diff --git a/.papr.yml b/.papr.yml index 0b130ca6..34a169fe 100644 --- a/.papr.yml +++ b/.papr.yml @@ -29,6 +29,7 @@ tests: - ci/ci-commitmessage-submodules.sh - ci/codestyle.sh - ci/build-check.sh + - ci/vmcheck-provision.sh - make vmcheck timeout: 60m @@ -70,6 +71,7 @@ extra-repos: tests: # we're still on devmapper here; we need to expand rootfs for tests - for vm in vmcheck{1..3}; do ssh $vm lvresize -r -L +5G atomicos/root; done + - ci/vmcheck-provision.sh - yum install -y epel-release - ci/build-check.sh - make vmcheck diff --git a/Makefile-tests.am b/Makefile-tests.am index cd37ff61..617ca509 100644 --- a/Makefile-tests.am +++ b/Makefile-tests.am @@ -18,6 +18,8 @@ if BUILDOPT_ASAN AM_TESTS_ENVIRONMENT += BUILDOPT_ASAN=yes ASAN_OPTIONS=detect_leaks=false endif +GITIGNOREFILES += ssh-config ansible-inventory.yml vmcheck/ test-compose-logs/ + testbin_cppflags = $(AM_CPPFLAGS) -I $(srcdir)/src/lib -I $(srcdir)/src/libpriv -I $(srcdir)/libglnx -I $(srcdir)/tests/common testbin_cflags = $(AM_CFLAGS) $(PKGDEP_RPMOSTREE_CFLAGS) testbin_ldadd = $(PKGDEP_RPMOSTREE_LIBS) librpmostree-1.la librpmostreepriv.la diff --git a/ci/vmcheck-provision.sh b/ci/vmcheck-provision.sh new file mode 100755 index 00000000..66fc3523 --- /dev/null +++ b/ci/vmcheck-provision.sh @@ -0,0 +1,8 @@ +#!/usr/bin/bash +# Install build dependencies, run unit tests and installed tests. + +set -xeuo pipefail + +dn=$(dirname $0) +. ${dn}/libbuild.sh +pkg_install openssh-clients ansible diff --git a/tests/common/libvm.sh b/tests/common/libvm.sh index d0a74ad3..aed3c808 100644 --- a/tests/common/libvm.sh +++ b/tests/common/libvm.sh @@ -21,19 +21,31 @@ vm_setup() { export VM=${VM:-vmcheck} - local sshopts="-o User=root \ - -o ControlMaster=auto \ - -o ControlPath=/var/tmp/ssh-$VM-$(date +%s%N).sock \ - -o ControlPersist=yes" + SSHOPTS="-o User=root -o ControlMaster=auto \ + -o ControlPath=/var/tmp/ssh-$VM-$(date +%s%N).sock \ + -o ControlPersist=yes" # If we're provided with an ssh-config, make sure we tell # ssh to pick it up. if [ -f "${topsrcdir}/ssh-config" ]; then - sshopts="$sshopts -F ${topsrcdir}/ssh-config" + SSHOPTS="${SSHOPTS} -F ${topsrcdir}/ssh-config" fi + export SSHOPTS - export SSH="ssh $sshopts $VM" - export SCP="scp $sshopts" + export SSH="ssh ${SSHOPTS} $VM" + export SCP="scp ${SSHOPTS}" +} + +vm_ansible_inline() { + playbook=$(mktemp -p /tmp 'libvm-ansible.XXXXXX') + cat > ${playbook} <> ${playbook} + ansible-playbook -i ${VM}, --ssh-common-args "${SSHOPTS}" ${playbook} + rm -f ${playbook} } # rsync wrapper that sets up authentication diff --git a/tests/vmcheck/test-basic.sh b/tests/vmcheck/test-basic.sh index 47ae076e..506d6498 100755 --- a/tests/vmcheck/test-basic.sh +++ b/tests/vmcheck/test-basic.sh @@ -44,10 +44,13 @@ echo "ok jsonpath" # underhanded, but we need a bona fide user session to verify non-priv status, # and logging in through SSH is an easy way to achieve that. if ! vm_cmd getent passwd testuser; then - vm_cmd useradd testuser - vm_cmd mkdir -pm 0700 /home/testuser/.ssh - vm_cmd cp -a /root/.ssh/authorized_keys /home/testuser/.ssh - vm_cmd chown -R testuser:testuser /home/testuser/.ssh + vm_ansible_inline < + useradd testuser && + mkdir -pm 0700 /home/testuser/.ssh && + cp -a /root/.ssh/authorized_keys /home/testuser/.ssh && + chown -R testuser:testuser /home/testuser/.ssh +EOF fi # Make sure we can't do various operations as non-root