diff --git a/.github/workflows/training-e2e.yaml b/.github/workflows/training-e2e.yaml index e69b5cc5a..a4d99284c 100644 --- a/.github/workflows/training-e2e.yaml +++ b/.github/workflows/training-e2e.yaml @@ -86,7 +86,6 @@ jobs: run: | ssh_public_key=$(printf '%s\n' "${{ steps.terraform-output.outputs.ssh_public_key }}" | sed -e 's/[\/&]/\\&/g') ansible-playbook ./main/training/provision/playbook.yml \ - -vvv \ -i terraform-test-environment-module/hosts.ini \ --private-key=terraform-test-environment-module/${{ steps.terraform-output.outputs.pem_filename }} \ --extra-vars "image_name=${{ matrix.image_name }}" \ diff --git a/training/Makefile b/training/Makefile index b7d3bf551..d4a746783 100644 --- a/training/Makefile +++ b/training/Makefile @@ -81,6 +81,7 @@ cloud-nvidia: .PHONY: cloud: cloud-amd cloud-intel cloud +<<<<<<< HEAD # # We often see users running out of space. These commands are useful for freeing wasted space. # Note becarful to not run this target if a podman build is in progress. diff --git a/training/provision/playbook.yml b/training/provision/playbook.yml index bd2ab9af1..c9a0426fc 100644 --- a/training/provision/playbook.yml +++ b/training/provision/playbook.yml @@ -20,50 +20,28 @@ name: podman state: present - - name: Get size of root filesystem - ansible.builtin.shell: - cmd: | - df -h /var/tmp/ - podman system info - - name: Login to default registry and create ${XDG_RUNTIME_DIR}/containers/auth.json containers.podman.podman_login: username: "{{ registry_user }}" password: "{{ registry_password }}" registry: quay.io - # - name: Building an image with ssh key - # ignore_unreachable: true - # containers.podman.podman_container: - # name: localhost/temp_image - # image: "quay.io/ai-lab/{{ image_name }}:latest" - # command: - # - mkdir /usr/etc-system - # - test -n "{{ ssh_public_key }}" - # - echo 'AuthorizedKeysFile /usr/etc-system/%u.keys' >> /etc/ssh/sshd_config.d/30-auth-system.conf - # - echo "{{ ssh_public_key }}"" > /usr/etc-system/ec2-user.keys && chmod 0600 /usr/etc-system/ec2-user.keys - # state: present - # recreate: true - - - name: Download the dockerfile for SSH wrapper container - ansible.builtin.get_url: - url: "https://gist.githubusercontent.com/Gregory-Pereira/235943787f8fd1586852debe11725fc4/raw/c0aa0a09e55def3b3f42e8130e328b0170a22141/Containerfile" - dest: "/tmp/Containerfile" - - - name: Sed SSH key into Containerfile - ansible.builtin.command: - cmd: | - sed -i 's|REPLACE_ME|{{ ssh_public_key }}|g' /tmp/Containerfile && \ - sed -i 's|BASE_IMAGE|{{ image_name }}|g' /tmp/Containerfile && \ - cat /tmp/Containerfile && \ - whoami + - name: Temp Image Containerfile + ansible.builtin.template: + src: templates/Containerfile.j2 + dest: Containerfile environment: + image_name: "{{ image_name }}" ssh_public_key: "{{ ssh_public_key }}" - - name: Building an image with ssh key - ansible.builtin.command: - cmd: | - podman build -t localhost/temp_image:latest -f /tmp/Containerfile + - name: file lookup demo + debug: + msg: "{{ lookup('file', 'Containerfile') }}" + + # - name: Building an image with ssh key + # ansible.builtin.command: + # cmd: | + # podman build -t localhost/temp_image:latest -f /tmp/Containerfile # - name: check podman images for sanity # ansible.builtin.command: diff --git a/training/provision/templates/Containerfile.j2 b/training/provision/templates/Containerfile.j2 new file mode 100644 index 000000000..073fa221c --- /dev/null +++ b/training/provision/templates/Containerfile.j2 @@ -0,0 +1,9 @@ +FROM quay.io/ai-lab/"{{ image_name }}":latest + +USER root + +RUN mkdir /usr/etc-system && \ + chown -R root:root /usr/etc-system && \ + echo 'AuthorizedKeysFile /usr/etc-system/root.keys' >> /etc/ssh/sshd_config.d/30-auth-system.conf && \ + echo "{{ ssh_public_key }}" > /usr/etc-system/root.keys && \ + chmod 0600 /usr/etc-system/root.keys