* fix: Remove POSIX-incompatible 'local' keyword from install.sh
The install.sh script uses #\!/usr/bin/env sh (POSIX shell) but was using
the 'local' keyword in the tryGetMetadata function, which is a bash-specific
feature. This caused shellcheck to fail with SC3043 warnings in CI.
Fixed by removing 'local' keywords from variable declarations in the
tryGetMetadata function. The variables are still function-scoped in practice
since they're assigned at the beginning of the function.
This resolves the CI failure introduced in PR #14788 (run #919).
* ci: Make ansible-lint stricter and fix basic issues
- Remove || true from ansible-lint CI job to enforce linting
- Enable name[play] rule - all plays should be named
- Enable yaml[new-line-at-end-of-file] rule
- Move name[missing] from skip_list to warn_list (first step)
- Add names to plays in main.yml and users.yml
- Document future linting improvements in comments
This makes the CI stricter while fixing the easy issues first.
More comprehensive fixes for the 113 name[missing] warnings can
be addressed in future PRs.
* fix: Add name[missing] to skip_list temporarily
The ansible-lint CI is failing because name[missing] was not properly
added to skip_list. This causes 113 name[missing] errors to fail the CI.
Adding it to skip_list for now to fix the CI. The rule can be moved to
warn_list and eventually enabled once all tasks are properly named in
future PRs.
* fix: Fix ansible-lint critical errors
- Fix schema[tasks] error in roles/local/tasks/prompts.yml by removing with_items loop
- Add missing newline at end of requirements.yml
- Replace ignore_errors with failed_when in reboot task
- Add pipefail to shell command with pipes in strongswan openssl task
These fixes address all critical ansible-lint errors that were causing CI failures.
Added configurable timeouts and retry logic to all curl commands in publicIpFromMetadata():
- --connect-timeout 5: 5 seconds to establish connection
- --max-time ${METADATA_TIMEOUT:-20}: Configurable timeout (default 20 seconds)
- Retry logic: Try up to 2 times with 2-second delay between attempts
- Environment variable: METADATA_TIMEOUT can override default timeout
This prevents the installation script from hanging indefinitely when:
- Metadata services are slow or unresponsive
- Network issues cause connections to stall
- Script is run in non-cloud environments where metadata IPs don't respond
The increased timeout (20s) and retry logic ensure compatibility with:
- Azure deployments in secondary regions (known to be slower)
- High-latency environments (satellite, rural connections)
- Corporate environments with proxies or deep packet inspection
- Temporary network glitches or cloud provider maintenance
The existing fallback to publicIpFromInterface() will handle cases where
metadata endpoints are unavailable after all retry attempts.
Fixes#14350🤖 Generated with [Claude Code](https://claude.ai/code)
Co-authored-by: Claude <noreply@anthropic.com>
* add the install script to support cloud-init and local one-shot deployments
* update travis-ci tests
* update docs
* enable no_log again
* update docs
