From 56dd371fa82bd58e2ad449c4c9daae724d710bd1 Mon Sep 17 00:00:00 2001
From: Khue Doan <khuedoan98@gmail.com>
Date: Sun, 16 May 2021 15:10:23 +0700
Subject: [PATCH] Extract instead of mounting the OS ISO file

Avoid using privileged container or root permission on local machine
---
 metal/Makefile                        |  1 -
 metal/roles/pxe-boot/tasks/server.yml | 14 +++++---------
 tools/Dockerfile                      |  2 ++
 3 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/metal/Makefile b/metal/Makefile
index 9419bf9e..f4a38ba2 100644
--- a/metal/Makefile
+++ b/metal/Makefile
@@ -4,7 +4,6 @@ default: run
 
 run:
 	ansible-playbook \
-		--ask-become-pass \
 		--inventory hosts.ini \
 		main.yml
 
diff --git a/metal/roles/pxe-boot/tasks/server.yml b/metal/roles/pxe-boot/tasks/server.yml
index 25724111..04c5075b 100644
--- a/metal/roles/pxe-boot/tasks/server.yml
+++ b/metal/roles/pxe-boot/tasks/server.yml
@@ -15,18 +15,14 @@
 - name: Download ISO
   get_url:
     url: "{{ iso_url }}"
-    dest: "{{ role_path }}/build/images/centos8.iso"
+    dest: "{{ role_path }}/build/images/CentOS-8.3.2011-x86_64-dvd1.iso"
     checksum: "{{ iso_checksum }}"
   delegate_to: localhost
+  register: iso
 
-- name: Mount the ISO
-  mount:
-    src: "{{ role_path }}/build/images/centos8.iso"
-    path: "{{ role_path }}/build/mnt"
-    fstype: iso9660
-    opts: loop,ro
-    state: mounted
-  become: yes
+- name: Extract the ISO
+  command: "xorriso -osirrox on -indev {{ iso.dest }} -extract / {{ role_path }}/build/mnt"
+  creates: "{{ role_path }}/build/mnt/.treeinfo"
 
 - name: Copy configs
   copy:
diff --git a/tools/Dockerfile b/tools/Dockerfile
index 8e4fdb95..5d1cf90f 100644
--- a/tools/Dockerfile
+++ b/tools/Dockerfile
@@ -7,9 +7,11 @@ RUN yes | pacman --sync --refresh \
         ansible \
         curl \
         docker \
+        docker-compose \
         git \
         helm \
         kubectl \
+        libisoburn \
         lxd \
         make \
         neovim \