Before running «systemctl preset-all» we remove all .wants dependency
directories, because otherwise the preset-all command leaves obsolete
files behind. But «systemctl preset-all» fails if there's any broken
service symlink around, which means we end up with no dependency
information whatsoever implying a severely broken system, that in
addition is then unbootable.
Remove any such broken symlinks before calling «systemctl preset-all».
Change-Id: I58fe650cb04ddb140922563169a7fedb09a8ceac
This field tells dpkg-buildpackage that no debian/rules target needs
to run as root-like (usually via fakeroot), and can be built with no
privileges (real or faked ones). This should make the build either
faster as there will be no interposed libc calls via an LD_PRELOAD
library like fakeroot does, and more robust as fakeroot needs to keep
up with implementation details from the system libc; or more secure if
the build was being done via real root.
The full documentation can be found with «man deb-src-control» and
at «/usr/share/doc/dpkg/spec/rootless-builds.txt».
Some test cases in the test suite require execution under root-like,
and if not will fallback to use `fakeroot`. Once we stop running the
build as root-like (via fakeroot), the test then tries to execute
fakeroot which cannot be found any longer as there is no explicit
Build-Depends on it, so we need to add it explicitly.
After the above, there is no longer any need to run the build as
root-like. A rebuild before and after this change produces the same
file list and permissions.
Change-Id: I639a3c77dc0a74430813377124eedf197589121a
This syntax is discouraged, and it is not enabled by default any longer
starting with the 5.36 feature bundles. Stop using it so that we can
eventually bump our minimum required Perl version.
Fixes: Objects::ProhibitIndirectSyntax
Warned-by: perlcritic
Ref: https://metacpan.org/pod/feature#The-'indirect'-feature
Change-Id: Icfbf6c1e79ab1b2973ab41d05c664105b710b8c4
When we pass an empty string the current to_yaml() function generates
broken YAML such as "--- ''", which then breaks code parsing that
expecting valid YAML. If we pass an empty string, return an empty string
as well.
Change-Id: I010cd9d544bd505446f0016ecc6302a987921570
Currently it's Debian/testing with trixie/sid yet, though to not fail
with templates handling, let's add initial support for it.
Addresses:
| 2024-09-17 14:17:07 spce: Error: Cannot process template '/etc/ngcp-config/templates/etc/apt/sources.list.d/debian.list.tt2':
| undef error - Error: unsupported Debian codename trixie at (eval 16) line 31.
|
| 2024-09-17 14:17:07 spce: Error: Generating /etc/apt/sources.list.d/debian.list based on /etc/ngcp-config/templates/etc/apt/sources.list.d/debian.list.tt2: FAILED
Change-Id: Ib31bfec1373c51b3faeacc41a085b7229bff139e
The sort function is undefined in scalar context, which means a call
site that calls these functions in scalar context will trigger undefined
behavior.
Sort the result and return the list.
Fixes: Subroutines::ProhibitReturnSort
Warned-by: perlcritic
Change-Id: I355b5e3e412bc91c297a46a73bb6caba6e969f54
some templates need to produce yaml output
(ie. copy entire portions of config.yml), which
supported with this change, ie.
[% Utils.to_yaml(element_from_configyml) %]
there is libtemplate-plugin-yaml-perl, which is
avoided to not (re-) introduce deps other than
YAML::XS.
Change-Id: Iec7f9dd6d13270d9afa78fbe126f0e41d21b6ed7
As reported at https://jenkins.mgm.sipwise.com/job/ngcpcfg-tap-test/4544/
when building against Debian/trixie
Furthermore fix SC2166 + SC2086 issues within helper/check-for-mysql
as reported by manual shellcheck v0.10.0 runs.
Change-Id: Ic9be0dbc8ef4a501cf3b6e62522574da72f85c99
The handling for the APPEND pseudo-action comes from the set-value code,
but it does not make sense in the del-value code, where we are trying to
remove a value and not add one.
Change-Id: I6937abcde0f9c0e55c334ca24f9ecb879f00f4be
* instead of dying on non-existing function procedure only a warning
is logged (similar to non-existing table occurrence). This is to
enable correct invokation of the script on proxy nodes 3308 instance
where not all table/procedures might be available.
Change-Id: Ied5e6300c4dcc8c2e08e2152d56298bd2729c611
After some experimentation it was found to best to keep these platforms
independent, and integrate them externally as usual, instead of trying
to merge them into a single platform.
Change-Id: I19d721dece38d104b73cae573332571c4bef0fbf
* $NGCP_TYPE is unset on SPCE by default, add checks for $NGCP_TYPE
being unset and load it manually for such cases as it should be
present on all NGCP platforms.
Change-Id: I5a8fafd1a376fadb2e15aa96db8d473d65b212d7
* on carrier proxy nodes ngcp-sync-db-grants and ngcp-sync-db-creds
are now also invoked for 127.0.0.1:3308 instance because
table grants and user credentials are not replicated by default
* change "Synchronizing MySQL grants/credentials" log string to
"Synchronizing MariaDB grants/credentials" to better reflect that
MariaDB is used as the database
Change-Id: Ie4e77147621df34fc4e7f0e333183fb3b313f260
We move some of the OpenPGP support into this file, which we will extend
once we switch to use the OpenPGP Stateless OpenPGP support.
Change-Id: I56acd993cb394dd8bc12a8da3cf4c78088adb61b
We can simply feed the encrypted or unencrypted tarfile both when
decrypting and encrypting it, so that we do not have to leave one
around with the additional disk space, and danger of it not getting
removed.
Change-Id: If8c9fba36fd14c58cccacc789a0e4f8e474aac3f
Rename gpg to pgp or OpenPGP and remove crypted from filenames.
The standard is called OpenPGP, GnuPG (or GPG, gpg) is one of many
implementations (although depending on the context the prevalent one)
so we use that when referring to the specification.
For the encrypted tarball we remove the «-crypted» term which is an
odd wording use for encryted content and it is unnecessary and confusing
when using layered containers (as when the tarball is decrypted the
name becomes invalid); and make it use «.pgp» instead of «.gpg» as
extension, while trying the old filename on decryption for backwards
compatibility.
Change-Id: If5e0349ff0c3d8e3b47ced361e9e77d7d4d2defc
These functions were previously in the main functions file, which we
could not use as it depends on configuration files we do not have
available while decrypting these same configurations. But these got
split up for performance reasons into its own functions file. We can
thus now switch to use that instead of having to keep the same functions
in sync in multiple places.
Change-Id: I3860d747e575146d4ffc1a6fc8160d7aa16925ed
Usage of IP addresses like 1.2.3.4 + 2.3.4.5 is not recommended, as they
might point to actually used and non-reserved IPs.
Quoting from RFC 5737 AKA "IPv4 Address Blocks Reserved for
Documentation" (see https://datatracker.ietf.org/doc/html/rfc5737):
| The blocks 192.0.2.0/24 (TEST-NET-1), 198.51.100.0/24 (TEST-NET-2), and
| 203.0.113.0/24 (TEST-NET-3) are provided for use in documentation.
So use 203.0.113.0/24 in our docs/code/testsuite instead.
Change-Id: Ic786a12c006a1fe11b67b788e01cca377f08771f
When doing an «ngcpcfg apply» we are required to pass a reason for it
which might be included in a «git commit», but not in the etckeeper
commit. Modify the wording for the latter, and include that reason so
that the git history makes more sense and is more traceable.
So when executing:
# ngcpcfg apply "Fix array in component B"
The git commit message looked before like:
ngcpcfg apply
And now it will look like
Fix array in component B via "ngcpcfg apply"
Change-Id: Ib7b4ce986366ca51a487a087cb327b0d0dfe1ccd
The date is already tracked as part of the commit metadata, and we use
the current day which will always match the author date for the commit,
so no information is lost.
This makes the commit message more clear and removes redundant and
distracting information from it.
For «ngcpcfg log» we include the date from the commit metadata explicitly
in the output, which will be duplicated for old entries but gets it from
where it belongs for new ones. (Even though the date is also printed in
relative terms on the front of the line.) We now get this output for old
and new entries:
* b3767f6 (10 hours ago) new [2024-02-02 14:28:11 +0100] (HEAD -> master)
* dc0a310 (3 days ago) old [2024-01-30 23:10:32.674452749+01:00] [2024-01-30 23:10:32 +0100]
Change-Id: I4eb4faed433db52e6755bc7782ec34545741d452
We are prepending an extra / to the pathnames passed to tar, and
calling tar from a directory other than the root directory while
not telling it to use absolute names so it complains about these
two things with the following messages:
,---
tar: Removing leading `/' from member names
tar: Removing leading `/' from hard link targets
tar: Removing leading `//' from member names
tar: Removing leading `//' from hard link targets
`---
which is something the user cannot do much about, and it's rather
annoying.
Change-Id: I9e9c853f26363e451b8883d3c74c5508ba3049dc
* only 'sip_ext' interfaces are included into the automatic
lb outbound_socket selection as 'sip_int' does not provide
with the external traffic.
Change-Id: Id35fcfdb69ff9ffc2caefd2fb588d0bb4f61f31e
* $extra_sockets_config can be undef, a check for undef
and that the value is a HASH ref is added to prevent
unexpected behaviour
Change-Id: I6914a8d4eddc7f35ba69fe92c7acc130c0475aca
* sync_extra_sockets() renamed into sync_lb_and_extra_sockets()
* extra_sockets_sync() renamed into lb_and_extra_sockets_sync()
* $config now also contains merged $NETWORK_CONFIG (network.yml)
* lb_and_extra_sockets_sync does the following and then calls
generic_enum_sync() to provide with the gathered data:
* all shared ips from interfaces that
- host have 'lb' role
- host status 'online'
- interface has type '^sip_'
are added into the outbound sockets list of protos (udp, tcp, tls)
as: 'host:interface:proto' = 'proto:shared_ip:port'
(port is taken from config.kamailio.lb.port in case of ('udp', 'tcp')
and config.kamailio.tls.port in case of 'tls'
)
- if an interface has multiple shared IPs,
the key becomes 'host:interface:shared_ip:proto'
- $config->{kamailio}{lb}{extra_sockets} keys are merged
with the gathered config
* generic_enum_sync() - processes hash keys are now sorted
to have consistent output/processing
Change-Id: I218f1ae584e2dc9dfeb3a51c43d9f3fc950e829b
Debian/bookworm is the current stable release and this
is also what we're supporting, so switch GitHub actions
accordingly from bullseye to bookworm.
Change-Id: I427ede88cec3ba2ef26c1351807b06d75ed4a37a
We need to get the network information for the remote site. So we add
a new library file, and extend the get_all_shared_ips* ones to support
specifying a site name, defaulting to 'current'.
Change-Id: Id133ba1fc62b758c0779ac5951075c10cdf5736c
We check whether we have both a sites.yml and a sites/ directory.
If so, and multi-sites support is enabled, then we proceed to load
all the multi-sites configurations, by placing each of them under
«sites.<site-name>.<config>». Adding a «sites.current» link to the
current site, and filling the root tree config with the current site
as well for backwards compatibility.
Change-Id: Ia810f57e8e976eef6a7582bddda46c1701456ed6
This will replace the geo_cluster.enable knob from config.yml, as it
needs to be a out-of-band option and not one from within the site
specific configuration YAML files.
Change-Id: I1c062091bb3bc1c7e52311c09524dabec5a00e97
This variable has been deprecated for a long time (since mr10.5), and it
is not used anywhere in our entire NGCP code base.
Change-Id: Ic142a347fcef0405f8cf8304728b076af3369e0d
For multi-site support we need to pass all the possible files to load,
and these might be different between sites, so we need to check for
their existence from within tt2-process, instead of from the outside as
that would restrict them to only the current site.
Change-Id: I0965506832aa2f0a1ba67b19511c509bec60922e
Sipwise Jenkins Builder
Guillem Jover
Richard Fuchs
Michael Prokop
Rene Krenn
Kirill Solomko