From a85da5383e33f57b99896adc801964f6ddd6797c Mon Sep 17 00:00:00 2001
From: Chris Evich <cevich@redhat.com>
Date: Fri, 9 Aug 2019 09:16:09 -0400
Subject: [PATCH] Cirrus: disable Evil Units in base-images

Also, minor update to prevent harmless 'Fatal: not a git repo' error.

Signed-off-by: Chris Evich <cevich@redhat.com>
---
 .cirrus.yml                                  |  2 +-
 contrib/cirrus/lib.sh                        | 35 ++++++--------------
 contrib/cirrus/packer/fedora_base-setup.sh   |  2 --
 contrib/cirrus/packer/libpod_base_images.yml | 16 +++------
 contrib/cirrus/packer/libpod_images.yml      |  5 ---
 contrib/cirrus/packer/systemd_banish.sh      | 28 ++++++++++++++++
 6 files changed, 45 insertions(+), 43 deletions(-)
 create mode 100755 contrib/cirrus/packer/systemd_banish.sh

diff --git a/.cirrus.yml b/.cirrus.yml
index 588d701c4a99..7cdfb24fb68a 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -30,7 +30,7 @@ env:
     ####
     #### Cache-image names to test with (double-quotes around names are critical)
     ###
-    _BUILT_IMAGE_SUFFIX: "libpod-5789386598252544"
+    _BUILT_IMAGE_SUFFIX: "libpod-5420341990522880"
     FEDORA_CACHE_IMAGE_NAME: "fedora-30-${_BUILT_IMAGE_SUFFIX}"
     PRIOR_FEDORA_CACHE_IMAGE_NAME: "fedora-29-${_BUILT_IMAGE_SUFFIX}"
     SPECIAL_FEDORA_CACHE_IMAGE_NAME: "xfedora-30-${_BUILT_IMAGE_SUFFIX}"
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 264cc23c65ef..5a26e6f621ad 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -36,7 +36,7 @@ SETUP_MARKER_FILEPATH="${SETUP_MARKER_FILEPATH:-/var/tmp/.setup_environment_sh_c
 AUTHOR_NICKS_FILEPATH="${CIRRUS_WORKING_DIR}/${SCRIPT_BASE}/git_authors_to_irc_nicks.csv"
 
 cd $GOSRC
-if type -P git &> /dev/null
+if type -P git &> /dev/null && [[ -d "$GOSRC/.git" ]]
 then
     CIRRUS_CHANGE_IN_REPO=${CIRRUS_CHANGE_IN_REPO:-$(git show-ref --hash=8 HEAD || date +%s)}
 else # pick something unique and obviously not from Cirrus
@@ -61,8 +61,8 @@ export PACKER_BUILDS="${PACKER_BUILDS:-ubuntu-18,ubuntu-19,fedora-30,xfedora-30,
 export UBUNTU_BASE_IMAGE="ubuntu-1904-disco-v20190724"
 export PRIOR_UBUNTU_BASE_IMAGE="ubuntu-1804-bionic-v20190722a"
 # Manually produced base-image names (see $SCRIPT_BASE/README.md)
-export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1559164849"
-export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1559164849"
+export FEDORA_BASE_IMAGE="fedora-cloud-base-30-1-2-1565360543"
+export PRIOR_FEDORA_BASE_IMAGE="fedora-cloud-base-29-1-2-1565360543"
 export BUILT_IMAGE_SUFFIX="${BUILT_IMAGE_SUFFIX:--$CIRRUS_REPO_NAME-${CIRRUS_BUILD_ID}}"
 # IN_PODMAN container image
 IN_PODMAN_IMAGE="quay.io/libpod/in_podman:latest"
@@ -83,7 +83,7 @@ ROOTLESS_ENV_RE='(CIRRUS_.+)|(ROOTLESS_.+)|(.+_IMAGE.*)|(.+_BASE)|(.*DIRPATH)|(.
 SECRET_ENV_RE='(IRCID)|(ACCOUNT)|(GC[EP]..+)|(SSH)'
 
 # Names of systemd units which should never be running
-EVIL_UNITS="cron crond atd apt-daily-upgrade apt-daily fstrim motd-news systemd-tmpfiles-clean"
+EVIL_UNITS="$($GOSRC/$PACKER_BASE/systemd_banish.sh --list)"
 
 SPECIALMODE="${SPECIALMODE:-none}"
 TEST_REMOTE_CLIENT="${TEST_REMOTE_CLIENT:-false}"
@@ -323,7 +323,7 @@ EOF
     sudo chmod 755 /usr/bin/git
 }
 
-install_test_configs(){
+install_test_configs() {
     echo "Installing cni config, policy and registry config"
     req_env_var GOSRC SCRIPT_BASE
     cd $GOSRC
@@ -343,7 +343,7 @@ install_test_configs(){
 # of pulling in necessary prerequisites packages as the set can change over time.
 # For general CI testing however, calling this function makes sure the system
 # can only run the compiled source version.
-remove_packaged_podman_files(){
+remove_packaged_podman_files() {
     echo "Removing packaged podman files to prevent conflicts with source build and testing."
     req_env_var OS_RELEASE_ID
     if [[ "$OS_RELEASE_ID" =~ "ubuntu" ]]
@@ -362,24 +362,11 @@ remove_packaged_podman_files(){
     done
 }
 
-systemd_banish(){
-    echo "Disabling periodic services that could destabilize testing (ignoring errors):"
-    set +e  # Not all of these exist on every platform
-    for unit in $EVIL_UNITS
-    do
-        echo "Banishing $unit (ignoring errors)"
-        (
-            sudo systemctl stop $unit
-            sudo systemctl disable $unit
-            sudo systemctl disable $unit.timer
-            sudo systemctl mask $unit
-            sudo systemctl mask $unit.timer
-        ) &> /dev/null
-    done
-    set -e
+systemd_banish() {
+    $GOSRC/$PACKER_BASE/systemd_banish.sh
 }
 
-_finalize(){
+_finalize() {
     set +e  # Don't fail at the very end
     if [[ -d "$CUSTOM_CLOUD_CONFIG_DEFAULTS" ]]
     then
@@ -402,7 +389,7 @@ _finalize(){
     sudo fstrim -av
 }
 
-rh_finalize(){
+rh_finalize() {
     set +e  # Don't fail at the very end
     echo "Resetting to fresh-state for usage as cloud-image."
     PKG=$(type -P dnf || type -P yum || echo "")
@@ -413,7 +400,7 @@ rh_finalize(){
     _finalize
 }
 
-ubuntu_finalize(){
+ubuntu_finalize() {
     set +e  # Don't fail at the very end
     echo "Resetting to fresh-state for usage as cloud-image."
     $LILTO $SUDOAPTGET autoremove
diff --git a/contrib/cirrus/packer/fedora_base-setup.sh b/contrib/cirrus/packer/fedora_base-setup.sh
index 788a54c34135..29c23117f6f7 100644
--- a/contrib/cirrus/packer/fedora_base-setup.sh
+++ b/contrib/cirrus/packer/fedora_base-setup.sh
@@ -8,8 +8,6 @@ set -e
 # Load in library (copied by packer, before this script was run)
 source $GOSRC/$SCRIPT_BASE/lib.sh
 
-[[ "$1" == "post" ]] || exit 0  # nothing to do
-
 install_ooe
 
 echo "Updating packages"
diff --git a/contrib/cirrus/packer/libpod_base_images.yml b/contrib/cirrus/packer/libpod_base_images.yml
index 7228228377ae..bcca440aeb24 100644
--- a/contrib/cirrus/packer/libpod_base_images.yml
+++ b/contrib/cirrus/packer/libpod_base_images.yml
@@ -95,6 +95,7 @@ builders:
       source_image_project_id: 'ubuntu-os-cloud'
       project_id: '{{user `GCP_PROJECT_ID`}}'
       account_file: '{{user `GOOGLE_APPLICATION_CREDENTIALS`}}'
+      startup_script_file: "systemd_banish.sh"
       zone: 'us-central1-a'
       disk_size: 20
       communicator: 'none'
@@ -102,7 +103,7 @@ builders:
     - <<: *imgcopy
       name: 'prior-ubuntu'
       image_name: '{{user `PRIOR_UBUNTU_BASE_IMAGE`}}'
-      source_image: '{{user `UBUNTU_BASE_IMAGE`}}'
+      source_image: '{{user `PRIOR_UBUNTU_BASE_IMAGE`}}'
 
 provisioners:
     - type: 'shell'
@@ -130,22 +131,15 @@ provisioners:
       only: ['fedora', 'prior-fedora']
       type: 'shell'
       inline:
-        - 'chmod +x /tmp/libpod/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh'
-        - '/tmp/libpod/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh pre'
-      expect_disconnect: true  # Allow this to reboot the VM
+        - 'chmod +x /tmp/libpod/{{user `PACKER_BASE`}}/*.sh'
+        - '/tmp/libpod/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh'
+      expect_disconnect: true  # Allow this to reboot the VM if needed
       environment_vars:
           - 'TIMESTAMP={{user `TIMESTAMP`}}'
           - 'GOSRC=/tmp/libpod'
           - 'SCRIPT_BASE={{user `SCRIPT_BASE`}}'
           - 'PACKER_BASE={{user `PACKER_BASE`}}'
 
-    - <<: *shell_script
-      inline: ['{{user `GOSRC`}}/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh']
-      expect_disconnect: false
-      pause_before: '10s'
-      inline:
-        - '/tmp/libpod/{{user `PACKER_BASE`}}/{{build_name}}_base-setup.sh post'
-
 post-processors:
     - - type: "compress"
         only: ['fedora', 'prior-fedora']
diff --git a/contrib/cirrus/packer/libpod_images.yml b/contrib/cirrus/packer/libpod_images.yml
index 5b83198c16f6..3ef3e7d3cefd 100644
--- a/contrib/cirrus/packer/libpod_images.yml
+++ b/contrib/cirrus/packer/libpod_images.yml
@@ -2,11 +2,6 @@
 
 # All of these are required
 variables:
-    # Names of GCE Base images to start from, in .cirrus.yml
-    UBUNTU_BASE_IMAGE: '{{env `UBUNTU_BASE_IMAGE`}}'
-    FEDORA_BASE_IMAGE: '{{env `FEDORA_BASE_IMAGE`}}'
-    PRIOR_FEDORA_BASE_IMAGE: '{{env `PRIOR_FEDORA_BASE_IMAGE`}}'
-
     BUILT_IMAGE_SUFFIX: '{{env `BUILT_IMAGE_SUFFIX`}}'
     GOSRC: '{{env `GOSRC`}}'
     PACKER_BASE: '{{env `PACKER_BASE`}}'
diff --git a/contrib/cirrus/packer/systemd_banish.sh b/contrib/cirrus/packer/systemd_banish.sh
new file mode 100755
index 000000000000..396cf906cd22
--- /dev/null
+++ b/contrib/cirrus/packer/systemd_banish.sh
@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set +e  # Not all of these exist on every platform
+
+# This is intended to be executed on VMs as a startup script on initial-boot.
+# Alternativly, it may be executed with the '--list' option to return the list
+# of systemd units defined for disablement (useful for testing).
+
+EVIL_UNITS="cron crond atd apt-daily-upgrade apt-daily fstrim motd-news systemd-tmpfiles-clean"
+
+if [[ "$1" == "--list" ]]
+then
+    echo "$EVIL_UNITS"
+    exit 0
+fi
+
+echo "Disabling periodic services that could destabilize testing:"
+for unit in $EVIL_UNITS
+do
+    echo "Banishing $unit (ignoring errors)"
+    (
+        sudo systemctl stop $unit
+        sudo systemctl disable $unit
+        sudo systemctl disable $unit.timer
+        sudo systemctl mask $unit
+        sudo systemctl mask $unit.timer
+    ) &> /dev/null
+done