Bump cirros image versions to 5.1 and 5.2
Updated/Added:
- image sigining routine commands
- prepare.sh
- cmp-check.sh
- configure.sh updated with image versions 5.1 and 5.2
- rally scenarios updates
Related PROD: PROD-36794
Change-Id: I8e3ef81c3ecb51af97cb08c676dbfd9804e0d803
diff --git a/scripts/cmp_check.sh b/scripts/cmp_check.sh
index 9da254a..07bc9ca 100644
--- a/scripts/cmp_check.sh
+++ b/scripts/cmp_check.sh
@@ -124,10 +124,10 @@
function vm_create() {
[ ! "$silent" = true ] && set -x
- openstack server create --nic net-id=${fixed_net_left_id} --image ${cirros35_id} --flavor ${flavor_tiny_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
+ openstack server create --nic net-id=${fixed_net_left_id} --image ${cirros51_id} --flavor ${flavor_tiny_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
#openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntu16_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
#openstack server create --nic net-id=${fixed_net_right_id} --image ${ubuntu16_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
- #openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntuspt_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
+ #openstack server create --nic net-id=${fixed_net_left_id} --image ${ubuntu20_id} --flavor ${flavor_high_id} --key-name ${keypair_id} --security-group ${secgroup_all_id} --availability-zone ${zone}:${1} ${2} 2>${tmp_out} >/dev/null
[ ! 0 -eq $? ] && errors+=("${1}/${2}: $(cat ${tmp_out})")
set +x
[ ! "$silent" = true ] && cat ${tmp_out}
diff --git a/scripts/manual_create_signed_images.sh b/scripts/manual_create_signed_images.sh
new file mode 100644
index 0000000..bab2c93
--- /dev/null
+++ b/scripts/manual_create_signed_images.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+# Preparing secretp
+openssl genrsa -out image_key.pem 1024
+openssl rsa -pubout -in image_key.pem -out image_key.pem.pub
+openssl req -new -key image_key.pem -out image_req.crt
+openssl x509 -req -days 180 -in image_req.crt -signkey image_key.pem -out image_cert.crt
+
+# Save secret to Barbican storage
+openstack secret store --name cvp.images --algorithm RSA --expiration 2023-06-15 --secret-type certificate --payload-content-type "application/octet-stream" --payload-content-encoding base64 --payload "$(base64 image_cert.crt)"
+
+# save ID from "Secret href" property
+export s_uuid=1149deef-13b1-4ace-8aef-613466ef6fe7
+
+# To Raw
+qemu-img convert -f qcow2 -O raw -p cvp.ubuntu.2004 /var/tmp/cvp.ubuntu.2004.raw
+qemu-img convert -f qcow2 -O raw -p cvp.ubuntu.1604 /var/tmp/cvp.ubuntu.1604.raw
+qemu-img convert -f qcow2 -O raw -p cvp.cirros.51 /var/tmp/cvp.cirros.51.raw
+qemu-img convert -f qcow2 -O raw -p cvp.cirros.52 /var/tmp/cvp.cirros.52.raw
+
+# Sign images
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.cirros.51.raw.signature /var/tmp/cvp.cirros.51.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.cirros.52.raw.signature /var/tmp/cvp.cirros.52.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.ubuntu.1604.raw.signature /var/tmp/cvp.ubuntu.1604.raw
+openssl dgst -sha256 -sign image_key.pem -sigopt rsa_padding_mode:pss -out cvp.ubuntu.2004.raw.signature /var/tmp/cvp.ubuntu.2004.raw
+
+base64 -w 0 cvp.cirros.51.raw.signature >cvp.cirros.51.raw.signature.b64
+base64 -w 0 cvp.cirros.52.raw.signature >cvp.cirros.52.raw.signature.b64
+base64 -w 0 cvp.ubuntu.1604.raw.signature >cvp.ubuntu.1604.raw.signature.b64
+base64 -w 0 cvp.ubuntu.2004.raw.signature >cvp.ubuntu.2004.raw.signature.b64
+
+export cirros51_sign=$(cat cvp.cirros.51.raw.signature.b64)
+export cirros52_sign=$(cat cvp.cirros.52.raw.signature.b64)
+export ubuntu1604_sign=$(cat cvp.ubuntu.1604.raw.signature.b64)
+export ubuntu2004_sign=$(cat cvp.ubuntu.2004.raw.signature.b64)
+
+# Upload
+glance image-create --name cvp.cirros.51.raw.signed --container-format bare --disk-format raw --property img_signature="$cirros51_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.cirros.51.raw
+glance image-create --name cvp.cirros.52.raw.signed --container-format bare --disk-format raw --property img_signature="$cirros52_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.cirros.52.raw
+glance image-create --name cvp.ubuntu.1604.raw.signed --container-format bare --disk-format raw --property img_signature="$ubuntu1604_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.ubuntu.1604.raw
+glance image-create --name cvp.ubuntu.2004.raw.signed --container-format bare --disk-format raw --property img_signature="$ubuntu2004_sign" --property img_signature_certificate_uuid="$s_uuid" --property img_signature_hash_method='SHA-256' --property img_signature_key_type='RSA-PSS' < /var/tmp/cvp.ubuntu.2004.raw
diff --git a/scripts/prepare.sh b/scripts/prepare.sh
index 10f005a..c0b58ba 100644
--- a/scripts/prepare.sh
+++ b/scripts/prepare.sh
@@ -39,14 +39,17 @@
router=${name_prefix}.router
# Images: cirros (3.5, 4.0), ubuntu (16.04)
-cirros3=${name_prefix}.cirros.35
-cirros4=${name_prefix}.cirros.40
+cirros51=${name_prefix}.cirros.51
+cirros52=${name_prefix}.cirros.52
ubuntu16=${name_prefix}.ubuntu.1604
-ubuntuspt=${name_prefix}.ubuntu.spt
+ubuntu20=${name_prefix}.ubuntu.2004
-cirros3_link=http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
-cirros4_link=http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-aarch64-disk.img
+#cirros3_link=http://download.cirros-cloud.net/0.3.5/cirros-0.3.5-x86_64-disk.img
+#cirros4_link=http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-aarch64-disk.img
+cirros51_link=https://download.cirros-cloud.net/0.5.1/cirros-0.5.1-x86_64-disk.img
+cirros52_link=https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
ubuntu16_link=https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img
+ubuntu20_link=https://cloud-images.ubuntu.com/focal/current/focal-server-cloudimg-amd64.img
# Volume (2GB)
volume=${name_prefix}.volume
@@ -144,14 +147,14 @@
put volume_id $(ol1 volume ${volume})
# images
- put cirros35_name ${cirros3}
- put cirros35_id $(ol1 image ${cirros3})
- put cirros40_name ${cirros4}
- put cirros40_id $(ol1 image ${cirros4})
+ put cirros51_name ${cirros51}
+ put cirros51_id $(ol1 image ${cirros51})
+ put cirros52_name ${cirros52}
+ put cirros52_id $(ol1 image ${cirros52})
put ubuntu16_name ${ubuntu16}
put ubuntu16_id $(ol1 image ${ubuntu16})
- put ubuntuspt_name ${ubuntuspt}
- put ubuntuspt_id $(ol1 image ${ubuntuspt})
+ put ubuntu20_name ${ubuntu20}
+ put ubuntu20_id $(ol1 image ${ubuntu20})
}
# create rc file out of current ENV vars
@@ -382,12 +385,10 @@
create_fixed_nets
# images
-#create_image cirros3
-#create_image cirros4
-#create_image ubuntu16
-# update image name to correct one uploaded
-#ubuntuspt_file="ubuntuspt.img"
-#openstack image create --public --disk-format qcow2 --container-format bare --file ${ubuntuspt_file} ${ubuntuspt} -c id -f value
+create_image cirros51
+create_image cirros52
+create_image ubuntu16
+create_image ubuntu20
### Manifest and fall back to original rc
print_manifest