From patchwork Sun Mar 23 11:50:05 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Luis Chamberlain <mcgrof@kernel.org>
X-Patchwork-Id: 14026490
Received: from bombadil.infradead.org (bombadil.infradead.org
 [198.137.202.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 786802046BE
	for <kdevops@lists.linux.dev>; Sun, 23 Mar 2025 11:50:10 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=198.137.202.133
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1742730612; cv=none;
 b=qRDkxopBQwgivktgUrMPU+mIgmyAT/3m47CagC34V/Fd/RvJ6eIkEezXcavFmv3yx+Yp8G5p3Mf3+XdHo1SFbyRBR2vE/OVEpQcrnK1fpCjfIKgyappIXTl8L+zea5GtrwZVX3c+2scY1wNVyaOCnoIzcs8TCWBYs20iu7mpDjY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1742730612; c=relaxed/simple;
	bh=dZWYusjO/ymIqYGVxXVNWbNQ6QXiXsOilpm+Aleh15s=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=noNjIIwIWC6to7ySLwacOHbzU/FL2bQs8wcMX7GhmG8tcB50Q0JmYJBc/1XI9Bq5uuET0hfKiealRXDq93YQJyKSjYIXlcdF0nTJVw8lED7PhAr7VmJzn7b0WwnqCf1zQ74YbMuH8fO4KAPWshjPRKfD6y/zcRGZoCv8pk8DIwk=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=fail (p=quarantine dis=none) header.from=kernel.org;
 spf=none smtp.mailfrom=infradead.org;
 dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org
 header.b=amc2Wj0W; arc=none smtp.client-ip=198.137.202.133
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=fail (p=quarantine dis=none) header.from=kernel.org
Authentication-Results: smtp.subspace.kernel.org;
 spf=none smtp.mailfrom=infradead.org
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=infradead.org header.i=@infradead.org
 header.b="amc2Wj0W"
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	d=infradead.org; s=bombadil.20210309; h=Sender:Content-Transfer-Encoding:
	MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:
	Reply-To:Content-Type:Content-ID:Content-Description;
	bh=czTjTimS9U+dskd17eU8lDE1DzSBbhQ31GKvaGBVjjY=; b=amc2Wj0WbHNyiD4dakL9d1zGtn
	XuxjggaQilXIiARYMTlkxAoQsvIJOer7BtVWLywDiKqSjk2EnOAcWt1Udlqs190/eUiwbV5nADLCD
	OIyVdqM07qm4g2uZtphHReNsPAJ8v2qmzMtdDWEmFvsET6aUzUHpKPkDaDkHTWYmbBqd6eVEtgvMG
	+dj0dGo4KYZVGCjP2JLNdI+sR+sZ6I9JuNU7J12kFPhjLUW+WIVBPAAXES1BuyDXqH9TVv2uj/dgK
	ZFHLHEn4JElG/niGNHzVLOPwmXJndD9MHWmamZSZ69Vx9iQICmT3hnoCR4kyP8+kxsipO14GpOSyL
	DRKVWfYA==;
Received: from mcgrof by bombadil.infradead.org with local (Exim 4.98 #2 (Red
 Hat Linux))
	id 1twJqD-0000000181s-3x2m;
	Sun, 23 Mar 2025 11:50:09 +0000
From: Luis Chamberlain <mcgrof@kernel.org>
To: kdevops@lists.linux.dev
Cc: Luis Chamberlain <mcgrof@kernel.org>
Subject: [PATCH 2/6] devconfig: ensure unattended-upgrades is not installed on
 debian
Date: Sun, 23 Mar 2025 04:50:05 -0700
Message-ID: <20250323115009.269172-3-mcgrof@kernel.org>
X-Mailer: git-send-email 2.48.1
In-Reply-To: <20250323115009.269172-1-mcgrof@kernel.org>
References: <20250323115009.269172-1-mcgrof@kernel.org>
Precedence: bulk
X-Mailing-List: kdevops@lists.linux.dev
List-Id: <kdevops.lists.linux.dev>
List-Subscribe: <mailto:kdevops+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:kdevops+unsubscribe@lists.linux.dev>
MIME-Version: 1.0
Sender: Luis Chamberlain <mcgrof@infradead.org>

We already remove the package on debian bringups when downloading a
an official but-not-guestfs-official (and so debian custom) image to
build our base images for our guests. Now that we have that stop-gap
measure, be sure we just fail if the package happens to be installed,
and complain to the user about it.

We can easily fix this with just two command so recommend that.

Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
---
 .../tasks/install-deps/debian/main.yml        | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
index 5624a9f8406a..954f0aede3b2 100644
--- a/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
+++ b/playbooks/roles/devconfig/tasks/install-deps/debian/main.yml
@@ -1,4 +1,26 @@
 ---
+- name: Check if unattended-upgrades is installed
+  command: dpkg-query -W -f='${Status}' unattended-upgrades
+  register: unattended_upgrade_status
+  ignore_errors: true
+  changed_when: false
+
+- name: Set fact if unattended-upgrades is installed
+  set_fact:
+    unattended_upgrades_installed: "{{ 'install ok installed' in unattended_upgrade_status.stdout }}"
+
+- name: Verify unattended-upgrades is not installed
+  fail:
+    msg: |
+      The unattended-upgrades package is installed on the base image, this
+      can cause tons of issues with CIs. Fix this by running the following
+      commands:
+
+      make cleancache
+      make bringup
+  when:
+    - unattended_upgrades_installed|bool
+
 - name: Upgrade Packages
   become: yes
   become_method: sudo