tests/vmcheck: Fully drop python 3 requirement

Drop the use of Ansible everywhere. In the few cases where we really
Python, just spawn a container instead.

This is required to be able to hack on Fedora CoreOS.

Closes: #1850
Approved by: jlebon
This commit is contained in:
Jonathan Lebon 2019-06-07 12:32:01 -04:00 committed by Atomic Bot
parent 5f6578ef3c
commit 035ac2eaa6
8 changed files with 75 additions and 70 deletions

View File

@ -5,4 +5,4 @@ set -xeuo pipefail
dn=$(dirname $0)
. ${dn}/libbuild.sh
pkg_install openssh-clients ansible
pkg_install openssh-clients

View File

@ -37,25 +37,27 @@ vm_setup() {
export SCP="scp ${SSHOPTS}"
}
vm_ansible_inline() {
playbook=$(mktemp -p /tmp 'libvm-ansible.XXXXXX')
cat > ${playbook} <<EOF
---
- hosts: ${VM}
gather_facts: no
tasks:
EOF
sed -e 's,^, ,' >> ${playbook}
ansible-playbook -vi ${VM}, --ssh-common-args "${SSHOPTS}" ${playbook}
rm -f ${playbook}
# $1 - file to send
# $2 - destination path
vm_send() {
$SCP ${1} ${VM}:${2}
}
# $1 - destination path
vm_send_inline() {
f=$(mktemp -p $PWD)
cat > ${f}
vm_send ${f} ${1}
rm -f ${f}
}
vm_shell_inline() {
vm_ansible_inline <<EOF
- shell: |
set -xeuo pipefail
$(sed -e 's,^, ,')
EOF
script=$(mktemp -p $PWD)
echo "set -xeuo pipefail" > ${script}
cat >> ${script}
vm_send ${script} /tmp/$(basename ${script})
rm -f ${script}
vm_cmd bash /tmp/$(basename ${script})
}
# rsync wrapper that sets up authentication
@ -133,10 +135,7 @@ EOF
echo 'gpgcheck=0' >> vmcheck.repo
fi
vm_ansible_inline <<EOF
- file: path=/etc/yum.repos.d state=directory
- copy: src=$(pwd)/vmcheck.repo dest=/etc/yum.repos.d
EOF
vm_send vmcheck.repo /etc/yum.repos.d
}
# wait until ssh is available on the vm
@ -401,9 +400,7 @@ vm_get_journal_cursor() {
vm_wait_content_after_cursor() {
from_cursor=$1; shift
regex=$1; shift
vm_ansible_inline <<EOF
- shell: |
set -xeuo pipefail
vm_shell_inline <<EOF
tmpf=\$(mktemp /var/tmp/journal.XXXXXX)
for x in \$(seq 60); do
journalctl -u rpm-ostreed --after-cursor "${from_cursor}" > \${tmpf}
@ -435,6 +432,24 @@ vm_assert_journal_has_content() {
rm -f tmp-journal.txt
}
# usage: <podman args> -- <container args>
vm_run_container() {
local podman_args=
while [ $# -ne 0 ]; do
local arg=$1; shift
if [[ $arg == -- ]]; then
break
fi
podman_args="$podman_args $arg"
done
[ $# -ne 0 ] || fatal "No container args provided"
# just automatically always share dnf cache so we don't redownload each time
# (use -n so this ssh invocation doesn't consume stdin)
vm_cmd -n mkdir -p /var/cache/dnf
vm_cmd podman run --rm -v /var/cache/dnf:/var/cache/dnf:z $podman_args \
registry.fedoraproject.org/fedora:30 "$@"
}
# $1 - service name
# $2 - dir to serve
# $3 - port to serve on
@ -443,14 +458,10 @@ vm_start_httpd() {
local dir=$1; shift
local port=$1; shift
# just nuke the service of the same name if it exists and is also transient
if vm_cmd systemctl show $name | grep -q UnitFileState=transient; then
vm_cmd systemctl stop $name
fi
# CentOS systemd is too old for -p WorkingDirectory
vm_cmd systemd-run --unit $name sh -c \
"'cd $dir && python3 -m http.server $port'"
vm_cmd podman rm -f $name || true
vm_run_container --net=host -d --name $name --privileged \
-v $dir:/srv --workdir /srv -- \
python3 -m http.server $port
# NB: the EXIT trap is used by libtest, but not the ERR trap
trap "vm_stop_httpd $name" ERR
@ -463,7 +474,7 @@ vm_start_httpd() {
# $1 - service name
vm_stop_httpd() {
local name=$1; shift
vm_cmd systemctl stop $name
vm_cmd podman rm -f $name
set +E
trap - ERR
}
@ -556,8 +567,7 @@ vm_ostreeupdate_prepare_reboot() {
vm_change_update_policy() {
policy=$1; shift
vm_ansible_inline <<EOF
- shell: |
vm_shell_inline <<EOF
cp /usr/etc/rpm-ostreed.conf /etc
echo -e "[Daemon]\nAutomaticUpdatePolicy=$policy" > /etc/rpm-ostreed.conf
rpm-ostree reload

View File

@ -68,8 +68,10 @@ run_transaction() {
sig=$1; shift
args=$1; shift
cur=$(vm_get_journal_cursor)
# use ansible for this so we don't have to think about hungry quote-eating ssh
vm_shell_inline <<EOF
vm_run_container --privileged -i -v /var/run/dbus:/var/run/dbus --net=host -- \
/bin/bash << EOF
set -xeuo pipefail
dnf install -y python3-dbus
python3 -c '
import dbus
addr = dbus.SystemBus().call_blocking(

View File

@ -35,14 +35,11 @@ set -x
vm_build_rpm_repo_mode skip foobar
vm_start_httpd vmcheck /var/tmp 8888
vm_rpmostree cleanup -m
vm_ansible_inline <<EOF
- copy:
content: |
vm_send_inline /etc/yum.repos.d/vmcheck-http.repo <<EOF
[vmcheck-http]
name=vmcheck-http
baseurl=http://localhost:8888/vmcheck/yumrepo
gpgcheck=0
dest: /etc/yum.repos.d/vmcheck-http.repo
EOF
osname=$(vm_get_booted_deployment_info osname)

View File

@ -35,9 +35,16 @@ vm_build_rpm scriptpkg1 \
pretrans "# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
echo pretrans should've been ignored && exit 1" \
verifyscript "echo verifyscript should've been ignored && exit 1" \
post_args "-p /usr/bin/python3" \
post 'open("/usr/lib/rpmostreetestinterp", "w").close();
open("/var/lib/rpm-state/scriptpkg1-stamp", "w").close()' \
post_args "-p /usr/bin/bash" \
post '
# default shell is sh, but we requested bash; check that rpm-ostree picks it up
interp=$(cat /proc/$$/comm)
if [ "$interp" != "bash" ]; then
echo "Expected bash interpreter, got $interp"
exit 1
fi
touch /usr/lib/rpmostreetestinterp
touch /var/lib/rpm-state/scriptpkg1-stamp' \
posttrans "# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
. /etc/os-release || :
# See https://github.com/projectatomic/rpm-ostree/pull/647
@ -209,9 +216,8 @@ vm_cmd systemctl restart rpm-ostreed
echo "ok cancel infinite post via `rpm-ostree cancel`"
# Test rm -rf /!
vm_ansible_inline <<EOF
- user:
name: testuser
vm_shell_inline <<EOF
getent passwd testuser >/dev/null || useradd testuser
EOF
vm_cmd touch /home/testuser/somedata /tmp/sometmpfile /var/tmp/sometmpfile
vm_build_rpm rmrf post "rm --no-preserve-root -rf / &>/dev/null || true"

View File

@ -150,9 +150,7 @@ fi
vm_cmd test -f /${dummy_file_to_modify}
generate_upgrade() {
# Create a modified vmcheck commit
vm_ansible_inline <<EOF
- shell: |
set -xeuo pipefail
vm_shell_inline <<EOF
cd /ostree/repo/tmp
rm vmcheck -rf
ostree checkout vmcheck vmcheck --fsync=0

View File

@ -83,11 +83,8 @@ echo "ok error on unknown command"
# Be sure an unprivileged user exists and that we can SSH into it. This is a bit
# underhanded, but we need a bona fide user session to verify non-priv status,
# and logging in through SSH is an easy way to achieve that.
vm_ansible_inline <<EOF
- user:
name: testuser
- shell: |
set -euo pipefail
vm_shell_inline <<EOF
getent passwd testuser >/dev/null || useradd testuser
mkdir -pm 0700 /home/testuser/.ssh
cp -a /root/.ssh/authorized_keys /home/testuser/.ssh
chown -R testuser:testuser /home/testuser/.ssh
@ -139,9 +136,7 @@ vm_rpmostree usroverlay
vm_cmd test -w /usr/bin
echo "ok usroverlay"
vm_ansible_inline <<EOF
- shell: |
set -xeuo pipefail
vm_shell_inline <<EOF
rpm-ostree cleanup -p
originpath=\$(ostree admin --print-current-dir).origin
cp -a \${originpath}{,.orig}

View File

@ -229,14 +229,11 @@ echo "ok /run/ostree-booted in scriptlet container"
# local repos are always cached, so let's start up an http server for the same
# vmcheck repo
vm_start_httpd vmcheck /var/tmp 8888
vm_ansible_inline <<EOF
- copy:
content: |
vm_send_inline /etc/yum.repos.d/vmcheck-http.repo <<EOF
[vmcheck-http]
name=vmcheck-http
baseurl=http://localhost:8888/vmcheck/yumrepo
gpgcheck=0
dest: /etc/yum.repos.d/vmcheck-http.repo
EOF
vm_rpmostree cleanup -rpmb