keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1f408bd396
rpm-ostree/tests/common/libtest.sh

363 lines
10 KiB
Bash
Raw Normal View History

Import some basic testing infrastructure from OSTree This is using the https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests model. In order to run the tests, you will need to: ./configure --enable-installed-tests Then: gnome-desktop-testing-runner -p 0 rpm-ostree/
2014-07-16 17:02:45 +04:00
# Source library for shell script tests
#
# Copyright (C) 2011 Colin Walters <walters@verbum.org>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
libtest.sh: add include guard
2016-02-26 20:52:42 +03:00
# Have we already been sourced?
if test -n "${LIBTEST_SH:-}"; then
# would be good to know when it happens
echo "INFO: Skipping subsequent sourcing of libtest.sh"
return
fi
LIBTEST_SH=1
tests: no longer use installed tests For now, we don't remove the ability to install tests (e.g. the necessary blurbs in glib-tap.mk are still there), but we take out all our previously installed tests from the list. All the previously installed tests are then converted to work uninstalled. This also allows us to do some simplifications in the test cases. Also do some cleanups in the Makefile to improve legibility. Closes: #304 Approved by: cgwalters
2016-06-06 19:08:29 +03:00
self="$(realpath $0)"
tests: Trim out dead code from libtest.sh, rework SRCDIR The main goal here is to get `assert_jq()` usable in kola tests. This was forked from ostree long ago but we aren't using most of it. I want to try to move this into kola where we're just using `tests/common` but this code references `tests/gpghome` which we weren't using. Only a few things here reference `SRCDIR` - change those to fail for now if it's not set, since we're not running those tests in kola yet. I will eventually try to clean that up later.
2020-05-06 18:29:08 +03:00
if test -z "${SRCDIR:-}" && test -n "${topsrcdir:-}"; then
tests: Use libtest-core.sh from ostree Reduces drift. In the future we may want to explicitly share more test suite code too. See https://github.com/ostreedev/ostree/pull/877 Closes: #782 Approved by: jlebon
2017-05-19 20:24:42 +03:00
SRCDIR=${topsrcdir}/tests
tests: Trim out dead code from libtest.sh, rework SRCDIR The main goal here is to get `assert_jq()` usable in kola tests. This was forked from ostree long ago but we aren't using most of it. I want to try to move this into kola where we're just using `tests/common` but this code references `tests/gpghome` which we weren't using. Only a few things here reference `SRCDIR` - change those to fail for now if it's not set, since we're not running those tests in kola yet. I will eventually try to clean that up later.
2020-05-06 18:29:08 +03:00
commondir=${SRCDIR}/common
tests: Use libtest-core.sh from ostree Reduces drift. In the future we may want to explicitly share more test suite code too. See https://github.com/ostreedev/ostree/pull/877 Closes: #782 Approved by: jlebon
2017-05-19 20:24:42 +03:00
fi
tests: Trim out dead code from libtest.sh, rework SRCDIR The main goal here is to get `assert_jq()` usable in kola tests. This was forked from ostree long ago but we aren't using most of it. I want to try to move this into kola where we're just using `tests/common` but this code references `tests/gpghome` which we weren't using. Only a few things here reference `SRCDIR` - change those to fail for now if it's not set, since we're not running those tests in kola yet. I will eventually try to clean that up later.
2020-05-06 18:29:08 +03:00
commondir=${commondir:-${KOLA_EXT_DATA}}
. ${commondir}/libtest-core.sh
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
tests: Hard require jq I don't see a reason not to require more stuff to execute tests, and having it be optional reduces our coverage unnecessarily. Closes: #580 Approved by: jlebon
2017-01-17 17:12:26 +03:00
for bin in jq; do
if ! command -v $bin >/dev/null; then
(echo ${bin} is required to execute tests 1>&2; exit 1)
fi
done
tests: Add test coverage for rpm-ostree container
2016-02-10 13:42:57 +03:00
_cleanup_tmpdir () {
tests: Add ./tests/compose Our current compose tests only use a synthetic `empty.rpm`, but this really limits usefulness. Let's make a test suite that requires an internet connection and downloads Fedora RPMs and does "real" tree composes. See the updated `tests/README.md` for more information. This is still a WIP. Closes: #531 Approved by: jlebon
2016-12-03 02:07:08 +03:00
if test -z "${TEST_SKIP_CLEANUP:-}"; then
if test -f ${test_tmpdir}/.test; then
rm ${test_tmpdir} -rf
fi
else
echo "Skipping cleanup of ${test_tmpdir}"
tests: Add test coverage for rpm-ostree container
2016-02-10 13:42:57 +03:00
fi
}
setup-session.sh: use libtest.sh for setup The libtest.sh script is aware of whether a tmpdir needs to be created or not for the test. Make use of this in setup-session.sh so that we're sure we're in the right directory before creating the sysroot dir.
2016-02-26 19:12:11 +03:00
vmcheck: add a basic test harness This is a very simple test harness inspired by the atomic one. It's a simple bash script that sets up a permanent ssh connection to the host and runs the test scripts. Also add a "demo" test-basic.sh test to make sure that it works. Closes: #344 Approved by: cgwalters
2016-06-21 19:37:02 +03:00
# Create a tmpdir if we're running as a local test (i.e. through `make check`)
# or as a `vmcheck` test, which also needs some scratch space on the host.
tests/compose: Target FCOS 31, move off of PAPR Again, a lot going on here, but essentially, we adapt the compose tests to run either privileged or fully unprivileged via supermin, just like cosa. I actually got more than halfway through this initially using `cosa build` directly for testing. But in the end, we simply need more flexibility than that. We want to be able to manipulate exactly how rpm-ostree is called, and cosa is very opinionated about this (and may also change from under us in the future). (Another big difference for example is that cosa doesn't care about non-unified mode, whereas we *need* to have coverage for this until we fully kill it.) Really, the most important bit we want from there is the unprivileged-via-supermin bits. So we copy and adapt that here. One obvious improvement then is sharing this code more easily (e.g. a `cosa runasroot` or something?) However, we still use the FCOS manifest (frozen at a specific tag). It's a realistic example, and because of the lockfiles and pool, we get good reproducibility.
2019-12-22 01:42:09 +03:00
if { test -n "${UNINSTALLEDTESTS:-}" || \
test -n "${VMTESTS:-}" || \
test -n "${COMPOSETESTS:-}"; } && ! test -f "$PWD/.test"; then
Rework vmcheck to use `kola spawn`, move off of PAPR There's a lot going on here, but essentially: 1. We change the `vmcheck` model so that it always operates on an immutable base image. It takes that image and dynamically launches a separate VM for each test using `kola spawn`. This means we can drop a lot of hacks around re-using the same VMs. 2. Following from 1., `vmoverlay` now takes as input a base image, overlays the built rpm-ostree bits, then creates a new base image. Of course, we don't have to do this in CI, because we build FCOS with the freshly built RPMs (so it uses `SKIP_VMOVERLAY=1`). `vmoverlay` then will be more for the developer case where one doesn't want to iterate via `cosa build` to test rpm-ostree changes. I say "will" because the functionality doesn't exist yet; I'd like to enhance `cosa dev-overlay` to do this. (Note `vmsync` should still works just as before too.) 3. `vmcheck` can be run without building the tree first, as `tests/vmcheck.sh`. The `make vmcheck` target still exists though for finger compatibility and better meshing with `vmoverlay` in the developer case. What's really nice about using kola spawn is that it takes care of a lot of things for us, such as the qemu command, journal and console gathering, and SSH. Similarly to the compose testsuites, we're using parallel here to run multiple vmcheck tests at once. (On developer laptops, we cap parallelism at `$(nproc) - 1`).
2019-12-13 20:23:41 +03:00
# Use --tmpdir to keep it in /tmp. This also keeps paths short; this is
# important if we want to create UNIX sockets under there.
test_tmpdir=$(mktemp -d test.XXXXXX --tmpdir)
tests: Add test coverage for rpm-ostree container
2016-02-10 13:42:57 +03:00
touch ${test_tmpdir}/.test
tests/compose: Target FCOS 31, move off of PAPR Again, a lot going on here, but essentially, we adapt the compose tests to run either privileged or fully unprivileged via supermin, just like cosa. I actually got more than halfway through this initially using `cosa build` directly for testing. But in the end, we simply need more flexibility than that. We want to be able to manipulate exactly how rpm-ostree is called, and cosa is very opinionated about this (and may also change from under us in the future). (Another big difference for example is that cosa doesn't care about non-unified mode, whereas we *need* to have coverage for this until we fully kill it.) Really, the most important bit we want from there is the unprivileged-via-supermin bits. So we copy and adapt that here. One obvious improvement then is sharing this code more easily (e.g. a `cosa runasroot` or something?) However, we still use the FCOS manifest (frozen at a specific tag). It's a realistic example, and because of the lockfiles and pool, we get good reproducibility.
2019-12-22 01:42:09 +03:00
trap _cleanup_tmpdir EXIT SIGINT
tests: Add test coverage for rpm-ostree container
2016-02-10 13:42:57 +03:00
cd ${test_tmpdir}
tests: Add ./tests/compose Our current compose tests only use a synthetic `empty.rpm`, but this really limits usefulness. Let's make a test suite that requires an internet connection and downloads Fedora RPMs and does "real" tree composes. See the updated `tests/README.md` for more information. This is still a WIP. Closes: #531 Approved by: jlebon
2016-12-03 02:07:08 +03:00
fi
if test -n "${UNINSTALLEDTESTS:-}"; then
export PATH=${builddir}:${PATH}
setup-session.sh: use libtest.sh for setup The libtest.sh script is aware of whether a tmpdir needs to be created or not for the test. Make use of this in setup-session.sh so that we're sure we're in the right directory before creating the sysroot dir.
2016-02-26 19:12:11 +03:00
fi
Import some basic testing infrastructure from OSTree This is using the https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests model. In order to run the tests, you will need to: ./configure --enable-installed-tests Then: gnome-desktop-testing-runner -p 0 rpm-ostree/
2014-07-16 17:02:45 +04:00
test_tmpdir=$(pwd)
tests: Honor TEST_SKIP_CLEANUP like ostree We seem to have substantial infrastructure drift here between the two, and I was *really* confused why `TEST_SKIP_CLEANUP` wasn't being honored. Turned out in rpm-ostree we have tmpdir code in two places, not entirely sure why. Punting full cleanup. Closes: #566 Approved by: jlebon
2017-01-11 23:24:30 +03:00
echo "Using tmpdir ${test_tmpdir}"
Import some basic testing infrastructure from OSTree This is using the https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests model. In order to run the tests, you will need to: ./configure --enable-installed-tests Then: gnome-desktop-testing-runner -p 0 rpm-ostree/
2014-07-16 17:02:45 +04:00
export G_DEBUG=fatal-warnings
tests: make ostree use mutable deployments For the same reasons as described in GNOME/ostree#187. In summary: we want to make it easy for testers to clean up after we're done by not setting the immutable flag. Note that I had to also add it to setup-session.sh so that the daemon inherited the env var. The libtest.sh hunk is redundant in that case, but still necessary if the tests are run directly.
2016-02-19 20:34:36 +03:00
# Don't flag deployments as immutable so that test harnesses can
# easily clean up.
export OSTREE_SYSROOT_DEBUG=mutable-deployments
ci: Build ostree from git temporarily See https://github.com/ostreedev/ostree/issues/758 Closes: #707 Approved by: jlebon
2017-03-25 19:01:03 +03:00
# See comment in ot-builtin-commit.c and https://github.com/ostreedev/ostree/issues/758
# Also keep this in sync with the bits in libostreetest.c
case $(stat -f --printf '%T' /) in
overlayfs)
echo "overlayfs found; enabling OSTREE_NO_XATTRS"
ostree --version
export OSTREE_SYSROOT_DEBUG="${OSTREE_SYSROOT_DEBUG},no-xattrs"
export OSTREE_NO_XATTRS=1 ;;
*) echo "Not using overlayfs" ;;
esac
tests: Add test coverage for rpm-ostree container
2016-02-10 13:42:57 +03:00
if test -n "${OT_TESTS_DEBUG:-}"; then
Import some basic testing infrastructure from OSTree This is using the https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests model. In order to run the tests, you will need to: ./configure --enable-installed-tests Then: gnome-desktop-testing-runner -p 0 rpm-ostree/
2014-07-16 17:02:45 +04:00
set -x
fi
tests: add a check if tests requiring it are run by root Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-01 14:25:36 +03:00
check_root_test ()
{
if test "$(id -u)" != "0"; then
Add .redhat-ci.yml Copied from ostree, tweaked a little bit. We can't yet use `-Werror=unused-variable` until https://github.com/rpm-software-management/libhif/pull/205 Closes: #506 Approved by: jlebon
2016-10-28 23:43:16 +03:00
skip "This test requires uid 0"
fi
if ! capsh --print | grep -q 'Bounding set.*[^a-z]cap_sys_admin'; then
skip "No CAP_SYS_ADMIN in bounding set"
tests: no longer use installed tests For now, we don't remove the ability to install tests (e.g. the necessary blurbs in glib-tap.mk are still there), but we take out all our previously installed tests from the list. All the previously installed tests are then converted to work uninstalled. This also allows us to do some simplifications in the test cases. Also do some cleanups in the Makefile to improve legibility. Closes: #304 Approved by: cgwalters
2016-06-06 19:08:29 +03:00
fi
}
ensure_dbus ()
{
if test -z "$RPMOSTREE_USE_SESSION_BUS"; then
tests: restructure dirs - Move all the uninstalled, non-destructive tests to check/ - Add a README - Move utilities to utils/ - Move common files to common/ Closes: #304 Approved by: cgwalters
2016-06-06 19:46:48 +03:00
exec "$topsrcdir/tests/utils/setup-session.sh" "$self"
tests: add a check if tests requiring it are run by root Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-01 14:25:36 +03:00
fi
}
Add `pending-base-commit` to status One thing that's very confusing about OSTree is there are two layers - deployments and the refs/commits. If one does an `rpm-ostree upgrade`, but then e.g. `ostree admin undeploy 0`, you still have the new revision in the repo. We don't do a good job of displaying this state, or helping people clean it up. Down the line, I also want to better support something like `rpm-ostree pull` to cache updates explicitly *without* deploying. This commit just adds a bit of information to the status display. We might want to have better formatting, but I think this an OK start. Closes: #595 Approved by: jlebon
2017-01-27 07:31:53 +03:00
tests: Skip running introspection tests if built with ASAN This is the rpm-ostree equivalent of <https://github.com/ostreedev/ostree/commit/47b4dd1b38e422254afa67756873957c25aeab6d> Unfortunately, introspection uses `dlopen(), which doesn't quite work when the DSO is compiled with ASAN but the outer executable isn't. Prep for syncing PAPR config with ostree. Closes: #1000 Approved by: jlebon
2017-09-21 23:59:28 +03:00
# https://github.com/ostreedev/ostree/commit/47b4dd1b38e422254afa67756873957c25aeab6d
# Unfortunately, introspection uses dlopen(), which doesn't quite
# work when the DSO is compiled with ASAN but the outer executable
# isn't.
skip_one_with_asan () {
if test -n "${BUILDOPT_ASAN:-}"; then
echo "ok # SKIP - built with ASAN"
return 0
else
return 1
fi
}
app/db-diff: make use of new db API This is the first step towards unifying how we introspect packages from a specific commit. We currently do this in three ways: libdnf, librpm, and now `rpmostree.rpmdb.pkglist`. I'd like to get to a point where we only have `rpmostree.rpmdb.pkglist` and libdnf, the latter only when more complex queries are required. This patch teaches the `db diff` command to make use of the new db diff API so that it can work even on metadata-only commits. This is relevant for use cases mentioned in #558. I didn't get rid of the `rpmhdrs_diff` functions right now because of the `--changelogs` option: libdnf currently does not expose this, so we fall back to the previous API in that case. OTOH, I wonder how much it's actually used in the wild; maybe we could just nix it? Closes: #1162 Approved by: cgwalters
2017-12-21 01:46:04 +03:00
get_obj_path() {
repo=$1; shift
csum=$1; shift
objtype=$1; shift
echo "${repo}/objects/${csum:0:2}/${csum:2}.${objtype}"
}
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
uinfo_cmd() {
tests: Trim out dead code from libtest.sh, rework SRCDIR The main goal here is to get `assert_jq()` usable in kola tests. This was forked from ostree long ago but we aren't using most of it. I want to try to move this into kola where we're just using `tests/common` but this code references `tests/gpghome` which we weren't using. Only a few things here reference `SRCDIR` - change those to fail for now if it's not set, since we're not running those tests in kola yet. I will eventually try to clean that up later.
2020-05-06 18:29:08 +03:00
${SRCDIR}/utils/updateinfo --repo "${test_tmpdir}/yumrepo" "$@"
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
}
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
# builds a new RPM and adds it to the testdir's repo
# $1 - name
# $2+ - optional, treated as directive/value pairs
build_rpm() {
local name=$1; shift
tests: Add a test case for epoch 0 in rpmdb pkglist Basically we're choosing the libdnf behavior of omitting `Epoch: 0` which IMO is the sane thing to do even though in *theory* they're different RPMs but who would ever ship both without incrementing release/etc? More information in: https://github.com/projectatomic/rpm-ostree/pull/187 Closes: #1198 Approved by: cgwalters
2018-01-11 22:02:44 +03:00
# Unset, not zero https://github.com/projectatomic/rpm-ostree/issues/349
local epoch=""
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
local version=1.0
local release=1
local arch=x86_64
mkdir -p $test_tmpdir/yumrepo/{specs,packages}
local spec=$test_tmpdir/yumrepo/specs/$name.spec
# write out the header
cat > $spec << EOF
Name: $name
Summary: %{name}
License: GPLv2+
EOF
scripts: Honor the -e flag for scripts This is required for glibc-all-langpacks at least: https://bugzilla.redhat.com/show_bug.cgi?id=1367585 Otherwise, its usage is...extraordinarily rare. In fact looking at a snapshot of `rpm-specs-20170518.tar.xz` from Fedora, the only other use is in `postfix.spec`, and it appears bogus (the value is already expanded at build time). But the glibc case is special, as the value of `install_langs` is indeed potentially dynamic per system. Closes: #873 Approved by: jlebon
2017-07-13 03:50:08 +03:00
local build= install= files= pretrans= pre= post= posttrans= post_args=
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
local verifyscript= uinfo=
Implement file triggers (%transfiletriggerin) for layered pkgs File triggers are a post-RHEL7 thing; more information at http://rpm.org/user_doc/file_triggers.html There are two notable users I've been testing this with; `glib2` and `vagrant`. The `vagrant` one is more immediately urgent, since it makes `vagrant-libvirt` work, which I currently rely on for my workstation dev. I've tested things successfully with `vagrant`, and I did verify that we run the `glib2` ones when doing `rpm-ostree ex container`. Long term, more transaction file triggers are likely to live in "base" packages like `glib2`. We don't implement those yet, but extending this to do that shouldn't be too hard. There was *significant* what I'd call reverse engineering of the implementation in librpm. The file triggers code there is spread out and abstracted in a few different places in the code. I found trying to understand what header values were involved to be quite tricky. There are some corner cases like multiple patterns that I *think* this does correctly, but could use more validation. The main question I had was - is it required that the patterns for e.g. `%transfiletriggerin` and `%transfiletriggerun` be identical? Closes: https://github.com/projectatomic/rpm-ostree/issues/648 Closes: #869 Approved by: jlebon
2017-07-07 17:45:10 +03:00
local transfiletriggerin= transfiletriggerin_patterns=
local transfiletriggerin2= transfiletriggerin2_patterns=
local transfiletriggerun= transfiletriggerun_patterns=
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
while [ $# -ne 0 ]; do
local section=$1; shift
local arg=$1; shift
case $section in
requires)
echo "Requires: $arg" >> $spec;;
tests/compose: Target FCOS 31, move off of PAPR Again, a lot going on here, but essentially, we adapt the compose tests to run either privileged or fully unprivileged via supermin, just like cosa. I actually got more than halfway through this initially using `cosa build` directly for testing. But in the end, we simply need more flexibility than that. We want to be able to manipulate exactly how rpm-ostree is called, and cosa is very opinionated about this (and may also change from under us in the future). (Another big difference for example is that cosa doesn't care about non-unified mode, whereas we *need* to have coverage for this until we fully kill it.) Really, the most important bit we want from there is the unprivileged-via-supermin bits. So we copy and adapt that here. One obvious improvement then is sharing this code more easily (e.g. a `cosa runasroot` or something?) However, we still use the FCOS manifest (frozen at a specific tag). It's a realistic example, and because of the lockfiles and pool, we get good reproducibility.
2019-12-22 01:42:09 +03:00
recommends)
echo "Recommends: $arg" >> $spec;;
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
provides)
echo "Provides: $arg" >> $spec;;
conflicts)
echo "Conflicts: $arg" >> $spec;;
scripts: Honor the -e flag for scripts This is required for glibc-all-langpacks at least: https://bugzilla.redhat.com/show_bug.cgi?id=1367585 Otherwise, its usage is...extraordinarily rare. In fact looking at a snapshot of `rpm-specs-20170518.tar.xz` from Fedora, the only other use is in `postfix.spec`, and it appears bogus (the value is already expanded at build time). But the glibc case is special, as the value of `install_langs` is indeed potentially dynamic per system. Closes: #873 Approved by: jlebon
2017-07-13 03:50:08 +03:00
post_args)
post_args="$arg";;
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
version|release|epoch|arch|build|install|files|pretrans|pre|post|posttrans|verifyscript|uinfo)
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
declare $section="$arg";;
Implement file triggers (%transfiletriggerin) for layered pkgs File triggers are a post-RHEL7 thing; more information at http://rpm.org/user_doc/file_triggers.html There are two notable users I've been testing this with; `glib2` and `vagrant`. The `vagrant` one is more immediately urgent, since it makes `vagrant-libvirt` work, which I currently rely on for my workstation dev. I've tested things successfully with `vagrant`, and I did verify that we run the `glib2` ones when doing `rpm-ostree ex container`. Long term, more transaction file triggers are likely to live in "base" packages like `glib2`. We don't implement those yet, but extending this to do that shouldn't be too hard. There was *significant* what I'd call reverse engineering of the implementation in librpm. The file triggers code there is spread out and abstracted in a few different places in the code. I found trying to understand what header values were involved to be quite tricky. There are some corner cases like multiple patterns that I *think* this does correctly, but could use more validation. The main question I had was - is it required that the patterns for e.g. `%transfiletriggerin` and `%transfiletriggerun` be identical? Closes: https://github.com/projectatomic/rpm-ostree/issues/648 Closes: #869 Approved by: jlebon
2017-07-07 17:45:10 +03:00
transfiletriggerin)
transfiletriggerin_patterns="$arg";
declare $section="$1"; shift;;
transfiletriggerin2)
transfiletriggerin2_patterns="$arg";
declare $section="$1"; shift;;
transfiletriggerun)
transfiletriggerun_patterns="$arg";
declare $section="$1"; shift;;
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
*)
assert_not_reached "unhandled section $section";;
esac
done
cat >> $spec << EOF
Version: $version
Release: $release
tests: Add a test case for epoch 0 in rpmdb pkglist Basically we're choosing the libdnf behavior of omitting `Epoch: 0` which IMO is the sane thing to do even though in *theory* they're different RPMs but who would ever ship both without incrementing release/etc? More information in: https://github.com/projectatomic/rpm-ostree/pull/187 Closes: #1198 Approved by: cgwalters
2018-01-11 22:02:44 +03:00
${epoch:+Epoch: $epoch}
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
BuildArch: $arch
%description
%{summary}
# by default, we create a /usr/bin/$name script which just outputs $name
%build
build_rpm: print out nevra rather than just name It's more precise and makes it possible to find out if e.g. pkg upgrades made it to the tree. Closes: #859 Approved by: cgwalters
2017-07-04 20:04:07 +03:00
echo -e "#!/bin/sh\necho $name-$version-$release.$arch" > $name
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
chmod a+x $name
$build
${pretrans:+%pretrans}
$pretrans
${pre:+%pre}
$pre
scripts: Honor the -e flag for scripts This is required for glibc-all-langpacks at least: https://bugzilla.redhat.com/show_bug.cgi?id=1367585 Otherwise, its usage is...extraordinarily rare. In fact looking at a snapshot of `rpm-specs-20170518.tar.xz` from Fedora, the only other use is in `postfix.spec`, and it appears bogus (the value is already expanded at build time). But the glibc case is special, as the value of `install_langs` is indeed potentially dynamic per system. Closes: #873 Approved by: jlebon
2017-07-13 03:50:08 +03:00
${post:+%post} ${post_args}
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
$post
${posttrans:+%posttrans}
$posttrans
Implement file triggers (%transfiletriggerin) for layered pkgs File triggers are a post-RHEL7 thing; more information at http://rpm.org/user_doc/file_triggers.html There are two notable users I've been testing this with; `glib2` and `vagrant`. The `vagrant` one is more immediately urgent, since it makes `vagrant-libvirt` work, which I currently rely on for my workstation dev. I've tested things successfully with `vagrant`, and I did verify that we run the `glib2` ones when doing `rpm-ostree ex container`. Long term, more transaction file triggers are likely to live in "base" packages like `glib2`. We don't implement those yet, but extending this to do that shouldn't be too hard. There was *significant* what I'd call reverse engineering of the implementation in librpm. The file triggers code there is spread out and abstracted in a few different places in the code. I found trying to understand what header values were involved to be quite tricky. There are some corner cases like multiple patterns that I *think* this does correctly, but could use more validation. The main question I had was - is it required that the patterns for e.g. `%transfiletriggerin` and `%transfiletriggerun` be identical? Closes: https://github.com/projectatomic/rpm-ostree/issues/648 Closes: #869 Approved by: jlebon
2017-07-07 17:45:10 +03:00
${transfiletriggerin:+%transfiletriggerin -- ${transfiletriggerin_patterns}}
$transfiletriggerin
${transfiletriggerin2:+%transfiletriggerin -- ${transfiletriggerin2_patterns}}
$transfiletriggerin2
${transfiletriggerun:+%transfiletriggerun -- ${transfiletriggerun_patterns}}
$transfiletriggerun
scripts: Ignore %verifyscript It obviously shouldn't block the ability to install, and anyways the single use in `ksh` is not compelling. If someone comes up with one we can revisit supporting this. Closes: https://github.com/projectatomic/rpm-ostree/issues/1216 Closes: #1218 Approved by: jlebon
2018-01-19 17:24:09 +03:00
${verifyscript:+%verifyscript}
$verifyscript
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
%install
mkdir -p %{buildroot}/usr/bin
install $name %{buildroot}/usr/bin
$install
%clean
rm -rf %{buildroot}
%files
/usr/bin/$name
$files
EOF
lib/package: fix package diffs for multilib Our complicated heuristics for handling multiple packages of the same name comes back to bite us. In the multilib case, we can have packages of the same NEVR, but different arch, sitting in the same tree. Previously, even if the arch was different, we would still mark it as an upgrade or downgrade. But that complicates things in the case of multiple packages of the same name in the same tree. We greatly simplify things here by making the diff algorithm dumber. We now only consider a package as "modified" (i.e. upgraded/downgraded) if it has the same NA (but different EVR). This makes handling multilib cases natural and seems worth it overall vs trying to handle the odd e.g. noarch <--> archful pkg transitions that could happen. Closes: #1230 Approved by: cgwalters
2018-02-05 19:52:02 +03:00
# because it'd be overkill to set up mock for this, let's just fool
# rpmbuild using setarch
local buildarch=$arch
tests/libtest: Fix bash syntax error I think the logic there just worked because we don't actually use `noarch` RPMs in the vmcheck suite. Closes: #1248 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
if [ "$arch" == "noarch" ]; then
lib/package: fix package diffs for multilib Our complicated heuristics for handling multiple packages of the same name comes back to bite us. In the multilib case, we can have packages of the same NEVR, but different arch, sitting in the same tree. Previously, even if the arch was different, we would still mark it as an upgrade or downgrade. But that complicates things in the case of multiple packages of the same name in the same tree. We greatly simplify things here by making the diff algorithm dumber. We now only consider a package as "modified" (i.e. upgraded/downgraded) if it has the same NA (but different EVR). This makes handling multilib cases natural and seems worth it overall vs trying to handle the odd e.g. noarch <--> archful pkg transitions that could happen. Closes: #1230 Approved by: cgwalters
2018-02-05 19:52:02 +03:00
buildarch=$(uname -m)
fi
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
(cd $test_tmpdir/yumrepo/specs &&
lib/package: fix package diffs for multilib Our complicated heuristics for handling multiple packages of the same name comes back to bite us. In the multilib case, we can have packages of the same NEVR, but different arch, sitting in the same tree. Previously, even if the arch was different, we would still mark it as an upgrade or downgrade. But that complicates things in the case of multiple packages of the same name in the same tree. We greatly simplify things here by making the diff algorithm dumber. We now only consider a package as "modified" (i.e. upgraded/downgraded) if it has the same NA (but different EVR). This makes handling multilib cases natural and seems worth it overall vs trying to handle the odd e.g. noarch <--> archful pkg transitions that could happen. Closes: #1230 Approved by: cgwalters
2018-02-05 19:52:02 +03:00
setarch $buildarch rpmbuild --target $arch -ba $name.spec \
Initial support for automatic updates This patch introduces a new `AutomaticUpdatePolicy` configuration. This was a long time coming for rpm-ostree, given that its update model makes it extremely apt for such a feature. The config supports a `check` mode, which should be very useful to Atomic Workstation users, as well as a `reboot` mode, which could be used in its present form in simple single node Atomic Host situations. There is still a lot of work to be done, including integrating advisories, and supporting a `deploy` mode. This feature hopefully will be leveraged as well by higher-level projects like GNOME Software and Cockpit. Closes: #1147 Approved by: cgwalters
2017-12-15 20:01:46 +03:00
--define "_topdir $PWD" \
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
--define "_sourcedir $PWD" \
--define "_specdir $PWD" \
--define "_builddir $PWD/.build" \
--define "_srcrpmdir $PWD" \
--define "_rpmdir $test_tmpdir/yumrepo/packages" \
--define "_buildrootdir $PWD")
Check and display pending security advisories Pick up security advisories when checking for pending updates and include them in the `cached-update` property. On the client-side, display them in the output of `status`. This was part of the original vision for how useful a smart `check` mode could be. It directly impacts how one manages their individual system (e.g. when to reboot), and paves the way for integration into higher-level apps that act at the cluster level. Closes: #1249 Approved by: cgwalters
2018-02-14 17:27:06 +03:00
# use --keep-all-metadata to retain previous updateinfo
(cd $test_tmpdir/yumrepo &&
createrepo_c --no-database --update --keep-all-metadata .)
# convenience function to avoid follow-up add-pkg
if [ -n "$uinfo" ]; then
uinfo_cmd add-pkg $uinfo $name 0 $version $release $arch
fi
Initial support for automatic updates This patch introduces a new `AutomaticUpdatePolicy` configuration. This was a long time coming for rpm-ostree, given that its update model makes it extremely apt for such a feature. The config supports a `check` mode, which should be very useful to Atomic Workstation users, as well as a `reboot` mode, which could be used in its present form in simple single node Atomic Host situations. There is still a lot of work to be done, including integrating advisories, and supporting a `deploy` mode. This feature hopefully will be leveraged as well by higher-level projects like GNOME Software and Cockpit. Closes: #1147 Approved by: cgwalters
2017-12-15 20:01:46 +03:00
if test '!' -f $test_tmpdir/yumrepo.repo; then
cat > $test_tmpdir/yumrepo.repo.tmp << EOF
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
[test-repo]
name=test-repo
baseurl=file:///$PWD/yumrepo
EOF
Initial support for automatic updates This patch introduces a new `AutomaticUpdatePolicy` configuration. This was a long time coming for rpm-ostree, given that its update model makes it extremely apt for such a feature. The config supports a `check` mode, which should be very useful to Atomic Workstation users, as well as a `reboot` mode, which could be used in its present form in simple single node Atomic Host situations. There is still a lot of work to be done, including integrating advisories, and supporting a `deploy` mode. This feature hopefully will be leveraged as well by higher-level projects like GNOME Software and Cockpit. Closes: #1147 Approved by: cgwalters
2017-12-15 20:01:46 +03:00
mv $test_tmpdir/yumrepo.repo{.tmp,}
libtest: add build_rpm function Having to prepare RPMs in advance separately from the tests that use them severely limits our ability to test various cases and to iterate quickly when creating tests. Add a new `build_rpm` function which can basically build the RPM on the fly and update the yum repo afterwards. It makes it trivial to test things like package updates: build_rpm foo 1.0 1 <stuff> build_rpm foo 1.0 2 <stuff> The RPMs are all created inside the temporary test directory and thus cleaned up on exit. I'm doing this in a separate commit because it's the most important diff of the transition and might be easy to lose in the larger diff where we move all the tests to make use of this. Closes: #854 Approved by: cgwalters
2017-06-29 17:06:36 +03:00
fi
}
vmcheck: add SELinux labeling tests There's a lot of paths in the core related to SELinux policy changes and relabeling packages. We currently have no test coverage for them. We add support in the test libraries here to build such packages. We also add a test that checks both that we correctly relabel RPMs when the policy changes and that we handle layered packages that install SELinux packages properly. Closes: #999 Approved by: cgwalters
2017-09-18 22:11:26 +03:00
# build an SELinux package ready to be installed -- really, we just support file
# context entries for now, though it's enough to test policy changes
# $1 - package name
# $2+ - pairs of file path regex and context types
build_selinux_rpm() {
local name=$1; shift
local module_dir=$test_tmpdir/policies/$name
mkdir -p $module_dir
local module_te=$module_dir/$name.te
local module_fc=$module_dir/$name.fc
# also declare a type associated with the app; any non-trivial SELinux
# package will have some type enforcement rules that will require policy
# recompilation
cat > $module_te <<EOF
policy_module(${name}, 1.0.0)
type ${name}_t;
EOF
echo -n "" > $module_fc
while [ $# -ne 0 ]; do
local fc_regex=$1; shift
local fc_type=$1; shift
local fc_label="gen_context(system_u:object_r:$fc_type,s0)"
echo "$fc_regex -- $fc_label" >> $module_fc
done
make -C $module_dir -f /usr/share/selinux/devel/Makefile $name.pp
# We point the spec file directly at our pp. This is a bit underhanded, but
# it's cleaner than copying it in and using e.g. Source0 or something.
local pp=$(realpath $module_dir/$name.pp)
local install_dir=/usr/share/selinux/packages
build_rpm $name install "mkdir -p %{buildroot}${install_dir}
install ${pp} %{buildroot}${install_dir}" \
post "semodule -n -i ${install_dir}/${name}.pp" \
files "${install_dir}/${name}.pp"
}
core,scripts: When no cachedir+unified-core, disable rofiles-fuse This is prep for running inside (unprivileged) Kube containers as they exist today: https://github.com/projectatomic/rpm-ostree/issues/1329 Sadly FUSE today uses a suid binary that ends up wanting CAP_SYS_ADMIN. I think there's some work on FUSE-in-containers but I'm not sure of the current status. What rofiles-fuse here is doing here is protecting is the hardlinked repo imports. But if `--cachedir` isn't specified, that repository gets thrown away anyways. So there's no real value to using FUSE here. Also since nothing is cached, disable the devino cache. We also make use of --force-copy-zerosized that just landed in libostree: https://github.com/ostreedev/ostree/pull/1752 Down the line ideally we gain the capability to detect if either unprivileged overlayfs/FUSE are available. Then if `--cachedir` is specified we can make things work. Closes: #1591 Approved by: jlebon
2018-04-09 21:10:33 +03:00
files_are_hardlinked() {
inode1=$(stat -c %i $1)
inode2=$(stat -c %i $2)
test -n "${inode1}" && test -n "${inode2}"
[ "${inode1}" == "${inode2}" ]
}
assert_files_hardlinked() {
if ! files_are_hardlinked "$1" "$2"; then
fatal "Files '$1' and '$2' are not hardlinked"
fi
}
tests/libtest.sh: Lift assert_jq from libvm.sh We already had this logic, but it was in `libvm.sh`. Prep for using it elsewhere. Closes: #1766 Approved by: cgwalters
2019-02-26 19:04:48 +03:00
# $1 - json file
# $2+ - assertions
assert_jq() {
f=$1; shift
for expression in "$@"; do
if ! jq -e "${expression}" >/dev/null < $f; then
jq . < $f | sed -e 's/^/# /' >&2
echo 1>&2 "${expression} failed to match $f"
exit 1
fi
done
}
tests/compose: Target FCOS 31, move off of PAPR Again, a lot going on here, but essentially, we adapt the compose tests to run either privileged or fully unprivileged via supermin, just like cosa. I actually got more than halfway through this initially using `cosa build` directly for testing. But in the end, we simply need more flexibility than that. We want to be able to manipulate exactly how rpm-ostree is called, and cosa is very opinionated about this (and may also change from under us in the future). (Another big difference for example is that cosa doesn't care about non-unified mode, whereas we *need* to have coverage for this until we fully kill it.) Really, the most important bit we want from there is the unprivileged-via-supermin bits. So we copy and adapt that here. One obvious improvement then is sharing this code more easily (e.g. a `cosa runasroot` or something?) However, we still use the FCOS manifest (frozen at a specific tag). It's a realistic example, and because of the lockfiles and pool, we get good reproducibility.
2019-12-22 01:42:09 +03:00
# This function below was taken and adapted from coreos-assembler. We
# should look into sharing this code more easily.
# Determine if current user has enough privileges for composes
_privileged=
has_compose_privileges() {
if [ -z "${_privileged:-}" ]; then
if [ -n "${FORCE_UNPRIVILEGED:-}" ]; then
echo "Detected FORCE_UNPRIVILEGED; using virt"
_privileged=0
elif ! capsh --print | grep -q 'Bounding.*cap_sys_admin'; then
echo "Missing CAP_SYS_ADMIN; using virt"
_privileged=0
elif [ "$(id -u)" != "0" ]; then
echo "Not running as root; using virt"
_privileged=0
else
_privileged=1
fi
fi
[ ${_privileged} == 1 ]
}
Reference in New Issue Copy Permalink