Create a new function to set a key conditionally on its value being
defined. And rename the set_yml_config and its arguments to make it
clearer what it is doing.
Change-Id: Idefd89314b5ff76ed0f386135b3791a3309db34c
We should print the deferred service actions that will be performed
before executing them. To add traceability.
Change-Id: I912af91a6b609d20a312182b18f4d959a159de65
These lines have to be commented out, the script/helper is not present during
tests:
#PROCESS '/usr/lib/ngcp-ngcpcfg/get_ngcp_version';
#ngcp_version = out;
Change-Id: I9665f205baf1e28ed2a96e8ab01f0f8f80b838ac
The previous logic had several issues that need to be addressed, when
doing an early exit:
- The temporary file was not getting removed.
- The services sync-state step was not being executed.
This makes the code more future-proof, and fixes the above problems,
by moving the sync-state into its own function, removing the early
exit, and making the service explicit state changes conditional on
the previous early exit conditional.
Change-Id: Ie420cbb94ea6d16a83c7ae3f546cd3eb38435dd8
These commands do not perfom dangerous git calls,
at the same time we slowed them down a lot which
causes very slow nightly testing.
Previously:
> root@web01a:/tmp# time ngcpcfg values eventexport.transfer.password
> ...
> real 0m5.505s
With the new changes:
> root@web01a:/tmp# time ngcpcfg values eventexport.transfer.password
> ...
> real 0m0.127s
Change-Id: I937b4522eb8dbe4f91ada57c978ed4183e7e23fd
Current problem: CE system doesn't pass ngcpcfg
validation if interface name is 'ens0', installation
is aborted on the final 'ngcpcfg apply'.
There were a lot of code changes here and the original logic
if fallback validation has been lost.
The situation here is very unpleasant as all Jenkins tests
reported no issues for us, as interface name is 'eth0' there.
We have enabled validation be default in mr6.5, in the same
time the validation schema we have is not yet perfect, but
we must focus on 'trust' to validation functionality we
introduced otherwise it will not be used by users.
There is not point to have fallback in validation at this stage.
As it can be triggered for random physical and logical interfaces
in the system. Keep in mind mr6.5 generates /etc/network/interfaces
from network.yml, so all interfaces must be described in network.yml.
Change-Id: I1d90c64941bfb7eb8afad51c64c19f72b4ec65d9
ngcpcfg initialise setup git hooks, we should not try to
check/use hooks before they are configured.
Change-Id: Ie74c08fe53f8c8464ee057094637deb03be1d31c
We need to initialize ngcpcfg without HA repo,
to solve chicken-eggs problem about git hooks handking.
Also it will be useful to build glusterfs configs
from tt2 templates and yml configuration.
Then start glusterfs and store HA repo on glusterfs.
In this case ngcp-installer will be able to call:
> ngcpcfg initialise --without_shared
> ngcpcfg set ...
> ngcpcfg build ...
> ngcpcfg init-shared
> ngcpcfg apply "Applying everything together"
In the past it was not so critical problem until we started
taking care about the files permissions which are coming from
ngcp-template-* packages and transferred to POSIX perms via ngcpcfg.
One of the problems there is 'git clone' (which is a part of
HA setup initialisation). It resets file perms if they are not
yet stored into file '.ngcpcfg_perms'.
Change-Id: I3cdc93f309f0b899e626779afb1e71f64b2cb953
Otherwise ngcpcfg fails in trunk with error:
> +03:29:10 (cfg.inc:378): cfg_common_configuration(): ngcpcfg set /etc/ngcp-config/config.yml bootenv.netscript.fallbackfssize=10M
> Save size of 'code' partitions to /etc/ngcp-config/config.yml
> /usr/share/ngcp-ngcpcfg/functions//main: line 68: NGCP_TESTSUITE: unbound variable
Change-Id: I32961cda14550278662acd40ed5863c19412de3c
The li match was triggering for all wildcards and when li mode was not
enabled in some way then we were getting negative results.
The proper way to solve the original problem is to relegate the matching
of the li modes to the end, so that we can properly match on wildcards
and not interfere with other roles.
Change-Id: I7cb559a8dc10e8a832c2e2bcd78f1effc1cc101a
Fixes: commit 236b56d990
- Remove a spurious trailing ';'.
- Make the hook directory reaction conditional on whether we are running
from within a testsuite, to restore its otherwise fatal treatment.
Change-Id: I3f8a5364d7b2f0ac82bfdc132b94641603225f85
Fixes: commit 505d6566d8
Unfortunately git doesn't track POSIX file permissions,
which cause perms drop on some git commands like 'git stash/pull/reset', etc.
We must be sure 'restore-permissions' always executed at the end of 'ngcpcfg'.
Also we must be sure we update .ngcpcfg_perms whenever we start 'ngcpcfg',
otherwise we might loose not-yet committed changes in .ngcpcfg_perms.
Example during the upgrade mr7.0->mr7.1:
1) JFYI, ngcpcfg mr7.1+ copies perms from source tt2 file to the destination config
2) on mr7.0->mr7.1, ngcp-upgrade installs new package ngcp-templates-pro package
with new perms on tt2 files (which are not committed by apt as /etc/ngcp-config
is not covered by 'etckeeper', it is by design).
3) later ngcp-upgrade executes 'ngcpcfg build' to build some config.
4) on PRO/Carrier 'ngcpcfg build' executes 'ngcpcfg pull' first to
ensure there is no outstanding changes on shared git repo
(has been done on Ops request in MT#15803).
5) 'ngcpcfg pull' does 'git stash/pop' before pulling which effectively
reset new perms which came from package in step 1 (as git doesn't track
perms on files, by design).
Summary/fix:
whenever we stash something we should ensure perms are stored as well,
which means we need to generate new .ngcpcfg_perms and store it in stash
together with all the rest local changes.
Change-Id: I5292d4433a39ff2751874d63083f093f19b9cfe2
When running the test suite, in case we need to cover the code paths
that are handling the hooks, we should not assume the files are
installed in the system directories.
Change-Id: I1cd09eaf186d28093eb03ad5e9fc096fe7d63a3e
Since we manage this as a template, the configuration is getting more and more
complex and it's important to have comprehensive tests that help us to detect
problems when we add options and change templates.
Change-Id: Ieff8449f3d6d1cd74a9b44d49e1642a1bf02efc2
The configuration is getting more complex and it's important to have
comprehensive tests that help us to detect problems with the new options.
Change-Id: I5d0004ce5a23b46d48e85294d6fb3bf14073b253
There was a fix for the similar issue in Mantis ticket #7577,
see commit fc5af3bbb2 for more details.
Unfortunately one corner case was missing there:
"git status" doesn't show untracked files in untracked folders by default.
It requires "-u" option with value "all":
>> man git status
> ...
> -u[<mode>], --untracked-files[=<mode>]
> Show untracked files.
>
> The mode parameter is used to specify the handling of untracked files.
> It is optional: it defaults to all, and if specified,
> it must be stuck to the option (e.g. -uno, but not -u no).
>
> The possible options are:
> · no - Show no untracked files.
> · normal - Shows untracked files and directories.
> · all - Also shows individual files in untracked directories.
The ngcpcfg need to see complete path and filename to untracked file
to properly detect .services files and execute them (if configs were changed):
> root@web01a:/etc# git status
> On branch master
> nothing to commit, working tree clean
> root@web01a:/etc# git status --porcelain | sed 's/^...//'
> root@web01a:/etc# touch test1
> root@web01a:/etc# git status --porcelain | sed 's/^...//'
> test1
> root@web01a:/etc# mkdir test2
> root@web01a:/etc# touch test2/test2_file
> root@web01a:/etc# git status --porcelain | sed 's/^...//'
> test1
> test2/
> root@web01a:/etc# git status -uall --porcelain | sed 's/^...//'
> test1
> test2/test2_file
> root@web01a:/etc#
Change-Id: I18286fd76c511061159f90e8aa9841a6e98c7199
Although the NGCPCFG_RUNNING environment variable might be useful for
some of the subprocesses, it is definitely not useful for anything
that gets started via systemd. In that case we have to transmit this
information via the filesystem.
In the future we should probably extend this with some proper locking,
but for our current problem with ngcp-eaddres we'll still want to
completely avoid running if such file exists, not just prevent
multiple concurrent executions.
Change-Id: I0546620d8ef4263177c5d04f7d2546345c42fbb6
This will make it possible for child processes to check whether they are
being executed from ngcpcfg, for example to avoid recursion.
Change-Id: I8f51dd7872c458b8c3214be4bc9a4ab133b3e441
This will make sure any service that should not be running is stopped,
and any that should is started.
Change-Id: I7ab181b66ed3554c8f93f2d9f46dc08ee087a87d
'git status' output has been changed in 2.9 which causes some troubles for us
(we didn't change all the places, we missed ngcpcfg-ha.git repo,
better to use common code in all the places).
Change-Id: Ie664af89ee6d6b31fb3011e763107c41bf4cf00f
We have a hard dependency on netcat-openbsd, see:
| commit 26ba0340b6
| Author: Alexander Lutay <alutay@sipwise.com>
| Date: Mon Jun 4 13:22:27 2018 +0200
|
| TT#37401 Fix 50ecc1544: depends on netcat-openbsd since we use 'nc -U' (not available in 'netcat-traditional')
But our docker image still uses netcat-traditional.
Make sure to have netcat-openbsd available, while at
it also adjust Build-Depends accordingly.
Change-Id: I1d3cfd9b4b56047fa51c3ef1d77060122f4d2568
Due to the code in tt2-wrapper, the only errors reported were failures to
connect to the socket to use the back-end performing the parsing. But there was
no attempt to detect errors in the parsing at all.
Since we are only able to use the output stream and not for example exit codes
of the parser at the back-end (libtemplate-perl), we can only rely on finding
some kind of error string, which can change in future versions of
libtemplate-perl but hopefully not very often, and at most it should only change
when we move base to newer Debian releases.
In the case of the original problem reported we could rely on "parse error", but
since there are two such strings ("file error" and "parse error") the first is
more general and also covers cases like "permission denied to read file" or
other errors that might happen. So the implementation of error checking is
basically grepping for "^file error", the string at the beginning of a line, to
limit possible false positives.
With the new checks and an example of an invalid syntax already in the first
line, "ngcpcfg build" detects the error correctly and stops processing, and
shows information about the source of the problem, e.g.:
root@spce:~# ngcpcfg build /etc/test
2018-10-29 11:37:01 spce: yml configs were validated successfuly
2018-10-29 11:37:01 spce: configs were checked successfuly
2018-10-29 11:37:01 spce: No patchtt files found, nothing to patch.
Loading /etc/ngcp-config/config.yml in memory: OK
Loading /etc/ngcp-config/network.yml in memory: OK
Loading /etc/ngcp-config/constants.yml in memory: OK
2018-10-29 11:37:02 spce: Error: Generating /etc/test based on /etc/ngcp-config/templates//etc/test.customtt.tt2: FAILED
2018-10-29 11:37:02 spce: Error: from generated file:
2018-10-29 11:37:02 spce: Error: file error - parse error - input file handle line 1: unexpected end of directive
2018-10-29 11:37:02 spce: NOTE: Check those files for valid syntax and encoding:
2018-10-29 11:37:02 spce: /etc/ngcp-config/templates//etc/test.customtt.tt2
2018-10-29 11:37:02 spce: /etc/ngcp-config/config.yml
2018-10-29 11:37:02 spce: /etc/ngcp-config/network.yml
2018-10-29 11:37:02 spce: /etc/ngcp-config/constants.yml
2018-10-29 11:37:02 spce: Running /usr/share/ngcp-ngcpcfg/helper/tt2-wrapper <file>
2018-10-29 11:37:02 spce: or inspecting temporary /tmp/ngcpcfg.test.PwGvShIm9G
2018-10-29 11:37:02 spce: should provide more details.
Change-Id: Ic305bdab20a6ce15eca13f19586a2572a90b4e13
When the "mktemp" command is invoked with a template parameter without path
prefixes or without using "--tmpdir", it does not use "/tmp" by default, but
instead it uses the current working directory as the place to create these
temporary files.
This was an oversight based on our side on the unknown behaviour, which was
discovered when working on this task, because we do want to have "/tmp" as the
home for these temporary files.
Change-Id: I1b03dc90cfd8dd9364c8bc3b2bfe0e3c26979e7f
In some conditional branches we make the ip key optional, but never
change netmask to match. Which can end up being required when it
should not, such as on a vlan interface.
Change-Id: I9767434901abb2c0f07c10f8b8800987c2e363c5
The night Carrier trunk installation has failed:
> +02:29:59 (cfg_pro.inc:280): cfg_ngcpcfg_init_mgmt(): cfg_ensure_file_mgmt_node
> ...
> +02:29:59 (cfg_pro.inc:282): cfg_ngcpcfg_init_mgmt(): '[' -x /usr/share/ngcp-ngcpcfg/scripts/init-mgmt ']'
> +02:29:59 (cfg_pro.inc:287): cfg_ngcpcfg_init_mgmt(): DEBUG=yes
> +02:29:59 (cfg_pro.inc:287): cfg_ngcpcfg_init_mgmt(): /usr/share/ngcp-ngcpcfg/scripts/init-mgmt
> /usr/share/ngcp-ngcpcfg/functions//main: line 18: HNAME: unbound variable
The manual execution of script 'init-mgmt' shows no error,
so far if 'DEBUG=yes' is enabled the issue is easily reproducible.
The reason here is debug messages which can be printed on the
very early stage of initialisation and cause the issue here:
> ++ log_debug 'sourced configuration file /etc/ngcp-config/ngcpcfg.cfg'
> ++ '[' -n yes ']'
> ++ logger -t ngcpcfg -- 'Debug: sourced configuration file /etc/ngcp-config/ngcpcfg.cfg'
> ++ console_output 'DEBUG: sourced configuration file /etc/ngcp-config/ngcpcfg.cfg\n'
> ++ '[' -z '+%F %T' ']'
> +++ date '+%F %T'
> ++ local 'timestamp=2018-10-12 10:16:24'
> +++ printf -- '%s: ' '2018-10-12 10:16:24'
> +++ sed 's/./ /g'
> ++ timestamp_replacementchars=' '
> /usr/share/ngcp-ngcpcfg/functions//main: line 18: HNAME: unbound variable
Let's be polite for such kind of log message.
Change-Id: I3647567aba5fad3a103af2e6da35229f6d932bed
It is necessary to improve navigation into long 'ngcpcfg push all'
output on huge customer's systems. Requested by Sipwise Ops team.
Previously:
2018-10-11 10:48:40: Generating /etc/update-motd.d/05-maintenance-mode: OK
2018-10-11 10:48:40: Executing postbuild for /etc/update-motd.d/05-maintenance-mode
2018-10-11 10:48:40: Generating /etc/update-motd.d/10-heartbeat: OK
2018-10-11 10:48:40: Executing postbuild for /etc/update-motd.d/10-heartbeat
2018-10-11 10:48:40: Generating /etc/update-motd.d/20-sysinfo: OK
Now:
2018-10-11 11:55:28 web01a: Generating /etc/systemd/system/redis-server.service: OK
2018-10-11 11:55:28 web01a: Generating /etc/systemd/system/rsyslog.service.d/override.conf: OK
2018-10-11 11:55:28 web01a: Generating /etc/systemd/system/slapd.service.d/override.conf: OK
2018-10-11 11:55:28 web01a: Generating /etc/systemd/system/slapd.service: OK
2018-10-11 11:55:28 web01a: Generating /etc/systemd/system/snmpd.service.d/override.conf: OK
Change-Id: I3035293b95f64033005cc5f8d031dbbfac1dcc33
Currently `/etc/debian_version` for Debian/buster systems includes:
buster/sid
So until we get the according version number via base-files, also
check for the codename instead. Make it more generic so it works for
any upcoming release that uses ".*/sid", to not run into the issue
again with e.g. the upcoming Debian/release codenamed bullseye (the
release expected after buster).
Thanks: Manuel Montecelo for improving my initial version
Change-Id: I59e6adea98b6c228daa2b5ebe14872c4a35b8920
It was impossible to set value like '10G' previosuly:
>> ngcpcfg set /etc/ngcp-config/config.yml bootenv.netscript.fallbackfssize=10M
> Bareword found where operator expected at /tmp/tmp.px3MpkUFZS line 28, near "10M"
> (Missing operator before M?)
> Bareword found where operator expected at /tmp/tmp.px3MpkUFZS line 30, near "10M"
> (Missing operator before M?)
> Bareword found where operator expected at /tmp/tmp.px3MpkUFZS line 31, near "10M"
> (Missing operator before M?)
> Bareword found where operator expected at /tmp/tmp.px3MpkUFZS line 33, near "10M"
> (Missing operator before M?)
> Bareword found where operator expected at /tmp/tmp.px3MpkUFZS line 34, near "10M"
> (Missing operator before M?)
> syntax error at /tmp/tmp.px3MpkUFZS line 28, near "10M"
> syntax error at /tmp/tmp.px3MpkUFZS line 30, near "10M"
> syntax error at /tmp/tmp.px3MpkUFZS line 39, near "}"
> Execution of /tmp/tmp.px3MpkUFZS aborted due to compilation errors.
The 'case' statement doesn't support regular expresions in Bash,
let's rewrite them into linear check.
Change-Id: I29ced837fca0abdc3cbe1ea18c614c4c1dd6780c
At the end of installer's 'configuration' section we need
to restart all services were touched during the installation
(otherwise we need to restart the node completely).
The option helps us in this case as etckeeper is
not reliable enough during the installation.
P.S. we pass options from 'apply' to 'services' now,
we should remove 'Unsupported option(s) given: $*' check,
otherwise it is failing as 'apply' requires commit message,
which cause error on 'services' level: 'Unsupported option(s) given'
> 2018-09-13 18:08:33: Error: Unsupported option(s) given: my commit message
> 2018-09-13 18:08:34: Did you mean '--dry-run'?
Change-Id: I5dac44cd87dc1fc90f81e4ac3a14af32c00f825e
We need to have some reproducible order of services restart,
otherwise this might lead to different results, depending on the order.
Also unifyer() looks too heavy here since the files can be easily
unified in a moment of writing them into ${TMPFILE}.
Change-Id: I0a683a7d57cd52b74cba0ee9a285f84f77f3dc20
It was initially introduced in the commit:
> commit 7d422b7878
> Author: Victor Seva <vseva@sipwise.com>
> Date: Fri Aug 22 17:03:39 2014 +0200
>
> MT#8763 check for .git before running the services
>
> On a multi directory config, the services depends on git. Check
> first if the git repository exists and warn about it
The subshell here was necessary to isolate 'cd $dir' call.
In the same time the "proper" bash way is to use pushd/popd.
For the history, 'shellcheck disable' was muting the warning:
> This only exits the subshell caused by the (..) group. [SC2106]
Change-Id: I3546fa9615858dbbc4c0f91d74de003e22837d55
Guillem Jover
Michael Prokop
Andrew Pogrebennyk
Sipwise Jenkins Builder
Manuel Montecelo
Alexander Lutay
Mykola Malkov