xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2025-10-31 11:22:28 +00:00
Code Issues Projects Releases Wiki Activity

Transfer encryption key on capture

Browse Source
This commit is contained in:
Jarrod Johnson
2021-07-23 16:54:57 -04:00
parent 1e44deecf6
commit 4bde1b963f
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
imgutil/imgutil
View File

@@ -138,8 +138,10 @@ def capture_remote(opts, args):
targ = args[0]
outdir = args[1]
os.umask(0o022)
if '/' not in outdir:
outdir = os.path.join('/var/lib/confluent/public/os/', outdir)
if '/' in outdir:
raise Exception('Full path not supported, supply only the profile name')
outdir = os.path.join('/var/lib/confluent/public/os/', outdir)
privdir = os.path.join('/var/lib/confluent/private/os/', outdir)
# need kernel, initramfs, shim, grub
# maybe break pack_image into three, one that is common to call
# with here locally,
@@ -159,7 +161,12 @@ def capture_remote(opts, args):
utillib = os.path.join(utillib, '{}/dracut/'.format(oscat))
subprocess.check_call(['rsync', '-a', utillib, '{0}:/usr/lib/dracut/modules.d/97confluent'.format(targ)])
subprocess.check_call(['ssh', '-t', targ, 'python3', '/run/imgutil/capenv/imgutil', 'capturelocalboot'])
sys.stdout.write('Transferring image...')
sys.stdout.flush()
subprocess.check_call(['rsync', '-a', '{0}:/run/imgutil/capout/'.format(targ), outdir])
subprocess.check_call(['rsync', '-a', '{0}:/run/imgutil/private.key'.format(targ), '{}/pending/rootimg.key'.format(privdir)])
sys.stdout.write('Done\n')
sys.stdout.flush()
subprocess.check_call(['ssh', '-t', targ, 'python3', '/run/imgutil/capenv/imgutil', 'capturelocalcleanup'])
profname = os.path.basename(outdir)
os.symlink('/var/lib/confluent/public/site/initramfs.cpio',