mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-03-03 22:24:43 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

tests(packer): rewrite the way to build the tests images.

Browse source
This commit is contained in:
Alexandre Pujol 2025-03-01 16:10:09 +01:00
parent 6d5a522dcb
commit 0b029ec42f
Failed to generate hash of commit
9 changed files with 98 additions and 254 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
tests/packer/archlinux.pkr.hcl
View file

@ -1,39 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
source "qemu" "archlinux" {
disk_image = true
iso_url = "https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2"
iso_checksum = "file:https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2.SHA256"
iso_target_path = "${var.iso_dir}/archlinux-cloudimg-amd64.img"
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = true
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = var.output
vm_name = "${var.prefix}${source.name}-${var.flavor}.qcow2"
boot_wait = "10s"
shutdown_command = "echo ${var.password} | sudo -S shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/cloud-init/${source.name}-${var.flavor}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}-${var.flavor}"
}
)
}
}

65
tests/packer/builds.pkr.hcl
View file

@ -2,24 +2,63 @@
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
locals {
name = "${var.prefix}${var.dist}-${var.flavor}"
}
source "qemu" "default" {
disk_image = true
iso_url = var.DM[var.dist].img_url
iso_checksum = "file:${var.DM[var.dist].img_checksum}"
iso_target_path = pathexpand("${var.iso_dir}/${basename("${var.DM[var.dist].img_url}")}")
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = true
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = pathexpand(var.output)
vm_name = "${local.name}.qcow2"
boot_wait = "10s"
firmware = pathexpand(var.firmware)
shutdown_command = "echo ${var.password} | sudo -S /sbin/shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = format("%s\n%s",
templatefile("${path.cwd}/tests/cloud-init/common.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${local.name}"
}
),
file("${path.cwd}/tests/cloud-init/${var.dist}-${var.flavor}.user-data.yml")
)
}
}
build {
sources = [
"source.qemu.archlinux",
"source.qemu.debian",
"source.qemu.fedora",
"source.qemu.opensuse",
"source.qemu.ubuntu22",
"source.qemu.ubuntu24",
"source.qemu.default",
]
# Upload artifacts
provisioner "file" {
destination = "/tmp/"
sources = [
"${path.cwd}/packer/src/",
"${path.cwd}/packer/init.sh",
"${path.cwd}/packer/clean.sh",
"${path.cwd}/../.pkg/",
"${path.cwd}/tests/packer/src/",
"${path.cwd}/tests/packer/init.sh",
"${path.cwd}/tests/packer/clean.sh",
"${path.cwd}/.pkg/",
]
}
@ -44,13 +83,9 @@ build {
]
}
post-processor "vagrant" {
output = "${var.base_dir}/packer_${var.prefix}${source.name}-${var.flavor}.box"
}
post-processor "shell-local" {
inline = [
"vagrant box add --force --name ${var.prefix}${source.name}-${var.flavor} ${var.base_dir}/packer_${var.prefix}${source.name}-${var.flavor}.box"
"mv ${var.output}/${local.name}.qcow2 ${var.base_dir}/${local.name}.qcow2",
]
}

7
tests/packer/clean.sh
View file

@ -56,9 +56,6 @@ clean_apt() {
clean_pacman() {
_msg "Cleaning pacman cache"
pacman -Syu --noconfirm
pacman -Qdtq | while IFS='' read -r pkg; do
pacman -Rsccn --noconfirm "$pkg"
done
pacman -Scc --noconfirm
}
@ -136,10 +133,6 @@ trim() {
truncate --size=0 /swap/swapfile
fi
# _msg "Fill root filesystem with 0 to reduce box size"
# dd if=/dev/zero of=/EMPTY bs=1M || true
# rm -f /EMPTY
# Block until the empty file has been removed, otherwise, Packer will
# try to kill the box while the disk is still full and that is bad.
sync

40
tests/packer/debian.pkr.hcl
View file

@ -1,40 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
source "qemu" "debian" {
disk_image = true
iso_url = "https://cdimage.debian.org/images/cloud/${var.release.debian.codename}/latest/debian-${var.release.debian.version}-genericcloud-amd64.qcow2"
iso_checksum = "file:https://cdimage.debian.org/images/cloud/${var.release.debian.codename}/latest/SHA512SUMS"
iso_target_path = "${var.iso_dir}/debian-${var.release.debian.codename}-cloudimg-amd64.img"
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = true
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = var.output
vm_name = "${var.prefix}${source.name}-${var.flavor}.qcow2"
boot_wait = "10s"
firmware = var.firmware
shutdown_command = "echo ${var.password} | sudo -S /sbin/shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/cloud-init/${source.name}-${var.flavor}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}"
}
)
}
}

10
tests/packer/init.sh
View file

@ -26,6 +26,7 @@ main() {
case "$DISTRIBUTION" in
arch)
rm -f $SRC/*.sig # Ignore signature files
pacman --noconfirm -U $SRC/*.pkg.tar.zst
;;
@ -40,9 +41,12 @@ main() {
esac
rm -rf /var/cache/apparmor/*
rm -rf /etc/apparmor/earlypolicy/
systemctl reload apparmor.service
verb="start"
rm -rf /var/cache/apparmor/* || true
if systemctl is-active -q apparmor; then
verb="reload"
fi
systemctl "$verb" apparmor.service || journalctl -xeu apparmor.service
}
main "$@"

4
tests/packer/main.pkr.hcl
View file

@ -8,9 +8,5 @@ packer {
source = "github.com/hashicorp/qemu"
version = "~> 1"
}
vagrant = {
source = "github.com/hashicorp/vagrant"
version = "~> 1"
}
}
}

42
tests/packer/opensuse.pkr.hcl
View file

@ -1,42 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
# TODO: Fully automate the creation of the base image
source "qemu" "opensuse" {
disk_image = true
iso_url = "${var.base_dir}/base-tumbleweed-gnome.qcow2"
iso_checksum = "sha256:223ed62160ef4f1a4f21b69c574f552a07eee6ef66cf66eef2b49c5a7c4864f4"
iso_target_path = "${var.base_dir}/base-tumbleweed-gnome.qcow2"
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = false
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = var.output
vm_name = "${var.prefix}${source.name}-${var.flavor}.qcow2"
boot_wait = "10s"
firmware = var.firmware
shutdown_command = "echo ${var.password} | sudo shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/cloud-init/${source.name}-${var.flavor}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}"
}
)
}
}

77
tests/packer/ubuntu.pkr.hcl
View file

@ -1,77 +0,0 @@
# apparmor.d - Full set of apparmor profiles
# Copyright (C) 2023-2024 Alexandre Pujol <alexandre@pujol.io>
# SPDX-License-Identifier: GPL-2.0-only
source "qemu" "ubuntu22" {
disk_image = true
iso_url = "https://cloud-images.ubuntu.com/${var.release.ubuntu22.codename}/current/${var.release.ubuntu22.codename}-server-cloudimg-amd64.img"
iso_checksum = "file:https://cloud-images.ubuntu.com/${var.release.ubuntu22.codename}/current/SHA256SUMS"
iso_target_path = "${var.iso_dir}/ubuntu-${var.release.ubuntu22.codename}-cloudimg-amd64.img"
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = true
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = var.output
vm_name = "${var.prefix}${source.name}-${var.flavor}.qcow2"
boot_wait = "10s"
firmware = var.firmware
shutdown_command = "echo ${var.password} | sudo -S /sbin/shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/cloud-init/${source.name}-${var.flavor}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}"
}
)
}
}
source "qemu" "ubuntu24" {
disk_image = true
iso_url = "https://cloud-images.ubuntu.com/${var.release.ubuntu24.codename}/current/${var.release.ubuntu24.codename}-server-cloudimg-amd64.img"
iso_checksum = "file:https://cloud-images.ubuntu.com/${var.release.ubuntu24.codename}/current/SHA256SUMS"
iso_target_path = "${var.iso_dir}/ubuntu-${var.release.ubuntu24.codename}-cloudimg-amd64.img"
cpu_model = "host"
cpus = var.cpus
memory = var.ram
disk_size = var.disk_size
accelerator = "kvm"
headless = true
ssh_username = var.username
ssh_password = var.password
ssh_port = 22
ssh_wait_timeout = "1000s"
disk_compression = true
disk_detect_zeroes = "unmap"
disk_discard = "unmap"
output_directory = var.output
vm_name = "${var.prefix}${source.name}-${var.flavor}.qcow2"
boot_wait = "10s"
firmware = var.firmware
shutdown_command = "echo ${var.password} | sudo -S /sbin/shutdown -hP now"
cd_label = "cidata"
cd_content = {
"meta-data" = ""
"user-data" = templatefile("${path.cwd}/cloud-init/${source.name}-${var.flavor}.user-data.yml",
{
username = "${var.username}"
password = "${var.password}"
ssh_key = file("${var.ssh_publickey}")
hostname = "${var.prefix}${source.name}"
}
)
}
}

68
tests/packer/variables.pkr.hcl
View file

@ -16,12 +16,6 @@ variable "password" {
default = "user"
}
variable "ssh_publickey" {
description = "Path to the ssh public key"
type = string
default = "~/.ssh/id_ed25519.pub"
}
variable "cpus" {
description = "Default CPU of the VM"
type = string
@ -40,22 +34,28 @@ variable "disk_size" {
default = "40G"
}
variable "ssh_publickey" {
description = "Path to the ssh public key"
type = string
default = "~/.ssh/id_ed25519.pub"
}
variable "iso_dir" {
description = "Original ISO file directory"
type = string
default = "/var/lib/libvirt/images"
default = "~/.libvirt/iso"
}
variable "base_dir" {
description = "Final packer image output directory"
type = string
default = "/var/lib/libvirt/images"
default = "~/.libvirt/base"
}
variable "firmware" {
description = "Path to the UEFI firmware"
type = string
default = "/usr/share/edk2/x64/OVMF_CODE.fd"
default = "/usr/share/edk2/x64/OVMF.4m.fd"
}
variable "output" {
@ -70,38 +70,52 @@ variable "prefix" {
default = "aa-"
}
variable "dist" {
description = "Distribution to target"
type = string
default = "ubuntu24"
}
variable "flavor" {
description = "Distribution flavor to use (server, desktop, gnome, kde...)"
type = string
default = ""
}
variable "release" {
description = "Distribution metadata to use"
variable "DM" {
description = "Distribution Metadata to use"
type = map(object({
codename = string
version = string
img_url = string
img_checksum = string
}))
default = {
"archlinux" : {
img_url = "https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2"
img_checksum = "https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2.SHA256"
},
"debian12" : {
img_url = "https://cdimage.debian.org/images/cloud/bookworm/latest/debian-12-genericcloud-amd64.qcow2"
img_checksum = "https://cdimage.debian.org/images/cloud/bookworm/latest/SHA512SUMS"
}
"debian13" : {
img_url = "https://cdimage.debian.org/images/cloud/trixie/daily/latest/debian-13-genericcloud-amd64-daily.qcow2"
img_checksum = "https://cdimage.debian.org/images/cloud/trixie/daily/latest/SHA512SUMS"
}
"ubuntu22" : {
codename = "jammy",
version = "22.04.2",
img_url = "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img"
img_checksum = "https://cloud-images.ubuntu.com/jammy/current/SHA256SUMS"
},
"ubuntu24" : {
codename = "noble",
version = "24.04",
img_url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
img_checksum = "https://cloud-images.ubuntu.com/noble/current/SHA256SUMS"
},
"ubuntu25" : {
img_url = "https://cloud-images.ubuntu.com/plucky/current/plucky-server-cloudimg-amd64.img"
img_checksum = "https://cloud-images.ubuntu.com/plucky/current/SHA256SUMS"
},
"debian" : {
codename = "bookworm",
version = "12",
}
"opensuse" : {
codename = "tumbleweed",
version = "",
}
"fedora" : {
codename = "40",
version = "1.14",
img_url = "https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2"
img_checksum = "https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2.sha256"
}
}
}