From a5e37ad2805b2594339e0d5d41da0e0cc37e4f4a Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Tue, 28 Jul 2020 08:23:45 -0400 Subject: Switch all references to github.com/containers/libpod -> podman Signed-off-by: Daniel J Walsh --- contrib/cirrus/packer/prior-fedora_base-setup.sh | 45 +++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) mode change 120000 => 100644 contrib/cirrus/packer/prior-fedora_base-setup.sh (limited to 'contrib/cirrus/packer/prior-fedora_base-setup.sh') diff --git a/contrib/cirrus/packer/prior-fedora_base-setup.sh b/contrib/cirrus/packer/prior-fedora_base-setup.sh deleted file mode 120000 index 998a5d9fd..000000000 --- a/contrib/cirrus/packer/prior-fedora_base-setup.sh +++ /dev/null @@ -1 +0,0 @@ -fedora_base-setup.sh \ No newline at end of file diff --git a/contrib/cirrus/packer/prior-fedora_base-setup.sh b/contrib/cirrus/packer/prior-fedora_base-setup.sh new file mode 100644 index 000000000..f271abee0 --- /dev/null +++ b/contrib/cirrus/packer/prior-fedora_base-setup.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +# N/B: This script is not intended to be run by humans. It is used to configure the +# fedora base image for importing, so that it will boot in GCE + +set -e + +# Load in library (copied by packer, before this script was run) +source $GOSRC/$SCRIPT_BASE/lib.sh + +echo "Updating packages" +dnf -y update + +echo "Installing necessary packages and google services" +dnf -y install rng-tools google-compute-engine-tools google-compute-engine-oslogin ethtool + +echo "Enabling services" +systemctl enable rngd + +# There is a race that can happen on boot between the GCE services configuring +# the VM, and cloud-init trying to do similar activities. Use a customized +# unit file to make sure cloud-init starts after the google-compute-* services. +echo "Setting cloud-init service to start after google-network-daemon.service" +cp -v $GOSRC/$PACKER_BASE/cloud-init/fedora/cloud-init.service /etc/systemd/system/ + +# ref: https://cloud.google.com/compute/docs/startupscript +# The mechanism used by Cirrus-CI to execute tasks on the system is through an +# "agent" process launched as a GCP startup-script (from the metadata service). +# This agent is responsible for cloning the repository and executing all task +# scripts and other operations. Therefor, on SELinux-enforcing systems, the +# service must be labeled properly to ensure it's child processes can +# run with the proper contexts. +METADATA_SERVICE_CTX=unconfined_u:unconfined_r:unconfined_t:s0 +METADATA_SERVICE_PATH=systemd/system/google-startup-scripts.service +sed -r -e \ + "s/Type=oneshot/Type=oneshot\nSELinuxContext=$METADATA_SERVICE_CTX/" \ + /lib/$METADATA_SERVICE_PATH > /etc/$METADATA_SERVICE_PATH + +# Ensure there are no disruptive periodic services enabled by default in image +systemd_banish + +rh_finalize + +echo "SUCCESS!" -- cgit v1.2.3-54-g00ecf