[Swan-dev] time to delete old dist_certs shell script (attempt #2)?

Andrew Cagney andrew.cagney at gmail.com
Wed Jun 24 23:47:14 EEST 2015

On 24 June 2015 at 14:52, Paul Wouters <paul at nohats.ca> wrote:
> On Wed, 24 Jun 2015, Andrew Cagney wrote:
>>> Why did you pick "east" as the one to do the work on?
>> It's completely arbitrary.  The VMs are identical.
> Note we would need to update the kickstart file for pyOpenSSL
> and opssibly other pacakges for the guests. I don't really see
> a good reason to generate those on a guest instead of a host.

That was done a while ago.  At least for fedora.
Using the guest renders any argument that dist_certs.py are broken on
host XYZ mute.

> We could add a check to see if the timestamp on the testing/x509
> directory is newer that the certificate generated, and only then
> regenerate all certs - all before starting the tests.

The dependencies:

check: testing/x509/keys/mainca.key
testing/x509/keys/mainca.key: testing/x509/dist_certs.py

seem to be sufficient (Never depend on a directory.)

>> - fedorabase gets created with everything on it
>> - all the tests get cloned from fedorabase
>> - fedorabase gets deleted
>> So the short answer is "because it works" :-)
>> (Now if only someone could explain why fedorabase gets deleted :-)
> Because it is never ever used for anything anymore once the VMs are
> created? Each VM has their own base +qcow file. Note this is what
> slows virtual machines down over time. It's good to regenerate the
> VMs every 2-3 months.

I'm finding it a time saver.

Instead of the slow painful process of trying to patch up the
kickstart file and, again, build everything from scratch (something
always goes wrong), I patch up fedorabase directly and then generate
the test VMs from that.  The only got-ya I've found is that
fedorabase's filesystem needs to have been unmounted cleanly.

If the VMs should be re-generated regularly then this hack is likely
more useful :-)


More information about the Swan-dev mailing list