-server": "openssh"
+    },
+    "gentoo": {
+      "openssh-server": "openssh"
+    }
+  }
+}

diskimage_builder/elements/openssh-server/post-install.d/80-enable-sshd-service

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+if [ "${DIB_DEBUG_TRACE:-0}" -gt 0 ]; then
+    set -x
+fi
+set -eu
+set -o pipefail
+
+case "$DIB_INIT_SYSTEM" in
+    upstart)
+        # nothing to do
+        exit 0
+        ;;
+    systemd)
+        if [[ $DISTRO_NAME = "ubuntu" || $DISTRO_NAME = "debian" ]]; then
+            systemctl enable ssh.service
+        else
+            systemctl enable sshd.service
+        fi
+        ;;
+    openrc)
+        # let dib-init-system's postinstall handle enabling init scripts
+        exit 0
+        ;;
+    *)
+        echo "Unsupported init system"
+        exit 1
+        ;;
+esac

diskimage_builder/elements/package-installs/bin/package-installs-v2

@@ -101,3 +101,8 @@ def main():
 
 if __name__ == '__main__':
     main()
+
+# Tell emacs to use python-mode
+# Local variables:
+# mode: python
+# End:

diskimage_builder/elements/posix/element-deps

@@ -1 +1 @@
-package-installs
+openssh-server

diskimage_builder/elements/rpm-distro/pre-install.d/01-override-yum-arch

@@ -18,6 +18,9 @@ elif [[ "$ARCH" = "ppc64" ]]; then
 elif [[ "$ARCH" = "ppc64el" ]]; then
     basearch=ppc64el
     arch=ppc64el
+elif [[ "$ARCH" = "aarch64" ]]; then
+    basearch=aarch64
+    arch=aarch64
 else
     echo "********************"
     echo "Unknown arch '$ARCH'"

diskimage_builder/elements/runtime-ssh-host-keys/static/usr/local/sbin/runtime-ssh-host-keys.sh

@@ -12,10 +12,9 @@
 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations
 # under the License.
-# dib-lint: disable=dibdebugtrace
+# dib-lint: disable=dibdebugtrace setpipefail
 
 set -exu
-set -o pipefail
 
 # We are running into race conditions with glean, which ssh-keygen -A is
 # not handling properly.  So, create a new script to first check if the
@@ -23,7 +22,7 @@ set -o pipefail
 
 for key in dsa ecdsa ed25519 rsa; do
     FILE=/etc/ssh/ssh_host_${key}_key
-    if ! [ -e $FILE ]; then
+    if ! [ -f $FILE ]; then
         /usr/bin/yes n | /usr/bin/ssh-keygen -f $FILE -N '' -t $key
     fi
 done

diskimage_builder/elements/yum-minimal/root.d/08-yum-chroot

@@ -242,7 +242,17 @@ else
     sudo -E chroot $TARGET_ROOT ${YUM} -y update
     sudo -E chroot $TARGET_ROOT ${YUM} -y \
         --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
-        install passwd findutils sudo util-linux-ng
+        install systemd passwd findutils sudo util-linux-ng
+
+    # This package is split out from systemd on >F24, dracut is
+    # missing the dependency and will fail to make an initrd without
+    # it; see
+    #  https://bugzilla.redhat.com/show_bug.cgi?id=1398505
+    if [ $DISTRO_NAME = "fedora" -a $DIB_RELEASE -ge 24 ]; then
+        sudo -E chroot $TARGET_ROOT ${YUM} -y \
+            --setopt=cachedir=/tmp/yum/$ARCH/$DIB_RELEASE \
+            install systemd-udev
+    fi
 
     # Put in a dummy /etc/resolv.conf over the temporary one we used
     # to bootstrap.  systemd has a bug/feature [1] that it will assume

diskimage_builder/lib/common-defaults

@@ -26,6 +26,8 @@ else
     "armv"*)
       _ARCH="armhf"
       ;;
+    "aarch64")
+      ;;
     *)
       echo "WARNING: Unknown architecture: $_ARCH"
       ;;

diskimage_builder/lib/common-functions

@@ -143,6 +143,10 @@ function eval_run_d () {
 }
 
 function kill_chroot_processes () {
+    local xtrace
+    xtrace=$(set +o | grep xtrace)
+    set +o xtrace
+
     if [ -z "${1}" ]; then
         echo "ERROR: no chroot directory specified"
         exit 1
@@ -157,6 +161,8 @@ function kill_chroot_processes () {
             sudo kill $pid
         fi
     done
+
+    $xtrace
 }
 
 function cleanup_build_dir () {

releasenotes/notes/openssh-server-0f6d065748a2fc18.yaml

@@ -0,0 +1,4 @@
+---
+features:
+  - New openssh-server element to ensure that the openssh
+    server is installed and enabled during boot.