packaging
/
ostree
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

tests,ci: Move "test-basic" (bare mode) to installed test 

Our CI uses default Docker, which has SELinux labeling but is rather
evil in returning `EOPNOTSUPP` to any attempts to set `security.selinux`,
even if to the same value.

The previous fire 🔥 for this was: https://github.com/ostreedev/ostree/pull/759

The `bare` repo mode really only makes sense as uid 0, so our installed
test framework is a good match for this.  However, the unit tests *do*
work in a privileged container even as non-root, and *also* should
work on SELinux-disabled systems.  So let's teach the test framework
how to skip in those situations.

I tested this both in a priv container (my default builder) and an unpriv
container (like our CI).

At the same time, start executing the `test-basic.sh` from an installed test,
so we get better coverage than before.

This is just the start - all of the sysroot tests really need the
same treatment.

Closes: #1217
Approved by: jlebon
This commit is contained in:
Colin Walters 2017-09-26 12:41:07 -04:00 committed by Atomic Bot
parent 25a7c4bd4e
commit 5963d5a2a9
7 changed files with 60 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.papr.yml
View File

@ -153,7 +153,7 @@ tests:
- make install DESTDIR=$(pwd)/insttree - make install DESTDIR=$(pwd)/insttree
- yum -y install rsync - yum -y install rsync
- rsync -rl -e 'ssh -o User=root' . vmcheck:ostree/ - rsync -rl -e 'ssh -o User=root' . vmcheck:ostree/
- ssh root@vmcheck './ostree/tests/installed/fah-prep.sh && ostree admin unlock && rsync -rlv ./ostree/insttree/usr/ /usr/ && ./ostree/tests/installed/run.sh' - ssh root@vmcheck './ostree/tests/installed/fah-prep.sh && ./ostree/tests/installed/run.sh'
--- ---

6
tests/basic-test.sh
View File

@ -19,11 +19,7 @@
set -euo pipefail set -euo pipefail
echo "1..$((73 + ${extra_basic_tests:-0}))" echo "1..$((72 + ${extra_basic_tests:-0}))"
$CMD_PREFIX ostree --version > version.yaml
python -c 'import yaml; yaml.safe_load(open("version.yaml"))'
echo "ok yaml version"
CHECKOUT_U_ARG="" CHECKOUT_U_ARG=""
CHECKOUT_H_ARGS="-H" CHECKOUT_H_ARGS="-H"

2
tests/installed/fah-prep.sh
View File

@ -6,3 +6,5 @@ if lvm lvs atomicos/docker-pool &>/dev/null; then
lvm lvremove -f atomicos/docker-pool lvm lvremove -f atomicos/docker-pool
fi fi
lvm lvextend -r -l +100%FREE atomicos/root lvm lvextend -r -l +100%FREE atomicos/root
ostree admin unlock
rsync -rlv ./ostree/insttree/usr/ /usr/

25
tests/installed/itest-bare-unit.sh Executable file
View File

@ -0,0 +1,25 @@
#!/bin/bash
# Run test-basic.sh as root.
# https://github.com/ostreedev/ostree/pull/1199
set -xeuo pipefail
dn=$(dirname $0)
. ${dn}/libinsttest.sh
# Use /var/tmp to hopefully use XFS + O_TMPFILE etc.
tempdir=$(mktemp -d /var/tmp/tap-test.XXXXXX)
touch ${tempdir}/.testtmp
function cleanup () {
if test -f ${tempdir}/.testtmp; then
rm "${tempdir}" -rf
fi
}
trap cleanup EXIT
cd ${tempdir}
# This sort of bypasses the installed-tests spec;
# fixing that would require installing g-d-t-r, though
# more ideally we architect things with a "control" container
# distinct from the host.
/usr/libexec/installed-tests/libostree/test-basic.sh

24
tests/libtest.sh
View File

@ -546,6 +546,30 @@ skip_without_user_xattrs () {
fi fi
} }
# Skip unless SELinux is disabled, or we can relabel.
# Default Docker has security.selinux xattrs, but returns
# EOPNOTSUPP when trying to set them, even to the existing value.
# https://github.com/ostreedev/ostree/pull/759
# https://github.com/ostreedev/ostree/pull/1217
skip_without_no_selinux_or_relabel () {
cd ${test_tmpdir}
echo testlabel > testlabel.txt
selinux_xattr=security.selinux
if getfattr --encoding=base64 -n ${selinux_xattr} testlabel.txt >label.txt 2>err.txt; then
label=$(grep -E -e "^${selinux_xattr}=" < label.txt |sed -e "s,${selinux_xattr}=,,")
if setfattr -n ${selinux_xattr} -v ${label} testlabel.txt 2>err.txt; then
echo "SELinux enabled in $(pwd), and have privileges to relabel"
return 0
else
sed -e 's/^/# /' < err.txt >&2
skip "Found SELinux label, but unable to set (Unprivileged Docker?)"
fi
else
sed -e 's/^/# /' < err.txt >&2
skip "Unable to retrieve SELinux label, assuming disabled"
fi
}
# https://brokenpi.pe/tools/strace-fault-injection # https://brokenpi.pe/tools/strace-fault-injection
_have_strace_fault_injection='' _have_strace_fault_injection=''
have_strace_fault_injection() { have_strace_fault_injection() {

6
tests/test-basic-user-only.sh
View File

@ -22,9 +22,13 @@ set -euo pipefail
. $(dirname $0)/libtest.sh . $(dirname $0)/libtest.sh
setup_test_repository "bare-user-only" setup_test_repository "bare-user-only"
extra_basic_tests=4 extra_basic_tests=5
. $(dirname $0)/basic-test.sh . $(dirname $0)/basic-test.sh
$CMD_PREFIX ostree --version > version.yaml
python -c 'import yaml; yaml.safe_load(open("version.yaml"))'
echo "ok yaml version"
# Reset things so we don't inherit a lot of state from earlier tests # Reset things so we don't inherit a lot of state from earlier tests
cd ${test_tmpdir} cd ${test_tmpdir}
rm repo files -rf rm repo files -rf

3
tests/test-basic.sh
View File

@ -21,6 +21,7 @@ set -euo pipefail
. $(dirname $0)/libtest.sh . $(dirname $0)/libtest.sh
setup_test_repository "bare" skip_without_no_selinux_or_relabel
setup_test_repository "bare"
. $(dirname $0)/basic-test.sh . $(dirname $0)/basic-test.sh