rpms/container-selinux
6
0
Fork 0
Code Issues Pull Requests Releases Activity

TMT: enable podman reverse dependency tests

Browse Source 
Resolves: RHEL-69441

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This commit is contained in:
Lokesh Mandvekar 2024-12-04 20:26:52 +05:30
parent 722aba4e04
commit 1cc567800a
No known key found for this signature in database
GPG Key ID: 1C1EDD7CC7C3A0DD
8 changed files with 180 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.fmf/version Normal file
View File

@ -0,0 +1 @@
1

131
.packit.yaml
View File

@ -2,30 +2,75 @@
# See the documentation for more information: # See the documentation for more information:
# https://packit.dev/docs/configuration/ # https://packit.dev/docs/configuration/
specfile_path: rpm/container-selinux.spec downstream_package_name: container-selinux
upstream_tag_template: v{version} upstream_tag_template: v{version}
# Ref: https://packit.dev/docs/configuration#files_to_sync
files_to_sync:
- src: rpm/gating.yaml
dest: gating.yaml
delete: true
- src: plans/
dest: plans/
delete: true
- src: test/
dest: test/
delete: true
- src: .fmf/
dest: .fmf/
delete: true
- .packit.yaml
packages:
container-selinux-fedora:
pkg_tool: fedpkg
specfile_path: rpm/container-selinux.spec
container-selinux-centos:
pkg_tool: centpkg
specfile_path: rpm/container-selinux.spec
container-selinux-eln:
specfile_path: rpm/container-selinux.spec
srpm_build_deps: srpm_build_deps:
- make - make
jobs: jobs:
- job: copr_build - job: copr_build
trigger: pull_request trigger: pull_request
notifications: packages: [container-selinux-fedora]
notifications: &copr_build_failure_notification
failure_comment: failure_comment:
message: "Ephemeral COPR build failed. @containers/packit-build please check." message: "Ephemeral COPR build failed. @containers/packit-build please check."
enable_net: true enable_net: true
# container-selinux is noarch so we only need to test on one arch # container-selinux is noarch so we only need to test on one arch
targets: &fedora_copr_targets
- fedora-development
- fedora-latest
- fedora-ltest-stable
- fedora-40
- job: copr_build
trigger: pull_request
packages: [container-selinux-eln]
notifications: *copr_build_failure_notification
enable_net: true
targets: targets:
- fedora-all
- fedora-eln - fedora-eln
- epel-9
- epel-8 - job: copr_build
trigger: pull_request
packages: [container-selinux-centos]
notifications: *copr_build_failure_notification
enable_net: true
targets: &centos_copr_targets
- centos-stream-9
- centos-stream-10
# Run on commit to main branch # Run on commit to main branch
# Build targets managed in copr settings # Build targets managed in copr settings
- job: copr_build - job: copr_build
trigger: commit trigger: commit
packages: [container-selinux-fedora]
notifications: notifications:
failure_comment: failure_comment:
message: "podman-next COPR build failed. @containers/packit-build please check." message: "podman-next COPR build failed. @containers/packit-build please check."
@ -35,67 +80,51 @@ jobs:
enable_net: true enable_net: true
# All tests specified in the `/plans/` subdir # All tests specified in the `/plans/` subdir
# Podman e2e tests for Fedora and CentOS Stream # Tests for Fedora
- job: tests - job: tests
trigger: pull_request trigger: pull_request
notifications: packages: [container-selinux-fedora]
notifications: &test_failure_notification
failure_comment: failure_comment:
message: "podman e2e tests failed. @containers/packit-build please check." message: "Tests failed. @containers/packit-build please check."
targets: &pr_test_targets targets: *fedora_copr_targets
- fedora-all tf_extra_params:
- epel-9 environments:
- epel-8 - artifacts:
identifier: podman_e2e_test - type: repository-file
tmt_plan: "/plans/podman_e2e_test" id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo
# Podman system tests for Fedora and CentOS Stream # Tests for CentOS Stream
- job: tests - job: tests
trigger: pull_request trigger: pull_request
notifications: packages: [container-selinux-centos]
failure_comment: notifications: *test_failure_notification
message: "podman system tests failed. @containers/packit-build please check." targets: *centos_copr_targets
targets: *pr_test_targets tf_extra_params:
identifier: podman_system_test environments:
tmt_plan: "/plans/podman_system_test" - artifacts:
- type: repository-file
# Podman e2e tests for RHEL id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo
- job: tests
trigger: pull_request
use_internal_tf: true
notifications:
failure_comment:
message: "podman e2e tests failed on RHEL. @containers/packit-build please check."
targets: &pr_test_targets_rhel
epel-9-x86_64:
distros: [RHEL-9.3.0-Nightly,RHEL-9.4.0-Nightly]
epel-8-x86_64:
distros: [RHEL-8.9.0-Nightly,RHEL-8.10.0-Nightly]
identifier: podman_e2e_test_internal
tmt_plan: "/plans/podman_e2e_test"
# Podman system tests for RHEL
- job: tests
trigger: pull_request
use_internal_tf: true
notifications:
failure_comment:
message: "podman system tests failed on RHEL. @containers/packit-build please check."
targets: *pr_test_targets_rhel
identifier: podman_system_test_internal
tmt_plan: "/plans/podman_system_test"
- job: propose_downstream - job: propose_downstream
trigger: release trigger: release
update_release: false packages: [container-selinux-fedora]
dist_git_branches: dist_git_branches: &fedora_targets
- fedora-all - fedora-all
- job: propose_downstream
trigger: release
packages: [container-selinux-centos]
dist_git_branches:
- c10s
- job: koji_build - job: koji_build
trigger: commit trigger: commit
dist_git_branches: packages: [container-selinux-fedora]
- fedora-all dist_git_branches: *fedora_targets
- job: bodhi_update - job: bodhi_update
trigger: commit trigger: commit
packages: [container-selinux-fedora]
dist_git_branches: dist_git_branches:
- fedora-branched # rawhide updates are created automatically - fedora-branched # rawhide updates are created automatically

10
gating.yaml
View File

@ -1,6 +1,12 @@
# recipients: jnovy, lsm5, santiago
--- !Policy --- !Policy
product_versions: product_versions:
- rhel-10 - fedora-*
decision_context: bodhi_update_push_stable
rules:
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
--- !Policy
product_versions:
- rhel-*
decision_context: osci_compose_gate decision_context: osci_compose_gate
rules: [] rules: []

40
plans/main.fmf Normal file
View File

@ -0,0 +1,40 @@
discover:
how: fmf
execute:
how: tmt
adjust:
- when: initiator == packit
because: "We need to test with updated packages from rhcontainerbot/podman-next copr"
prepare+:
how: shell
script: |
sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo
dnf -y upgrade --allowerasing
# FIXME: Use epel10 once bats is available there
- when: distro == centos-stream-10 or distro == rhel-10
because: "bats isn't yet available on epel10"
prepare+:
how: install
copr: rhcontainerbot/bats-el10
package: bats
- when: distro == centos-stream-9 or distro == rhel-9
because: "bats is present on EPEL on rhel9 / c9s"
prepare+:
how: feature
epel: enabled
/upstream:
summary: Run SELinux specific Podman tests on upstream PRs
discover+:
filter: tag:upstream
adjust+:
- enabled: false
when: initiator is not defined or initiator != packit
/downstream:
summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs
discover+:
filter: tag:downstream
adjust+:
- enabled: false
when: initiator == packit

16
test/Makefile Normal file
View File

@ -0,0 +1,16 @@
.PHONY: basic_check
basic_check:
semodule --list=full | grep container
semodule -B
rpm -Vqf /var/lib/selinux/*/active/modules/200/container
.PHONY: podman_e2e_test
podman_e2e_test:
bash ./podman-tests.sh e2e
.PHONY: podman_system_test
podman_system_test:
bash ./podman-tests.sh system
clean:
rm -rf podman-*dev* podman.spec

19
test/main.fmf Normal file
View File

@ -0,0 +1,19 @@
require:
- bats
- container-selinux
- cpio
- golang
- make
- podman
- podman-tests
- policycoreutils
/basic_check:
tag: [ upstream, downstream ]
summary: Run basic checks
test: make basic_check
/podman_system_test:
tag: [ upstream, downstream ]
summary: Run SELinux specific Podman system tests
test: make podman_system_test

16
test/podman-tests.sh Normal file
View File

@ -0,0 +1,16 @@
#!/usr/bin/env bash
set -exo pipefail
cat /etc/redhat-release
if [[ "$(id -u)" -ne 0 ]];then
echo "Please run as superuser"
exit 1
fi
# Print versions of distro and installed packages
rpm -q bats container-selinux golang podman podman-tests selinux-policy
# Run podman system tests
bats /usr/share/podman/test/system/410-selinux.bats

16
tests/tests.yml
View File

@ -1,16 +0,0 @@
- hosts: localhost
tags:
- classic
roles:
- role: standard-test-basic
required_packages:
- policycoreutils
- container-selinux
- podman
tests:
- is-module-installed:
run: semodule --list=full | grep container
- can-rebuild-policy:
run: semodule -B
- can-run-podman:
run: podman run --rm quay.io/libpod/testimage:20210610 cat -v /proc/self/attr/current