Commit graph

3387 commits

Author SHA1 Message Date
Ian Wienand
f0a8476509 Add systemd-containers functional tests
Add functional tests for the Ubuntu systemd-container elements
introduced with I45651de2aa1b19bdeee301094f0bdffdd0a3b45c

These test the Xenial and Bionic guest images build on Xenial and
Bionic hosts.  I'm not sure it's worth the gate resources to also do
this on CentOS/Trusty at this point, so they're left out.

Change-Id: Ie9da9e22f5421999ac96750624f7d53bb0aa6160
2018-10-31 14:28:56 +11:00
Jesse Pretorius
d59a0c8786 Add ubuntu-systemd-container operating-system element
In order to allow the simple preparation of base images which
can be used for LXC/nspawn machine containers, we add this
element.

Containers inherit a kernel from the host, so there is no need
to build a kernel into the image. All the element needs is a
base init system which, in this case, is systemd.

Change-Id: I45651de2aa1b19bdeee301094f0bdffdd0a3b45c
2018-10-31 14:22:28 +11:00
Zuul
ea27ce6381 Merge "Remove python3 legacy jobs" 2018-10-31 01:18:15 +00:00
Zuul
16d5c4280b Merge "Turn on quiet mode when logfile specified" 2018-10-31 00:15:27 +00:00
Ian Wienand
d2654c7d60 Remove python3 legacy jobs
These were replaced Ied67a31f0d31503d13eccad8662c29740c93f33e but
missed being cleaned up.  The jobs are unused.

Change-Id: Ie5fb396c1d753e8b3e0e5822aa0e98659374fc6a
2018-10-30 11:17:18 +11:00
Zuul
e5351775ec Merge "Remove legacy playbooks" 2018-10-29 05:46:11 +00:00
Zuul
f8c12712cc Merge "Native zuulv3 tests" 2018-10-29 05:45:18 +00:00
Zuul
0aaf1ad49d Merge "Move several packages to bindep.txt" 2018-10-29 05:45:17 +00:00
Ian Wienand
c485067041 Remove legacy playbooks
Legacy playbooks are no longer necessary after
Ied67a31f0d31503d13eccad8662c29740c93f33e

Change-Id: I7f98a13091056809fedae8a5c8ee10b0ef8bbb2a
2018-10-29 12:46:25 +11:00
Ian Wienand
36d642a6a0 Native zuulv3 tests
This finalises the ports of the legacy jobs to zuul native jobs.

The dib-setup-gate-mirrors role preconfigures the repo templates,
etc. for the openstack-ci-mirrors element.

The dib-functests role runs the tests as specified by dib_functests,
and can run under python2 or 3.

Change-Id: Ied67a31f0d31503d13eccad8662c29740c93f33e
2018-10-29 12:46:15 +11:00
Zuul
1785bd3975 Merge "Fix epel repo rewrite, add to testing" 2018-10-28 23:41:21 +00:00
Ian Wienand
c48a40d479 Move several packages to bindep.txt
Move several parts of the "install_test_deps.sh" script into the more
standard bindep.txt.  This list is intentionally restricted as a first
step.

Developer documentation is updated to use bindep and clarified
slightly.

Change-Id: I7520902dc324d920a0c7c44a2d35fe49f9b05614
2018-10-29 09:52:13 +11:00
Ian Wienand
86d5534352 Turn on quiet mode when logfile specified
I'm not really sure why I originally had --logfile also log to stdout
in I202e1cb200bde17f6d7770cf1e2710bbf4cca64c, but it seem
counter-intuitive (indeed, I just tripped myself up thinking that in a
devstack job "--logfile" would put the logs into a separate file and
avoid the stdout logging, and I wrote it!).

Make it so specifying a --logfile puts dib into quiet mode for stdout.
Explicitly overriding DIB_QUIET will allow both if someone wants that.

Change-Id: I3279c9253eee1c9db69c958b87a0ce73efc0be9b
2018-10-24 12:40:09 +11:00
Ian Wienand
dfd1e4fdaf Fix epel repo rewrite, add to testing
It looks like epel-release switch from "mirrorlist" to "metalink"
(around release 7-10 Jun 2017 according to [1]).  Update our rewrite
matching to handle this "metalink" as well.

Add epel element to the centos7 (image-based) build for testing too

[1] https://koji.fedoraproject.org/koji/buildinfo?buildID=978473

Add epel element so it's tested during the centos7 functional test.

Change-Id: I2d6d4c2ec47bc69d2f16c96b5045b05c435a1af9
2018-10-24 12:39:59 +11:00
Zuul
6d3d830cab Merge "Add a post-root.d phase" 2018-10-23 09:16:35 +00:00
Zuul
668978b0c2 Merge "Remove redundant sources change/update" 2018-10-23 09:16:35 +00:00
Tobias Henkel
eff5b2312b
Add a post-root.d phase
While trying to get docker image pre-caching to work we couldn't get a
docker daeomon to run within the chrooted environment. However we got
docker running with the help of bwrap outside of the chrooted
environment. The only option so far for this is the block-device.d
phase. But this has the problem that it runs after the image size has
been calculated. This leads to broken builds if the docker images
being pulled are big.

This can be solved by adding a post-root.d phase that runs outside the
chroot but before the image size calculation.

Change-Id: I36c2a81e2d9f5069f18ce5b0d52c5f1c7212c3ae
2018-10-19 10:33:56 +02:00
Zuul
ec025ff03d Merge "Fix DIB_DISTRIBUTION_MIRROR_UBUNTU_IGNORE regex typo" 2018-10-19 04:01:21 +00:00
Zuul
07d263de0b Merge "Allow debootstrap to cleanup without a kernel" 2018-10-19 03:23:09 +00:00
Zuul
22cd19fea7 Merge "ubuntu-common: Update default DIB_RELEASE to bionic" 2018-10-19 03:23:08 +00:00
Zuul
39c6d7c747 Merge "Move common ubuntu environment setting to ubuntu-common element" 2018-10-19 02:50:36 +00:00
Zuul
46ec4992ff Merge "Add support for Fedora 28, remove EOL Fedora 26" 2018-10-18 23:44:51 +00:00
Ian Wienand
86080a7db0 Fix DIB_DISTRIBUTION_MIRROR_UBUNTU_IGNORE regex typo
This should not be quoted.  Introduced in
I6ffbde07fa0e103641ee5c5f9d9e854e5b2168dc

Change-Id: Iac54c86ebdb90351a2dd663b876ab4675ee0435a
2018-10-18 21:49:44 +11:00
Paul Belanger
7173658df2 Add support for Fedora 28, remove EOL Fedora 26
This updates diskimage-builder to support current Fedora releases (27
and 28) and removes support for Fedora 26 which is EOL as of June
2018.

Change-Id: I602b22ed4d5397b39dc1eef67964f6fbdcd93060
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
2018-10-18 19:43:12 +11:00
Zuul
e09faf9a8d Merge "simplify overlay logic for Gentoo" 2018-10-18 05:51:05 +00:00
Zuul
b3d405f624 Merge "simplify python3.6 selection on gentoo" 2018-10-18 05:51:05 +00:00
Zuul
763493e1f1 Merge "enable caching for gentoo builds" 2018-10-18 05:51:03 +00:00
Zuul
2d327c2506 Merge "Set EPEL mirror during openstack-ci-mirrors" 2018-10-18 04:40:33 +00:00
Zuul
fe15b197fb Merge "ubuntu: Add options to ignore mirror components and use insecure repos" 2018-10-18 04:34:00 +00:00
Zuul
56634e0938 Merge "Turn down pkg-map and hook copy tracing output" 2018-10-18 03:56:12 +00:00
Zuul
d3d17b2e43 Merge "Fix DIB ubuntu-minimal running on bionic (18.04)" 2018-10-18 03:08:37 +00:00
Ian Wienand
8b0111477e Set EPEL mirror during openstack-ci-mirrors
We want to set DIB_EPEL_MIRROR for the epel element, which means we
need access to the CI mirror info script in the chroot.  Copy it into
the temp directory with extra-data.d and update the environment file
to find it.

Change-Id: Ia12f0cbdeb194eef3155497ceb5ffc4a452aad76
2018-10-18 13:53:53 +11:00
Ian Wienand
c47ee6e121 ubuntu: Add options to ignore mirror components and use insecure repos
When using the upstream cloud images with the "ubuntu" element, they
have universe and multiverse enabled which we don't mirror.

To use the infra mirrors as a DIB_DISTRIBUTION_MIRROR with this
element, we need to be able to skip redirecting to universe and
multiverse, and additionally enable insecure repos (as we don't gpg
sign our mirrors).

Add and document two new variables with the ubuntu element to do this.
This is then setup by the openstack-ci-mirrors element so that we use
local mirrors duing dib functional testing for the "ubuntu" element.

Change-Id: I6ffbde07fa0e103641ee5c5f9d9e854e5b2168dc
2018-10-18 13:53:48 +11:00
Zuul
5119f7c034 Merge "fix tox python3 overrides" 2018-10-18 01:14:30 +00:00
Matthew Thode
3ad8235180 simplify overlay logic for Gentoo
openssl/cryptography versions are updated/stable
musl profiles need newer versions of open-iscsi masked as upstream
doesn't want to work with multiple libcs

Change-Id: If5baf339516390ae332015928557c6bb734486c2
2018-10-18 00:21:31 +00:00
Matthew Thode
1e257f59cc simplify python3.6 selection on gentoo
python 3.6 is now stable in gentoo

Change-Id: Ide96c039b03817c216ab58930ff5c897556e6c8a
2018-10-18 00:21:16 +00:00
Ian Wienand
6c077d7c2a Turn down pkg-map and hook copy tracing output
This is a lot of very low value noise in the logs as these iterate
through all the elements (often doing nothing).  Turn it down and add
an echo so we just see what elements it is working on.

Change-Id: I0687de4722766189db9d4a7bd7d3cfb45d387b62
2018-10-18 11:03:17 +11:00
Matthew Thode
89f95a5351
enable caching for gentoo builds
To facilitate this I've created two new environment variables to set
the environment and default options for package actions.

eval is needed for the export as it preserves quotes.

Change-Id: Ib03651ee8dacd48cd1c135afd57cd31101356056
Signed-off-by: Matthew Thode <mthode@mthode.org>
2018-10-15 23:17:37 -05:00
Zuul
8add0cb398 Merge "Add a pre-finalise.d phase" 2018-10-15 06:01:48 +00:00
Ian Wienand
fadf99af05 Add a pre-finalise.d phase
In exploring Gentoo caching, it was realised that we have no way to
bind mount the cache into the finalised image for the finalise.d
phases.

By adding a pre-finalise.d phase that runs outside the chroot, we can
mount outside things into the hierarchy at $TMP_BUILD_DIR/mnt which
are then seen by the in-chroot finalise.d phase.

This is similar to the pre-install phase

Change-Id: I9d782994843383ddf90f62c40498af9925fd9558
2018-10-15 12:45:23 +11:00
Zuul
91efed30ef Merge "Minor documentation updates" 2018-10-15 00:37:18 +00:00
Ian Wienand
ee156e8232 Minor documentation updates
Some minor things after looking at these parts.

The dib-run-parts element doesn't do any of the copying any more, so
these comments are wrong.

The reason for the multiple mounts in the bind mount was non-obvious
to modern eyes (as util-linux has handled this for some time).

Formatting fix for the rst

Change-Id: Idb4c9ff32c49aced2c68a5c905bf7a8b2832a5a2
2018-10-12 11:51:56 +11:00
Zuul
bbbade0e4c Merge "Fail build due to missing kauditd only when SELinux is enabled" 2018-10-11 09:46:48 +00:00
Ian Wienand
39fb794ebc Allow debootstrap to cleanup without a kernel
Currently there's more-or-less an assumption that a kernel is
installed, so module blacklists are simply echoed into the modprobe
blacklist.  This may not be the case with some ongoing container work.

Although we don't need to blacklist modules for containers, it also
doesn't hurt.  Move the debootstrap element to the new modprobe
element, and allow it to create the blacklist directory.

Change-Id: I0f057caf473951df56a2af9633e3a5b53e0809b1
2018-10-08 16:02:25 +11:00
melissaml
b85bc24761 fix a typo
Change-Id: I4867c39a2995e35a0a1e9cba8f786cf4e6188141
2018-10-05 17:26:04 +08:00
Pierre Riteau
bacceba41d Fail build due to missing kauditd only when SELinux is enabled
With the check added in commit 7566819139,
diskimage-builder fails to build RPM-based images if kauditd is not
running. However, this is only valid for environments where SELinux is
enabled. If SELinux is disabled (which is identified by an empty _runcon
variable), proceed with running setfiles.

Change-Id: I1b056f20a3a55f7333391207d9e1049d25ece041
Closes-Bug: #1779273
2018-10-05 10:02:14 +01:00
Zuul
3e6d658687 Merge "allow building non-gentoo images on gentoo hosts" 2018-10-03 11:08:11 +00:00
Michael Johnson
330626482a Fix DIB ubuntu-minimal running on bionic (18.04)
Diskimage-builder fails to build ubuntu-minimal images when run on
a Ubuntu bionic-beaver (18.04) instance.
The user gets "Couldn't create tempfiles for splitting up" when
apt-get update is run in the ubuntu-minimal element root.d.

The issue is that the /tmp inside the chroot is not getting the
proper permissions applied from the base-files package. This is likely
because the pip-cache element has already created the directory before
the base-files package is installed.

This patch changes the order of pip-cache to root.d/11-pip-cache so that
it runs after teh base OS root.d elements run.

Change-Id: I6fd1cb2a23422206884165eb502b260f0c1e52f7
2018-10-01 19:59:30 -07:00
Jesse Pretorius
f4c5326b8e ubuntu-common: Update default DIB_RELEASE to bionic
The ubuntu-minimal README states that the latest Ubuntu LTS
is the default, but currently that is not true. This patch
changes the default to the current LTS.

Change-Id: I10f28314d1a5969c20094194637cfe31219d228c
2018-09-20 02:06:04 +01:00
Jesse Pretorius
8c69da65ac Remove redundant sources change/update
The apt sources are set out in root.d/75-ubuntu-minimal-baseinstall
and the cache is updated, cleaned and a dist-upgrade is done there.

As such, this file is unnecessary.

Change-Id: Idab5ede3f235bc204c4bdebf40fbcf4a12e5bc2f
2018-09-20 00:05:07 +00:00