X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/fdca3159ff580f8cb7b4db551467368d1b7d840e..bb1763c1a00d973f98147893892aa848585c2eaf:/tools/salt-install/provision.sh diff --git a/tools/salt-install/provision.sh b/tools/salt-install/provision.sh index 3b5c8cd2e7..8cb87203fe 100755 --- a/tools/salt-install/provision.sh +++ b/tools/salt-install/provision.sh @@ -197,8 +197,8 @@ CUSTOM_CERTS_DIR="${SCRIPT_DIR}/certs" # release. # The "local.params.example.*" files already set "RELEASE=production" # to deploy production-ready packages -RELEASE="development" -VERSION="latest" +RELEASE="production" +VERSION="2.4.0" # These are arvados-formula-related parameters # An arvados-formula tag. For a stable release, this should be a @@ -263,7 +263,7 @@ if [ ! -z "${HOSTNAME_EXT}" ] ; then # Make sure that the value configured as IP_INT is a real IP on the system. # If we don't error out early here when there is a mismatch, the formula will # fail with hard to interpret nginx errors later on. - ip addr list |grep -q " ${IP_INT}/" + ip addr list |grep -q "${IP_INT}/" if [[ $? -ne 0 ]]; then echo "Unable to find the IP_INT address '${IP_INT}' on the system, please correct the value in local.params. Exiting..." exit 1 @@ -286,7 +286,7 @@ else case ${OS_ID} in "centos") echo "WARNING! Disabling SELinux, see https://dev.arvados.org/issues/18019" - sed -i 's/SELINUX=enforcing/SELINUX=permissive' /etc/sysconfig/selinux + sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux setenforce permissive yum install -y curl git jq ;; @@ -417,30 +417,34 @@ for f in $(ls "${SOURCE_PILLARS_DIR}"/*); do "${f}" > "${P_DIR}"/$(basename "${f}") done -if [ "x${TEST}" = "xyes" ] && [ ! -d "${SOURCE_TESTS_DIR}" ]; then - echo "You requested to run tests, but ${SOURCE_TESTS_DIR} does not exist or is not a directory. Exiting." - exit 1 -fi -mkdir -p ${T_DIR} -# Replace cluster and domain name in the test files -for f in $(ls "${SOURCE_TESTS_DIR}"/*); do - FILTERS="s#__CLUSTER__#${CLUSTER}#g; - s#__CONTROLLER_EXT_SSL_PORT__#${CONTROLLER_EXT_SSL_PORT}#g; - s#__DOMAIN__#${DOMAIN}#g; - s#__IP_INT__#${IP_INT}#g; - s#__INITIAL_USER_EMAIL__#${INITIAL_USER_EMAIL}#g; - s#__INITIAL_USER_PASSWORD__#${INITIAL_USER_PASSWORD}#g - s#__INITIAL_USER__#${INITIAL_USER}#g; - s#__DATABASE_PASSWORD__#${DATABASE_PASSWORD}#g; - s#__SYSTEM_ROOT_TOKEN__#${SYSTEM_ROOT_TOKEN}#g" - if [ "$USE_SINGLE_HOSTNAME" = "yes" ]; then - FILTERS="s#__CLUSTER__.__DOMAIN__#${HOSTNAME_EXT}#g; - $FILTERS" +if [ ! -d "${SOURCE_TESTS_DIR}" ]; then + echo "WARNING: The tests directory was not copied to \"${SOURCE_TESTS_DIR}\"." + if [ "x${TEST}" = "xyes" ]; then + echo "WARNING: Disabling tests for this installation." fi - sed "$FILTERS" \ - "${f}" > ${T_DIR}/$(basename "${f}") -done -chmod 755 ${T_DIR}/run-test.sh + TEST="no" +else + mkdir -p ${T_DIR} + # Replace cluster and domain name in the test files + for f in $(ls "${SOURCE_TESTS_DIR}"/*); do + FILTERS="s#__CLUSTER__#${CLUSTER}#g; + s#__CONTROLLER_EXT_SSL_PORT__#${CONTROLLER_EXT_SSL_PORT}#g; + s#__DOMAIN__#${DOMAIN}#g; + s#__IP_INT__#${IP_INT}#g; + s#__INITIAL_USER_EMAIL__#${INITIAL_USER_EMAIL}#g; + s#__INITIAL_USER_PASSWORD__#${INITIAL_USER_PASSWORD}#g + s#__INITIAL_USER__#${INITIAL_USER}#g; + s#__DATABASE_PASSWORD__#${DATABASE_PASSWORD}#g; + s#__SYSTEM_ROOT_TOKEN__#${SYSTEM_ROOT_TOKEN}#g" + if [ "$USE_SINGLE_HOSTNAME" = "yes" ]; then + FILTERS="s#__CLUSTER__.__DOMAIN__#${HOSTNAME_EXT}#g; + $FILTERS" + fi + sed "$FILTERS" \ + "${f}" > ${T_DIR}/$(basename "${f}") + done + chmod 755 ${T_DIR}/run-test.sh +fi # Replace helper state files that differ from the formula's examples if [ -d "${SOURCE_STATES_DIR}" ]; then @@ -514,7 +518,7 @@ if [ -d "${F_DIR}"/extra/extra ]; then # Same when using self-signed certificates. SKIP_SNAKE_OIL="dont_add_snakeoil_certs" fi - for f in $(ls "${F_DIR}"/extra/extra/*.sls | grep -v ${SKIP_SNAKE_OIL}); do + for f in $(ls "${F_DIR}"/extra/extra/*.sls | egrep -v "${SKIP_SNAKE_OIL}|shell_"); do echo " - extra.$(basename ${f} | sed 's/.sls$//g')" >> ${S_DIR}/top.sls done # Use byo or self-signed certificates @@ -547,6 +551,8 @@ if [ -z "${ROLES}" ]; then echo " - postgres" >> ${S_DIR}/top.sls echo " - docker.software" >> ${S_DIR}/top.sls echo " - arvados" >> ${S_DIR}/top.sls + echo " - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls + echo " - extra.shell_cron_add_login_sync" >> ${S_DIR}/top.sls # Pillars echo " - docker" >> ${P_DIR}/top.sls @@ -753,6 +759,8 @@ else ;; "shell") # States + echo " - extra.shell_sudo_passwordless" >> ${S_DIR}/top.sls + echo " - extra.shell_cron_add_login_sync" >> ${S_DIR}/top.sls grep -q "docker" ${S_DIR}/top.sls || echo " - docker.software" >> ${S_DIR}/top.sls grep -q "arvados.${R}" ${S_DIR}/top.sls || echo " - arvados.${R}" >> ${S_DIR}/top.sls # Pillars @@ -777,19 +785,6 @@ if [ "${DUMP_CONFIG}" = "yes" ]; then exit 0 fi -# FIXME! #16992 Temporary fix for psql call in arvados-api-server -if [ -e /root/.psqlrc ]; then - if ! ( grep 'pset pager off' /root/.psqlrc ); then - RESTORE_PSQL="yes" - cp /root/.psqlrc /root/.psqlrc.provision.backup - fi -else - DELETE_PSQL="yes" -fi - -echo '\pset pager off' >> /root/.psqlrc -# END FIXME! #16992 Temporary fix for psql call in arvados-api-server - # Now run the install salt-call --local state.apply -l ${LOG_LEVEL} @@ -799,18 +794,6 @@ if [ -d /etc/cloud/cloud.cfg.d ]; then sed -i 's/^manage_etc_hosts: true/#manage_etc_hosts: true/g' /etc/cloud/cloud.cfg.d/* fi -# FIXME! #16992 Temporary fix for psql call in arvados-api-server -if [ "x${DELETE_PSQL}" = "xyes" ]; then - echo "Removing .psql file" - rm /root/.psqlrc -fi - -if [ "x${RESTORE_PSQL}" = "xyes" ]; then - echo "Restoring .psql file" - mv -v /root/.psqlrc.provision.backup /root/.psqlrc -fi -# END FIXME! #16992 Temporary fix for psql call in arvados-api-server - # Leave a copy of the Arvados CA so the user can copy it where it's required if [ "$DEV_MODE" = "yes" ]; then echo "Copying the Arvados CA certificate to the installer dir, so you can import it"