diff --git a/data/publiccloud/cloud-init.yaml b/data/publiccloud/cloud-init.yaml deleted file mode 100644 index e35299de115b..000000000000 --- a/data/publiccloud/cloud-init.yaml +++ /dev/null @@ -1,22 +0,0 @@ -#cloud-config - -bootcmd: -- [sh, -c, "echo pookie >> /root/test_cloud-init.txt"] - -runcmd: -- [ sh, -c, "echo Mithrandir >> /root/test_cloud-init.txt" ] - -write_files: -- content: snickerdoodle - path: /root/test_cloud-init.txt - append: true - -packages: -- ed - -final_message: | - cloud-init qa has finished - version: $version - timestamp: $timestamp - datasource: $datasource - uptime: $uptime diff --git a/data/publiccloud/terraform/azure.tf b/data/publiccloud/terraform/azure.tf index 8611b7429dbe..6d6f9a86df56 100644 --- a/data/publiccloud/terraform/azure.tf +++ b/data/publiccloud/terraform/azure.tf @@ -63,10 +63,6 @@ variable "create-extra-disk" { default = false } -variable "cloud_init" { - default = "" -} - variable "storage-account" { # Note: Don't delete the default value!!! # Not all of our `terraform destroy` calls pass this variable and neither is it necessary. @@ -201,8 +197,6 @@ resource "azurerm_linux_virtual_machine" "openqa-vm" { timeouts { create = var.vm_create_timeout } - - custom_data = var.cloud_init != "" ? filebase64(var.cloud_init) : null } resource "azurerm_virtual_machine_data_disk_attachment" "default" { diff --git a/data/publiccloud/terraform/ec2.tf b/data/publiccloud/terraform/ec2.tf index 9cb94316c4cf..9d9bc4fe11c4 100644 --- a/data/publiccloud/terraform/ec2.tf +++ b/data/publiccloud/terraform/ec2.tf @@ -35,10 +35,6 @@ variable "image_id" { default = "" } -variable "cloud_init" { - default = "" -} - variable "extra-disk-size" { default = "1000" } @@ -129,8 +125,6 @@ resource "aws_instance" "openqa" { amd_sev_snp = var.enable_confidential_vm } } - - user_data = var.cloud_init != "" ? file(var.cloud_init) : null } resource "aws_volume_attachment" "ebs_att" { diff --git a/lib/publiccloud/instance.pm b/lib/publiccloud/instance.pm index c18eee9f9e5a..698d1c08adeb 100644 --- a/lib/publiccloud/instance.pm +++ b/lib/publiccloud/instance.pm @@ -604,47 +604,6 @@ sub network_speed_test() { record_info("curl $rmt_host", $self->run_ssh_command(cmd => "curl -w '$write_out' -o /dev/null -v https://$rmt_host/", proceed_on_failure => 1)); } -sub cleanup_cloudinit() { - my ($self) = @_; - $self->ssh_assert_script_run('sudo cloud-init clean --logs'); - if (get_var('PUBLIC_CLOUD_CLOUD_INIT')) { - $self->ssh_assert_script_run('sudo rm /root/test_cloud-init.txt'); - $self->ssh_assert_script_run('sudo zypper -n rm ed'); - } -} - -sub check_cloudinit() { - my ($self) = @_; - - # cloud-init status - $self->ssh_script_retry(cmd => "sudo cloud-init status", timeout => 90, retry => 12, delay => 15); - $self->ssh_script_retry(cmd => "sudo cloud-init status --long", timeout => 90, retry => 12, delay => 15); - - # cloud-id - my $cloud_id = (is_azure) ? 'azure' : 'aws'; - $self->ssh_script_output(cmd => "sudo cloud-id | grep '^$cloud_id\$'"); - - # cloud-init collect-logs - $self->ssh_assert_script_run('sudo cloud-init collect-logs'); - $self->upload_log('~/cloud-init.tar.gz', failok => 1); - - if (get_var('PUBLIC_CLOUD_CLOUD_INIT')) { - # Check for bootcmd, runcmd and write_files module - $self->ssh_assert_script_run('sudo grep pookie /root/test_cloud-init.txt'); - $self->ssh_assert_script_run('sudo grep Mithrandir /root/test_cloud-init.txt'); - $self->ssh_assert_script_run('sudo grep snickerdoodle /root/test_cloud-init.txt'); - - # Check for packages module - $self->ssh_assert_script_run('ed -V'); - - # Check for final_message module - $self->ssh_assert_script_run('sudo journalctl -b | grep "cloud-init qa has finished"'); - - # cloud-init schema - $self->ssh_assert_script_run('sudo cloud-init schema --system') unless (is_sle('=12-SP5')); - } -} - =head2 measure_boottime measure_boottime(); diff --git a/lib/publiccloud/provider.pm b/lib/publiccloud/provider.pm index b473971c6e3c..5960265e9361 100644 --- a/lib/publiccloud/provider.pm +++ b/lib/publiccloud/provider.pm @@ -431,8 +431,6 @@ sub terraform_prepare_env { else { $file = get_var('PUBLIC_CLOUD_TERRAFORM_FILE', "publiccloud/terraform/$file.tf"); assert_script_run('curl ' . data_url("$file") . ' -o ' . TERRAFORM_DIR . '/plan.tf'); - my $cloud_init = get_var('PUBLIC_CLOUD_CLOUD_INIT'); - assert_script_run('curl ' . data_url("publiccloud/cloud-init.yaml") . ' -o ' . TERRAFORM_DIR . "/cloud-init.yaml") if ($cloud_init); } $self->terraform_env_prepared(1); } @@ -539,8 +537,6 @@ sub terraform_apply { $cmd .= "-var 'region=" . $self->provider_client->region . "' "; $cmd .= "-var 'name=" . $self->resource_name . "' "; $cmd .= "-var 'project=" . $args{project} . "' " if $args{project}; - my $cloud_init = get_var('PUBLIC_CLOUD_CLOUD_INIT'); - $cmd .= "-var 'cloud_init=" . TERRAFORM_DIR . "/cloud-init.yaml' " if ($cloud_init); $cmd .= "-var 'enable_confidential_vm=true' " if ($args{confidential_compute} && is_gce()); $cmd .= "-var 'enable_confidential_vm=enabled' " if ($args{confidential_compute} && is_ec2()); $cmd .= "-var 'vm_create_timeout=" . $terraform_vm_create_timeout . "' " if $terraform_vm_create_timeout; @@ -649,8 +645,6 @@ sub terraform_destroy { assert_script_run('cd ' . TERRAFORM_DIR); # Add region variable also to `terraform destroy` (poo#63604) -- needed by AWS. $cmd .= "-var 'region=" . $self->provider_client->region . "' "; - my $cloud_init = get_var('PUBLIC_CLOUD_CLOUD_INIT'); - $cmd .= "-var 'cloud_init=" . TERRAFORM_DIR . "/cloud-init.yaml' " if ($cloud_init); unless (is_openstack) { $cmd .= "-var 'ssh_public_key=" . $self->ssh_key . ".pub' "; } diff --git a/lib/publiccloud/utils.pm b/lib/publiccloud/utils.pm index 93303656effb..d27c8f4316a1 100644 --- a/lib/publiccloud/utils.pm +++ b/lib/publiccloud/utils.pm @@ -18,7 +18,7 @@ use strict; use warnings; use testapi; use utils; -use version_utils qw(is_sle is_public_cloud get_version_id is_transactional is_openstack is_sle_micro); +use version_utils qw(is_sle is_public_cloud get_version_id is_transactional is_openstack); use transactional qw(check_reboot_changes trup_call process_reboot); use registration; use maintenance_smelt qw(is_embargo_update); @@ -38,14 +38,12 @@ our @EXPORT = qw( is_gce is_container_host is_hardened - is_cloudinit_supported registercloudguest register_addon register_openstack register_addons_in_pc gcloud_install get_ssh_private_key_path - permit_root_passwordless prepare_ssh_tunnel kill_packagekit allow_openqa_port_selinux @@ -194,10 +192,6 @@ sub is_hardened() { return is_public_cloud && get_var('FLAVOR') =~ 'Hardened'; } -sub is_cloudinit_supported { - return ((is_azure || is_ec2) && !is_sle_micro); -} - # Get credentials from the Public Cloud micro service, which requires user # and password. The resulting json will be stored in a file. sub get_credentials { @@ -266,20 +260,6 @@ sub get_ssh_private_key_path { return (is_azure() || is_openstack() || get_var('PUBLIC_CLOUD_LTP')) ? "~/.ssh/id_rsa" : '~/.ssh/id_ed25519'; } -sub permit_root_passwordless { - my ($instance) = @_; - - # Permit root passwordless login over SSH - $instance->ssh_assert_script_run('sudo mkdir -p /etc/ssh/sshd_config.d/'); - $instance->ssh_assert_script_run('echo "PermitRootLogin prohibit-password" | sudo tee /etc/ssh/sshd_config.d/001_sshd_openqa.conf'); - $instance->ssh_assert_script_run('echo "AllowTcpForwarding yes" | sudo tee -a /etc/ssh/sshd_config.d/001_sshd_openqa.conf') if (is_hardened()); - $instance->ssh_assert_script_run('sudo systemctl reload sshd'); - - # Copy SSH settings for remote root - $instance->ssh_assert_script_run('sudo install -o root -g root -m 0700 -dD /root/.ssh'); - $instance->ssh_assert_script_run(sprintf("sudo install -o root -g root -m 0644 /home/%s/.ssh/authorized_keys /root/.ssh/", $instance->{username})); -} - sub prepare_ssh_tunnel { my ($instance) = @_; @@ -298,7 +278,15 @@ sub prepare_ssh_tunnel { # Skip setting root password for img_proof, because it expects the root password to NOT be set $instance->ssh_assert_script_run(qq(echo -e "$testapi::password\\n$testapi::password" | sudo passwd root)); - permit_root_passwordless($instance); + # Permit root passwordless login over SSH + $instance->ssh_assert_script_run('sudo cat /etc/ssh/sshd_config'); + $instance->ssh_assert_script_run('sudo sed -i "s/PermitRootLogin no/PermitRootLogin prohibit-password/g" /etc/ssh/sshd_config'); + $instance->ssh_assert_script_run('sudo sed -i "/^AllowTcpForwarding/c\AllowTcpForwarding yes" /etc/ssh/sshd_config') if (is_hardened()); + $instance->ssh_assert_script_run('sudo systemctl reload sshd'); + + # Copy SSH settings for remote root + $instance->ssh_assert_script_run('sudo install -o root -g root -m 0700 -dD /root/.ssh'); + $instance->ssh_assert_script_run(sprintf("sudo install -o root -g root -m 0644 /home/%s/.ssh/authorized_keys /root/.ssh/", $instance->{username})); # Create remote user and set him a password my $path = (is_sle('>15') && is_sle('<15-SP3')) ? '/usr/sbin/' : ''; diff --git a/tests/publiccloud/check_services.pm b/tests/publiccloud/check_services.pm index 03a93eefada9..53eec1783215 100644 --- a/tests/publiccloud/check_services.pm +++ b/tests/publiccloud/check_services.pm @@ -37,7 +37,7 @@ sub run { # cloud-init # cloud-init is notavailable in Micro - if (is_cloudinit_supported) { + if ((is_azure || is_ec2) && !is_sle_micro) { record_info('cloud-init', $instance->ssh_script_output('systemctl --no-pager --full status cloud-init*', proceed_on_failure => 1)); $instance->ssh_assert_script_run('systemctl is-active cloud-init.service'); $instance->ssh_assert_script_run('systemctl is-active cloud-init.target'); diff --git a/tests/publiccloud/patch_and_reboot.pm b/tests/publiccloud/patch_and_reboot.pm index 3d9db76eebd6..efa01d0b89df 100644 --- a/tests/publiccloud/patch_and_reboot.pm +++ b/tests/publiccloud/patch_and_reboot.pm @@ -14,7 +14,7 @@ use warnings; use testapi; use strict; use utils qw(ssh_fully_patch_system); -use publiccloud::utils qw(kill_packagekit ssh_update_transactional_system is_cloudinit_supported permit_root_passwordless); +use publiccloud::utils qw(kill_packagekit ssh_update_transactional_system); use publiccloud::ssh_interactive qw(select_host_console); use version_utils qw(is_sle_micro); @@ -38,13 +38,7 @@ sub run { record_info('UNAME', $args->{my_instance}->ssh_script_output(cmd => 'uname -a')); $args->{my_instance}->ssh_assert_script_run(cmd => 'rpm -qa > /tmp/rpm-qa.txt'); $args->{my_instance}->upload_log('/tmp/rpm-qa.txt'); - $args->{my_instance}->cleanup_cloudinit() if (is_cloudinit_supported); $args->{my_instance}->softreboot(timeout => get_var('PUBLIC_CLOUD_REBOOT_TIMEOUT', 600)); - - if (is_cloudinit_supported) { - $args->{my_instance}->check_cloudinit(); - permit_root_passwordless($args->{my_instance}); - } } sub test_flags { diff --git a/tests/publiccloud/prepare_instance.pm b/tests/publiccloud/prepare_instance.pm index 2842f24c3ae5..6529f31fa766 100644 --- a/tests/publiccloud/prepare_instance.pm +++ b/tests/publiccloud/prepare_instance.pm @@ -44,7 +44,6 @@ sub run { $instance->ssh_opts(""); # Clear $instance->ssh_opts which ombit the known hosts file and strict host checking by default $instance->network_speed_test(); - $instance->check_cloudinit() if (is_cloudinit_supported); # ssh-tunnel settings prepare_ssh_tunnel($instance) if (is_tunneled()); diff --git a/variables.md b/variables.md index 957f7e2cb020..b92126cc4e02 100644 --- a/variables.md +++ b/variables.md @@ -325,7 +325,6 @@ PUBLIC_CLOUD_GCE_STACK_TYPE | string | IPV4_ONLY | Network stack type, possible PUBLIC_CLOUD_FIO | boolean | false | If set, storage_perf test module is added to the job. PUBLIC_CLOUD_FIO_RUNTIME | integer | 300 | Set the execution time for each FIO tests. PUBLIC_CLOUD_FIO_SSD_SIZE | string | "100G" | Set the additional disk size for the FIO tests. -PUBLIC_CLOUD_CLOUD_INIT | boolean | false | If this is true custom `cloud-config` will be attached to the instance. PUBLIC_CLOUD_FORCE_REGISTRATION | boolean | false | If set, tests/publiccloud/registration.pm will register cloud guest PUBLIC_CLOUD_IGNORE_EMPTY_REPO | boolean | false | Ignore empty maintenance update repos PUBLIC_CLOUD_IMAGE_ID | string | "" | The image ID we start the instance from