mirror of
https://github.com/freeipa/ansible-freeipa.git
synced 2026-03-26 21:33:05 +00:00
c979843b1a
When using containers to test ansible-freeipa there's a need to deal with 'podman' the development environment and the Azure environment. In the Azure environment, with Ubuntu hosts, using 'cap-add' does not allow FreeIPA to be installed on the containers, and they need to be executed with privileged mode. On the other hand, on development environments, such as recent Fedora hosts, there's no need to run the container with extra privileges. This patch modifies the utility function 'container_create' to allow the usage of key-value argumes such as "cpus=4" and "privileged", that will be used in the container creation. The currently available options are "privileged", "cpus", "memory" and "hostname". By default "cpus=2" and "hostname=ipaserver.test.local". Also, too make the image build script more self-contained, if the required Ansible collections are not installed, they will be temporarily installed so that the image can be built.
178 lines
4.0 KiB
Bash
178 lines
4.0 KiB
Bash
#!/bin/bash -eu
|
|
# This file is meant to be source'd by other scripts
|
|
|
|
SCRIPTDIR="$(dirname -- "$(readlink -f "${BASH_SOURCE[0]}")")"
|
|
TOPDIR="$(readlink -f "${SCRIPTDIR}/../..")"
|
|
|
|
. "${TOPDIR}/utils/shfun"
|
|
|
|
container_create() {
|
|
local name=${1}
|
|
local image=${2}
|
|
shift 2
|
|
declare -a extra_opts=()
|
|
for opt in "$@"
|
|
do
|
|
[ -z "${opt}" ] && continue
|
|
case "${opt}" in
|
|
hostname=*) extra_opts+=("--${opt}") ;;
|
|
cpus=*) extra_opts+=("--${opt}") ;;
|
|
memory=*) extra_opts+=("--${opt}") ;;
|
|
privileged) extra_opts+=("--${opt}") ;;
|
|
*) log error "container_create: Invalid option: ${opt}" ;;
|
|
esac
|
|
done
|
|
|
|
# ensure default values are set
|
|
[[ " ${extra_opts[*]} " =~ " --cpus=" ]] || extra_opts+=("--cpus=2")
|
|
[[ " ${extra_opts[*]} " =~ " --hostname=" ]] \
|
|
|| extra_opts+=("--hostname=ipaserver.test.local")
|
|
|
|
log info "= Creating ${name} ="
|
|
podman create \
|
|
--security-opt label=disable \
|
|
--network bridge:interface_name=eth0 \
|
|
--systemd true \
|
|
--name "${name}" \
|
|
--memory-swap -1 \
|
|
--no-hosts \
|
|
--replace \
|
|
"${extra_opts[@]}" \
|
|
"${image}"
|
|
echo
|
|
}
|
|
|
|
container_start() {
|
|
local name="${1}"
|
|
|
|
log info "= Starting ${name} ="
|
|
podman start "${name}"
|
|
echo
|
|
}
|
|
|
|
container_stop() {
|
|
local name="${1}"
|
|
|
|
log info "= Stopping ${name} ="
|
|
podman stop "${name}"
|
|
echo
|
|
}
|
|
|
|
container_wait_for_journald() {
|
|
local name=${1}
|
|
|
|
log info "= Waiting till systemd-journald is running ="
|
|
max=20
|
|
wait=2
|
|
count=0
|
|
while ! podman exec "${name}" ps -x | grep -q "systemd-journald"
|
|
do
|
|
if [ $count -ge $max ]; then
|
|
die "Timeout: systemd-journald is not starting up"
|
|
fi
|
|
count=$((count+1))
|
|
log info "Waiting ${wait} seconds .."
|
|
sleep ${wait}
|
|
done
|
|
log info "done"
|
|
echo
|
|
}
|
|
|
|
container_wait_up() {
|
|
local name="${1}"
|
|
|
|
log info "= Waiting till all services are started ="
|
|
max=20
|
|
wait=15
|
|
count=0
|
|
while podman exec "${name}" systemctl list-jobs | \
|
|
grep -qvi "no jobs running"
|
|
do
|
|
if [ $count -ge $max ]; then
|
|
die "Timeout: Services are not starting up"
|
|
fi
|
|
count=$((count+1))
|
|
log info "Waiting ${wait} seconds .."
|
|
sleep ${wait}
|
|
done
|
|
log info "done"
|
|
echo
|
|
}
|
|
|
|
container_build() {
|
|
local tag="${1}"
|
|
local file="${2}"
|
|
local dir="${3}"
|
|
|
|
log info "= Building ${tag} ="
|
|
podman build -t "${tag}" -f "${file}" "${dir}"
|
|
echo
|
|
}
|
|
|
|
container_commit() {
|
|
local name="${1}"
|
|
local image="${2}"
|
|
|
|
log info "= Committing \"${image}\" ="
|
|
podman commit "${name}" "${image}"
|
|
echo
|
|
}
|
|
|
|
container_exec() {
|
|
local name="${1}"
|
|
shift 1
|
|
|
|
# "@Q" is only needed for the log output, the exec command is properly
|
|
# working without also for args containing spaces.
|
|
log info "= Executing \"${*@Q}\" ="
|
|
podman exec -t "${name}" "${@}"
|
|
echo
|
|
}
|
|
|
|
container_remove_image_if_exists()
|
|
{
|
|
# In older (as in Ubuntu 22.04) podman versions,
|
|
# 'podman image rm --force' fails if the image
|
|
# does not exist.
|
|
local tag_to_remove="${1}"
|
|
|
|
if podman image exists "${tag_to_remove}"
|
|
then
|
|
log info "= Cleanup ${tag_to_remove} ="
|
|
podman image rm "${tag_to_remove}" --force
|
|
echo
|
|
fi
|
|
}
|
|
|
|
container_get_state()
|
|
{
|
|
local name="${1}"
|
|
|
|
state=$(podman ps -q --all --format "{{.State}}" --filter "name=${name}")
|
|
echo "${state}"
|
|
}
|
|
|
|
container_pull() {
|
|
local source="${1}"
|
|
|
|
image=$(podman pull "${source}")
|
|
echo "${image}"
|
|
}
|
|
|
|
container_image_list() {
|
|
local source="${1}"
|
|
|
|
# Append "$" for an exact match if the source does not end with ":" to
|
|
# search for the repo only.
|
|
if [[ ${source} != *: ]]; then
|
|
source="${source}$"
|
|
fi
|
|
image=$(podman image list --format "{{ .Repository }}:{{ .Tag }}" | \
|
|
grep "^${source}")
|
|
echo "${image}"
|
|
}
|
|
|
|
container_check() {
|
|
[ -n "$(command -v "podman")" ] || die "podman is required."
|
|
}
|