keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tests: transition to build_rpm

Browse Source 
Nuke all the previous goop that was used to create RPMs at `make check`
time and transition all the tests to use the new `build_rpm` function.
It definitely feels cleaner to use. It's also really nice to have the
spec live in the same file as the test that uses it.

Closes: #854
Approved by: cgwalters
This commit is contained in:
Jonathan Lebon 2017-06-29 07:11:25 -07:00 committed by Atomic Bot
parent 5cb1fa5460
commit 2b547c2d0a
27 changed files with 169 additions and 576 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
Makefile-tests.am
View File

@ -17,56 +17,6 @@ if BUILDOPT_ASAN
AM_TESTS_ENVIRONMENT += ASAN_OPTIONS=detect_leaks=false
endif
CLEANFILES += \
tests/common/compose/yum/repo \
tests/common/compose/test-repo.repo \
$(NULL)
testpackages = \
tests/common/compose/yum/repo/packages/x86_64/empty-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/foo-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/foo-ext-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/bar-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/scriptpkg1-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/nonrootcap-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/test-post-rofiles-violation-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/test-opt-1.0-1.x86_64.rpm \
tests/common/compose/yum/repo/packages/x86_64/test-livefs-with-etc-1.0-1.x86_64.rpm \
$(NULL)
# Create a rule for each testpkg with their respective spec file as dep.
# The static pattern feature is almost a fit for this, but does not allow string
# substitutions and wildcards in the patterns to allow rpm-filename -->
# spec-filename without also encoding the arch, release, and rev.
define testpkgbuild_template =
$(1): tests/common/compose/yum/$(2).spec
(cd tests/common/compose/yum && \
rm -rf .build && \
rpmbuild -ba $$$$(basename $$<) \
--define "_sourcedir $$$$PWD" \
--define "_specdir $$$$PWD" \
--define "_builddir $$$$PWD/.build" \
--define "_srcrpmdir $$$$PWD" \
--define "_rpmdir $$$$PWD/repo/packages" \
--define "_buildrootdir $$$$PWD" && \
rm -rf .build && \
rm -f *.src.rpm)
endef
$(foreach pkg,$(testpackages),$(eval $(call testpkgbuild_template,$(pkg),$(shell basename $(pkg) | sed -e 's,-1\.0.*,,'))))
tests/common/compose/yum/repo/repodata/repomd.xml: $(testpackages)
(cd tests/common/compose/yum/repo && \
createrepo_c --no-database $$PWD)
tests/common/compose/test-repo.repo: tests/common/compose/test-repo.repo.in \
tests/common/compose/yum/repo/repodata/repomd.xml
cat $< | sed -e "s|%WHERE%|$(abs_top_srcdir)|" > $@
CLEANFILES += \
tests/common/compose/test-repo-local.repo \
$(NULL)
testbin_cppflags = $(AM_CPPFLAGS) -I $(srcdir)/src/libpriv -I $(srcdir)/libglnx -I $(srcdir)/tests/common
testbin_cflags = $(AM_CFLAGS) $(PKGDEP_RPMOSTREE_CFLAGS)
testbin_ldadd = $(PKGDEP_RPMOSTREE_LIBS) librpmostree-1.la librpmostreepriv.la
@ -89,8 +39,6 @@ tests_check_test_utils_CPPFLAGS = $(testbin_cppflags)
tests_check_test_utils_CFLAGS = $(testbin_cflags)
tests_check_test_utils_LDADD = $(testbin_ldadd) libtest.la
tests/check/test-ucontainer.sh: tests/common/compose/test-repo.repo
uninstalled_test_programs = \
tests/check/jsonutil \
tests/check/postprocess \
@ -106,7 +54,7 @@ uninstalled_test_extra_programs = dbus-run-session
dbus_run_session_SOURCES = tests/utils/dbus-run-session.c
check-local: $(testpackages)
check-local:
@echo " *** NOTE ***"
@echo " *** NOTE ***"
@echo " \"make check\" only runs a subset of rpm-ostree's tests."
@ -133,7 +81,7 @@ vmshell: vmsync
ssh -F ssh-config vmcheck
# set up test environment to somewhat resemble uninstalled tests
vmcheck: vmoverlay tests/common/compose/yum/repo/repodata/repomd.xml
vmcheck: vmoverlay
@env VMTESTS=1 $(BASE_TESTS_ENVIRONMENT) PYTHONUNBUFFERED=1 \
tests/vmcheck/multitest.py $(HOSTS)

29
tests/check/test-ucontainer.sh
View File

@ -28,23 +28,30 @@ if test -n "${OSTREE_NO_XATTRS:-}"; then
echo -e 'disable-xattrs=true\n' >> repo/config
fi
cp ${commondir}/compose/test-repo.repo rpmmd.repos.d
build_rpm foo
build_rpm fake-shell provides /bin/sh
cat >empty.conf <<EOF
cat > rpmmd.repos.d/test-repo.repo <<EOF
[test-repo]
baseurl=file://$PWD/yumrepo
gpgcheck=0
EOF
cat > foo.conf <<EOF
[tree]
ref=empty
packages=empty
ref=foo
packages=foo
repos=test-repo
EOF
rpm-ostree ex container assemble empty.conf
assert_has_dir roots/empty.0
ostree --repo=repo rev-parse empty
rpm-ostree ex container assemble foo.conf
assert_has_dir roots/foo.0
ostree --repo=repo rev-parse foo
echo "ok assemble"
cat >nobranch.conf <<EOF
[tree]
packages=empty
packages=foo
repos=test-repo
EOF
if rpm-ostree ex container assemble nobranch.conf 2>err.txt; then
@ -53,7 +60,7 @@ fi
cat >nopackages.conf <<EOF
[tree]
ref=empty
ref=foo
packages=
repos=test-repo
EOF
@ -63,8 +70,8 @@ fi
cat >norepos.conf <<EOF
[tree]
ref=empty
packages=empty
ref=foo
packages=foo
EOF
if rpm-ostree ex container assemble norepos.conf 2>err.txt; then
assert_not_reached "norepos.conf"

8
tests/check/test-utils.c
View File

@ -9,6 +9,7 @@
#include "rpmostree-util.h"
#include "rpmostree-core.h"
#include "rpmostree-unpacker.h"
#include "libtest.h"
static void
test_substs_eq (const char *str,
@ -130,9 +131,12 @@ test_variant_to_nevra(void)
const char *release = "1";
const char *arch = "x86_64";
ret = rot_test_run_libtest ("build_rpm foo", &error);
g_assert_no_error (error);
g_assert (ret);
g_autoptr(RpmOstreeUnpacker) unpacker = NULL;
g_autofree char *foo_rpm = g_strdup_printf ("%s/compose/yum/repo/packages/%s/%s.rpm",
getenv ("commondir"), arch, nevra);
g_autofree char *foo_rpm = g_strdup_printf ("yumrepo/packages/%s/%s.rpm", arch, nevra);
unpacker = rpmostree_unpacker_new_at (AT_FDCWD, foo_rpm, NULL, 0, &error);
g_assert_no_error (error);
g_assert (unpacker);

3
tests/common/compose/.gitignore vendored
View File

@ -1,3 +0,0 @@
packages/
x86_64/
yum/repodata/

11
tests/common/compose/test-repo-add-files.json
View File

@ -1,11 +0,0 @@
{
"ref": "fedora/test",
"repos": ["test-repo"],
"selinux": false,
"packages": ["empty"],
"add-files": [["exported_file", "/exports/exported_file"]]
}

11
tests/common/compose/test-repo.json
View File

@ -1,11 +0,0 @@
{
"ref": "fedora/${basearch}/test",
"repos": ["test-repo"],
"bootstrap_packages": ["empty-1.0"],
"selinux": false,
"packages": []
}

6
tests/common/compose/test-repo.repo.in
View File

@ -1,6 +0,0 @@
[test-repo]
name=test-repo
baseurl=file://%WHERE%/tests/common/compose/yum/repo
enabled=1
gpgcheck=0
skip_if_unavailable=False

37
tests/common/compose/yum/bar.spec
View File

@ -1,37 +0,0 @@
Summary: Awesome utility that allows convenient barbing
Name: bar
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://bar.bar.com
BuildArch: x86_64
# LONG LIVE BARBING!
Conflicts: foo
%description
%{summary}
%prep
%build
cat > bar << EOF
#!/bin/sh
echo "Happy barbing!"
EOF
chmod a+x bar
%install
mkdir -p %{buildroot}/usr/bin
install bar %{buildroot}/usr/bin
%clean
rm -rf %{buildroot}
%files
/usr/bin/bar
%changelog
* Tue Jun 21 2016 Jonathan Lebon <jlebon@redhat.com> 1.0-1
- First Build

69
tests/common/compose/yum/empty.spec
View File

@ -1,69 +0,0 @@
%define __spec_install_post %{nil}
%define debug_package %{nil}
%define __os_install_post %{_dbpath}/brp-compress
Summary: A very (un)useful package
Name: empty
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > empty.c << EOF
int
_start ()
{
__asm__ __volatile__ ("mov \$1, %eax");
__asm__ __volatile__ ("mov \$0, %ebx\n");
__asm__ __volatile__ ("int \$0x80\n");
}
EOF
cc -nostdlib empty.c -o empty
%install
mkdir -p %{buildroot}/boot
mkdir -p %{buildroot}/var/lib
mkdir -p %{buildroot}/var/share/
mkdir -p %{buildroot}/var/tmp/
mkdir -p %{buildroot}/usr/sbin
mkdir -p %{buildroot}/etc
mkdir -p %{buildroot}/usr/lib
mkdir -p %{buildroot}/usr/lib/tmpfiles.d
for i in foo bar hello world; do
echo $i > %{buildroot}/var/share/$i
done
touch %{buildroot}/boot/vmlinuz-kernel
echo "nobody:x:99:99:Nobody:/:/sbin/nologin" > %{buildroot}/etc/passwd
touch %{buildroot}/etc/group
touch %{buildroot}/etc/nsswitch.conf
cp empty %{buildroot}/usr/sbin/depmod
cp empty %{buildroot}/usr/sbin/dracut
touch %{buildroot}/var/tmp/initramfs.img
%clean
rm -rf %{buildroot}
%files
/var/lib
/var/share/*
/boot/*
/usr/sbin/*
/usr/lib/*
/var/tmp/*
/etc/*
%changelog
* Tue Mar 17 2015 Giuseppe Scrivano <gscrivan@redhat.com> 1.0-1
- First Build

36
tests/common/compose/yum/foo-ext.spec
View File

@ -1,36 +0,0 @@
Summary: Awesome utility that requires foo
Name: foo-ext
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
Requires: foo
%description
%{summary}
%prep
%build
cat > foo-ext << EOF
#!/bin/sh
echo "Happy ext foobing!"
EOF
chmod a+x foo-ext
%install
mkdir -p %{buildroot}/usr/bin
install foo-ext %{buildroot}/usr/bin
%clean
rm -rf %{buildroot}
%files
/usr/bin/foo-ext
%changelog
* Tue Jun 21 2016 Jonathan Lebon <jlebon@redhat.com> 1.0-1
- First Build

34
tests/common/compose/yum/foo.spec
View File

@ -1,34 +0,0 @@
Summary: Awesome utility that allows convenient foobing
Name: foo
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > foo << EOF
#!/bin/sh
echo "Happy foobing!"
EOF
chmod a+x foo
%install
mkdir -p %{buildroot}/usr/bin
install foo %{buildroot}/usr/bin
%clean
rm -rf %{buildroot}
%files
/usr/bin/foo
%changelog
* Tue Jun 21 2016 Jonathan Lebon <jlebon@redhat.com> 1.0-1
- First Build

71
tests/common/compose/yum/nonrootcap.spec
View File

@ -1,71 +0,0 @@
Summary: An app that has non-root files and caps
Name: nonrootcap
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > tmp << EOF
#!/bin/sh
echo "Hello!"
EOF
chmod a+x tmp
echo nrc.conf > nrc.conf
cp tmp nrc-none.sh
cp tmp nrc-user.sh
cp tmp nrc-group.sh
cp tmp nrc-caps.sh
cp tmp nrc-caps-setuid.sh
cp tmp nrc-usergroup.sh
cp tmp nrc-usergroupcaps.sh
cp tmp nrc-usergroupcaps-setuid.sh
rm tmp
%pre
groupadd -r nrcgroup
useradd -r nrcuser -g nrcgroup -s /sbin/nologin
%install
install -D nrc.conf %{buildroot}/etc/nrc.conf
ln -sr %{buildroot}/etc/nrc.conf %{buildroot}/etc/nrc-link.conf
mkdir -p %{buildroot}/usr/bin
install *.sh %{buildroot}/usr/bin
ln -sr %{buildroot}/usr/bin/{nrc-user.sh,nrc-user-link.sh}
mkdir -p %{buildroot}/var/lib/nonrootcap
mkdir -p %{buildroot}/run/nonrootcap
mkdir -p %{buildroot}/var/lib/nonrootcap-rootowned
mkdir -p %{buildroot}/run/nonrootcap-rootowned
%clean
rm -rf %{buildroot}
%files
/usr/bin/nrc-none.sh
%attr(-, nrcuser, -) /etc/nrc.conf
%attr(-, nrcuser, -) /etc/nrc-link.conf
%ghost %attr(-, nrcuser, -) /etc/nrc-ghost.conf
%attr(-, nrcuser, -) /usr/bin/nrc-user.sh
%attr(-, nrcuser, -) /usr/bin/nrc-user-link.sh
%attr(-, -, nrcgroup) /usr/bin/nrc-group.sh
%caps(cap_net_bind_service=ep) /usr/bin/nrc-caps.sh
%attr(4775, -, -) %caps(cap_net_bind_service=ep) /usr/bin/nrc-caps-setuid.sh
%attr(-, nrcuser, nrcgroup) /usr/bin/nrc-usergroup.sh
%attr(-, nrcuser, nrcgroup) %caps(cap_net_bind_service=ep) /usr/bin/nrc-usergroupcaps.sh
%attr(4775, nrcuser, nrcgroup) %caps(cap_net_bind_service=ep) /usr/bin/nrc-usergroupcaps-setuid.sh
%attr(-, nrcuser, nrcgroup) /var/lib/nonrootcap
%attr(-, nrcuser, nrcgroup) /run/nonrootcap
/var/lib/nonrootcap-rootowned
/run/nonrootcap-rootowned
%changelog
* Wed Jan 05 2017 Jonathan Lebon <jlebon@redhat.com> 1.0-1
- First Build

50
tests/common/compose/yum/scriptpkg1.spec
View File

@ -1,50 +0,0 @@
Summary: An app that uses useradd in its %pre
Name: scriptpkg1
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > scriptpkg1 << EOF
#!/bin/sh
echo "Hello!"
EOF
chmod a+x scriptpkg1
%pre
# Test our /etc/passwd handling
groupadd -r scriptpkg1
%pretrans
# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
echo "I'm a workaround for a bug" >/dev/null
%posttrans
# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
. /etc/os-release || :
# See https://github.com/projectatomic/rpm-ostree/pull/647
for path in /tmp /var/tmp; do
if test -f ${path}/file-in-host-tmp-not-for-scripts; then echo "found file from host /tmp"; exit 1; fi
done
%install
mkdir -p %{buildroot}/usr/bin
install scriptpkg1 %{buildroot}/usr/bin
%clean
rm -rf %{buildroot}
%files
/usr/bin/scriptpkg1
%changelog
* Wed Aug 17 2016 Jonathan Lebon <jlebon@redhat.com> 1.0-1
- First Build

42
tests/common/compose/yum/test-livefs-with-etc.spec
View File

@ -1,42 +0,0 @@
Name: test-livefs-with-etc
Summary: %{name}
Version: 1.0
Release: 1
License: GPL+
Group: Development/Tools
URL: http://foo.bar.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > %{name} << EOF
#!/bin/sh
echo "livefs-with-etc"
EOF
chmod a+x %{name}
cat > %{name}.conf <<EOF
A config file for %{name}
EOF
%install
mkdir -p %{buildroot}/usr/bin
install %{name} %{buildroot}/usr/bin
mkdir -p %{buildroot}/etc
install %{name}.conf %{buildroot}/etc
mkdir -p %{buildroot}/etc/%{name}/
echo subconfig-one > %{buildroot}/etc/%{name}/subconfig-one.conf
echo subconfig-two > %{buildroot}/etc/%{name}/subconfig-two.conf
mkdir -p %{buildroot}/etc/%{name}/subdir
echo subconfig-three > %{buildroot}/etc/%{name}/subdir/subconfig-three.conf
mkdir -p %{buildroot}/etc/opt
echo file-in-opt-subdir > %{buildroot}/etc/opt/%{name}-opt.conf
%files
/usr/bin/%{name}
/etc/%{name}.conf
/etc/%{name}/*
/etc/opt/%{name}*

22
tests/common/compose/yum/test-opt.spec
View File

@ -1,22 +0,0 @@
Summary: Test package which installs in /opt
Name: test-opt
Version: 1.0
Release: 1
License: GPLv2+
Group: Development/Tools
URL: http://example.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
%install
mkdir -p %{buildroot}/opt/app/bin
touch %{buildroot}/opt/app/bin/foo
%files
/opt/app

33
tests/common/compose/yum/test-post-rofiles-violation.spec
View File

@ -1,33 +0,0 @@
Summary: Test failure to install due rofiles violatiin
Name: test-posttrunc-fail
Version: 1.0
Release: 1
License: GPLv2+
Group: Development/Tools
URL: http://example.com
BuildArch: x86_64
%description
%{summary}
%prep
%build
cat > scriptpkg1 << EOF
#!/bin/sh
echo "Hello!"
EOF
chmod a+x scriptpkg1
%post
echo 'should fail' >> /usr/share/licenses/glibc/COPYING
%install
mkdir -p %{buildroot}/usr/bin
install scriptpkg1 %{buildroot}/usr/bin
%clean
rm -rf %{buildroot}
%files
/usr/bin/scriptpkg1

1
tests/vmcheck/test-initramfs.sh
View File

@ -26,7 +26,6 @@ set -x
# SUMMARY: Tests for the `initramfs` functionality
vm_send_test_repo
base=$(vm_get_booted_csum)
vm_rpmostree initramfs > initramfs.txt

22
tests/vmcheck/test-layering-basic.sh
View File

@ -29,8 +29,6 @@ set -x
# Add a package, verify that it was added, then remove it, and verify that
# it was removed.
vm_send_test_repo
# make sure the package is not already layered
vm_assert_layered_pkg foo absent
vm_assert_status_jq \
@ -38,6 +36,11 @@ vm_assert_status_jq \
'.deployments[0]["pending-base-checksum"]|not'
# make sure installing in /opt fails
vm_build_rpm test-opt \
files /opt/app \
install "mkdir -p %{buildroot}/opt/app/bin
touch %{buildroot}/opt/app/bin/foo"
if vm_rpmostree install test-opt-1.0 2>err.txt; then
assert_not_reached "Was able to install a package in /opt"
fi
@ -45,6 +48,7 @@ assert_file_has_content err.txt "See https://github.com/projectatomic/rpm-ostree
echo "ok failed to install in opt"
vm_build_rpm foo
vm_rpmostree pkg-add foo-1.0
vm_cmd ostree --repo=/sysroot/ostree/repo/extensions/rpmostree/pkgcache refs |grep /foo/> refs.txt
pkgref=$(head -1 refs.txt)
@ -61,7 +65,8 @@ vm_assert_status_jq \
vm_assert_layered_pkg foo-1.0 present
echo "ok pkg foo added"
if ! vm_cmd /usr/bin/foo | grep "Happy foobing!"; then
output=$(vm_cmd /usr/bin/foo)
if [[ $output != foo ]]; then
assert_not_reached "foo printed wrong output"
fi
echo "ok correct output"
@ -69,6 +74,7 @@ echo "ok correct output"
# upgrade to a layer with foo already builtin
vm_cmd ostree commit -b vmcheck --tree=ref=$(vm_get_booted_csum)
vm_rpmostree upgrade
vm_build_rpm bar conflicts foo
if vm_rpmostree install bar &> err.txt; then
assert_not_reached "successfully layered conflicting pkg bar?"
fi
@ -117,16 +123,12 @@ assert_not_file_has_content output.txt '^Importing:'
# upgrade with different foo in repos --> should re-import
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck
# this is a bit hacky: rpm building is normally handled by make, on which
# vmcheck itself is dependent
c1=$(sha256sum ${commondir}/compose/yum/repo/packages/x86_64/foo-1.0-1.x86_64.rpm)
touch ${commondir}/compose/yum/foo.spec
make -C ${builddir} tests/common/compose/yum/repo/repodata/repomd.xml
c2=$(sha256sum ${commondir}/compose/yum/repo/packages/x86_64/foo-1.0-1.x86_64.rpm)
c1=$(sha256sum ${test_tmpdir}/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm)
vm_build_rpm foo
c2=$(sha256sum ${test_tmpdir}/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm)
if cmp -s c1 c2; then
assert_not_reached "RPM rebuild yielded same SHA256"
fi
vm_send_test_repo
vm_rpmostree upgrade | tee output.txt
assert_file_has_content output.txt '^Importing:'
echo "ok invalidate pkgcache from RPM chksum"

5
tests/vmcheck/test-layering-gpg.sh
View File

@ -24,13 +24,14 @@ set -e
set -x
vm_send_test_repo 1
vm_clean_caches
# make sure the package is not already layered
vm_assert_layered_pkg foo absent
if vm_rpmostree pkg-add foo-1.0 2>err.txt; then
vm_build_rpm foo version 4.5 release 6
vm_send_test_repo 1 # resend repo with gpg checking on
if vm_rpmostree pkg-add foo-4.5 2>err.txt; then
assert_not_reached "Installed unsigned package"
fi
assert_file_has_content err.txt 'package not signed: foo'

15
tests/vmcheck/test-layering-local.sh
View File

@ -24,12 +24,11 @@ set -e
set -x
vm_send_test_repo
vm_assert_layered_pkg foo absent
vm_cmd ostree refs $(vm_get_deployment_info 0 checksum) --create vmcheck_tmp/without_foo
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_build_rpm foo version 1.2 release 3
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.2-3.x86_64.rpm
echo "ok install foo locally"
vm_reboot
@ -37,8 +36,8 @@ vm_reboot
vm_assert_status_jq '.deployments[0]["packages"]|length == 0'
vm_assert_status_jq '.deployments[0]["requested-packages"]|length == 0'
vm_assert_status_jq '.deployments[0]["requested-local-packages"]|length == 1'
vm_has_local_packages foo-1.0-1.x86_64
vm_assert_layered_pkg foo-1.0-1.x86_64 present
vm_has_local_packages foo-1.2-3.x86_64
vm_assert_layered_pkg foo-1.2-3.x86_64 present
echo "ok pkg foo added locally"
# check that we can still request foo and it's dormant
@ -50,7 +49,7 @@ vm_assert_status_jq '.deployments[0]["requested-local-packages"]|length == 1'
echo "ok request foo"
# check that uninstalling the local rpm makes us go back to repos
vm_rpmostree uninstall foo-1.0-1.x86_64
vm_rpmostree uninstall foo-1.2-3.x86_64
vm_assert_status_jq '.deployments[0]["packages"]|length == 1'
vm_assert_status_jq '.deployments[0]["requested-packages"]|length == 1'
@ -62,7 +61,7 @@ vm_cmd ostree refs $(vm_get_deployment_info 0 checksum) --create vmcheck_tmp/wit
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo
vm_rpmostree uninstall foo
vm_rpmostree upgrade # upgrades to new base which has foo
if vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm; then
if vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.2-3.x86_64.rpm; then
assert_not_reached "didn't error out when trying to install same pkg"
fi
echo "ok error on layering same pkg in base"
@ -71,5 +70,5 @@ echo "ok error on layering same pkg in base"
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/without_foo
vm_rpmostree upgrade
vm_cmd rm -rf /etc/yum.repos.d/
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.2-3.x86_64.rpm
echo "ok layer local foo without repos"

34
tests/vmcheck/test-layering-non-root-caps.sh
View File

@ -26,11 +26,41 @@ set -x
# SUMMARY: check that RPM scripts are properly handled during package layering
vm_send_test_repo
# make sure the package is not already layered
vm_assert_layered_pkg nonrootcap absent
vm_build_rpm nonrootcap \
build "echo nrc.conf > nrc.conf
for mode in none user group caps{,-setuid} usergroup{,caps{,-setuid}}; do
cp nonrootcap nrc-\$mode.sh
done" \
pre "groupadd -r nrcgroup
useradd -r nrcuser -g nrcgroup -s /sbin/nologin" \
install "install -Dt %{buildroot}/etc nrc.conf
ln -sr %{buildroot}/etc/nrc.conf %{buildroot}/etc/nrc-link.conf
install -Dt %{buildroot}/usr/bin *.sh
ln -sr %{buildroot}/usr/bin/{nrc-user.sh,nrc-user-link.sh}
mkdir -p %{buildroot}/var/lib/nonrootcap
mkdir -p %{buildroot}/run/nonrootcap
mkdir -p %{buildroot}/var/lib/nonrootcap-rootowned
mkdir -p %{buildroot}/run/nonrootcap-rootowned" \
files "/usr/bin/nrc-none.sh
%attr(-, nrcuser, -) /etc/nrc.conf
%attr(-, nrcuser, -) /etc/nrc-link.conf
%ghost %attr(-, nrcuser, -) /etc/nrc-ghost.conf
%attr(-, nrcuser, -) /usr/bin/nrc-user.sh
%attr(-, nrcuser, -) /usr/bin/nrc-user-link.sh
%attr(-, -, nrcgroup) /usr/bin/nrc-group.sh
%caps(cap_net_bind_service=ep) /usr/bin/nrc-caps.sh
%attr(4775, -, -) %caps(cap_net_bind_service=ep) /usr/bin/nrc-caps-setuid.sh
%attr(-, nrcuser, nrcgroup) /usr/bin/nrc-usergroup.sh
%attr(-, nrcuser, nrcgroup) %caps(cap_net_bind_service=ep) /usr/bin/nrc-usergroupcaps.sh
%attr(4775, nrcuser, nrcgroup) %caps(cap_net_bind_service=ep) /usr/bin/nrc-usergroupcaps-setuid.sh
%attr(-, nrcuser, nrcgroup) /var/lib/nonrootcap
%attr(-, nrcuser, nrcgroup) /run/nonrootcap
/var/lib/nonrootcap-rootowned
/run/nonrootcap-rootowned"
vm_rpmostree install nonrootcap
echo "ok install nonrootcap"

14
tests/vmcheck/test-layering-relayer.sh
View File

@ -30,11 +30,10 @@ set -x
# Add a package, then test that after an upgrade, deploy, or rebase, we
# still have the package.
vm_send_test_repo
# make sure the package is not already layered
vm_assert_layered_pkg foo absent
vm_build_rpm foo
vm_rpmostree pkg-add foo
echo "ok pkg-add foo"
@ -98,19 +97,20 @@ echo "ok pkg foo relayered on rebase"
vm_assert_status_jq ".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["packages"]|index("foo") >= 0' \
'.deployments[0]["packages"]|index("nonrootcap")|not'
vm_rpmostree install nonrootcap
'.deployments[0]["packages"]|index("bar")|not'
vm_build_rpm bar
vm_rpmostree install bar
vm_assert_status_jq ".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["packages"]|index("foo") >= 0' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0'
'.deployments[0]["packages"]|index("bar") >= 0'
commit=$(vm_cmd ostree commit -b vmcheck \
--tree=ref=vmcheck --add-metadata-string=version=my-commit2)
vm_rpmostree rebase ${commit}
vm_assert_status_jq ".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["packages"]|index("foo") >= 0' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0'
'.deployments[0]["packages"]|index("bar") >= 0'
vm_rpmostree uninstall foo
vm_assert_status_jq ".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["packages"]|index("foo")|not' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0'
'.deployments[0]["packages"]|index("bar") >= 0'
echo "ok rollup"

4
tests/vmcheck/test-layering-rpmdb.sh
View File

@ -36,14 +36,13 @@ set -x
# - test that layering a new pkg that conflicts with a base pkg fails
# - test that relayering on a base with a conflicting package fails
vm_send_test_repo
# make sure the package is not already layered
vm_assert_layered_pkg foo absent
# remember this current commit for later
vm_cmd ostree refs $(vm_get_booted_csum) --create vmcheck_tmp/without_foo
vm_build_rpm foo
vm_rpmostree install foo
echo "ok install foo"
@ -73,6 +72,7 @@ fi
echo "ok layered to dormant"
vm_build_rpm bar conflicts foo
if vm_rpmostree pkg-add bar; then
assert_not_reached "pkg-add bar succeeded but it conflicts with foo in base"
fi

23
tests/vmcheck/test-layering-scripts.sh
View File

@ -26,12 +26,23 @@ set -x
# SUMMARY: check that RPM scripts are properly handled during package layering
vm_send_test_repo
# do a bunch of tests together so that we only have to reboot once
# make sure the package is not already layered
vm_assert_layered_pkg scriptpkg1 absent
vm_build_rpm scriptpkg1 \
pre "groupadd -r scriptpkg1" \
pretrans "# http://lists.rpm.org/pipermail/rpm-ecosystem/2016-August/000391.html
echo i should've been ignored && exit 1" \
posttrans "# Firewalld; https://github.com/projectatomic/rpm-ostree/issues/638
. /etc/os-release || :
# See https://github.com/projectatomic/rpm-ostree/pull/647
for path in /tmp /var/tmp; do
if test -f \${path}/file-in-host-tmp-not-for-scripts; then
echo found file from host /tmp
exit 1
fi
done"
# See scriptpkg1.spec
# check that host /tmp doesn't get mounted
vm_cmd touch /tmp/file-in-host-tmp-not-for-scripts
vm_rpmostree pkg-add scriptpkg1
echo "ok pkg-add scriptpkg1"
@ -49,6 +60,8 @@ vm_cmd getent group scriptpkg1
echo "ok group scriptpkg1 active"
# And now, things that should fail
if vm_rpmostree install test-post-rofiles-violation; then
vm_build_rpm rofiles-violation \
post "echo should fail >> /usr/share/licenses/glibc/COPYING"
if vm_rpmostree install rofiles-violation; then
assert_not_reached "installed test-post-rofiles-violation!"
fi

35
tests/vmcheck/test-layering-unified.sh
View File

@ -24,13 +24,14 @@ set -e
set -x
vm_send_test_repo
vm_assert_layered_pkg foo absent
vm_assert_layered_pkg nonrootcap absent
vm_assert_layered_pkg bar absent
foo_rpm=/tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm
nrc_rpm=/tmp/vmcheck/repo/packages/x86_64/nonrootcap-1.0-1.x86_64.rpm
vm_build_rpm foo
foo_rpm=/tmp/vmcheck/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_build_rpm bar
bar_rpm=/tmp/vmcheck/yumrepo/packages/x86_64/bar-1.0-1.x86_64.rpm
# We cheat a bit here and don't actually reboot the system. Instead, we just
# check that then pending deployment looks sane.
@ -38,50 +39,50 @@ nrc_rpm=/tmp/vmcheck/repo/packages/x86_64/nonrootcap-1.0-1.x86_64.rpm
# UPGRADE
commit=$(vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck)
vm_rpmostree upgrade --install nonrootcap --install $foo_rpm
vm_rpmostree upgrade --install bar --install $foo_rpm
vm_assert_status_jq \
".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["packages"]|length == 1' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0' \
'.deployments[0]["packages"]|index("bar") >= 0' \
'.deployments[0]["requested-local-packages"]|length == 1' \
'.deployments[0]["requested-local-packages"]|index("foo-1.0-1.x86_64") >= 0'
vm_rpmostree cleanup -p
echo "ok upgrade with nonrootcap and local foo"
echo "ok upgrade with bar and local foo"
# DEPLOY
commit=$(vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck \
--add-metadata-string=version=SUPADUPAVERSION)
vm_rpmostree deploy SUPADUPAVERSION --install foo --install $nrc_rpm
vm_rpmostree deploy SUPADUPAVERSION --install foo --install $bar_rpm
vm_assert_status_jq \
".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["version"] == "SUPADUPAVERSION"' \
'.deployments[0]["packages"]|length == 1' \
'.deployments[0]["packages"]|index("foo") >= 0' \
'.deployments[0]["requested-local-packages"]|length == 1' \
'.deployments[0]["requested-local-packages"]|index("nonrootcap-1.0-1.x86_64") >= 0'
'.deployments[0]["requested-local-packages"]|index("bar-1.0-1.x86_64") >= 0'
vm_rpmostree cleanup -p
echo "ok deploy with foo and local nonrootcap"
echo "ok deploy with foo and local bar"
# REBASE
commit=$(vm_cmd ostree commit -b vmcheck_tmp/rebase \
--tree=ref=vmcheck --add-metadata-string=version=SUPADUPAVERSION)
vm_rpmostree rebase vmcheck_tmp/rebase SUPADUPAVERSION \
--install nonrootcap --install $foo_rpm
--install bar --install $foo_rpm
vm_assert_status_jq \
".deployments[0][\"base-checksum\"] == \"${commit}\"" \
'.deployments[0]["origin"] == "vmcheck_tmp/rebase"' \
'.deployments[0]["version"] == "SUPADUPAVERSION"' \
'.deployments[0]["packages"]|length == 1' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0' \
'.deployments[0]["packages"]|index("bar") >= 0' \
'.deployments[0]["requested-local-packages"]|length == 1' \
'.deployments[0]["requested-local-packages"]|index("foo-1.0-1.x86_64") >= 0'
vm_rpmostree cleanup -p
echo "ok rebase with nonrootcap and local foo"
echo "ok rebase with bar and local foo"
# PKG CHANGES
@ -90,12 +91,12 @@ vm_assert_status_jq \
'.deployments[0]["packages"]|length == 0' \
'.deployments[0]["requested-local-packages"]|length == 1' \
'.deployments[0]["requested-local-packages"]|index("foo-1.0-1.x86_64") >= 0'
vm_rpmostree uninstall foo-1.0-1.x86_64 --install nonrootcap
vm_rpmostree uninstall foo-1.0-1.x86_64 --install bar
vm_assert_status_jq \
'.deployments[0]["packages"]|length == 1' \
'.deployments[0]["packages"]|index("nonrootcap") >= 0' \
'.deployments[0]["packages"]|index("bar") >= 0' \
'.deployments[0]["requested-local-packages"]|length == 0'
vm_rpmostree install foo --uninstall nonrootcap
vm_rpmostree install foo --uninstall bar
vm_assert_status_jq \
'.deployments[0]["packages"]|length == 1' \
'.deployments[0]["packages"]|index("foo") >= 0' \

25
tests/vmcheck/test-livefs.sh
View File

@ -24,11 +24,10 @@ set -e
set -x
vm_send_test_repo
vm_assert_layered_pkg foo absent
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_build_rpm foo
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_assert_status_jq '.deployments|length == 2'
echo "ok install foo locally"
@ -51,7 +50,21 @@ vm_assert_status_jq '.deployments|length == 3' '.deployments[0]["live-replaced"]
echo "ok livefs stage1"
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/test-livefs-with-etc-1.0-1.x86_64.rpm
vm_build_rpm test-livefs-with-etc \
build 'echo "A config file for %{name}" > %{name}.conf' \
install 'install -Dt %{buildroot}/etc %{name}.conf
mkdir -p %{buildroot}/etc/%{name}/
echo subconfig-one > %{buildroot}/etc/%{name}/subconfig-one.conf
echo subconfig-two > %{buildroot}/etc/%{name}/subconfig-two.conf
mkdir -p %{buildroot}/etc/%{name}/subdir
echo subconfig-three > %{buildroot}/etc/%{name}/subdir/subconfig-three.conf
mkdir -p %{buildroot}/etc/opt
echo file-in-opt-subdir > %{buildroot}/etc/opt/%{name}-opt.conf' \
files "/etc/%{name}.conf
/etc/%{name}/*
/etc/opt/%{name}*"
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/test-livefs-with-etc-1.0-1.x86_64.rpm
assert_livefs_ok
vm_rpmostree ex livefs
vm_cmd rpm -q foo test-livefs-with-etc > rpmq.txt
@ -82,7 +95,7 @@ reset() {
reset
# If the admin created a config file before, we need to keep it
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/test-livefs-with-etc-1.0-1.x86_64.rpm
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/test-livefs-with-etc-1.0-1.x86_64.rpm
vm_cmd cat /etc/test-livefs-with-etc.conf || true
vm_cmd echo custom \> /etc/test-livefs-with-etc.conf
vm_cmd cat /etc/test-livefs-with-etc.conf
@ -92,7 +105,7 @@ assert_file_has_content test-livefs-with-etc.conf "custom"
echo "ok livefs preserved modified config"
reset
vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm
vm_rpmostree ex livefs
generate_upgrade() {
# Create a modified vmcheck commit

49
tests/vmcheck/test-override-remove.sh
View File

@ -24,14 +24,12 @@ set -e
set -x
vm_send_test_repo
# create a new vmcheck commit which has foo and nonrootcap in it already so that
# we can target them with our override
# create a new vmcheck commit which has foo and bar in it already so that we can
# target them with our override
# make sure the packages are not already layered
vm_assert_layered_pkg foo absent
vm_assert_layered_pkg nonrootcap absent
vm_assert_layered_pkg bar absent
vm_assert_status_jq \
'.deployments[0]["base-checksum"]|not' \
'.deployments[0]["pending-base-checksum"]|not' \
@ -39,50 +37,52 @@ vm_assert_status_jq \
'.deployments[0]["requested-base-removals"]|length == 0'
vm_cmd ostree refs $(vm_get_booted_csum) \
--create vmcheck_tmp/without_foo_and_nonrootcap
--create vmcheck_tmp/without_foo_and_bar
# create a new branch with foo and nonrootcap already in it
vm_rpmostree install foo nonrootcap
# create a new branch with foo and bar
vm_build_rpm foo
vm_build_rpm bar
vm_rpmostree install foo bar
vm_cmd ostree refs $(vm_get_deployment_info 0 checksum) \
--create vmcheck_tmp/with_foo_and_nonrootcap
--create vmcheck_tmp/with_foo_and_bar
vm_rpmostree cleanup -p
# upgrade to new commit with foo in the base layer
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_nonrootcap
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_bar
vm_rpmostree upgrade
vm_reboot
if ! vm_has_packages foo nonrootcap; then
assert_not_reached "foo or nonrootcap not in base layer"
if ! vm_has_packages foo bar; then
assert_not_reached "foo or bar not in base layer"
fi
echo "ok setup"
vm_rpmostree ex override remove foo nonrootcap
vm_rpmostree ex override remove foo bar
vm_assert_status_jq \
'.deployments[0]["base-removals"]|length == 2' \
'.deployments[0]["base-removals"]|index("foo") >= 0' \
'.deployments[0]["base-removals"]|index("nonrootcap") >= 0' \
'.deployments[0]["base-removals"]|index("bar") >= 0' \
'.deployments[0]["requested-base-removals"]|length == 2' \
'.deployments[0]["requested-base-removals"]|index("foo") >= 0' \
'.deployments[0]["requested-base-removals"]|index("nonrootcap") >= 0'
echo "ok override remove foo and nonrootcap"
'.deployments[0]["requested-base-removals"]|index("bar") >= 0'
echo "ok override remove foo and bar"
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck
vm_rpmostree upgrade
vm_assert_status_jq \
'.deployments[0]["base-removals"]|length == 2' \
'.deployments[0]["base-removals"]|index("foo") >= 0' \
'.deployments[0]["base-removals"]|index("nonrootcap") >= 0' \
'.deployments[0]["base-removals"]|index("bar") >= 0' \
'.deployments[0]["requested-base-removals"]|length == 2' \
'.deployments[0]["requested-base-removals"]|index("foo") >= 0' \
'.deployments[0]["requested-base-removals"]|index("nonrootcap") >= 0'
'.deployments[0]["requested-base-removals"]|index("bar") >= 0'
echo "ok override remove carried through upgrade"
vm_rpmostree ex override reset foo
vm_assert_status_jq \
'.deployments[0]["base-removals"]|length == 1' \
'.deployments[0]["base-removals"]|index("nonrootcap") >= 0' \
'.deployments[0]["base-removals"]|index("bar") >= 0' \
'.deployments[0]["requested-base-removals"]|length == 1' \
'.deployments[0]["requested-base-removals"]|index("nonrootcap") >= 0'
'.deployments[0]["requested-base-removals"]|index("bar") >= 0'
echo "ok override reset foo"
vm_rpmostree ex override reset --all
@ -98,7 +98,7 @@ vm_assert_status_jq \
'.deployments[0]["base-removals"]|index("foo") >= 0' \
'.deployments[0]["requested-base-removals"]|length == 1' \
'.deployments[0]["requested-base-removals"]|index("foo") >= 0'
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/without_foo_and_nonrootcap
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/without_foo_and_bar
vm_rpmostree upgrade
vm_assert_status_jq \
'.deployments[0]["base-removals"]|length == 0' \
@ -107,7 +107,7 @@ vm_assert_status_jq \
echo "ok override remove requested but not applied"
# check that upgrading again to a base with foo turns the override back on
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_nonrootcap
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_bar
vm_rpmostree upgrade
vm_assert_status_jq \
'.deployments[0]["base-removals"]|length == 1' \
@ -132,7 +132,7 @@ vm_rpmostree cleanup -p
echo "ok override remove layered pkg foo fails"
# the next two error checks expect an upgraded layer with foo builtin
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_nonrootcap
vm_cmd ostree commit -b vmcheck --tree=ref=vmcheck_tmp/with_foo_and_bar
vm_rpmostree upgrade
vm_rpmostree ex override remove foo
@ -141,12 +141,13 @@ if vm_rpmostree install foo; then
fi
# the check blocking this isn't related to overrides, though for consistency
# let's make sure this fails here too
if vm_rpmostree install /tmp/vmcheck/repo/packages/x86_64/foo-1.0-1.x86_64.rpm; then
if vm_rpmostree install /tmp/vmcheck/yumrepo/packages/x86_64/foo-1.0-1.x86_64.rpm; then
assert_not_reached "tried to layer local pkg removed by override"
fi
vm_rpmostree cleanup -p
echo "ok can't layer pkg removed by override"
vm_build_rpm foo-ext requires "foo = 1.0-1"
vm_rpmostree upgrade --install foo-ext
if vm_rpmostree ex override remove foo; then
assert_not_reached "override remove base pkg needed by layered pkg succeeded?"