fix: skip retracted kernels

.github/workflows/images-centos.yml

@@ -0,0 +1,87 @@
+name: CentOS images
+
+on:
+  workflow_dispatch:
+  push:
+    paths:
+      - 'tools/qemu-centos-img/**'
+      - '.github/workflows/images-centos.yml'
+
+concurrency:
+  group: ${{ github.workflow_ref }}
+  cancel-in-progress: true
+
+jobs:
+  images-centos:
+    name: Qemu Images
+    runs-on: ubuntu-latest
+    steps:
+    - uses: digitalocean/action-doctl@v2
+      with:
+        token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+
+    - uses: webfactory/ssh-agent@v0.8.0
+      with:
+        ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+
+    - name: create droplet
+      run: doctl compute droplet create --ssh-keys='b4:4c:66:7d:be:19:25:43:1c:e0:02:61:9f:49:12:94,37:46:77:a8:4a:96:3b:20:16:46:35:04:95:ca:0c:5c' --tag-name=github-actions ga-out-of-tree-images-centos-$GITHUB_SHA --size s-1vcpu-1gb --image ubuntu-22-04-x64 --wait
+
+      # TODO Move to common script
+    - name: generate images
+      shell: bash
+      run: |
+        sleep 1m
+
+        IP=$(doctl compute droplet list --tag-name=github-actions --format "Name,Public IPv4" | grep -v ID | grep ga-out-of-tree-images-centos-$GITHUB_SHA | awk '{print $2}')
+
+        while ! ssh -o StrictHostKeyChecking=accept-new root@$IP echo
+        do
+          sleep 1s
+        done
+
+        ssh root@$IP "cloud-init status --wait | grep done"
+
+        ssh root@$IP apt-get update
+        ssh root@$IP apt-get install -y git podman s3cmd
+        ssh root@$IP git clone https://github.com/out-of-tree/out-of-tree
+        ssh root@$IP "cd out-of-tree && git checkout $GITHUB_SHA"
+
+        ssh root@$IP "echo -e '[Unit]\nDescription=CentOS image generator and uploader\n[Service]\nRemainAfterExit=yes\nStandardError=append:/var/log/images-centos.log\nStandardOutput=append:/var/log/images-centos.log\nType=oneshot' >> /etc/systemd/system/images-centos.service"
+
+        ssh root@$IP "echo Environment=HOST=fra1.digitaloceanspaces.com >> /etc/systemd/system/images-centos.service"
+        ssh root@$IP "echo Environment=HOST_BUCKET=out-of-tree.fra1.digitaloceanspaces.com >> /etc/systemd/system/images-centos.service"
+        ssh root@$IP "echo Environment=ACCESS_KEY=${{ secrets.DIGITALOCEAN_SPACES_ACCESS_KEY }} >> /etc/systemd/system/images-centos.service"
+        ssh root@$IP "echo Environment=SECRET_KEY=${{ secrets.DIGITALOCEAN_SPACES_SECRET_KEY }} >> /etc/systemd/system/images-centos.service"
+
+        ssh root@$IP "echo 'ExecStart=/root/out-of-tree/tools/qemu-centos-img/6/generate.sh' >> /etc/systemd/system/images-centos.service"
+        ssh root@$IP "echo 'ExecStart=/root/out-of-tree/tools/qemu-centos-img/7/generate.sh' >> /etc/systemd/system/images-centos.service"
+        ssh root@$IP "echo 'ExecStart=/root/out-of-tree/tools/qemu-centos-img/8/generate.sh' >> /etc/systemd/system/images-centos.service"
+
+        ssh root@$IP 'echo ExecStart=/bin/sh -c \"s3cmd put --acl-public /root/out-of-tree/tools/qemu-centos-img/*/*.tar.gz s3://out-of-tree/3.0.0/ --host=\$HOST --host-bucket=\$HOST_BUCKET --access_key=\$ACCESS_KEY --secret_key=\$SECRET_KEY\" >> /etc/systemd/system/images-centos.service'
+
+        ssh root@$IP "echo TimeoutStopSec=1 >> /etc/systemd/system/images-centos.service"
+
+        ssh root@$IP systemctl daemon-reload
+
+        ssh root@$IP systemctl start images-centos --no-block
+
+        while ! ssh root@$IP systemctl show images-centos -p SubState --value | grep -E '(failed|exited)'
+        do
+          sleep 3m
+        done
+
+        scp root@$IP:/var/log/images-centos.log .
+
+        ssh root@$IP systemctl is-active images-centos
+
+    - name: Archive logs
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: images-centos-log
+        path: images-centos.log
+
+    - name: delete droplet
+      if: always()
+      run: doctl compute droplet delete -f ga-out-of-tree-images-centos-$GITHUB_SHA

.github/workflows/images-oraclelinux.yml

@@ -25,7 +25,7 @@ jobs:
         ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
 
     - name: create droplet
-      run: doctl compute droplet create --ssh-keys='b4:4c:66:7d:be:19:25:43:1c:e0:02:61:9f:49:12:94,37:46:77:a8:4a:96:3b:20:16:46:35:04:95:ca:0c:5c' --tag-name=github-actions ga-out-of-tree-images-oraclelinux-$GITHUB_SHA --size s-1vcpu-1gb --image ubuntu-22-04-x64 --wait
+      run: doctl compute droplet create --ssh-keys='b4:4c:66:7d:be:19:25:43:1c:e0:02:61:9f:49:12:94,37:46:77:a8:4a:96:3b:20:16:46:35:04:95:ca:0c:5c' --tag-name=github-actions ga-out-of-tree-images-oraclelinux-$GITHUB_SHA --size s-1vcpu-2gb --image ubuntu-22-04-x64 --wait
 
       # TODO Move to common script
     - name: generate images
@@ -73,6 +73,13 @@ jobs:
 
         ssh root@$IP systemctl is-active images-oraclelinux
 
+    - name: Archive logs
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: images-oraclelinux-log
+        path: images-oraclelinux.log
+
     - name: delete droplet
       if: always()
       run: doctl compute droplet delete -f ga-out-of-tree-images-oraclelinux-$GITHUB_SHA

distro/opensuse/opensuse.go

@@ -87,7 +87,32 @@ func (suse OpenSUSE) Packages() (pkgs []string, err error) {
 		return
 	}
 
-	pkgs = append(pkgs, strings.Fields(output)...)
+	// TODO Find a way for non-interactive installation of
+	// retracted kernels
+	retracted := []string{
+		"5.14.21-150400.24.49.3",
+		"5.14.21-150400.24.84.1",
+		"5.14.21-150500.55.22.1",
+		"5.3.18-150300.59.81.1",
+		"5.3.18-59.30.1",
+		"5.3.18-lp152.98.1",
+	}
+
+	for _, k := range strings.Fields(output) {
+		skip := false
+		for _, rk := range retracted {
+			if rk == k {
+				skip = true
+				break
+			}
+		}
+		if skip {
+			continue
+		}
+
+		pkgs = append(pkgs, k)
+	}
+
 	return
 }
 

tools/qemu-centos-img/6/generate.sh

@@ -4,6 +4,6 @@ set -eux
 
 cd "$(dirname "$0")"
 
-sudo docker build -t gen-centos6-image .
+sudo podman build -t gen-centos6-image .
-sudo docker run --privileged -v $(pwd):/shared -t gen-centos6-image
+sudo podman run --privileged -v $(pwd):/shared -t gen-centos6-image
 tar -Szcf out_of_tree_centos_6.img.tar.gz out_of_tree_centos_6.img

tools/qemu-centos-img/7/Dockerfile

@@ -13,6 +13,11 @@
 #
 FROM centos:7
 
+RUN sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/* || true
+RUN sed -i 's/name/enabled=0\nname/' /etc/yum.repos.d/* || true
+RUN echo -e '[7.9.2009-os]\nbaseurl=https://vault.centos.org/7.9.2009/os/$basearch/\ngpgcheck=0' >> /etc/yum.repos.d/oot.repo
+RUN echo -e '[7.9.2009-updates]\nbaseurl=https://vault.centos.org/7.9.2009/updates/$basearch/\ngpgcheck=0' >> /etc/yum.repos.d/oot.repo
+
 RUN yum -y update
 RUN yum -y groupinstall "Development Tools"
 RUN yum -y install qemu-img e2fsprogs
@@ -21,13 +26,13 @@ ENV TMPDIR=/tmp/centos
 
 RUN yum --installroot=$TMPDIR \
         --releasever=7 \
-        --disablerepo='*' \
-        --enablerepo=base \
         -y groupinstall Base
+
+RUN rm $TMPDIR/etc/yum.repos.d/*
+RUN cp /etc/yum.repos.d/* $TMPDIR/etc/yum.repos.d/
+
 RUN yum --installroot=$TMPDIR \
         --releasever=7 \
-        --disablerepo='*' \
-        --enablerepo=base \
         -y install openssh-server openssh-clients
 
 RUN chroot $TMPDIR /bin/sh -c 'useradd -m user'

tools/qemu-centos-img/7/generate.sh

@@ -0,0 +1,9 @@
+#!/bin/sh
+
+set -eux
+
+cd "$(dirname "$0")"
+
+sudo podman build -t gen-centos7-image .
+sudo podman run --privileged -v $(pwd):/shared -t gen-centos7-image
+tar -Szcf out_of_tree_centos_7.img.tar.gz out_of_tree_centos_7.img

tools/qemu-centos-img/8/generate.sh

@@ -4,6 +4,6 @@ set -eux
 
 cd "$(dirname "$0")"
 
-sudo docker build -t gen-centos8-image .
+sudo podman build -t gen-centos8-image .
-sudo docker run --privileged -v $(pwd):/shared -t gen-centos8-image
+sudo podman run --privileged -v $(pwd):/shared -t gen-centos8-image
 tar -Szcf out_of_tree_centos_8.img.tar.gz out_of_tree_centos_8.img