Unverified Commit b6cad0fd authored by Florian Klink's avatar Florian Klink Committed by GitHub
Browse files

Merge pull request #274220 from flokli/waagent-cleanups 

waagent: cleanups
parents cf3205c5 f12915c4

nixos/modules/virtualisation/azure-agent.nix

+28 −0
Original line number Diff line number Diff line
@@ -202,6 +202,13 @@ in 


    services.udev.packages = [ pkgs.waagent ];



    # Provide waagent-shipped udev rules in initrd too.

    boot.initrd.services.udev.packages = [ pkgs.waagent ];

    # udev rules shell out to chmod, cut and readlink, which are all

    # provided by pkgs.coreutils, which is in services.udev.path, but not

    # boot.initrd.services.udev.binPackages.

    boot.initrd.services.udev.binPackages = [ pkgs.coreutils ];



    networking.dhcpcd.persistent = true;



    services.logrotate = {
@@ -245,6 +252,27 @@ in 
        pkgs.e2fsprogs

        pkgs.bash



        pkgs.findutils

        pkgs.gnugrep

        pkgs.gnused

        pkgs.iproute2

        pkgs.iptables



        # for hostname

        pkgs.nettools



        pkgs.openssh

        pkgs.openssl

        pkgs.parted



        # for pidof

        pkgs.procps



        # for useradd, usermod

        pkgs.shadow



        pkgs.util-linux # for (u)mount, fdisk, sfdisk, mkswap



        # waagent's Microsoft.OSTCExtensions.VMAccessForLinux needs Python 3

        pkgs.python39

pkgs/applications/networking/cluster/waagent/default.nix

+47 −44
Original line number Diff line number Diff line 
{ fetchFromGitHub,

  findutils,

  gnugrep,

  gnused,

  iproute2,

  iptables,

  lib,

  nettools, # for hostname

  openssh,

  openssl,

  parted,

  procps, # for pidof,

  python39, # the latest python version that waagent test against according to https://github.com/Azure/WALinuxAgent/blob/28345a55f9b21dae89472111635fd6e41809d958/.github/workflows/ci_pr.yml#L75

  shadow, # for useradd, usermod

  util-linux, # for (u)mount, fdisk, sfdisk, mkswap

{ bash

, coreutils

, fetchFromGitHub

, lib

, python39

, substituteAll

}:



let

  inherit (lib) makeBinPath;

  # the latest python version that waagent test against according to https://github.com/Azure/WALinuxAgent/blob/28345a55f9b21dae89472111635fd6e41809d958/.github/workflows/ci_pr.yml#L75

  python = python39;



in

python39.pkgs.buildPythonPackage rec {

python.pkgs.buildPythonApplication rec {

  pname = "waagent";

  version = "2.8.0.11";

  src = fetchFromGitHub {
@@ -29,44 +22,54 @@ python39.pkgs.buildPythonPackage rec { 
    sha256 = "0fvjanvsz1zyzhbjr2alq5fnld43mdd776r2qid5jy5glzv0xbhf";

  };

  patches = [

    # Suppress the following error when waagent try to configure sshd:

    # Suppress the following error when waagent tries to configure sshd:

    # Read-only file system: '/etc/ssh/sshd_config'

    ./dont-configure-sshd.patch

  ];

  doCheck = false;



  buildInputs = with python39.pkgs; [ distro ];

  runtimeDeps = [

    findutils

    gnugrep

    gnused

    iproute2

    iptables

    nettools # for hostname

    openssh

    openssl

    parted

    procps # for pidof

    shadow # for useradd, usermod

    util-linux # for (u)mount, fdisk, sfdisk, mkswap

  ];

  # azure-product-uuid chmod rule invokes chmod to change the mode of

  # product_uuid (which is not a device itself).

  # Replace this with an absolute path.

  postPatch = ''

    substituteInPlace config/99-azure-product-uuid.rules \

      --replace "/bin/chmod" "${coreutils}/bin/chmod"

  '';



  propagatedBuildInputs = [ python.pkgs.distro ];



  # The udev rules are placed to the wrong place.

  # Move them to their default location.

  # Keep $out/${python.sitePackages}/usr/sbin/waagent where it is.

  # waagent re-executes itself in UpdateHandler.run_latest, even if autoupdate

  # is disabled, manually spawning a python interprever with argv0.

  # We can't use the default python program wrapping mechanism, as it uses

  # wrapProgram which doesn't support --argv0.

  # So instead we make our own wrapper in $out/bin/waagent, setting PATH and

  # PYTHONPATH.

  # PATH contains our PYTHON, and PYTHONPATH stays set, so this should somewhat

  # still work.

  preFixup = ''

    mv $out/${python.sitePackages}/etc $out/



  fixupPhase = ''

     mkdir -p $out/bin/

     WAAGENT=$(find $out -name waagent | grep sbin)

     cp $WAAGENT $out/bin/waagent

     wrapProgram "$out/bin/waagent" \

         --prefix PYTHONPATH : $PYTHONPATH \

         --prefix PATH : "${makeBinPath runtimeDeps}"

     patchShebangs --build "$out/bin/"

    buildPythonPath



    mkdir -p $out/bin

    makeWrapper $out/${python.sitePackages}/usr/sbin/waagent $out/bin/waagent \

      --set PYTHONPATH $PYTHONPATH \

      --prefix PATH : $program_PATH \

      --argv0 $out/${python.sitePackages}/usr/sbin/waagent

  '';



  dontWrapPythonPrograms = false;



  meta = {

    description = "The Microsoft Azure Linux Agent (waagent)

    description = "The Microsoft Azure Linux Agent (waagent)";

    longDescription = ''

      The Microsoft Azure Linux Agent (waagent)

      manages Linux provisioning and VM interaction with the Azure

                   Fabric Controller";

      Fabric Controller'';

    homepage = "https://github.com/Azure/WALinuxAgent";

    license = with lib.licenses; [ asl20 ];

  };



}