feat: install logging, error trapping, PXE/ISO integration tests
Some checks failed
CI/CD / lint (pull_request) Failing after 13s
CI/CD / test (pull_request) Failing after 10s
CI/CD / typecheck (pull_request) Failing after 36s
CI/CD / build (pull_request) Has been skipped
CI/CD / publish-rpm (pull_request) Has been skipped
CI/CD / publish-deb (pull_request) Has been skipped
Some checks failed
CI/CD / lint (pull_request) Failing after 13s
CI/CD / test (pull_request) Failing after 10s
CI/CD / typecheck (pull_request) Failing after 36s
CI/CD / build (pull_request) Has been skipped
CI/CD / publish-rpm (pull_request) Has been skipped
CI/CD / publish-deb (pull_request) Has been skipped
Kickstart installs on real hardware failed silently — no error reporting, only 3 progress callbacks, zero log streaming. This overhaul makes every install fully observable. Kickstart improvements: - Error trapping in %pre and %post (trap ERR sends failure details to bastion) - 12+ granular progress stages (was 3): SSH, hostname, k3s prep, EFI boot, metadata - Background log streamer: tails %post output and batch-sends to /api/log - bastion_log() function for explicit log lines from kickstart scripts Bastion API: - POST /api/log — receives raw log lines from kickstart (single or batch) - InstallLogBuffer — per-MAC ring buffer (2000 lines) + file persistence - GET /api/logs/:mac — now returns log_lines + log_total alongside stages - SSE /api/logs/:mac/follow — uses named events (event: stage vs event: log) - Progress events forwarded to labd via bastion-progress WebSocket message - Post-provision k3s logs routed through progressBus (was console-only) dnsmasq fixes found during VM testing: - HTTP Boot filename: ipxe-real.efi → ipxe.efi (leftover from old 2-stage approach) - pxe-service directives: only in proxy mode (breaks OVMF PXE in full mode) - PXEClient vendor class echo for UEFI firmware compatibility Integration tests: - PXE boot test: blank UEFI VM → dnsmasq → HTTP Boot → iPXE → bastion → install - ISO boot test: blank VM boots from bastion-generated ISO → same flow - Shared helpers: pxe-network (no DHCP, nftables fix), pxe-vm (UEFI + ISO boot) - test-provision.sh: runs both PXE + ISO tests with prerequisite checks - 250GB sparse QCOW2 disk (LVM layout needs ~204GB) 201 unit tests passing (11 new). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Michal
@@ -1,5 +1,5 @@
|
||||
#!/bin/bash
|
||||
# Build bastion container image and push to Gitea container registry
|
||||
# Build bastion container image (multi-arch) and push to Gitea container registry
|
||||
set -e
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
|
||||
@@ -12,20 +12,28 @@ if [ -f .env ]; then
|
||||
fi
|
||||
|
||||
# ── Argument parsing ───────────────────────────────────────────────
|
||||
TARGET_ARCH=""
|
||||
PUSH=false
|
||||
PLATFORMS="linux/amd64,linux/arm64"
|
||||
|
||||
usage() {
|
||||
cat <<EOF
|
||||
Usage: $(basename "$0") [OPTIONS] [TAG]
|
||||
|
||||
Build bastion container image and optionally push to registry.
|
||||
Build bastion container image (multi-arch) and optionally push to registry.
|
||||
|
||||
Options:
|
||||
--arch ARCH Target platform: x86_64 or arm64 (default: host arch)
|
||||
-h, --help Show this help message
|
||||
--push Push to registry after building
|
||||
--platforms LIST Comma-separated platforms (default: linux/amd64,linux/arm64)
|
||||
-h, --help Show this help message
|
||||
|
||||
Arguments:
|
||||
TAG Image tag (default: version from package.json)
|
||||
TAG Image tag (default: version from package.json)
|
||||
|
||||
Examples:
|
||||
$(basename "$0") # build multi-arch, no push
|
||||
$(basename "$0") --push # build + push with version tag
|
||||
$(basename "$0") --push latest # build + push as :latest
|
||||
$(basename "$0") --platforms linux/amd64 # build amd64 only
|
||||
EOF
|
||||
exit 0
|
||||
}
|
||||
@@ -33,8 +41,12 @@ EOF
|
||||
POSITIONAL_ARGS=()
|
||||
while [[ $# -gt 0 ]]; do
|
||||
case "$1" in
|
||||
--arch)
|
||||
TARGET_ARCH="$2"
|
||||
--push)
|
||||
PUSH=true
|
||||
shift
|
||||
;;
|
||||
--platforms)
|
||||
PLATFORMS="$2"
|
||||
shift 2
|
||||
;;
|
||||
-h|--help)
|
||||
@@ -47,56 +59,69 @@ while [[ $# -gt 0 ]]; do
|
||||
esac
|
||||
done
|
||||
|
||||
# Registry defaults to internal address (external proxy has body size limit)
|
||||
REGISTRY="${GITEA_REGISTRY:-mysources.co.uk}"
|
||||
IMAGE="lab-bastion"
|
||||
REPO="michal/lab/bastion"
|
||||
FULL_IMAGE="$REGISTRY/$REPO"
|
||||
VERSION=$(node -p "require('./package.json').version")
|
||||
TAG="${POSITIONAL_ARGS[0]:-$VERSION}"
|
||||
|
||||
# ── Resolve target platform ───────────────────────────────────────
|
||||
detect_host_arch() {
|
||||
local machine
|
||||
machine="$(uname -m)"
|
||||
case "$machine" in
|
||||
x86_64) echo "x86_64" ;;
|
||||
aarch64) echo "arm64" ;;
|
||||
arm64) echo "arm64" ;;
|
||||
*) echo "$machine" ;;
|
||||
esac
|
||||
}
|
||||
echo "==> Building bastion image"
|
||||
echo " Tag: $TAG"
|
||||
echo " Platforms: $PLATFORMS"
|
||||
echo " Registry: $FULL_IMAGE"
|
||||
|
||||
docker_platform_for() {
|
||||
case "$1" in
|
||||
x86_64) echo "linux/amd64" ;;
|
||||
arm64) echo "linux/arm64" ;;
|
||||
esac
|
||||
}
|
||||
# ── Build multi-arch manifest ────────────────────────────────────
|
||||
MANIFEST="lab-bastion:$TAG"
|
||||
|
||||
ARCH="${TARGET_ARCH:-$(detect_host_arch)}"
|
||||
PLATFORM="$(docker_platform_for "$ARCH")"
|
||||
# Remove existing manifest/image with the same tag
|
||||
podman manifest rm "$MANIFEST" 2>/dev/null || true
|
||||
podman rmi "$MANIFEST" 2>/dev/null || true
|
||||
|
||||
echo "==> Building bastion image (tag: $TAG, platform: $PLATFORM)..."
|
||||
podman build --platform "$PLATFORM" -t "$IMAGE:$TAG" -f stack/Dockerfile .
|
||||
echo "==> Building for platforms: $PLATFORMS..."
|
||||
podman build \
|
||||
--platform "$PLATFORMS" \
|
||||
--manifest "$MANIFEST" \
|
||||
-f Dockerfile.bastion \
|
||||
.
|
||||
|
||||
echo "==> Tagging as $REGISTRY/michal/$IMAGE:$TAG..."
|
||||
podman tag "$IMAGE:$TAG" "$REGISTRY/michal/$IMAGE:$TAG"
|
||||
echo "==> Build complete. Manifest:"
|
||||
podman manifest inspect "$MANIFEST" | grep -E '"(architecture|os)"'
|
||||
|
||||
# ── Push ─────────────────────────────────────────────────────────
|
||||
if [ "$PUSH" = true ]; then
|
||||
if [ -z "$GITEA_TOKEN" ]; then
|
||||
# Try reading from ~/.gitea-token
|
||||
if [ -f "$HOME/.gitea-token" ]; then
|
||||
GITEA_TOKEN="$(cat "$HOME/.gitea-token")"
|
||||
else
|
||||
echo "ERROR: GITEA_TOKEN not set and ~/.gitea-token not found"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "$GITEA_TOKEN" ]; then
|
||||
echo "==> Logging in to $REGISTRY..."
|
||||
podman login --tls-verify=false -u michal -p "$GITEA_TOKEN" "$REGISTRY"
|
||||
podman login -u michal -p "$GITEA_TOKEN" "$REGISTRY"
|
||||
|
||||
echo "==> Pushing to $REGISTRY/michal/$IMAGE:$TAG..."
|
||||
podman push --tls-verify=false "$REGISTRY/michal/$IMAGE:$TAG"
|
||||
echo "==> Pushing $FULL_IMAGE:$TAG..."
|
||||
podman manifest push --all "$MANIFEST" "docker://$FULL_IMAGE:$TAG"
|
||||
|
||||
# Ensure package is linked to the repository
|
||||
# Also tag as :latest if not already
|
||||
if [ "$TAG" != "latest" ]; then
|
||||
echo "==> Also pushing as :latest..."
|
||||
podman manifest push --all "$MANIFEST" "docker://$FULL_IMAGE:latest"
|
||||
fi
|
||||
|
||||
# Link package to repository if script exists
|
||||
if [ -f "$SCRIPT_DIR/link-package.sh" ]; then
|
||||
source "$SCRIPT_DIR/link-package.sh"
|
||||
link_package "container" "$IMAGE"
|
||||
link_package "container" "bastion"
|
||||
fi
|
||||
|
||||
echo "==> Pushed successfully!"
|
||||
else
|
||||
echo "==> GITEA_TOKEN not set, skipping push."
|
||||
echo "==> Skipping push (use --push to push to registry)"
|
||||
fi
|
||||
|
||||
echo "==> Done!"
|
||||
echo " Image: $REGISTRY/michal/$IMAGE:$TAG"
|
||||
echo " Platform: $PLATFORM"
|
||||
echo " Image: $FULL_IMAGE:$TAG"
|
||||
echo " Platforms: $PLATFORMS"
|
||||
|
||||
Reference in New Issue
Block a user