Reverted back to camelCase for SUMA and resolved bug with https in ho…

…st (suse-edge#60) Reverted back to camelCase, updated documentation for SUMA, and fixed the test to not have https in fqdn
jdob · Dec 12, 2023 · 4728821 · 4728821
1 parent 4c99dcd
commit 4728821
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 17 deletions.
diff --git a/docs/building-images.md b/docs/building-images.md
@@ -69,19 +69,23 @@ operatingSystem:
 
 ## SUSE Manager (SUMA)
 
-Automatic SUSE Manager registration can be configured for the image. The following items must be defined in the
-configuration file under the `suma` section:
+Automatic SUSE Manager registration can be configured for the image, which will happen at system-boot time. Therefore
+your system will need to come up with networking, either via DHCP or configured statically, e.g. via `nmc` or via
+custom scripts. If you're creating an *air-gapped* image, do *not* use the SUSE Manager registration unless your server
+is available from within the air-gapped network.
 
-* `host` - This is the FQDN of the SUSE Manager host that the host needs to register against.
-* `activation_key` - This is the activation key that the node uses to register with.
-* `get_ssl` - This specifies whether EIB should download and install the SUMA SSL Certificate (default: false)
+The following items must be defined in the configuration file under the `suma` section:
+
+* `host` - This is the FQDN of the SUSE Manager host that the host needs to register against (do not use http/s prefix)
+* `activationKey` - This is the activation key that the node uses to register with.
+* `getSSL` - This specifies whether EIB should download and install the SUMA SSL Certificate (default: false)
 
 The default SSL certificate for the SUSE Manager server can usually be found at
-`https://<suma-host>/pub/RHN-ORG-TRUSTED-SSL-CERT`
+`https://<suma-host>/pub/RHN-ORG-TRUSTED-SSL-CERT`, and is currently hardcoded to look at this location relative to `host`.
 
 Additionally, the appropriate *venv-salt-minion* RPM package must be supplied in the RPM's directory so it can be
 installed at boot time prior to SUSE Manager registration taking place. This RPM can usually be found on the
-SUSE Manager service itself at `https://<suma-host>/pub/repositories/slemicro/5/5/bootstrap/x86_64/` as an example.
+SUSE Manager host itself at `https://<suma-host>/pub/repositories/slemicro/5/5/bootstrap/x86_64/` as an example.
 
 ## Image Configuration Directory
 

diff --git a/pkg/combustion/suma_test.go b/pkg/combustion/suma_test.go
@@ -38,7 +38,7 @@ func TestConfigureSuma_FullConfiguration(t *testing.T) {
 	ctx.ImageDefinition = &image.Definition{
 		OperatingSystem: image.OperatingSystem{
 			Suma: image.Suma{
-				Host:          "https://suma.edge.suse.com",
+				Host:          "suma.edge.suse.com",
 				ActivationKey: "slemicro55",
 				GetSSL:        true,
 			},
@@ -68,7 +68,7 @@ func TestConfigureSuma_FullConfiguration(t *testing.T) {
 	assert.Contains(t, foundContents, "update-ca-certificates")
 
 	// - Ensure that we have the correct URL defined
-	assert.Contains(t, foundContents, "master: https://suma.edge.suse.com")
+	assert.Contains(t, foundContents, "master: suma.edge.suse.com")
 
 	// - Ensure that we've got the activation key defined
 	assert.Contains(t, foundContents, "activation_key: \"slemicro55\"")

diff --git a/pkg/combustion/templates/12-suma-register.sh.tpl b/pkg/combustion/templates/12-suma-register.sh.tpl
@@ -4,8 +4,8 @@ set -euo pipefail
 mkdir -p /etc/venv-salt-minion/
 
 {{ if .GetSSL }}
-	curl -k -o /etc/pki/trust/anchors/suma-cert.pem https://{{ .Host }}/pub/RHN-ORG-TRUSTED-SSL-CERT
-	update-ca-certificates
+curl -k -o /etc/pki/trust/anchors/suma-cert.pem https://{{ .Host }}/pub/RHN-ORG-TRUSTED-SSL-CERT
+update-ca-certificates
 {{ end }}
 
 cat <<EOF > /etc/venv-salt-minion/minion

diff --git a/pkg/image/definition.go b/pkg/image/definition.go
@@ -43,8 +43,8 @@ type Systemd struct {
 
 type Suma struct {
 	Host          string `yaml:"host"`
-	ActivationKey string `yaml:"activation_key"`
-	GetSSL        bool   `yaml:"get_ssl"`
+	ActivationKey string `yaml:"activationKey"`
+	GetSSL        bool   `yaml:"getSSL"`
 }
 
 func ParseDefinition(data []byte) (*Definition, error) {

diff --git a/pkg/image/definition_test.go b/pkg/image/definition_test.go
@@ -58,7 +58,7 @@ func TestParse(t *testing.T) {
 
 	// Operating System -> Suma
 	suma := definition.OperatingSystem.Suma
-	assert.Equal(t, "https://suma.edge.suse.com", suma.Host)
+	assert.Equal(t, "suma.edge.suse.com", suma.Host)
 	assert.Equal(t, "slemicro55", suma.ActivationKey)
 	assert.Equal(t, false, suma.GetSSL)
 }

diff --git a/pkg/image/testdata/full-valid-example.yaml b/pkg/image/testdata/full-valid-example.yaml
@@ -22,6 +22,6 @@ operatingSystem:
     - username: gamma
       sshKey: ssh-rsa BBBBB3NzaC1yc2EAAAADAQABAAABgQDnb80jkq8jYqC7EeXdtmdMLoQ/qeCzFPRrNyA5H5iB3k21Oc8ccBR2nIbteam39E0p4mwR2MVNACOR0cixgWskIb5bR8KqiqLMdj4PKMLX5r1jbtcB3/6beBKPqOpk0N2NwTy5BUH8NMwRpdzcq0QeY60f1z+PLJ4vTb0mcdyRkO4m0mqGa/LrBn9H5V3AAW6TdLO9LKjvUqHX+6vWKiWu2wJffTQQAxY9rsT+JoBVk8zes06zh+CVd7bGozJXp1t6SHQjJ7V9pLNfdMO4TJFpi3mVh3RLsg24RGoMVRNCjfYaBQkUJununzpPB9O9esOhfffM2puumAkspPALMiODcYK5bzF26YvDM124e5VQJo50GqbTNJEXB7PsZF4TezivS5xCuGoO6sSrk+heWKzgnLK7/qHI55XuExBbzfTawwWpGrSOw4YYCkrCa0bPYsY8Ef5iIQMwFseWz0i57eZp2pJfn65p4osM+r08R+X8BwEvK+BsyW/wtCI06xwFtdM= [email protected]
   suma:
-    host: https://suma.edge.suse.com
-    activation_key: slemicro55
-    get_ssl: false
+    host: suma.edge.suse.com
+    activationKey: slemicro55
+    getSSL: false