Update to v0.6

Author: LorbusChris

README.md

@@ -1,9 +1,26 @@
 # greenboot
 Generic Health Check Framework for systemd
 
+## Installation
+On Fedora Silverblue, IoT or Atomic Host:
+```
+rpm-ostree install greenboot greenboot-status greenboot-ostree-grub2
+
+systemctl reboot
+```
+
 ## Usage
-The following directory structure is created:
+Place shell scripts representing *health checks* that **MUST NOT FAIL** in the `/etc/greenboot/check/required.d` directory. 
+Place shell scripts representing *health checks* that **MAY FAIL** in the `/etc/greenboot/check/wanted.d` directory.
+Place shell scripts you want to run *after* a boot has been declared **successful** in `/etc/greenboot/green.d`.
+Place shell scripts you want to run *after* a boot has been declared **failed** in `/etc/greenboot/red.d`.
 
+Unless greenboot is enabled by default in your distribution, enable it by running `systemctl enable greenboot greenboot-healthcheck greenboot-status`.
+It will automatically start during the next boot process and run its checks.
+
+When you `ssh` into the machine after that, a boot status message will be shown.
+
+Directory structure: 
 ```
 /etc
 └── greenboot
@@ -14,40 +31,39 @@ The following directory structure is created:
     └── red.d
 ```
 
-### Custom Health Checks
-You have multiple options to customize greenboot’s health checking behaviour:
 
-* Drop scripts representing health checks that MUST NOT FAIL in order to reach a GREEN boot status into `/etc/greenboot/check/required.d`.
-* Drop scripts representing health checks that MAY FAIL into `/etc/greenboot/check/wanted.d`.
-* Create oneshot health check service units that MUST NOT FAIL like the following and drop them into `/etc/systemd/system` (don't forget to `systemctl enable` them afterwards):
+## Health Checks with systemd services
+Overall boot success is measured against `boot-success.target`.
+Ordering of units can be achieved using standard systemd vocabulary.
+
+### Required Checks
+Create a oneshot health check service unit that **MUST NOT FAIL**, e.g. `/etc/systemd/system/required-check.service`. Run `systemctl enable required-check` to enable it.
+
 ```
 [Unit]
 Description=Custom Required Health Check
-Before=greenboot.target
+Before=boot-complete.target
 
 [Service]
 Type=oneshot
-ExecStart=/path/to/service
+ExecStart=/usr/libexec/mytestsuite/required-check
 
 [Install]
-RequiredBy=greenboot.target
+RequiredBy=boot-complete.target
 ```
-* Create oneshot health check service units that MAY FAIL like the following and drop them into `/etc/systemd/system` (don't forget to `systemctl enable` them afterwards):
+
+### Wanted Checks
+Create a oneshot health check service unit that **MAY FAIL**, e.g. `/etc/systemd/system/wanted-check.service`. Run `systemctl enable wanted-check` to enable it. 
+
 ```
 [Unit]
 Description=Custom Wanted Health Check
-Before=greenboot.target
+Before=boot-complete.target
 
 [Service]
 Type=oneshot
-ExecStart=/path/to/service
+ExecStart=/usr/libexec/mytestsuite/wanted-check
 
 [Install]
-WantedBy=greenboot.target
-```
-
-### Custom GREEN Status Procedures
-* Drop scripts representing procedures you want to run after a GREEN boot status has been reached into `/etc/greenboot/green.d`.
-
-### Custom RED Status Procedures
-* Drop scripts representing procedures you want to run after a RED boot status has been reached into `/etc/greenboot/red.d`.
+RequiredBy=boot-complete.target
+```

greenboot.spec

@@ -1,30 +1,31 @@
-%global github_owner    LorbusChris
-%global github_project  greenboot
-%global build_timestamp %(date +"%Y%m%d%H%M%%S")
-
 Name:               greenboot
-Version:            0.5
+Version:            0.6
 Release:            1%{?dist}
 Summary:            Generic Health Check Framework for systemd
 License:            LGPLv2+
-URL:                https://github.com/%{github_owner}/%{github_project}
-Source0:            https://github.com/%{github_owner}/%{github_project}/archive/v%{version}.tar.gz
+
+%global repo_owner  LorbusChris
+%global repo_name   %{name}
+%global repo_tag    v%{version}
+
+URL:                https://github.com/%{repo_owner}/%{repo_name}
+Source0:            https://github.com/%{repo_owner}/%{repo_name}/archive/%{repo_tag}.tar.gz
 
 BuildArch:          noarch
-BuildRequires:      systemd
+BuildRequires:      systemd-rpm-macros
 %{?systemd_requires}
 Requires:           systemd
 
 %description
 %{summary}.
 
-%package motd
+%package status
 Summary:            Message of the Day updater for greenboot
 Requires:           %{name} = %{version}-%{release}
-Requires:           pam >= 1.3.1
+Requires:           pam >= 1.3.1-15
 Requires:           openssh
 
-%description motd
+%description status
 %{summary}.
 
 %package ostree-grub2
@@ -51,54 +52,50 @@ Requires:           %{name} = %{version}-%{release}
 %{summary}.
 
 %prep
-%setup -qn %{github_project}-%{version}
+%setup
 
 %build
 
 %install
-install -Dpm 0755 usr/libexec/greenboot/greenboot.sh %{buildroot}%{_libexecdir}/%{name}/%{name}.sh
-install -Dpm 0755 usr/libexec/greenboot/greenboot_motdgen.sh %{buildroot}%{_libexecdir}/%{name}/%{name}_motdgen.sh
-install -Dpm 0644 usr/lib/systemd/system/greenboot.target %{buildroot}%{_unitdir}/greenboot.target
-install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildroot}%{_unitdir}/greenboot-healthcheck.service
-install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service
-install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service
-install -Dpm 0644 usr/lib/systemd/system/greenboot-motdgen.service %{buildroot}%{_unitdir}/greenboot-motdgen.service
 mkdir -p %{buildroot}%{_sysconfdir}/%{name}/check/required.d
 mkdir    %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d
 mkdir    %{buildroot}%{_sysconfdir}/%{name}/green.d
 mkdir    %{buildroot}%{_sysconfdir}/%{name}/red.d
+install -Dpm 0755 usr/libexec/greenboot/greenboot %{buildroot}%{_libexecdir}/%{name}/%{name}
+install -Dpm 0755 usr/libexec/greenboot/greenboot-status %{buildroot}%{_libexecdir}/%{name}/greenboot-status
+install -Dpm 0644 usr/lib/motd.d/boot-status %{buildroot}%{_exec_prefix}/lib/motd.d/boot-status
+install -Dpm 0644 usr/lib/systemd/system/greenboot-healthcheck.service %{buildroot}%{_unitdir}/greenboot-healthcheck.service
+install -Dpm 0644 usr/lib/systemd/system/greenboot.service %{buildroot}%{_unitdir}/greenboot.service
+install -Dpm 0644 usr/lib/systemd/system/redboot.service %{buildroot}%{_unitdir}/redboot.service
+install -Dpm 0644 usr/lib/systemd/system/greenboot-status.service %{buildroot}%{_unitdir}/greenboot-status.service
 install -Dpm 0755 etc/greenboot/check/required.d/* %{buildroot}%{_sysconfdir}/%{name}/check/required.d
 install -Dpm 0755 etc/greenboot/check/wanted.d/* %{buildroot}%{_sysconfdir}/%{name}/check/wanted.d
 install -Dpm 0755 etc/greenboot/green.d/* %{buildroot}%{_sysconfdir}/%{name}/green.d
 install -Dpm 0755 etc/greenboot/red.d/* %{buildroot}%{_sysconfdir}/%{name}/red.d
-install -Dpm 0644 etc/greenboot/motd %{buildroot}%{_sysconfdir}/%{name}/motd
 
 %post
-%systemd_post greenboot.target
 %systemd_post greenboot.service
 %systemd_post greenboot-healthcheck.service
 %systemd_post redboot.service
 
-%post motd
-%systemd_post greenboot-motdgen.service
+%post status
+%systemd_post greenboot-status.service
 
 %preun
-%systemd_preun greenboot.target
 %systemd_preun greenboot.service
 %systemd_preun greenboot-healthcheck.service
 %systemd_preun redboot.service
 
-%preun motd
-%systemd_preun greenboot-motdgen.service
+%preun status
+%systemd_preun greenboot-status.service
 
 %postun
-%systemd_postun_with_restart greenboot.target
 %systemd_postun_with_restart greenboot.service
 %systemd_postun_with_restart greenboot-healthcheck.service
 %systemd_postun_with_restart redboot.service
 
-%postun motd
-%systemd_postun greenboot-motdgen.service
+%postun status
+%systemd_postun greenboot-status.service
 
 %check
 # TODO
@@ -107,8 +104,7 @@ install -Dpm 0644 etc/greenboot/motd %{buildroot}%{_sysconfdir}/%{name}/motd
 %doc README.md
 %license LICENSE
 %dir %{_libexecdir}/%{name}
-%{_libexecdir}/%{name}/%{name}.sh
-%{_unitdir}/greenboot.target
+%{_libexecdir}/%{name}/%{name}
 %{_unitdir}/greenboot-healthcheck.service
 %{_unitdir}/greenboot.service
 %{_unitdir}/redboot.service
@@ -121,10 +117,10 @@ install -Dpm 0644 etc/greenboot/motd %{buildroot}%{_sysconfdir}/%{name}/motd
 %dir %{_sysconfdir}/%{name}/green.d
 %dir %{_sysconfdir}/%{name}/red.d
 
-%files motd
-%config %{_sysconfdir}/%{name}/motd
-%{_libexecdir}/%{name}/%{name}_motdgen.sh
-%{_unitdir}/greenboot-motdgen.service
+%files status
+%{_exec_prefix}/lib/motd.d/boot-status
+%{_libexecdir}/%{name}/greenboot-status
+%{_unitdir}/greenboot-status.service
 
 %files ostree-grub2
 %{_sysconfdir}/%{name}/green.d/01_ostree_grub2_fallback.sh
@@ -136,6 +132,14 @@ install -Dpm 0644 etc/greenboot/motd %{buildroot}%{_sysconfdir}/%{name}/motd
 %{_sysconfdir}/%{name}/red.d/99_reboot.sh
 
 %changelog
+* Wed Feb 13 2019 Christian Glombek <[email protected]> - 0.6-1
+- Update to v0.6
+- Integrate with systemd's boot-complete.target
+- Rewrite motd sub-package and rename to status
+
+* Fri Oct 19 2018 Christian Glombek <[email protected]> - 0.5-1
+- Update to v0.5
+
 * Tue Oct 02 2018 Christian Glombek <[email protected]> - 0.4-2
 - Spec Review
 

tests/atomic/Vagrantfile

@@ -34,8 +34,8 @@ Vagrant.configure(2) do |config|
 
   config.vm.provision "shell", inline: <<-SHELL
     curl https://copr.fedorainfracloud.org/coprs/lorbus/greenboot/repo/fedora-rawhide/lorbus-greenboot-fedora-rahide.repo --output /etc/yum.repos.d/_copr_lorbus-greenboot.repo
-    rpm-ostree install greenboot greenboot-motd greenboot-ostree-grub2
-    systemctl reboot
+    rpm-ostree install greenboot greenboot-status greenboot-ostree-grub2
+    echo "rebooting..." && systemctl reboot
   SHELL
 
 end

tests/fedora/Vagrantfile

@@ -34,8 +34,8 @@ Vagrant.configure(2) do |config|
 
   config.vm.provision "shell", inline: <<-SHELL
     curl https://copr.fedorainfracloud.org/coprs/lorbus/greenboot/repo/fedora-rawhide/lorbus-greenboot-fedora-rahide.repo --output /etc/yum.repos.d/_copr_lorbus-greenboot.repo
-    dnf install -y greenboot greenboot-motd greenboot-reboot
-    systemctl reboot
+    dnf install -y greenboot greenboot-status greenboot-reboot
+    echo "rebooting" && systemctl reboot
   SHELL
 
 end

tests/greenboot-failing-unit.spec

@@ -0,0 +1,37 @@
+Name:               greenboot-failing-unit
+Version:            1.0
+Release:            1%{?dist}
+Summary:            Failing healthcheck unit for testing greenboot red status
+License:            LGPLv2+
+URL:                https://github.com/%{repo_owner}/%{repo_name}
+BuildArch:          noarch
+Requires:           greenboot
+
+%description
+%{summary}.
+
+%prep
+
+%build
+
+%install
+mkdir -p    %{buildroot}%{_sysconfdir}/greenboot/check/required.d/
+cat <<EOF > %{buildroot}%{_sysconfdir}/greenboot/check/required.d/10_failing_check.sh
+#!/bin/bash
+set -euo pipefail
+echo "This is a failing script"
+exit 1
+EOF
+
+%post
+
+%preun
+
+%postun
+
+%files
+%{_sysconfdir}/greenboot/check/required.d/10_failing_check.sh
+
+%changelog
+* Wed Feb 13 2019 Christian Glombek <[email protected]> - 1.0-1
+- Initial RPM Spec

tests/run_test.sh

@@ -1,3 +1,6 @@
+#!/bin/bash
+set -euo pipefail
+
 ## Set up vagrant-libvirt
 # getent group libvirt
 # groups ${USER}
@@ -6,25 +9,34 @@
 ## Fix for Silverblue
 # sudo restorecon -Rv /etc/libvirt # -> Relabeled /etc/libvirt from system_u:object_r:virt_etc_rw_t:s0 to system_u:object_r:virt_etc_t:s0
 
+## TODO: Convert into Ansible Playbook; this can't really be run as a script
+
 cd atomic
 
 vagrant up
-# Use the failing check to test red boot status behaviour
-# vagrant ssh -c 'ln -s /home/vagrant/sync/10_failing_check.sh /etc/greenboot/check/required.d/10_failing_check.sh'
 
-# Workaround for https://github.com/fedora-selinux/selinux-policy/issues/242
-vagrant ssh -c 'sudo semanage fcontext -a -t pam_var_run_t "/var/run/motd.d(/.*)?"; \
-                sudo restorecon -Rv /var/run/motd.d;'
+# v0.7: Workaround for https://github.com/fedora-selinux/selinux-policy/issues/242
+# vagrant ssh -c 'sudo semanage fcontext -a -t pam_var_run_t "/var/run/motd\.d(/.*)?"; \
+#                 sudo restorecon -Rv /var/run/motd.d;'
 
-vagrant ssh -c 'sudo systemctl enable greenboot greenboot-healthcheck bootstatus-motd; \
-                sudo systemctl reboot;'
+vagrant ssh -c 'sudo systemctl enable greenboot greenboot-healthcheck greenboot-status; \
+                echo "rebooting..." && sudo systemctl reboot;'
 sleep 15
 
-vagrant ssh -c 'sudo journalctl -u greenboot-healthcheck -u boot-complete.target -u greenboot -u redboot -u bootstatus-motd'
+vagrant ssh -c 'sudo journalctl -u greenboot-healthcheck -u boot-complete.target -u greenboot -u redboot -u greenboot-status'
+
+# Check Green Status MotD
+# vagrant ssh
+
+vagrant ssh -c 'sudo rpm-ostree cleanup -m; \
+                sudo rpm-ostree install greenboot-failing-unit; \
+                sudo grub2-editenv - set boot_success=0; \
+                sudo grub2-editenv - set boot_counter=1; \
+                echo "rebooting..." && sudo systemctl reboot;'
+
+vagrant ssh -c 'sudo journalctl -u greenboot-healthcheck -u boot-complete.target -u greenboot -u redboot -u greenboot-status'
 
-# vagrant ssh -c 'sudo rpm-ostree upgrade; \
-#                 sudo grub2-editenv - set boot_success=0; \
-#                 sudo grub2-editenv - set boot_counter=3; \
-#                 sudo systemctl reboot;'
+# Check Red Status MotD
+# vagrant ssh
 
 cd ..

usr/libexec/greenboot/greenboot

@@ -7,7 +7,7 @@ script_runner () {
   local mode=$1; shift
   local start_msg=$1; shift
   echo "$start_msg"
-  for script in `find $scripts_dir -name '*.sh'`; do
+  for script in $(find $scripts_dir -name '*.sh'); do
     local rc=0
     systemd-cat -t "$(basename $script)" bash $script || rc=$?
     if [ $rc -ne 0 ]; then