diff --git a/build-and-update-all-branches b/build-and-update-all-branches index aefeec9..9d7b6da 100755 --- a/build-and-update-all-branches +++ b/build-and-update-all-branches @@ -1,13 +1,14 @@ #! /bin/sh -# Prepare main branch, review the list of branches below and then execute this +# Prepare rawhide branch, review the list of branches below and then execute this # script. -branches='main f39 f38 f37 epel7 epel8 epel9' +main=main +branches="$main epel8 epel9 f41 f42" exit_handler () { - git checkout main + git checkout $main } trap exit_handler EXIT @@ -19,21 +20,18 @@ koji hello tasks= for branch in $branches; do - if test $branch != main; then + if test $branch != $main; then git checkout "$branch" - git merge main + git merge $main fi git push - skip_nvr_check= - if test $branch = epel7; then - skip_nvr_check=--skip-nvr-check - fi - tasks="${tasks}`fedpkg build $skip_nvr_check --nowait | grep 'Created task' | cut -d: -f2`" + tasks="${tasks}`fedpkg build --nowait | grep 'Created task' | cut -d: -f2`" done if test -n "$tasks"; then koji watch-task $tasks fi -git checkout main +set -- $branches +git checkout $1 fedpkg update diff --git a/resalloc.spec b/resalloc.spec index bcfcbcd..7093616 100644 --- a/resalloc.spec +++ b/resalloc.spec @@ -33,13 +33,25 @@ the purposes of CI/CD tasks. %bcond_with python3 %endif +# Modern distributions (using RPM v4.19+; for example, Fedora 39+) do not +# require the %%pre scriptlet for creating users/groups because the sysusers +# feature is now built directly into RPM. Simply including the sysusers +# `mock.conf` file in a package payload is sufficient to leverage this feature. +# However, for older distributions that lack this capability, we still define +# the %%pre scriptlet. +%if (0%{?rhel} && 0%{?rhel} < 10) || (0%{?mageia} && 0%{?mageia} < 10) || (0%{?suse_version} && 0%{?suse_version} < 1660) +%bcond_without sysusers_compat +%else +%bcond_with sysusers_compat +%endif + %global default_python %{?with_python3:python3}%{!?with_python3:python2} %global default_sitelib %{?with_python3:%python3_sitelib}%{!?with_python3:%python_sitelib} Name: %srcname Summary: %sum - client tooling -Version: 5.1 -Release: 1%{?dist} +Version: 5.11 +Release: 4%{?dist} License: GPL-2.0-or-later URL: https://github.com/praiskup/resalloc BuildArch: noarch @@ -82,12 +94,18 @@ BuildRequires: python-yaml Requires: %default_python-%srcname = %version-%release +%if %{with sysusers_compat} +Requires(pre): shadow-utils +%endif + Source0: https://github.com/praiskup/%name/releases/download/v%version/%name-%version.tar.gz Source1: resalloc.service Source5: resalloc-agent-spawner.service Source2: logrotate Source3: merge-hook-logs Source4: cron.hourly +# GPL-2.0-or-later too +Source6: https://raw.githubusercontent.com/praiskup/wait-for-ssh/main/wait-for-ssh %description %desc @@ -101,6 +119,7 @@ Summary: %sum - server part Requires: crontabs Requires: logrotate Requires: %default_python-%srcname = %version-%release +Requires: %srcname-helpers = %version-%release %if %{with python3} Requires: python3-alembic Requires: python3-six @@ -113,13 +132,23 @@ Requires: python-sqlalchemy Requires: python-yaml %endif -Requires(pre): /usr/sbin/useradd %description server %desc The %name-server package provides the resalloc server, and some tooling for resalloc administrators. + +%package helpers +Summary: %sum - helper/library scripts + +%description helpers +%desc + +Helper and library-like scripts for external Resalloc plugins like resalloc-aws, +resalloc-openstack, etc. + + %if %{with python3} %package webui Summary: %sum - webui part @@ -142,8 +171,11 @@ it shows page with information about resalloc resources. %package agent-spawner Summary: %sum - daemon starting agent-like resources -Requires(pre): /usr/sbin/useradd -Requires: python3-copr-common +Requires: python3-copr-common >= 0.23 +Requires: python3-daemon +Requires: python3-redis +Requires: python3-resalloc = %version-%release +Requires: python3-setproctitle %description agent-spawner %desc @@ -201,13 +233,26 @@ restorecon -R %_var/www/cgi-%{name} || : rm -r resalloc_agent_spawner %endif +# Create sysusers.d config files +cat >resalloc.sysusers.conf <resalloc-agent-spawner.sysusers.conf < %{name}-wait-for-ssh %install @@ -238,12 +283,16 @@ install -d -m 755 %buildroot/%_libexecdir install -p -m 755 %SOURCE3 %buildroot/%_libexecdir/%name-merge-hook-logs install -d %buildroot%_sysconfdir/cron.hourly install -p -m 755 %SOURCE4 %buildroot%_sysconfdir/cron.hourly/resalloc +install -p -m 755 %name-wait-for-ssh %buildroot%_bindir/%name-wait-for-ssh %if %{without python3} rm %buildroot%_bindir/%name-agent-* rm %buildroot%_sysconfdir/resalloc-agent-spawner/config.yaml %endif +install -m0644 -D resalloc.sysusers.conf %{buildroot}%{_sysusersdir}/resalloc.conf +install -m0644 -D resalloc-agent-spawner.sysusers.conf %{buildroot}%{_sysusersdir}/resalloc-agent-spawner.conf + %if %{with check} %check @@ -259,8 +308,10 @@ make check TEST_PYTHONS="python3" ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project +%if %{with sysusers_compat} %pre server %create_user_group %sysuser %sysgroup /bin/bash %_homedir +%endif %post server %systemd_post resalloc.service @@ -270,8 +321,10 @@ ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project %if %{with python3} +%if %{with sysusers_compat} %pre agent-spawner %create_user_group %agent_user %agent_group /bin/false / +%endif %post agent-spawner %systemd_post resalloc-agent-spawner.service @@ -314,7 +367,6 @@ ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project %{default_sitelib}/%{name}server %{_bindir}/%{name}-server %{_bindir}/%{name}-maint -%{_bindir}/%{name}-check-vm-ip %attr(0750, %sysuser, %sysgroup) %dir %{_sysconfdir}/%{name}server %config(noreplace) %{_sysconfdir}/%{name}server/* %_unitdir/resalloc.service @@ -325,6 +377,15 @@ ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project %config %_sysconfdir/logrotate.d/resalloc-server %_libexecdir/resalloc-merge-hook-logs %config %attr(0755, root, root) %{_sysconfdir}/cron.hourly/resalloc +%{_sysusersdir}/resalloc.conf + + +%files helpers +%doc %doc_files +%license COPYING +%{_bindir}/%{name}-check-vm-ip +%{_bindir}/%{name}-wait-for-ssh + %if %{with python3} %files agent-spawner @@ -332,6 +393,7 @@ ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project %{default_sitelib}/%{name}_agent_spawner %_unitdir/resalloc-agent-spawner.service %config(noreplace) %_sysconfdir/resalloc-agent-spawner +%{_sysusersdir}/resalloc-agent-spawner.conf %files webui %doc %doc_files @@ -345,6 +407,62 @@ ln -s "%{default_sitelib}/%{name}server" %buildroot%_homedir/project %changelog +* Fri Sep 19 2025 Python Maint - 5.11-4 +- Rebuilt for Python 3.14.0rc3 bytecode + +* Fri Aug 15 2025 Python Maint - 5.11-3 +- Rebuilt for Python 3.14.0rc2 bytecode + +* Fri Jul 25 2025 Fedora Release Engineering - 5.11-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild + +* Mon Jul 21 2025 Pavel Raiskup - 5.11-1 +- new upstream release, don't keep cleanup processes indefinitely: + https://github.com/praiskup/resalloc/releases/tag/v5.11 + +* Thu Jun 12 2025 Pavel Raiskup - 5.10-1 +- new upstream release, packages use RPM built-in sysusers support: + https://github.com/praiskup/resalloc/releases/tag/v5.10 + +* Thu Jun 05 2025 Python Maint - 5.9-2 +- Rebuilt for Python 3.14 + +* Sat Jan 18 2025 Pavel Raiskup - 5.9-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.9 + +* Thu Jan 16 2025 Jakub Kadlcik - 5.8-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.8 + +* Fri Jan 10 2025 Jakub Kadlcik - 5.7-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.7 + +* Mon Oct 07 2024 Pavel Raiskup - 5.6-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.6 + +* Fri Jul 19 2024 Fedora Release Engineering - 5.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sun Jun 09 2024 Python Maint - 5.5-2 +- Rebuilt for Python 3.13 + +* Wed Apr 24 2024 Pavel Raiskup - 5.5-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.5 + +* Fri Mar 15 2024 Pavel Raiskup - 5.4-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.4 + +* Wed Feb 28 2024 Pavel Raiskup - 5.3-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.3 + +* Wed Feb 28 2024 Pavel Raiskup - 5.2-1 +- New upstream release https://github.com/praiskup/resalloc/releases/tag/v5.2 + +* Fri Jan 26 2024 Fedora Release Engineering - 5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Mon Nov 06 2023 Pavel Raiskup - 5.1-1 - new upstream release https://github.com/praiskup/resalloc/releases/tag/v5.1 diff --git a/sources b/sources index 281955a..f458908 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (resalloc-5.1.tar.gz) = 2ce355ecec7441d2b4f589f6e152422a316fa6dda8c0d737c29f8d12d6627b240ff3e46fa04e9664882228cc11b94c03f0d4fca25064e8e1c6848ec3fce11946 +SHA512 (resalloc-5.11.tar.gz) = 73becebe671a59912006eb4b227c10f6ac7be91a91e94cff470ac6bb32eb4447ec905b1d151c5eeb54fdc6c2a6179f9b7d606bcf25c3f9caeb63bde171759ac3 diff --git a/wait-for-ssh b/wait-for-ssh new file mode 100644 index 0000000..d302c77 --- /dev/null +++ b/wait-for-ssh @@ -0,0 +1,161 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +# Copyright (C) 2017 Pavel Raiskup +# +# This program accepts one argument IP or HOSTNAME. First try to connect to the +# HOSTNAME as 'root' user. If cloud-init scripts instruct us to use different +# user than 'root', switch to that user and check again. In the end, print the +# successful username on stdout. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +from re import compile as re_compile +import sys +from os import devnull +from threading import Thread, Event +from argparse import ArgumentParser +from subprocess import Popen, PIPE +import logging + +handler = logging.StreamHandler() +log = logging.getLogger() +log.setLevel(logging.INFO) +log.addHandler(handler) + +# create console handler and set level to debug + +ssh = [ + 'ssh', + '-o', 'StrictHostKeyChecking=no', + '-o', 'UserKnownHostsFile=/dev/null', + '-o', 'PasswordAuthentication=no', + '-o', 'ConnectTimeout=10', +] + +expected_output = 'foobar' +inner_cmd = 'echo ' + expected_output + + +class Checker(Thread): + user = 'root' + daemon = True + user_re = '[a-zA-Z0-9_.][a-zA-Z0-9_.-]*[$]?' + re_clouduser = re_compile('Please login as the user "({0})"'.format(user_re)) + event = Event() + + def loop(self): + cmd = ssh + [ + '{0}@{1}'.format(self.user, self.args.host), + inner_cmd, + ] + + with open(devnull, 'w') as drop: + log.debug('executing: ' + ' '.join(cmd)) + self.child = Popen(cmd, stdout=PIPE, stderr=drop) + (stdout, _) = self.child.communicate() + + exp = (expected_output + '\n').encode('ascii') + if self.child.returncode == 0 and stdout == exp: + if self.args.print_user: + print(self.user) + return True + + if self.args.cloud_user: + match = self.re_clouduser.search(str(stdout)) + if match: + self.user = match.group(1) + log.info('cloud user switched to ' + self.user) + return False + + def run(self): + while True: + if self.loop(): + # Success! + break + + if self.event.wait(1): + log.debug("stopping per kill event") + break + + def kill(self): + self.event.set() + + # Best effort kill. + try: + self.child.kill() + except: + pass + self.join() + + +parser = ArgumentParser( + description="Wait till the host's ssh becomes responsive.") +parser.add_argument('host', help='hostname or IP') +parser.add_argument('--timeout', + help='seconds to wait before failure, default=indefinitely', + default=None, type=float) +parser.add_argument('--check-cloud-user', action='store_true', default=False, + dest='cloud_user', + help='if cloud-init disallows "root" login, try to detect the cloud ' \ + +'user and use that') +parser.add_argument('--print-user', action='store_true', default=False, + dest='print_user', + help='print the username which succeeded to connect on stdout') +parser.add_argument('--log', default=False, + dest='log_verbosity', + help='set the threshold for logging, e.g. debug, info, error, ...') + + +def main(): + sleep_period = 1.0 + args = parser.parse_args() + + if args.log_verbosity: + log.setLevel(logging.getLevelName(args.log_verbosity.upper())) + + def timeouted(): + if args.timeout is None: + return False + log.debug("wait {0}s, remains {1}s".format(sleep_period, args.timeout)) + args.timeout -= sleep_period + return args.timeout <= 0 + + checker = Checker() + checker.args = args + checker.start() + + try: + # threading.join() is not Ctrl-C interruptable :( in python2, so we need + # this ugly infinite loop. + # https://stackoverflow.com/questions/25676835/signal-handling-in-multi-threaded-python + while True: + checker.join(sleep_period) + if not checker.is_alive(): + # Success! + return 0 + + if timeouted(): + log.error("timeout!") + checker.kill() + return 1 + + except KeyboardInterrupt: + log.error("interrupt by user") + checker.kill() + return 1 + +if __name__ == "__main__": + sys.exit(main())