From 7322f13f9c49151cc1cb8a609e0e407bafbd577d Mon Sep 17 00:00:00 2001 From: Dennis Ploeger Date: Tue, 29 Oct 2024 14:28:53 +0100 Subject: [PATCH] feat: Switches to new Azure image Fixes #161 --- feature/_fish/goss/goss.yaml | 2 +- feature/_fish/install.sh | 22 +++++++++++++--------- feature/ca-certificates/goss/goss.yaml | 8 ++++---- feature/ca-certificates/install.sh | 4 ++-- feature/certificates/goss/.env | 3 +-- feature/certificates/goss/goss.yaml | 8 ++++---- feature/certificates/install.sh | 5 ++--- feature/jq/install.sh | 4 ++-- feature/kc/install.sh | 4 ++-- feature/krew/install.sh | 4 ++-- feature/packages/install.sh | 4 ++-- feature/timezone/goss/.env.azure | 2 ++ feature/timezone/install.sh | 6 ++++-- feature/vim/install.sh | 5 ++--- flavour/azure/Dockerfile.flavour | 16 ++++++++-------- 15 files changed, 51 insertions(+), 46 deletions(-) create mode 100644 feature/timezone/goss/.env.azure diff --git a/feature/_fish/goss/goss.yaml b/feature/_fish/goss/goss.yaml index e85c78c..d1d076c 100644 --- a/feature/_fish/goss/goss.yaml +++ b/feature/_fish/goss/goss.yaml @@ -5,7 +5,7 @@ command: stdout: - fish, version fzf: - {{ if eq .Env.FLAVOUR "aws" -}} + {{ if or (eq .Env.FLAVOUR "aws") (eq .Env.FLAVOUR "azure") -}} exec: "/home/cloudcontrol/bin/fzf-master/bin/fzf --version" {{ else -}} exec: "/usr/bin/fzf --version" diff --git a/feature/_fish/install.sh b/feature/_fish/install.sh index b320532..95252bc 100644 --- a/feature/_fish/install.sh +++ b/feature/_fish/install.sh @@ -1,23 +1,27 @@ . /feature-installer-utils.sh -FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then - echo "Installing packages" execHandle 'Installing fish' sudo apk add fish perl fzf git -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" == "azure" ]] then + prepare + execHandle 'Installing fish' sudo yum install -y fish perl git + execHandle 'Downloading fzf' curl -f -s -L https://github.com/junegunn/fzf/archive/master.zip -o master.zip + execHandle 'Unzipping fzf' unzip master.zip + execHandle 'Moving fzf' mv fzf-master ~/bin + execHandle 'Installing fzf' ~/bin/fzf-master/install --all + cleanup +elif [[ "${FLAVOUR}" == "aws" ]] +then + prepare execHandle 'Downloading fish repo' sudo curl -f -s -L https://download.opensuse.org/repositories/shells:fish:release:3/CentOS_7/shells:fish:release:3.repo -o /etc/yum.repos.d/shells:fish:release:3.repo execHandle 'Installing fish' sudo yum install -y fish git - - TEMPDIR=$(mktemp -d) - cd "${TEMPDIR}" || exit execHandle 'Downloading fzf' curl -f -s -L https://github.com/junegunn/fzf/archive/master.zip -o master.zip execHandle 'Unzipping fzf' unzip master.zip execHandle 'Moving fzf' mv fzf-master ~/bin execHandle 'Installing fzf' ~/bin/fzf-master/install --all - cd - &>/dev/null || exit - rm -rf "${TEMPDIR}" + cleanup fi execHandle 'Installing fisher' fish -c 'curl -sL https://raw.githubusercontent.com/jorgebucaran/fisher/main/functions/fisher.fish | source && fisher install jorgebucaran/fisher' diff --git a/feature/ca-certificates/goss/goss.yaml b/feature/ca-certificates/goss/goss.yaml index edb4404..ff9f7c3 100644 --- a/feature/ca-certificates/goss/goss.yaml +++ b/feature/ca-certificates/goss/goss.yaml @@ -1,16 +1,16 @@ file: - {{if eq .Env.FLAVOUR "aws" }} + {{if or (eq .Env.FLAVOUR "aws") (eq .Env.FLAVOUR "azure") }} /etc/pki/ca-trust/source/anchors/testcert.pem: - {{else if ne .Env.FLAVOUR "aws" }} + {{else}} /usr/local/share/ca-certificates/testcert.pem: {{end}} exists: true - {{if eq .Env.FLAVOUR "aws" }} + {{if or (eq .Env.FLAVOUR "aws") (eq .Env.FLAVOUR "azure") }} /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt: exists: true contains: - Bogus Broccoli X2 - {{else if ne .Env.FLAVOUR "aws" }} + {{else}} /etc/ssl/certs/ca-certificates.crt: exists: true contains: diff --git a/feature/ca-certificates/install.sh b/feature/ca-certificates/install.sh index fbdcda3..2d6f368 100644 --- a/feature/ca-certificates/install.sh +++ b/feature/ca-certificates/install.sh @@ -1,10 +1,10 @@ . /feature-installer-utils.sh -if [[ "${FLAVOUR}" =~ (azure|simple|tanzu|gcloud) ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Copying certificates to the OS target location" sudo cp "${CERTIFICATES_PATH:=/certificates}"/*.pem /usr/local/share/ca-certificates/ execHandle "Updating certificate bundle" sudo su - -c "cat /usr/local/share/ca-certificates/*.pem >> /etc/ssl/certs/ca-certificates.crt" -elif [[ "${FLAVOUR}" == "aws" ]] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle "Copying certificates to the OS target location" sudo cp "${CERTIFICATES_PATH:=/certificates}"/*.pem /etc/pki/ca-trust/source/anchors/ execHandle "Updating certificate bundle" sudo /usr/bin/update-ca-trust diff --git a/feature/certificates/goss/.env b/feature/certificates/goss/.env index f88e33f..3fc2482 100644 --- a/feature/certificates/goss/.env +++ b/feature/certificates/goss/.env @@ -1,2 +1 @@ -CERTIFICATES_PATH=/goss-sup -DEBUG_CCC=yes \ No newline at end of file +CERTIFICATES_PATH=/goss-sup \ No newline at end of file diff --git a/feature/certificates/goss/goss.yaml b/feature/certificates/goss/goss.yaml index ddf67ee..a03c588 100644 --- a/feature/certificates/goss/goss.yaml +++ b/feature/certificates/goss/goss.yaml @@ -1,16 +1,16 @@ file: - {{if eq .Env.FLAVOUR "aws" }} + {{if or (eq .Env.FLAVOUR "aws") (eq .Env.FLAVOUR "azure") }} /etc/pki/ca-trust/source/anchors/testcert.pem: - {{else if ne .Env.FLAVOUR "aws" }} + {{else}} /usr/local/share/ca-certificates/testcert.pem: {{end}} exists: true - {{if eq .Env.FLAVOUR "aws" }} + {{if or (eq .Env.FLAVOUR "aws") (eq .Env.FLAVOUR "azure") }} /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt: exists: true contains: - Bogus Broccoli X2 - {{else if ne .Env.FLAVOUR "aws" }} + {{else}} /etc/ssl/certs/ca-certificates.crt: exists: true contains: diff --git a/feature/certificates/install.sh b/feature/certificates/install.sh index 0a0cc14..2d6f368 100644 --- a/feature/certificates/install.sh +++ b/feature/certificates/install.sh @@ -1,11 +1,10 @@ . /feature-installer-utils.sh -FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Copying certificates to the OS target location" sudo cp "${CERTIFICATES_PATH:=/certificates}"/*.pem /usr/local/share/ca-certificates/ execHandle "Updating certificate bundle" sudo su - -c "cat /usr/local/share/ca-certificates/*.pem >> /etc/ssl/certs/ca-certificates.crt" -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle "Copying certificates to the OS target location" sudo cp "${CERTIFICATES_PATH:=/certificates}"/*.pem /etc/pki/ca-trust/source/anchors/ execHandle "Updating certificate bundle" sudo /usr/bin/update-ca-trust diff --git a/feature/jq/install.sh b/feature/jq/install.sh index aafe2be..b3d801b 100644 --- a/feature/jq/install.sh +++ b/feature/jq/install.sh @@ -1,10 +1,10 @@ . /feature-installer-utils.sh FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Installing jq" sudo apk add jq -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (azure|aws) ]] then execHandle "Installing jq" sudo yum install -y jq fi diff --git a/feature/kc/install.sh b/feature/kc/install.sh index dd64cf1..dd654a1 100644 --- a/feature/kc/install.sh +++ b/feature/kc/install.sh @@ -1,10 +1,10 @@ . /feature-installer-utils.sh FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Installing dialog package" sudo apk add dialog -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle "Installing dialog package" sudo yum install -y dialog fi diff --git a/feature/krew/install.sh b/feature/krew/install.sh index c1af8b1..915c458 100644 --- a/feature/krew/install.sh +++ b/feature/krew/install.sh @@ -8,10 +8,10 @@ else fi FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle 'Installing git' sudo apk add git -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle 'Installing git' sudo yum install -y git fi diff --git a/feature/packages/install.sh b/feature/packages/install.sh index 8e9f7c4..19088f2 100644 --- a/feature/packages/install.sh +++ b/feature/packages/install.sh @@ -3,10 +3,10 @@ IFS=' ' read -r -a packages_array <<< "${PACKAGES}" FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Installing packages" sudo apk add "${packages_array[@]}" -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle "Installing packages" sudo yum install -y "${packages_array[@]}" fi diff --git a/feature/timezone/goss/.env.azure b/feature/timezone/goss/.env.azure new file mode 100644 index 0000000..58442b0 --- /dev/null +++ b/feature/timezone/goss/.env.azure @@ -0,0 +1,2 @@ +USE_packages=yes +PACKAGES=diffutils \ No newline at end of file diff --git a/feature/timezone/install.sh b/feature/timezone/install.sh index 7c69f11..626e4b2 100644 --- a/feature/timezone/install.sh +++ b/feature/timezone/install.sh @@ -1,7 +1,9 @@ . /feature-installer-utils.sh -FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Installing tzdata package" sudo apk add tzdata +elif [[ "${FLAVOUR}" =~ (azure) ]] +then + execHandle "Installing tzdata package" sudo yum install -y tzdata fi diff --git a/feature/vim/install.sh b/feature/vim/install.sh index 468e931..d3be15d 100644 --- a/feature/vim/install.sh +++ b/feature/vim/install.sh @@ -1,10 +1,9 @@ . /feature-installer-utils.sh -FLAVOUR="X$(cat /home/cloudcontrol/flavour)X" -if [[ "X${FLAVOUR}X" =~ X(azure|simple|tanzu|gcloud)X ]] +if [[ "${FLAVOUR}" =~ (simple|tanzu|gcloud) ]] then execHandle "Installing vim" sudo apk add vim -elif [ "${FLAVOUR}" == "XawsX" ] +elif [[ "${FLAVOUR}" =~ (aws|azure) ]] then execHandle "Installing vim" sudo yum install -y vim fi diff --git a/flavour/azure/Dockerfile.flavour b/flavour/azure/Dockerfile.flavour index 9a4070f..43788c5 100644 --- a/flavour/azure/Dockerfile.flavour +++ b/flavour/azure/Dockerfile.flavour @@ -1,12 +1,12 @@ -FROM mcr.microsoft.com/azure-cli:2.63.0 +FROM mcr.microsoft.com/azure-cli:cbl-mariner2.0 -RUN apk add sudo bash curl && \ - echo "cloudcontrol ALL=(root)NOPASSWD:/sbin/apk *" > /etc/sudoers.d/cloudcontrol && \ - echo "cloudcontrol ALL=(root)NOPASSWD:/usr/local/bin/az *" >> /etc/sudoers.d/cloudcontrol && \ - echo "cloudcontrol ALL=(root)NOPASSWD:/bin/chmod *" >> /etc/sudoers.d/cloudcontrol && \ - echo "cloudcontrol ALL=(root)NOPASSWD:/bin/cp *" >> /etc/sudoers.d/cloudcontrol && \ - echo "cloudcontrol ALL=(root)NOPASSWD:/bin/su - -c cat /usr/local/share/ca-certificates/*.pem >> /etc/ssl/certs/ca-certificates.crt" >> /etc/sudoers.d/cloudcontrol && \ - adduser -D cloudcontrol && \ +RUN yum install -y sudo curl tar unzip && \ + echo "cloudcontrol ALL=(root)NOPASSWD:/usr/bin/yum *" > /etc/sudoers.d/cloudcontrol && \ + echo "cloudcontrol ALL=(root)NOPASSWD:/usr/bin/az *" >> /etc/sudoers.d/cloudcontrol && \ + echo "cloudcontrol ALL=(root)NOPASSWD:/usr/bin/chmod *" >> /etc/sudoers.d/cloudcontrol && \ + echo "cloudcontrol ALL=(root)NOPASSWD:/usr/bin/cp *" >> /etc/sudoers.d/cloudcontrol && \ + echo "cloudcontrol ALL=(root)NOPASSWD:/usr/bin/update-ca-trust" >> /etc/sudoers.d/cloudcontrol && \ + adduser -mr cloudcontrol && \ mkdir /home/cloudcontrol/bin && \ chown cloudcontrol /home/cloudcontrol/bin