From 15de3d9b4fb45640599bda868378dc8fc82b0c0e Mon Sep 17 00:00:00 2001 From: Victor Morales Date: Thu, 26 Dec 2024 09:12:20 -0800 Subject: [PATCH] Fix linting issues --- .editorconfig | 3 - .github/actions/vagrant-setup/action.yml | 1 + .github/actions/vagrant-up/action.yml | 1 + .github/workflows/diagram.yml | 1 + .github/workflows/distros.yml | 1 + .github/workflows/lint.yml | 1 + .github/workflows/on-demand_ci.yml | 1 + .github/workflows/rebase.yml | 1 + .github/workflows/scheduled_ci.yml | 1 + .github/workflows/spell.yml | 1 + .github/workflows/update.yml | 1 + Makefile | 2 +- README.md | 2 +- build/ci/run_task.sh | 10 +- ci/update_distros.sh | 80 ++-- ci/update_versions.sh | 8 +- setup.sh | 474 +++++++++++------------ tox.ini | 4 +- validate.sh | 76 ++-- 19 files changed, 339 insertions(+), 330 deletions(-) delete mode 100644 .editorconfig diff --git a/.editorconfig b/.editorconfig deleted file mode 100644 index 47ff004..0000000 --- a/.editorconfig +++ /dev/null @@ -1,3 +0,0 @@ -[*.sh] -indent_style = space -indent_size = 4 diff --git a/.github/actions/vagrant-setup/action.yml b/.github/actions/vagrant-setup/action.yml index ce88008..60313fb 100644 --- a/.github/actions/vagrant-setup/action.yml +++ b/.github/actions/vagrant-setup/action.yml @@ -8,6 +8,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## name: Vagrant setup +description: Configures the Vagrant requirements inputs: distro: description: Linux distribution diff --git a/.github/actions/vagrant-up/action.yml b/.github/actions/vagrant-up/action.yml index 46c07c3..dde8fed 100644 --- a/.github/actions/vagrant-up/action.yml +++ b/.github/actions/vagrant-up/action.yml @@ -8,6 +8,7 @@ # http://www.apache.org/licenses/LICENSE-2.0 ############################################################################## name: Vagrant up +description: Creates a Vagrant Virtual Machine inputs: memory: description: "Memory" diff --git a/.github/workflows/diagram.yml b/.github/workflows/diagram.yml index a6698c3..7467cd2 100644 --- a/.github/workflows/diagram.yml +++ b/.github/workflows/diagram.yml @@ -15,6 +15,7 @@ on: - codebase-structure.svg - .github/ workflow_dispatch: +permissions: read-all jobs: check-diagram: name: Update the codebase structure diagram diff --git a/.github/workflows/distros.yml b/.github/workflows/distros.yml index e778cde..f710358 100644 --- a/.github/workflows/distros.yml +++ b/.github/workflows/distros.yml @@ -13,6 +13,7 @@ on: schedule: - cron: "0 0 1 * *" workflow_dispatch: +permissions: read-all jobs: check-versions: runs-on: vm-self-hosted diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e8c7492..d6dd8ab 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -12,6 +12,7 @@ name: Lint Code Base on: push: pull_request: +permissions: read-all jobs: get-sloc: name: Count Lines of Code diff --git a/.github/workflows/on-demand_ci.yml b/.github/workflows/on-demand_ci.yml index c53453a..203211a 100644 --- a/.github/workflows/on-demand_ci.yml +++ b/.github/workflows/on-demand_ci.yml @@ -18,6 +18,7 @@ on: types: - submitted workflow_dispatch: +permissions: read-all jobs: changes: runs-on: ubuntu-latest diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index ef82755..80d8cbb 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -12,6 +12,7 @@ name: Automatic Rebase on: issue_comment: types: [created] +permissions: read-all jobs: rebase: name: Rebase diff --git a/.github/workflows/scheduled_ci.yml b/.github/workflows/scheduled_ci.yml index 359bfd1..2fa8b0f 100644 --- a/.github/workflows/scheduled_ci.yml +++ b/.github/workflows/scheduled_ci.yml @@ -13,6 +13,7 @@ on: schedule: - cron: "0 0 * * 5" workflow_dispatch: +permissions: read-all jobs: check-ubuntu-jammy-baremetal: runs-on: ubuntu-22.04 diff --git a/.github/workflows/spell.yml b/.github/workflows/spell.yml index a9a0645..504c744 100644 --- a/.github/workflows/spell.yml +++ b/.github/workflows/spell.yml @@ -17,6 +17,7 @@ on: pull_request_review: types: - submitted +permissions: read-all jobs: check-reviewdog: name: Check spelling (reviewdog) diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 079a2f2..4e7f738 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -13,6 +13,7 @@ on: schedule: - cron: "0 0 * * 5" workflow_dispatch: +permissions: read-all jobs: check-versions: runs-on: ubuntu-latest diff --git a/Makefile b/Makefile index fee9db6..3f1cc1b 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ lint: sudo -E $(DOCKER_CMD) run --rm -v $$(pwd):/tmp/lint \ -e RUN_LOCAL=true \ -e LINTER_RULES_PATH=/ \ - github/super-linter + ghcr.io/super-linter/super-linter tox -e lint .PHONY: fmt diff --git a/README.md b/README.md index 0d46c68..f75626e 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ coding, documenting, testing, spreading the word at events within others. Thanks to all the people who already contributed! - + Contributors ![Visualization of the codebase](./codebase-structure.svg) diff --git a/build/ci/run_task.sh b/build/ci/run_task.sh index 23eb1a9..9dbcff1 100755 --- a/build/ci/run_task.sh +++ b/build/ci/run_task.sh @@ -14,11 +14,11 @@ set -o nounset set -o xtrace if ! command -v fly; then - # NOTE: Shorten link -> https://github.com/electrocucaracha/pkg-mgr_scripts - curl -fsSL http://bit.ly/install_pkg | PKG=fly bash + # NOTE: Shorten link -> https://github.com/electrocucaracha/pkg-mgr_scripts + curl -fsSL http://bit.ly/install_pkg | PKG=fly bash fi fly execute --privileged \ - --target="${RELENG_TARGET:-releng}" \ - --config="${TASK_NAME}-task.yml" \ - -i src=../../ "$@" + --target="${RELENG_TARGET:-releng}" \ + --config="${TASK_NAME}-task.yml" \ + -i src=../../ "$@" diff --git a/ci/update_distros.sh b/ci/update_distros.sh index ed28889..02cea89 100755 --- a/ci/update_distros.sh +++ b/ci/update_distros.sh @@ -11,54 +11,54 @@ set -o errexit set -o pipefail if [[ ${KRD_DEBUG:-false} == "true" ]]; then - set -o xtrace + set -o xtrace fi PROVIDER=${PROVIDER:-virtualbox} msg="" function _get_box_version { - local version="" - local attempt_counter=0 - readonly max_attempts=5 - readonly name="$1" + local version="" + local attempt_counter=0 + readonly max_attempts=5 + readonly name="$1" - if [ -f ./ci/pinned_vagrant_boxes.txt ] && grep -q "^${name} .*$PROVIDER" ./ci/pinned_vagrant_boxes.txt; then - version=$(grep "^${name} .*$PROVIDER" ./ci/pinned_vagrant_boxes.txt | awk '{ print $2 }') - else - until [ "$version" ]; do - metadata="$(curl -s "https://app.vagrantup.com/api/v1/box/$name")" - if [ "$metadata" ]; then - version="$(echo "$metadata" | python -c 'import json,sys;print(json.load(sys.stdin)["current_version"]["version"])')" - break - elif [ ${attempt_counter} -eq ${max_attempts} ]; then - echo "Max attempts reached" - exit 1 - fi - attempt_counter=$((attempt_counter + 1)) - sleep $((attempt_counter * 2)) - done - fi + if [ -f ./ci/pinned_vagrant_boxes.txt ] && grep -q "^${name} .*$PROVIDER" ./ci/pinned_vagrant_boxes.txt; then + version=$(grep "^${name} .*$PROVIDER" ./ci/pinned_vagrant_boxes.txt | awk '{ print $2 }') + else + until [ "$version" ]; do + metadata="$(curl -s "https://app.vagrantup.com/api/v1/box/$name")" + if [ "$metadata" ]; then + version="$(echo "$metadata" | python -c 'import json,sys;print(json.load(sys.stdin)["current_version"]["version"])')" + break + elif [ ${attempt_counter} -eq ${max_attempts} ]; then + echo "Max attempts reached" + exit 1 + fi + attempt_counter=$((attempt_counter + 1)) + sleep $((attempt_counter * 2)) + done + fi - echo "${version#*v}" + echo "${version#*v}" } function _vagrant_pull { - local alias="$1" - local name="$2" + local alias="$1" + local name="$2" - version=$(_get_box_version "$name") + version=$(_get_box_version "$name") - if [ "$(curl "https://app.vagrantup.com/${name%/*}/boxes/${name#*/}/versions/$version/providers/$PROVIDER.box" -o /dev/null -w '%{http_code}\n' -s)" == "302" ] && [ "$(vagrant box list | grep -c "$name .*$PROVIDER, $version")" != "1" ]; then - vagrant box remove --provider "$PROVIDER" --all --force "$name" || : - vagrant box add --provider "$PROVIDER" --box-version "$version" "$name" - elif [ "$(vagrant box list | grep -c "$name .*$PROVIDER, $version")" == "1" ]; then - echo "$name($version, $PROVIDER) box is already present in the host" - else - msg+="$name($version, $PROVIDER) box doesn't exist\n" - return - fi - cat <>.distros_supported.yml + if [ "$(curl "https://app.vagrantup.com/${name%/*}/boxes/${name#*/}/versions/$version/providers/$PROVIDER.box" -o /dev/null -w '%{http_code}\n' -s)" == "302" ] && [ "$(vagrant box list | grep -c "$name .*$PROVIDER, $version")" != "1" ]; then + vagrant box remove --provider "$PROVIDER" --all --force "$name" || : + vagrant box add --provider "$PROVIDER" --box-version "$version" "$name" + elif [ "$(vagrant box list | grep -c "$name .*$PROVIDER, $version")" == "1" ]; then + echo "$name($version, $PROVIDER) box is already present in the host" + else + msg+="$name($version, $PROVIDER) box doesn't exist\n" + return + fi + cat <>.distros_supported.yml - alias: $alias name: $name version: "$version" @@ -66,8 +66,8 @@ EOT } if ! command -v vagrant >/dev/null; then - # NOTE: Shorten link -> https://github.com/electrocucaracha/bootstrap-vagrant - curl -fsSL http://bit.ly/initVagrant | bash + # NOTE: Shorten link -> https://github.com/electrocucaracha/bootstrap-vagrant + curl -fsSL http://bit.ly/initVagrant | bash fi cat <.distros_supported.yml @@ -91,8 +91,8 @@ _vagrant_pull "opensuse_tumbleweed" "opensuse/Tumbleweed.x86_64" _vagrant_pull "opensuse_leap" "opensuse/Leap-15.2.x86_64" if [ "$msg" ]; then - echo -e "$msg" - rm .distros_supported.yml + echo -e "$msg" + rm .distros_supported.yml else - mv .distros_supported.yml distros_supported.yml + mv .distros_supported.yml distros_supported.yml fi diff --git a/ci/update_versions.sh b/ci/update_versions.sh index 85aaddc..6db4789 100755 --- a/ci/update_versions.sh +++ b/ci/update_versions.sh @@ -11,7 +11,7 @@ set -o errexit set -o pipefail if [[ ${DEBUG:-false} == "true" ]]; then - set -o xtrace + set -o xtrace fi eval "$(curl -fsSL https://raw.githubusercontent.com/electrocucaracha/pkg-mgr_scripts/master/ci/pinned_versions.env)" @@ -22,8 +22,8 @@ sed -i "s/vagrant version.*/vagrant version | awk 'NR==1\{print \$3}')\" != \"$P # Update GitHub Action commit hashes gh_actions=$(grep -r "uses: [a-zA-Z\-]*/[\_a-z\-]*@" .github/ | sed 's/@.*//' | awk -F ': ' '{ print $3 }' | sort -u) for action in $gh_actions; do - commit_hash=$(git ls-remote "https://github.com/$action" | grep 'refs/tags/[v]\?[0-9][0-9\.]*$' | sed 's|refs/tags/[vV]\?[\.]\?||g' | sort -u -k2 -V | tail -1 | awk '{ printf "%s # %s\n",$1,$2 }') - # shellcheck disable=SC2267 - grep -ElRZ "uses: $action@" .github/ | xargs -0 -l sed -i -e "s|uses: $action@.*|uses: $action@$commit_hash|g" + commit_hash=$(git ls-remote "https://github.com/$action" | grep 'refs/tags/[v]\?[0-9][0-9\.]*$' | sed 's|refs/tags/[vV]\?[\.]\?||g' | sort -u -k2 -V | tail -1 | awk '{ printf "%s # %s\n",$1,$2 }') + # shellcheck disable=SC2267 + grep -ElRZ "uses: $action@" .github/ | xargs -0 -l sed -i -e "s|uses: $action@.*|uses: $action@$commit_hash|g" done make fmt diff --git a/setup.sh b/setup.sh index 78f2d2b..0f739dc 100755 --- a/setup.sh +++ b/setup.sh @@ -16,84 +16,84 @@ msg="Summary \n" export PKG_VAGRANT_VERSION=${PKG_VAGRANT_VERSION:-2.4.1} export PKG_VIRTUALBOX_VERSION=6.1 if [ "${DEBUG:-false}" == "true" ]; then - set -o xtrace - export PKG_DEBUG=true + set -o xtrace + export PKG_DEBUG=true fi function _reload_grub { - if command -v clr-boot-manager; then - sudo clr-boot-manager update - elif command -v grub-mkconfig; then - sudo grub-mkconfig -o /boot/grub/grub.cfg - sudo update-grub - elif command -v grub2-mkconfig; then - grub_cfg="$(sudo readlink -f /etc/grub2.cfg)" - if dmesg | grep EFI; then - grub_cfg="/boot/efi/EFI/centos/grub.cfg" - fi - sudo grub2-mkconfig -o "$grub_cfg" - fi + if command -v clr-boot-manager; then + sudo clr-boot-manager update + elif command -v grub-mkconfig; then + sudo grub-mkconfig -o /boot/grub/grub.cfg + sudo update-grub + elif command -v grub2-mkconfig; then + grub_cfg="$(sudo readlink -f /etc/grub2.cfg)" + if dmesg | grep EFI; then + grub_cfg="/boot/efi/EFI/centos/grub.cfg" + fi + sudo grub2-mkconfig -o "$grub_cfg" + fi } function _enable_dnssec { - if [ -f /etc/dnsmasq.d/libvirt-daemon ] && ! grep -q "^dnssec$" /etc/dnsmasq.d/libvirt-daemon; then - msg+="- INFO: DNSSEC was enabled in dnsmasq service\n" - echo dnssec | sudo tee --append /etc/dnsmasq.d/libvirt-daemon - fi + if [ -f /etc/dnsmasq.d/libvirt-daemon ] && ! grep -q "^dnssec$" /etc/dnsmasq.d/libvirt-daemon; then + msg+="- INFO: DNSSEC was enabled in dnsmasq service\n" + echo dnssec | sudo tee --append /etc/dnsmasq.d/libvirt-daemon + fi } function _enable_iommu { - if ! iommu_support=$(sudo virt-host-validate qemu | grep 'Checking for device assignment IOMMU support'); then - echo "- WARN - IOMMU support checker reported: $(awk -F':' '{print $3}' <<<"$iommu_support")" - fi - if sudo virt-host-validate qemu | grep -q 'Checking if IOMMU is enabled by kernel'; then - return - fi - if [[ ${ID,,} == *clear-linux-os* ]]; then - mkdir -p /etc/kernel/cmdline.d - echo "intel_iommu=on" | sudo tee /etc/kernel/cmdline.d/enable-iommu.conf - else - if [ -f /etc/default/grub ] && [[ "$(grep "GRUB_CMDLINE_LINUX=" /etc/default/grub)" != *intel_iommu=on* ]]; then - sudo sed -i "s|^GRUB_CMDLINE_LINUX=\(.*\)\"|GRUB_CMDLINE_LINUX=\1 intel_iommu=on\"|g" /etc/default/grub - fi - fi - _reload_grub - msg+="- WARN: IOMMU was enabled and requires to reboot the server to take effect\n" + if ! iommu_support=$(sudo virt-host-validate qemu | grep 'Checking for device assignment IOMMU support'); then + echo "- WARN - IOMMU support checker reported: $(awk -F':' '{print $3}' <<<"$iommu_support")" + fi + if sudo virt-host-validate qemu | grep -q 'Checking if IOMMU is enabled by kernel'; then + return + fi + if [[ ${ID,,} == *clear-linux-os* ]]; then + mkdir -p /etc/kernel/cmdline.d + echo "intel_iommu=on" | sudo tee /etc/kernel/cmdline.d/enable-iommu.conf + else + if [ -f /etc/default/grub ] && [[ "$(grep "GRUB_CMDLINE_LINUX=" /etc/default/grub)" != *intel_iommu=on* ]]; then + sudo sed -i "s|^GRUB_CMDLINE_LINUX=\(.*\)\"|GRUB_CMDLINE_LINUX=\1 intel_iommu=on\"|g" /etc/default/grub + fi + fi + _reload_grub + msg+="- WARN: IOMMU was enabled and requires to reboot the server to take effect\n" } function _enable_nested_virtualization { - vendor_id=$(lscpu | grep "Vendor ID") - if [[ $vendor_id == *GenuineIntel* ]]; then - if [ -f /sys/module/kvm_intel/parameters/nested ]; then - kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested) - if [[ $kvm_ok == 'N' ]]; then - msg+="- INFO: Intel Nested-Virtualization was enabled\n" - sudo rmmod kvm-intel - echo 'options kvm-intel nested=y' | sudo tee --append /etc/modprobe.d/dist.conf - sudo modprobe kvm-intel - fi - fi - else - if [ -f /sys/module/kvm_amd/parameters/nested ]; then - kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested) - if [[ $kvm_ok == '0' ]]; then - msg+="- INFO: AMD Nested-Virtualization was enabled\n" - sudo rmmod kvm-amd - echo 'options kvm-amd nested=1' | sudo tee --append /etc/modprobe.d/dist.conf - sudo modprobe kvm-amd - fi - fi - fi - sudo modprobe vhost_net + vendor_id=$(lscpu | grep "Vendor ID") + if [[ $vendor_id == *GenuineIntel* ]]; then + if [ -f /sys/module/kvm_intel/parameters/nested ]; then + kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested) + if [[ $kvm_ok == 'N' ]]; then + msg+="- INFO: Intel Nested-Virtualization was enabled\n" + sudo rmmod kvm-intel + echo 'options kvm-intel nested=y' | sudo tee --append /etc/modprobe.d/dist.conf + sudo modprobe kvm-intel + fi + fi + else + if [ -f /sys/module/kvm_amd/parameters/nested ]; then + kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested) + if [[ $kvm_ok == '0' ]]; then + msg+="- INFO: AMD Nested-Virtualization was enabled\n" + sudo rmmod kvm-amd + echo 'options kvm-amd nested=1' | sudo tee --append /etc/modprobe.d/dist.conf + sudo modprobe kvm-amd + fi + fi + fi + sudo modprobe vhost_net } function _enable_rc_local { - if [ ! -f /etc/rc.d/rc.local ]; then - sudo mkdir -p /etc/rc.d/ - echo '#!/bin/bash' | sudo tee /etc/rc.d/rc.local - fi - if [ ! -f /etc/systemd/system/rc-local.service ]; then - sudo bash -c 'cat << EOL > /etc/systemd/system/rc-local.service + if [ ! -f /etc/rc.d/rc.local ]; then + sudo mkdir -p /etc/rc.d/ + echo '#!/bin/bash' | sudo tee /etc/rc.d/rc.local + fi + if [ ! -f /etc/systemd/system/rc-local.service ]; then + sudo bash -c 'cat << EOL > /etc/systemd/system/rc-local.service [Unit] Description=/etc/rc.d/rc.local Compatibility ConditionPathExists=/etc/rc.d/rc.local @@ -109,215 +109,215 @@ SysVStartPriority=99 [Install] WantedBy=multi-user.target EOL' - fi + fi - sudo chmod +x /etc/rc.d/rc.local - sudo systemctl --now enable rc-local + sudo chmod +x /etc/rc.d/rc.local + sudo systemctl --now enable rc-local } function _create_sriov_vfs { - _enable_rc_local - for nic in $(sudo lshw -C network -short | grep Connection | awk '{ print $2 }'); do - if [ -e "/sys/class/net/$nic/device/sriov_numvfs" ] && grep -e up "/sys/class/net/$nic/operstate" >/dev/null; then - sriov_numvfs=$(cat "/sys/class/net/$nic/device/sriov_totalvfs") - echo 0 | sudo tee "/sys/class/net/$nic/device/sriov_numvfs" - echo "$sriov_numvfs" | sudo tee "/sys/class/net/$nic/device/sriov_numvfs" - if ! grep "$nic/device/sriov_numvf" /etc/rc.d/rc.local; then - echo "echo '$sriov_numvfs' > /sys/class/net/$nic/device/sriov_numvfs" | sudo tee --append /etc/rc.d/rc.local - fi - msg+="- INFO: $sriov_numvfs SR-IOV Virtual Functions enabled on $nic\n" - fi - done + _enable_rc_local + for nic in $(sudo lshw -C network -short | grep Connection | awk '{ print $2 }'); do + if [ -e "/sys/class/net/$nic/device/sriov_numvfs" ] && grep -e up "/sys/class/net/$nic/operstate" >/dev/null; then + sriov_numvfs=$(cat "/sys/class/net/$nic/device/sriov_totalvfs") + echo 0 | sudo tee "/sys/class/net/$nic/device/sriov_numvfs" + echo "$sriov_numvfs" | sudo tee "/sys/class/net/$nic/device/sriov_numvfs" + if ! grep "$nic/device/sriov_numvf" /etc/rc.d/rc.local; then + echo "echo '$sriov_numvfs' > /sys/class/net/$nic/device/sriov_numvfs" | sudo tee --append /etc/rc.d/rc.local + fi + msg+="- INFO: $sriov_numvfs SR-IOV Virtual Functions enabled on $nic\n" + fi + done } function _vercmp { - local v1=$1 - local op=$2 - local v2=$3 - local result + local v1=$1 + local op=$2 + local v2=$3 + local result - # sort the two numbers with sort's "-V" argument. Based on if v2 - # swapped places with v1, we can determine ordering. - result=$(echo -e "$v1\n$v2" | sort -V | head -1) + # sort the two numbers with sort's "-V" argument. Based on if v2 + # swapped places with v1, we can determine ordering. + result=$(echo -e "$v1\n$v2" | sort -V | head -1) - case $op in - "==") - [ "$v1" = "$v2" ] - return - ;; - ">") - [ "$v1" != "$v2" ] && [ "$result" = "$v2" ] - return - ;; - "<") - [ "$v1" != "$v2" ] && [ "$result" = "$v1" ] - return - ;; - ">=") - [ "$result" = "$v2" ] - return - ;; - "<=") - [ "$result" = "$v1" ] - return - ;; - *) - echo "unrecognised op: $op" - exit 1 - ;; - esac + case $op in + "==") + [ "$v1" = "$v2" ] + return + ;; + ">") + [ "$v1" != "$v2" ] && [ "$result" = "$v2" ] + return + ;; + "<") + [ "$v1" != "$v2" ] && [ "$result" = "$v1" ] + return + ;; + ">=") + [ "$result" = "$v2" ] + return + ;; + "<=") + [ "$result" = "$v1" ] + return + ;; + *) + echo "unrecognised op: $op" + exit 1 + ;; + esac } function _check_qemu { - if command -v qemu-system-x86_64; then - qemu_version_installed=$(qemu-system-x86_64 --version | perl -pe '($_)=/([0-9]+([.][0-9]+)+)/') - if _vercmp "${qemu_version_installed}" '>' "2.6.0"; then - if [ -f /etc/libvirt/qemu.conf ]; then - # Permissions required to enable Pmem in QEMU - sudo sed -i 's/#security_driver .*/security_driver = "none"/' /etc/libvirt/qemu.conf - fi - if [ -f /etc/apparmor.d/abstractions/libvirt-qemu ]; then - sudo sed -i "s| /{dev,run}/shm .*| /{dev,run}/shm rw,|" /etc/apparmor.d/abstractions/libvirt-qemu - fi - sudo systemctl restart libvirtd - else - # NOTE: PMEM in QEMU (https://nvdimm.wiki.kernel.org/pmem_in_qemu) - msg+="- WARN: PMEM support in QEMU is available since 2.6.0" - msg+=" version. This host server is using the ${qemu_version_installed} version.\n" - fi - fi + if command -v qemu-system-x86_64; then + qemu_version_installed=$(qemu-system-x86_64 --version | perl -pe '($_)=/([0-9]+([.][0-9]+)+)/') + if _vercmp "${qemu_version_installed}" '>' "2.6.0"; then + if [ -f /etc/libvirt/qemu.conf ]; then + # Permissions required to enable Pmem in QEMU + sudo sed -i 's/#security_driver .*/security_driver = "none"/' /etc/libvirt/qemu.conf + fi + if [ -f /etc/apparmor.d/abstractions/libvirt-qemu ]; then + sudo sed -i "s| /{dev,run}/shm .*| /{dev,run}/shm rw,|" /etc/apparmor.d/abstractions/libvirt-qemu + fi + sudo systemctl restart libvirtd + else + # NOTE: PMEM in QEMU (https://nvdimm.wiki.kernel.org/pmem_in_qemu) + msg+="- WARN: PMEM support in QEMU is available since 2.6.0" + msg+=" version. This host server is using the ${qemu_version_installed} version.\n" + fi + fi } function _exit_trap() { - if [[ ${DEBUG:-false} == "true" ]]; then - set +o xtrace - fi - printf "CPU usage: " - grep 'cpu ' /proc/stat | awk '{usage=($2+$4)*100/($2+$4+$5)} END {print usage " %"}' - printf "Memory free(Kb): " - awk -v low="$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}')" '{a[$1]=$2} END{ print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo - echo "Environment variables:" - printenv + if [[ ${DEBUG:-false} == "true" ]]; then + set +o xtrace + fi + printf "CPU usage: " + grep 'cpu ' /proc/stat | awk '{usage=($2+$4)*100/($2+$4+$5)} END {print usage " %"}' + printf "Memory free(Kb): " + awk -v low="$(grep low /proc/zoneinfo | awk '{k+=$2}END{print k}')" '{a[$1]=$2} END{ print a["MemFree:"]+a["Active(file):"]+a["Inactive(file):"]+a["SReclaimable:"]-(12*low);}' /proc/meminfo + echo "Environment variables:" + printenv } function _check_reqs { - if ! sudo -n "true"; then - echo "" - echo "passwordless sudo is needed for '$(id -nu)' user." - echo "Please fix your /etc/sudoers file. You likely want an" - echo "entry like the following one..." - echo "" - echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL" - exit 1 - fi + if ! sudo -n "true"; then + echo "" + echo "passwordless sudo is needed for '$(id -nu)' user." + echo "Please fix your /etc/sudoers file. You likely want an" + echo "entry like the following one..." + echo "" + echo "$(id -nu) ALL=(ALL) NOPASSWD: ALL" + exit 1 + fi } function _install_deps { - CONFIGURE_ARGS="with-libvirt-include=/usr/include/libvirt" - # shellcheck disable=SC1091 - source /etc/os-release || source /usr/lib/os-release - case ${ID,,} in - *suse*) - if [ "${PROVIDER}" == "libvirt" ]; then - # https://github.com/hashicorp/vagrant/issues/12138 - export PKG_VAGRANT_VERSION=2.2.13 - fi - sudo zypper -n ref - INSTALLER_CMD="sudo -H -E zypper -q install -y --no-recommends" - CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib64" - ;; - ubuntu | debian) - echo '* libraries/restart-without-asking boolean true' | sudo debconf-set-selections - sudo apt-get update - INSTALLER_CMD="sudo -H -E apt-get -y -q=3 install" - CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib" - ;; - rhel | centos | fedora) - PKG_MANAGER=$(command -v dnf || command -v yum) - INSTALLER_CMD="sudo -H -E ${PKG_MANAGER} -q -y install" - if ! sudo "$PKG_MANAGER" repolist | grep "epel/"; then - $INSTALLER_CMD epel-release - fi - sudo "$PKG_MANAGER" updateinfo --assumeyes - CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib64" - ;; - esac - export CONFIGURE_ARGS + CONFIGURE_ARGS="with-libvirt-include=/usr/include/libvirt" + # shellcheck disable=SC1091 + source /etc/os-release || source /usr/lib/os-release + case ${ID,,} in + *suse*) + if [ "${PROVIDER}" == "libvirt" ]; then + # https://github.com/hashicorp/vagrant/issues/12138 + export PKG_VAGRANT_VERSION=2.2.13 + fi + sudo zypper -n ref + INSTALLER_CMD="sudo -H -E zypper -q install -y --no-recommends" + CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib64" + ;; + ubuntu | debian) + echo '* libraries/restart-without-asking boolean true' | sudo debconf-set-selections + sudo apt-get update + INSTALLER_CMD="sudo -H -E apt-get -y -q=3 install" + CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib" + ;; + rhel | centos | fedora) + PKG_MANAGER=$(command -v dnf || command -v yum) + INSTALLER_CMD="sudo -H -E ${PKG_MANAGER} -q -y install" + if ! sudo "$PKG_MANAGER" repolist | grep "epel/"; then + $INSTALLER_CMD epel-release + fi + sudo "$PKG_MANAGER" updateinfo --assumeyes + CONFIGURE_ARGS+=" with-libvirt-lib=/usr/lib64" + ;; + esac + export CONFIGURE_ARGS - pkgs="vagrant" - group="vboxusers" - case ${PROVIDER} in - virtualbox) - pkgs+=" virtualbox" - ;; - libvirt) - $INSTALLER_CMD qemu || : - pkgs+=" bridge-utils dnsmasq ebtables libvirt" - pkgs+=" qemu-kvm ruby-devel gcc nfs make libguestfs" - pkgs+=" pkgconf" - if [[ ${ID,,} != *"centos"* ]] && [[ ${VERSION_ID} != *8* ]]; then - pkgs+=" qemu-utils" - fi - # Make kernel image world-readable required for supermin - if command -v dpkg-statoverride; then - sudo dpkg-statoverride --update --add root root 0644 "/boot/vmlinuz-$(uname -r)" || : - fi - group="kvm" - ;; - esac - if [ "${CREATE_SRIOV_VFS:-false}" == "true" ]; then - pkgs+=" sysfsutils lshw" - fi + pkgs="vagrant" + group="vboxusers" + case ${PROVIDER} in + virtualbox) + pkgs+=" virtualbox" + ;; + libvirt) + $INSTALLER_CMD qemu || : + pkgs+=" bridge-utils dnsmasq ebtables libvirt" + pkgs+=" qemu-kvm ruby-devel gcc nfs make libguestfs" + pkgs+=" pkgconf" + if [[ ${ID,,} != *"centos"* ]] && [[ ${VERSION_ID} != *8* ]]; then + pkgs+=" qemu-utils" + fi + # Make kernel image world-readable required for supermin + if command -v dpkg-statoverride; then + sudo dpkg-statoverride --update --add root root 0644 "/boot/vmlinuz-$(uname -r)" || : + fi + group="kvm" + ;; + esac + if [ "${CREATE_SRIOV_VFS:-false}" == "true" ]; then + pkgs+=" sysfsutils lshw" + fi - curl -fsSL http://bit.ly/install_pkg | PKG="$pkgs" PKG_UPDATE=true bash - msg+="- INFO: Installing vagrant $PKG_VAGRANT_VERSION\n" - if (! groups | grep -q "$group") || (! getent group "$group" | grep -q "$USER"); then - msg+="- INFO: Adding $USER to $group group\n" - sudo usermod -aG "$group" "$USER" - fi + curl -fsSL http://bit.ly/install_pkg | PKG="$pkgs" PKG_UPDATE=true bash + msg+="- INFO: Installing vagrant $PKG_VAGRANT_VERSION\n" + if (! groups | grep -q "$group") || (! getent group "$group" | grep -q "$USER"); then + msg+="- INFO: Adding $USER to $group group\n" + sudo usermod -aG "$group" "$USER" + fi } function _install_plugins { - if [ -n "${HTTP_PROXY-}" ] || [ -n "${HTTPS_PROXY-}" ] || [ -n "${NO_PROXY-}" ]; then - vagrant plugin install vagrant-proxyconf - fi - if [ "${PROVIDER}" == "libvirt" ]; then - msg+="- INFO: Installing vagrant-libvirt plugin\n" - # NOTE: Use workaround https://github.com/hashicorp/vagrant/issues/12445 - if _vercmp "${PKG_VAGRANT_VERSION}" '==' "2.2.17"; then - sudo ln -s /opt/vagrant/embedded/include/ruby-3.0.0/ruby/st.h /opt/vagrant/embedded/include/ruby-3.0.0/st.h - export CFLAGS="-I/opt/vagrant/embedded/include/ruby-3.0.0/ruby" - fi - vagrant plugin install vagrant-libvirt - unset CFLAGS - _check_qemu - _enable_iommu - _enable_dnssec - _enable_nested_virtualization - fi - vagrant plugin install vagrant-reload - vagrant plugin install vagrant-packet - vagrant plugin install vagrant-google + if [ -n "${HTTP_PROXY-}" ] || [ -n "${HTTPS_PROXY-}" ] || [ -n "${NO_PROXY-}" ]; then + vagrant plugin install vagrant-proxyconf + fi + if [ "${PROVIDER}" == "libvirt" ]; then + msg+="- INFO: Installing vagrant-libvirt plugin\n" + # NOTE: Use workaround https://github.com/hashicorp/vagrant/issues/12445 + if _vercmp "${PKG_VAGRANT_VERSION}" '==' "2.2.17"; then + sudo ln -s /opt/vagrant/embedded/include/ruby-3.0.0/ruby/st.h /opt/vagrant/embedded/include/ruby-3.0.0/st.h + export CFLAGS="-I/opt/vagrant/embedded/include/ruby-3.0.0/ruby" + fi + vagrant plugin install vagrant-libvirt + unset CFLAGS + _check_qemu + _enable_iommu + _enable_dnssec + _enable_nested_virtualization + fi + vagrant plugin install vagrant-reload + vagrant plugin install vagrant-packet + vagrant plugin install vagrant-google } function _configure_addons { - if [ "${CREATE_SRIOV_VFS:-false}" == "true" ]; then - _create_sriov_vfs - msg+="- INFO: SR-IOV Virtual Functions were created\n" - fi + if [ "${CREATE_SRIOV_VFS:-false}" == "true" ]; then + _create_sriov_vfs + msg+="- INFO: SR-IOV Virtual Functions were created\n" + fi } function main { - _check_reqs + _check_reqs - trap _exit_trap ERR - trap 'echo -e $msg' EXIT + trap _exit_trap ERR + trap 'echo -e $msg' EXIT - _install_deps - _install_plugins - _configure_addons + _install_deps + _install_plugins + _configure_addons } if [[ ${__name__:-"__main__"} == "__main__" ]]; then - main + main fi diff --git a/tox.ini b/tox.ini index b9bddce..84a45f1 100644 --- a/tox.ini +++ b/tox.ini @@ -16,7 +16,9 @@ commands = bash -c "find {toxinidir} \ -not -path {toxinidir}/.tox/\* \ -not -path {toxinidir}/roles/\* \ # E006 check for lines longer than 79 columns - -name \*.sh | xargs bashate -v -iE006" +# E002 ensure that indents are only spaces, and not hard tabs +# E003 ensure all indents are a multiple of 4 spaces + -name \*.sh | xargs bashate -v -iE006,E002,E003" [testenv:spell] deps = diff --git a/validate.sh b/validate.sh index 1b59a67..99a8bf9 100755 --- a/validate.sh +++ b/validate.sh @@ -13,71 +13,71 @@ set -o pipefail set -o errexit function info { - _print_msg "INFO" "$1" + _print_msg "INFO" "$1" } function warn { - _print_msg "WARN" "$1" + _print_msg "WARN" "$1" } function error { - _print_msg "ERROR" "$1" - exit 1 + _print_msg "ERROR" "$1" + exit 1 } function _print_msg { - msg+="$(date +%H:%M:%S) - $1: $2\n" + msg+="$(date +%H:%M:%S) - $1: $2\n" } function print_summary { - echo -e "$msg" + echo -e "$msg" } msg="Summary:\n\n" trap print_summary ERR if ! command -v vagrant >/dev/null; then - error "Vagrant command line wasn't installed" + error "Vagrant command line wasn't installed" fi if [[ "$(vagrant version | awk 'NR==1{print $3}')" != "2.4.1" ]]; then - warn "Vagrant command line has different version" + warn "Vagrant command line has different version" fi if command -v VBoxManage >/dev/null; then - info "VirtualBox command line was installed" - sudo systemctl restart vboxdrv - VAGRANT_DEFAULT_PROVIDER=virtualbox + info "VirtualBox command line was installed" + sudo systemctl restart vboxdrv + VAGRANT_DEFAULT_PROVIDER=virtualbox elif command -v virsh >/dev/null; then - VAGRANT_DEFAULT_PROVIDER=libvirt - info "Libvirt command line was installed" - qemu_validate=$(sudo virt-host-validate qemu || :) - # shellcheck disable=SC2001 - iommu_support=$(echo "$qemu_validate" | sed "s|.*Checking for device assignment IOMMU support||") - if [[ $iommu_support != *PASS* ]]; then - info "QEMU doesn't support IOMMU,$(awk -F':' '{print $2}' <<<"$iommu_support")" - fi + VAGRANT_DEFAULT_PROVIDER=libvirt + info "Libvirt command line was installed" + qemu_validate=$(sudo virt-host-validate qemu || :) + # shellcheck disable=SC2001 + iommu_support=$(echo "$qemu_validate" | sed "s|.*Checking for device assignment IOMMU support||") + if [[ $iommu_support != *PASS* ]]; then + info "QEMU doesn't support IOMMU,$(awk -F':' '{print $2}' <<<"$iommu_support")" + fi - info "Validating QEMU image tool" - if ! command -v qemu-img; then - error "qemu-img command line tool wasn't installed" - fi + info "Validating QEMU image tool" + if ! command -v qemu-img; then + error "qemu-img command line tool wasn't installed" + fi - info "Validating Nested Virtualization" - vendor_id=$(lscpu | grep "Vendor ID") - if [[ $vendor_id == *GenuineIntel* ]]; then - kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested) - if [[ $kvm_ok == 'N' ]]; then - error "Nested-Virtualization wasn't enabled for this Intel processor" - fi - else - kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested) - if [[ $kvm_ok == '0' ]]; then - error "Nested-Virtualization wasn't enabled for this processor" - fi - fi + info "Validating Nested Virtualization" + vendor_id=$(lscpu | grep "Vendor ID") + if [[ $vendor_id == *GenuineIntel* ]]; then + kvm_ok=$(cat /sys/module/kvm_intel/parameters/nested) + if [[ $kvm_ok == 'N' ]]; then + error "Nested-Virtualization wasn't enabled for this Intel processor" + fi + else + kvm_ok=$(cat /sys/module/kvm_amd/parameters/nested) + if [[ $kvm_ok == '0' ]]; then + error "Nested-Virtualization wasn't enabled for this processor" + fi + fi else - error "VirtualBox/Libvirt command line wasn't installed" + error "VirtualBox/Libvirt command line wasn't installed" fi export VAGRANT_DEFAULT_PROVIDER @@ -100,7 +100,7 @@ vagrant up || : vagrant halt vagrant package if [ ! -f package.box ]; then - warn "Vagrant couldn't package the running box" + warn "Vagrant couldn't package the running box" fi vagrant destroy -f || : popd