Fix for git process error.

Jenkinsfile

@@ -124,4 +124,5 @@ node('mesos-ubuntu') {
     }
   }
   parallel branches
+  deleteDir() // Cleaning up workspace
 }

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/999-aws-ebs-nvme.rules

@@ -0,0 +1,3 @@
+# ebs nvme devices
+KERNEL=="nvme[0-9]*n[0-9]*", ENV{DEVTYPE}=="disk", ATTRS{model}=="Amazon Elastic Block Store", PROGRAM="/usr/local/bin/ebs-nvme-mapping.sh /dev/%k", SYMLINK+="%c"
+

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/cluster_profile.tfvars

@@ -0,0 +1,20 @@
+aws_region = "us-west-2"
+
+aws_bootstrap_instance_type = "m5.large"
+aws_master_instance_type = "m5.xlarge"
+aws_agent_instance_type = "m5.xlarge"
+aws_public_agent_instance_type = "m5.xlarge"
+
+ssh_key_name = "dcos-images"
+# Inbound Master Access
+admin_cidr = "0.0.0.0/0"
+
+num_of_masters = "1"
+num_of_private_agents = "2"
+num_of_public_agents = "1"
+
+custom_dcos_download_path = "https://downloads.dcos.io/dcos/stable/1.13.9/dcos_generate_config.sh"
+enable_os_setup_script = false
+
+owner = "dcos-images"
+expiration = "3h"

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/configure_dcos_system.sh

@@ -0,0 +1,122 @@
+#!/usr/bin/env bash
+set -o errexit -o nounset -o pipefail
+
+echo ">>> In configure_dcos_system.sh:"
+
+echo ">>> Kernel: $(uname -r)"
+
+# disabled due to packer build error
+# echo ">>> Disabling SELinux"
+# sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config
+# setenforce permissive
+
+echo ">>> Adjusting SSH Daemon Configuration"
+
+sed -i '/^\s*PermitRootLogin /d' /etc/ssh/sshd_config
+echo -e "\nPermitRootLogin without-password" >> /etc/ssh/sshd_config
+
+sed -i '/^\s*UseDNS /d' /etc/ssh/sshd_config
+echo -e "\nUseDNS no" >> /etc/ssh/sshd_config
+
+echo ">>> Set up filesystem mounts"
+mount_pairs=( "/dev/xvde:/var/lib/mesos"
+              "/dev/nvme1n1:/var/lib/mesos"
+              "/dev/xvdf:/var/lib/docker"
+              "/dev/nvme2n1:/var/lib/docker"
+              "/dev/xvdg:/dcos/volume0"
+              "/dev/nvme3n1:/dcos/volume0"
+              "/dev/xvdh:/var/log"
+              "/dev/nvme4n1:/var/log"
+            )
+for mount_pair in ${mount_pairs[@]}; do
+  device=$(echo ${mount_pair} | cut -d':' -f1)
+  mountpoint=$(echo ${mount_pair} | cut -d':' -f2)
+  device_filenamesafe=$(echo ${device} | sed 's/\//-/g')
+
+  cat << EOF > /etc/systemd/system/dcos_vol_setup${device_filenamesafe}.service
+  [Unit]
+  Description=Initial setup of volume mounts
+  DefaultDependencies=no
+  Before=local-fs-pre.target
+
+  [Service]
+  Type=oneshot
+  TimeoutSec=20
+  ExecStart=/usr/local/sbin/dcos_vol_setup.sh ${device} ${mountpoint}
+
+  [Install]
+  WantedBy=local-fs-pre.target
+EOF
+  systemctl enable dcos_vol_setup${device_filenamesafe}
+done
+
+echo ">>> Disable rsyslog"
+systemctl disable rsyslog
+
+echo ">>> Set journald limits"
+mkdir -p /etc/systemd/journald.conf.d/
+echo -e "[Journal]\nSystemMaxUse=15G" > /etc/systemd/journald.conf.d/dcos-el7-ami.conf
+
+echo ">>> Removing tty requirement for sudo"
+sed -i'' -E 's/^(Defaults.*requiretty)/#\1/' /etc/sudoers
+
+echo ">>> Adding group [nogroup]"
+/usr/sbin/groupadd -f nogroup
+
+echo ">>> Cleaning up SSH host keys"
+shred -u /etc/ssh/*_key /etc/ssh/*_key.pub
+
+echo ">>> Cleaning up accounting files"
+rm -f /var/run/utmp
+>/var/log/lastlog
+>/var/log/wtmp
+>/var/log/btmp
+
+echo ">>> Remove temporary files"
+rm -rf /tmp/* /var/tmp/*
+
+echo ">>> Remove ssh client directories"
+rm -rf /home/*/.ssh /root/.ssh
+
+echo ">>> Remove history"
+unset HISTFILE
+rm -rf /home/*/.*history /root/.*history
+
+echo ">>> Update /etc/hosts on boot"
+update_hosts_script=/usr/local/sbin/dcos-update-etc-hosts
+update_hosts_unit=/etc/systemd/system/dcos-update-etc-hosts.service
+
+mkdir -p "$(dirname $update_hosts_script)"
+
+cat << 'EOF' > "$update_hosts_script"
+#!/bin/bash
+export PATH=/opt/mesosphere/bin:/sbin:/bin:/usr/sbin:/usr/bin
+curl="curl -s -f -m 30 --retry 3"
+fqdn=$($curl http://169.254.169.254/latest/meta-data/local-hostname)
+ip=$($curl http://169.254.169.254/latest/meta-data/local-ipv4)
+echo "Adding $fqdn if $ip is not in /etc/hosts"
+grep ^$ip /etc/hosts > /dev/null || echo -e "$ip\t$fqdn ${fqdn%%.*}" >> /etc/hosts
+EOF
+
+chmod +x "${update_hosts_script}"
+
+cat << EOF > "${update_hosts_unit}"
+[Unit]
+Description=Update /etc/hosts with local FQDN if necessary
+After=network.target
+
+[Service]
+Restart=no
+Type=oneshot
+ExecStart=${update_hosts_script}
+
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl daemon-reload
+systemctl enable $(basename "${update_hosts_unit}")
+
+
+# Make sure we wait until all the data is written to disk, otherwise
+# Packer might quit too early before the large files are deleted
+sync

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/dcos_vol_setup.sh

@@ -0,0 +1,110 @@
+#!/bin/bash
+set -o errexit -o nounset -o pipefail
+
+# Avoid getting killed due to https://bugs.freedesktop.org/show_bug.cgi?id=84923 if
+# systemd-journald is restarted while we are running.
+trap '' PIPE
+
+export device=${1:-}
+export mount_location=${2:-}
+export label=$(echo ${mount_location:1:12} | sed 's/\//-/g')
+
+function usage {
+cat <<EOUSAGE
+USAGE: $(basename "$0") <device> <mount_location>
+
+ This script will format, and persistently mount the device to the specified
+ location. It is intended to run as an early systemd unit (local-fs-pre.target)
+ on AWS to set up EBS volumes. If a device cant be found for 5 secons, it is simple skipped.
+
+ If <mount_location> is /var/log the script will migrate existing data to the
+ new filesystem.
+
+ It will only execute if <device> doesn't already contain a filesystem.
+
+EXAMPLES:
+
+ $(basename "$0") /dev/xvde /dcos/volume1
+
+EOUSAGE
+}
+
+# Try to be resilient to SIGPIPE, incase anyone restarts journald while we are running.
+function noncritical {
+  set +e; ${*}; set -e
+}
+
+function checked_mount() {
+  local dev="$1"
+  local location="$2"
+  noncritical echo -n "Mounting: $dev to $location"
+  until grep "^$dev" /etc/mtab > /dev/null; do
+    noncritical sleep 1
+    noncritical echo -n .
+    # mount might think the device is already mounted, so accept nonzero exit status
+    mount "$location" || :
+  done
+  noncritical echo
+}
+
+for i in "$@"
+do
+  case "$i" in                                      # Munging globals, beware
+    -h|--help)                noncritical usage     ;;
+    --)                       break                 ;;
+    *)                        # unknown option      ;;
+  esac
+done
+
+function main {
+  if [[ -z "$mount_location" || -z "$device" ]]
+  then
+    noncritical usage
+    exit 1
+  fi
+
+  noncritical echo -n "Waiting for $device to come online"
+  retry=5
+  until test -b "$device"; do
+    noncritical sleep 1; noncritical echo -n .;
+    let retry=retry-1
+    if [ $retry -eq 0 ]; then
+     noncritical exit 0
+    fi
+  done
+  noncritical echo
+  local formated
+  mkfs.xfs -n ftype=1 -L ${label} $device > /dev/null 2>&1 && formated=true || formated=false
+  if [ "$formated" = true ]
+  then
+    noncritical echo "Setting up device mount"
+    mkdir -p "$mount_location"
+    fstab="LABEL=${label} $mount_location xfs defaults 0 2"
+    noncritical echo "Adding entry to fstab: $fstab"
+    echo "$fstab" >> /etc/fstab
+    if [ "$mount_location" = "/var/log" ]; then
+      noncritical echo "Preparing $device by migrating logs from $mount_location"
+      mkdir -p /var/log-prep
+      mount "$device" /var/log-prep
+      mkdir -p /var/log-prep/journal
+      cp -a /var/log/. /var/log-prep/
+      umount /var/log-prep
+      rmdir /var/log-prep
+      rm -rf /var/log
+      mkdir -p /var/log
+      checked_mount "$device" "$mount_location"
+      systemd-tmpfiles --create --prefix /var/log/journal
+      systemctl kill --signal=SIGUSR1 systemd-journald
+    else
+      checked_mount "$device" "$mount_location"
+    fi
+  else
+    noncritical echo "Device $device contains a filesystem: no action taken"
+    noncritical exit 0
+  fi
+}
+
+if [[ ${1:-} ]] && declare -F | cut -d' ' -f3 | fgrep -qx -- "${1:-}"
+then "$@"
+else main "$@"
+fi

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/ebs-nvme-mapping.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+vol=$(/usr/sbin/nvme id-ctrl --raw-binary "${1}" | \
+      cut -c3073-3104 | tr -s ' ' | sed 's/ $//g')
+vol=${vol#/dev/}
+[ -n "${vol}" ] && echo "${vol/xvd/sd} ${vol/sd/xvd}"

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/install_dcos_prerequisites.sh

@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+sudo setenforce permissive && \
+sudo sed -i --follow-symlinks 's/^SELINUX=.*/SELINUX=permissive/g' /etc/sysconfig/selinux
+
+sudo yum install -y yum-utils
+
+sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+sudo yum makecache
+
+sudo yum install -y docker-ce-18.09.1 docker-ce-cli-18.09.1 containerd.io
+sudo systemctl enable docker
+sudo systemctl start docker
+
+sudo yum install -y wget
+sudo yum install -y git
+sudo yum install -y unzip
+sudo yum install -y curl
+sudo yum install -y xz
+sudo yum install -y ipset
+sudo yum install -y bind-utils
+sudo getent group docker || sudo groupadd docker
+sudo touch /opt/dcos-prereqs.installed

centos/8.0/aws/DCOS-1.13.9/docker-18.09.1-ce/selinux_permissive/install_dss_modules.sh

@@ -0,0 +1,16 @@
+set -ex
+
+## Adding raid1 & dm_raid modules
+sudo curl https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/i915/kbl_guc_ver9_14.bin -o kbl_guc_ver9_14.bin
+sudo curl https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/tree/i915/bxt_guc_ver8_7.bin -o bxt_guc_ver8_7.bin
+sudo mkdir -p /lib/firmware/i915
+sudo cp kbl_guc_ver9_14.bin /lib/firmware/i915/kbl_guc_ver9_14.bin
+sudo cp bxt_guc_ver8_7.bin /lib/firmware/i915/bxt_guc_ver8_7.bin
+
+# load the modules
+sudo modprobe dm_raid
+sudo modprobe raid1
+
+# Load RAID-related kernel modules on boot
+sudo bash -c "echo 'dm_raid' >> /etc/modules-load.d/modules.conf"
+sudo bash -c "echo 'raid1' >> /etc/modules-load.d/modules.conf"