tests/vmcheck: Fully drop python 3 requirement
Drop the use of Ansible everywhere. In the few cases where we really Python, just spawn a container instead. This is required to be able to hack on Fedora CoreOS. Closes: #1850 Approved by: jlebon
This commit is contained in:
parent
5f6578ef3c
commit
035ac2eaa6
@ -5,4 +5,4 @@ set -xeuo pipefail
|
||||
|
||||
dn=$(dirname $0)
|
||||
. ${dn}/libbuild.sh
|
||||
pkg_install openssh-clients ansible
|
||||
pkg_install openssh-clients
|
||||
|
@ -37,25 +37,27 @@ vm_setup() {
|
||||
export SCP="scp ${SSHOPTS}"
|
||||
}
|
||||
|
||||
vm_ansible_inline() {
|
||||
playbook=$(mktemp -p /tmp 'libvm-ansible.XXXXXX')
|
||||
cat > ${playbook} <<EOF
|
||||
---
|
||||
- hosts: ${VM}
|
||||
gather_facts: no
|
||||
tasks:
|
||||
EOF
|
||||
sed -e 's,^, ,' >> ${playbook}
|
||||
ansible-playbook -vi ${VM}, --ssh-common-args "${SSHOPTS}" ${playbook}
|
||||
rm -f ${playbook}
|
||||
# $1 - file to send
|
||||
# $2 - destination path
|
||||
vm_send() {
|
||||
$SCP ${1} ${VM}:${2}
|
||||
}
|
||||
|
||||
# $1 - destination path
|
||||
vm_send_inline() {
|
||||
f=$(mktemp -p $PWD)
|
||||
cat > ${f}
|
||||
vm_send ${f} ${1}
|
||||
rm -f ${f}
|
||||
}
|
||||
|
||||
vm_shell_inline() {
|
||||
vm_ansible_inline <<EOF
|
||||
- shell: |
|
||||
set -xeuo pipefail
|
||||
$(sed -e 's,^, ,')
|
||||
EOF
|
||||
script=$(mktemp -p $PWD)
|
||||
echo "set -xeuo pipefail" > ${script}
|
||||
cat >> ${script}
|
||||
vm_send ${script} /tmp/$(basename ${script})
|
||||
rm -f ${script}
|
||||
vm_cmd bash /tmp/$(basename ${script})
|
||||
}
|
||||
|
||||
# rsync wrapper that sets up authentication
|
||||
@ -133,10 +135,7 @@ EOF
|
||||
echo 'gpgcheck=0' >> vmcheck.repo
|
||||
fi
|
||||
|
||||
vm_ansible_inline <<EOF
|
||||
- file: path=/etc/yum.repos.d state=directory
|
||||
- copy: src=$(pwd)/vmcheck.repo dest=/etc/yum.repos.d
|
||||
EOF
|
||||
vm_send vmcheck.repo /etc/yum.repos.d
|
||||
}
|
||||
|
||||
# wait until ssh is available on the vm
|
||||
@ -401,9 +400,7 @@ vm_get_journal_cursor() {
|
||||
vm_wait_content_after_cursor() {
|
||||
from_cursor=$1; shift
|
||||
regex=$1; shift
|
||||
vm_ansible_inline <<EOF
|
||||
- shell: |
|
||||
set -xeuo pipefail
|
||||
vm_shell_inline <<EOF
|
||||
tmpf=\$(mktemp /var/tmp/journal.XXXXXX)
|
||||
for x in \$(seq 60); do
|
||||
journalctl -u rpm-ostreed --after-cursor "${from_cursor}" > \${tmpf}
|
||||
@ -435,6 +432,24 @@ vm_assert_journal_has_content() {
|
||||
rm -f tmp-journal.txt
|
||||
}
|
||||
|
||||
# usage: <podman args> -- <container args>
|
||||
vm_run_container() {
|
||||
local podman_args=
|
||||
while [ $# -ne 0 ]; do
|
||||
local arg=$1; shift
|
||||
if [[ $arg == -- ]]; then
|
||||
break
|
||||
fi
|
||||
podman_args="$podman_args $arg"
|
||||
done
|
||||
[ $# -ne 0 ] || fatal "No container args provided"
|
||||
# just automatically always share dnf cache so we don't redownload each time
|
||||
# (use -n so this ssh invocation doesn't consume stdin)
|
||||
vm_cmd -n mkdir -p /var/cache/dnf
|
||||
vm_cmd podman run --rm -v /var/cache/dnf:/var/cache/dnf:z $podman_args \
|
||||
registry.fedoraproject.org/fedora:30 "$@"
|
||||
}
|
||||
|
||||
# $1 - service name
|
||||
# $2 - dir to serve
|
||||
# $3 - port to serve on
|
||||
@ -443,14 +458,10 @@ vm_start_httpd() {
|
||||
local dir=$1; shift
|
||||
local port=$1; shift
|
||||
|
||||
# just nuke the service of the same name if it exists and is also transient
|
||||
if vm_cmd systemctl show $name | grep -q UnitFileState=transient; then
|
||||
vm_cmd systemctl stop $name
|
||||
fi
|
||||
|
||||
# CentOS systemd is too old for -p WorkingDirectory
|
||||
vm_cmd systemd-run --unit $name sh -c \
|
||||
"'cd $dir && python3 -m http.server $port'"
|
||||
vm_cmd podman rm -f $name || true
|
||||
vm_run_container --net=host -d --name $name --privileged \
|
||||
-v $dir:/srv --workdir /srv -- \
|
||||
python3 -m http.server $port
|
||||
|
||||
# NB: the EXIT trap is used by libtest, but not the ERR trap
|
||||
trap "vm_stop_httpd $name" ERR
|
||||
@ -463,7 +474,7 @@ vm_start_httpd() {
|
||||
# $1 - service name
|
||||
vm_stop_httpd() {
|
||||
local name=$1; shift
|
||||
vm_cmd systemctl stop $name
|
||||
vm_cmd podman rm -f $name
|
||||
set +E
|
||||
trap - ERR
|
||||
}
|
||||
@ -556,8 +567,7 @@ vm_ostreeupdate_prepare_reboot() {
|
||||
|
||||
vm_change_update_policy() {
|
||||
policy=$1; shift
|
||||
vm_ansible_inline <<EOF
|
||||
- shell: |
|
||||
vm_shell_inline <<EOF
|
||||
cp /usr/etc/rpm-ostreed.conf /etc
|
||||
echo -e "[Daemon]\nAutomaticUpdatePolicy=$policy" > /etc/rpm-ostreed.conf
|
||||
rpm-ostree reload
|
||||
|
@ -68,8 +68,10 @@ run_transaction() {
|
||||
sig=$1; shift
|
||||
args=$1; shift
|
||||
cur=$(vm_get_journal_cursor)
|
||||
# use ansible for this so we don't have to think about hungry quote-eating ssh
|
||||
vm_shell_inline <<EOF
|
||||
vm_run_container --privileged -i -v /var/run/dbus:/var/run/dbus --net=host -- \
|
||||
/bin/bash << EOF
|
||||
set -xeuo pipefail
|
||||
dnf install -y python3-dbus
|
||||
python3 -c '
|
||||
import dbus
|
||||
addr = dbus.SystemBus().call_blocking(
|
||||
|
@ -35,14 +35,11 @@ set -x
|
||||
vm_build_rpm_repo_mode skip foobar
|
||||
vm_start_httpd vmcheck /var/tmp 8888
|
||||
vm_rpmostree cleanup -m
|
||||
vm_ansible_inline <<EOF
|
||||
- copy:
|
||||
content: |
|
||||
vm_send_inline /etc/yum.repos.d/vmcheck-http.repo <<EOF
|
||||
[vmcheck-http]
|
||||
name=vmcheck-http
|
||||
baseurl=http://localhost:8888/vmcheck/yumrepo
|
||||
gpgcheck=0
|
||||
dest: /etc/yum.repos.d/vmcheck-http.repo
|
||||
EOF
|
||||
|
||||
osname=$(vm_get_booted_deployment_info osname)
|
||||
|
@ -35,9 +35,16 @@ vm_build_rpm scriptpkg1 \
|
||||
pretrans "# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
|
||||
echo pretrans should've been ignored && exit 1" \
|
||||
verifyscript "echo verifyscript should've been ignored && exit 1" \
|
||||
post_args "-p /usr/bin/python3" \
|
||||
post 'open("/usr/lib/rpmostreetestinterp", "w").close();
|
||||
open("/var/lib/rpm-state/scriptpkg1-stamp", "w").close()' \
|
||||
post_args "-p /usr/bin/bash" \
|
||||
post '
|
||||
# default shell is sh, but we requested bash; check that rpm-ostree picks it up
|
||||
interp=$(cat /proc/$$/comm)
|
||||
if [ "$interp" != "bash" ]; then
|
||||
echo "Expected bash interpreter, got $interp"
|
||||
exit 1
|
||||
fi
|
||||
touch /usr/lib/rpmostreetestinterp
|
||||
touch /var/lib/rpm-state/scriptpkg1-stamp' \
|
||||
posttrans "# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
|
||||
. /etc/os-release || :
|
||||
# See https://github.com/projectatomic/rpm-ostree/pull/647
|
||||
@ -209,9 +216,8 @@ vm_cmd systemctl restart rpm-ostreed
|
||||
echo "ok cancel infinite post via `rpm-ostree cancel`"
|
||||
|
||||
# Test rm -rf /!
|
||||
vm_ansible_inline <<EOF
|
||||
- user:
|
||||
name: testuser
|
||||
vm_shell_inline <<EOF
|
||||
getent passwd testuser >/dev/null || useradd testuser
|
||||
EOF
|
||||
vm_cmd touch /home/testuser/somedata /tmp/sometmpfile /var/tmp/sometmpfile
|
||||
vm_build_rpm rmrf post "rm --no-preserve-root -rf / &>/dev/null || true"
|
||||
|
@ -150,9 +150,7 @@ fi
|
||||
vm_cmd test -f /${dummy_file_to_modify}
|
||||
generate_upgrade() {
|
||||
# Create a modified vmcheck commit
|
||||
vm_ansible_inline <<EOF
|
||||
- shell: |
|
||||
set -xeuo pipefail
|
||||
vm_shell_inline <<EOF
|
||||
cd /ostree/repo/tmp
|
||||
rm vmcheck -rf
|
||||
ostree checkout vmcheck vmcheck --fsync=0
|
||||
|
@ -83,11 +83,8 @@ echo "ok error on unknown command"
|
||||
# Be sure an unprivileged user exists and that we can SSH into it. This is a bit
|
||||
# underhanded, but we need a bona fide user session to verify non-priv status,
|
||||
# and logging in through SSH is an easy way to achieve that.
|
||||
vm_ansible_inline <<EOF
|
||||
- user:
|
||||
name: testuser
|
||||
- shell: |
|
||||
set -euo pipefail
|
||||
vm_shell_inline <<EOF
|
||||
getent passwd testuser >/dev/null || useradd testuser
|
||||
mkdir -pm 0700 /home/testuser/.ssh
|
||||
cp -a /root/.ssh/authorized_keys /home/testuser/.ssh
|
||||
chown -R testuser:testuser /home/testuser/.ssh
|
||||
@ -139,9 +136,7 @@ vm_rpmostree usroverlay
|
||||
vm_cmd test -w /usr/bin
|
||||
echo "ok usroverlay"
|
||||
|
||||
vm_ansible_inline <<EOF
|
||||
- shell: |
|
||||
set -xeuo pipefail
|
||||
vm_shell_inline <<EOF
|
||||
rpm-ostree cleanup -p
|
||||
originpath=\$(ostree admin --print-current-dir).origin
|
||||
cp -a \${originpath}{,.orig}
|
||||
|
@ -229,14 +229,11 @@ echo "ok /run/ostree-booted in scriptlet container"
|
||||
# local repos are always cached, so let's start up an http server for the same
|
||||
# vmcheck repo
|
||||
vm_start_httpd vmcheck /var/tmp 8888
|
||||
vm_ansible_inline <<EOF
|
||||
- copy:
|
||||
content: |
|
||||
vm_send_inline /etc/yum.repos.d/vmcheck-http.repo <<EOF
|
||||
[vmcheck-http]
|
||||
name=vmcheck-http
|
||||
baseurl=http://localhost:8888/vmcheck/yumrepo
|
||||
gpgcheck=0
|
||||
dest: /etc/yum.repos.d/vmcheck-http.repo
|
||||
EOF
|
||||
|
||||
vm_rpmostree cleanup -rpmb
|
||||
|
Loading…
Reference in New Issue
Block a user