shaba/ostree
1
0
Fork 0
mirror of https://github.com/ostreedev/ostree.git synced 2024-10-27 01:55:35 +03:00
Code Issues Projects Releases Wiki Activity
5811d4e8a3
ostree/tests/test-pull-mirror-summary.sh
Colin Walters 455cc5e892 repo+tests: Add [core]disable-xattrs=true, use it on overlayfs 
There are a lot of things suboptimal about this approach, but
on the other hand we need to get our CI back up and running.

The basic approach is to - in the test suite, detect if we're on overlayfs. If
so, set a flag in the repo, which gets picked up by a few strategic places in
the core to turn on "ignore xattrs".

I also had to add a variant of this for the sysroot work.

The core problem here is while overlayfs will let us read and
see the SELinux labels, it won't let us write them.

Down the line, we should improve this so that we can selectively ignore e.g.
`security.*` attributes but not `user.*` say.

Closes: https://github.com/ostreedev/ostree/issues/758

Closes: #759
Approved by: jlebon
2017-03-24 22:16:43 +00:00

123 lines
4.7 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#
# Copyright (C) 2014 Colin Walters <walters@verbum.org>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library; if not, write to the
# Free Software Foundation, Inc., 59 Temple Place - Suite 330,
# Boston, MA 02111-1307, USA.
set -euo pipefail
. $(dirname $0)/libtest.sh
echo "1..5"
COMMIT_SIGN="--gpg-homedir=${TEST_GPG_KEYHOME} --gpg-sign=${TEST_GPG_KEYID_1}"
setup_fake_remote_repo1 "archive-z2" "${COMMIT_SIGN}"
# Now, setup multiple branches
mkdir ${test_tmpdir}/ostree-srv/other-files
cd ${test_tmpdir}/ostree-srv/other-files
echo 'hello world another object' > hello-world
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit ${COMMIT_SIGN} -b other -s "A commit" -m "Another Commit body"
mkdir ${test_tmpdir}/ostree-srv/yet-other-files
cd ${test_tmpdir}/ostree-srv/yet-other-files
echo 'hello world yet another object' > yet-another-hello-world
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo commit ${COMMIT_SIGN} -b yet-another -s "A commit" -m "Another Commit body"
${CMD_PREFIX} ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo summary -u
prev_dir=`pwd`
cd ${test_tmpdir}
ostree_repo_init repo --mode=archive-z2
${CMD_PREFIX} ostree --repo=repo remote add --set=gpg-verify=false origin $(cat httpd-address)/ostree/gnomerepo
${CMD_PREFIX} ostree --repo=repo pull --mirror origin
assert_has_file repo/summary
${CMD_PREFIX} ostree --repo=repo checkout -U main main-copy
assert_file_has_content main-copy/baz/cow "moo"
${CMD_PREFIX} ostree --repo=repo checkout -U other other-copy
assert_file_has_content other-copy/hello-world "hello world another object"
${CMD_PREFIX} ostree --repo=repo checkout -U yet-another yet-another-copy
assert_file_has_content yet-another-copy/yet-another-hello-world "hello world yet another object"
${CMD_PREFIX} ostree --repo=repo fsck
rev=$(ostree --repo=repo rev-parse main)
find repo/objects -name '*.filez' | while read name; do
mode=$(stat -c '%a' "${name}")
if test "${mode}" = 600; then
assert_not_reached "Content object unreadable by others: ${mode}"
fi
done
echo "ok pull mirror summary"
if ! has_gpgme; then
exit 0;
fi
cd $prev_dir
cd ${test_tmpdir}
rm -rf repo
ostree_repo_init repo --mode=archive-z2
${OSTREE} --repo=repo remote add origin $(cat httpd-address)/ostree/gnomerepo
echo "ok pull mirror without checking signed summary"
cd ${test_tmpdir}
rm -rf repo
ostree_repo_init repo --mode=archive-z2
${OSTREE} --repo=repo remote add --set=gpg-verify-summary=true origin $(cat httpd-address)/ostree/gnomerepo
if ${OSTREE} --repo=repo pull --mirror origin 2>err.txt; then
assert_not_reached "Mirroring unexpectedly succeeded"
fi
echo "ok pull mirror without signed summary"
${OSTREE} --repo=${test_tmpdir}/ostree-srv/gnomerepo summary -u ${COMMIT_SIGN}
cd ${test_tmpdir}
rm -rf repo
ostree_repo_init repo --mode=archive-z2
${OSTREE} --repo=repo remote add --set=gpg-verify-summary=true origin $(cat httpd-address)/ostree/gnomerepo
${OSTREE} --repo=repo pull --mirror origin
assert_has_file repo/summary
assert_has_file repo/summary.sig
echo "ok pull mirror with signed summary"
cp ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig{,.good}
truncate --size=1 ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig
cd ${test_tmpdir}
rm -rf repo
mkdir repo
ostree_repo_init repo --mode=archive-z2
${OSTREE} --repo=repo remote add origin $(cat httpd-address)/ostree/gnomerepo
${OSTREE} --repo=repo pull --mirror origin
assert_has_file repo/summary
assert_has_file repo/summary.sig
mv ${test_tmpdir}/ostree-srv/gnomerepo/summary.sig{.good,}
echo "ok pull mirror with invalid summary sig and no verification"
# Uncomment when we support mirroring deltas
#
# ${OSTREE} --repo=${test_tmpdir}/ostree-srv/gnomerepo static-delta generate main
# origmain=$(ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo rev-parse main^)
# newmain=$(ostree --repo=${test_tmpdir}/ostree-srv/gnomerepo rev-parse main)
# ${OSTREE} --repo=${test_tmpdir}/ostree-srv/gnomerepo summary -u ${COMMIT_SIGN}
# ${OSTREE} --repo=repo pull --mirror origin
# ${OSTREE} --repo=repo static-delta list >deltas.txt
# assert_file_has_content deltas.txt "${origmain}-${newmain}"
# echo "ok pull mirror with signed summary covering static deltas"
libtest_cleanup_gpg
Reference in New Issue View Git Blame Copy Permalink