[PATCH] devconfig: enhance firstconfig on debian

public inbox for kdevops@lists.linux.dev
 help / color / mirror / Atom feed

* [PATCH] devconfig: enhance firstconfig on debian
@ 2025-04-18 18:33 Luis Chamberlain
  2025-04-18 18:51 ` Chuck Lever
  0 siblings, 1 reply; 3+ messages in thread
From: Luis Chamberlain @ 2025-04-18 18:33 UTC (permalink / raw)
  To: Chuck Lever, Daniel Gomez, kdevops; +Cc: Luis Chamberlain

There's a slew of stupid packages we need to disable to make
CI more robust and deterministic at bringup. The unattended-upgrades is
one of them, the other one is the systemd-networkd-wait-online.service
which is just broken on debian trixie in the way we setup networking.

Although there are devconfig tasks already to disable these, its not
enough as devconfig playbook may not be run until later, and so we need
to do this as early as possible.

Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
---
 .../tasks/install-deps/debian/main.yml        | 26 ++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
index 954f0aede3b2..dea648e21465 100644
--- a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
+++ b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
@@ -4,6 +4,7 @@
   register: unattended_upgrade_status
   ignore_errors: true
   changed_when: false
+  tags: firstconfig
 
 - name: Set fact if unattended-upgrades is installed
   set_fact:
@@ -20,6 +21,26 @@
       make bringup
   when:
     - unattended_upgrades_installed|bool
+  tags: firstconfig
+
+- name: Stop and disable unattended-upgrades related services
+  become: yes
+  become_flags: 'su - -c'
+  become_method: sudo
+  systemd:
+    name: "{{ item }}"
+    state: stopped
+    enabled: no
+    daemon_reload: yes
+  loop:
+    - unattended-upgrades
+    - apt-daily.service
+    - apt-daily.timer
+    - apt-daily-upgrade.service
+    - apt-daily-upgrade.timer
+    - systemd-networkd-wait-online.service
+  ignore_errors: yes
+  tags: firstconfig
 
 - name: Upgrade Packages
   become: yes
@@ -34,7 +55,7 @@
   delay: 60
   tags: firstconfig
 
-- name: Remove unattended-upgrades package
+- name: Remove unattended-upgrades package in case upgrade installed it
   become: yes
   become_flags: 'su - -c'
   become_method: sudo
@@ -45,6 +66,7 @@
   retries: 20
   delay: 30
   until: removal_result is not failed
+  tags: firstconfig
 
 - name: Remove optional unattended-upgrades configuration files if they exist
   become: yes
@@ -59,6 +81,7 @@
     - /etc/apt/apt.conf.d/50unattended-upgrades
     - /etc/apt/apt.conf.d/52unattended-upgrades-local
   ignore_errors: yes
+  tags: firstconfig
 
 - name: Stop and disable unattended-upgrades related services
   become: yes
@@ -77,6 +100,7 @@
     - apt-daily-upgrade.timer
     - systemd-networkd-wait-online.service
   ignore_errors: yes
+  tags: firstconfig
 
 - name: Allow for distro source change / upgrade
   become: yes
-- 
2.47.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] devconfig: enhance firstconfig on debian
  2025-04-18 18:33 [PATCH] devconfig: enhance firstconfig on debian Luis Chamberlain
@ 2025-04-18 18:51 ` Chuck Lever
  2025-04-18 19:23   ` Luis Chamberlain
  0 siblings, 1 reply; 3+ messages in thread
From: Chuck Lever @ 2025-04-18 18:51 UTC (permalink / raw)
  To: Luis Chamberlain, Daniel Gomez, kdevops

On 4/18/25 2:33 PM, Luis Chamberlain wrote:
> There's a slew of stupid packages we need to disable to make
> CI more robust and deterministic at bringup. The unattended-upgrades is
> one of them, the other one is the systemd-networkd-wait-online.service
> which is just broken on debian trixie in the way we setup networking.
> 
> Although there are devconfig tasks already to disable these, its not
> enough as devconfig playbook may not be run until later, and so we need
> to do this as early as possible.
> 
> Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
> ---
>  .../tasks/install-deps/debian/main.yml        | 26 ++++++++++++++++++-
>  1 file changed, 25 insertions(+), 1 deletion(-)
> 
> diff --git a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> index 954f0aede3b2..dea648e21465 100644
> --- a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> +++ b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> @@ -4,6 +4,7 @@
>    register: unattended_upgrade_status
>    ignore_errors: true
>    changed_when: false
> +  tags: firstconfig
>  
>  - name: Set fact if unattended-upgrades is installed
>    set_fact:

The patch context leaves out this step:

 12 - name: Verify unattended-upgrades is not installed

 13   fail:

 14     msg: |

 15       The unattended-upgrades package is installed on the base
image, this
 16       can cause tons of issues with CIs. Fix this by running the
following
 17       commands:

 18

 19       make cleancache

 20       make bringup

 21   when:

 22     - unattended_upgrades_installed|bool

This step will still fail if the cloud OS image has unattended-upgrades
installed. Should the proposed patch remove this step (and maybe the
one right before it) too?


> @@ -20,6 +21,26 @@
>        make bringup
>    when:
>      - unattended_upgrades_installed|bool
> +  tags: firstconfig
> +
> +- name: Stop and disable unattended-upgrades related services
> +  become: yes
> +  become_flags: 'su - -c'
> +  become_method: sudo
> +  systemd:
> +    name: "{{ item }}"
> +    state: stopped
> +    enabled: no
> +    daemon_reload: yes
> +  loop:
> +    - unattended-upgrades
> +    - apt-daily.service
> +    - apt-daily.timer
> +    - apt-daily-upgrade.service
> +    - apt-daily-upgrade.timer
> +    - systemd-networkd-wait-online.service
> +  ignore_errors: yes
> +  tags: firstconfig
>  
>  - name: Upgrade Packages
>    become: yes
> @@ -34,7 +55,7 @@
>    delay: 60
>    tags: firstconfig
>  
> -- name: Remove unattended-upgrades package
> +- name: Remove unattended-upgrades package in case upgrade installed it
>    become: yes
>    become_flags: 'su - -c'
>    become_method: sudo
> @@ -45,6 +66,7 @@
>    retries: 20
>    delay: 30
>    until: removal_result is not failed
> +  tags: firstconfig
>  
>  - name: Remove optional unattended-upgrades configuration files if they exist
>    become: yes
> @@ -59,6 +81,7 @@
>      - /etc/apt/apt.conf.d/50unattended-upgrades
>      - /etc/apt/apt.conf.d/52unattended-upgrades-local
>    ignore_errors: yes
> +  tags: firstconfig
>  
>  - name: Stop and disable unattended-upgrades related services
>    become: yes
> @@ -77,6 +100,7 @@
>      - apt-daily-upgrade.timer
>      - systemd-networkd-wait-online.service
>    ignore_errors: yes
> +  tags: firstconfig
>  
>  - name: Allow for distro source change / upgrade
>    become: yes

-- 
Chuck Lever


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] devconfig: enhance firstconfig on debian
  2025-04-18 18:51 ` Chuck Lever
@ 2025-04-18 19:23   ` Luis Chamberlain
  0 siblings, 0 replies; 3+ messages in thread
From: Luis Chamberlain @ 2025-04-18 19:23 UTC (permalink / raw)
  To: Chuck Lever; +Cc: Daniel Gomez, kdevops

On Fri, Apr 18, 2025 at 02:51:13PM -0400, Chuck Lever wrote:
> On 4/18/25 2:33 PM, Luis Chamberlain wrote:
> > There's a slew of stupid packages we need to disable to make
> > CI more robust and deterministic at bringup. The unattended-upgrades is
> > one of them, the other one is the systemd-networkd-wait-online.service
> > which is just broken on debian trixie in the way we setup networking.
> > 
> > Although there are devconfig tasks already to disable these, its not
> > enough as devconfig playbook may not be run until later, and so we need
> > to do this as early as possible.
> > 
> > Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
> > ---
> >  .../tasks/install-deps/debian/main.yml        | 26 ++++++++++++++++++-
> >  1 file changed, 25 insertions(+), 1 deletion(-)
> > 
> > diff --git a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> > index 954f0aede3b2..dea648e21465 100644
> > --- a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> > +++ b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
> > @@ -4,6 +4,7 @@
> >    register: unattended_upgrade_status
> >    ignore_errors: true
> >    changed_when: false
> > +  tags: firstconfig
> >  
> >  - name: Set fact if unattended-upgrades is installed
> >    set_fact:
> 
> The patch context leaves out this step:
> 
>  12 - name: Verify unattended-upgrades is not installed
> 
>  13   fail:
> 
>  14     msg: |
> 
>  15       The unattended-upgrades package is installed on the base
> image, this
>  16       can cause tons of issues with CIs. Fix this by running the
> following
>  17       commands:
> 
>  18
> 
>  19       make cleancache
> 
>  20       make bringup
> 
>  21   when:
> 
>  22     - unattended_upgrades_installed|bool
> 
> This step will still fail if the cloud OS image has unattended-upgrades
> installed. Should the proposed patch remove this step (and maybe the
> one right before it) too?

Sorry I should make that a guestfs crap thing only. Will send a v2.

  Luis

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-04-18 19:23 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-04-18 18:33 [PATCH] devconfig: enhance firstconfig on debian Luis Chamberlain
2025-04-18 18:51 ` Chuck Lever
2025-04-18 19:23   ` Luis Chamberlain

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox