2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 17:43:14 +00:00
Commit Graph

89 Commits

Author SHA1 Message Date
Jarrod Johnson
3c7034edf2 Add unencrypted option to pack and rework multi-repo support
Support skipping encryption if a user does not want it. Further support mulitple '-r'
arguments and fix builds when
no -r is specified.
2021-09-08 12:17:30 -04:00
Jarrod Johnson
6465203918 Add ability to pack and combine with a previous baseprofile
For example, this is a good complement to unpack in a tethered environment:

unpack profile-v1 /root/scratch
#modify /root/scratch
pack /root/scratch profile-v2 -b profile-v1
2021-09-03 16:14:44 -04:00
Jarrod Johnson
de5350ca6e Fix additional repository argument for suse build 2021-09-03 15:12:06 -04:00
Jarrod Johnson
5422f904f9 Add a breadcrumb for scripts to detect exec context 2021-09-03 12:11:10 -04:00
Jarrod Johnson
57a8149844 Fix adding repositories to rhel-style diskless 2021-09-03 09:16:22 -04:00
Jarrod Johnson
558139d654 Fix bug around pulling in img build info 2021-09-02 12:11:48 -04:00
Jarrod Johnson
63d9aea218 Support relative paths for build scratchdir and pkglist 2021-09-02 12:10:07 -04:00
Jarrod Johnson
5d1d527e09 If reasonable, provide a 'distribution' link for diskless
If the user uses '-s', then
preserve that in distribution like a diskful one would.
2021-09-02 11:58:22 -04:00
Jarrod Johnson
19685b7a4e Accept relative path for unpack 2021-09-02 11:38:09 -04:00
Jarrod Johnson
adcc2f0aa9 Add some usage to the volume flag for now '-' 2021-09-02 11:30:51 -04:00
Jarrod Johnson
fbef6442d5 Add a shorthand '-' to say 'mount to same path as outside' 2021-09-02 11:29:40 -04:00
Jarrod Johnson
bf017b55e1 Have unpack more intuitively target the specific directory
This makes it symmetric witht pack/unpack.
2021-09-02 11:22:45 -04:00
Jarrod Johnson
bcc278e4d8 Add losetup for new suse support 2021-09-02 10:30:30 -04:00
Jarrod Johnson
ac45d6e578 Support non-interactive request to exec command
Make outside scripting easier by accepting an optional command
to run in exec environment.
2021-09-02 09:06:57 -04:00
Jarrod Johnson
237670e9b1 Rework gpg key import for suse build
Only pull in host keys when not using a source.
When using source(s), pull in all normal gpg keys from local filesystem sources.
2021-09-02 08:39:45 -04:00
Jarrod Johnson
f65056a047 Fix Suse image fingeprinting 2021-09-02 08:05:11 -04:00
Jarrod Johnson
6264dc1ed1 Add host pubkeys to build root 2021-09-01 16:17:34 -04:00
Jarrod Johnson
27a1649d94 Add more in-context stateless documentation
Specify what default behavior is and reason to choose one over
the other.
2021-09-01 10:44:25 -04:00
Jarrod Johnson
96f50519d8 Fix typo in imgutil 2021-09-01 10:38:49 -04:00
Jarrod Johnson
ce98ff6b3d Fix suse imgutil build function 2021-08-27 09:03:35 -04:00
Jarrod Johnson
e35ce77bc7 Fix SUSE imgutil 2021-08-27 08:46:47 -04:00
Jarrod Johnson
dd1615b4a7 Fixes for imgutil 2021-08-26 16:03:38 -04:00
Jarrod Johnson
d0c23e490b Tolerate delays in crypt-dm completion for imgutil 2021-08-26 10:38:34 -04:00
Jarrod Johnson
b4ee1ab6af Fix imgutil build 2021-08-25 15:58:48 -04:00
Jarrod Johnson
30e901ef19 Attempt -p and -r arguments to add repos and speciy alternate pakagke list. 2021-08-18 17:34:27 -04:00
Jarrod Johnson
b44ac19723 Provide some info on image progeny on pack 2021-08-18 15:50:03 -04:00
Jarrod Johnson
e9bc7ebe8d Finish conversion of imgutil to argparse 2021-08-12 09:15:15 -04:00
Jarrod Johnson
8a8e9718f9 Begin migration of imgutil to argparse
We no longer support python 2.6, we can use argparse for better subcommand handling.
2021-08-11 17:01:32 -04:00
Jarrod Johnson
865021beff Unack to rootfs
This keeps things neutral and leaves the door open for multipart
support
2021-08-11 16:14:46 -04:00
Jarrod Johnson
71342272bf Add imgutil unpack
Provide capability to unpack previously packed diskless images.
2021-08-10 09:04:30 -04:00
Jarrod Johnson
1e418e1bcf Stub to drive unpack feature 2021-08-09 16:47:27 -04:00
Jarrod Johnson
91caf76cae Fix ownership problems with build and capture
Some parent directories were never given to confluent user
2021-08-04 12:12:57 -04:00
Jarrod Johnson
48d84a5422 Fix get_json
Some handlers may work in bytes or str,
normalize to str on the way out.
2021-08-02 14:35:59 -04:00
Jarrod Johnson
af9676ee6f Improve appearance of imgutil capture
Provide more feedback with less worrisome normal output.
2021-07-27 08:36:48 -04:00
Jarrod Johnson
8ab6fef632 Fix kernel selection on pack
Make a specialized sort
for kernel versions to more reliably identify the latest version.
2021-07-26 13:03:26 -04:00
Jarrod Johnson
a720ccdbc8 Set ownership/permissions of private section
Fix confluent being unable to read, and make the permissions more consistent.
2021-07-26 11:12:59 -04:00
Jarrod Johnson
0ad59436ec Mitigate scratch consumption
As an old file is copied in for future disposale, delete
it as we go by fallocate
to punch holes in it.
2021-07-26 09:19:33 -04:00
Jarrod Johnson
4928f50332 Create private directiories and correct key format 2021-07-23 17:43:47 -04:00
Jarrod Johnson
7f468c3a91 Correct offset to be in sectors, not bytes 2021-07-23 17:32:42 -04:00
Jarrod Johnson
81b4da6a95 Add encrypted stateless pack 2021-07-23 17:11:33 -04:00
Jarrod Johnson
4bde1b963f Transfer encryption key on capture 2021-07-23 16:54:57 -04:00
Jarrod Johnson
54667570bd Create encrypted image and private profile data
Prepare for securing os profile witht custom images
2021-07-23 16:13:24 -04:00
Jarrod Johnson
4ddfa192ba Remove sticky bit from profile directory 2021-07-21 12:16:22 -04:00
Jarrod Johnson
fa45ea8ad3 Finalize a captured image 2021-07-21 11:56:15 -04:00
Jarrod Johnson
f4281e115b Fix permissions on generated profile. 2021-07-21 11:53:51 -04:00
Jarrod Johnson
5dfbeef79c Advance state of cloning
Have imgutil complete the capture process, splitting work
between target and repository.

Provide hook through kcmdline to induce installtodisk.

Have installimage reboot system cleanly when done.

Have new /etc/confluent in cloned system.

Hook for post scripts to execute.
2021-07-21 11:15:42 -04:00
Jarrod Johnson
cd8a1dfe5e Draft work to flesh out profile and pull back
Fingerprint the target and prepare for more effort.

Will have another imgutil primitive for post-capture prep to get the
initramfs, kernel, rootimg, and bootloader content ready for copy.
2021-07-20 17:02:08 -04:00
Jarrod Johnson
2257a67420 Begin wiring imgutil for remote capture
Will be having to run on remote
system and local system
and combining the results
as well as cleaning up after ourselves on target.
2021-07-20 15:56:47 -04:00
Jarrod Johnson
55302b74d9 Have prototype cloning implemented
Go ahead and relabel all selinux content, ssh keys, grub, and efiboot entry.
2021-07-20 14:07:55 -04:00
Jarrod Johnson
22008f9dc9 Image cloning changes
Refactor and try to mask ssh
keys for root user.

Try to preserve selinux context for masked files.

Add progress indicator for writing to disk.
2021-07-19 17:30:26 -04:00