From 863d606224f35ff924364c0332639be9e3e7a0a3 Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 20 Oct 2024 10:04:59 -0600 Subject: [PATCH 1/7] soloistrc.lyra: Add ansible-creator via Homebrew --- soloistrc.lyra.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/soloistrc.lyra.yml b/soloistrc.lyra.yml index 9ba11c51..985d9dfd 100644 --- a/soloistrc.lyra.yml +++ b/soloistrc.lyra.yml @@ -232,6 +232,7 @@ node_attributes: - shellcheck - yamllint - ansible-builder + - ansible-creator - ansible-lint - sshpass - ansible From 0c9c8971a59fe5759aeb2d7465ffe678f2d3c01c Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sat, 1 Feb 2025 17:09:18 -0700 Subject: [PATCH 2/7] Adding libvirt qemu+tls:// test-kitchen config --- .kitchen.libvirt.qemu-tls.yml | 87 ++++++++++++++++++++++ test/fixtures/Vagrantfile.libvirt-qemu-tls | 18 +++++ 2 files changed, 105 insertions(+) create mode 100644 .kitchen.libvirt.qemu-tls.yml create mode 100644 test/fixtures/Vagrantfile.libvirt-qemu-tls diff --git a/.kitchen.libvirt.qemu-tls.yml b/.kitchen.libvirt.qemu-tls.yml new file mode 100644 index 00000000..60c041ee --- /dev/null +++ b/.kitchen.libvirt.qemu-tls.yml @@ -0,0 +1,87 @@ +<% +# Hack to fix a bug in TK. TK supports using an SSH gateway in its SSH transport, but appears not to support configuring +# separate keys for the gateway and the destination. +require 'kitchen/transport/ssh' + +GATEWAY_KEYS = ["#{ENV['HOME']}/.ssh/identity.lyra"] + +class Kitchen::Transport::Ssh::Connection + # Replace this method in TK core with a version that uses the logged in user's key to access the SSH gateway. + def establish_connection_via_gateway(opts) + retry_connection(opts) do + Net::SSH::Gateway.new(ssh_gateway, ssh_gateway_username, options.merge(keys: GATEWAY_KEYS)) + .ssh(hostname, username, options) + end + end +end +%> +--- +driver: + name: vagrant + provider: libvirt + vagrantfiles: + - 'test/fixtures/Vagrantfile.libvirt-qemu-tls' + synced_folders: + - [".", "/tmp/kitchen/soloist", "disabled: false, type: 'rsync'"] + # TODO: Find & fix bugs in Vagrant where it checks for vagrant-host path... needs to support remote NFS & 9p libvirt mounts + # TODO: Fix mount: false setting for 9p + # TODO: Fix auto-mount capability for Darwin / macOS... needs mount_9p support (see man mount_9p) + # Need to implement mount_9p_shared_folder capability for macOS / Darwin + # https://github.com/vagrant-libvirt/vagrant-libvirt/search?q=mount_9p_shared_folder + # NOTE: For qemu+ssh remote libvirt VM, create a fake directory matching hostpath on the host running vagrant + # In this use case, both hostpath & guestpath live on the same remote libvirt + qemu hypervisor host & VM (guest) + # - ["/opt/export/terabyte", "/System/Volumes/Data/terabyte", "hostpath: '/export/terabyte', guestpath: '/System/Volumes/Data/terabyte', disabled: false, type: '9p', mount: false, accessmode: 'squash', owner:'1000'"] + # - ["/export/terabyte", "/System/Volumes/Data/terabyte", "disabled: false, type: 'nfs', nfs_export: false, bsd__nfs_options: '-fstype=nfs,nolockd,resvport,hard,bg,intr,rw,tcp,nfc'"] +# ssh_gateway_username: trinitronx + +# customize: +# memory: 1024 + +transport: + ssh_gateway: saturn.internal + ssh_gateway_username: trinitronx +# username: vagrant + +provisioner: +# name: chef_zero + transport: + ssh_gateway: saturn.internal + ssh_gateway_username: trinitronx + +# deprecations_as_errors: true + deprecations_as_errors: false +# multiple_converge: 2 +# enforce_idempotency: true + +verifier: + name: inspec +## Client error, can't connect to 'ssh' backend: Only one of proxy_command or bastion_host needs to be specified] +## Apparently the transport ssh_gateway option is actually passed through to InSpec +# proxy_command: ssh saturn.local -q0 %h:%p + +platforms: + - name: ubuntu-20.04 + driver: + box: generic/ubuntu2004 + lifecycle: + pre_converge: + - remote: sudo addgroup --system admin + - remote: sudo usermod -a -G admin kitchen + - name: macos-12-1 + driver: + box: lyraphase-runner/macos-monterey-base + box_url: http://saturn.local:8888/lyraphase-runner-macos-monterey-base.box + communicator: ssh + gui: true + customize: + memory: 4096 +# cpus: 2 + +suites: + - name: default + run_list: + - recipe[sprout-base::default] + attributes: + mysql_test: + version: '8.0' +# includes: [ubuntu-20.04, macos-latest] diff --git a/test/fixtures/Vagrantfile.libvirt-qemu-tls b/test/fixtures/Vagrantfile.libvirt-qemu-tls new file mode 100644 index 00000000..094594f7 --- /dev/null +++ b/test/fixtures/Vagrantfile.libvirt-qemu-tls @@ -0,0 +1,18 @@ +# -*- mode: ruby -*- +# vi: set ft=ruby : + +ENV['VAGRANT_DEFAULT_PROVIDER'] = 'libvirt' + +Vagrant.configure("2") do |config| + + #config.ssh.host = 'saturn.local' + #config.ssh.port = 2222 + config.ssh.proxy_command = 'ssh -t -T saturn.internal exec nc -q0 %h %p' + config.vm.synced_folder ".", "/tmp/vagrant", disabled: true + + config.vm.provider :libvirt do |libvirt| + libvirt.uri = 'qemu+tls://saturn.internal/system' + libvirt.system_uri = 'qemu+tls://saturn.internal/system' + #libvirt.forward_ssh_port = true + end +end From 016b7783482819d38cf54bcf105b2411d00fdc96 Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 2 Feb 2025 14:25:52 -0700 Subject: [PATCH 3/7] pre-commit: Fix check-yaml doc start warning Error was: did not find expected in ".kitchen.libvirt.qemu-tls.yml", line 4, column 1 --- .pre-commit-config.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f1cf42a7..e482c373 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -23,7 +23,11 @@ repos: - id: check-merge-conflict - id: check-symlinks - id: check-yaml - exclude: \.kitchen\.libvirt\.ssh\.yml + exclude: | + (?x)^( + \.kitchen\.libvirt\.ssh\.yml| + \.kitchen\.libvirt\.qemu-tls\.yml + )$ - id: end-of-file-fixer - id: trailing-whitespace exclude: .*\.patch From 61b9f768e388fda9d4d0bd806c67c81a6e568097 Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 2 Feb 2025 14:37:30 -0700 Subject: [PATCH 4/7] bootstrap.sh: Suppress shellcheck SC2317 due to false positive - This commit should be reverted if koalaman/shellcheck#2660 is resolved --- bootstrap-scripts/bootstrap.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/bootstrap-scripts/bootstrap.sh b/bootstrap-scripts/bootstrap.sh index cd3c652d..e9deb650 100755 --- a/bootstrap-scripts/bootstrap.sh +++ b/bootstrap-scripts/bootstrap.sh @@ -121,6 +121,7 @@ prevent_sudo_timeout() { } # Kill sudo timestamp refresh PID and invalidate sudo timestamp +# shellcheck disable=SC2317 # false-positive koalaman/shellcheck#2660 kill_timeout_loop() { echo "Killing $timeout_loop_PID due to trap" kill -TERM $timeout_loop_PID From 09a979b99841ee08c0b2dd51828c435aef7b4aeb Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 2 Feb 2025 14:43:34 -0700 Subject: [PATCH 5/7] pre-commit, bootstrap.sh: Fix SC2086 - Double quote to prevent globbing and word splitting. Error was: In bootstrap-scripts/bootstrap.sh line 127: kill -TERM $timeout_loop_PID ^---------------^ SC2086 (info): Double quote to prevent globbing and word splitting. Did you mean: kill -TERM "$timeout_loop_PID" For more information: https://www.shellcheck.net/wiki/SC2086 -- Double quote to prevent globbing ... --- bootstrap-scripts/bootstrap.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bootstrap-scripts/bootstrap.sh b/bootstrap-scripts/bootstrap.sh index e9deb650..131cad7d 100755 --- a/bootstrap-scripts/bootstrap.sh +++ b/bootstrap-scripts/bootstrap.sh @@ -124,7 +124,7 @@ prevent_sudo_timeout() { # shellcheck disable=SC2317 # false-positive koalaman/shellcheck#2660 kill_timeout_loop() { echo "Killing $timeout_loop_PID due to trap" - kill -TERM $timeout_loop_PID + kill -TERM "$timeout_loop_PID" sudo -K } trap kill_timeout_loop EXIT HUP TSTP QUIT SEGV TERM INT ABRT # trap all common terminate signals From ba132ef34cfe34d0804675459a3b1b248e9af38f Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 2 Feb 2025 14:48:12 -0700 Subject: [PATCH 6/7] ci: Remove deprecated macos-{11,12} and test on latest macos-{13-15} --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3ffa541e..996b94bf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,7 +43,7 @@ jobs: runs-on: ${{ matrix.os }} strategy: matrix: - os: [macos-11, macos-12] + os: [macos-13, macos-14, macos-15] steps: - name: DEBUG What is GitHub Actions IP? run: | From d0e31563240ef4277f42476f461b6bee0a4ffe6a Mon Sep 17 00:00:00 2001 From: James Cuzella Date: Sun, 2 Feb 2025 14:51:19 -0700 Subject: [PATCH 7/7] ci: Use GHA global debug setting --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 996b94bf..fc4d267d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -78,21 +78,21 @@ jobs: run: | echo BREWFILE_PATH=$BREWFILE_PATH echo GITHUB_WORKSPACE=$GITHUB_WORKSPACE - if: env.debug_ci == 'true' + if: ${{ env.debug_ci == 'true' || runner.debug == '1' }} - name: DEBUG - Print all shell env exports run: export -p - if: env.debug_ci == 'true' + if: ${{ env.debug_ci == 'true' || runner.debug == '1' }} - name: DEBUG - List workspace and Homebrew contents run: | ls -lAR ${GITHUB_WORKSPACE} ls -lR /usr/local/Homebrew - if: env.debug_ci == 'true' + if: ${{ env.debug_ci == 'true' || runner.debug == '1' }} - name: Generate Brewfile from soloistrc test fixture run: make brewfile - name: DEBUG - Where are Brewfiles? run: | find ${GITHUB_WORKSPACE} -iname 'Brewfile*' - if: env.debug_ci == 'true' + if: ${{ env.debug_ci == 'true' || runner.debug == '1' }} - name: Configure Homebrew cache uses: actions/cache@v4 with: @@ -127,4 +127,4 @@ jobs: - name: DEBUG - Where are Brewfiles? (exclude nodes and vendor dirs) run: | find ${GITHUB_WORKSPACE} \( -type d -a \( -name '*/nodes' -o -name '*/vendor' \) -prune \) -o -iname 'Brewfile*' - if: env.debug_ci == 'true' + if: ${{ env.debug_ci == 'true' || runner.debug == '1' }}