update modulemd etc

This commit is contained in:
Adam Samalik 2023-02-23 11:47:58 +00:00
commit 24c6af827a
12 changed files with 366 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
artifacts
tests/packages

5
README Normal file
View File

@ -0,0 +1,5 @@
This is the dist-git repo for container-tools.
The master branch is unused. Use an existing branch instead.
See rhpkg --help for more information.

1
READONLY Normal file
View File

@ -0,0 +1 @@
Branch locked: RHELBLD-12123

100
container-tools.yaml Normal file
View File

@ -0,0 +1,100 @@
---
document: modulemd
version: 2
data:
name: container-tools
stream: 1.0
summary: >-
Stable versions of podman 1.0, buildah 1.5, skopeo 0.1, runc, conmon, CRIU,
Udica, etc as well as dependencies such as container-selinux built and
tested together, and supported for 24 months.
description: >-
Stable versions of podman 1.0 , buildah 1.5, skopeo 0.1, runc, conmon,
CRIU, Udica, etc as well as dependencies such as container-selinux built
and tested together. Released with RHEL 8.0 and supported for 24 months.
During the support lifecycle, back ports of important, critical
vulnerabilities (CVEs, RHSAs) and bug fixes (RHBAs) are provided to this
stream, and versions do not move forward. For more information see:
https://access.redhat.com/support/policy/updates/containertools
license:
module:
- MIT
dependencies:
- buildrequires:
go-toolset: [rhel8]
golang-ecosystem: [1.0]
platform: [el8]
requires:
platform: [el8]
references:
community: https://github.com/projectatomic
documentation: https://projectatomic.io
tracker: https://github.com/projectatomic
profiles:
common:
rpms:
- buildah
- container-selinux
- containernetworking-plugins
- criu
- fuse-overlayfs
- oci-systemd-hook
- oci-umount
- podman
- runc
- skopeo
- slirp4netns
api:
rpms:
- buildah
- container-selinux
- containernetworking-plugins
- containers-common
- fuse-overlayfs
- oci-systemd-hook
- oci-umount
- podman
- podman-docker
- runc
- skopeo
- slirp4netns
buildopts:
rpms:
macros: |
%_with_ignore_tests 1
components:
rpms:
buildah:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
container-selinux:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
containernetworking-plugins:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
criu:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
fuse-overlayfs:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
oci-systemd-hook:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
oci-umount:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
podman:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
runc:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
skopeo:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
slirp4netns:
rationale: Primary component of this module
ref: stream-container-tools-1.0-rhel-8.8.0
...

8
gating.yaml Normal file
View File

@ -0,0 +1,8 @@
# recipients: jnovy, santiago, lsm5
--- !Policy
product_versions:
- rhel-8
decision_context: osci_compose_gate_modules
subject_type: redhat-module
rules:
- !PassingTestCaseRule {test_case_name: baseos-ci.redhat-module.tier0.functional}

View File

@ -0,0 +1,12 @@
---
# Sigh; RHEL8 doesn't have BATS
- name: bats | fetch and unpack tarball
unarchive:
src: https://github.com/bats-core/bats-core/archive/v1.1.0.tar.gz
dest: /root
remote_src: true
- name: bats | install
command: ./install.sh /usr/local
args:
chdir: /root/bats-core-1.1.0

View File

@ -0,0 +1,5 @@
---
- name: create nonroot user
user:
name: testuser
shell: /bin/bash

View File

@ -0,0 +1,36 @@
#!/bin/bash
#
# setup and teardown helpers for buildah test
#
function setup() {
AUTHDIR=/tmp/buildah-tests-auth.$$
mkdir -p $AUTHDIR
CERT=$AUTHDIR/domain.crt
if [ ! -e $CERT ]; then
openssl req -newkey rsa:4096 -nodes -sha256 \
-keyout $AUTHDIR/domain.key -x509 -days 2 \
-out $AUTHDIR/domain.crt \
-subj "/C=US/ST=Foo/L=Bar/O=Red Hat, Inc./CN=localhost"
fi
if [ ! -e $AUTHDIR/htpasswd ]; then
podman run --rm --entrypoint htpasswd registry:2 \
-Bbn testuser testpassword > $AUTHDIR/htpasswd
fi
podman run -d -p 5000:5000 \
--name registry \
-v $AUTHDIR:/auth:Z \
-e "REGISTRY_AUTH=htpasswd" \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/auth/domain.crt \
-e REGISTRY_HTTP_TLS_KEY=/auth/domain.key \
registry:2
}
function teardown() {
podman rm -f registry
}

View File

@ -0,0 +1,72 @@
#!/bin/bash
#
# Run bats tests for a given $TEST_PACKAGE, e.g. buildah, podman
#
# This is invoked by the 'run_bats_tests' role; we assume that
# the package foo has a foo-tests subpackage which provides the
# directory /usr/share/foo/test/system, containing one or more .bats
# test files.
#
export PATH=/usr/local/bin:/usr/sbin:/usr/bin
FULL_LOG=/tmp/test.debug.log
BATS_LOG=/tmp/test.bats.log
rm -f $FULL_LOG $BATS_LOG
touch $FULL_LOG $BATS_LOG
exec &> $FULL_LOG
# Log program versions
echo "Packages:"
rpm -q ${TEST_PACKAGE} ${TEST_PACKAGE}-tests
echo "------------------------------"
printenv | sort
testdir=/usr/share/${TEST_PACKAGE}/test/system
if ! cd $testdir; then
echo "FAIL ${TEST_NAME} : cd $testdir" >> /tmp/test.log
exit 0
fi
if [ -e /tmp/helper.sh ]; then
echo "------------------------------"
echo ". /tmp/helper.sh"
. /tmp/helper.sh
fi
if [ "$(type -t setup)" = "function" ]; then
echo "------------------------------"
echo "\$ setup"
setup
if [ $? -ne 0 ]; then
echo "FAIL ${TEST_NAME} : setup" >> /tmp/test.log
exit 0
fi
fi
echo "------------------------------"
echo "\$ bats ."
bats . &> $BATS_LOG
rc=$?
echo "------------------------------"
echo "bats completed with status $rc"
status=PASS
if [ $rc -ne 0 ]; then
status=FAIL
fi
echo "${status} ${TEST_NAME}" >> /tmp/test.log
if [ "$(type -t teardown)" = "function" ]; then
echo "------------------------------"
echo "\$ teardown"
teardown
fi
# FIXME: for CI purposes, always exit 0. This allows subsequent tests.
exit 0

View File

@ -0,0 +1,37 @@
---
# Create empty results file, world-writable
- name: initialize test.log file
copy: dest=/tmp/test.log content='' force=yes mode=0666
- name: execute tests
include: run_one_test.yml
with_items: "{{ tests }}"
loop_control:
loop_var: test
- name: pull test.log results
fetch:
src: "/tmp/test.log"
dest: "{{ artifacts }}/test.log"
flat: yes
# Copied from standard-test-basic
- name: check results
shell: grep "^FAIL" /tmp/test.log
register: test_fails
# Never fail at this step. Just store result of tests.
failed_when: False
- name: preserve results
set_fact:
role_result_failed: "{{ (test_fails.stdout|d|length > 0) or (test_fails.stderr|d|length > 0) }}"
role_result_msg: "{{ test_fails.stdout|d('tests failed.') }}"
- name: display results
vars:
msg: |
Tests failed: {{ role_result_failed|d('Undefined') }}
Tests msg: {{ role_result_msg|d('None') }}
debug:
msg: "{{ msg.split('\n') }}"
failed_when: "role_result_failed|bool"

View File

@ -0,0 +1,52 @@
---
- name: "{{ test.name }} | install test packages"
dnf: name="{{ test.package }}-tests" state=installed
- name: "{{ test.name }} | define helper variables"
set_fact:
test_name_oneword: "{{ test.name | replace(' ','-') }}"
# UGH. This is necessary because our caller sets some environment variables
# and we need to set a few more based on other caller variables; then we
# need to combine the two dicts when running the test. This seems to be
# the only way to do it in ansible.
- name: "{{ test.name }} | define local environment"
set_fact:
local_environment:
TEST_NAME: "{{ test.name }}"
TEST_PACKAGE: "{{ test.package }}"
TEST_ENV: "{{ test.environment }}"
- name: "{{ test.name }} | setup/teardown helper | see if exists"
local_action: stat path={{ role_path }}/files/helper.{{ test_name_oneword }}.sh
register: helper
- name: "{{ test.name }} | setup/teardown helper | install"
copy: src=helper.{{ test_name_oneword }}.sh dest=/tmp/helper.sh
when: helper.stat.exists
- name: "{{ test.name }} | run test"
script: ./run_bats_tests.sh
args:
chdir: /usr/share/{{ test.package }}/test/system
become: "{{ true if test.become is defined else false }}"
become_user: testuser
environment: "{{ local_environment | combine(test.environment) }}"
- name: "{{ test.name }} | pull logs"
fetch:
src: "/tmp/test.{{ item }}.log"
dest: "{{ artifacts }}/test.{{ test_name_oneword }}.{{ item }}.log"
flat: yes
with_items:
- bats
- debug
- name: "{{ test.name }} | remove remote logs and helpers"
file:
dest=/tmp/{{ item }}
state=absent
with_items:
- test.bats.log
- test.debug.log
- helper.sh

36
tests/tests.yml Normal file
View File

@ -0,0 +1,36 @@
---
- hosts: localhost
tags: classic
vars:
- artifacts: ./artifacts
roles:
- role: bats_installed
- role: nonroot_user
- role: run_bats_tests
tests:
- name: podman root
package: podman
environment:
PODMAN: /usr/bin/podman
- name: podman nonroot
package: podman
environment:
PODMAN: /usr/bin/podman
become: true
#- name: podman-remote root
#package: podman
#environment:
# PODMAN: /usr/bin/podman-remote
- name: buildah root
package: buildah
environment:
BUILDAH_BINARY: /usr/bin/buildah
IMGTYPE_BINARY: /usr/bin/buildah-imgtype
- name: skopeo root
package: skopeo
environment:
SKOPEO_BINARY: /usr/bin/skopeo