Server image cleanup

.github/workflows/build_containers.yml

@@ -252,3 +252,34 @@ jobs:
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+
+  build-and-push-fakeipmi-image:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/ci-fakeipmi
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: ./testsuite/dockerfiles/fakeipmi/
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

containers/server-image/Dockerfile

@@ -9,126 +9,77 @@ ARG PRODUCT_PATTERN_PREFIX="patterns-uyuni"
 # Extra packages can be added via project configuration
 ARG EXTRAPACKAGES
 
-COPY timezone_alignment.sh /usr/bin
-
-COPY healthcheck.sh /usr/bin
-RUN chmod a+x /usr/bin/healthcheck.sh
-
-# Copy timezone link update service
-COPY timezone_alignment.service /usr/lib/systemd/system/
-
-COPY remove_unused.sh .
-RUN echo "rpm.install.excludedocs = yes" >>/etc/zypp/zypp.conf
-
 # Main packages
-RUN zypper ref && zypper --non-interactive up
-RUN zypper --gpg-auto-import-keys --non-interactive install --auto-agree-with-licenses --force-resolution \
-    ${EXTRAPACKAGES} \
-    ${PRODUCT_PATTERN_PREFIX}_server \
-    ${PRODUCT_PATTERN_PREFIX}_retail \
-    billing-data-service \
-    grub2-x86_64-efi \
-    grub2-arm64-efi \
-    grub2-powerpc-ieee1275 \
-    ed \
-    susemanager-tftpsync \
-    golang-github-prometheus-node_exporter \
-    prometheus-postgres_exporter \
-    golang-github-QubitProducts-exporter_exporter \
-    prometheus-jmx_exporter \
-    prometheus-jmx_exporter-tomcat \
-    spacecmd \
-    grafana-formula \
-    locale-formula \
-    prometheus-exporters-formula \
-    prometheus-formula \
-    registry-formula \
-    virtualization-formulas \
-    uyuni-config-formula \
-    saphanabootstrap-formula \
-    sapnwbootstrap-formula \
-    drbd-formula \
-    habootstrap-formula \
-    saline-formula \
-    salt-shaptools \
-    inter-server-sync \
-    golang-github-prometheus-node_exporter \
-    prometheus-postgres_exporter \
-    golang-github-QubitProducts-exporter_exporter \
-    prometheus-jmx_exporter \
-    spacecmd \
-    javamail \
-    libyui-ncurses-pkg16 \
-    virtual-host-gatherer-libcloud \
-    virtual-host-gatherer-Libvirt \
-    virtual-host-gatherer-Nutanix \
-    virtual-host-gatherer-VMware \
-    vim \
-    python3-pygit2 \
-    ipmitool \
-    sssd \
-    sssd-dbus \
-    sssd-ldap \
-    sssd-ad \
-    sssd-ipa \
-    sssd-krb5 \
-    sssd-tools
-
-RUN sed -i 's/sysctl kernel.shmmax/#sysctl kernel.shmmax/g' /usr/bin/uyuni-setup-reportdb
-
-RUN mkdir -p /etc/postgres_exporter \
-             /etc/prometheus-jmx_exporter/tomcat \
-             /usr/lib/systemd/system/tomcat.service.d \
-             /etc/prometheus-jmx_exporter/taskomatic \
-             /usr/lib/systemd/system/taskomatic.service.d
-
-COPY postgres_exporter_queries.yaml /etc/postgres_exporter/postgres_exporter_queries.yaml
-COPY postgres-exporter /etc/sysconfig/prometheus-postgres_exporter
-COPY java_agent.yaml /etc/prometheus-jmx_exporter/tomcat/java_agent.yml
-COPY java_agent.yaml /etc/prometheus-jmx_exporter/taskomatic/java_agent.yml
-COPY tomcat_jmx.conf /usr/lib/systemd/system/tomcat.service.d/jmx.conf
-COPY taskomatic_jmx.conf /usr/lib/systemd/system/taskomatic.service.d/jmx.conf
-COPY pam-susemanager /etc/pam.d/susemanager
-COPY pam-susemanager-account /etc/pam.d/susemanager-account
-COPY pam-susemanager-auth /etc/pam.d/susemanager-auth
-COPY pam-susemanager-password /etc/pam.d/susemanager-password
-COPY pam-susemanager-session /etc/pam.d/susemanager-session
-COPY pam-password-auth /etc/pam.d/password-auth
-COPY pam-postlogin /etc/pam.d/postlogin
-COPY pam-system-auth /etc/pam.d/system-auth
-COPY nsswitch.conf /etc/nsswitch.conf
-
-RUN chmod -R 755 /usr/bin/timezone_alignment.sh
-
-# Set a warning message for interactive shells
-COPY motd /etc/motd
-RUN echo "cat /etc/motd" >/etc/sh.shrc.local
-
-RUN systemctl enable prometheus-node_exporter; \
-    systemctl enable uyuni-setup; \
-    systemctl enable timezone_alignment; \
-    systemctl enable sssd;
-
-# Provide tool to synchronize package and configuration files to persistent volumes
-COPY uyuni-configfiles-sync /usr/bin
-RUN chmod -R 755 /usr/bin/uyuni-configfiles-sync
+RUN echo "rpm.install.excludedocs = yes" >>/etc/zypp/zypp.conf && \
+    zypper ref && zypper --non-interactive up && \
+    zypper --gpg-auto-import-keys --non-interactive install --auto-agree-with-licenses --force-resolution \
+        ${EXTRAPACKAGES} \
+        ${PRODUCT_PATTERN_PREFIX}_server \
+        ${PRODUCT_PATTERN_PREFIX}_retail \
+        billing-data-service \
+        grub2-x86_64-efi \
+        grub2-arm64-efi \
+        grub2-powerpc-ieee1275 \
+        ed \
+        susemanager-tftpsync \
+        golang-github-prometheus-node_exporter \
+        prometheus-postgres_exporter \
+        golang-github-QubitProducts-exporter_exporter \
+        prometheus-jmx_exporter \
+        prometheus-jmx_exporter-tomcat \
+        spacecmd \
+        grafana-formula \
+        locale-formula \
+        prometheus-exporters-formula \
+        prometheus-formula \
+        registry-formula \
+        virtualization-formulas \
+        uyuni-config-formula \
+        saphanabootstrap-formula \
+        sapnwbootstrap-formula \
+        drbd-formula \
+        habootstrap-formula \
+        saline-formula \
+        salt-shaptools \
+        inter-server-sync \
+        golang-github-prometheus-node_exporter \
+        prometheus-postgres_exporter \
+        golang-github-QubitProducts-exporter_exporter \
+        prometheus-jmx_exporter \
+        spacecmd \
+        javamail \
+        virtual-host-gatherer-libcloud \
+        virtual-host-gatherer-Libvirt \
+        virtual-host-gatherer-Nutanix \
+        virtual-host-gatherer-VMware \
+        vim \
+        python3-pygit2 \
+        ipmitool \
+        sssd \
+        sssd-dbus \
+        sssd-ldap \
+        sssd-ad \
+        sssd-ipa \
+        sssd-krb5 \
+        sssd-tools && \
+    sed -i 's/sysctl kernel.shmmax/#sysctl kernel.shmmax/g' /usr/bin/uyuni-setup-reportdb && \
+    systemctl enable prometheus-node_exporter && \
+    systemctl enable sssd
+
+ADD root.tar.gz /
 
 # Initialize environments to sync configuration and package files to persistent volumes
-RUN uyuni-configfiles-sync init /etc/apache2/
-RUN uyuni-configfiles-sync init /etc/cobbler/
-RUN uyuni-configfiles-sync init /etc/postfix/
-RUN uyuni-configfiles-sync init /etc/rhn/
-RUN uyuni-configfiles-sync init /etc/salt/
-RUN uyuni-configfiles-sync init /etc/sysconfig/
-RUN uyuni-configfiles-sync init /etc/tomcat/
-RUN uyuni-configfiles-sync init /srv/tftpboot/
-RUN uyuni-configfiles-sync init /srv/www/
-RUN uyuni-configfiles-sync init /var/lib/cobbler/
-
-# Set /etc/krb5.conf.d/ as a link to krb5
-COPY krb5.conf /etc/krb5.conf
-COPY krb5-conf-setup.sh /usr/bin/krb5-conf-setup.sh
-RUN /bin/bash krb5-conf-setup.sh
+RUN systemctl enable timezone_alignment && \
+    uyuni-configfiles-sync init /etc/apache2/ && \
+    uyuni-configfiles-sync init /etc/cobbler/ && \
+    uyuni-configfiles-sync init /etc/postfix/ && \
+    uyuni-configfiles-sync init /etc/rhn/ && \
+    uyuni-configfiles-sync init /etc/salt/ && \
+    uyuni-configfiles-sync init /etc/sysconfig/ && \
+    uyuni-configfiles-sync init /etc/tomcat/ && \
+    uyuni-configfiles-sync init /srv/tftpboot/ && \
+    uyuni-configfiles-sync init /srv/www/ && \
+    uyuni-configfiles-sync init /var/lib/cobbler/
 
 # LABELs
 ARG PRODUCT=Uyuni

containers/server-image/root/etc/krb5.conf.d

@@ -0,0 +1 @@
+/etc/rhn/krb5.conf.d

containers/server-image/root/etc/prometheus-jmx_exporter/tomcat/java_agent.yaml

@@ -0,0 +1,6 @@
+whitelistObjectNames:
+  - java.lang:type=Threading,*
+  - java.lang:type=Memory,*
+  - Catalina:type=ThreadPool,name=*
+rules:
+  - pattern: ".*"

containers/server-image/root/etc/sh.shrc.local

@@ -0,0 +1 @@
+cat /etc/motd

rel-eng/custom/custom.py

@@ -11,6 +11,7 @@
 """
 import os
 import shutil
+import tarfile
 
 from tito.builder import Builder
 from tito.common import  run_command, debug, info_out
@@ -92,8 +93,14 @@ def copy_sources(self):
 
         gitdir = os.path.join(self.git_root, self.relative_project_dir)
         for path in os.listdir(gitdir):
+            debug("Processing " + path)
             file_path = os.path.join(gitdir, path)
-            if os.path.isfile(file_path):
+            if path == "root":
+                # Create a root.tar.gz file from the files in root folder
+                target_path = os.path.join(self.rpmbuild_sourcedir, "root.tar.gz")
+                tar(os.path.join(gitdir, path), target_path)
+                self.sources.append(target_path)
+            elif os.path.isfile(file_path):
                 target_path = os.path.join(self.rpmbuild_sourcedir, path)
                 self.copy_source(file_path, target_path)
 
@@ -129,6 +136,16 @@ def copy_push(self, name):
         self.sources.append(target_script)
 
 
+def tar(src, dest):
+    '''
+    Create a dest tar.gz file from the files in the src folder.
+    '''
+    debug(f"Compressing {src} into {dest}")
+    with tarfile.open(dest, "w:gz") as tarball:
+        for name in os.listdir(src):
+            tarball.add(os.path.join(src, name), name)
+
+
 
 
 class ChartBuilder(ContainerBuilder):

testsuite/dockerfiles/fakeipmi/Dockerfile

@@ -0,0 +1,8 @@
+FROM opensuse/leap:15.5
+
+RUN zypper -n in OpenIPMI && \
+    mkdir -p /etc/ipmi
+
+COPY ipmisim1.emu lan.conf fake_ipmi_host.sh /etc/ipmi
+
+CMD ["ipmi_sim", "-n"]

testsuite/dockerfiles/fakeipmi/fake_ipmi_host.sh

@@ -0,0 +1,9 @@
+#! /bin/bash
+
+echo
+echo "#### Fake IPM host started ####"
+echo
+
+while true; do
+  sleep 5
+done

testsuite/dockerfiles/fakeipmi/ipmisim1.emu

@@ -0,0 +1,17 @@
+# Minimalistic simulation setup for ipmi_sim.
+
+# The BMC is the MC at address 20
+mc_setbmc 0x20
+
+# Now add the BMC
+mc_add 0x20 0 no-device-sdrs 0x23 9 8 0x9f 0x1291 0xf02 persist_sdr
+sel_enable 0x20 1000 0x0a
+
+# Watchdog sensor.  This must be sensor zero.
+sensor_add 0x20 0 0 35 0x6f event-only
+sensor_set_event_support 0x20 0 0 enable scanning per-state \
+	000000000001111 000000000000000 \
+	000000000001111 000000000000000
+
+# Turn on the BMC
+mc_enable 0x20

testsuite/dockerfiles/fakeipmi/lan.conf

@@ -0,0 +1,25 @@
+name "ipmisim1"
+
+set_working_mc 0x20
+
+  # Define a LAN channel on channel 1
+  startlan 1
+    addr 127.0.0.1 623
+    priv_limit admin
+
+    allowed_auths_callback none md2 md5 straight
+    allowed_auths_user none md2 md5 straight
+    allowed_auths_operator none md2 md5 straight
+    allowed_auths_admin none md2 md5 straight
+
+    guid a123456789abcdefa123456789abcdef
+  endlan
+
+  serial 15 127.0.0.1 9002 codec VM
+
+  startcmd "/etc/ipmi/fake_ipmi_host.sh"
+  startnow false
+
+  user 1 true  "admin"   "admin" user     10       none md2 md5 straight
+  user 2 true  "ipmiusr" "test"  admin    10       none md2 md5 straight
+

testsuite/dockerfiles/server-all-in-one-dev/Dockerfile

@@ -13,9 +13,7 @@ RUN zypper -n --gpg-auto-import-keys ref && \
       servletapi5 \
       cpio \
       spacecmd \
-      expect \
-      prometheus \
-      wget && \
+      prometheus &&
     zypper addrepo --no-gpgcheck obs://systemsmanagement:Uyuni:Utils systemsmanagement:uyuni:utils && \
     zypper -n install obs-to-maven yarn && \
     zypper clean -a

testsuite/features/step_definitions/command_steps.rb

@@ -1384,7 +1384,9 @@
   success = file_inject(get_target('server'), source, dest)
   raise ScriptError, 'File injection in server failed' unless success
 
-  get_target('server').run("expect -f /tmp/#{file} #{$reportdb_ro_user}")
+  node = get_target('server')
+  mgrctl = node.has_mgrctl ? 'mgrctl' : ''
+  node.run_local("expect -f /tmp/#{file} #{$reportdb_ro_user} #{mgrctl}")
 end
 
 Then(/^I should see the read-only user listed on the ReportDB user accounts$/) do
@@ -1399,7 +1401,9 @@
   success = file_inject(get_target('server'), source, dest)
   raise ScriptError, 'File injection in server failed' unless success
 
-  get_target('server').run("expect -f /tmp/#{file} #{$reportdb_ro_user}")
+  node = get_target('server')
+  mgrctl = node.has_mgrctl ? 'mgrctl' : ''
+  node.run_local("expect -f /tmp/#{file} #{$reportdb_ro_user} #{mgrctl}")
 end
 
 Then(/^I shouldn't see the read-only user listed on the ReportDB user accounts$/) do