Feature/bump versions

.github/workflows/ci.yml

@@ -4,13 +4,24 @@ on:
     branches: ["main"]
   pull_request:
     branches: ["main"]
-  workflow_dispatch: {}
+  workflow_dispatch:
+    inputs:
+      image_name:
+        description: "Name of the image to build"
+        required: true
+        default: alpine-openstack
+        type: string
 
 jobs:
   build:
     name: Build image
     runs-on: ubuntu-latest
+    env:
+      IMAGE_NAME: ${{ github.event.inputs.image_name }}
     steps:
+      - name: Set default image name
+        if: env.IMAGE_NAME == null
+        run: echo "IMAGE_NAME=alpine-openstack" >> $GITHUB_ENV
       - name: Install qemu-utils
         run: |
           sudo apt-get update
@@ -20,33 +31,19 @@ jobs:
 
       - name: Build image
         run: |
-          wget https://raw.githubusercontent.com/alpinelinux/alpine-make-vm-image/v0.12.0/alpine-make-vm-image \
-            && echo '75aafcb883155bcaad9ad0dadb3e22e082152c1e  alpine-make-vm-image' | sha1sum -c \
-            || exit 1
-          chmod +x ./alpine-make-vm-image
-          sudo ./alpine-make-vm-image \
-              --image-format qcow2 \
-              --image-size 1G \
-              --repositories-file openstack/repositories \
-              --packages "$(cat openstack/packages)" \
-              --script-chroot \
-              alpine-openstack.qcow2 -- ./openstack/configure.sh
-          sha256sum alpine-openstack.qcow2 > SHA256SUMS
-          qemu-img convert alpine-openstack.qcow2 -O vhdx -o subformat=dynamic alpine-openstack.vhdx
-          (cd nocloud; genisoimage  -output ../seed.iso -volid cidata -joliet -rock user-data meta-data; )
-          sha256sum alpine-openstack.vhdx seed.iso >> SHA256SUMS
+          ./build.sh
       - name: Upload QCOW2 root fs artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: alpine-openstack.qcow2
-          path: "${{ github.workspace }}/alpine-openstack.qcow2"
+          path: "${{ github.workspace }}/build/alpine-openstack.qcow2"
       - name: Upload VHDX root fs artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: alpine-openstack.vhdx
           path: |
-            alpine-openstack.vhdx
-            seed.iso
+            build/alpine-openstack.vhdx
+            build/seed.iso
       - name: Make Development release
         uses: "marvinpinto/action-automatic-releases@latest"
         if: ${{ github.ref == 'refs/heads/main' }}
@@ -56,23 +53,28 @@ jobs:
           prerelease: true
           title: "Development Build"
           files: |
-            alpine-openstack.qcow2
-            alpine-openstack.vhdx
-            seed.iso
-            SHA256SUMS
+            build/alpine-openstack.qcow2
+            build/alpine-openstack.vhdx
+            build/seed.iso
+            build/SHA256SUMS
   test-image:
     name: Test produced image
     runs-on: ubuntu-latest
+    env:
+      TF_VAR_image_name: ${{ github.event.inputs.image_name }}
     needs: build
     steps:
+      - name: Set default image name
+        if: env.TF_VAR_image_name == null
+        run: echo "TF_VAR_image_name=alpine-openstack" >> $GITHUB_ENV
       - uses: hashicorp/setup-terraform@v3
         with:
           terraform_wrapper: false
       - uses: actions/setup-python@v4
         with:
           python-version: "3.11"
       - uses: actions/checkout@v4
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: alpine-openstack.qcow2
       - name: Apply plan
@@ -99,9 +101,9 @@ jobs:
       - name: Save working image
         run: |
           python -m pip install python-openstackclient
-          openstack image delete alpine-openstack-backup || /bin/true
-          openstack image set --name alpine-openstack-backup alpine-openstack-latest || /bin/true
-          openstack image set --name alpine-openstack-latest alpine-openstack
+          openstack image delete ${TF_VAR_image_name}-backup || /bin/true
+          openstack image set --name ${TF_VAR_image_name}-backup ${TF_VAR_image_name}-latest || /bin/true
+          openstack image set --name ${TF_VAR_image_name}-latest ${TF_VAR_image_name}
         env:
           OS_CLOUD: openstack
       - name: Destroy the test VM

.gitignore

@@ -5,3 +5,8 @@
 *.tfstate.backup
 *.tfstate.*.backup
 *.qcow2
+*.vhdx
+alpine-make-vm-image
+seed.iso
+SHA256SUMS
+build/

README.md

@@ -34,10 +34,11 @@ the password `passw0rd` (username `alpine`).
 You can create the VM with:
 
 ```powershell
-PS>  New-VM -Name debug -MemoryStartupBytes 2GB -Path . -BootDevice VHD -VHDPath .\alpine-openstack.vhdx -SwitchName "Default Switch" -Generation 1
+PS> Resize-VHD -Path .\alpine-openstack.vhdx -SizeBytes 20GB
+PS> New-VM -Name debug -MemoryStartupBytes 2GB -Path . -BootDevice VHD -VHDPath .\alpine-openstack.vhdx -SwitchName "Default Switch" -Generation 1
 PS> Set-VMDvdDrive -VMName debug -Path .\seed.iso
 PS> Start-VM debug
-PS> Get-NetNeighbor -LinkLayerAddress 00-15-5d-*
+PS> Get-NetNeighbor -State Reachable -LinkLayerAddress 00-15-5d-*
 
 ifIndex IPAddress             LinkLayerAddress      State       PolicyStore
 ------- ---------             ----------------      -----       -----------

build.sh

@@ -0,0 +1,39 @@
+#!/usr/bin/env sh
+set -eu
+
+rm -rf build
+mkdir -p build
+cd build
+
+CLOUD_CONFIG_FILE=${1:-cloud-config.yaml}
+echo "Using cloud config file: $CLOUD_CONFIG_FILE"
+
+wget https://raw.githubusercontent.com/alpinelinux/alpine-make-vm-image/v0.13.2/alpine-make-vm-image \
+&& echo '2720b23e4c65aff41a3ab781a26467b66985c526  alpine-make-vm-image' | sha1sum -c \
+|| exit 1
+chmod +x ./alpine-make-vm-image
+
+if command -v sudo >/dev/null 2>&1; then
+    ELEVATE="sudo"
+elif command -v doas >/dev/null 2>&1; then
+    ELEVATE="doas"
+else
+    echo "Neither sudo nor doas found. This script requires root privileges."
+    exit 1
+fi
+
+$ELEVATE ./alpine-make-vm-image \
+    --image-format qcow2 \
+    --image-size 1G \
+    --repositories-file ../openstack/repositories \
+    --packages "$(cat ../openstack/packages)" \
+    --keys-dir ../openstack/keys \
+    --script-chroot \
+    alpine-openstack.qcow2 -- ../openstack/configure.sh "$CLOUD_CONFIG_FILE"
+
+sha256sum alpine-openstack.qcow2 > SHA256SUMS
+qemu-img convert alpine-openstack.qcow2 -O vhdx -o subformat=dynamic alpine-openstack.vhdx
+(cd ../nocloud; genisoimage  -output ../build/seed.iso -volid CIDATA -joliet -rock user-data meta-data; )
+sha256sum alpine-openstack.vhdx seed.iso >> SHA256SUMS
+
+

openstack/cloud-config.yaml

@@ -0,0 +1,3 @@
+#cloud-config
+ssh_authorized_keys:
+    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGMa8HgZLBsVHVFln02BrPOfZIYlLHgoPjD78cQ+Zjeb antoinemartin@LAPTOP-VKHDD5JR

openstack/configure.sh

@@ -7,6 +7,8 @@ step() {
 }
 
 
+CLOUD_CONFIG_FILE=${1:-cloud-config.yaml}
+
 step 'Set up timezone'
 setup-timezone -z Europe/Paris
 
@@ -23,19 +25,16 @@ cat > /etc/network/interfaces <<-EOF
 EOF
 
 # FIXME: remove root and alpine password
-step 'Set cloud configuration'
+step "Set cloud configuration (with $CLOUD_CONFIG_FILE)"
 sed -e '/disable_root:/ s/true/false/' \
 	-e '/ssh_pwauth:/ s/0/no/' \
-    -e '/name: alpine/a \     passwd: "*"' \
+    -e '/name: alpine/a \    passwd: "*"' \
     -e '/lock_passwd:/ s/True/False/' \
     -e '/shell:/ s#/bin/ash#/bin/zsh#' \
     -i /etc/cloud/cloud.cfg
 
-# To have oh-my-zsh working on first boot
-cat >> /etc/cloud/cloud.cfg <<EOF
-runcmd:
-    - su alpine -l -c 'cp -f /usr/share/oh-my-zsh/templates/zshrc.zsh-template /home/alpine/.zshrc'
-EOF
+# Copy specific configuration
+cp "$CLOUD_CONFIG_FILE" /etc/cloud/cloud.cfg.d/90_user.cfg
 
 step 'Allow only key based ssh login'
 sed -e '/PermitRootLogin yes/d' \
@@ -58,11 +57,41 @@ sed -Ei \
 	/etc/rc.conf
 
 step 'Enabling zsh'
-cp -f /usr/share/oh-my-zsh/templates/zshrc.zsh-template /root/.zshrc
-chmod +x /root/.zshrc
+# Install ZSH pimp tools
+P10K_DIR="/usr/share/oh-my-zsh/custom/themes/powerlevel10k"
+if [ ! -d "$P10K_DIR" ]; then
+    wget -q https://github.com/romkatv/powerlevel10k/archive/refs/tags/v1.20.0.tar.gz -O /tmp/p10k.tar.gz
+    tar xzf /tmp/p10k.tar.gz -C /tmp
+    mv /tmp/powerlevel10k-1.20.0 "$P10K_DIR"
+    rm /tmp/p10k.tar.gz
+fi
+ATSG_DIR="/usr/share/oh-my-zsh/custom/plugins/zsh-autosuggestions"
+if [ ! -d "$ATSG_DIR" ]; then
+    wget -q https://github.com/zsh-users/zsh-autosuggestions/archive/refs/tags/v0.7.1.tar.gz -O /tmp/atsg.tar.gz
+    tar xzf /tmp/atsg.tar.gz -C /tmp
+    mv /tmp/zsh-autosuggestions-0.7.1 "$ATSG_DIR"
+    rm /tmp/atsg.tar.gz
+fi
+
+sed -e 's#^export ZSH=.*#export ZSH=/usr/share/oh-my-zsh#g' \
+    -e '/^plugins=/ s#.*#plugins=(git zsh-autosuggestions)#' \
+    -e '/^ZSH_THEME=/ s#.*#ZSH_THEME="powerlevel10k/powerlevel10k"#' \
+    -e '$a[[ ! -f ~/.p10k.zsh ]] || source ~/.p10k.zsh' \
+    -i /usr/share/oh-my-zsh/templates/zshrc.zsh-template
+
+install -m 700 -o root -g root /usr/share/oh-my-zsh/templates/zshrc.zsh-template /root/.zshrc
+install -m 740 -o root -g root p10k.zsh /root/.p10k.zsh
+
 sed -ie '/^root:/ s#:/bin/.*$#:/bin/zsh#' /etc/passwd
 
-# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/8861
+step 'Enabling oh-my-zsh for all users'
+mkdir -p /etc/skel
+install -m 700 -o root -g root /usr/share/oh-my-zsh/templates/zshrc.zsh-template /etc/skel/.zshrc
+install --directory -o root -g root -m 0700 /etc/skel/.ssh
+install -m 740 -o root -g root p10k.zsh /etc/skel/.p10k.zsh
+
+
+# see https://gitlab.alpinelinux.org/alpine/aports/-/issues/88²61
 step 'Enable cloud-init configuration via NoCloud iso image'
 
 echo "iso9660" >> /etc/filesystems
@@ -74,6 +103,8 @@ rc-update add crond default
 rc-update add networking boot
 rc-update add termencoding boot
 rc-update add sshd default
+rc-update add cloud-init-ds-identify default
+rc-update add cloud-init-local default
 rc-update add cloud-init default
 rc-update add cloud-config default
 rc-update add cloud-final default

openstack/keys/alpine-devel@lists.alpinelinux.org-4a6a0840.rsa.pub

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yHJxQgsHQREclQu4Ohe
+qxTxd1tHcNnvnQTu/UrTky8wWvgXT+jpveroeWWnzmsYlDI93eLI2ORakxb3gA2O
+Q0Ry4ws8vhaxLQGC74uQR5+/yYrLuTKydFzuPaS1dK19qJPXB8GMdmFOijnXX4SA
+jixuHLe1WW7kZVtjL7nufvpXkWBGjsfrvskdNA/5MfxAeBbqPgaq0QMEfxMAn6/R
+L5kNepi/Vr4S39Xvf2DzWkTLEK8pcnjNkt9/aafhWqFVW7m3HCAII6h/qlQNQKSo
+GuH34Q8GsFG30izUENV9avY7hSLq7nggsvknlNBZtFUcmGoQrtx3FmyYsIC8/R+B
+ywIDAQAB
+-----END PUBLIC KEY-----

openstack/keys/alpine-devel@lists.alpinelinux.org-5243ef4b.rsa.pub

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNijDxJ8kloskKQpJdx+
+mTMVFFUGDoDCbulnhZMJoKNkSuZOzBoFC94omYPtxnIcBdWBGnrm6ncbKRlR+6oy
+DO0W7c44uHKCFGFqBhDasdI4RCYP+fcIX/lyMh6MLbOxqS22TwSLhCVjTyJeeH7K
+aA7vqk+QSsF4TGbYzQDDpg7+6aAcNzg6InNePaywA6hbT0JXbxnDWsB+2/LLSF2G
+mnhJlJrWB1WGjkz23ONIWk85W4S0XB/ewDefd4Ly/zyIciastA7Zqnh7p3Ody6Q0
+sS2MJzo7p3os1smGjUF158s6m/JbVh4DN6YIsxwl2OjDOz9R0OycfJSDaBVIGZzg
+cQIDAQAB
+-----END PUBLIC KEY-----

openstack/keys/alpine-devel@lists.alpinelinux.org-5261cecb.rsa.pub

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlzMkl7b5PBdfMzGdCT0
+cGloRr5xGgVmsdq5EtJvFkFAiN8Ac9MCFy/vAFmS8/7ZaGOXoCDWbYVLTLOO2qtX
+yHRl+7fJVh2N6qrDDFPmdgCi8NaE+3rITWXGrrQ1spJ0B6HIzTDNEjRKnD4xyg4j
+g01FMcJTU6E+V2JBY45CKN9dWr1JDM/nei/Pf0byBJlMp/mSSfjodykmz4Oe13xB
+Ca1WTwgFykKYthoLGYrmo+LKIGpMoeEbY1kuUe04UiDe47l6Oggwnl+8XD1MeRWY
+sWgj8sF4dTcSfCMavK4zHRFFQbGp/YFJ/Ww6U9lA3Vq0wyEI6MCMQnoSMFwrbgZw
+wwIDAQAB
+-----END PUBLIC KEY-----

openstack/keys/alpine-devel@lists.alpinelinux.org-6165ee59.rsa.pub

@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAutQkua2CAig4VFSJ7v54
+ALyu/J1WB3oni7qwCZD3veURw7HxpNAj9hR+S5N/pNeZgubQvJWyaPuQDm7PTs1+
+tFGiYNfAsiibX6Rv0wci3M+z2XEVAeR9Vzg6v4qoofDyoTbovn2LztaNEjTkB+oK
+tlvpNhg1zhou0jDVYFniEXvzjckxswHVb8cT0OMTKHALyLPrPOJzVtM9C1ew2Nnc
+3848xLiApMu3NBk0JqfcS3Bo5Y2b1FRVBvdt+2gFoKZix1MnZdAEZ8xQzL/a0YS5
+Hd0wj5+EEKHfOd3A75uPa/WQmA+o0cBFfrzm69QDcSJSwGpzWrD1ScH3AK8nWvoj
+v7e9gukK/9yl1b4fQQ00vttwJPSgm9EnfPHLAtgXkRloI27H6/PuLoNvSAMQwuCD
+hQRlyGLPBETKkHeodfLoULjhDi1K2gKJTMhtbnUcAA7nEphkMhPWkBpgFdrH+5z4
+Lxy+3ek0cqcI7K68EtrffU8jtUj9LFTUC8dERaIBs7NgQ/LfDbDfGh9g6qVj1hZl
+k9aaIPTm/xsi8v3u+0qaq7KzIBc9s59JOoA8TlpOaYdVgSQhHHLBaahOuAigH+VI
+isbC9vmqsThF2QdDtQt37keuqoda2E6sL7PUvIyVXDRfwX7uMDjlzTxHTymvq2Ck
+htBqojBnThmjJQFgZXocHG8CAwEAAQ==
+-----END PUBLIC KEY-----

openstack/keys/alpine-devel@lists.alpinelinux.org-61666e3f.rsa.pub

@@ -0,0 +1,14 @@
+-----BEGIN PUBLIC KEY-----
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlEyxkHggKCXC2Wf5Mzx4
+nZLFZvU2bgcA3exfNPO/g1YunKfQY+Jg4fr6tJUUTZ3XZUrhmLNWvpvSwDS19ZmC
+IXOu0+V94aNgnhMsk9rr59I8qcbsQGIBoHzuAl8NzZCgdbEXkiY90w1skUw8J57z
+qCsMBydAueMXuWqF5nGtYbi5vHwK42PffpiZ7G5Kjwn8nYMW5IZdL6ZnMEVJUWC9
+I4waeKg0yskczYDmZUEAtrn3laX9677ToCpiKrvmZYjlGl0BaGp3cxggP2xaDbUq
+qfFxWNgvUAb3pXD09JM6Mt6HSIJaFc9vQbrKB9KT515y763j5CC2KUsilszKi3mB
+HYe5PoebdjS7D1Oh+tRqfegU2IImzSwW3iwA7PJvefFuc/kNIijfS/gH/cAqAK6z
+bhdOtE/zc7TtqW2Wn5Y03jIZdtm12CxSxwgtCF1NPyEWyIxAQUX9ACb3M0FAZ61n
+fpPrvwTaIIxxZ01L3IzPLpbc44x/DhJIEU+iDt6IMTrHOphD9MCG4631eIdB0H1b
+6zbNX1CXTsafqHRFV9XmYYIeOMggmd90s3xIbEujA6HKNP/gwzO6CDJ+nHFDEqoF
+SkxRdTkEqjTjVKieURW7Swv7zpfu5PrsrrkyGnsRrBJJzXlm2FOOxnbI2iSL1B5F
+rO5kbUxFeZUIDq+7Yv4kLWcCAwEAAQ==
+-----END PUBLIC KEY-----