Catch Fedora-base image update problems early

Previously updates were disabled due to the cloud VM only having 2-gig and the nested-VM only having 1-gig of memory. Allow Fedora base-image package updates by increasing the available resources. Enabling base-level (esp. kernel) package updates early supports spotting fundamental image problems early. Otherwise they may not be found until a set of images is deployed downstream. Also, update a few comments relating to followup package update. Signed-off-by: Chris Evich <cevich@redhat.com>
containers · Aug 12, 2024 · 46c104b · 46c104b
1 parent b162196
commit 46c104b
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 20 deletions.
diff --git a/.cirrus.yml b/.cirrus.yml
@@ -165,19 +165,20 @@ base_images_task:
     auto_cancellation: $CI != "true"
     stateful: true
     timeout_in: 70m
-    # Cannot use a container for this task, virt required for fedora image conversion
-    gce_instance:
-        <<: *ibi_vm
-        # Nested-virt is required, need Intel Haswell or better CPU
-        enable_nested_virtualization: true
-        type: "n2-standard-2"
-        scopes: ["cloud-platform"]
+    gce_instance: *ibi_vm
     matrix:
         - &base_image
           name: "${PACKER_BUILDS} Base Image"
+          gce_instance: &nested_virt_vm
+              <<: *ibi_vm
+              # Nested-virt is required, need Intel Haswell or better CPU
+              enable_nested_virtualization: true
+              type: "n2-standard-16"
+              scopes: ["cloud-platform"]
           env:
             PACKER_BUILDS: "fedora"
         - <<: *base_image
+          gce_instance: *nested_virt_vm
           env:
             PACKER_BUILDS: "prior-fedora"
         - <<: *base_image

diff --git a/IMG_SFX b/IMG_SFX
@@ -1 +1 @@
-20240812t145931z-f40f39d13
+20240812t174027z-f40f39d13
diff --git a/base_images/cloud.yml b/base_images/cloud.yml
@@ -61,7 +61,7 @@ builders:
       type: 'qemu'
       accelerator: "kvm"
       qemu_binary: '/usr/libexec/qemu-kvm'  # Unique to CentOS, not fedora :(
-      memory: 1024
+      memory: 12288
       iso_url: '{{user `FEDORA_IMAGE_URL`}}'
       disk_image: true
       format: "raw"

diff --git a/base_images/fedora_base-setup.sh b/base_images/fedora_base-setup.sh
@@ -18,7 +18,6 @@ source "$REPO_DIRPATH/lib.sh"
 
 declare -a PKGS
 PKGS=(rng-tools git coreutils cloud-init)
-XARGS=--disablerepo=updates
 if ! ((CONTAINER)); then
     # Packer defines this automatically for us
     # shellcheck disable=SC2154
@@ -46,15 +45,12 @@ minrate=100
 timeout=60
 EOF
 
-# Due to https://bugzilla.redhat.com/show_bug.cgi?id=1907030
-# updates cannot be installed or even looked at during this stage.
-# Pawn the problem off to the cache-image stage where more memory
-# is available and debugging is also easier.  Try to save some more
-# memory by pre-populating repo metadata prior to any transactions.
-$SUDO dnf makecache $XARGS
-# Updates disable, see comment above
-# $SUDO dnf -y update $XARGS
-$SUDO dnf -y install $XARGS "${PKGS[@]}"
+$SUDO dnf makecache
+$SUDO dnf -y update
+$SUDO dnf -y install "${PKGS[@]}"
+# Occasionally following an install, there are more updates available.
+# This may be due to activation of suggested/recommended dependency resolution.
+$SUDO dnf -y update
 
 if ! ((CONTAINER)); then
     $SUDO systemctl enable rngd

diff --git a/cache_images/fedora_packaging.sh b/cache_images/fedora_packaging.sh
@@ -210,7 +210,8 @@ $SUDO curl --fail --silent --location -O \
     https://storage.googleapis.com/minikube/releases/latest/minikube-latest.x86_64.rpm
 cd -
 
-# It was observed in F33, dnf install doesn't always get you the latest/greatest
+# Occasionally following an install, there are more updates available.
+# This may be due to activation of suggested/recommended dependency resolution.
 lilto $SUDO dnf update -y
 
 # Gah. FIXME 2024-06-20: rawhide now includes rpm-plugin-ima,
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		20240812t145931z-f40f39d13
		20240812t174027z-f40f39d13