As reported when sending new deployment-iso reviews,
triggered by newer docker image / shellcheck:
| not ok 1 source/templates/scripts/includes/deployment.sh:1543:10: warning: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a. [SC2206]
| not ok 2 source/templates/scripts/includes/deployment.sh:1903:22: warning: Prefer mapfile or read -a to split command output (or quote to avoid splitting). [SC2207]
| not ok 3 source/templates/scripts/includes/deployment.sh:2275:20: warning: Prefer mapfile or read -a to split command output (or quote to avoid splitting). [SC2207]
| not ok 4 source/templates/scripts/includes/deployment.sh:2486:12: note: Not following: ./etc/profile.d/puppet-agent.sh was not specified as input (see shellcheck -x). [SC1091]
Let's take this as a chance to properly parse ip(8) output via its JSON
output, instead of awk/sed magic.
Change-Id: I723959626fb514ab9e57202b0e5f415b411f5a01
It's better to have this package in grml-sipwise image so any system
with this network card can use all it's power even in deployment stage.
Change-Id: I765efcf446a410a42ef156b2ccc2e6612a33ddd6
Packages like 'firmware-linux', 'firmware-linux-nonfree',
'firmware-misc-nonfree' and further 'firmware-*' got moved from non-free
to the new non-free-firmware component/repository (related to
https://www.debian.org/vote/2022/vote_003).
grml-live v0.43.0 provides supports for this new component, so let's
make sure we have proper support for firmware related packages by
updating to the corresponding grml-live version.
Change-Id: I4704e8be051ab6b5496021f07f42208b34963739
Relevant changes:
* GRMLBASE/39-modprobe: avoid usage of /lib/modprobe.d/50-nfs.conf
* GRMLBASE/39-modprobe: do not expect all files in /etc/modprobe.d to be used
This gives us working netboot images and avoids sysctl errors during bootup,
if nfs-kernel-server should be present on the ISO.
Change-Id: I0012199658c186b69c45ac51bc249ce75b8d81ce
If the date of the running system isn't appropriate enough, then apt
runs might fail with somehint like:
| E: Release file for https://deb/sipwise/com/spce/mr10.5.2/dists/bullseye/InRelease is not valid yet (invalid for another 6h 19min 2s)
So let's try to sync date/time of the system via NTP. Given that chrony
is a small (only 650 kB disk space) and secure replacement for ntp,
let's ship chrony with the Grml deployment ISO (and fall back to ntp
usage in deployment script if chrony shouldn't be available).
Also, if the system is configured to read the RTC time in the local time
zone, this is known as another source of problems, so let's make sure to
use the RTC in UTC.
Change-Id: I747665d1cee3b6f835c62812157d0203bcfa96e2
For deploying Debian/bookworm (see MT#55524), we'd like to have an
updated Grml ISO. With such a Debian/bookworm based live system, we can
still deploy older target systems (like Debian/bullseye).
Relevant changes:
1) Ad jo as new build-dependency, to generate build information in
conf/buildinfo.json (new dependency of grml-live)
2) Always include ca-certificates, as this is required with more recent
mmdebstrap versions (>=0.8.0), when using apt repositories with
https, otherwise bootstrapping Debian fails.
3) Update to latest stable grml-live version v0.42.0, which:
a) added support for "bookworm" as suite name
cff66073a7
b) provides corresponding templates for memtest support:
c01a86b3fc
c) and a workaround for a kmod/initramfs-tools issue with PXE/NFS boot:
ea1e5ea330
4) Update memtest86+ to v6.00-1 as present in Debian/bookworm and
add corresponding UEFI support (based on grml-live's upstream change,
though as we don't support i386, dropped the 32bit related bits)
Change-Id: I327c0e25c28f46e097212ef4329d75fc8d34767c
The dmraid package executes udevadm in its postinst script:
| jenkins@jenkins-slave11:/tmp/grml-live/deployment-iso$ docker run --rm -it -v "$(pwd)":/deployment-iso/ -v "$(pwd)/grml_build/":/grml/ docker.mgm.sipwise.com:5000/grml-build-bullseye:latest /bin/bash
| root@fa6b983da364:/code/grml-live# apt install dmraid
| [...]
| Setting up dmraid (1.0.0.rc16-8+b1) ...
| Failed to write 'change' to '/sys/devices/pci0000:00/0000:00:17.0/ata1/host0/target0:0:0/0:0:0:0/block/sda/uevent': Read-only file system
| dpkg: error processing package dmraid (--configure):
| installed dmraid package post-installation script subprocess returned error exit status 1
| Processing triggers for libc-bin (2.31-4) ...
| Errors were encountered while processing:
| dmraid
| E: Sub-process /usr/bin/dpkg returned an error code (1)
Also see https://bugs.debian.org/962300.
Installing the dmraid package on bullseye requires execution of docker
containers with privileged mode, which is something we would like to
avoid. dmraid also had its latest Debian upload in 2017, the last
upstream release dates back to 2010 (see
http://people.redhat.com/~heinzm/sw/dmraid/src/) and it has plenty of
bugs. It's furthermore relevant for so called fake RAIDs only, something
we don't support and therefore shouldn't matter for us.
Change-Id: I7ed50d8d732f75c56e94b8bfd97a71613577f3bd
Add options to install bullseye in all places where buster is used, use
it as default when possible, and keep these for the moment.
Switch to bullseye in Dockerfile.
Change-Id: I2f693982ba92a671a6f2254c5a245a1d05231404
grml-live v0.38.0 is the current release, including a change to use 1m
block size for squashfs, which reduces ISO size (see
fada6dea0f),
improvements to EFI, GRUB, documentation and several bug fixes.
Change-Id: I3382bd81a8a41d3672a1a709200740cb7284cbbd
No need to install this package to non-vagrant system.
Do not add this package to Sipwise-grml image - it's too heavy (86M)
and not needed on real systems.
Change-Id: I9ec9ff76d588f4ced30ba199f05bb167eec5288a
Otherwise execution of FAI might fail:
| Calling task_faiend
| /usr/lib/fai/subroutines: line 142: ps: command not found
| [...]
This is supposed to be fixed with FAI 5.9.4, while
version 5.8.4 suffers from this bug, so until >=5.9.4
is available in buster/stable let's fix this via an
explicit dependency.
Change-Id: I99490f263d1b2a1aec65f55feebe429b62628918
We no longer support linux-image-amd64-grml, so there's
no point in sitting at kernel version 4.19.0-1-grml-amd64,
instead switch to the plain Debian kernel.
Change-Id: I00efa274acf9724241762ef43a15ecec61e2a409
grml-live v0.35.3 is the current release, planned to be the
base for the upcoming new Grml stable release and its release candidate.
Change-Id: Ia5916250975b90f8d5f75d6fd1aefa5a9bd17d4c
Instead of having to maintain this ISO in our web server off-band,
we switch to use the packaged version, which makes validation
unnecessary as apt gives us that. And it also gives us a newer
version (currently 6.0.4 with Debian buster 10.3 vs the old 5.2.26).
Change-Id: Id89280bbe7fadeb35d391b5dc46e930935017588
* Addon fixes:
* Provide custom addon template according to our needs, instead of
relying on the default one being present in grml-live.git/templates
* Install memtest86+ as addon for BIOS usage
* Install netboot.xyz.lkrn for BIOS usage and netboot.xyz.efi for EFI usage
* Install ipxe.lkrn for BIOS usage and ipxe.efi for EFI usage
* Stick grml-live version to v0.34.3, instead of relying on some random
git master version
* Stick grml2usb version to v0.17.0, instead of relying on the grml2usb
version available on the host system (being 0.14.14 on Debian/stretch as
present on our current build hosts). For arbitrary addon file names we
need grml2iso (which uses grml2usb underneath) from grml2usb >=0.17.0.
FTR, grml2iso and grml2usb can be executed from within the git repository,
assuming all relevant tools are present
* No longer invoke isohybrid on the resulting ISO, instead rely on
grml2iso behaviour (which also checks for EFI support and enables
according switches as needed)
* Fix usage instructions in t/Dockerfile:
* it's "deployment-iso-buster" and not "lua-ngcp-kamailio-buster"
* refer to working directory instead of "deployment-iso.git",
which very probably isn't named as such on any of our systems,
while the $(pwd) approach works for c/p
* Fix docker build usage in grml_build/Dockerfile (for building we need
to provide a PATH (being current working directory for us)
* Provide testing tools in grml-build-buster docker environment
* Provide new testing script t/iso-tester to compare generated ISO
against pre-defined screenshot (only testing memtest feature using
./t/screenshots/01-memtest.jpg for now)
Change-Id: I67e3f85bbe86bd1b3ee709161504b5250ca5d7fe
In mr7.5+ bootstrap gpg keyring is named sipwise-keyring-bootstrap.gpg
so add appropriate directory.
Change-Id: I633deac1ffb203e7d566e5262e0dff35354aa2e5
This script copies puppet.gpg file to '/root' dir of Grml-sipwise
image in building process.
Create 'scripts/PUPPETLABS' so '10-gpgkey' is copied there in runtime.
Change-Id: I836fa35e3f64f40cb4ee4a298fc18676f7689b54
This package contains Sipwise gpg keys so we don't need to download them
on fly during deployment.sh.
Change-Id: I629c7e43d9f62e033a0e869a307bf5b3b0490ce0
Create directories to place files with repo information and gpg key
during building of grml-sipwise iso.
Change-Id: I9ed158b085ea6caaab6a34ce74b5f66ec0f80ce7
The Secure Boot enabled GRUB from Ubuntu breaks EFI boot on
Dell servers (e.g. on PowerEdge R330). Until we know how
to solve this disable Secure Boot support within our ISOs.
Change-Id: I3cf96ca40b6e66c591b60b73e77ac164fd79f472
Add docker file to build tools' images.
Add package list SIPWISE with all the needed packages for deployment.sh.
Add building dirs to gitignore/dist-clean target of Makefile
Building tools and dockerfile were provided by Michael Prokop <mika@grml.org>
Change-Id: I69239cb7b7b4f07edbdb1bd766cb3f125258f890
Michael Prokop
Mykola Malkov
Manuel Montecelo
Guillem Jover
Alexander Lutay