Conversation
guzu
force-pushed
the
eva/local-cmd-generalize
branch
4 times, most recently
from
31da723 to
33bd187
Compare
|
I didn't manage to test everything because I don't know yet how to setup some tests. |
Can you list the ones you could test and the ones you couldn't? We could likely either help you run the remaining ones, or have them run on the CI hosts from your branch. |
Sure, I did:
I think we need to test the following:
|
|
Ok, so the first one and the third one are not covered by the main CI runs, they're in installation/upgrade tests that @ydirson is much knowledgeable about. The |
|
Update:
|
You should be able to use it to launch an automated install of a nested host
This one requires 2 hosts to be compared, it should be possible to run using any 2 nested hosts (eg. the one you installed by hand, and one installed with |
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
9d42bbb to
9bfd3cc
Compare
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
9bfd3cc to
49fbbca
Compare
guzu
force-pushed
the
eva/local-cmd-generalize
branch
2 times, most recently
from
27b9248 to
233a249
Compare
| assert False, "unexpected type" | ||
|
|
||
| def scp(hostname_or_ip, src, dest, check=True, suppress_fingerprint_warnings=True, local_dest=False): | ||
| from lib.netutil import wrap_ip |
There was a problem hiding this comment.
I suppose there's a reason for not importing at the top level, but such exception should be documented with a comment.
There was a problem hiding this comment.
This is to avoid cycling import. Or I should have put the new function in something different than netutils.
Or maybe you prefer that the local import be done in netutils ? It should not make any diffrence.
I will add a comment anyway.
There was a problem hiding this comment.
The cyclic import could be solved in several ways:
- considering that after all we only need to check port 22 and make this a part of
commands.py(yeah, that's a bit meh) - acknowledging that after all
local_cmdandsshare not on the same level (but here it is unfortunate the one that would be the best candidate to move out into a new file was the first occupant and most-imported over the repo, ie.sshand friends)
Maybe we could have a variant of the 2nd solution, by moving everyone out, into lib/ssh.py and lib.command.py (note the lack of s - or maybe local.py would be better? I'm not sure), and let commands.py import the relevant symbols from those as a compatibility lib until we cleanup everything (avoiding to break all those in-flight PRs)
There was a problem hiding this comment.
What do you of moving it to lib.netutil ?
Anyway we could make that in second time, not in that PR, it would change too much files.
| Returns path to signed image. | ||
| """ | ||
| assert self._owner_cert is not None | ||
| assert self._owner_cert.key is not None |
There was a problem hiding this comment.
I'm not sure how this change relates to the rest of the commit
There was a problem hiding this comment.
This is here to please type checking since I added type checking information for local_cmd()
There was a problem hiding this comment.
Thanks. Probably something to mention in the commit message, as it's not obvious.
ydirson
left a comment
ydirson
left a comment
There was a problem hiding this comment.
There is also an "introdice" typo in the first commit message
lib/commands.py
Outdated
| if simple_output: | ||
| return output.strip() | ||
| return LocalCommandResult(res.returncode, output) |
There was a problem hiding this comment.
Making the default simple_output=True actually changes the default behavior of the function. A separate commit for this change would make it easier for review.
There was a problem hiding this comment.
Could be good to mention in commit message that the API indeed changes.
OTOH, now that I see how the change looks like, I wonder if it's so much of a good idea: if seems to make the non-default calls harder to read:
- result = commands.local_cmd(COMMAND, check=False)
- output = commands.local_cmd(COMMAND, check=False).stdout
+ result = commands.local_cmd(COMMAND, check=False, simple_output=False)
+ output = commands.local_cmd(COMMAND, check=False)
Wouldn't we rather want to change the ssh APIs to match this simpler model (later, and possibly in the PR moving them in another module)?
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
233a249 to
97b16ea
Compare
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
97b16ea to
0a44e00
Compare
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
0a44e00 to
13a9446
Compare
lib/netutil.py
Outdated
| wait_for(lambda: local_cmd(['ping', '-c1', host], check=False, simple_output=False).returncode == 0, | ||
| "Wait for host up (ICMP ping)", timeout_secs=10 * 60, retry_delay_secs=10) | ||
| wait_for(lambda: local_cmd(['nc', '-zw5', host, str(port)], check=False, simple_output=False).returncode == 0, | ||
| f"Wait for {port_desc} up on host {host_desc}", timeout_secs=10 * 60, retry_delay_secs=5) |
There was a problem hiding this comment.
i would add timers, retry as defauts params
There was a problem hiding this comment.
We can do that when/if we need to use a different value IMO
There was a problem hiding this comment.
sure i was a just a suggestion at this stage, btw the motivation of values will not hurt if there is any
| f"Wait for {port_desc} up on host {host_desc}", timeout_secs=10 * 60, retry_delay_secs=5) | ||
|
|
||
| def wait_for_ssh(host, host_desc=None, ping=True): | ||
| wait_for_tcp_port(host, 22, "SSH", ping, host_desc) |
There was a problem hiding this comment.
same for port, should't it be a default param ?
There was a problem hiding this comment.
I understand, but in this why not just wait_for_tcp_port() in this case. The function doesn't bother if it's a real SSH server.
There was a problem hiding this comment.
well my comment was mostly from API perspective but not a big deal, you could add extra params for ssh if needed, like minimal version requiered etc
scripts/install_xcpng.py
Outdated
| cmd = ['openssl', 'passwd', '-6', password] | ||
| res = subprocess.run(cmd, stdout=subprocess.PIPE) | ||
| encrypted_password = res.stdout.decode().strip() | ||
| encrypted_password = local_cmd(['openssl', 'passwd', '-6', password]) |
There was a problem hiding this comment.
| encrypted_password = local_cmd(['openssl', 'passwd', '-6', password]) | |
| algorithm_option = '-6' # SHA | |
| encrypted_password = local_cmd(['openssl', 'passwd', algorithm_option, password]) |
| @@ -18,8 +18,8 @@ def _header_equal(header, name, value): | |||
| def test_fileserver_redirect_https(host): | |||
There was a problem hiding this comment.
I should add port 80 as default param, along path
There was a problem hiding this comment.
That's not the purpose of this PR. Maybe we could plan a task to review the lib/ part and make futur proof. Maybe refactor some parts.
rzr
left a comment
rzr
left a comment
There was a problem hiding this comment.
LGTM but i would use more defaults params to make the lib parts future proof
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
13a9446 to
7317117
Compare
|
@glehmann I just added one more commit to add root |
Yes 👍 |
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
7317117 to
7f29d69
Compare
ydirson
left a comment
ydirson
left a comment
There was a problem hiding this comment.
Essentially minor polishing stuff, except for this big questioning about adding simple_output. What do y'all think?
| f"Failed to fetch URL locally: {local_result.stderr}" | ||
| f"Failed to fetch URL locally: {local_result.stdout}" |
There was a problem hiding this comment.
Why change this and not show stderr?
There was a problem hiding this comment.
Because it there only stdout. Standard error output is redirected to stdout.
Maybe we could rename stdout in output which would be less misleading.
There was a problem hiding this comment.
Wow, I did not notice that. It looks like an awful idea to have them merged, actually :(
There was a problem hiding this comment.
I split stdout and add stderr into LocalCommandFailed and LocalCommandResult.
Can you check if you're ok with that ?
There was a problem hiding this comment.
That seems to look good from the range-diff output (but would have been easier t read in a separate commit 😉 - if we keep it inside this commit it would be worth describing in the commit desc).
I wonder if it would not make sense to replace in LocalCommandFailed the output by the full LocalCommandResult, so we can easily still get access to stdout if needed.
lib/commands.py
Outdated
| if simple_output: | ||
| return output.strip() | ||
| return LocalCommandResult(res.returncode, output) |
There was a problem hiding this comment.
Could be good to mention in commit message that the API indeed changes.
OTOH, now that I see how the change looks like, I wonder if it's so much of a good idea: if seems to make the non-default calls harder to read:
- result = commands.local_cmd(COMMAND, check=False)
- output = commands.local_cmd(COMMAND, check=False).stdout
+ result = commands.local_cmd(COMMAND, check=False, simple_output=False)
+ output = commands.local_cmd(COMMAND, check=False)
Wouldn't we rather want to change the ssh APIs to match this simpler model (later, and possibly in the PR moving them in another module)?
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
7f29d69 to
8a9650d
Compare
And change a bit local_cmd() interface to behave like ssh(); introduce simple_output argument. Assertion added in lib/efi.py is here to please linter, because self._owner_cert.key is used in argument to local_cmd() below. Signed-off-by: Emmanuel Varagnat <emmanuel.varagnat@vates.tech>
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
8a9650d to
096553e
Compare
To match the ssh() API. Signed-off-by: Emmanuel Varagnat <emmanuel.varagnat@vates.tech>
Specific error messages are no longer available with this refactoring. Signed-off-by: Emmanuel Varagnat <emmanuel.varagnat@vates.tech>
Signed-off-by: Emmanuel Varagnat <emmanuel.varagnat@vates.tech>
Signed-off-by: Emmanuel Varagnat <emmanuel.varagnat@vates.tech>
guzu
force-pushed
the
eva/local-cmd-generalize
branch
from
096553e to
1e20bf2
Compare
5 participants
No description provided.