From 625be0d2f81705b3ab863ee3d13948f4355e2a7b Mon Sep 17 00:00:00 2001 From: Pawel Wieczorek Date: Tue, 30 Jul 2019 16:43:19 +0200 Subject: k8s: Silence package manager and make it noninteractive This patch sets debconf frontend to noninteractive by including additional field in the first stanza of configuration file. Its placement has been chosen arbitrarily - both 'Config' and 'Templates' fields "are required in this first stanza" [1]. It also makes symlinking script more generic. [1] man 5 debconf.conf (provided by "debconf-doc" in Ubuntu) Issue-ID: SECCOM-235 Change-Id: If9dcc712d1ff7f527d3bc59f4c1709cffe4cbda5 Signed-off-by: Pawel Wieczorek --- test/security/k8s/tools/config/95silent-approval | 2 ++ test/security/k8s/vagrant/dublin/Vagrantfile | 24 ++++++++++++++++++------ 2 files changed, 20 insertions(+), 6 deletions(-) create mode 100644 test/security/k8s/tools/config/95silent-approval diff --git a/test/security/k8s/tools/config/95silent-approval b/test/security/k8s/tools/config/95silent-approval new file mode 100644 index 000000000..dadbfbd86 --- /dev/null +++ b/test/security/k8s/tools/config/95silent-approval @@ -0,0 +1,2 @@ +Quiet "1"; +APT::Get::Assume-Yes "true"; diff --git a/test/security/k8s/vagrant/dublin/Vagrantfile b/test/security/k8s/vagrant/dublin/Vagrantfile index ce442eb98..b8abcd125 100644 --- a/test/security/k8s/vagrant/dublin/Vagrantfile +++ b/test/security/k8s/vagrant/dublin/Vagrantfile @@ -8,6 +8,8 @@ vagrant_password = "vagrant" synced_folder_main = "/vagrant" synced_folder_config = "#{synced_folder_main}/config" cluster_yml = "cluster.yml" +apt_prefs_dir = "/etc/apt/apt.conf.d" +apt_prefs = "95silent-approval" vm_memory = 2 * 1024 vm_cpus = 1 @@ -35,6 +37,11 @@ $add_to_docker_group = <<-SCRIPT usermod -aG docker "$USER" SCRIPT +$setup_debconf = <<-SCRIPT + echo "Setting debconf frontend to noninteractive" + sed -i'.orig' '/^Config:/a Frontend: noninteractive' /etc/debconf.conf +SCRIPT + $install_sshpass = <<-SCRIPT apt-get update echo "Installing 'sshpass'" @@ -69,11 +76,11 @@ $link_dotfiles = <<-SCRIPT done SCRIPT -$link_cluster_yml = <<-SCRIPT +$link_file = <<-SCRIPT SYNC_DIR="$1" - CLUSTER_YML="$2" - src="${SYNC_DIR}/${CLUSTER_YML}" - dst="$HOME" + FILE="$2" + src="${SYNC_DIR}/${FILE}" + dst="$3" echo "Symlinking ${src} to ${dst}" ln -sf "$src" "$dst" SCRIPT @@ -115,6 +122,11 @@ Vagrant.configure('2') do |config| config.vm.synced_folder ".", synced_folder_main, type: "rsync", rsync__exclude: "Vagrantfile" config.vm.synced_folder "../../tools/config", synced_folder_config, type: "rsync" + config.vm.provision "setup_debconf", type: :shell, inline: $setup_debconf + config.vm.provision "link_apt_prefs", type: :shell, run: "always" do |s| + s.inline = $link_file + s.args = [synced_folder_config, apt_prefs, apt_prefs_dir] + end config.vm.provision "link_dotfiles_root", type: :shell, run: "always" do |s| s.inline = $link_dotfiles s.args = synced_folder_config @@ -140,8 +152,8 @@ Vagrant.configure('2') do |config| config.vm.provision "get_rke", type: :shell, path: "../../tools/dublin/get_rke.sh" config.vm.provision "link_cluster_yml", type: :shell, run: "always" do |s| s.privileged = false - s.inline = $link_cluster_yml - s.args = [synced_folder_main, cluster_yml] + s.inline = $link_file + s.args = [synced_folder_main, cluster_yml, "$HOME"] end config.vm.post_up_message = operation_post_msg -- cgit 1.2.3-korg