summaryrefslogtreecommitdiff
path: root/cloudinit/config
AgeCommit message (Collapse)Author
2020-08-21Update the list of valid ssh keys. (#487)Ole-Martin Bratteng
Update ssh_util.py with latest list of keys (from openssh-8.3p1/sshkey.c), Added keys: sk-ecdsa-sha2-nistp256-cert-v01@openssh.com sk-ecdsa-sha2-nistp256@openssh.com sk-ssh-ed25519-cert-v01@openssh.com sk-ssh-ed25519@openssh.com ssh-xmss-cert-v01@openssh.com ssh-xmss@openssh.com LP: #1877869
2020-08-19Add Alpine Linux support. (#535)dermotbradley
Add new module cc_apk_configure for creating Alpine /etc/apk/repositories file. Modify cc_ca_certs, cc_ntp, cc_power_state_change, and cc_resolv_conf for Alpine. Add Alpine template files for Chrony and Busybox NTP support. Add Alpine template file for /etc/hosts.
2020-08-18Detect kernel version before swap file creation (#428)Eduardo Otubo
According to man page `man 8 swapon', "Preallocated swap files are supported on XFS since Linux 4.18". This patch checks for kernel version before attepting to create swapfile, using dd for XFS only on kernel versions <= 4.18 or btrfs. Add new func util.kernel_version which returns a tuple of ints (major, minor) Signed-off-by: Eduardo Otubo otubo@redhat.com
2020-08-13Fix 'Users and Groups' configuration documentation (#530)sshedi
Few of the 'User and Groups' configurations in cloud-config have no effect on already existing users. This was not documented earlier. This change set adds that information to documentation. Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
2020-08-10Fix a typo in apt pipelining module (#525)Xiao Liang
* Fix a typo in apt pipelining module Changed `whcih` to `which`. * Update .github-cla-signers I have signed the CLA on Canonical's site, adding my username to list of CLA signers. * Update .github-cla-signers I need to sort the list alphabetically.
2020-07-15cc_ca_certs.py: fix blank line problem when removing CAs and adding new one ↵dermotbradley
(#483) Problem: When cc_ca_certs configuration has both "remove-defaults: true" and also specifies one, or more, new trusted CAs to add then the resultant /etc/ca-certificates.conf file's 1st line is blank. As noted in comments in the existing cc_ca_certs.py code blank lines in this file cause problems. Fix: Before adding the cloud-init CA filename to this file first check the size of the file - if is is empty (as all existing CAs have been deleted) then write only the cloud-init CA filename to the file rather than appending it to the file.
2020-07-15cloudinit: remove global disable of pylint W0107 and fix errors (#489)Daniel Watkins
* cloudinit: remove global disable of pylint W0107 and fix errors This includes removing a test class which contained no tests but wasn't detected as empty because of an errant pass statement. * .pylintrc: update disable comment to match arguments
2020-07-13cloudinit: remove global disable of pylint W0105 and fix errors (#480)Daniel Watkins
This includes a fix to a test that had a string concatenation issue, and so was only testing a prefix of what was intended.
2020-07-13Fix two minor warnings (#475)Daniel Watkins
2020-07-10cc_mounts: handle missing fstab (#484)Ryan Harper
Do not fail if /etc/fstab is not present. Some images, like container rootfs may not include this file by default. LP: #1886531
2020-06-30Enable use of the caplog fixture in pytest tests, and add a cc_final_message ↵Daniel Watkins
test using it (#461) caplog is only available in pytest itself from 3.0 onwards. In xenial, we only have pytest 2.8.7. However, in xenial we do have pytest-catchlog available (as python3-pytest-catchlog), so we use that where appropriate.
2020-06-29Add schema for cc_chef module (#375)lucasmoura
Create a schema object for the chef module and validate this schema in the handle function of the module. Some of the config keys description, so I tried looking at the code and chef documentation to provide an information to the user. However, I don't know if I have the best description for all fields. For example, for the key show_time I could not find an accurate description of what it did, so I used what was in our code base to infer what it should do. LP: #1858888
2020-06-22cc_final_message: don't create directories when writing boot-finished (#445)Daniel Watkins
If the instance symlink doesn't exist, then we shouldn't create a directory in its place, because that breaks future boots. LP: #1883903
2020-06-08Replace cc_chef is_installed with use of subp.is_exe. (#421)Scott Moser
This was brought up in review of #416. Makes sense to remove the local copy of "is this executable file".
2020-06-08Move runparts to subp. (#420)Scott Moser
runparts (run a directory of scripts) seems to fit well in subp module. The request to move it there was raised in #416. Replace use of logexc with LOG.debug as logexc comes from util.
2020-06-08Move subp into its own module. (#416)Scott Moser
This was painful, but it finishes a TODO from cloudinit/subp.py. It moves the following from util to subp: ProcessExecutionError subp which target_path I moved subp_blob_in_tempfile into cc_chef, which is its only caller. That saved us from having to deal with it using write_file and temp_utils from subp (which does not import any cloudinit things now). It is arguable that 'target_path' could be moved to a 'path_utils' or something, but in order to use it from subp and also from utils, we had to get it out of utils.
2020-06-02test: fix all flake8 E241 (#403)Joshua Powers
Remove extra spaces after a ','
2020-06-01cc_grub_dpkg: determine idevs in more robust manner with grub-probe (#358)Matthew Ruffell
Replace the hardcoded list of devices with a more robust way of determining the device which grub is installed to. We use grub-probe to fetch the underlying disk the /boot directory is located on, and attempt to match the disk with its /dev/disk/by-id value. If no such /dev/disk/by-id/ value exists, we fallback to the plain disk name. The changes are robust to unstable kernel device names and ordering, and use /dev/disk/by-id values to populate grub-pc/install_devices where possible. LP: #1877491
2020-05-27Enable chef_license support for chef infra client (#389)Bipin Bachhao
Co-authored-by: Daniel Watkins <oddbloke@ubuntu.com>
2020-05-21cc_snap: validate that assertions property values are strings (#370)Daniel Watkins
And add an example of providing a list of assertions.
2020-05-19test_resolv_conf: refresh stale comment (#374)Daniel Watkins
2020-05-18cc_snap: apply validation to snap.commands properties (#364)Daniel Watkins
Specifically, ensure that given values are either strings, or arrays of strings.
2020-05-14cloudinit: minor pylint fixes (#360)Daniel Watkins
We recently discovered that pylint is failing to report some errors when invoked across our entire codebase (see https://github.com/PyCQA/pylint/issues/3611). I've run pylint across every Python file under cloudinit/[0], and this commit fixes the issues so-discovered. [0] find cloudinit/ -name "*.py" | xargs -n 1 -t .tox/pylint/bin/python -m pylint
2020-05-14cloudinit: remove unneeded __future__ imports (#362)Daniel Watkins
We live in the future now.
2020-05-13Add schema to apt configure config (#357)lucasmoura
Create a schema object for the `apt_configure` module and validate this schema in the `handle` function of the module. There are some considerations regarding this PR: * The `primary` and `security` keys have the exact same properties. I tried to eliminate this redundancy by moving their properties to a common place and then just referencing it for both security and primary. Similar to what is documented here: https://json-schema.org/understanding-json-schema/structuring.html under the `Reuse` paragraph. However, this approach does not work, because the `#` pointer goes to the beginning of the file, which is a python module instead of a json file, not allowing the pointer to find the correct definition. What I did was to create a separate dict for the mirror config and reuse it for primary and security, but maybe there are better approaches to do that. * There was no documentation for the config `debconf_selections`. I tried to infer what it supposed to do by looking at the code and the `debconf-set-selections` manpage, but my description may not be accurate or complete. * Add a _parse_description function to schema.py to render multi-line preformatted content instead of squashing all whitespace LP: #1858884
2020-05-06Create tests to validate schema examples (#348)lucasmoura
Add a unit test to validate if the examples provided in the config modules are conforming to the concatenated schema of all config modules. The rationale behind that is not only to verify if the examples are correctly written but to assert that no config schema is interfering with each other. Failures in validate_cloudconfig_schema raise the SchemaValidationError by using strict=True, so I have only called the function passing the right schema examples to validate. This branch also fixes an invalid schema example in cc_snap. LP: #1876412
2020-04-30cc_locale: introduce schema (#335)Daniel Watkins
2020-04-30yum_add_repo: Add Centos to the supported distro list (#340)Ryan Harper
Users of Centos who want to add yum repos, like they do on Fedora or RHEL get this unfortunate message: Skipping modules 'yum-add-repo' because they are not verified on distro 'centos'. To run anyway, add them to 'unverified_modules' in config Centos certainly supports yum, add it to the supported distro list in the module.
2020-04-28Add docs about creating parent folders (#330)Adrian Wilkins
Clarify in documentation that write_files will create parent folders for paths that do not already exist. This obfuscates what the problem is when people erroneously create files in /tmp despite the warnings in the documentation not to do so. People naturally assume that their file is absent because the parent folder did not exist for it to be created in, causing them to add a runcmd block to create the folder, even though execution order means that this will not occur until after write_files have all finished.
2020-04-27schema: ignore spurious pylint error (#332)Daniel Watkins
The line in question is in the code path handling older versions of jsonschema. In that context it _is_ correct, but when pylint analyses it against the latest jsonschema it (incorrectly) detects an error.
2020-04-24schema: add json schema for write_files module (#152)Chad Smith
Add schema definition to cc_write_files.py Cloud-config containing write_files config directives will now emit warnings for invalid config keys or values for the write_files module. Add an extension to JSON schema's draft4validator to permit either binary or text values for 'string' objects. This allows for JSON schema validating the YAML declaration of binary valiues in cloud-config using YAML's '!!binary' syntax. Add the ability to pass a specific module name to `cloud-init devel schema --docs <module_name>|all` to optionally limit doc output during development to a single schema doc.
2020-04-24cloudinit: drop dependencies on unittest2 and contextlib2 (#322)Daniel Watkins
These libraries provide backports of Python 3's stdlib components to Python 2. As we only support Python 3, we can simply use the stdlib now. This pull request does the following: * removes some unneeded compatibility code for the old spelling of `assertRaisesRegex` * replaces invocations of the Python 2-only `assertItemsEqual` with its new name, `assertCountEqual` * replaces all usage of `unittest2` with `unittest` * replaces all usage of `contextlib2` with `contextlib` * drops `unittest2` and `contextlib2` from requirements files and tox.ini It also rewrites some `test_azure` helpers to use bare asserts. We were seeing a strange error in xenial builds of this branch which appear to be stemming from the AssertionError that pytest produces being _different_ from the standard AssertionError. This means that the modified helpers weren't behaving correctly, because they weren't catching AssertionErrors as one would expect. (I believe this is related, in some way, to https://github.com/pytest-dev/pytest/issues/645, but the only version of pytest where we're affected is so far in the past that it's not worth pursuing it any further as we have a workaround.)
2020-04-16test_mounts: expand happy path test for both happy paths (#319)Daniel Watkins
2020-04-15cc_mounts: fix incorrect format specifiers (#316)Daniel Watkins
LP: #1872836
2020-04-14swap file "size" being used before checked if str (#315)Eduardo Otubo
Swap file size variable was being used before checked if it's set to str "auto". If set to "auto", it will break with: failed to setup swap: unsupported operand type(s) for /: 'str' and 'int' Signed-off-by: Eduardo Otubo <otubo@redhat.com> RHBZ: 1772505
2020-04-02Add support for NFS/EFS mounts (#300)Andrew Beresford
The cc_mounts module does not support NFS mounts in the form of hostname:/ or hostname:/path. This PR adds support for NFS-style paths in the fs_spec field. LP: #1870370
2020-03-25set_passwords: avoid chpasswd on BSD (#268)Gonéri Le Bouder
Avoid chpasswd on all the BSD variants.
2020-03-23cc_disk_setup: fix RuntimeError (#270)Daniel Watkins
Addresses "Runtime Error: dictionary keys changed during iteration". Co-authored-by: Noah Meyerhans <noahm@debian.org> LP: #1868327
2020-03-23cc_apt_configure/util: combine search_for_mirror implementations (#271)Daniel Watkins
These two implementations had drifted away from one another very slightly. Reconcile them and then remove the one in cc_apt_configure.
2020-03-19cloudinit/tests: remove unneeded with_logs configuration (#263)Daniel Watkins
These classes don't use `self.logs` anywhere in their body, so we can remove the `with_logs = True` setting from them. These instances were found using astpath[0], with the following invocation: astpath "//Name[@id='with_logs' and not(ancestor::ClassDef//Attribute[@attr='logs'])]" [0] https://github.com/hchasestevens/astpath
2020-03-13cc_resolv_conf: introduce tests and stabilise output across Python versions ↵Daniel Watkins
(#251) This is a follow-up to #144 which fixed the rendering behaviour. While writing the tests, CI failed due to dict iteration differences across Python versions, so this also sorts output so that we will produce the same output across Python versions.
2020-03-11Add pub_key_ed25519 to cc_phone_home (#237)Daniel Hensby
2020-02-13docs: mount_default_files is a list of 6 items, not 7 (#212)Chad Smith
2020-02-10unittest: fix stderr leak in cc_set_password random unittest output. (#208)Ryan Harper
2020-02-07cc_disk_setup: add swap filesystem force flag (#207)Ryan Harper
2020-01-31cloudinit: replace "from six import X" imports (except in util.py) (#183)Daniel Watkins
2020-01-29Replace mock library with unittest.mock (#186)Daniel Watkins
* cloudinit: replace "import mock" with "from unittest import mock" * test-requirements.txt: drop mock Co-authored-by: Chad Smith <chad.smith@canonical.com>
2020-01-27Print ssh key fingerprints using sha256 hash (#188)Ryan Harper
LP: #1860789
2020-01-24cc_set_password: increase random pwlength from 9 to 20 (#189)Ryan Harper
Increasing the bits of security from 52 to 115. LP: #1860795
2020-01-23Do not use fallocate in swap file creation on xfs. (#70)Eduardo Otubo
When creating a swap file on an xfs filesystem, fallocate cannot be used. Doing so results in failure of swapon and a message like: swapon: swapfile has holes The solution here is to maintain a list (currently containing only XFS) of filesystems where fallocate cannot be used. The, on those fileystems use the slower but functional 'dd' method. Signed-off-by: Eduardo Otubo <otubo@redhat.com> Co-authored-by: Adam Dobrawy <naczelnik@jawnosc.tk> Co-authored-by: Scott Moser <smoser@brickies.net> Co-authored-by: Daniel Watkins <daniel@daniel-watkins.co.uk> LP: #1781781