Code Review / ci-management.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: b2d3edd)
Update Ubuntu baseline to disable daily auto-update 51/4451/1
authorAndrew Grimberg <agrimberg@linuxfoundation.org>
Wed, 21 Dec 2016 14:36:30 +0000 (06:36 -0800)
committerAndrew Grimberg <agrimberg@linuxfoundation.org>
Wed, 21 Dec 2016 14:38:14 +0000 (06:38 -0800)
* Updates the Ubuntu baseline build section to forcibly disable the
  default daily system package update for security patches
* Make sure that the provision/basebuild directory that the build
  template is using exists with a .dummy placeholder

Change-Id: Iffd493c3cfb6263d32d65d06e0e20a3bdbc58926
Signed-off-by: Andrew Grimberg <agrimberg@linuxfoundation.org>
packer/provision/basebuild/.dummy [new file with mode: 0644] patch | blob
packer/provision/baseline.sh patch | blob | history

diff --git a/packer/provision/basebuild/.dummy b/packer/provision/basebuild/.dummy
new file mode 100644 (file)
index 0000000..e69de29
diff --git a/packer/provision/baseline.sh b/packer/provision/baseline.sh
index 3678355..e33821c 100644 (file)
--- a/packer/provision/baseline.sh
+++ b/packer/provision/baseline.sh
@@ -120,6 +120,18 @@ EOF
     # make sure that we still default to openjdk 7
     update-alternatives --set java /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
     update-alternatives --set javac /usr/lib/jvm/java-7-openjdk-amd64/bin/javac
+
+    # disable unattended upgrades & daily updates
+    echo '---> Disabling automatic daily upgrades'
+    apt-get remove unattended-upgrades
+    if [ -f /usr/bin/systemctl ]
+    then
+        systemctl stop apt.systemd.daily
+        systemctl disable apt.systemd.daily
+    else
+        /etc/init.d/unattended-upgrades stop
+        update-rc.d -f unattended-upgrades remove
+    fi
 }
 
 all_systems() {
Management repo for Jenkins Job Builder, script and management related to the Jenkins CI configuration.