Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add customization script for fleet.ks in rhel4edge iso file #5810

Closed
wants to merge 1 commit into from
Closed

add customization script for fleet.ks in rhel4edge iso file #5810

wants to merge 1 commit into from

Conversation

jscotka
Copy link
Collaborator

@jscotka jscotka commented Jan 19, 2024
edited by cockpituous
Loading

Image refresh for rhel4edge

  • FAIL: image-refresh rhel4edge

@jscotka jscotka force-pushed the rhel4edge branch 2 times, most recently from 1e55718 to bc1e134 Compare January 19, 2024 20:01
@cockpituous cockpituous changed the title add customization script for fleet.ks in rhel4edge iso file WIP: 4-cockpit-9: [no-test] add customization script for fleet.ks in rhel4edge iso file Jan 19, 2024
@cockpituous cockpituous changed the title WIP: 4-cockpit-9: [no-test] add customization script for fleet.ks in rhel4edge iso file add customization script for fleet.ks in rhel4edge iso file Jan 19, 2024
@cockpituous
Copy link
Contributor

Failed. Log: https://cockpit-logs.us-east-1.linodeobjects.com/image-refresh-logs/rhel4edge-20240119-220000.log

@jscotka
Copy link
Collaborator Author

jscotka commented Jan 20, 2024
edited
Loading

@allisonkarlitskaya Hi Lis. Is it possible to install and run podman, to be able to run container with tooling for KS customization? I'm not sure if it is allowed or there should change something? Or bots run it under user with admin rights so that I can do whatever I want there?
locally image refresh works for me well.

@martinpitt
Copy link
Member

@jscotka that doesn't work, sorry. Our bots run themselves in (unpriv) podman containers. This needs to be done some other way, perhaps fetching fleet.ks from its originating git?

@jscotka
Copy link
Collaborator Author

jscotka commented Jan 22, 2024

Hi @martinpitt , I expected that, So that I have to use original tooling without container, Is It possible to ask to install some package inside this container? Or I should try to use copletely another solution? IT Is not just about extracting fleet.ks, but also give them back to ISO a tweak ISO file little bit, I have to look at all necessary changes.

@martinpitt
Copy link
Member

@jscotka Yes, we can add packages to the container, see https://github.com/cockpit-project/cockpituous/blob/main/tasks/Containerfile . genisoimage is already there, happy to add another.

@jscotka
Copy link
Collaborator Author

jscotka commented Jan 22, 2024
edited
Loading

Last commit with rebase depends on changes in cockpit-project/cockpituous#571
It replaces using podman, with directly used script for image customization.

martinpitt
martinpitt reviewed Jan 22, 2024
View reviewed changes
images/scripts/rhel4edge.bootstrap
mv "$ISO_FILE" "$DIR_NAME/fleet_source.iso"
chmod 775 "$DIR_NAME"
# extract fleet.ks to directory
xorriso -osirrox on -indev "$DIR_NAME/fleet_source.iso" -extract /fleet.ks "$DIR_NAME/fleet.ks"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can also do this with isoinfo -x, that tool is already in the tasks container.

martinpitt
martinpitt requested changes Jan 22, 2024
View reviewed changes
Copy link
Member

@martinpitt martinpitt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please give some high-level description of what you are trying to do here? It's not clear from the code changes, they seem unrelated to fixing the anaconda hang.

Thanks for looking into it!

images/scripts/rhel4edge.bootstrap
sed -i "s@BASEDIR=.*@BASEDIR='$DIR_NAME'@" "$DIR_NAME/fleetkick.sh"
mkdir "$DIR_NAME/workdir"

$DIR_NAME/fleetkick.sh -w "$DIR_NAME/workdir"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just about everything about this is wrong: Conceptually we are not testing the built rhel4edge image, but a heavily hacked rebuild of it. Operationally, this is untrusted arbitrary code execution inside the RH network with access to secrets.

Customizations should happen either via a kickstart file (which then runs inside the built VM), which can be served over local http instead of using the existing fleet.ks on the image; or as virt-install arguments in images/scripts/virt-install-rhel4edge; or perhaps edge-request.json has some customization options here?

@martinpitt martinpitt mentioned this pull request Jan 22, 2024
Closed
1 task
@jscotka jscotka mentioned this pull request Jan 23, 2024
Merged
1 task
@jscotka
Copy link
Collaborator Author

jscotka commented Jan 23, 2024

replaced by version with custom kickstart, seems to work well, at least for now #5825

@jscotka jscotka closed this Jan 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinpitt martinpitt martinpitt requested changes

Assignees
No one assigned
Labels
bot no-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@jscotka @cockpituous @martinpitt @allisonkarlitskaya