keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
53456730bf
rpm-ostree/tests
History
Jonathan Lebon 53456730bf compose: Add --ex-lockfile-strict 
Today, lockfiles only restrict the NEVRA of specifc package names from
which libsolv can pick. But nothing stops libsolv from picking entirely
different packages which still satisfy the manifest requests.

This was mostly a theoretical issue in Fedora CoreOS, but became reality
with the addition of Fedora 32 packages in the pool. libsolv would
happily try to pick e.g. `libcurl-minimal` from f32 instead of sticking
with the f31 `libcurl` from the lockfiles:

https://github.com/coreos/fedora-coreos-streams/issues/75#issuecomment-610734584

(But more generally, see
https://github.com/coreos/fedora-coreos-tracker/issues/454).

Let's add a `--ex-lockfile-strict` mode, which in CI and production
pipeline build contexts will require that (1) *only* locked packages are
considered by libsolv, and (2) *all* locked packages were marked for
install.

One important thing to note here is that we don't short-circuit libsolv
and manually `hy_goal_install` lockfile packages. We want to make sure
the treefile is still canonical. Strict mode simply ensures that the
result agrees with the lockfile.

That said, even in developer contexts, we don't want the
`libcurl-minimal` issue that happened to be triggered. But we still want
to allow flexibility in adding and removing packages to make hacking
easier. I have some follow-up patches which will enable this.
2020-04-17 15:48:40 -04:00
..
check compose: Add an automatic-version-suffix key 2019-12-13 17:11:16 +01:00
common vmcheck: Work around read-only /sysroot 2020-03-19 16:24:04 +01:00
compose compose: Add --ex-lockfile-strict 2020-04-17 15:48:40 -04:00
ex-container-tests ci: Bump to f29 2019-03-19 12:19:38 +00:00
gpghome daemon: start with one commit only when resolving versions 2016-12-24 12:28:48 +00:00
kola/nondestructive tests: Start converting some bits into kola ext framework 2020-04-09 23:07:45 +02:00
manual tests: Bump to Python 3 only 2019-05-08 19:02:32 +00:00
utils tests: Add hidden testutils subcommand 2019-12-13 19:18:30 +01:00
vmcheck Add support for wrapping binaries (rpm, dracut, grubby) 2020-04-15 16:22:57 +02:00
compose.sh tests/compose: Go back to freezing FCOS commit 2020-04-15 15:18:16 +02:00
ex-container ci: Fix ex-container LOGDIR 2019-03-19 12:19:38 +00:00
README.md tests: Add ./tests/compose 2016-12-06 19:05:05 +00:00
vmcheck.sh tests/compose: Target FCOS 31, move off of PAPR 2020-01-08 16:42:54 +01:00

README.md

Tests are divided into three groups:

  • Tests in the check directory are non-destructive and uninstalled. Some of the tests require root privileges. Use make check to run these.

  • The composecheck tests currently require uid 0 capabilities - the default in Docker, or you can run them via a user namespace. They are non-destructive, but are installed.

    To use them, you might do a make && sudo make install inside a Docker container.

    Then invoke ./tests/compose. Alternatively of course, you can simply run the tests on a host system or in an existing container, without doing a build.

    Note: This is intentionally not a Makefile target because it doesn't require building and doesn't use uninstalled binaries.

  • Tests in the vmcheck directory are oriented around using Vagrant. Use make vmcheck to run them. See also HACKING.md in the top directory.

The common directory contains files used by multiple tests. The utils directory contains helper utilities required to run the tests.