diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9fdb4ec..97e4d49 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -76,7 +76,7 @@ security_scanner: services: - docker:dind script: - - make images/debian-stretch.squashfs + - make images/debian-buster.squashfs artifacts: paths: - images diff --git a/Makefile b/Makefile index f84b350..e8716e9 100644 --- a/Makefile +++ b/Makefile @@ -20,7 +20,7 @@ qemu_network = 10.2.2.0 qemu_netmask = 24 qemu_vm_ip = 10.2.2.10 qemu_disk = tmp/qemu-disk.img -qemu_target ?= debian-stretch +qemu_target ?= debian-buster qemu_kernel = $(qemu_target).linux qemu_torrent = $(qemu_target).torrent qemu_initramfs = $(shell \ @@ -33,7 +33,7 @@ fi \ ci_environment=$(shell env | sed -n 's/^\(CI_.*\)=.*/-e \1/p') .PHONY: default -default: builderimg images/debian-stretch.squashfs +default: builderimg images/debian-buster.squashfs .PHONY: clean clean: @@ -52,7 +52,7 @@ images: [ ! -d "$@" ] && mkdir "$@" touch "$@" -images/debian-stretch.squashfs: images +images/debian-buster.squashfs: images docker run \ --rm \ -v /var/run/docker.sock:/var/run/docker.sock \ @@ -67,9 +67,9 @@ images/debian-stretch.squashfs: images -e "COMPRESSION_LEVEL=$(COMPRESSION_LEVEL)" \ $(ci_environment) \ "$(DOCKER_IMAGE_BUILDER)" \ - debian-stretch + debian-buster -images/debian-stretch.torrent: images +images/debian-buster.torrent: images docker run \ --rm \ -v "${PWD}/images:/images" \ @@ -79,7 +79,7 @@ images/debian-stretch.torrent: images -e "WEBSEED=$(WEBSEED)" \ -e "TASK=torrent" \ "$(DOCKER_IMAGE_BUILDER)" \ - debian-stretch + debian-buster .PHONY: ansible ansible: @@ -102,24 +102,24 @@ ansible: # updates the initramfs # only used for development -images/debian-stretch.initramfs.dev: tmp/initramfs-extracted/debian-stretch packer/initramfs/labsync - cp packer/initramfs/labsync tmp/initramfs-extracted/debian-stretch/scripts/labsync - (cd tmp/initramfs-extracted/debian-stretch && find . | cpio -H newc -o | gzip > $(CWD)/images/debian-stretch.initramfs.dev) +images/debian-buster.initramfs.dev: tmp/initramfs-extracted/debian-buster packer/initramfs/labsync + cp packer/initramfs/labsync tmp/initramfs-extracted/debian-buster/scripts/labsync + (cd tmp/initramfs-extracted/debian-buster && find . | cpio -H newc -o | gzip > $(CWD)/images/debian-buster.initramfs.dev) tmp: [ ! -d "$@" ] && mkdir "$@" || true -tmp/initramfs-extracted/debian-stretch: images/debian-stretch.initramfs - rm -rf tmp/initramfs-extracted/debian-stretch - mkdir -p tmp/initramfs-extracted/debian-stretch - (cd tmp/initramfs-extracted/debian-stretch && zcat "$(CWD)/images/debian-stretch.initramfs" | cpio -i) - touch tmp/initramfs-extracted/debian-stretch +tmp/initramfs-extracted/debian-buster: images/debian-buster.initramfs + rm -rf tmp/initramfs-extracted/debian-buster + mkdir -p tmp/initramfs-extracted/debian-buster + (cd tmp/initramfs-extracted/debian-buster && zcat "$(CWD)/images/debian-buster.initramfs" | cpio -i) + touch tmp/initramfs-extracted/debian-buster $(qemu_disk): tmp qemu-img create "$@" 20G tmp/netboot.tar.gz: tmp - wget -c -O "$@" https://cdn-aws.deb.debian.org/debian/dists/stretch/main/installer-amd64/current/images/netboot/netboot.tar.gz + wget -c -O "$@" https://cdn-aws.deb.debian.org/debian/dists/buster/main/installer-amd64/current/images/netboot/netboot.tar.gz touch "$@" tmp/tftproot: tmp/netboot.tar.gz diff --git a/packer/ansible/roles/packages/tasks/sources.yml b/packer/ansible/roles/packages/tasks/sources.yml index d6befbc..0392177 100644 --- a/packer/ansible/roles/packages/tasks/sources.yml +++ b/packer/ansible/roles/packages/tasks/sources.yml @@ -11,20 +11,20 @@ - name: configure main repo apt_repository: - filename: "{{ ansible_distribution_release }}" - repo: "deb {{ debian_mirror }} {{ ansible_distribution_release }} {{ debian_sections | join(' ') }}" + filename: "{{ ansible_lsb.codename }}" + repo: "deb {{ debian_mirror }} {{ ansible_lsb.codename }} {{ debian_sections | join(' ') }}" state: present - name: configure updates repo apt_repository: - filename: "{{ ansible_distribution_release }}-updates" - repo: "deb {{ mirror }} {{ ansible_distribution_release }}-updates {{ debian_sections | join(' ') }}" + filename: "{{ ansible_lsb.codename }}-updates" + repo: "deb {{ mirror }} {{ ansible_lsb.codename }}-updates {{ debian_sections | join(' ') }}" state: present vars: mirror: "{{ debian_mirror_updates | default(debian_mirror) }}" - name: configure security updates repo apt_repository: - filename: "{{ ansible_distribution_release }}-security" - repo: "deb {{ debian_mirror_security }} {{ ansible_distribution_release }}/updates {{ debian_sections | join(' ') }}" + filename: "{{ ansible_lsb.codename }}-security" + repo: "deb {{ debian_mirror_security }} {{ ansible_lsb.codename }}/updates {{ debian_sections | join(' ') }}" state: present diff --git a/packer/debian-stretch.json b/packer/debian-buster.json similarity index 97% rename from packer/debian-stretch.json rename to packer/debian-buster.json index 6ec13b0..645efee 100644 --- a/packer/debian-stretch.json +++ b/packer/debian-buster.json @@ -22,7 +22,7 @@ [ { "type": "docker", - "image": "debian:stretch", + "image": "debian:buster", "discard": true, "run_command": [ "-d", @@ -80,7 +80,7 @@ }, { "type": "shell", - "inline": [ "apt-get -y install openssh-server python" ] + "inline": [ "apt-get -y install openssh-server python lsb-release" ] }, { "type": "ansible", diff --git a/security-scanner/Dockerfile b/security-scanner/Dockerfile index d72732c..3b1eb74 100644 --- a/security-scanner/Dockerfile +++ b/security-scanner/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:stretch-slim +FROM debian:buster-slim RUN apt-get update \ && apt-get -y install \ diff --git a/txt.cfg b/txt.cfg index 98ca8e5..2f544a4 100644 --- a/txt.cfg +++ b/txt.cfg @@ -1,7 +1,7 @@ label labsync menu label ^labsync - kernel images/debian-stretch.linux - append initrd=images/debian-stretch.initramfs.dev boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-stretch.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause + kernel images/debian-buster.linux + append initrd=images/debian-buster.initramfs.dev boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-buster.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause label install menu label ^Install