-
Notifications
You must be signed in to change notification settings - Fork 205
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add tool to bootstrap openQA with only one command
- Loading branch information
Showing
3 changed files
with
137 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
#!/bin/bash -x | ||
|
||
zypper -n install --no-recommends openQA-local-db apache2 openQA-worker qemu-kvm | ||
|
||
# setup database | ||
systemctl enable --now postgresql | ||
su postgres -c "createuser -D geekotest" | ||
su postgres -c "createdb -O geekotest openqa" | ||
|
||
|
||
# setup webserver and fake-auth | ||
# from script/setup-single-instance (https://github.com/os-autoinst/openQA/pull/1933) | ||
for i in headers proxy proxy_http proxy_wstunnel rewrite ; do a2enmod $i ; done | ||
sed -i -e 's/^.*httpsonly.*$/httpsonly = 0/g' /etc/openqa/openqa.ini | ||
sed -i -e 's/#.*method.*OpenID.*$/&\nmethod = Fake/' /etc/openqa/openqa.ini | ||
sed "s/#ServerName.*$/ServerName $(hostname)/" /etc/apache2/vhosts.d/openqa.conf.template > /etc/apache2/vhosts.d/openqa.conf | ||
|
||
|
||
# fetch tests and needles | ||
echo "opensuse ..." | ||
if ping -c1 gitlab.suse.de. ; then | ||
# use faster local mirror if run from within SUSE network | ||
export needles_giturl="https://gitlab.suse.de/openqa/os-autoinst-needles-opensuse-mirror.git" | ||
fi | ||
/usr/share/openqa/script/fetchneedles | ||
|
||
if ping -c1 gitlab.suse.de. ; then | ||
# clone SLE needles if run from within SUSE network | ||
git clone https://gitlab.suse.de/openqa/os-autoinst-needles-sles.git /var/lib/openqa/tests/opensuse/products/sle/needles | ||
chown -R geekotest: /var/lib/openqa/tests/opensuse/products/sle/needles | ||
fi | ||
|
||
|
||
# ensure that the hostname is mapped to 127.0.0.1 (needed for livehandler) | ||
grep -q $(hostname) /etc/hosts || echo "127.0.0.1 $(hostname)" >> /etc/hosts | ||
|
||
|
||
# start daemons | ||
systemctl enable --now apache2.service | ||
systemctl enable --now openqa-webui.service | ||
systemctl enable --now openqa-websockets.service | ||
systemctl enable --now openqa-scheduler.service | ||
systemctl enable --now openqa-resource-allocator.service | ||
systemctl enable --now openqa-livehandler.service | ||
systemctl enable --now openqa-gru.service | ||
|
||
|
||
# create api key | ||
curl http://localhost/login # create demo user (id=2) | ||
API_KEY=$(hexdump -n 8 -e '2/4 "%08X" 1 "\n"' /dev/random) | ||
API_SECRET=$(hexdump -n 8 -e '2/4 "%08X" 1 "\n"' /dev/random) | ||
echo "INSERT INTO api_keys (key, secret, user_id, t_created, t_updated) VALUES ('${API_KEY}', '${API_SECRET}', 2, NOW(), NOW());" | su postgres -c 'psql openqa' | ||
|
||
cat >> /etc/openqa/client.conf <<EOF | ||
[localhost] | ||
key = ${API_KEY} | ||
secret = ${API_SECRET} | ||
EOF | ||
|
||
# start worker | ||
systemctl enable --now openqa-worker@1.service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
#!/bin/bash -x | ||
|
||
CONTAINER_NAME="openqa1" | ||
CONTANER_PATH="/var/lib/machines/${CONTAINER_NAME}" | ||
|
||
DEFAULT_REPO="http://download.opensuse.org/tumbleweed/repo/oss/" | ||
PKGS_TO_INSTALL="aaa_base systemd shadow zypper openSUSE-release vim iproute2 iputils openQA-local-db openQA-worker sudo apache2 net-tools curl wget ca-certificates-mozilla qemu-kvm openQA-bootstrap" | ||
|
||
zypper -n install systemd-container | ||
mkdir -p /var/lib/machines/ | ||
|
||
cat > /etc/systemd/system/systemd-nspawn-openqa@.service <<EOF | ||
[Unit] | ||
Description=Container %i | ||
Documentation=man:systemd-nspawn(1) | ||
PartOf=machines.target | ||
Before=machines.target | ||
After=network.target systemd-resolved.service | ||
RequiresMountsFor=/var/lib/machines | ||
[Service] | ||
ExecStart=/usr/bin/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --bind /dev/kvm --settings=override --machine=%i | ||
KillMode=mixed | ||
Type=notify | ||
RestartForceExitStatus=133 | ||
SuccessExitStatus=133 | ||
Slice=machine.slice | ||
Delegate=yes | ||
TasksMax=16384 | ||
DevicePolicy=closed | ||
DeviceAllow=/dev/net/tun rwm | ||
DeviceAllow=char-pts rw | ||
# nspawn itself needs access to /dev/loop-control and /dev/loop, to | ||
# implement the --image= option. Add these here, too. | ||
DeviceAllow=/dev/loop-control rw | ||
DeviceAllow=/dev/kvm rw | ||
DeviceAllow=block-loop rw | ||
DeviceAllow=block-blkext rw | ||
[Install] | ||
WantedBy=machines.target | ||
EOF | ||
|
||
mkdir $CONTANER_PATH | ||
zypper -n --root $CONTANER_PATH addrepo $DEFAULT_REPO defaultrepo | ||
zypper -n --root $CONTANER_PATH --gpg-auto-import-keys refresh | ||
zypper -n --root $CONTANER_PATH install --no-recommends -ly $PKGS_TO_INSTALL | ||
|
||
if ping -c1 download.suse.de. ; then | ||
# add internal CA if executed within suse network | ||
zypper -n --root $CONTANER_PATH addrepo http://download.suse.de/ibs/SUSE:/CA/openSUSE_Tumbleweed/SUSE:CA.repo | ||
zypper -n --root $CONTANER_PATH --gpg-auto-import-keys refresh | ||
zypper -n --root $CONTANER_PATH install --no-recommends -ly ca-certificates-suse | ||
fi | ||
|
||
systemctl daemon-reload | ||
systemctl start systemd-nspawn-openqa@$CONTAINER_NAME | ||
# ensure that the container is really running | ||
while ! timeout -s9 2 systemd-run -qPM $CONTAINER_NAME /bin/bash -c whoami ; do systemctl restart systemd-nspawn-openqa@$CONTAINER_NAME.service ; sleep 3 ; done | ||
systemd-run -qPM $CONTAINER_NAME /bin/bash -c '/usr/share/openqa/script/openqa-bootstrap' | ||
|
||
echo -e "$(tput setaf 2;tput bold)Your openQA container has been created. Run 'systemd-run -tM $CONTAINER_NAME /bin/bash' to get a shell in the container$(tput sgr0)" |