fix(oem_autoinstall): Fix download ISO from webdav URL with password (#…

…348) * fix(oem_autoinstall): Fix download ISO from webdav URL with password * Update docs and fix spelling * oem_autoinstall: copy tls certificate to DUT
canonical · Aug 30, 2024 · b2e3ec4 · b2e3ec4
1 parent 4c6007f
commit b2e3ec4
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 13 deletions.
diff --git a/...onnectors/src/testflinger_device_connectors/data/muxpi/oem_autoinstall/provision-image.sh b/...onnectors/src/testflinger_device_connectors/data/muxpi/oem_autoinstall/provision-image.sh
@@ -94,22 +94,62 @@ create_meta_data() {
 wget_iso_on_dut() {
  # Download ISO on DUT
  URL_TOKEN="$CONFIG_REPO_PATH"/url_token
- WGET_OPTS="--no-verbose --tries=3"
- # Optional URL credentials
- if [ -r "$URL_TOKEN" ]; then
- username=$(awk -F':' '/^username:/ {print $2}' "$URL_TOKEN" | xargs)
- token=$(awk -F':' '/^token:/ {print $2}' "$URL_TOKEN" | xargs)
- if [ -z "$username" ] || [ -z "$token" ]; then
- echo "Error: check username or token format in $URL_TOKEN file"
+
+ echo "Downloading ISO on DUT..."
+ if [[ "$URL_DUT" =~ "oem-share.canonical.com" ]]; then
+ # use rclone for webdav storage
+ if [ ! -f "$URL_TOKEN" ]; then
+ echo "oem-share URL requires webdav authentication. Please attach token_file"
  exit 3
  fi
- WGET_OPTS+=" --auth-no-challenge --user=$username --password=$token"
- fi
+ $SCP "$URL_TOKEN" "$TARGET_USER"@"$addr":/home/"$TARGET_USER"/
 
- echo "Downloading ISO on DUT..."
- if ! $SSH "$TARGET_USER"@"$addr" -- sudo wget "$WGET_OPTS" -O /home/"$TARGET_USER"/"$ISO" "$URL_DUT"; then
- echo "Downloading ISO on DUT failed."
- exit 4
+ if ! $SSH "$TARGET_USER"@"$addr" -- sudo command -v rclone >/dev/null 2>&1; then
+ $SSH "$TARGET_USER"@"$addr" -- sudo sudo DEBIAN_FRONTEND=noninteractive apt-get update -qq
+ $SSH "$TARGET_USER"@"$addr" -- sudo sudo DEBIAN_FRONTEND=noninteractive apt-get install -yqq rclone
+ fi
+
+ if [[ "$URL_DUT" =~ "partners" ]]; then
+ PROJECT=$(echo "$URL_DUT" | cut -d "/" -f 5)
+ FILEPATH=$(echo "$URL_DUT" | sed "s/.*share\///g")
+ else
+ PROJECT=$(echo "$URL_DUT" | cut -d "/" -f 5)
+ FILEPATH=$(echo "$URL_DUT" | sed "s/.*$PROJECT\///g")
+ fi
+
+ if ! $SSH "$TARGET_USER"@"$addr" -- sudo rclone --config /home/"$TARGET_USER"/url_token copy "$PROJECT":"$FILEPATH" /home/"$TARGET_USER"/; then
+ echo "Downloading ISO on DUT from oem-share failed."
+ exit 4
+ fi
+ else
+ WGET_OPTS="--tries=3"
+ # Optional URL credentials
+ if [ -r "$URL_TOKEN" ]; then
+ username=$(awk -F':' '/^username:/ {print $2}' "$URL_TOKEN" | xargs)
+ token=$(awk -F':' '/^token:/ {print $2}' "$URL_TOKEN" | xargs)
+ if [ -z "$username" ] || [ -z "$token" ]; then
+ echo "Error: check username or token format in $URL_TOKEN file"
+ exit 3
+ fi
+ WGET_OPTS+=" --auth-no-challenge --user=$username --password=$token"
+ fi
+
+ if [[ "$URL_DUT" =~ "tel-image-cache.canonical.com" ]]; then
+ CERT_NAME="tel-image-cache-ca.crt"
+ CERT_FILEPATH=/usr/local/share/ca-certificates/"$CERT_NAME"
+ if [ -f "$CERT_FILEPATH" ]; then
+ $SCP "$CERT_FILEPATH" "$TARGET_USER"@"$addr":/home/"$TARGET_USER"
+ $SSH "$TARGET_USER"@"$addr" -- sudo cp "$CERT_NAME" "$CERT_FILEPATH"
+ $SSH "$TARGET_USER"@"$addr" -- sudo update-ca-certificates
+ else
+ echo "Warning: TLS certificate was not found on agent. Downloading ISO might fail.."
+ fi
+ fi
+
+ if ! $SSH "$TARGET_USER"@"$addr" -- sudo wget "$WGET_OPTS" -O /home/"$TARGET_USER"/"$ISO" "$URL_DUT"; then
+ echo "Downloading ISO on DUT failed."
+ exit 4
+ fi
  fi
 
  if ! $SSH "$TARGET_USER"@"$addr" -- sudo test -e /home/"$TARGET_USER"/"$ISO"; then

diff --git a/docs/.wordlist.txt b/docs/.wordlist.txt
@@ -76,6 +76,7 @@ preconfigured
 preloaded
 provisionable
 provisioner
+rclone
 ReadMe
 readthedocs
 reST
@@ -112,6 +113,7 @@ USB
 UUID
 virtualenv
 VM
+webdav
 webhook
 WPA
 xenial

diff --git a/docs/reference/device-connector-types.rst b/docs/reference/device-connector-types.rst
@@ -288,6 +288,21 @@ The ``oem_autoinstall`` device connector supports the following ``provision_data
 
  token: $MY_TOKEN
 
+ If ``url`` requires webdav authentication, then device will use rclone to copy the file.
+ The rclone configurations must be provided in the following format:
+
+ [$PROJECT]
+
+ type = webdav
+
+ url = $URL
+
+ vendor = other
+
+ user = $USER
+
+ pass = $PASSWORD
+
  * - ``user_data``
  - Required file provided with :ref:`file attachments <file_attachments>`.
  This file will be consumed by the autoinstall and cloud-init.