Commit graph

3306 commits

Author SHA1 Message Date
Noam Angel
f1369a1add Set manifest permissions in the image
This is a follow-on to 57ef187632.

There's two things going on here; DIB_MANIFEST_IMAGE_DIR is *outside*
the chroot on the build host.  We copy the files here for posterity, I
guess.  MANIFEST_IMAGE_PATH is *inside* the chroot and are the files
we want to ensure are locked to root.

The prior change modified the permissions on DIB_MANIFEST_IMAGE_DIR.
So the first time you build, it works -- then the second time,
assuming you're using the same output filename, it hits the root-owned
manifest directories and causes a build failure.

I have built with this and checked that the manifest files in the
image are locked to root:

 $ virt-ls -a ./test.qcow2 -l /etc/dib-manifests
 total 32
 drwxr-xr-x  2 0 0  4096 May 24 03:39 .
 drwxr-xr-x 53 0 0  4096 May 24 03:39 ..
 -rw-------  1 0 0 15236 May 24 03:39 dib-manifest-dpkg-test
 -rw-------  1 0 0    35 May 24 03:39 dib_arguments
 -rw-------  1 0 0   137 May 24 03:39 dib_environment

Related-Bug: #1671842
Change-Id: I08319d0b5fcc461d40fe0be8427dcf0e37ad21e6
2017-05-24 15:20:55 +10:00
Jenkins
57c40a2ac4 Merge "Add dracut-regenerate elements" 2017-05-23 07:35:51 +00:00
Angel Noam
ba4f72f4f0 dhcp-all-interfaces.sh - Add support for InfiniBand interface DHCP
Change-Id: Ic2a9e2909a8086903257d43fbda97694baa339b4
2017-05-22 07:48:32 +00:00
Ian Wienand
bc58b5c515 Move parts of Partition creation into object
Move Partition() object creation into the actual Partition object,
rather than having the logic within the Partitioning() object

Change-Id: I833ed419a0fca38181a9e2db28e5af87500d8ba4
2017-05-20 06:44:39 +00:00
Ian Wienand
d013496ba0 Split partition into it's own file
Split Partition() into it's own file for clarity.  This will be
followed-on by less dependence between Partitions and Partition

Change-Id: I860f6a1787c0e4fe99f93919ac37cf7d80bfaae9
2017-05-20 06:44:39 +00:00
Ian Wienand
4e08765f87 Move exception to it's own file (again)
Moving the exception didn't cause problems in
I925ed62bdc808f0e07862f6e0905e80b50fbe942, but in later changes where
we split blockdevice.py up a bit more, we can get a bit tangled with
circular imports.

Change-Id: I8297483f64c4e1deecd5ec88ee40e9198bb83589
2017-05-20 06:44:39 +00:00
Andreas Florath
45272343c5 Add weights to digraph
Because in some cases (e.g. partitioning) the order is needed,
add weights to the digraph to get an (somewhat) stable
topological sort.

Change-Id: I5ef1acc6338ac93c593faa0eafe26cbed42ed887
Signed-off-by: Andreas Florath <andreas@florath.net>
2017-05-20 06:42:48 +00:00
Ian Wienand
9eb71a1fe0 Switch debian to deb.debian.org
Per [1] this is the "official" CDN mirror, which I think is the most
appropriate for the default.  I think this addresses the concerns
httpredir service, which I don't think ever quite got out of beta.

[1] https://wiki.debian.org/DebianGeoMirror

Change-Id: I55f2a00b8bbb0f0a20d3be229e4c2c32a7b69057
2017-05-19 20:10:40 +00:00
Jesse Keating
84d10dce57 Remove use of 'which'.
Instead, either use the bash built-in of type to ensure it exists. Since
which is an external dep, things can fail oddly in a constrained
environment.

Also add a dib-lint test for this.

Change-Id: I645029f5b5bfe1198c89ce10fd3246be8636e8af
Signed-off-by: Jesse Keating <omgjlk@us.ibm.com>
2017-05-19 12:43:36 -07:00
Yolanda Robla
f23ea63341 Add dracut-regenerate elements
This new element will allow to regenerate dracut
on the produced images, to enable different modules. It
relies on a yaml blob to specify modules and packages
needed. It defaults to installing lvm and crypt.

Change-Id: I292fb70cde41ee6053b7b81a67931bcdaaa6d664
2017-05-19 09:43:11 +02:00
Jenkins
94ab9e2e7e Merge "Set manifests to mode 600 and owner root" 2017-05-18 08:37:05 +00:00
Jenkins
ca04348393 Merge "Remove _config_error thrower" 2017-05-18 02:37:53 +00:00
Ian Wienand
b91207ae47 Remove _config_error thrower
"log and throw" is arguably an anti-pattern; the error message either
bubles-up into the exception, or the handler figures it out.  We have
an example where this logs, and then the handler in blockdevice.py
catches it and logs it again.

Less layers is better; just raise the exception, and use log.exception
to get tracebacks where handled.

Change-Id: I8efd94fbe52a3911253753f447afdb7565849185
2017-05-18 10:37:56 +10:00
Jenkins
812563f90c Merge "Remove PluginBase/NodePluginBase class" 2017-05-18 00:24:33 +00:00
Gregory Haynes
57ef187632 Set manifests to mode 600 and owner root
Manifests files can release sensitive information and therefore should
have restrictive permissions.

Change-Id: I64d6c830217a7d8b0172df2dc774079dcd1e2a68
Related-Bug: #1671842
2017-05-18 10:10:15 +10:00
Jenkins
c54e9fddfa Merge "Use fakelogger in test_blockdevice_mbr" 2017-05-17 23:59:18 +00:00
Jenkins
340738fb86 Merge "Only unmount directories that are mounted" 2017-05-17 17:32:11 +00:00
Ian Wienand
08e8471360 Use fakelogger in test_blockdevice_mbr
Capture logging instead of putting it on stdout

Change-Id: Ic0c9f25549a1984fecf8e912e5b14845e2363730
2017-05-17 18:49:12 +10:00
Ian Wienand
2d2b2725bd Remove PluginBase/NodePluginBase class
A majority of the "plugins" aren't implementing the plugin class.
Clearly we need some refactoring of the ideas here.  Remove for
simplicity.

Change-Id: If399a371b171f4fd17cfa5856fe55daca4c86e60
2017-05-17 09:03:42 +02:00
Yolanda Robla
5b305ffa7b Only unmount directories that are mounted
To avoid failures with double unmount, skip unmounting
the mountpoints that are managed by block device.

Change-Id: I228779eb9bf544a27a53e5017c87573023fd375a
2017-05-17 08:37:25 +02:00
OpenStack Proposal Bot
7cfc20eabc Updated from global requirements
Change-Id: Idac484e11d270b3dc2a4b4d97820f105270a7eaa
2017-05-17 03:47:03 +00:00
Jenkins
1c0a5d995a Merge "Apply setfiles on all mountpoints" 2017-05-16 08:10:25 +00:00
Yolanda Robla
6d0b9abc0f Apply setfiles on all mountpoints
With new block device definition, where content of the image
can be mounted on different partitions, is not enough with
executing setfiles on root directory. Instead of that, expose
all the mountpoints on the image, and apply setfiles on them.

Change-Id: I153f979722eaec49eab93d7cd398c5589b9bfc44
2017-05-16 07:51:48 +02:00
OpenStack Proposal Bot
72117965df Updated from global requirements
Change-Id: I27d0dbbc14a3d673d9449d0ed8a6f0c52e10257d
2017-05-15 00:42:53 +00:00
Andreas Florath
e4e23897a1 Refactor: block-device filesystem creation, mount and fstab
This patch finalizes the block device refactoring.  It moves the three
remaining levels (filesystem creation, mount and fstab handling) into
the new python module.

Now it is possible to use any number of disk images, any number of
partitions and used them mounted to different directories.

Notes:

 * unmount_dir : modified to only unmount the subdirs mounted by
   mount_proc_sys_dev().  dib-block-device unmounts
   $TMP_MOUNT_PATH/mnt (see I85e01f3898d3c043071de5fad82307cb091a64a9)

Change-Id: I592c0b1329409307197460cfa8fd69798013f1f8
Signed-off-by: Andreas Florath <andreas@florath.net>
Closes-Bug: #1664924
2017-05-12 13:52:02 +02:00
Ian Wienand
b9c065de28 Remove args from BlockDevice() init
The args agument was only used to find the symbol for the getval
command.  Have the command pass the symbol to find in directly.  We
can therefore remove the args paramater to the BlockDevice() creation.

Change-Id: I8e357131b70a00e4a2c4792c009f6058d1d5ae9e
2017-05-12 09:36:23 +10:00
Ian Wienand
c74ba2fe74 Move to subparsers
Move argument parsing to subparsers, rather than positional arguments.
This better reflects the tool's role as a driver and allows
sub-commands to deal with arguments in a natural way.

Change-Id: Iae8c368e0f3fe47abfddb9e0a1558bd5b3423aee
2017-05-11 21:03:33 +10:00
Jenkins
b39b5cb5a5 Merge "Clear __init__.py from cmd move" 2017-05-11 10:35:22 +00:00
Ian Wienand
f76d68020b Clear __init__.py from cmd move
I accidentally dropped the clearing of this file when it moved to
cmd.py during rebase of I1919f6e865acae14ee95cd025c9c7b75ca266a9c

Change-Id: Ibe9fcde594770cb51c732cc253987308dc038083
2017-05-11 18:52:14 +10:00
Ian Wienand
0368052a2f Take --params from environment
DIB_BLOCK_DEVICE_PARAMS_YAML should be exported, and the
dib-block-device will take this as the value of --params.  Remove this
to simplify the command-line

Change-Id: I6764ed223ecd36f9d24e19f164b6a927380b410f
2017-05-11 17:36:51 +10:00
Ian Wienand
ff5b30db8a Create BlockDeviceCmd object
This creates a BlockDeviceCmd object to hold the main() function.
This doesn't really do anything different right now, but sets a base
for using argparse subparsers to handle the command-line

Change-Id: I4acf95ff4d554a3b4e7e2244ab1706631b98458f
2017-05-11 15:48:47 +10:00
Ian Wienand
a06c610a8c Move YAML parsing into cmd.py; default to env
This moves the YAML parameter parsing into the command-line driver.
It makes the argument optional so it can be taken from the environment
variable directly.  The parsed YAML is passed to the BlockDevice
object.

Change-Id: I6fa5e5b7d1fccfc7cf47d6e4a1fa6e560734680d
2017-05-11 15:22:41 +10:00
Ian Wienand
a9d8e51ec2 Move dib-block-device implementation into cmd.py
Move the command-line driver components into cmd.py.  No functional
change.

Change-Id: I1919f6e865acae14ee95cd025c9c7b75ca266a9c
2017-05-11 15:22:41 +10:00
Ian Wienand
47140293b6 Move blockdevicesetupexception.py into blockdevice.py
Less is more when it comes to code :)

Change-Id: I925ed62bdc808f0e07862f6e0905e80b50fbe942
2017-05-11 15:22:41 +10:00
Jenkins
fae8484e6b Merge "block_device: reorder imports" 2017-05-11 04:53:40 +00:00
Jenkins
bd7d7b052a Merge "Remove unused val_else_none" 2017-05-11 03:24:35 +00:00
Ian Wienand
9a8184ab4c Remove unused val_else_none
This function is unused

Change-Id: I8fe3e5452b95a639618a37a02f34b5b9f63ca43a
2017-05-11 11:53:08 +10:00
Ian Wienand
2a185ec6b6 block_device: reorder imports
Reorder imports to hacking standard (stdlib, third-party, project) [1]

[1] https://docs.openstack.org/developer/hacking/#import-order-template

Change-Id: I4aa73321e1e796ef6b8b079e42f90bf5c75388fe
2017-05-11 10:38:55 +10:00
Ian Wienand
0d8c4270c0 exec_sudo: check cmd for str, log output and raise exception
To avoid any confusion, commands passed to exec_sudo() should be a
list of "str"s.  Log a message if we see unicode issues.

This also adds a debug trace of all output.  stderr is captured.

This is modified to raise CalledProcessError on failure, like
check_call().  Calls that are ok to fail will need to explicitly catch
and ignore this.

The two calls that we expect to fail are wrapped

We wish to try rolling back if one of these command raises an
exception.  Modify the create handler to initiate rollback on all
exceptions.

Change-Id: Iee4fa41ffaf243e4728bf3a5eeec5c8fa8d2dadc
2017-05-11 09:45:25 +10:00
Ian Wienand
6f90daca7f Use check_output
The await function is essentially a non-standard check_output call.
Let's use standard calls to increase maintainability.

Change-Id: I2c25e1cd7122791fcaa86b46bd801e661471bc9e
2017-05-09 15:49:39 +10:00
Yolanda Robla
59a1fc6546 Add sort_mount_point method
As this method can be introduced without any dependency,
provide it on an independent change to simplify reviews.
This is a partial refactor based on
I592c0b1329409307197460cfa8fd69798013f1f8

Change-Id: Idaf3d2b3b3e23d0b9d6bc071d67b961a829ae422
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-05 17:29:53 +00:00
Yolanda Robla
c3dda92b67 Refactor documentation on image creation
Add the bits of documentation that talk about image creation
at the scope of level 1.
This is a partial refactor of change
I592c0b1329409307197460cfa8fd69798013f1f8

Change-Id: I2619c9ebf3ecfeea67fe9063a169d8324d7ffdf2
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-05 17:29:42 +00:00
Yolanda Robla
fb70a49ba2 Add a test to validate we can build debian vms
This is a partial refactor from change
I592c0b1329409307197460cfa8fd69798013f1f8

Change-Id: I8822e68e41c4ebd47eea9ffed4557efc130a7bf7
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-05 19:17:39 +02:00
Yolanda Robla
9b75eda51a Introduce exec_sudo command
Add a new method in the block device library called
exec_sudo, so it can be reused.

This is a partial refactor of change
I592c0b1329409307197460cfa8fd69798013f1f8

Change-Id: Id621f6d029e1275a35c4fd3f19b57c8518076134
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-05 16:11:41 +02:00
Adam Harwell
196b44f38a Fix py3 error in block-device
This is breaking the octavia py3 gates.
Introduced by: I7aa4fe0466e44846d8fa3194575d446fe4b5b2e6

Change-Id: I3d86482a2999197a60a81d42afc5ef7a6e71e313
2017-05-04 15:55:22 -07:00
Yolanda Robla
e21935626b Refactor block-device base functions.
As part of the final steps, refactor the bits belonging
to block device and functions. This is a partial refactor
from I3600c6a3d663c697b59d91bd3fbb5e408af345e4

Change-Id: I7aa4fe0466e44846d8fa3194575d446fe4b5b2e6
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-04 19:54:18 +00:00
Jenkins
02d4f667ff Merge "Add refactor of tree-like vs graph" 2017-05-04 18:51:14 +00:00
Jenkins
20ec14c996 Merge "Add bzip2 to test install" 2017-05-04 06:29:40 +00:00
Ian Wienand
d129a9d19a Add bzip2 to test install
I think this has gone missing on test nodes during unpuppeting.  Add,
as the gentoo job grabs some bz2 tarballs for extraction.

Change-Id: Icb82930702124f7bf112b03a469d90d4163d398b
2017-05-04 14:59:14 +10:00
Yolanda Robla
08c36e4bf8 Add refactor of tree-like vs graph
Introducing the refactors of the block device to allow a tree-like
configuration, and start using it for the partitions level.
Based on patch I3600c6a3d663c697b59d91bd3fbb5e408af345e4

Change-Id: I58bb3c256a1dfd100d29266571c333c2d43334f7
Co-Authored-By: Andreas Florath <andreas@florath.net>
2017-05-03 05:27:43 +00:00