Commit Graph

373 Commits

Author SHA1 Message Date
Jonathan Lebon
5c5ebc1b0a core: add support for installing from cache
We start by adding support in the core for installing packages strictly
from the cache repo. We fool the libdnf stack by re-exporting the header
as an RPM, and explicitly marking it for install. The treefile format
supports specifying the expected SHA-256 of the metadata header, in case
the cache for a specific NEVRA changed.

Closes: #657
Approved by: cgwalters
2017-03-10 18:35:11 +00:00
Jonathan Lebon
49cbdb739a status: always include the packages entries
Pull #646 introduced a subtle regression: we went from always including
a "packages" entry to only including it if there are packages present.
Albeit it's easy to guard against, though to be nice, let's make it
easier for consumers by always including it.

Reported-by: Micah Abbott <miabbott@redhat.com>

Closes: #670
Approved by: cgwalters
2017-03-10 14:54:45 +00:00
Colin Walters
14a9135ea0 main: Output YAML for --version
Equivalent of https://github.com/ostreedev/ostree/pull/691
Basically, it's nicer to parse.

Closes: #665
Approved by: jlebon
2017-03-09 14:23:34 +00:00
Colin Walters
66425c3161 core: Do GPG verification before importing
While reading a recent conversation about GPG checking at treecompose
time, I had a sudden thought - were we actually doing verification
client side?  Turned out, we aren't.  That happens as part of
`dnf_transaction_commit()` which we don't use.

That function verifies every package at one go, but for us I think it's better
to do it before "importing". We shouldn't have untrusted bits that we've
unpacked (they might have suid binaries, for one thing).

This is an embarassing problem, but it's worth emphasizing that everyone should
be retrieving repodata at a minimum over TLS, which sets a baseline. On RHEL, we
already do pinned TLS, and there are discussions about extending that elsewhere.

See: https://bugzilla.redhat.com/show_bug.cgi?id=1422157

Closes: #656
Approved by: jlebon
2017-03-06 15:19:43 +00:00
Colin Walters
22048b25a7 scripts: Use tmpfs for /var/tmp, not the host's /tmp
We don't want to expose the host's `/tmp` since that means scripts could
potentially find things like the X11 socket or whatever.

To debug things better, add a quick bash script to run bwrap like the C code
does. Perhaps down the line we can add `rpm-ostree internals run-bwrap` or so.

Closes: #647
Approved by: jlebon
2017-02-28 23:37:15 +00:00
Jonathan Lebon
7fd474f8e1 vmcheck: adjust for new behaviour
Closes: #646
Approved by: cgwalters
2017-02-27 19:53:19 +00:00
Colin Walters
b034381506 daemon: Implement "reload"
There are two main issues right now; first, we don't pick up manual changes to
`.origin` files, which occurs when one needs to sed it to remove `unconfigured`
for example. Second, we need to reload changes to the remotes.

Closes: #598
Approved by: jlebon
2017-02-24 21:36:45 +00:00
Colin Walters
229fdfa7f9 scripts: Bind rather than symlink /usr/etc → /etc
This fixes resolution of relative symlinks, which fixes installation
of `firewalld` in Fedora 25.

Closes: https://github.com/projectatomic/rpm-ostree/issues/638

Closes: #640
Approved by: jlebon
2017-02-24 20:43:05 +00:00
Jonathan Lebon
a3ee87d67d vmcheck/test.sh: output reboot details to log
Clean up the output of vmcheck a bit by printing out ssh debug details
and rpm-ostree status output to the log file. This will help make it
easier to quickly see which tests failed (as well as helping satisfy my
OCD for a nice output).

Closes: #645
Approved by: cgwalters
2017-02-24 19:50:25 +00:00
Jonathan Lebon
88548f2e1a libvm: don't call rpm-ostree status on first time
On the first call to vmsync/vmoverlay, we do an immediate vm_ssh_wait()
to check if we have a live VM. However, we don't necessarily have a
working rpm-ostree in there if we're hacking on stuff. It gets annoying
to wait for the timeout there.

Let's just work around that by instead only calling status if we got
there through vm_reboot_cmd(), which is most likely when we're most
interested in the status output anyway.

Closes: #645
Approved by: cgwalters
2017-02-24 19:50:25 +00:00
Colin Walters
f573354324 ci: Hotfix ostree temporarily
For https://github.com/ostreedev/ostree/pull/705

Closes: #642
Approved by: jlebon
2017-02-23 20:03:06 +00:00
Jonathan Lebon
8eb746f533 test-initramfs.sh: fix for centos
Fetch the osname rather than hardcoding it.

Closes: #636
Approved by: cgwalters
2017-02-21 14:13:42 +00:00
Colin Walters
ddbaf19f1e importer: Error importing RPMs which install to /opt (outside of /usr)
See https://github.com/projectatomic/rpm-ostree/issues/233 - for RPMs which
place files in e.g. `/opt`, we have different behavior in the treecompose case
(silently drop it) versus package layering (does the wrong thing).

Since the unpacker right now is only used in the layering case, this just
ensures we'll get a consistent error there.

Closes: #624
Approved by: jlebon
2017-02-14 22:15:56 +00:00
Colin Walters
775c7819b7 daemon: Avoid erroring out on startup/status with origin unconfigured-state
As part of an earlier cleanup of origin parsing, we started checking
the origin `unconfigured-state` even just starting the daemon, which
is kind of bad.

It's tempting to flip the default for the parser so that we *only* check
unconfigured state if we go to upgrade, but let's not do that in this patch.

Closes: #626
Approved by: jlebon
2017-02-14 14:00:09 +00:00
Jonathan Lebon
8cf071127e unpacker: support root-owned /var & /run files
I'm not sure why we weren't doing this before, but we need to also
support files in /var and /run that are owned by root.

Related: RHBZ#1421781

Closes: #622
Approved by: cgwalters
2017-02-13 16:49:59 +00:00
Colin Walters
a66d27230d Add a cleanup command and DBus API
We sometimes talk about using `ostree admin undeploy`, but that
doesn't know about the pkgcache, and hence space there leaks
until the next rpm-ostree operation.

Just for this, we need to expose a cleanup command (and API).  But
we also need to support cleaning:

 - repomd
 - downloads (repo/tmp)

So let's start implementing that.

Closes: #614
Approved by: jlebon
2017-02-13 15:28:05 +00:00
Jonathan Lebon
b0727d88fd start-daemon: make hidden
I debated just putting this in the supported list, but decided against
it in the end. This really should be something that happens
transparently, and if it doesn't then something else is probably wrong.

Closes: #617
Approved by: cgwalters
2017-02-10 20:11:27 +00:00
Colin Walters
0a1289ae38 upgrader: Use "pending" deployment for origin by default
Until now, we always used the booted deployment, and would
garbage collect the "pending" deployment.  This is the
way OSTree was designed, but I think for rpm-ostree given
how mutable we are on the client side, there's a much stronger
argument for being more stateful too.

This is a relatively simple code change to split the "merge deployment"
concept into two.  There's now the "config merge deployment" and the
"origin merge deployment".

Basically, `rpm-ostree install foo; rpm-ostree install bar` will
now install both `foo` and `bar`.  But we will still use the booted
deployment for `/etc`.

Down the line, I think I'd like to drive into OSTree the concept of
a "staged" deployment, that has the hardlink checkout done, but doesn't
have the config merge.

But we don't need to change the OSTree core for this yet; we can
do it here in rpm-ostree, and this relatively simple code change
fixes many issues at once.

For example, `rpm-ostree upgrade && rpm-ostree install foo` now
does what you expect as well.

Obviously, we want to enable doing multiple things in *one* transaction,
and we're not far away, but I think this is also the right thing to do now.

I'm relatively confident it won't break anyone's workflow, as what
we did before wasn't generally that useful.  However, people will
need to learn to `ostree admin undeploy 0` if they *don't* want
this behavior.  (We need to have `rpm-ostree cleanup`).

Closes: https://github.com/projectatomic/rpm-ostree/issues/406

Closes: #611
Approved by: jlebon
2017-02-08 19:55:44 +00:00
Colin Walters
a52cb7d78e core: Add rpmostree.repo metadata to imported packages
I'm watching https://github.com/rpm-software-management/libdnf/pull/199 and I
really don't like it. We already have a place to put out-of-rpmdb metadata,
which is in the ostree commit for imported packages. No need to involve a
relational database for this (and further, one that would need to learn about
multiple ostrees).

We're not yet *using* this information in the UI, but we could; imagine
changing the `status` `Packages:` to show packages-per-repo or so.  We
could also expose an `rpm-ostree pkg-info foo`.

But for now, let's just start recording this.

Closes: #610
Approved by: jlebon
2017-02-08 17:52:16 +00:00
Jonathan Lebon
283b915ecf check: use jq for asserting json elements
Closes: #609
Approved by: cgwalters
2017-02-08 17:11:06 +00:00
Colin Walters
ace223acf8 Add pending-base-commit to status
One thing that's very confusing about OSTree is there are two layers -
deployments and the refs/commits. If one does an `rpm-ostree upgrade`, but then
e.g. `ostree admin undeploy 0`, you still have the new revision in the repo.

We don't do a good job of displaying this state, or helping people clean
it up.

Down the line, I also want to better support something like `rpm-ostree pull` to
cache updates explicitly *without* deploying.

This commit just adds a bit of information to the status display. We might want
to have better formatting, but I think this an OK start.

Closes: #595
Approved by: jlebon
2017-02-08 13:59:48 +00:00
Jonathan Lebon
cdac757434 daemon: delete overrides if not doing a deploy
We seem to have lost this little guy during the latest unification work.

Closes: #608
Approved by: cgwalters
2017-02-07 22:43:32 +00:00
Colin Walters
687567d3ee Merge daemon binary into main binary
The actual problem I am trying to fix with this is fallout from the
introduction of `/usr/libexec/rpm-ostreed`, which required a SELinux
policy change.  Specifically for CentOS, the base policy is rev'd
slowly.

My hope was that by merging the daemon code back into `/usr/bin/rpm-ostree`
which is labeled `install_exec_t`, starting via systemd would do
the right thing.  It turns out that doesn't happen.

Now later, I'm picking this patch back up because I want to do multprocessing in
the daemon (and in the core), and it makes sense to share code between them,
because multiprocessing will need to go through a re-exec path.

Another benefit is we avoid duplicated text (libglnx, internal helpers) between
the two binaries.

Closes: #292
Approved by: jlebon
2017-02-07 16:07:09 +00:00
Jonathan Lebon
566367ca3f upgrader: let ostree create the commit dir
When we checked out the base tree for package layering, we would create
the directory in which ostree did the checkout. This meant however that
ostree wouldn't apply xattrs on the root directory itself. This would
cause the directory to be mislabeled (as system_conf_t instead of
root_t), which in turn cause SELinux violations on reboot when systemd
tried to make the root mount shared.

This patch fixes this by first settling on a permanent directory in
which to do checkouts -- really, we'll never have multiple package
layering operations going on at the same time. Once we know that we have
a reserved path, we can safely let ostree create it for us with the
proper xattrs.

Resolves: RHBZ#1318547

Closes: #605
Approved by: cgwalters
2017-02-04 11:08:27 +00:00
Jonathan Lebon
4f0be52dca compose-tests: add more mutate-os-release cases
Check that the logic added in the previous commit is respected.

Closes: #603
Approved by: cgwalters
2017-02-01 22:25:54 +00:00
Jonathan Lebon
7f173fcdc3 compose: fix bad baseurl
Closes: #587
Approved by: cgwalters
2017-01-21 15:27:11 +00:00
Colin Walters
cac4522e5b Support "system/regenerate-initramfs=true" flag in origin
Currently we push for a model where the initramfs is
generated (in non-hostonly mode), and merely replicated.

However, to support a few unfortunate corner cases like dm-multipath which wants
to inject a config file into the initramfs, we need to support regenerating it
client side too.

Down the line, we'll need this to support overriding the kernel too.

This changes things in the core to add the concept of an "empty"
`RpmOstreeContext`. I initially tried skipping it, but that was too much
duplication. We still want all of the core ostree-related logic that lives in
that code too.

The treespec bits barfed if the spec didn't have a `tree/packages` key. It was
simplest to change that to allow it - and because that was the only case where
we errored out in parsing, I dropped the error handling.

There was another place in the upgrader that now needed to be fixed to handle
transitioning from just regenerating initramfs to not.

Closes: #574
Approved by: jlebon
2017-01-20 16:17:51 +00:00
Colin Walters
b099680d1d build: Capture git describe on build if available, add to --version
Many projects do this, and it really helps debugging to know the
exact hash.

(Of course this is broken in traditional rpm builds from a tarball,
 and rpmdistro-gitoverlay injects it into the Version field,
 but it will help me for vmcheck debugging)

Closes: #584
Approved by: jlebon
2017-01-19 19:49:58 +00:00
Colin Walters
d277205c13 tests: Actually install the new binaries
I think since I landed a change to `--enable-new-name`, `/usr/bin/rpm-ostree`
became a symlink, and without the `-l` switch, rsync skips over them.

Hence, we have only been testing in vmcheck the old binaries, not new ones.
Oops.

Closes: #585
Approved by: jlebon
2017-01-19 18:55:15 +00:00
Colin Walters
d0a4a258a8 tests: Make failure of assert_file_empty() actually fatal
I just noticed this while reading the tests.  The original
ostree version looks OK, so not sure how that happened.

Closes: #580
Approved by: jlebon
2017-01-18 20:24:31 +00:00
Colin Walters
f02130b19e tests: Hard require jq
I don't see a reason not to require more stuff to execute tests,
and having it be optional reduces our coverage unnecessarily.

Closes: #580
Approved by: jlebon
2017-01-18 20:24:31 +00:00
Colin Walters
30bed29230 daemon/upgrader: Rework layer tracking
Working on initramfs, I hit a subtle issue with the fact that
I was trying to "redeploy", but with the origin file changed
during the process.

Previously, it was a bit unclear which parts of the upgrader logic are operating
on the *new* origin versus the "original origin".

The package layering code in the upgrader explicitly carries a delta on top in
the "add/remove" hash sets, which means it isn't visible to
`rpmostree_origin_is_locally_assembled()`.

Whereas for initramfs, I set a new origin. This broke things since we were
expecting to find a parent commit, but the original origin wasn't locally
assembled.

When looking more at this, I realized there's a far simpler model -
rather than keeping track of commit + origin, and using the origin
to try to determine whether or not the commit is layered, we can
keep track of `base_revision` and `final_revision`, and the latter
is only set if we're doing layering.

The diff speaks for itself here - a lot of fragile logic looking at the origin
drops away.

The next step here is probably to drop away the package layering hash sets, but
I'm trying to not change everything at once.

Closes: #579
Approved by: jlebon
2017-01-18 20:05:19 +00:00
Colin Walters
59f34e8a03 tests: Disable ASAN leak checks
Right now we're far from leak free, and I want to use ASAN
as a sanity checker, not a leak checker.

Closes: #576
Approved by: jlebon
2017-01-18 16:52:46 +00:00
Colin Walters
c6f3c43295 tests: Brutally hack in copying in sanitizer shared libraries
Yes, there are better ways to do this, but there are also
better things to do...

Closes: #576
Approved by: jlebon
2017-01-18 16:52:46 +00:00
Colin Walters
99bca8ad3f Suppress uid == 0 check in unit tests
Our `make check` runs an unprivileged rpm-ostreed if run as non-root; this is a
feature. We didn't notice in the CI tests since those run as "docker-uid0". It
does break my local workflow though.

Closes: #573
Approved by: jlebon
2017-01-16 19:03:02 +00:00
Colin Walters
178ec03154 tests: Honor TEST_SKIP_CLEANUP like ostree
We seem to have substantial infrastructure drift here between the two, and I was
*really* confused why `TEST_SKIP_CLEANUP` wasn't being honored. Turned out in
rpm-ostree we have tmpdir code in two places, not entirely sure why. Punting
full cleanup.

Closes: #566
Approved by: jlebon
2017-01-13 20:08:24 +00:00
Colin Walters
4a511fa011 app: Check for root privileges where required early
Rather than sending a dbus message that gets denied, which
is ugly.

Closes: #565

Closes: #570
Approved by: jlebon
2017-01-13 19:46:24 +00:00
Colin Walters
533ff648a6 vmcheck: Note how many tests were skipped
I was initially confused as to the pattern matching, and this will make things a
bit clearer.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:25 +00:00
Colin Walters
dee0807147 vmcheck: Scrape out the journal on failure
So we can debug things more easily.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:25 +00:00
Colin Walters
d3bf60d373 tests: Add a pkg with rofiles violation that should fail
To ensure we don't accidentally allow mutations.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:25 +00:00
Colin Walters
55caec269d libvm: Set -o User=root for rsync too
Without fuse-sshfs, we also need to set the root user, which
is necessary for the Vagrant case.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:25 +00:00
Colin Walters
be7dd69b7b libvm: Make it easier to debug login failures
First try to log in, and if we fail, retry with SSH debugging,
so we have a better idea what might be going wrong.  This helped
me figure out that vmcheck's `-o User=root` assumption wasn't
working with my vagrant setup.

Closes: #560
Approved by: jlebon
2017-01-11 18:39:25 +00:00
Jonathan Lebon
9f8136e097 vmcheck: add test-layering-non-root-caps.sh
This new test exercises the new support for non-root file paths and
files with capabilities.

Closes: #561
Approved by: cgwalters
2017-01-08 21:05:06 +00:00
Jonathan Lebon
0e431a8f83 core: add RPMOSTREE_USE_CACHED_METADATA
Being able to just reuse metadata is especially helpful when trying to
debug things lower down that path, as well as cuts about 2 mins from the
compose test.

Closes: #561
Approved by: cgwalters
2017-01-08 21:05:06 +00:00
Jonathan Lebon
b68209b6d4 daemon: start with one commit only when resolving versions
During a deploy operation, we would fetch commit objects from the remote
to resolve the version string. If gpg-verify was turned on, we would
fail to pull them if some of the commits were not signed. This is
because we pulled them in batches. We partially address this by only
fetching the HEAD commit on the first pass. This allows `upgrade`
operations to work just as well as `deploy` operations.

Though there is still an issue if we have to traverse farther back than
when signed commits become unsigned (unless they happen to fall on a
batch boundary). We leave that unsolved for now, since that would likely
require a more complex solution and it's not clear whether it's a real
world issue (signers can just retroactively sign commits).

Copy the gpghome from ostree so that we can test GPG-related cases in
our suite.

Closes: #527

Closes: #557
Approved by: cgwalters
2016-12-24 12:28:48 +00:00
Jonathan Lebon
e10c97007f rebase: add support for rebasing to a specific rev
Expand the available options in the Rebase() D-Bus method to also have a
"revision" key. Its value has the same semantics as the "revision" key
in the Deploy() method (e.g. the "revision=" and "version=" prefixes are
also supported). Also expand the rebase CLI to allow for specifying the
revision as an additional argument.

This allows users to rebase to a specific version or checksum, rather
than only to the latest. Conceptually, this is the equivalent of doing a
rebase followed by a deploy. I.e. we specify an override-commit in the
origin and expect the same behaviours that apply after a deploy to also
apply here.

Closes: #212

Closes: #555
Approved by: cgwalters
2016-12-21 20:00:43 +00:00
Jonathan Lebon
c5fa202378 sync.sh: tweak for container workflow
In the container build + vagrant test workflow, we have to run `make
vmsync` from the env in which autoconf was run, which is the container.

However, when using git worktrees (which is useful in this scenario to
avoid having to overwrite your local builds) and a CentOS build
container, the git inside is too old to understand worktrees, so let's
avoid invoking git in any of the test harness scripts.

Also make sure to restorecon after installing the new rpm-ostreed.

Closes: #555
Approved by: cgwalters
2016-12-21 20:00:43 +00:00
Jonathan Lebon
68acb1d2be compose-tests: add more tests
Add a few more tests to exercise some of the treefile options. We do
need to also expand test-basic.sh itself to sanity-check the structure
of a normal ostree compose. That's up next on the list.

Closes: #548
Approved by: cgwalters
2016-12-09 16:18:11 +00:00
Jonathan Lebon
a21c05ab10 vmcheck: disable default repos to speed it up
Closes: #543
Approved by: cgwalters
2016-12-07 21:47:58 +00:00
Jonathan Lebon
5bf7a040a5 libvm.sh: strengthen reboot
Unsurprisingly, rebooting machines that are running in OpenStack is
not as reliable or as fast as a local VM, which is what vmcheck was
originally written for and tested against.

Replace the:

  sleep 2 # give time for port to go down

which is rife with raciness, with a stronger boot_id-based check to
ensure we're in a new boot. Run "sync" before rebooting which sometimes
helps (though I didn't fully investigate why or whether it always helps,
there's probably something more subtle going on underneath). Increase
the timeout to 120s.

Closes: #543
Approved by: cgwalters
2016-12-07 21:47:58 +00:00
Jonathan Lebon
68a9719696 libvm.sh: increase reboot timeout
Closes: #538
Approved by: cgwalters
2016-12-06 21:00:23 +00:00
Colin Walters
b81c0cdfda tests: Add ./tests/compose
Our current compose tests only use a synthetic `empty.rpm`, but
this really limits usefulness.

Let's make a test suite that requires an internet connection and
downloads Fedora RPMs and does "real" tree composes.

See the updated `tests/README.md` for more information.

This is still a WIP.

Closes: #531
Approved by: jlebon
2016-12-06 19:05:05 +00:00
Jonathan Lebon
12c4b5b16f vmcheck: adapt for non-vagrant hosts
This is just the final bit required to make sure the vagrant and
non-vagrant paths can work happily together. It's mostly minor fixes,
though the most major change which also affects vagrant is that we now
sync to the root home dir, rather than ~vagrant.

Closes: #524
Approved by: cgwalters
2016-11-22 17:15:20 +00:00
Colin Walters
2f9d586bdc Redo vmcheck to abstract over ssh-config, drop all building
My development environment is now using "pet" docker containers.
I use VMs for testing things that require that (like rpm-ostree).

This patch builds on work from @jlebon in
https://github.com/projectatomic/rpm-ostree/pull/509
to rework `vmcheck` such that it can work on any `ssh-config`.  By
default we expect this to be Vagrant.

However, I go a lot farther and delete the `vmbuild` code that was
trying to do builds in a container on the target VM.  I think this is
still worth pursuing at some point, but for now I think it's
reasonable to assume that the rpm-ostree developer audience uses Linux
as their host workstation and hence has containers.

(There's another important point here in that for developing lower
 level things like rpm-ostree, there's a strong push to make the VM
 disposable and not a pet)

Closes: #516
Approved by: jlebon
2016-11-16 18:14:23 +00:00
Jonathan Lebon
313a832d7c vagrant: generate ssh-config
We further split libvm from vagrant. It no longer does 'vagrant
ssh-config'. Instead, it always assumes that an ssh-config is provided.
We now have complete separation of libvm from vagrant.

We change the ansible provisioner as follows:
  - Allow passing in a VAGRANT_BOX env var to override the default
    CentOS box.
  - No longer assume that the root user account is unlocked and has a
    valid 'vagrant' password. This worked for the centos box but isn't
    sure to work on every box. Instead, we now just run ansible as the
    default vagrant user, and during provisioning set up the root
    account and generate an ssh-config so that libvm can connect
    directly as root.
  - No longer build the buildimg during provisioning. This actually
    stopped working a while ago since the default rsync is disabled. We
    can just let the buildimg get created on the first compilation. In
    practice, the bigger issue isn't creating the buildimg, but being
    able to easily update the host and buildimg pkgs.

Closes: #516
Approved by: jlebon
2016-11-16 18:14:23 +00:00
Colin Walters
a5379a2520 tests: Test pinned package version
It should work for both layering and treecompose.

Closes: #518
Approved by: jlebon
2016-11-14 21:31:54 +00:00
Colin Walters
0d720e46e0 Add .redhat-ci.yml
Copied from ostree, tweaked a little bit.  We can't yet use
`-Werror=unused-variable` until
https://github.com/rpm-software-management/libhif/pull/205

Closes: #506
Approved by: jlebon
2016-10-31 13:17:26 +00:00
Jonathan Lebon
2d07772aa3 test-basic.sh: add test for bad out-of-branch deploy
Closes: #495
Approved by: cgwalters
2016-10-20 14:06:58 +00:00
Jonathan Lebon
accd2b9f6f vmcheck: add a test for RPM scripts
Thought it'd be fun to write a test for verifying proper handling of
scriptlets during package layering. There's obviously a lot more that
could go in here (patches welcome!), but it's a start.

Closes: #434
Approved by: cgwalters
2016-08-17 21:28:01 +00:00
Jonathan Lebon
52b325970d vmcheck: move vmbuild and vmoverlay to scripts
That way we can make use of libvm instead of relying on vagrant.

Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Jonathan Lebon
194c2bf5cd libvm.sh: add vm_setup and vm_rsync
In preparation for being vagrant independent, let's factor out some
things directly into the libvm.

Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Jonathan Lebon
8942268ecb test.sh: write test result to log for easier grepping
Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Jonathan Lebon
ab6fe314aa vmcheck/test.sh: support external ssh-config
Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Jonathan Lebon
ce2a434104 libtest.sh: output file in assert_file_has_content
This is the same patch as:
https://github.com/ostreedev/ostree/pull/264

Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Jonathan Lebon
2da585023d vmcheck: remove test-basic.sh
This is a useless test for now since we should be able to test on a VM
even if there are updates available.

I initially had it just as an example of the vmcheck test harness,
without actually thinking too much into what it was testing. But we do
need a nice test-basic.sh that will give rpm-ostree a good general
workout.

Closes: #394
Approved by: cgwalters
2016-07-15 19:14:19 +00:00
Colin Walters
cc2551dc06 Switch to glib cleanup macros
We don't have a lot of outstanding changes to the C code, so now seems
like a good time to do this.  I implemented this with some highly
sophisticated sed commands like:

```
find -name '*.c' | while read name; do sed -i -e 's,gs_unref_object \([A-Za-z]*\) \*,g_autoptr(\1),' ${name}; done
```

Part of dropping the dependency on libgsystem, same as what we're
doing in ostree.

Closes: #393
Approved by: jlebon
2016-07-15 13:08:58 +00:00
Jonathan Lebon
f8907b6d53 vmcheck: add more pkg layering tests
- Rename test-layering.sh to test-layering-basic.sh and make it test
  both pkg-add and pkg-remove.
- Add test-layering-relayer.sh, which verifies that pkgs are properly
  relayered during the creation of new deployments (e.g. upgrades,
  rebases, deploys).
- Add test-layering-rpmdb.sh, which verifies that packages respect the
  rpm requirements before being overlayed.

Closes: #371
Approved by: cgwalters
2016-07-05 15:26:45 +00:00
Jonathan Lebon
ba05972bbb vmcheck/test.sh: make more silent and add some bling
Print out a better summary that sums up the passes, failures, and skips.
Silence the restoring step at the end of the testsuite by only echo'ing
to the log file. Finally, add some colouring because colours are
awesome.

Closes: #371
Approved by: cgwalters
2016-07-05 15:26:45 +00:00
Jonathan Lebon
4f68f73b04 test-basic.sh: fix jq filter for new json output
The test-basic.sh test was failing on machines that had jq installed.
Will have to make sure to add it to the PR tester.

Closes: #360
Approved by: cgwalters
2016-06-29 19:17:38 +00:00
Jonathan Lebon
7697702aaa vmcheck: strengthen test harness
We now make the test harness handle restoring the VM to the original
state. The wonderful thing about ostree here is that it's a perfect
shoo-in for this. We make a 'backup' of the current ref, and just have
to make sure that the VM is back on that ref after running each test.

This will allow us to write tests without worrying as much about
cleaning up in the event of an error.

Closes: #360
Approved by: cgwalters
2016-06-29 19:17:38 +00:00
Jonathan Lebon
d718b820ef Makefile-tests.am: more cleanups and add pkg bar
The new package bar will be used to test conflicting packages.

Closes: #360
Approved by: cgwalters
2016-06-29 19:17:38 +00:00
Jonathan Lebon
65f5678ecb vmcheck: add timeout option for vm_ssh_wait
Closes: #360
Approved by: cgwalters
2016-06-29 19:17:38 +00:00
Jonathan Lebon
812c431856 test-layering.sh: basic package layering test
This is a preliminary package layering test which simply installs the
foo package and verifies that it functions properly. A bunch of
primitives are added to libvm.sh to facilitate this and future tests.

Closes: #344
Approved by: cgwalters
2016-06-23 00:05:09 +00:00
Jonathan Lebon
5479ed5240 tests: refactor rpm building and add package foo
We're going to be create many different packages in the future. Let's
refactor and generalize the targets so that they can build anything.

We also add a package foo, which will be used soon for a basic test of
package layering.

Closes: #344
Approved by: cgwalters
2016-06-23 00:05:09 +00:00
Jonathan Lebon
c0924b8997 vmcheck: add a basic test harness
This is a very simple test harness inspired by the atomic one. It's a
simple bash script that sets up a permanent ssh connection to the host
and runs the test scripts. Also add a "demo" test-basic.sh test to make
sure that it works.

Closes: #344
Approved by: cgwalters
2016-06-23 00:05:09 +00:00
Jonathan Lebon
9587ab6597 vagrant: move helper files to vagrant/
These files are not only for vmcheck, but may be used as well for
setting up for development.

Closes: #344
Approved by: cgwalters
2016-06-23 00:05:09 +00:00
Jonathan Lebon
38c8040879 vmcheck: clean before building and adapt to new json
If the dir that was rsync'ed already contains build artifacts, we don't
want those contaminating our build process.

Closes: #336
Approved by: cgwalters
2016-06-20 19:57:37 +00:00
Colin Walters
90cae512a8 status: Print active transaction
I really want a command to cancel the running transaction, but as a
preparatory step, let's display what's going on in `status`.

The text output here is really a demonstration - I'll improve it but I
want to rework the internals first.

Closes: #320
Approved by: jlebon
2016-06-20 14:38:33 +00:00
Jonathan Lebon
3073a42868 tmpfiles.d: rename and re-order
According to tmpfiles.d(5), files should follow the convention
<package>.conf or <package>-<part>.conf. So we rename
tmpfiles-ostree-integration.conf to rpm-ostree-0-integration.conf.

The 0 index is so that the autovar conf created by postprocess is
sourced *after* this one, so that `integration.conf` has higher
precedence if there are duplicate entries.

Closes: #325
Approved by: cgwalters
2016-06-15 20:41:45 +00:00
Jonathan Lebon
ea83aced3a test-ucontainer.sh: simplify
Seems silly to make a new var for it now that we're only using the
variable once.

Closes: #325
Approved by: cgwalters
2016-06-15 20:41:45 +00:00
Jonathan Lebon
816194cd58 Makefile-tests: add toplevel vm* targets
The `make vmshell` target makes it even easier to immediately try out
your changes in a live running Atomic Host. It will automatically
provision the VM, sync your latest changes, build, install in a new
deployment onto which the VM is rebooted, and drop you in the shell.

Closes: #321
Approved by: cgwalters
2016-06-15 13:38:34 +00:00
Jonathan Lebon
be3a677125 vmcheck: create a new deployment instead
In order for vmcheck to be useful for testing, we need the machine to be
in a "clean" state. That is, sitting on a commit, ready for being
manipulated.

This is a small step towards this goal. Instead of overwriting the
files, we use rofiles-fuse to safely install and create a new
deployment.

Closes: #321
Approved by: cgwalters
2016-06-15 13:38:34 +00:00
Colin Walters
b7d1b827b7 status: Support --json option
It's really simple to reflect the DBus API into JSON, which tools like
Ansible or `jq` from the command line or whatever can parse to find
interesting things like the current version.

Closes: #301

Closes: #315
Approved by: jlebon
2016-06-13 14:54:25 +00:00
Colin Walters
a3769a7219 vmcheck: Experiment with the name nxs
I find myself not liking the name rpm-ostree anymore; it's
descriptive, but unfortunately we compete with other projects with
easier and sexier names.

Also, people continually find the ostree and rpm-ostree layering
unclear.  It's *much* easier to say "nxs depends on ostree", even
though textually it's obvious "rpm-ostree depends on ostree".

Anyways, just an experiment for now.

Closes: #307
Approved by: giuseppe
2016-06-08 14:26:08 +00:00
Colin Walters
77eb3e2b5b tests: Introduce "vmcheck"
This is infrastructure that's oriented around Vagrant, we do builds
inside the target VM (actually inside a Docker container), but then
directly `make install DESTDIR=/host/`.

The goal here is to have a convenient workflow for:

  - dev -> hand testing
  - dev -> run destructive tests

Closes: #303
Approved by: jlebon
2016-06-07 18:39:46 +00:00
Jonathan Lebon
6b07755d68 add RPMOSTREE_UNINSTALLED_PKGLIBDIR
Since we now run everything uninstalled, we can't expect the tmpfiles
conf file to be installed. We add an env var that will allow us to tell
rpm-ostree to look elsewhere. This is then used in test-compose.sh.

Closes: #304
Approved by: cgwalters
2016-06-06 21:14:07 +00:00
Jonathan Lebon
acd3c8ff41 tests: restructure dirs
- Move all the uninstalled, non-destructive tests to check/
- Add a README
- Move utilities to utils/
- Move common files to common/

Closes: #304
Approved by: cgwalters
2016-06-06 21:14:07 +00:00
Jonathan Lebon
9eefc59220 tests: no longer use installed tests
For now, we don't remove the ability to install tests (e.g. the
necessary blurbs in glib-tap.mk are still there), but we take out all
our previously installed tests from the list.

All the previously installed tests are then converted to work
uninstalled. This also allows us to do some simplifications in the test
cases.

Also do some cleanups in the Makefile to improve legibility.

Closes: #304
Approved by: cgwalters
2016-06-06 21:14:07 +00:00
Jonathan Lebon
e0637544bd test-basic.sh: make subtests more granular
Closes: #289
Approved by: cgwalters
2016-05-27 22:18:44 +00:00
Jonathan Lebon
d9e8535bcf treecompose: fix crash when "remove-from-packages" used
This works around a potential issue with libsolv if we go down the
rpmostree_get_pkglist_for_root() path. Though rpm has been using the
/usr/share/rpm location (since the RpmOstreeContext set the _dbpath
macro), the /var/lib/rpm directory will still exist, but be empty.
libsolv gets confused because it sees the /var/lib/rpm dir and doesn't
even try the /usr/share/rpm location, and eventually dies when it tries
to load the data.

So we set the symlink now. This is also what we do on boot anyway for
compatibility reasons using tmpfiles.

This also means we don't have to do the /var/lib/rpm --> /usr/share/rpm
transition during the rootfs postprocess (but we still have to clean up
db and lock files).

Also get rid of the unused pkglist variable.

NB: I used the GFile & gs APIs to mesh with the surrounding code.

Closes: #290
Approved by: cgwalters
2016-05-27 17:06:08 +00:00
Colin Walters
4fc25d74a3 compose: Introduce variable substitution for ${basearch}
This comes from the tradition of yum repo files.  It's significantly
easier for rpm-ostree users building multiple architectures if some
core templating for the treefiles is built in.

Otherwise, everyone needs to learn about a new wrapper tool for
rpm-ostree, and said tool would need to re-do the same "basearch"
evaluation that is already occuring inside libhif.

This commit also paves the way for introducing `${releasever}`
substitution.

NOTE: This depends on pending changes to libhif git.

Closes: #274
Approved by: jlebon
2016-04-28 15:38:53 +00:00
Giuseppe Scrivano
9f29b24805 tests: add tests for compose+add files
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #253
Approved by: cgwalters
2016-04-27 20:21:12 +00:00
Colin Walters
d935767c0e Error for unknown subcommands overrides unknown option
If one does `rpm-ostree foo --bar`, one would expect to see
`Unknown subcommand foo`, not `Unknown option --bar`.

Closes: #267

Closes: #270
Approved by: jlebon
2016-04-27 13:50:36 +00:00
Giuseppe Scrivano
41e3d124bf tests: check an error is returned on the wrong option
awk is already used by the tap driver, so it won't be an additional
dependency.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes: #263
Approved by: cgwalters
2016-04-12 14:10:16 +00:00
Colin Walters
3eaea54e6f build: Update .gitignore
Closes: #250
Approved by: cgwalters
2016-03-26 14:22:41 +00:00
Colin Walters
ed7fc02b04 postprocess: Ensure we error out if selinux is enabled, but no policy found
I was tracking another regression where we seem to have lost
`/usr/etc` contents which manifested as `Labeling with... (null)`
which was clearly wrong.

Now this change actually impacts the test suite - we now (again IMO
correctly) error out if `selinux: true`.  The `no-selinux-tag` test
no longer makes sense, so delete it.

We do need more "real" tests that use selinux on and off.

Pull request: #243
Approved by: jlebon
2016-03-22 18:35:33 +00:00
Colin Walters
a9a49e72cd build: Use git.mk, make git status clean
Having a clean `git status` is really important for not missing files
one wants to `git add`.
2016-03-10 14:36:44 -05:00
Colin Walters
f3800ec939 libtest: Make it easier to source interactively
When running the tests by hand, I wanted to be able to source
`libtest.sh` from a running shell.  Make this slightly easier by
allowing one to set `SRCDIR`, since `$0` won't work.
2016-03-08 14:54:22 -05:00
Colin Walters
18b9da97ab compose: Add a --dry-run option
This way it's easier for people to inspect the next system state.
2016-03-02 18:39:13 -05:00
Jonathan Lebon
774c2a43ba libtest.sh: add include guard 2016-02-26 13:06:00 -05:00
Jonathan Lebon
657f48377b setup-session.sh: use libtest.sh for setup
The libtest.sh script is aware of whether a tmpdir needs to be created
or not for the test. Make use of this in setup-session.sh so that we're
sure we're in the right directory before creating the sysroot dir.
2016-02-26 12:17:52 -05:00
Jonathan Lebon
1c81b7f56e test-ucontainer.sh: use test-repo in srcdir
Running `make check` would fail because test-ucontainer.sh uses
test-repo, which points directly to the installed_testdir, where it is
not installed yet.

We make another processed version of test-repo.repo.in which instead
points to the repo in the srcdir and make use of that in
test-ucontainer.sh.

There are probably other ways of solving this, but this is the one that
jumped out at me.
2016-02-23 17:53:46 -05:00
Colin Walters
58cf2c9403 tests: Add test coverage for rpm-ostree container 2016-02-22 14:27:46 -05:00
Jonathan Lebon
34fdcaaf50 tests: make ostree use mutable deployments
For the same reasons as described in GNOME/ostree#187. In summary: we
want to make it easy for testers to clean up after we're done by not
setting the immutable flag.

Note that I had to also add it to setup-session.sh so that the daemon
inherited the env var. The libtest.sh hunk is redundant in that case,
but still necessary if the tests are run directly.
2016-02-19 12:39:46 -05:00
Matthew Barnes
9c81c47f2f tests: Add deploy command tests 2015-11-06 09:10:48 -05:00
Jonathan Lebon
4ea37a9aa3 tests/test-basic.sh: make dots literal
The assert[_not]_file_has_content functions used grep to check the
pattern against the content. This meant that the '.' characters are
interpreted as "any char". Yesterday, the date was 20150910 and thus the
otheros' tree's version was labelled as such. This date also happens to
match the 1.0.10 pattern, and thus caused the test to fail.

This patch makes sure this doesn't happen again by escaping all the dots
to make them literal.
2015-09-11 10:35:47 -04:00
Colin Walters
7267c1ec05 tests: Import dbus-run-session
Unfortunately RHEL 7 has an older version of dbus, and I use it as a
workstation.  It's not a lot of code and only used for tests.  We can
make it build time conditional down the line or something.
2015-09-09 22:00:05 -04:00
Matthew Barnes
0326568a4a tests: Adapt to rpm-ostree daemon
No doubt better ways are possible but this is the least messy thing
I could come up on a deadline.
2015-09-09 22:00:05 -04:00
Colin Walters
a18e85cad1 libtest: Use exit code 77 for root-requiring tests run as non-root
This is the "standard" introduced by Automake and used by g-d-t-r.
2015-09-08 12:20:28 -04:00
Colin Walters
f115d0276f db: Remove query parameter to diff
Matthew argues we can add this at a later time.
2015-04-23 16:30:18 -04:00
Colin Walters
8bf8d71f99 db: Remove query argument, rename to query_all()
Matthew argues that we can add this later.

https://github.com/projectatomic/rpm-ostree/pull/139#issuecomment-95327428
2015-04-23 16:30:18 -04:00
Colin Walters
3326e13481 lib: Add diff API
This is a *third* implementation of rpm database diffs in the code,
but it is now a public introspectable shared library API.

Further commits will change the command line tools to use this, and
then after that we'll further deduplicate the `db diff` from this
code.
2015-04-23 16:30:18 -04:00
Colin Walters
3e6f877282 lib: Add RpmOstreePackage
The `QueryResult` class ended up being too awkward; having NEVRA
strings meant for example that clients would have to parse them.  It
would be harder to present something like the current `rpm-ostree
upgrade` package diff output.

Now...I debated quite a while before doing this patch.  The thing
that's really awful about creating this library is there are *SO MANY*
layers.  rpm-ostree → libhif → hawkey → libsolv → librpm.  It's enough
to make one question whether one is actually accomplishing anything or
just contributing to a collective insanity...

Let's pretend for now it's the former.

Closes: https://github.com/projectatomic/rpm-ostree/pull/136
2015-04-16 13:26:58 -04:00
Colin Walters
8a5730525e Add a public shared library, with "rpm -qa" for commit functionality
This will help build release engineering and other types of tools;
for example, rather than parsing the output of `db diff`, one
should be able to call an API.

Initially, this adds the generic infrastructure for a public shared
library, with a new function call to do the equivalent of `rpm -qa` on
a particular OSTree commit.

Closes: https://github.com/projectatomic/rpm-ostree/issues/117
Closes: https://github.com/projectatomic/rpm-ostree/pull/124
2015-04-13 14:39:06 -04:00
Giuseppe Scrivano
7d86f72c79 do not crash when no selinux tag is present
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-13 10:43:24 +02:00
Giuseppe Scrivano
27008e402a tests: Add test for compose
A local yum repository, which contains a dummy .rpm package adding
support for programs needed by the post-process phase, is created as
part of the test.

Since no libc is present, the empty.c program (which is a no-op)
directly invokes the interrupt 0x80 to exit.

The test works only on x86_64, it is skipped on other architectures.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-13 10:43:24 +02:00
Giuseppe Scrivano
01cb587161 tests: add a check if tests requiring it are run by root
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2015-04-13 10:43:23 +02:00
James Antill
8aeb1272f9 tests: Add tests for automatic_version_prefix 2015-01-12 15:13:55 -05:00
Colin Walters
fc1a4b05fa tests/jsonutil: New test
Adding some basic coverage of the json parsing.
2014-12-19 10:47:55 -05:00
James Antill
9503d608ee Check rpm-ostree status output 2014-10-28 13:30:08 -04:00
James Antill
7a51eff547 Import latest libtest from ostree 2014-10-28 00:47:01 -04:00
Colin Walters
d8e6bd88e6 tests: Add a rebase test
This crashes for me sometimes, so let's add a test.
https://github.com/projectatomic/rpm-ostree/issues/30
2014-09-30 09:54:14 -04:00
Colin Walters
a32ac06ce9 Import some basic testing infrastructure from OSTree
This is using the
https://wiki.gnome.org/Initiatives/GnomeGoals/InstalledTests model.

In order to run the tests, you will need to:
./configure --enable-installed-tests

Then:
gnome-desktop-testing-runner -p 0 rpm-ostree/
2014-09-29 16:25:36 -04:00