From d1d47a5544998fa1bfe4ef20270d0cb35bb8adef Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Tue, 18 Jan 2022 11:13:21 +0100 Subject: [PATCH] gitlab-ci: Run krb5 tests also with MIT Kerberos 1.20 (prerelease) This adds test against MIT Kerberos 1.20 (prerelease) in order to test Bronze Bit, S4U and RBCD functionality supported only in current MIT Kerberos git master. We created a Fedora COPR package for MIT KRB5 1.20 (prerelease). MIT Kerberos 1.20 will be released in autumn 2022. As soon as MIT Kerberos 1.20 will be in a Fedora release, these runners will be removed again. Signed-off-by: Andreas Schneider Reviewed-by: Stefan Metzmacher --- .gitlab-ci-main.yml | 28 +++- bootstrap/.gitlab-ci.yml | 3 + bootstrap/config.py | 28 ++++ bootstrap/generated-dists/Vagrantfile | 7 + .../generated-dists/f35mit120/Dockerfile | 29 +++++ .../generated-dists/f35mit120/bootstrap.sh | 121 ++++++++++++++++++ bootstrap/generated-dists/f35mit120/locale.sh | 55 ++++++++ .../generated-dists/f35mit120/packages.yml | 105 +++++++++++++++ bootstrap/sha1sum.txt | 2 +- 9 files changed, 376 insertions(+), 2 deletions(-) create mode 100644 bootstrap/generated-dists/f35mit120/Dockerfile create mode 100755 bootstrap/generated-dists/f35mit120/bootstrap.sh create mode 100755 bootstrap/generated-dists/f35mit120/locale.sh create mode 100644 bootstrap/generated-dists/f35mit120/packages.yml diff --git a/.gitlab-ci-main.yml b/.gitlab-ci-main.yml index c1a5e083c49..8b2b6e8c4de 100644 --- a/.gitlab-ci-main.yml +++ b/.gitlab-ci-main.yml @@ -42,7 +42,7 @@ variables: # Set this to the contents of bootstrap/sha1sum.txt # which is generated by bootstrap/template.py --render # - SAMBA_CI_CONTAINER_TAG: bac18584d47ffc1acb5a697d83f2232598b6afbf + SAMBA_CI_CONTAINER_TAG: 24c7cabf5c7c515ffac905cddc533a26d70abd09 # # We use the ubuntu1804 image as default as # it matches what we have on sn-devel-184. @@ -63,6 +63,7 @@ variables: SAMBA_CI_CONTAINER_IMAGE_opensuse152: opensuse152 SAMBA_CI_CONTAINER_IMAGE_fedora34: fedora34 SAMBA_CI_CONTAINER_IMAGE_fedora35: fedora35 + SAMBA_CI_CONTAINER_IMAGE_f35mit120: f35mit120 SAMBA_CI_CONTAINER_IMAGE_centos7: centos7 SAMBA_CI_CONTAINER_IMAGE_centos8s: centos8s @@ -260,6 +261,13 @@ samba-mit-build: SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora35} stage: build_first +samba-mit120-build: + extends: .shared_template_build_only + variables: + AUTOBUILD_JOB_NAME: samba-mit-build + SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_f35mit120} + stage: build_first + .needs_samba-mit-build: extends: .shared_template_test_only variables: @@ -268,6 +276,14 @@ samba-mit-build: - job: samba-mit-build artifacts: true +.needs_samba-mit120-build: + extends: .shared_template_test_only + variables: + SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_f35mit120} + needs: + - job: samba-mit120-build + artifacts: true + samba-h5l-build: extends: .shared_template_build_only @@ -396,6 +412,11 @@ samba-fips: - .needs_samba-mit-build - .private_test_only +.needs_samba-mit120-build-private: + extends: + - .needs_samba-mit120-build + - .private_test_only + .needs_samba-h5l-build-private: extends: - .needs_samba-h5l-build @@ -430,6 +451,11 @@ samba-nt4: samba-addc-mit-1: extends: .needs_samba-mit-build-private +samba-addc-mit120: + extends: .needs_samba-mit120-build-private + variables: + AUTOBUILD_JOB_NAME: samba-addc-mit-1 + samba-no-opath1: extends: .needs_samba-no-opath-build-private diff --git a/bootstrap/.gitlab-ci.yml b/bootstrap/.gitlab-ci.yml index bf41a9845b8..8e221a2b8ef 100644 --- a/bootstrap/.gitlab-ci.yml +++ b/bootstrap/.gitlab-ci.yml @@ -106,6 +106,9 @@ fedora34: fedora35: extends: .build_image_template +f35mit120: + extends: .build_image_template + centos8s: extends: .build_image_template diff --git a/bootstrap/config.py b/bootstrap/config.py index 8bcb9ddbb26..c853c4f0434 100644 --- a/bootstrap/config.py +++ b/bootstrap/config.py @@ -267,6 +267,23 @@ dnf install -y \ dnf clean all """ +DNF_BOOTSTRAP_MIT = r""" +#!/bin/bash +{GENERATED_MARKER} +set -xueo pipefail + +dnf update -y +dnf install -y dnf-plugins-core +dnf copr -y enable abbra/krb5-test +dnf update -y + +dnf install -y \ + --setopt=install_weak_deps=False \ + {pkgs} + +dnf clean all +""" + ZYPPER_BOOTSTRAP = r""" #!/bin/bash {GENERATED_MARKER} @@ -501,6 +518,17 @@ RPM_DISTS = { 'libtracker-sparql-2.0-dev': '', # only tracker 3.x is available } }, + 'f35mit120': { + 'docker_image': 'fedora:35', + 'vagrant_box': 'fedora/35-cloud-base', + 'bootstrap': DNF_BOOTSTRAP_MIT, + 'replace': { + 'lsb-release': 'redhat-lsb', + 'perl-FindBin': '', + 'python3-iso8601': 'python3-dateutil', + 'libtracker-sparql-2.0-dev': '', # only tracker 3.x is available + } + }, 'opensuse151': { 'docker_image': 'opensuse/leap:15.1', 'vagrant_box': 'opensuse/openSUSE-15.1-x86_64', diff --git a/bootstrap/generated-dists/Vagrantfile b/bootstrap/generated-dists/Vagrantfile index 0bee124afa9..518535f3a61 100644 --- a/bootstrap/generated-dists/Vagrantfile +++ b/bootstrap/generated-dists/Vagrantfile @@ -38,6 +38,13 @@ Vagrant.configure("2") do |config| v.vm.provision :shell, path: "debian11/locale.sh" end + config.vm.define "f35mit120" do |v| + v.vm.box = "fedora/35-cloud-base" + v.vm.hostname = "f35mit120" + v.vm.provision :shell, path: "f35mit120/bootstrap.sh" + v.vm.provision :shell, path: "f35mit120/locale.sh" + end + config.vm.define "fedora34" do |v| v.vm.box = "fedora/34-cloud-base" v.vm.hostname = "fedora34" diff --git a/bootstrap/generated-dists/f35mit120/Dockerfile b/bootstrap/generated-dists/f35mit120/Dockerfile new file mode 100644 index 00000000000..e66eb84d9f3 --- /dev/null +++ b/bootstrap/generated-dists/f35mit120/Dockerfile @@ -0,0 +1,29 @@ +# +# This file is generated by 'bootstrap/template.py --render' +# See also bootstrap/config.py +# + +FROM fedora:35 + +# pass in with --build-arg while build +ARG SHA1SUM +RUN [ -n $SHA1SUM ] && echo $SHA1SUM > /sha1sum.txt + +ADD *.sh /tmp/ +# need root permission, do it before USER samba +RUN /tmp/bootstrap.sh && /tmp/locale.sh + +# if ld.gold exists, force link it to ld +RUN set -x; LD=$(which ld); LD_GOLD=$(which ld.gold); test -x $LD_GOLD && ln -sf $LD_GOLD $LD && test -x $LD && echo "$LD is now $LD_GOLD" +# if ld.mold exists, force link it to ld (prefer mold over gold! ;-) +RUN set -x; LD=$(which ld); LD_MOLD=$(which ld.mold); test -x $LD_MOLD && ln -sf $LD_MOLD $LD && test -x $LD && echo "$LD is now $LD_MOLD" + +# make test can not work with root, so we have to create a new user +RUN useradd -m -U -s /bin/bash samba && \ + mkdir -p /etc/sudoers.d && \ + echo "samba ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/samba + +USER samba +WORKDIR /home/samba +# samba tests rely on this +ENV USER=samba LC_ALL=en_US.utf8 LANG=en_US.utf8 \ No newline at end of file diff --git a/bootstrap/generated-dists/f35mit120/bootstrap.sh b/bootstrap/generated-dists/f35mit120/bootstrap.sh new file mode 100755 index 00000000000..aa77d63efa0 --- /dev/null +++ b/bootstrap/generated-dists/f35mit120/bootstrap.sh @@ -0,0 +1,121 @@ +#!/bin/bash + +# +# This file is generated by 'bootstrap/template.py --render' +# See also bootstrap/config.py +# + +set -xueo pipefail + +dnf update -y +dnf install -y dnf-plugins-core +dnf copr -y enable abbra/krb5-test +dnf update -y + +dnf install -y \ + --setopt=install_weak_deps=False \ + @development-tools \ + acl \ + attr \ + autoconf \ + avahi-devel \ + bind-utils \ + binutils \ + bison \ + ccache \ + chrpath \ + cups-devel \ + curl \ + dbus-devel \ + docbook-dtds \ + docbook-style-xsl \ + flex \ + gawk \ + gcc \ + gdb \ + git \ + glib2-devel \ + glibc-common \ + glibc-langpack-en \ + glusterfs-api-devel \ + glusterfs-devel \ + gnutls-devel \ + gpgme-devel \ + gzip \ + hostname \ + htop \ + jansson-devel \ + keyutils-libs-devel \ + krb5-devel \ + krb5-server \ + krb5-workstation \ + lcov \ + libacl-devel \ + libarchive-devel \ + libattr-devel \ + libblkid-devel \ + libbsd-devel \ + libcap-devel \ + libcephfs-devel \ + libicu-devel \ + libpcap-devel \ + libtasn1-devel \ + libtasn1-tools \ + libtirpc-devel \ + libunwind-devel \ + liburing-devel \ + libuuid-devel \ + libxslt \ + lmdb \ + lmdb-devel \ + make \ + mingw64-gcc \ + mold \ + ncurses-devel \ + openldap-devel \ + pam-devel \ + patch \ + perl \ + perl-Archive-Tar \ + perl-ExtUtils-MakeMaker \ + perl-JSON \ + perl-JSON-Parse \ + perl-Parse-Yapp \ + perl-Test-Base \ + perl-generators \ + perl-interpreter \ + pkgconfig \ + popt-devel \ + procps-ng \ + psmisc \ + python3 \ + python3-cryptography \ + python3-dateutil \ + python3-devel \ + python3-dns \ + python3-gpg \ + python3-libsemanage \ + python3-markdown \ + python3-policycoreutils \ + python3-pyasn1 \ + python3-setproctitle \ + quota-devel \ + readline-devel \ + redhat-lsb \ + rng-tools \ + rpcgen \ + rpcsvc-proto-devel \ + rsync \ + sed \ + sudo \ + systemd-devel \ + tar \ + tracker-devel \ + tree \ + wget \ + which \ + xfsprogs-devel \ + yum-utils \ + zlib-devel + +dnf clean all \ No newline at end of file diff --git a/bootstrap/generated-dists/f35mit120/locale.sh b/bootstrap/generated-dists/f35mit120/locale.sh new file mode 100755 index 00000000000..cc64e180483 --- /dev/null +++ b/bootstrap/generated-dists/f35mit120/locale.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +# +# This file is generated by 'bootstrap/template.py --render' +# See also bootstrap/config.py +# + +set -xueo pipefail + +# refer to /usr/share/i18n/locales +INPUTFILE=en_US +# refer to /usr/share/i18n/charmaps +CHARMAP=UTF-8 +# locale to generate in /usr/lib/locale +# glibc/localedef will normalize UTF-8 to utf8, follow the naming style +LOCALE=$INPUTFILE.utf8 + +# if locale is already correct, exit +( locale | grep LC_ALL | grep -i $LOCALE ) && exit 0 + +# if locale not available, generate locale into /usr/lib/locale +if ! ( locale --all-locales | grep -i $LOCALE ) +then + # no-archive means create its own dir + localedef --inputfile $INPUTFILE --charmap $CHARMAP --no-archive $LOCALE +fi + +# update locale conf and global env file +# set both LC_ALL and LANG for safe + +# update conf for Debian family +FILE=/etc/default/locale +if [ -f $FILE ] +then + echo LC_ALL="$LOCALE" > $FILE + echo LANG="$LOCALE" >> $FILE +fi + +# update conf for RedHat family +FILE=/etc/locale.conf +if [ -f $FILE ] +then + # LC_ALL is not valid in this file, set LANG only + echo LANG="$LOCALE" > $FILE +fi + +# update global env file +FILE=/etc/environment +if [ -f $FILE ] +then + # append LC_ALL if not exist + grep LC_ALL $FILE || echo LC_ALL="$LOCALE" >> $FILE + # append LANG if not exist + grep LANG $FILE || echo LANG="$LOCALE" >> $FILE +fi \ No newline at end of file diff --git a/bootstrap/generated-dists/f35mit120/packages.yml b/bootstrap/generated-dists/f35mit120/packages.yml new file mode 100644 index 00000000000..b4a5ec40ab9 --- /dev/null +++ b/bootstrap/generated-dists/f35mit120/packages.yml @@ -0,0 +1,105 @@ +--- +packages: + - @development-tools + - acl + - attr + - autoconf + - avahi-devel + - bind-utils + - binutils + - bison + - ccache + - chrpath + - cups-devel + - curl + - dbus-devel + - docbook-dtds + - docbook-style-xsl + - flex + - gawk + - gcc + - gdb + - git + - glib2-devel + - glibc-common + - glibc-langpack-en + - glusterfs-api-devel + - glusterfs-devel + - gnutls-devel + - gpgme-devel + - gzip + - hostname + - htop + - jansson-devel + - keyutils-libs-devel + - krb5-devel + - krb5-server + - krb5-workstation + - lcov + - libacl-devel + - libarchive-devel + - libattr-devel + - libblkid-devel + - libbsd-devel + - libcap-devel + - libcephfs-devel + - libicu-devel + - libpcap-devel + - libtasn1-devel + - libtasn1-tools + - libtirpc-devel + - libunwind-devel + - liburing-devel + - libuuid-devel + - libxslt + - lmdb + - lmdb-devel + - make + - mingw64-gcc + - mold + - ncurses-devel + - openldap-devel + - pam-devel + - patch + - perl + - perl-Archive-Tar + - perl-ExtUtils-MakeMaker + - perl-JSON + - perl-JSON-Parse + - perl-Parse-Yapp + - perl-Test-Base + - perl-generators + - perl-interpreter + - pkgconfig + - popt-devel + - procps-ng + - psmisc + - python3 + - python3-cryptography + - python3-dateutil + - python3-devel + - python3-dns + - python3-gpg + - python3-libsemanage + - python3-markdown + - python3-policycoreutils + - python3-pyasn1 + - python3-setproctitle + - quota-devel + - readline-devel + - redhat-lsb + - rng-tools + - rpcgen + - rpcsvc-proto-devel + - rsync + - sed + - sudo + - systemd-devel + - tar + - tracker-devel + - tree + - wget + - which + - xfsprogs-devel + - yum-utils + - zlib-devel \ No newline at end of file diff --git a/bootstrap/sha1sum.txt b/bootstrap/sha1sum.txt index aa96502dd76..bd250e98d99 100644 --- a/bootstrap/sha1sum.txt +++ b/bootstrap/sha1sum.txt @@ -1 +1 @@ -bac18584d47ffc1acb5a697d83f2232598b6afbf +24c7cabf5c7c515ffac905cddc533a26d70abd09