diff --git a/bots/images/scripts/openshift.bootstrap b/bots/images/scripts/openshift.bootstrap index 74d601d5bf93..8c6f53e3ff8d 100755 --- a/bots/images/scripts/openshift.bootstrap +++ b/bots/images/scripts/openshift.bootstrap @@ -1,4 +1,4 @@ #! /bin/bash BASE=$(dirname $0) -BOOTSTRAP_VOLUME_SIZE="20G" $BASE/virt-builder-fedora "$1" fedora-27 x86_64 +BOOTSTRAP_VOLUME_SIZE="20G" $BASE/virt-builder-fedora "$1" fedora-28 x86_64 diff --git a/bots/images/scripts/openshift.setup b/bots/images/scripts/openshift.setup index 0518fded7060..98aa7e7abd96 100755 --- a/bots/images/scripts/openshift.setup +++ b/bots/images/scripts/openshift.setup @@ -150,24 +150,6 @@ rm -r /tmp/registry cp /openshift.local.config/master/ca.crt /etc/pki/ca-trust/source/anchors/openshift-ca.crt update-ca-trust extract -# HACK: Work around GnuTLS (client-side) or Go TLS (server-side) bug with -# multiple O= RDNs; if it's in the "wrong" order, create a new admin -# certificate that swaps it around -# See https://github.com/openshift/origin/issues/18715 -if openssl x509 -in /openshift.local.config/master/admin.crt -text | grep -q 'Subject:.*system:cluster-admins.*system:masters'; then - echo "Regenerating admin certificate to work around https://github.com/openshift/origin/issues/18715" - pushd /openshift.local.config/master/ - mv admin.key admin.key.orig - mv admin.crt admin.crt.orig - mv admin.kubeconfig admin.kubeconfig.orig - openssl genrsa -out admin.key 2048 - openssl req -new -nodes -key admin.key -out admin.csr -subj '/O=system:masters/O=system:cluster-admins/CN=system:admin' - openssl x509 -req -in admin.csr -CA ca.crt -CAkey ca.key -CAcreateserial -days 730 -out admin.crt - rm admin.csr - oc adm create-kubeconfig --certificate-authority=ca.crt --client-certificate=admin.crt --client-key=admin.key --master="https://10.111.112.101:8443" --kubeconfig=admin.kubeconfig - popd -fi - mkdir -p /root/.kube cp /openshift.local.config/master/admin.kubeconfig /root/.kube/config @@ -304,11 +286,14 @@ printf 'AuthorizedKeysCommand /usr/local/bin/authorized-kube-keys --kubeconfig=/ # Pull down remaining images /var/lib/testvm/docker-images.setup -# Prepare Kubevirt for later installation -/var/lib/testvm/kubevirt.setup +# kubevirt is currently uninstallable: https://github.com/cockpit-project/cockpit/pull/9638 +if [ -n "$PRERELEASE" ]; then + # Prepare Kubevirt for later installation + /var/lib/testvm/kubevirt.setup -# use the pristine kube config; kubevirt.setup changes it -cp /openshift.local.config/master/admin.kubeconfig /root/.kube/config + # use the pristine kube config; kubevirt.setup changes it + cp /openshift.local.config/master/admin.kubeconfig /root/.kube/config +fi dnf install -y cockpit-system