From 585b6c606e12654c594721e219e6d9f848d9de4b Mon Sep 17 00:00:00 2001 From: Darren Tu Date: Tue, 2 Aug 2022 15:34:13 -0700 Subject: [PATCH] Move to Mariner OS from CBL-D (#218) Co-authored-by: Darren Tu --- linux/base.Dockerfile | 328 +++---- .../PSCloudShellUtility.psm1 | 19 +- linux/{aptinstall.sh => tdnfinstall.sh} | 8 +- linux/tools.Dockerfile | 54 +- tests/PSinLinuxCloudShellImage.Tests.ps1 | 20 +- tests/command_list | 917 ++++++++++-------- tests/test.sh | 4 +- 7 files changed, 687 insertions(+), 663 deletions(-) rename linux/{aptinstall.sh => tdnfinstall.sh} (50%) diff --git a/linux/base.Dockerfile b/linux/base.Dockerfile index a3d55d15..7de356ab 100644 --- a/linux/base.Dockerfile +++ b/linux/base.Dockerfile @@ -8,159 +8,158 @@ # of the base docker file stored in a container registry. This avoids accidentally introducing a change in # the base image -# CBL-D (Common Base Linux - Delridge) is not a standalone Linux distribution, but tracks Debian very closely. -# The primary difference between Debian and CBL-D is that Microsoft compiles all the packages -# included in the CBL-D repository internally. -# This helps guard against supply chain attacks (https://en.wikipedia.org/wiki/Supply_chain_attack). -# 'Quinault' is almost identical to Debian 10 (Buster) -FROM sbidprod.azurecr.io/quinault +# CBL-Mariner is an internal Linux distribution for Microsoft’s cloud infrastructure and edge products and services. +# CBL-Mariner is designed to provide a consistent platform for these devices and services and will enhance Microsoft’s +# ability to stay current on Linux updates. +# https://github.com/microsoft/CBL-Mariner +FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 -SHELL ["/bin/bash","-c"] +SHELL ["/bin/bash","-c"] -# Added to fix CELA requirement to enable users to understand where the source of CBL-D packages come from -COPY SOURCES . -COPY linux/aptinstall.sh . -COPY linux/installMaven.sh . +COPY linux/tdnfinstall.sh . -# The universe repository is only currently required for Python2 -RUN echo "deb https://packages.microsoft.com/repos/cbl-d quinault-universe main" >> /etc/apt/sources.list +RUN tdnf repolist --refresh -RUN apt-get update && bash ./aptinstall.sh \ - apt-transport-https \ +RUN tdnf update -y && bash ./tdnfinstall.sh \ + mariner-repos-extended + +RUN tdnf update -y && bash ./tdnfinstall.sh \ curl \ - xz-utils \ + xz \ git \ - gpg - -RUN curl -sS https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > postgresql.gpg \ - && mv postgresql.gpg /etc/apt/trusted.gpg.d/postgresql.gpg \ - && sh -c 'echo "deb [arch=amd64] https://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" >> /etc/apt/sources.list.d/postgresql.list' - -# BEGIN: provision nodejs - -# gpg keys listed at https://github.com/nodejs/node -RUN set -ex \ - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ - ; do \ - gpg --keyserver pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --keyserver keyserver.ubuntu.com --recv-keys "$key" || \ - gpg --keyserver pgp.mit.edu --recv-keys "$key" || \ - gpg --keyserver keyserver.pgp.com --recv-keys "$key"; \ - done + gpgme \ + gnupg2 + +# Install nodejs +RUN tdnf update -y && bash ./tdnfinstall.sh \ + nodejs ENV NPM_CONFIG_LOGLEVEL warn ENV NODE_VERSION 8.16.0 ENV NODE_ENV production +ENV NODE_OPTIONS=--tls-cipher-list='ECDHE-RSA-AES128-GCM-SHA256:!RC4' -RUN curl -sSLO "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64.tar.xz" \ - && curl -sSLO "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-x64.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-x64.tar.xz" -C /usr/local --strip-components=1 \ - && rm "node-v$NODE_VERSION-linux-x64.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs -# END: provision nodejs - -# Azure CLI keys -RUN echo "deb https://apt-mo.trafficmanager.net/repos/azure-cli/ buster main" | tee /etc/apt/sources.list.d/azure-cli.list -RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B02C46DF417A0893 - -RUN curl -sSL https://packages.microsoft.com/keys/microsoft.asc | apt-key add - - -RUN apt-get update && bash ./aptinstall.sh \ +RUN tdnf update -y && bash ./tdnfinstall.sh \ autoconf \ - azure-functions-core-tools \ + ansible \ +# azure-functions-core-tools \ bash-completion \ build-essential \ + binutils \ + ca-certificates \ + ca-certificates-legacy \ + chkconfig \ cifs-utils \ - dnsutils \ + curl \ + bind-utils \ dos2unix \ + dotnet-runtime-6.0 \ + dotnet-sdk-6.0 \ + e2fsprogs \ emacs \ + gawk \ + glibc-lang \ + glibc-i18n \ + grep \ + gzip \ + initscripts \ iptables \ - iputils-ping \ - java-common \ + iputils \ + msopenjdk-11 \ jq \ less \ - libffi-dev \ - libssl-dev \ - libpq-dev \ - locales \ + libffi \ + libffi-devel \ + libtool \ + lz4 \ + openssl \ + openssl-libs \ + openssl-devel \ man-db \ - msopenjdk-17 \ moby-cli \ moby-engine \ - msodbcsql17 \ + msodbcsql17 \ mssql-tools \ - default-mysql-client \ + mysql \ nano \ net-tools \ parallel \ - postgresql-client \ + patch \ + pkg-config \ + postgresql-libs \ + postgresql \ + powershell \ python3 \ python3-pip \ - python3-venv \ - python3.7-dev \ + python3-virtualenv \ + python3-libs \ + python3-devel \ puppet \ + rpm \ rsync \ - ssl-cert \ - software-properties-common \ + sed \ + sudo \ + tar \ tmux \ - unixodbc-dev \ + unixODBC \ unzip \ + util-linux \ vim \ wget \ + which \ zip \ zsh -# Install Maven from Apache mirrors directly and override just the maven installer from CBL-D -RUN bash ./installMaven.sh -ENV M2_HOME /opt/maven -ENV MAVEN_HOME /opt/maven -ENV PATH $PATH:/opt/maven/bin -ENV JAVA_HOME /usr/lib/jvm/msopenjdk-17-amd64 - -# Install the deprecated Python2 packages. Will be removed in a future update -RUN bash ./aptinstall.sh \ - python-dev \ - python \ - python-pip +# Install Maven +RUN tdnf -y install mariner-repos-preview +RUN tdnf update -y && bash ./tdnfinstall.sh maven +RUN tdnf -y remove mariner-repos-preview + +RUN tdnf clean all + +# Additional packages required for Mariner to be closer to parity with CBL-D +RUN tdnf update -y && bash ./tdnfinstall.sh \ + apparmor-parser \ + apparmor-utils \ + cronie \ + ebtables-legacy \ + fakeroot \ + file \ + lsb-release \ + ncompress \ + pigz \ + psmisc \ + procps \ + shared-mime-info \ + sysstat \ + xauth + +# Install azure-functions-core-tools +RUN wget -nv -O Azure.Functions.Cli.linux-x64.4.0.3971.zip https://github.com/Azure/azure-functions-core-tools/releases/download/4.0.3971/Azure.Functions.Cli.linux-x64.4.0.3971.zip \ + && unzip -d azure-functions-cli Azure.Functions.Cli.linux-x64.4.0.3971.zip \ + && chmod +x azure-functions-cli/func \ + && chmod +x azure-functions-cli/gozip \ + && mv azure-functions-cli /opt \ + && ln -sf /opt/azure-functions-cli/func /usr/bin/func \ + && ln -sf /opt/azure-functions-cli/gozip /usr/bin/gozip \ + && rm -r Azure.Functions.Cli.linux-x64.4.0.3971.zip # Install Jenkins X client -RUN curl -sSL https://github.com/jenkins-x/jx/releases/download/v1.3.107/jx-linux-amd64.tar.gz > jx.tar.gz \ - && echo f3e31816a310911c7b79a90281182a77d1ea1c9710b4e0bb29783b78cc99a961 jx.tar.gz | sha256sum -c \ - && tar -xf jx.tar.gz \ - && mv jx /usr/local/bin \ - && rm -rf jx.tar.gz +RUN tdnf update -y && bash ./tdnfinstall.sh jx # Install CloudFoundry CLI -RUN wget -nv -O cf-cli_install.deb https://cli.run.pivotal.io/stable?release=debian64 \ - && dpkg -i cf-cli_install.deb \ - && apt-get install -f \ - && rm -f cf-cli_install.deb +RUN tdnf update -y && bash ./tdnfinstall.sh cf-cli + # Setup locale to en_US.utf8 -RUN echo en_US UTF-8 >> /etc/locale.gen && locale-gen +RUN echo en_US UTF-8 >> /etc/locale.conf && locale-gen.sh ENV LANG="en_US.utf8" -# Redirect python3 as default and path pip2 # Update pip and Install Service Fabric CLI # Install mssql-scripter -RUN ln -s -f /usr/bin/python3 /usr/bin/python \ - && sed -i 's/usr\/bin\/python/usr\/bin\/python2/' /usr/bin/pip2 \ - && pip2 install --upgrade pip && pip3 install --upgrade pip \ +RUN pip3 install --upgrade pip \ && pip3 install --upgrade sfctl \ - && pip3 install mssql-scripter + && pip3 install --upgrade mssql-scripter # Install Blobxfer and Batch-Shipyard in isolated virtualenvs COPY ./linux/blobxfer /usr/local/bin @@ -170,22 +169,22 @@ RUN chmod 755 /usr/local/bin/blobxfer \ && virtualenv -p python3 blobxfer \ && /bin/bash -c "source blobxfer/bin/activate && pip3 install blobxfer && deactivate" -# Some hacks to install.sh -# update os-release to pretend we are Debian -# depend on python3.7-dev instead of python3-dev (cbl-d bug?) +# Mariner distro required patch +# mariner-batch-shipyard.patch +# python3 is default in CBL-Mariner +# Some hacks to install.sh install-tweaked.sh RUN curl -fSsL `curl -fSsL https://api.github.com/repos/Azure/batch-shipyard/releases/latest | grep tarball_url | cut -d'"' -f4` | tar -zxvpf - \ - && mv Azure-batch-shipyard-* /opt/batch-shipyard \ + && mkdir /opt/batch-shipyard \ + && mv Azure-batch-shipyard-*/* /opt/batch-shipyard \ + && rm -r Azure-batch-shipyard-* \ && cd /opt/batch-shipyard \ - && cp /etc/os-release /etc/os-release.bak \ - && sed 's/ID=cbld/ID=debian/' < /etc/os-release.bak \ - && sed 's/ID=cbld/ID=debian/' < /etc/os-release.bak > /etc/os-release \ - && sed 's/PYTHON_PKGS="libpython3-dev python3-dev"/PYTHON_PKGS="libpython3.7-dev python3.7-dev"/' < install.sh > install-tweaked.sh \ + && sed 's/rhel/mariner/' < install.sh > install-tweaked.sh \ + && sed -i '/$PYTHON == /s/".*"/"python3"/' install-tweaked.sh \ + && sed -i 's/rsync $PYTHON_PKGS/rsync python3-devel/' install-tweaked.sh \ && chmod +x ./install-tweaked.sh \ && ./install-tweaked.sh -c \ && /bin/bash -c "source cloudshell/bin/activate && python3 -m compileall -f /opt/batch-shipyard/shipyard.py /opt/batch-shipyard/convoy && deactivate" \ - && ln -sf /opt/batch-shipyard/shipyard /usr/local/bin/shipyard \ - && cp /etc/os-release.bak /etc/os-release - + && ln -sf /opt/batch-shipyard/shipyard /usr/local/bin/shipyard # # BEGIN: Install Ansible in isolated Virtual Environment COPY ./linux/ansible/ansible* /usr/local/bin/ @@ -209,98 +208,49 @@ RUN export INSTALLROOT=/usr/local/linkerd \ && curl -sSL https://run.linkerd.io/install | sh - ENV PATH $PATH:/usr/local/linkerd/bin -# Install Puppet-Bolt -RUN wget -nv -O puppet-tools.deb https://apt.puppet.com/puppet-tools-release-buster.deb \ - && dpkg -i puppet-tools.deb \ - && apt-get update \ - && bash ./aptinstall.sh puppet-bolt \ - && rm -f puppet-tools.deb - # install go -RUN wget -nv -O go.tar.gz https://dl.google.com/go/go1.13.7.linux-amd64.tar.gz \ - && echo b3dd4bd781a0271b33168e627f7f43886b4c5d1c794a4015abf34e99c6526ca3 go.tar.gz | sha256sum -c \ - && tar -xf go.tar.gz \ - && mv go /usr/local \ - && rm -f go.tar.gz +RUN bash ./tdnfinstall.sh \ + golang -ENV GOROOT="/usr/local/go" +ENV GOROOT="/usr/lib/golang" ENV PATH="$PATH:$GOROOT/bin:/opt/mssql-tools/bin" -RUN export INSTALL_DIRECTORY="$GOROOT/bin" \ - && curl -sSL https://raw.githubusercontent.com/golang/dep/master/install.sh | sh \ - && unset INSTALL_DIRECTORY +# RUN export INSTALL_DIRECTORY="$GOROOT/bin" \ +# && curl -sSL https://raw.githubusercontent.com/golang/dep/master/install.sh | sh \ +# && ln -sf INSTALL_DIRECTORY/dep /usr/bin/dep \ +# && unset INSTALL_DIRECTORY + +RUN tdnf update -y && bash ./tdnfinstall.sh \ + ruby \ + rubygems -RUN gem update --system 2.7.7 \ - && gem install bundler --version 1.16.4 --force \ +RUN gem install bundler --version 1.16.4 --force \ && gem install rake --version 12.3.0 --no-document --force \ && gem install colorize --version 0.8.1 --no-document --force \ - && gem install rspec --version 3.7.0 --no-document --force \ - && rm -r /root/.gem/ + && gem install rspec --version 3.7.0 --no-document --force ENV GEM_HOME=~/bundle ENV BUNDLE_PATH=~/bundle ENV PATH=$PATH:$GEM_HOME/bin:$BUNDLE_PATH/gems/bin # Download and Install the latest packer (AMD64) -RUN PACKER_VERSION=$(curl -sSL https://checkpoint-api.hashicorp.com/v1/check/packer | jq -r -M ".current_version") \ - && wget -nv -O packer.zip https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip \ - && wget -nv -O packer.sha256 https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_SHA256SUMS \ - && wget -nv -O packer.sha256.sig https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_SHA256SUMS.sig \ - && curl -s https://keybase.io/hashicorp/pgp_keys.asc | gpg --import \ - && gpg --verify packer.sha256.sig packer.sha256 \ - && echo $(grep -Po "[[:xdigit:]]{64}(?=\s+packer_${PACKER_VERSION}_linux_amd64.zip)" packer.sha256) packer.zip | sha256sum -c \ - && unzip packer.zip \ - && mv packer /usr/local/bin \ - && chmod a+x /usr/local/bin/packer \ - && rm -f packer packer.zip packer.sha256 packer.sha256.sig \ - && unset PACKER_VERSION +RUN tdnf update -y && bash ./tdnfinstall.sh packer # Install dcos -RUN wget -nv -O dcos https://downloads.dcos.io/binaries/cli/linux/x86-64/latest/dcos \ - && echo c79285f23525e21f71473649c742af14917c9da7ee2b707ccc27e92da4838ec4 dcos | sha256sum -c \ - && mv dcos /usr/local/bin \ - && chmod +x /usr/local/bin/dcos - -# Install PowerShell -# Register the Microsoft repository GPG keys and Install PowerShell Core -RUN wget -nv -q https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb \ - && dpkg -i packages-microsoft-prod.deb \ - && apt update \ - && bash ./aptinstall.sh powershell - -# Install .NET 6 -# The Microsoft repository GPG keys are already registered in previous step (Install PowerShell) -# Install .NET 6 runtime, ASP.NET Core runtime and SDK using apt-get -RUN bash ./aptinstall.sh \ - dotnet-runtime-6.0 \ - dotnet-sdk-6.0 +RUN tdnf update -y && bash ./tdnfinstall.sh dcos-cli # PowerShell telemetry ENV POWERSHELL_DISTRIBUTION_CHANNEL CloudShell # don't tell users to upgrade, they can't ENV POWERSHELL_UPDATECHECK Off -# Install Chef Workstation -RUN wget -nv -O chef-workstation_amd64.deb https://packages.chef.io/files/stable/chef-workstation/20.9.158/debian/10/chef-workstation_20.9.158-1_amd64.deb \ - && echo af67dfbf705959eb0e4d4b663142a66b2a220b33aefc54b83197ad3f535b69ba chef-workstation_amd64.deb | sha256sum -c \ - && dpkg -i chef-workstation_amd64.deb \ - && rm -f chef-workstation_amd64.deb - # Install ripgrep -RUN curl -sSLO https://github.com/BurntSushi/ripgrep/releases/download/12.1.1/ripgrep_12.1.1_amd64.deb \ - && echo 18ef498312073da55d2f2f65c6a906085c68368a23c9a45a87fcb8539be96608 ripgrep_12.1.1_amd64.deb | sha256sum -c \ - && dpkg -i ripgrep_12.1.1_amd64.deb \ - && rm -f ripgrep_12.1.1_amd64.deb +RUN bash ./tdnfinstall.sh \ + ripgrep -# Install docker-machine -RUN curl -sSL https://github.com/docker/machine/releases/download/v0.16.2/docker-machine-`uname -s`-`uname -m` > /tmp/docker-machine \ - && echo a7f7cbb842752b12123c5a5447d8039bf8dccf62ec2328853583e68eb4ffb097 /tmp/docker-machine | sha256sum -c \ - && chmod +x /tmp/docker-machine \ - && mv /tmp/docker-machine /usr/local/bin/docker-machine - -# Copy and run the Helm install script, which fetches the latest release of Helm. -COPY ./linux/helmInstall.sh . -RUN bash ./helmInstall.sh && rm -f ./helmInstall.sh +# Install Helm +RUN bash ./tdnfinstall.sh \ + helm # Copy and run the Draft install script, which fetches the latest release of Draft with # optimizations for running inside cloud shell. @@ -312,13 +262,9 @@ RUN npm install -g yo \ && npm install -g generator-az-terra-module # Download and install AzCopy SCD of linux-x64 -RUN curl -sSL https://aka.ms/downloadazcopy-v10-linux -o azcopy-netcore_linux_x64.tar.gz \ - && mkdir azcopy \ - && tar xf azcopy-netcore_linux_x64.tar.gz -C azcopy --strip-components 1 \ - && mv azcopy/azcopy /usr/local/bin/azcopy \ - && chmod a+x /usr/local/bin/azcopy \ - && rm -f azcopy-netcore_linux_x64.tar.gz && rm -rf azcopy +RUN tdnf update -y && bash ./tdnfinstall.sh azcopy + # Copy and run script to Install powershell modules COPY ./linux/powershell/ powershell -RUN /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Base && rm -rf ./powershell +RUN /usr/bin/pwsh -File ./powershell/setupPowerShell.ps1 -image Base && rm -rf ./powershell \ No newline at end of file diff --git a/linux/powershell/PSCloudShellUtility/PSCloudShellUtility.psm1 b/linux/powershell/PSCloudShellUtility/PSCloudShellUtility.psm1 index c03fc1d0..6fbb2d4d 100644 --- a/linux/powershell/PSCloudShellUtility/PSCloudShellUtility.psm1 +++ b/linux/powershell/PSCloudShellUtility/PSCloudShellUtility.psm1 @@ -1885,13 +1885,15 @@ function Get-PackageVersion() { # Enumerate all APT packages with versions $packages = New-Object -TypeName System.Collections.ArrayList - apt list --installed 2> /dev/null | % { - Write-Verbose "Apt: $_" - if ($_ -match "([^/]*)/[^ ]* ([^ ]*)") { - $p = New-PackageInfo -Name $matches[1] -Version $matches[2] -Type "Apt" - $null = $packages.Add($p) - } - } + + # TODO - find the regular expression to seperate the package name from the package version + # apt list --installed 2> /dev/null | % { + # Write-Verbose "Apt: $_" + # if ($_ -match "([^/]*)/[^ ]* ([^ ]*)") { + # $p = New-PackageInfo -Name $matches[1] -Version $matches[2] -Type "Apt" + # $null = $packages.Add($p) + # } + # } # enumerate special packages $pwsh = New-PackageInfo -Name "PowerShell" -Version $PSVersionTable.PSVersion.ToString() -type "Special" @@ -1917,7 +1919,6 @@ function Get-PackageVersion() { $packageVersionDetections = @( @{displayname = "Node.JS"; command = "node"; args = "--version"; match = "v(.*)"}, - @{displayname = "Jenkins X"; command = "jx"; args = "version -n"; match = "jx\s+(.*)"}, @{displayname = "Cloud Foundry CLI"; command = "cf"; args = "-v"; match = "cf version (.*)"}, @{displayname = "Blobxfer"; command = "blobxfer"; args = "--version"; match = "blobxfer, version (.*)"}, @{displayname = "Batch Shipyard"; command = "shipyard"; args = "--version"; match = "shipyard.py, version (.*)"}, @@ -1927,9 +1928,7 @@ function Get-PackageVersion() { @{displayname = "Go"; command = "go"; args = "version"; match = "go version go(\S+) .*"}, @{displayname = "Packer"; command = "packer"; args = "version"; match = "Packer v(.+)"}, @{displayname = "DC/OS CLI"; command = "dcos"; args = "--version"; match = "dcoscli.version=(.*)"}, - @{displayname = "Chef Workstation"; command = "chef"; args = "-v"; match = "Chef Workstation version: (.*)"}, @{displayname = "Ripgrep"; command = "rg"; args = "--help | head"; match = "ripgrep ([\d\.]+)$"}, - @{displayname = "Docker-machine"; command = "docker-machine"; args = "version"; match = "docker-machine version ([\d\.]+),"}, @{displayname = "Helm"; command = "helm"; args = "version --short"; match = "v(.+)"}, @{displayname = "Draft"; command = "draft"; args = "version --short"; match = "v(.+)"}, @{displayname = "AZCopy"; command = "azcopy"; args = "--version"; match = "azcopy version (.+)"}, diff --git a/linux/aptinstall.sh b/linux/tdnfinstall.sh similarity index 50% rename from linux/aptinstall.sh rename to linux/tdnfinstall.sh index 59c20b05..55d7f4ad 100644 --- a/linux/aptinstall.sh +++ b/linux/tdnfinstall.sh @@ -1,15 +1,15 @@ #!/bin/bash -# wrapper around apt-get install which retries on failure +# wrapper around tdnf install which retries on failure max_tries=4 count=0 -while [ $count -lt $max_tries ]; do - ACCEPT_EULA=Y apt-get install -y $* +while [ $count -lt $max_tries ]; do + ACCEPT_EULA=Y tdnf install -y $* if [ $? -eq 0 ]; then exit 0 fi let count=count+1 done echo "Too many install attempts, failing" -exit 1 +exit 1 \ No newline at end of file diff --git a/linux/tools.Dockerfile b/linux/tools.Dockerfile index b5a36637..e53c9220 100644 --- a/linux/tools.Dockerfile +++ b/linux/tools.Dockerfile @@ -5,58 +5,40 @@ # To build yourself locally, override this location with a local image tag. See README.md for more detail -ARG IMAGE_LOCATION=cdpxb787066ec88f4e20ae65e42a858c42ca00.azurecr.io/official/azure/cloudshell:1.0.20220715.1.base.master.86bf8742 +ARG IMAGE_LOCATION=cdpxb787066ec88f4e20ae65e42a858c42ca00.azurecr.io/official/azure/cloudshell:1.0.20220720.1.base.mariner_full.d6d09980 # Copy from base build FROM ${IMAGE_LOCATION} +ENV NODE_OPTIONS=--tls-cipher-list='ECDHE-RSA-AES128-GCM-SHA256:!RC4' + +RUN tdnf repolist --refresh + # Install latest Azure CLI package. CLI team drops latest (pre-release) package here prior to public release # We don't support using this location elsewhere - it may be removed or updated without notice -RUN wget -nv https://azurecliprod.blob.core.windows.net/cloudshell-release/azure-cli-latest-buster.deb \ - && dpkg -i azure-cli-latest-buster.deb \ - && rm -f azure-cli-latest-buster.deb +RUN wget https://azurecliprod.blob.core.windows.net/cloudshell-release/azure-cli-latest-mariner2.0.rpm \ + && tdnf install -y ./azure-cli-latest-mariner2.0.rpm \ + && rm azure-cli-latest-mariner2.0.rpm # Install any Azure CLI extensions that should be included by default. RUN az extension add --system --name ai-examples -y RUN az extension add --system --name ssh -y # EY: get an error when we try to install this. -# RUN az extension add --system --name azure-cli-ml -y +RUN az extension add --system --name azure-cli-ml -y # Install kubectl RUN az aks install-cli \ && chmod +x /usr/local/bin/kubectl \ && chmod +x /usr/local/bin/kubelogin -# Download the latest terraform (AMD64), install to global environment. -RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B36CBA91A2C0730C435FC280B0B441097685B676 \ - && TF_VERSION=$(curl -s https://api.releases.hashicorp.com/v1/releases/terraform/latest | jq -r -M ".version") \ - && wget -nv -O terraform.zip https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_amd64.zip \ - && wget -nv -O terraform.sha256 https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS \ - && wget -nv -O terraform.sha256.sig https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_SHA256SUMS.sig \ - && gpg --verify terraform.sha256.sig terraform.sha256 \ - && echo $(grep -Po "[[:xdigit:]]{64}(?=\s+terraform_${TF_VERSION}_linux_amd64.zip)" terraform.sha256) terraform.zip | sha256sum -c \ - && unzip terraform.zip \ - && mkdir /usr/local/terraform \ - && mv terraform /usr/local/terraform \ - && rm -f terraform terraform.zip terraform.sha256 terraform.sha256.sig \ - && unset TF_VERSION - -COPY ./linux/terraform/terraform* /usr/local/bin/ -RUN chmod 755 /usr/local/bin/terraform* && dos2unix /usr/local/bin/terraform* +# Install terraform +RUN tdnf update -y && bash ./tdnfinstall.sh \ + terraform # github CLI -RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg \ - && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | tee /etc/apt/sources.list.d/github-cli.list > /dev/null \ - && apt update \ - && apt install gh - -# Temporarily rerun PowerShell install during tools build to pick up latest version -RUN rm packages-microsoft-prod.deb \ - && wget -nv -q https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb \ - && dpkg -i packages-microsoft-prod.deb \ - && apt update \ - && apt-get -y install powershell +RUN tdnf update -y && bash ./tdnfinstall.sh \ + gh RUN mkdir -p /usr/cloudshell WORKDIR /usr/cloudshell @@ -86,7 +68,13 @@ RUN ltarget=$(readlink /usr/local/linkerd/bin/linkerd) && \ if [ ! -f $ltarget ] ; then rm /usr/local/linkerd/bin/linkerd ; ln -s /usr/local/linkerd/bin/linkerd-stable* /usr/local/linkerd/bin/linkerd ; fi # Temp: fix ansible modules. Proper fix is to update base layer to use regular python for Ansible. -RUN /opt/ansible/bin/python -m pip install -r /usr/share/ansible/collections/ansible_collections/azure/azcollection/requirements-azure.txt +RUN wget -nv -q https://raw.githubusercontent.com/ansible-collections/azure/dev/requirements-azure.txt \ + && /opt/ansible/bin/python -m pip install -r requirements-azure.txt \ + && rm requirements-azure.txt + +#Add soft links +RUN ln -s /usr/bin/python3 /usr/bin/python +RUN ln -s /usr/bin/node /usr/bin/nodejs # Add user's home directories to PATH at the front so they can install tools which # override defaults diff --git a/tests/PSinLinuxCloudShellImage.Tests.ps1 b/tests/PSinLinuxCloudShellImage.Tests.ps1 index 53460473..3e5bcd1e 100755 --- a/tests/PSinLinuxCloudShellImage.Tests.ps1 +++ b/tests/PSinLinuxCloudShellImage.Tests.ps1 @@ -1,6 +1,3 @@ - - - Describe "Various programs installed with expected versions" { BeforeAll { @@ -11,18 +8,17 @@ Describe "Various programs installed with expected versions" { } } - It "Base OS - CBL-D 10" { + It "Base OS - CBL-Mariner 2.0" { [System.Environment]::OSVersion.Platform | Should -Be 'Unix' $osDetails = Get-Content /etc/*release - $osDetails | Where-Object {$_.Contains('VERSION_ID="10"')} | Should -Not -BeNullOrEmpty - $osDetails | Where-Object {$_.Contains('NAME="Common Base Linux Delridge"')} | Should -Not -BeNullOrEmpty + $osDetails | Where-Object {$_.Contains('VERSION_ID="2.0"')} | Should -Not -BeNullOrEmpty + $osDetails | Where-Object {$_.Contains('NAME="Common Base Linux Mariner"')} | Should -Not -BeNullOrEmpty } It "Static Versions" { # These programs are installed explicitly with specific versions - $script:pmap["Node.JS"].Version | Should -Be '8.16.0' - $script:pmap["Jenkins X"].Version | Should -Be '1.3.107' + $script:pmap["Node.JS"].Version | Should -Be '16.14.2' $script:pmap["PowerShell"].Version | Should -BeLike '7.2*' } @@ -50,8 +46,7 @@ Describe "Various programs installed with expected versions" { It "Compare bash commands to baseline" { # command_list contains a list of all the files which should be installed - $command_diffs = bash -c "compgen -c | sort -u > /tests/installed_commands && diff /tests/command_list /tests/installed_commands" - + $command_diffs = bash -c "compgen -c | sort -u > /tests/installed_commands && diff -w /tests/command_list /tests/installed_commands" # these may or may not be present depending on how tests were invoked $special = @( "profile.ps1", @@ -195,8 +190,8 @@ Describe "PowerShell Modules" { $module = Get-Module -Name GuestConfiguration -ListAvailable $module | Should -Not -BeNullOrEmpty - # GuestConfiguration module version must be 3.5.4 or greater - $module.Version -ge '3.5.4' | Should -Be $true + # GuestConfiguration module version must be 0.*.* or greater + $module.Version -like "4.*.*" | Should -Be $true } It "MicrosoftTeams PowerShell Module" { @@ -209,7 +204,6 @@ Describe "PowerShell Modules" { } It "Microsoft.PowerShell.UnixCompleters PowerShell Module" { - $module = Get-Module -Name Microsoft.PowerShell.UnixCompleters -ListAvailable $module | Should -Not -BeNullOrEmpty diff --git a/tests/command_list b/tests/command_list index 6d641f74..0ddad1aa 100644 --- a/tests/command_list +++ b/tests/command_list @@ -6,25 +6,39 @@ ]] { } -2to3-2.7 +aa-audit +aa-autodep +aa-cleanprof +aa-complain +aa-decode +aa-disable +aa-easyprof aa-enabled +aa-enforce aa-exec +aa-features-abi +aa-genprof +aa-logprof +aa-mergeprof +aa-notify aa-remove-unknown aa-status aa-teardown +aa-unconfined accessdb aclocal aclocal-1.16 activate-global-python-argcomplete -add-apt-repository +addftinfo addgnupghome -addgroup addpart addr2line -add-shell adduser +afmtodit agetty alias +alternatives +anacron ansible ansible-config ansible-connection @@ -34,29 +48,35 @@ ansible-galaxy ansible-inventory ansible-playbook ansible-pull +ansible-test ansible-vault apparmor_parser apparmor_status applygnupgdefaults +apr-1-config apropos -apt -apt-add-repository -apt-cache -apt-cdrom -apt-config -apt-get -apt-key -apt-mark ar arch arp -arptables -arptables-nft -arptables-nft-restore -arptables-nft-save -arptables-restore -arptables-save +arpaname +arping as +aserver +asn1Coding +asn1Decoding +asn1Parser +audisp-remote +audisp-syslog +auditctl +auditd +augmatch +augparse +augtool +aulast +aulastlog +aureport +ausearch +ausyscall autoconf autoheader autom4te @@ -65,6 +85,9 @@ automake-1.16 autoreconf autoscan autoupdate +autrace +auvirt +avcstat awk az azcopy @@ -73,28 +96,28 @@ badblocks base32 base64 basename +basenc bash bashbug bcp -berks bg bicep bind -blkdeactivate +bison blkdiscard blkid blkzone blobxfer blockdev -bolt -bootctl break -broadwayd -bsd-from -bsd-write +bridge +brotli +bsdcat +bsdcpio +bsdtar builtin bundle -bundle2.5 +bundle2pem.sh bundler bunzip2 busctl @@ -102,7 +125,6 @@ bzcat bzcmp bzdiff bzegrep -bzexe bzfgrep bzgrep bzip2 @@ -110,22 +132,17 @@ bzip2recover bzless bzmore c++ -c89 -c89-gcc -c99 -c99-gcc cal -calendar caller capsh +captest captoinfo case cat -catchsegv catman -cbld-check-environment cc cd +certtool cf cfdisk c++filt @@ -133,19 +150,11 @@ chage chattr chcon chcpu -chef -chef-analyze -chef-apply -chef-cli -chef-client -chef-run -chef-shell -chef-solo -chef-vault -chef-workstation-app +chem chfn chgpasswd chgrp +chkconfig chmem chmod choom @@ -155,12 +164,10 @@ chroot chrt chsh cifscreds -cifs.idmap cifsiostat -cifs.upcall cksum clear -clear_console +clockdiff clusterdb cmp col @@ -169,215 +176,168 @@ colrm column comm command +comp_err compgen +compile_et complete compopt -compose +compress +compute_av +compute_create +compute_member +compute_relabel +consoletype containerd containerd-shim containerd-shim-runc-v1 containerd-shim-runc-v2 containerd-stress continue -cookstyle coproc +coredumpctl corelist +corepack cp cpan -cpan5.28-x86_64-linux-gnu -cpgr cpp -cpp-8 -cppw +cracklib-check +cracklib-format +cracklib-packer +cracklib-unpacker +create-cracklib-dict createdb -createlang createuser -c_rehash -cron +crond +cronnext crontab csplit -ctags -ctags.emacs ctr ctrlaltdel +ctstat curl +curl-config cut -dash +cvtsudoers date dbilogstrip dbiprof -dbiproxy dbus-cleanup-sockets dbus-daemon +dbus-launch dbus-monitor dbus-run-session dbus-send +dbus-test-tool dbus-update-activation-environment dbus-uuidgen +dcb dcos dd -debconf -debconf-apt-progress -debconf-communicate -debconf-copydb -debconf-escape -debconf-getlang -debconf-get-selections -debconf-loadtemplate -debconf-mergetemplate -debconf-set-selections -debconf-show -deb-systemd-helper -deb-systemd-invoke +ddns-confgen debugfs +debuginfod-find declare -delgroup -delivery delpart -deluser delv -dep depmod +derb +devlink df -dh_autotools-dev_restoreconfig -dh_autotools-dev_updateconfig -dh_bash-completion -dh_perl_dbi -dh_python2 diff diff3 dig dir dircolors -dirmngr -dirmngr-client dirname dirs disown +dltest dmesg -dmsetup -dmstats dnsdomainname -dnstap-read do docker dockerd docker-init -docker-machine docker-proxy domainname done dos2unix -dotlock -dotlock.mailutils dotnet -dpkg -dpkg-architecture -dpkg-buildflags -dpkg-buildpackage -dpkg-checkbuilddeps -dpkg-deb -dpkg-distaddfile -dpkg-divert -dpkg-genbuildinfo -dpkg-genchanges -dpkg-gencontrol -dpkg-gensymbols -dpkg-maintscript-helper -dpkg-mergechangelogs -dpkg-name -dpkg-parsechangelog -dpkg-preconfigure -dpkg-query -dpkg-reconfigure -dpkg-scanpackages -dpkg-scansources -dpkg-shlibdeps -dpkg-source -dpkg-split -dpkg-statoverride -dpkg-trigger -dpkg-vendor draft dropdb -droplang dropuser du dumpe2fs +dumpsexp dwp e2freefrag e2fsck e2image e2label e2mmpstatus +e2scrub +e2scrub_all e2undo e4crypt e4defrag ebrowse -ebrowse.emacs ebtables -ebtables-nft -ebtables-nft-restore -ebtables-nft-save +ebtables-legacy +ebtables-legacy-restore +ebtables-legacy-save ebtables-restore ebtables-save echo -edit -editor +ecpg egrep +eject elfedit elif else emacs +emacs-28.1 emacsclient -emacsclient.emacs -emacs-gtk enable enc2xs encguess env -env_parallel -env_parallel.bash -env_parallel.csh -env_parallel.fish -env_parallel.ksh -env_parallel.pdksh -env_parallel.tcsh -env_parallel.zsh eqn +eqn2graph erb -erb2.5 esac +escapesrc etags -etags.emacs +eu-addr2line +eu-ar +eu-elfclassify +eu-elfcmp +eu-elfcompress +eu-elflint +eu-findtextrel +eu-make-debug-archive +eu-nm +eu-objdump +eu-ranlib +eu-readelf +eu-size +eu-stack +eu-strings +eu-strip +eu-unstrip eval ex exec -exicyclog -exigrep -exim -exim4 -exim_checkaccess -exim_convert4r4 -exim_dbmbuild -exim_dumpdb -exim_fixdb -exim_lock -eximstats -exim_tidydb -exinext -exipick -exiqgrep -exiqsumm exit -exiwhat expand expiry export expr facter factor +fadot +faillock faillog +faked faked-sysv faked-tcp fakeroot @@ -395,27 +355,25 @@ fc-pattern fc-query fc-scan fc-validate -fdformat fdisk fg fgrep fi file +filecap filefrag fincore find findfs findmnt +fish +fish_indent +fish_key_reader flock fmt fold -foodcritic for free -frm -frm.mailutils -from -from.mailutils fsck fsck.cramfs fsck.ext2 @@ -423,7 +381,6 @@ fsck.ext3 fsck.ext4 fsck.minix fsfreeze -fstab-decode fstrim func function @@ -431,64 +388,98 @@ funzip fuser futurize g++ -g++-8 +gawk +gawk-5.1.0 gcc -gcc-8 gcc-ar -gcc-ar-8 gcc-nm -gcc-nm-8 gcc-ranlib -gcc-ranlib-8 gcov -gcov-8 gcov-dump -gcov-dump-8 gcov-tool -gcov-tool-8 -gdk-pixbuf-csource -gdk-pixbuf-pixdata -gdk-pixbuf-thumbnailer +gdbm_dump +gdbm_load +gdbmtool +gdiffmk gem -gem2.5 +genbrk gencat +genccode +gencfu +gencmn +gencnval +gendict +gendiff +genhostid +genl +gennorm2 +genrb +gensprep geqn getcap -getcifsacl getconf +getconlist +getdefaultcon +getenforce getent +getfilecon getopt getopts getpcaps -getty +getpidcon +getsebool +getseuser gh -ginstall-info +gindxbib git +git-cvsserver +gitk git-receive-pack git-shell git-upload-archive git-upload-pack +glilypond +glookbib +gneqn +gnroff +gnutls-cli +gnutls-cli-debug +gnutls-serv go gofmt -gold +gozip gpasswd +gperl gpg +gpg2 gpg-agent -gpgcompose +gpg-card gpgconf gpg-connect-agent +gpg-error gpgparsemail +gpgscm gpgsm gpgsplit gpgtar gpgv +gpgv2 +gpg-wks-client gpg-wks-server -gpg-zip gpic +gpinyin gprof +grap2graph +grefer grep +grn +grodvi groff +groffer grog +grolbp +grolj4 +gropdf grops grotty groupadd @@ -499,66 +490,86 @@ groups grpck grpconv grpunconv +gsoelim +gss-client +gss-server +gtar gtbl -gtk-builder-tool -gtk-launch -gtk-query-settings -gtk-update-icon-cache +gtkdoc-check +gtkdoc-depscan +gtkdoc-fixxref +gtkdocize +gtkdoc-mkdb +gtkdoc-mkhtml +gtkdoc-mkhtml2 +gtkdoc-mkman +gtkdoc-mkpdf +gtkdoc-rebase +gtkdoc-scan +gtkdoc-scangobj +gtroff +guild +guile +guile2 +guile2-tools +guile-config +guile-snarf +guile-tools gunzip gzexe gzip h2ph h2xs -hab halt +hardlink hash -hd head helm help -helpztags hexdump hiera history +hmac256 host hostid hostname hostnamectl +hpftodit htmldiff hwclock i386 +ibd2sdi iconv iconvconfig +icu-config +icuinfo +icupkg id if +ifcfg ifconfig ifnames +ifstat in +indxbib infocmp infotocap init -innotop +initdb +innochecksum insmod -inspec install -install-info -installkernel instmodsh -invoke-rc.d ionice iostat +ip ip6tables ip6tables-apply ip6tables-legacy ip6tables-legacy-restore ip6tables-legacy-save -ip6tables-nft -ip6tables-nft-restore -ip6tables-nft-save ip6tables-restore -ip6tables-restore-translate ip6tables-save -ip6tables-translate ipcmk ipcrm ipcs @@ -568,22 +579,17 @@ iptables-apply iptables-legacy iptables-legacy-restore iptables-legacy-save -iptables-nft -iptables-nft-restore -iptables-nft-save iptables-restore -iptables-restore-translate iptables-save -iptables-translate iptables-xml iptunnel irb -irb2.5 -ischroot +irqtop isosize isql istioctl iusql +jaotc jar jarsigner java @@ -600,13 +606,13 @@ jfr jhsdb jimage jinfo +jjs jlink jmap jmod jobs join journalctl -jpackage jp.py jps jq @@ -618,56 +624,90 @@ jstack jstat jstatd jx +k5srvutil +kadmin +kadmind +kadmin.local kbxutil +kdb5_util +kdestroy kernel-install -keyring +keyctl +key.dns_resolver keytool kill killall -killall5 -kitchen +kinit +klist kmod -knife +kpasswd +kprop +kpropd +kproplog +krb5-config +krb5kdc +krb5-send-pr +ksba-config +kswitch +ktutil kubectl kubelogin +kvno last lastb lastlog -lcf ld +ldapadd +ldapcompare +ldapdelete +ldapexop +ldapmodify +ldapmodrdn +ldappasswd +ldapsearch +ldapurl +ldapwhoami ldattach ld.bfd ldconfig ldd ld.gold ldiff +ld.so less lessecho -lessfile lesskey -lesspipe let lexgrog +libassuan-config +libgcrypt-config libnetcfg +libssl.so.1.0.0 +libtool libtoolize link linkerd +linkerd-stable-2.11.4 linux32 linux64 +lkbib ln +lnstat local locale localectl localedef -locale-gen +locale-gen.sh +locate logger login loginctl logname logout +logoutd logsave look -lorder +lookbib losetup ls lsattr @@ -675,12 +715,17 @@ lsblk lsb_release lscpu lsipc +lsirq lslocks lslogins lsmem lsmod lsns -lspgpot +lto-dump +lz4 +lz4c +lz4cat +lz4_decompress lzcat lzcmp lzdiff @@ -689,39 +734,31 @@ lzfgrep lzgrep lzless lzma +lzmadec lzmainfo lzmore -m17n-db m365 m365_comp m4 mac2unix -maidag -mail -mail.mailutils -mailq -mailx +machinectl make -make-first-existing-target -make-ssl-cert +makeconv +makedb man mandb manpath +man-recode mapfile -mariadb -mariadb-check -mawk +matchpathcon mcookie md5sum -md5sum.textutils mdig mesg -messages -messages.mailutils microsoft365 -migrate-pubring-from-classic-gpg mii-tool -mimeview +mk_cmds +mkdict mkdir mke2fs mkfifo @@ -737,55 +774,77 @@ mklost+found mknod mkswap mktemp +mmroff modinfo modprobe more mount mount.cifs mountpoint -movemail -movemail.mailutils +mount.smb3 +mpicalc mpstat mssql-scripter mssql-scripter.bat -mtrace mv mvn mvnDebug mvnyjp +myisamchk +myisam_ftdump +myisamlog +myisampack +my_print_defaults mysql -mysqlaccess mysqladmin -mysqlanalyze +mysqlbinlog mysqlcheck +mysql_client_test +mysql_config +mysql_config_editor +mysqld +mysqld_multi +mysqld_safe mysqldump mysqldumpslow -mysql_embedded -mysql_find_rows -mysql_fix_extensions mysqlimport -mysqloptimize -mysqlrepair -mysqlreport +mysql_keyring_encryption_test +mysql_migrate_keyring +mysqlpump +mysqlrouter +mysqlrouter_keyring +mysqlrouter_passwd +mysqlrouter_plugin_info +mysql_secure_installation mysqlshow mysqlslap -mysql_waitpid -mytop +mysql_ssl_rsa_setup +mysqltest +mysqltest_safe_process +mysql_tzinfo_to_sql +mysql_upgrade +mysqlxtest +named-checkzone +named-compilezone +named-nzd2nzf +named-rrchecker namei nameif nano -nawk -ncal neqn +netcap netstat +nettle-hash +nettle-lfib-stream +nettle-pbkdf2 networkctl -newaliases +newgidmap newgrp +newuidmap newusers -nfnl_osf -nft nice niceload +ninfod nisdomainname nl nm @@ -796,49 +855,62 @@ nologin normalizer npm nproc +npth-config npx nroff +nsec3hash nsenter nslookup +nstat nsupdate numfmt objcopy objdump +ocsptool od +odbc_config odbcinst -ohai +oid2name +oomctl openssl +p11-kit +p11tool +pack200 packer -pager -pam-auth-update -pam_getenv -pam_tally -pam_tally2 +pam_namespace_helper pam_timestamp_check parallel parcat +parset partx passwd paste pasteurize patch pathchk -pdb -pdb2 -pdb2.7 -pdb3 -pdb3.7 +pathfix3.9.py +pathfix.py +pcregrep +pcretest +pdfmom +pdfroff peekfd perl -perl5.28.1 -perl5.28-x86_64-linux-gnu +perl5.34.1 perlbug perldoc perlivp perlthanks +perror +pfbtops +pg_amcheck +pg_archivecleanup pg_basebackup pgbench +pg_checksums pg_config +pg_controldata +pg_ctl pg_dump pg_dumpall pg_isready @@ -846,50 +918,68 @@ pg_receivewal pg_receivexlog pg_recvlogical pgrep +pg_resetwal +pg_resetxlog pg_restore +pg_rewind +pg_test_fsync +pg_test_timing +pg_upgrade +pg_verifybackup +pg_waldump +pg_xlogdump pic -pico +pic2graph piconv pidof pidstat pigz pinentry pinentry-curses +pinentry-tty ping -ping4 ping6 pinky pip -pip2 -pip2.7 pip3 -pip3.7 +pip3.9 pivot_root +pkcs1-conv +pkgconf +pkg-config +pkgdata pkill pl2pm pldd plipconfig pmap +pngfix +png-fix-itxt pod2html pod2man pod2text pod2usage podchecker -podselect +policyvers popd +portablectl +postgres +post-grohtml +postmaster poweroff pr preconv -print +pre-grohtml printenv -printerbanner printf prlimit profile.ps1 prove prtstat ps +pscap PSCloudShellStartup.ps1 +psktool pslog psql pstree @@ -899,137 +989,132 @@ ptardiff ptargrep ptx puppet -push-apply pushd -pushy-client -pushy-service-manager +pwait pwck pwconv pwd pwdx +pwhistory_helper +pwmake +pwscore pwsh pwunconv -py3clean -py3compile -py3versions -pyclean -pycompile -pydoc -pydoc2 -pydoc2.7 pydoc3 -pydoc3.7 -pygettext -pygettext2 -pygettext2.7 -pygettext3 -pygettext3.7 +pydoc3.9 pygmentize python -python2 -python2.7 -python2.7-config -python2-config python3 -python3.7 -python3.7-config -python3.7m -python3.7m-config -python3m +python3.9 +python3.9-config +python3-config python-argcomplete-check-easy-install-script python-argcomplete-tcsh -python-config -pyvenv -pyvenv-3.7 -pyversions +racc rake ranlib rarp -raw -rbash -rcp +rcapparmor +rdisc +rdma rdoc -rdoc2.5 read readarray readelf readlink -readmsg -readmsg.mailutils readonly readprofile realpath reboot +refer register-python-argcomplete reindexdb -remove-shell -rename.ul +rename renice +request-key reset resize2fs resizepart +resolvconf resolvectl return rev +rfkill rg -rgrep ri -ri2.5 -rlogin rm -rmail rmdir +rmic +rmid rmiregistry rmmod -rmt -rmt-tar rnano +roff2dvi +roff2html +roff2pdf +roff2ps +roff2text +roff2x route -rpcgen -rsh -rsmtp +routef +routel +rpm +rpm2archive +rpm2cpio +rpmdb +rpmgraph +rpmkeys +rpmquery +rpmverify rspec rsync +rsync-ssl +rtacct rtcwake +rtmon +rtpr +rtstat ruby -ruby2.5 runc runcon runlevel -run-mailcap run-parts -runq runuser rview rvim -rzsh sadf sar -sar.sysstat -savelog +sclient scp script +scriptlive scriptreplay sdiff sed -see +sefcontext_compile +selabel_digest +selabel_get_digests_all_partial_matches +selabel_lookup +selabel_lookup_best_match +selabel_partial_match select -select-editor +selinux_check_access +selinux_check_securetty_context +selinuxenabled +selinuxexeccon sem -sendmail -sensible-browser -sensible-editor -sensible-pager seq serialver service set setarch setcap -setcifsacl +setenforce +setfilecon setpriv setsid setterm +sexp-conv sfctl sfdisk sftp @@ -1040,7 +1125,6 @@ sha224sum sha256sum sha384sum sha512sum -shadowconfig shasum shift shipyard @@ -1048,14 +1132,16 @@ shopt shred shuf shutdown -sieve +sim_client +sim_server size -skill slabtop slattach sleep -slogin -snice +slencheck +slsh +smb2-quota +smbinfo soelim sort sotruss @@ -1065,50 +1151,74 @@ split sprof sql sqlcmd +srptool +ss +sserver ssh ssh-add ssh-agent -ssh-argv0 ssh-copy-id +sshd ssh-keygen ssh-keyscan -start-stop-daemon +start-puppet-agent stat stdbuf +streamzip strings strip stty +sudo +sudoedit +sudo_logsrvd +sudoreplay +sudo_sendlog sulogin sum suspend +svn +svnadmin +svnbench +svndumpfilter +svnfsfs +svnlook +svnmucc +svnrdump +svnserve +svnsync +svnversion swaplabel swapoff swapon switch_root -symcryptrun sync sysctl -syslog2eximlog systemctl -systemd systemd-analyze systemd-ask-password systemd-cat systemd-cgls systemd-cgtop +systemd-creds +systemd-cryptenroll systemd-delta systemd-detect-virt +systemd-dissect systemd-escape +systemd-hwdb systemd-id128 systemd-inhibit systemd-machine-id-setup systemd-mount systemd-notify +systemd-nspawn systemd-path +systemd-repart systemd-resolve systemd-run systemd-socket-activate systemd-stdio-bridge +systemd-sysext systemd-sysusers systemd-tmpfiles systemd-tty-ask-password-agent @@ -1119,51 +1229,59 @@ tac tail tapestat tar -tarcat taskset tbl +tc +tdnf +tdnf-cache-updateinfo tee telinit -tempfile terraform test +tfmtodit then tic time timedatectl timeout times +tini-static +tipc tload tmux toe +togglesebool top touch tput tqdm tr +tracepath +tracepath6 trap troff true truncate +trust tset +tsig-keygen tsort tty tune2fs type typeset -tzconfig +tyum tzselect -ucf -ucfq -ucfr +uclampset +uconv +udevadm ul ulimit umask umount unalias uname -unattended-upgrade -unattended-upgrades +uname26 uncompress unexpand uniq @@ -1172,7 +1290,9 @@ unix2mac unix_chkpwd unix_update unlink +unlz4 unlzma +unpack200 unpigz unset unshare @@ -1180,39 +1300,38 @@ until unxz unzip unzipsfx +unzstd update-alternatives -update-ca-certificates -update-exim4.conf -update-exim4.conf.template -update-exim4defaults -update-icon-caches -update-info-dir -update-java-alternatives -update-locale -update-mime +update-ca-trust +updatedb update-mime-database -update-passwd -update-rc.d -update_rubygems uptime useradd +userdbctl userdel usermod +usernetctl users +usleep utmpdump +uuclient +uuidd +uuidgen +uuidparse +uuserver vacuumdb vacuumlo -validlocale +validatetrans vdir +vdpa vi view vigr vim -vim.basic vimdiff -vimtutor vipw virtualenv +visudo vmstat w wait @@ -1223,79 +1342,49 @@ wc wdctl wget whatis +wheel whereis which while +whiptail who whoami wipefs -w.procps -write x86_64 -x86_64-linux-gnu-addr2line -x86_64-linux-gnu-ar -x86_64-linux-gnu-as -x86_64-linux-gnu-c++filt -x86_64-linux-gnu-cpp -x86_64-linux-gnu-cpp-8 -x86_64-linux-gnu-dwp -x86_64-linux-gnu-elfedit -x86_64-linux-gnu-g++ -x86_64-linux-gnu-g++-8 -x86_64-linux-gnu-gcc -x86_64-linux-gnu-gcc-8 -x86_64-linux-gnu-gcc-ar -x86_64-linux-gnu-gcc-ar-8 -x86_64-linux-gnu-gcc-nm -x86_64-linux-gnu-gcc-nm-8 -x86_64-linux-gnu-gcc-ranlib -x86_64-linux-gnu-gcc-ranlib-8 -x86_64-linux-gnu-gcov -x86_64-linux-gnu-gcov-8 -x86_64-linux-gnu-gcov-dump -x86_64-linux-gnu-gcov-dump-8 -x86_64-linux-gnu-gcov-tool -x86_64-linux-gnu-gcov-tool-8 -x86_64-linux-gnu-gold -x86_64-linux-gnu-gprof -x86_64-linux-gnu-ld -x86_64-linux-gnu-ld.bfd -x86_64-linux-gnu-ld.gold -x86_64-linux-gnu-nm -x86_64-linux-gnu-objcopy -x86_64-linux-gnu-objdump -x86_64-linux-gnu-python2.7-config -x86_64-linux-gnu-python2-config -x86_64-linux-gnu-python3.7-config -x86_64-linux-gnu-python3.7m-config -x86_64-linux-gnu-python-config -x86_64-linux-gnu-ranlib -x86_64-linux-gnu-readelf -x86_64-linux-gnu-size -x86_64-linux-gnu-strings -x86_64-linux-gnu-strip +x86_64-mariner-linux-pkg-config +x86_64-pc-linux-gnu-c++ +x86_64-pc-linux-gnu-g++ +x86_64-pc-linux-gnu-gcc +x86_64-pc-linux-gnu-gcc-11.2.0 +x86_64-pc-linux-gnu-gcc-ar +x86_64-pc-linux-gnu-gcc-nm +x86_64-pc-linux-gnu-gcc-ranlib xargs xauth -xdg-user-dir -xdg-user-dirs-update +xml2-config +xmlcatalog +xmllint +xmlwf +xslt-config +xsltproc xsubpp xtables-legacy-multi -xtables-monitor -xtables-nft-multi -xxd xz xzcat xzcmp +xzdec xzdiff xzegrep xzfgrep xzgrep xzless xzmore +yat2m yes yo yo-complete ypdomainname +yum zcat zcmp zdiff @@ -1313,8 +1402,14 @@ zipinfo zipnote zipsplit zless +zlib_decompress zmore znew zramctl zsh -zsh5 +zsoelim +zstd +zstdcat +zstdgrep +zstdless +zstdmt diff --git a/tests/test.sh b/tests/test.sh index 184a7dd5..4eec30ab 100644 --- a/tests/test.sh +++ b/tests/test.sh @@ -11,11 +11,13 @@ id -u csuser 2> /dev/null if [ $? != 0 ] then echo "Creating user" - adduser --disabled-login --gecos "" --uid 9527 csuser + adduser -m --uid 9527 csuser fi echo "running root-level tests" pwsh /tests/root-tests.ps1 +pwsh -c "Install-Module Pester -Force -Scope AllUsers" + echo "running tests as csuser" runuser -u csuser pwsh /tests/test.ps1 \ No newline at end of file