From 9e83c7de5f1930d8c6f8fa5848630eec398b55c0 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 19:31:25 +0200 Subject: [PATCH 01/20] cd_ca --- cd.sh | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/cd.sh b/cd.sh index 622af39..0ff0821 100644 --- a/cd.sh +++ b/cd.sh @@ -37,17 +37,9 @@ cd_main () { # steps cd_set_environment_variables () { -local index -local text cd_step "Set environment variables" # - index=1 - eval "text=\"\${CD_CA_${index}}\"" - while [ "${text}" ] ; do - CD_CA=${index} - index=$((index+1)) - eval "text=\"\${CD_CA_${index}}\"" - done + [ "${CD_CA_1}" ] && CD_CA=true # case "$(cd_grep_os ID)" in "debian") From 725ad1acd166aef90bdc2588568f6e9397520425 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 20:00:28 +0200 Subject: [PATCH 02/20] https --- cd.sh | 34 ++++++++++++++++------------------ readme.md | 5 +++-- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/cd.sh b/cd.sh index 0ff0821..a61e8ef 100644 --- a/cd.sh +++ b/cd.sh @@ -178,21 +178,20 @@ Dir::Etc::SourceParts \"\"; } cd_set_https_verification_off () { - if [ "${CD_CA}" ] ; then - cd_step "Set HTTPS verification off" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/https" "\ + [ "${CD_CA}" ] || [ "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] || exit + cd_step "Set HTTPS verification off" + case "${CD_OS_ID}" in + "${CD_OS_DEBIAN}") + cd_write "/etc/apt/apt.conf.d/https" "\ Acquire::https::Verify-Peer False; " - ;; - "${CD_OS_ALMA}") - cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ + ;; + "${CD_OS_ALMA}") + cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ sslverify=False " - ;; - esac - fi + ;; + esac } cd_update_packages_catalog () { @@ -239,13 +238,12 @@ cd_update_ca_certificates () { } cd_set_https_verification_on () { - if [ "${CD_CA}" ] ; then - cd_step "Set HTTPS verification on" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; - "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; - esac - fi + [ "${CD_CA}" ] || [ "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] || exit + cd_step "Set HTTPS verification on" + case "${CD_OS_ID}" in + "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; + "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; + esac } cd_upgrade_packages () { diff --git a/readme.md b/readme.md index 5800715..4498d1f 100644 --- a/readme.md +++ b/readme.md @@ -29,8 +29,9 @@ from various CA, CI, OCI / OS. ## Tasks -* first list working directory * handle cloning credentials +* write Python bootstrap + +* first list working directory * integrate project repository cloning * override repository and framework locations -* write Python bootstrap From a99369e8ae3b799272d6f83ceb9cd6dd5b068912 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 20:20:26 +0200 Subject: [PATCH 03/20] fix --- cd.sh | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/cd.sh b/cd.sh index a61e8ef..f0bd9d2 100644 --- a/cd.sh +++ b/cd.sh @@ -178,20 +178,21 @@ Dir::Etc::SourceParts \"\"; } cd_set_https_verification_off () { - [ "${CD_CA}" ] || [ "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] || exit - cd_step "Set HTTPS verification off" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/https" "\ + if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then + cd_step "Set HTTPS verification off" + case "${CD_OS_ID}" in + "${CD_OS_DEBIAN}") + cd_write "/etc/apt/apt.conf.d/https" "\ Acquire::https::Verify-Peer False; " - ;; - "${CD_OS_ALMA}") - cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ + ;; + "${CD_OS_ALMA}") + cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ sslverify=False " - ;; - esac + ;; + esac + fi } cd_update_packages_catalog () { @@ -238,12 +239,13 @@ cd_update_ca_certificates () { } cd_set_https_verification_on () { - [ "${CD_CA}" ] || [ "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] || exit - cd_step "Set HTTPS verification on" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; - "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; - esac + if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then + cd_step "Set HTTPS verification on" + case "${CD_OS_ID}" in + "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; + "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; + esac + fi } cd_upgrade_packages () { From 18e3f300d36d58f492ad8b015691076a789d7cbd Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 20:57:35 +0200 Subject: [PATCH 04/20] readme/certs --- readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/readme.md b/readme.md index 4498d1f..ab6acea 100644 --- a/readme.md +++ b/readme.md @@ -30,6 +30,7 @@ from various CA, CI, OCI / OS. ## Tasks * handle cloning credentials +* show CA certificates as text * write Python bootstrap * first list working directory From cf99e6ff2fe75fb6b89a37a3de9bed11d55f389a Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:03:07 +0200 Subject: [PATCH 05/20] =?UTF-8?q?=E2=86=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cd.sh | 72 +++++++++++++++++++++++++++---------------------------- readme.md | 2 ++ 2 files changed, 38 insertions(+), 36 deletions(-) diff --git a/cd.sh b/cd.sh index f0bd9d2..665f82d 100644 --- a/cd.sh +++ b/cd.sh @@ -42,14 +42,14 @@ cd_set_environment_variables () { [ "${CD_CA_1}" ] && CD_CA=true # case "$(cd_grep_os ID)" in - "debian") - CD_OS_ID="${CD_OS_DEBIAN}" - CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)" - ;; "almalinux") CD_OS_ID="${CD_OS_ALMA}" CD_OS_VERSION="$(cd_grep_os VERSION_ID)" ;; + "debian") + CD_OS_ID="${CD_OS_DEBIAN}" + CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)" + ;; esac # CD_CA_PACKAGE="ca-certificates" @@ -57,18 +57,6 @@ cd_set_environment_variables () { CD_GIT_PACKAGE="git" # case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}" - [ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}" - case "${CD_OS_VERSION}" in - "bookworm"|"bullseye") cd_nop ;; - *) cd_error_os "CD_OS_VERSION" ;; - esac - CD_CA_ROOT="/usr/local/share/ca-certificates" - CD_PYTHON_COMMAND="python3" - CD_PYTHON_PACKAGE="python3" - CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" - ;; "${CD_OS_ALMA}") CD_OS_REPO="${CD_DEFAULT_REPO_ALMA}" [ "${CD_REPO_ALMA}" ] && CD_OS_REPO="${CD_REPO_ALMA}" @@ -81,6 +69,18 @@ cd_set_environment_variables () { CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" ;; + "${CD_OS_DEBIAN}") + CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}" + [ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}" + case "${CD_OS_VERSION}" in + "bookworm"|"bullseye") cd_nop ;; + *) cd_error_os "CD_OS_VERSION" ;; + esac + CD_CA_ROOT="/usr/local/share/ca-certificates" + CD_PYTHON_COMMAND="python3" + CD_PYTHON_PACKAGE="python3" + CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" + ;; *) cd_error_os "CD_OS_ID" ;; esac # continuous integration platform @@ -141,14 +141,6 @@ local expression local file cd_step "Set packages repositories" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/sources.list" "\ -deb ${CD_OS_REPO} ${CD_OS_VERSION} main -deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main -deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main -deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main -" - ;; "${CD_OS_ALMA}") file="/etc/yum.repos.d/almalinux.repo" cd_sed "${file}" \ @@ -157,12 +149,21 @@ deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main "|^# baseurl|baseurl|" cd_cat "${file}" ;; + "${CD_OS_DEBIAN}") + cd_write "/etc/apt/sources.list" "\ +deb ${CD_OS_REPO} ${CD_OS_VERSION} main +deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main +deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main +deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main +" + ;; esac } cd_set_packages_configuration () { cd_step "Set packages configuration" case "${CD_OS_ID}" in + "${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;; "${CD_OS_DEBIAN}") export DEBIAN_FRONTEND="noninteractive" cd_write "/etc/apt/apt.conf.d/apt.conf" "\ @@ -173,7 +174,6 @@ APT::Install-Suggests False; Dir::Etc::SourceParts \"\"; " ;; - "${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;; esac } @@ -181,14 +181,14 @@ cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/https" "\ -Acquire::https::Verify-Peer False; -" - ;; "${CD_OS_ALMA}") cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ sslverify=False +" + ;; + "${CD_OS_DEBIAN}") + cd_write "/etc/apt/apt.conf.d/https" "\ +Acquire::https::Verify-Peer False; " ;; esac @@ -198,16 +198,16 @@ sslverify=False cd_update_packages_catalog () { cd_step "Update packages catalog" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get update || exit ;; "${CD_OS_ALMA}") dnf makecache || exit ;; + "${CD_OS_DEBIAN}") apt-get update || exit ;; esac } cd_install_packages_tools () { cd_step "Install packages tools" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;; "${CD_OS_ALMA}") cd_nop ;; + "${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;; esac } @@ -233,8 +233,8 @@ local text cd_update_ca_certificates () { cd_step "Update CA" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") update-ca-certificates || exit ;; "${CD_OS_ALMA}") update-ca-trust || exit ;; + "${CD_OS_DEBIAN}") update-ca-certificates || exit ;; esac } @@ -242,8 +242,8 @@ cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; + "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; esac fi } @@ -251,8 +251,8 @@ cd_set_https_verification_on () { cd_upgrade_packages () { cd_step "Upgrade packages" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;; "${CD_OS_ALMA}") dnf upgrade --assumeyes || exit ;; + "${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;; esac } @@ -269,8 +269,8 @@ cd_install_python () { cd_clean_packages_cache () { cd_step "Clean packages cache" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get clean || exit ;; "${CD_OS_ALMA}") dnf clean all || exit ;; + "${CD_OS_DEBIAN}") apt-get clean || exit ;; esac } diff --git a/readme.md b/readme.md index ab6acea..1e6dc72 100644 --- a/readme.md +++ b/readme.md @@ -29,6 +29,8 @@ from various CA, CI, OCI / OS. ## Tasks +* write bats + * handle cloning credentials * show CA certificates as text * write Python bootstrap From 657e4d28a2da841e1febcd02093cbe34e1199661 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:09:30 +0200 Subject: [PATCH 06/20] agnostic --- cd.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cd.sh b/cd.sh index 665f82d..9b71a22 100644 --- a/cd.sh +++ b/cd.sh @@ -274,6 +274,8 @@ cd_clean_packages_cache () { esac } +# agnostic steps + cd_install_python_modules () { local path local repository From 6688313b48bbac0dc40e67bd5b6751829a0f1f6a Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:16:03 +0200 Subject: [PATCH 07/20] clean --- cd.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/cd.sh b/cd.sh index 9b71a22..60e620a 100644 --- a/cd.sh +++ b/cd.sh @@ -65,6 +65,7 @@ cd_set_environment_variables () { *) cd_error_os "CD_OS_VERSION" ;; esac CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" + CD_CMD_CLEAN="dnf clean all" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -77,6 +78,7 @@ cd_set_environment_variables () { *) cd_error_os "CD_OS_VERSION" ;; esac CD_CA_ROOT="/usr/local/share/ca-certificates" + CD_CMD_CLEAN="apt-get clean" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -256,6 +258,8 @@ cd_upgrade_packages () { esac } +# agnostic steps + cd_install_git () { cd_step "Install Git" cd_install_package "${CD_GIT_PACKAGE}" @@ -268,14 +272,9 @@ cd_install_python () { cd_clean_packages_cache () { cd_step "Clean packages cache" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") dnf clean all || exit ;; - "${CD_OS_DEBIAN}") apt-get clean || exit ;; - esac + ${CD_CMD_CLEAN} || exit } -# agnostic steps - cd_install_python_modules () { local path local repository From faf17ad62f46d04223f2749dcf4dcc2a04c03911 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:18:20 +0200 Subject: [PATCH 08/20] upgrade --- cd.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/cd.sh b/cd.sh index 60e620a..60f3343 100644 --- a/cd.sh +++ b/cd.sh @@ -66,6 +66,7 @@ cd_set_environment_variables () { esac CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" CD_CMD_CLEAN="dnf clean all" + CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -79,6 +80,7 @@ cd_set_environment_variables () { esac CD_CA_ROOT="/usr/local/share/ca-certificates" CD_CMD_CLEAN="apt-get clean" + CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -250,16 +252,13 @@ cd_set_https_verification_on () { fi } +# agnostic steps + cd_upgrade_packages () { cd_step "Upgrade packages" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") dnf upgrade --assumeyes || exit ;; - "${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;; - esac + ${CD_CMD_UPGRADE} || exit } -# agnostic steps - cd_install_git () { cd_step "Install Git" cd_install_package "${CD_GIT_PACKAGE}" From 288f1a3101559f18c69bdd9944f2d07499aa78ac Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:24:41 +0200 Subject: [PATCH 09/20] https --- cd.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/cd.sh b/cd.sh index 60f3343..93ca732 100644 --- a/cd.sh +++ b/cd.sh @@ -67,6 +67,7 @@ cd_set_environment_variables () { CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" CD_CMD_CLEAN="dnf clean all" CD_CMD_UPGRADE="dnf upgrade --assumeyes" + CD_FILE_HTTPS="/etc/dnf/dnf.conf.d/https.conf" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -81,6 +82,7 @@ cd_set_environment_variables () { CD_CA_ROOT="/usr/local/share/ca-certificates" CD_CMD_CLEAN="apt-get clean" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" + CD_FILE_HTTPS="/etc/apt/apt.conf.d/https" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -186,12 +188,12 @@ cd_set_https_verification_off () { cd_step "Set HTTPS verification off" case "${CD_OS_ID}" in "${CD_OS_ALMA}") - cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ + cd_write "${CD_FILE_HTTPS}" "\ sslverify=False " ;; "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/https" "\ + cd_write "${CD_FILE_HTTPS}" "\ Acquire::https::Verify-Peer False; " ;; @@ -242,18 +244,15 @@ cd_update_ca_certificates () { esac } +# agnostic steps + cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; - "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; - esac + cd_rm "${CD_FILE_HTTPS}" fi } -# agnostic steps - cd_upgrade_packages () { cd_step "Upgrade packages" ${CD_CMD_UPGRADE} || exit From 84ccc6f21574cbc8216e737fd3a6166035404732 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:28:37 +0200 Subject: [PATCH 10/20] ca --- cd.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/cd.sh b/cd.sh index 93ca732..ec8ef3c 100644 --- a/cd.sh +++ b/cd.sh @@ -65,6 +65,7 @@ cd_set_environment_variables () { *) cd_error_os "CD_OS_VERSION" ;; esac CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" + CD_CMD_CA="update-ca-trust" CD_CMD_CLEAN="dnf clean all" CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_FILE_HTTPS="/etc/dnf/dnf.conf.d/https.conf" @@ -80,6 +81,7 @@ cd_set_environment_variables () { *) cd_error_os "CD_OS_VERSION" ;; esac CD_CA_ROOT="/usr/local/share/ca-certificates" + CD_CMD_CA="update-ca-certificates" CD_CMD_CLEAN="apt-get clean" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_FILE_HTTPS="/etc/apt/apt.conf.d/https" @@ -217,6 +219,8 @@ cd_install_packages_tools () { esac } +# agnostic steps + cd_install_ca_certificates () { cd_step "Install CA" cd_install_package "${CD_CA_PACKAGE}" @@ -225,7 +229,7 @@ cd_install_ca_certificates () { cd_write_ca_certificates () { local index local text - cd_step "Copy CA" + cd_step "Write CA certificates" cd_mkdir "${CD_CA_ROOT}" index=1 eval "text=\"\${CD_CA_${index}}\"" @@ -237,15 +241,10 @@ local text } cd_update_ca_certificates () { - cd_step "Update CA" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") update-ca-trust || exit ;; - "${CD_OS_DEBIAN}") update-ca-certificates || exit ;; - esac + cd_step "Update CA certificates" + ${CD_CMD_CA} || exit } -# agnostic steps - cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" From a9e885bca896e06857eb547a78678228c0b184c4 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:30:28 +0200 Subject: [PATCH 11/20] update --- cd.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/cd.sh b/cd.sh index ec8ef3c..a0eeae7 100644 --- a/cd.sh +++ b/cd.sh @@ -67,6 +67,7 @@ cd_set_environment_variables () { CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" CD_CMD_CA="update-ca-trust" CD_CMD_CLEAN="dnf clean all" + CD_CMD_UPDATE="dnf makecache" CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_FILE_HTTPS="/etc/dnf/dnf.conf.d/https.conf" CD_PYTHON_COMMAND="python3.11" @@ -83,6 +84,7 @@ cd_set_environment_variables () { CD_CA_ROOT="/usr/local/share/ca-certificates" CD_CMD_CA="update-ca-certificates" CD_CMD_CLEAN="apt-get clean" + CD_CMD_UPDATE="apt-get update" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_FILE_HTTPS="/etc/apt/apt.conf.d/https" CD_PYTHON_COMMAND="python3" @@ -205,10 +207,7 @@ Acquire::https::Verify-Peer False; cd_update_packages_catalog () { cd_step "Update packages catalog" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") dnf makecache || exit ;; - "${CD_OS_DEBIAN}") apt-get update || exit ;; - esac + ${CD_CMD_UPDATE} || exit } cd_install_packages_tools () { From 8b9ddbec9fd3443242ec05d151d19bc0efb4941a Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:36:19 +0200 Subject: [PATCH 12/20] https --- cd.sh | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/cd.sh b/cd.sh index a0eeae7..eb67a13 100644 --- a/cd.sh +++ b/cd.sh @@ -69,7 +69,8 @@ cd_set_environment_variables () { CD_CMD_CLEAN="dnf clean all" CD_CMD_UPDATE="dnf makecache" CD_CMD_UPGRADE="dnf upgrade --assumeyes" - CD_FILE_HTTPS="/etc/dnf/dnf.conf.d/https.conf" + CD_FILE_HTTPS_NAME="/etc/dnf/dnf.conf.d/https.conf" + CD_FILE_HTTPS_TEXT="sslverify=False" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -86,7 +87,8 @@ cd_set_environment_variables () { CD_CMD_CLEAN="apt-get clean" CD_CMD_UPDATE="apt-get update" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" - CD_FILE_HTTPS="/etc/apt/apt.conf.d/https" + CD_FILE_HTTPS_NAME="/etc/apt/apt.conf.d/https" + CD_FILE_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -190,18 +192,7 @@ Dir::Etc::SourceParts \"\"; cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") - cd_write "${CD_FILE_HTTPS}" "\ -sslverify=False -" - ;; - "${CD_OS_DEBIAN}") - cd_write "${CD_FILE_HTTPS}" "\ -Acquire::https::Verify-Peer False; -" - ;; - esac + cd_write "${CD_FILE_HTTPS_NAME}" "${CD_FILE_HTTPS_TEXT}" fi } @@ -247,7 +238,7 @@ cd_update_ca_certificates () { cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" - cd_rm "${CD_FILE_HTTPS}" + cd_rm "${CD_FILE_HTTPS_NAME}" fi } From 585e1d58e2184ea3abce1e3e20ab9ffa73c4ca91 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:43:25 +0200 Subject: [PATCH 13/20] pkg --- cd.sh | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/cd.sh b/cd.sh index eb67a13..1e17327 100644 --- a/cd.sh +++ b/cd.sh @@ -71,6 +71,7 @@ cd_set_environment_variables () { CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_FILE_HTTPS_NAME="/etc/dnf/dnf.conf.d/https.conf" CD_FILE_HTTPS_TEXT="sslverify=False" + CD_PKG_PKG="" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -89,6 +90,7 @@ cd_set_environment_variables () { CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_FILE_HTTPS_NAME="/etc/apt/apt.conf.d/https" CD_FILE_HTTPS_TEXT="Acquire::https::Verify-Peer False;" + CD_PKG_PKG="apt-utils" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -189,6 +191,8 @@ Dir::Etc::SourceParts \"\"; esac } +# agnostic steps + cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" @@ -203,14 +207,9 @@ cd_update_packages_catalog () { cd_install_packages_tools () { cd_step "Install packages tools" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") cd_nop ;; - "${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;; - esac + cd_install_package "${CD_PKG_PKG}" } -# agnostic steps - cd_install_ca_certificates () { cd_step "Install CA" cd_install_package "${CD_CA_PACKAGE}" From a73bdd235f0555fd6fb4e10be906e6b6b98b11f4 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:52:08 +0200 Subject: [PATCH 14/20] mkdir,path --- cd.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cd.sh b/cd.sh index 1e17327..0852a55 100644 --- a/cd.sh +++ b/cd.sh @@ -69,7 +69,7 @@ cd_set_environment_variables () { CD_CMD_CLEAN="dnf clean all" CD_CMD_UPDATE="dnf makecache" CD_CMD_UPGRADE="dnf upgrade --assumeyes" - CD_FILE_HTTPS_NAME="/etc/dnf/dnf.conf.d/https.conf" + CD_FILE_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" CD_FILE_HTTPS_TEXT="sslverify=False" CD_PKG_PKG="" CD_PYTHON_COMMAND="python3.11" @@ -88,7 +88,7 @@ cd_set_environment_variables () { CD_CMD_CLEAN="apt-get clean" CD_CMD_UPDATE="apt-get update" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" - CD_FILE_HTTPS_NAME="/etc/apt/apt.conf.d/https" + CD_FILE_HTTPS_PATH="/etc/apt/apt.conf.d/https" CD_FILE_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PKG_PKG="apt-utils" CD_PYTHON_COMMAND="python3" @@ -196,7 +196,8 @@ Dir::Etc::SourceParts \"\"; cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" - cd_write "${CD_FILE_HTTPS_NAME}" "${CD_FILE_HTTPS_TEXT}" + cd_mkdir "$(dirname "${CD_FILE_HTTPS_PATH}")" + cd_write "${CD_FILE_HTTPS_PATH}" "${CD_FILE_HTTPS_TEXT}" fi } @@ -237,7 +238,7 @@ cd_update_ca_certificates () { cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" - cd_rm "${CD_FILE_HTTPS_NAME}" + cd_rm "${CD_FILE_HTTPS_PATH}" fi } From 98ecacd8c8a66e267177b26009cdc81f4a090c3d Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:53:25 +0200 Subject: [PATCH 15/20] readme --- readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/readme.md b/readme.md index 1e6dc72..51e54e5 100644 --- a/readme.md +++ b/readme.md @@ -32,9 +32,11 @@ from various CA, CI, OCI / OS. * write bats * handle cloning credentials +* make steps more agnostic * show CA certificates as text * write Python bootstrap * first list working directory * integrate project repository cloning * override repository and framework locations +* reduce operating system version to major From 7d6f23efe9e564212168dddf5743e64f314c780a Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 21:56:30 +0200 Subject: [PATCH 16/20] debian/frontend --- cd.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cd.sh b/cd.sh index 0852a55..17cf7ba 100644 --- a/cd.sh +++ b/cd.sh @@ -77,6 +77,8 @@ cd_set_environment_variables () { CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" ;; "${CD_OS_DEBIAN}") + export DEBIAN_FRONTEND="noninteractive" + # CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}" [ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}" case "${CD_OS_VERSION}" in @@ -179,7 +181,6 @@ cd_set_packages_configuration () { case "${CD_OS_ID}" in "${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;; "${CD_OS_DEBIAN}") - export DEBIAN_FRONTEND="noninteractive" cd_write "/etc/apt/apt.conf.d/apt.conf" "\ Acquire::Check-Valid-Until True; APT::Get::Show-Versions True; From e2bc6311af26b54a61fc8d4c788d97abeff515f1 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 22:01:01 +0200 Subject: [PATCH 17/20] dnf --- cd.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cd.sh b/cd.sh index 17cf7ba..c6c9e61 100644 --- a/cd.sh +++ b/cd.sh @@ -179,7 +179,16 @@ deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main cd_set_packages_configuration () { cd_step "Set packages configuration" case "${CD_OS_ID}" in - "${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;; + "${CD_OS_ALMA}") + cd_write "/etc/dnf/dnf.conf" "\ +[main] +best=True +clean_requirements_on_remove=True +gpgcheck=1 +installonly_limit=3 +skip_if_unavailable=False +" + ;; "${CD_OS_DEBIAN}") cd_write "/etc/apt/apt.conf.d/apt.conf" "\ Acquire::Check-Valid-Until True; From 2e5e92e1285424016139b4f476ee3a894209cdae Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 22:04:05 +0200 Subject: [PATCH 18/20] pm --- cd.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/cd.sh b/cd.sh index c6c9e61..7fe0fd1 100644 --- a/cd.sh +++ b/cd.sh @@ -69,9 +69,9 @@ cd_set_environment_variables () { CD_CMD_CLEAN="dnf clean all" CD_CMD_UPDATE="dnf makecache" CD_CMD_UPGRADE="dnf upgrade --assumeyes" - CD_FILE_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" - CD_FILE_HTTPS_TEXT="sslverify=False" CD_PKG_PKG="" + CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" + CD_PM_HTTPS_TEXT="sslverify=False" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" @@ -90,9 +90,9 @@ cd_set_environment_variables () { CD_CMD_CLEAN="apt-get clean" CD_CMD_UPDATE="apt-get update" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" - CD_FILE_HTTPS_PATH="/etc/apt/apt.conf.d/https" - CD_FILE_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PKG_PKG="apt-utils" + CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https" + CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PYTHON_COMMAND="python3" CD_PYTHON_PACKAGE="python3" CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" @@ -206,8 +206,8 @@ Dir::Etc::SourceParts \"\"; cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" - cd_mkdir "$(dirname "${CD_FILE_HTTPS_PATH}")" - cd_write "${CD_FILE_HTTPS_PATH}" "${CD_FILE_HTTPS_TEXT}" + cd_mkdir "$(dirname "${CD_PM_HTTPS_PATH}")" + cd_write "${CD_PM_HTTPS_PATH}" "${CD_PM_HTTPS_TEXT}" fi } @@ -248,7 +248,7 @@ cd_update_ca_certificates () { cd_set_https_verification_on () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" - cd_rm "${CD_FILE_HTTPS_PATH}" + cd_rm "${CD_PM_HTTPS_PATH}" fi } From 7be21f53dd36a7691da6c6bef7460007164973a4 Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 22:52:24 +0200 Subject: [PATCH 19/20] pm/conf --- cd.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cd.sh b/cd.sh index 7fe0fd1..6d1a81f 100644 --- a/cd.sh +++ b/cd.sh @@ -70,6 +70,7 @@ cd_set_environment_variables () { CD_CMD_UPDATE="dnf makecache" CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_PKG_PKG="" + CD_PM_CONF_PATH="/etc/dnf/dnf.conf" CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" CD_PM_HTTPS_TEXT="sslverify=False" CD_PYTHON_COMMAND="python3.11" @@ -91,6 +92,7 @@ cd_set_environment_variables () { CD_CMD_UPDATE="apt-get update" CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_PKG_PKG="apt-utils" + CD_PM_CONF_PATH="/etc/apt/apt.conf.d/apt.conf" CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https" CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PYTHON_COMMAND="python3" @@ -180,7 +182,7 @@ cd_set_packages_configuration () { cd_step "Set packages configuration" case "${CD_OS_ID}" in "${CD_OS_ALMA}") - cd_write "/etc/dnf/dnf.conf" "\ + cd_write "${CD_PM_CONF_PATH}" "\ [main] best=True clean_requirements_on_remove=True @@ -190,7 +192,7 @@ skip_if_unavailable=False " ;; "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/apt.conf" "\ + cd_write "${CD_PM_CONF_PATH}" "\ Acquire::Check-Valid-Until True; APT::Get::Show-Versions True; APT::Install-Recommends False; From e5d17cd0f010a506b34dc2dcfbabd27336a2026a Mon Sep 17 00:00:00 2001 From: Marc Beninca Date: Fri, 3 May 2024 23:19:30 +0200 Subject: [PATCH 20/20] conf/text --- cd.sh | 41 ++++++++++++++++++----------------------- 1 file changed, 18 insertions(+), 23 deletions(-) diff --git a/cd.sh b/cd.sh index 6d1a81f..a9b5700 100644 --- a/cd.sh +++ b/cd.sh @@ -71,6 +71,14 @@ cd_set_environment_variables () { CD_CMD_UPGRADE="dnf upgrade --assumeyes" CD_PKG_PKG="" CD_PM_CONF_PATH="/etc/dnf/dnf.conf" + CD_PM_CONF_TEXT="\ +[main] +best=True +clean_requirements_on_remove=True +gpgcheck=1 +installonly_limit=3 +skip_if_unavailable=False +" CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" CD_PM_HTTPS_TEXT="sslverify=False" CD_PYTHON_COMMAND="python3.11" @@ -93,6 +101,13 @@ cd_set_environment_variables () { CD_CMD_UPGRADE="apt-get upgrade --assume-yes" CD_PKG_PKG="apt-utils" CD_PM_CONF_PATH="/etc/apt/apt.conf.d/apt.conf" + CD_PM_CONF_TEXT="\ +Acquire::Check-Valid-Until True; +APT::Get::Show-Versions True; +APT::Install-Recommends False; +APT::Install-Suggests False; +Dir::Etc::SourceParts \"\"; +" CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https" CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;" CD_PYTHON_COMMAND="python3" @@ -178,33 +193,13 @@ deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main esac } +# agnostic steps + cd_set_packages_configuration () { cd_step "Set packages configuration" - case "${CD_OS_ID}" in - "${CD_OS_ALMA}") - cd_write "${CD_PM_CONF_PATH}" "\ -[main] -best=True -clean_requirements_on_remove=True -gpgcheck=1 -installonly_limit=3 -skip_if_unavailable=False -" - ;; - "${CD_OS_DEBIAN}") - cd_write "${CD_PM_CONF_PATH}" "\ -Acquire::Check-Valid-Until True; -APT::Get::Show-Versions True; -APT::Install-Recommends False; -APT::Install-Suggests False; -Dir::Etc::SourceParts \"\"; -" - ;; - esac + cd_write "${CD_PM_CONF_PATH}" "${CD_PM_CONF_TEXT}" } -# agnostic steps - cd_set_https_verification_off () { if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off"