From 9cb6f3c48721d2d466c9208df2d49003b8e4c970 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Mon, 27 Sep 2021 15:09:30 -0400 Subject: [PATCH] Bump Fedora to release 35beta * Drop kube version lookup + CRI-O download, these are no-longer necessary. See https://github.com/containers/conmon/pull/299 * Add mlocate-updatedb.timer service to the naughty-list of services to disable (they could randomly interfere with testing) * Cleanup a few misc. problems found when running shellcheck from pre-commit hook. * Only run systemd_banish when building a VM + run it a second time during finalization to take care of any evil services pulled in by package dep. solving. Signed-off-by: Chris Evich --- base_images/fedora_base-setup.sh | 17 ++++++++++++++++- base_images/gce.yml | 8 ++++---- cache_images/fedora_packaging.sh | 14 ++++++-------- cache_images/fedora_setup.sh | 6 ++++-- get_ci_vm/bad_repo_test/hack/get_ci_vm.sh | 4 ---- lib.sh | 18 ++++-------------- podman/fedora_release | 2 +- podman/prior-fedora_release | 2 +- skopeo_cidev/setup.sh | 2 +- systemd_banish.sh | 2 +- 10 files changed, 38 insertions(+), 37 deletions(-) diff --git a/base_images/fedora_base-setup.sh b/base_images/fedora_base-setup.sh index a3900261..7084fbf0 100644 --- a/base_images/fedora_base-setup.sh +++ b/base_images/fedora_base-setup.sh @@ -16,6 +16,19 @@ REPO_DIRPATH=$(realpath "$SCRIPT_DIRPATH/../") # shellcheck source=./lib.sh source "$REPO_DIRPATH/lib.sh" +# TODO: Workaround for broken/missing mirrors during beta +if ((OS_RELEASE_VER==35)); then + for filepath in /etc/yum.repos.d/fedora*.repo; do + echo "Warning: Patching $filepath for F35 beta" + sed -i -r \ + -e 's/^#(baseurl=.+)/\1/' \ + -e 's/^(metalink=.+)/#\1/' \ + -e 's/download.example/dl.fedoraproject.org/' \ + -e 's/linux\/releases/linux\/development/' \ + $filepath + done +fi + # When installing during a container-build, installing anything # selinux-related will seriously screw up the rest of your day # with rpm debugging. @@ -24,7 +37,9 @@ declare -a PKGS PKGS=(rng-tools git coreutils) XSELINUX= if ((CONTAINER)); then - XSELINUX="--exclude=selinux*" + if ((OS_RELEASE_VER<35)); then + XSELINUX="--exclude=selinux*" + fi else PKGS+=(google-compute-engine-tools google-compute-engine-oslogin) fi diff --git a/base_images/gce.yml b/base_images/gce.yml index 345dd1d8..c4fb3561 100644 --- a/base_images/gce.yml +++ b/base_images/gce.yml @@ -27,12 +27,12 @@ variables: # Empty value means it must be passed in on command-line UBUNTU_BASE_IMAGE: 'ubuntu-2104-hirsute-v20210511a' # Latest Fedora release download URL - FEDORA_IMAGE_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/34/Cloud/x86_64/images/Fedora-Cloud-Base-34-1.2.x86_64.qcow2" - FEDORA_CSUM_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/34/Cloud/x86_64/images/Fedora-Cloud-34-1.2-x86_64-CHECKSUM" + FEDORA_IMAGE_URL: "https://dl.fedoraproject.org/pub/fedora/linux/development/35/Cloud/x86_64/images/Fedora-Cloud-35-x86_64-20210928.n.0-CHECKSUM" # BETA! + FEDORA_CSUM_URL: "https://dl.fedoraproject.org/pub/fedora/linux/development/35/Cloud/x86_64/images/Fedora-Cloud-Base-35-20210928.n.0.x86_64.qcow2" # BETA! # Prior Fedora release - PRIOR_FEDORA_IMAGE_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/33/Cloud/x86_64/images/Fedora-Cloud-Base-33-1.2.x86_64.qcow2" - PRIOR_FEDORA_CSUM_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/33/Cloud/x86_64/images/Fedora-Cloud-33-1.2-x86_64-CHECKSUM" + PRIOR_FEDORA_IMAGE_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/34/Cloud/x86_64/images/Fedora-Cloud-Base-34-1.2.x86_64.qcow2" + PRIOR_FEDORA_CSUM_URL: "https://dl.fedoraproject.org/pub/fedora/linux/releases/34/Cloud/x86_64/images/Fedora-Cloud-34-1.2-x86_64-CHECKSUM" # Don't leak sensitive values in error messages / output diff --git a/cache_images/fedora_packaging.sh b/cache_images/fedora_packaging.sh index 08b72a60..7a3fe8ee 100644 --- a/cache_images/fedora_packaging.sh +++ b/cache_images/fedora_packaging.sh @@ -153,7 +153,8 @@ INSTALL_PACKAGES=(\ case "$OS_RELEASE_VER" in 32) INSTALL_PACKAGES+=( python3-pytoml ) ;; 33) ;& - 34) INSTALL_PACKAGES+=( perl-FindBin python-toml ) ;; + 34) ;& + 35) INSTALL_PACKAGES+=( perl-FindBin python-toml ) ;; *) die "Unknown/Unsupported \$OS_REL_VER '$OS_REL_VER'" ;; esac @@ -167,20 +168,19 @@ if ! ((CONTAINER)); then policycoreutils ) else - EXARG="--exclude=selinux*" + if [[ "$OS_RELEASE_VER" -lt 35 ]]; then + EXARG="--exclude=selinux*" + fi fi # Download these package files, but don't install them; Any tests # wishing to, may install them using their native tools at runtime. DOWNLOAD_PACKAGES=(\ - "cri-o-$(get_kubernetes_version)*" - cri-tools - "kubernetes-$(get_kubernetes_version)*" oci-umount parallel podman-docker - python3-pytest4 + python3-pytest python3-virtualenv ) @@ -189,8 +189,6 @@ bigto $SUDO dnf install -y $EXARG "${INSTALL_PACKAGES[@]}" if [[ ${#DOWNLOAD_PACKAGES[@]} -gt 0 ]]; then echo "Downloading packages for optional installation at runtime, as needed." - # Required for cri-o - ooe.sh $SUDO dnf -y module enable cri-o:$(get_kubernetes_version) $SUDO mkdir -p "$PACKAGE_DOWNLOAD_DIR" cd "$PACKAGE_DOWNLOAD_DIR" lilto ooe.sh $SUDO dnf install -y 'dnf-command(download)' diff --git a/cache_images/fedora_setup.sh b/cache_images/fedora_setup.sh index 033a7113..4fa2bc1c 100644 --- a/cache_images/fedora_setup.sh +++ b/cache_images/fedora_setup.sh @@ -9,8 +9,10 @@ SCRIPT_FILEPATH=$(realpath "${BASH_SOURCE[0]}") SCRIPT_DIRPATH=$(dirname "$SCRIPT_FILEPATH") REPO_DIRPATH=$(realpath "$SCRIPT_DIRPATH/../") -# Run as quickly as possible after boot -/bin/bash $REPO_DIRPATH/systemd_banish.sh +if ! ((CONTAINER)); then + # Run as quickly as possible after boot + /bin/bash $REPO_DIRPATH/systemd_banish.sh +fi # shellcheck source=./lib.sh source "$REPO_DIRPATH/lib.sh" diff --git a/get_ci_vm/bad_repo_test/hack/get_ci_vm.sh b/get_ci_vm/bad_repo_test/hack/get_ci_vm.sh index 1247e882..22dbf0bc 100755 --- a/get_ci_vm/bad_repo_test/hack/get_ci_vm.sh +++ b/get_ci_vm/bad_repo_test/hack/get_ci_vm.sh @@ -52,9 +52,6 @@ cleanup() { set +e wait - # set GCLOUD_DEBUG to leave tmpdir behind for postmortem - test -z "$GCLOUD_DEBUG" && rm -rf $TMPDIR - # Not always called from an exit handler, but should always exit when called exit $RET } @@ -116,7 +113,6 @@ parse_args(){ show_usage "No image-name specified." fi - ENVS="$ENVS SPECIALMODE=\"$SPECIALMODE\"" SETUP_CMD="env $ENVS $GOSRC/contrib/cirrus/setup.sh" VMNAME="${VMNAME:-${USER}-${IMAGE_NAME}}" CREATE_CMD="$PGCLOUD compute instances create --zone=$ZONE --image-project=libpod-218412 --image=${IMAGE_NAME} --custom-cpu=$CPUS --custom-memory=$MEMORY --boot-disk-size=$DISK --labels=in-use-by=$USER $VMNAME" diff --git a/lib.sh b/lib.sh index 8cb9327f..95c9089d 100644 --- a/lib.sh +++ b/lib.sh @@ -95,20 +95,6 @@ set_gac_filepath(){ unset GAC_JSON; } -get_kubernetes_version() { - local KUBERNETES_VERSION - case "$OS_REL_VER" in - fedora-32) - KUBERNETES_VERSION="1.15" ;; - fedora-33) - KUBERNETES_VERSION="1.18" ;; - fedora-34) - KUBERNETES_VERSION="1.20" ;; - *) die "Unknown/Unsupported \$OS_REL_VER '$OS_REL_VER'" - esac - echo "$KUBERNETES_VERSION" -} - # Warning: DO NOT USE the following functions willy-nilly! # They are only intended to be called by other setup scripts, as the very # last step during the build process. They're purpose is to "reset" the @@ -166,6 +152,10 @@ common_finalize() { echo -n "" | $SUDO tee /etc/machine-id $SUDO sync if ! ((CONTAINER)); then + # Be sure we got everything - dep. resolving may have pulled in more + /bin/bash $(dirname ${BASH_SOURCE[0]})/systemd_banish.sh + + # This helps when google goes to compress the image $SUDO fstrim -av fi } diff --git a/podman/fedora_release b/podman/fedora_release index a7873645..8f92bfdd 100644 --- a/podman/fedora_release +++ b/podman/fedora_release @@ -1 +1 @@ -34 +35 diff --git a/podman/prior-fedora_release b/podman/prior-fedora_release index bb95160c..a7873645 100644 --- a/podman/prior-fedora_release +++ b/podman/prior-fedora_release @@ -1 +1 @@ -33 +34 diff --git a/skopeo_cidev/setup.sh b/skopeo_cidev/setup.sh index 8a64b99b..df8f4c37 100644 --- a/skopeo_cidev/setup.sh +++ b/skopeo_cidev/setup.sh @@ -61,7 +61,7 @@ cd "$REG_GOSRC" git clone --depth 1 -b "$OSO_TAG" "$OSO_REPO" "$OSO_GOSRC" cd "$OSO_GOSRC" -# Edit out a "go < 1.5" check which works incorrectly with go ≥ 1.10. +# Edit out a "go < 1.5" check which works incorrectly with go >= 1.10. sed -i -e 's/\[\[ "\${go_version\[2]}" < "go1.5" ]]/false/' ./hack/common.sh # Fix a bug in 'options' line processing of resolv.conf when an option is diff --git a/systemd_banish.sh b/systemd_banish.sh index 26b51bb5..14678844 100644 --- a/systemd_banish.sh +++ b/systemd_banish.sh @@ -11,7 +11,7 @@ SUDO="" [[ "$UID" -eq 0 ]] || \ SUDO="sudo" -EVIL_UNITS="cron crond atd apt-daily-upgrade apt-daily fstrim motd-news systemd-tmpfiles-clean update-notifier-download" +EVIL_UNITS="cron crond atd apt-daily-upgrade apt-daily fstrim motd-news systemd-tmpfiles-clean update-notifier-download mlocate-updatedb" if [[ "$1" == "--list" ]] then