From a95cdd67f44b36e62b1372736a0d665465451ae2 Mon Sep 17 00:00:00 2001 From: Andrew Hughes Date: Fri, 20 Feb 2026 16:02:43 +0000 Subject: [PATCH] Add gating scripts to simplify obtaining results and waiving issues Resolves: RHEL-155339 --- java-25-openjdk.spec | 2 + scripts/builds/get_gating_results.sh | 63 +++++++++++ scripts/builds/query_build_gating.sh | 94 ++++++++++++++++ scripts/builds/waive_issue.sh | 132 +++++++++++++++++++++++ scripts/builds/waive_leapp_issue.sh | 46 ++++++++ scripts/builds/waive_rpminspect.sh | 53 +++++++++ scripts/builds/waive_usual_rpminspect.sh | 46 ++++++++ scripts/builds/waive_usual_tier0.sh | 47 ++++++++ 8 files changed, 483 insertions(+) create mode 100755 scripts/builds/get_gating_results.sh create mode 100755 scripts/builds/query_build_gating.sh create mode 100755 scripts/builds/waive_issue.sh create mode 100755 scripts/builds/waive_leapp_issue.sh create mode 100755 scripts/builds/waive_rpminspect.sh create mode 100755 scripts/builds/waive_usual_rpminspect.sh create mode 100755 scripts/builds/waive_usual_tier0.sh diff --git a/java-25-openjdk.spec b/java-25-openjdk.spec index 2f2f480..050765b 100644 --- a/java-25-openjdk.spec +++ b/java-25-openjdk.spec @@ -2617,8 +2617,10 @@ exit 0 * Thu Mar 12 2026 Andrew Hughes - 1:25.0.2.0.10-4 - Add tagging scripts with signature checks and gating handling - Update tagged versions to include 9.8.0-z, 9.9.0, 10.2-z & 10.3. +- Add gating scripts to simplify obtaining results and waiving issues - Resolves: RHEL-155327 - Resolves: RHEL-155337 +- Resolves: RHEL-155339 * Wed Mar 11 2026 Thomas Fitzsimmons - 1:25.0.2.0.10-3 - Disable abidiff inspection in rpminspect.yaml to avoid an out-of-memory error on the CentOS test farm diff --git a/scripts/builds/get_gating_results.sh b/scripts/builds/get_gating_results.sh new file mode 100755 index 0000000..82458d6 --- /dev/null +++ b/scripts/builds/get_gating_results.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Retrieve the results of a gating test using the ID from the JSON +# retrieved by query_build_gating.sh + +RESULT_ID=${1} + +if test "${RESULT_ID}" = ""; then + echo "No ID specified."; + echo "${0} "; + exit 1; +fi + +CURL=$(command -v curl) +JSON_TOOL=$(command -v jq) + +if test "${CURL}" = ""; then + echo "curl not found"; + exit 2; +fi + +if test "${JSON_TOOL}" = ""; then + echo "jq not found"; + exit 3; +fi + +URL="https://resultsdb-api.engineering.redhat.com/api/v2.0/results/${RESULT_ID}" +JSON_OUT=$(mktemp --tmpdir out.XXXXXX.json) + +CMD=("${CURL}" --silent --show-error "${URL}") + +echo "${CMD[@]}" + +if command "${CMD[@]}" > "${JSON_OUT}" ; then + "${JSON_TOOL}" < "${JSON_OUT}" +else + echo "Failed to obtain JSON"; + exit 4; +fi + +# Local Variables: +# compile-command: "shellcheck get_gating_results.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/query_build_gating.sh b/scripts/builds/query_build_gating.sh new file mode 100755 index 0000000..f83f849 --- /dev/null +++ b/scripts/builds/query_build_gating.sh @@ -0,0 +1,94 @@ +#!/bin/bash + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Retrieve the status of a build's progress through gating + +RHEL_VER=${1} +NVR=${2} + +if test "${RHEL_VER}" = ""; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "${NVR}" = ""; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +CURL=$(command -v curl) +JSON_TOOL=$(command -v jq) +JSON_FILE=$(mktemp --tmpdir query.XXXXXX.json) +JSON_OUT=$(mktemp --tmpdir out.XXXXXX.json) +URL="https://greenwave.engineering.redhat.com/api/v1.0/decision" + +if test "${CURL}" = ""; then + echo "curl not found"; + exit 3; +fi + +if test "${JSON_TOOL}" = ""; then + echo "jq not found"; + exit 4; +fi + +{ + echo "{"; + printf "\t\"decision_context\":\"osci_compose_gate\",\n"; + printf "\t\"product_version\":\"rhel-%d\",\n" "${RHEL_VER}"; + printf "\t\"subject_type\":\"koji_build\",\n"; + printf "\t\"subject_identifier\":\"%s\",\n" "${NVR}"; + printf "\t\"verbose\":false\n"; + echo "}"; +} > "${JSON_FILE}" + +echo "Sending the following JSON..."; +cat "${JSON_FILE}" + +CMD=("${CURL}" --silent --show-error -X POST) + +JSON_COMMAND="--json"; +# Check --json is available +${CURL} ${JSON_COMMAND} 2> /dev/null +if [ $? -eq 2 ] ; then + echo "--json unsupported; falling back on --data-ascii"; + CMD=("${CMD[@]}" --header Content-Type:application/json --data-ascii); +else + CMD=("${CMD[@]}" "${JSON_COMMAND}"); +fi + +CMD=("${CMD[@]}" "@${JSON_FILE}" "${URL}") + +echo "${CMD[@]}" + +if command "${CMD[@]}" > "${JSON_OUT}" ; then + "${JSON_TOOL}" < "${JSON_OUT}" +else + echo "Failed to obtain JSON"; + exit 5; +fi + +# Local Variables: +# compile-command: "shellcheck query_build_gating.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/waive_issue.sh b/scripts/builds/waive_issue.sh new file mode 100755 index 0000000..71fd299 --- /dev/null +++ b/scripts/builds/waive_issue.sh @@ -0,0 +1,132 @@ +#!/bin/bash + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Waive a gating issue + +RHEL_VER=${1} +NVR=${2} +TESTCASE=${3} +COMMENT=${4} + +CURL=$(command -v curl) +JSON_TOOL=$(command -v json_verify) +JSON_FORMAT=$(command -v jq) +JSON_FILE=$(mktemp --tmpdir waive.XXXXXX.json) +HEADER_FILE=$(mktemp --tmpdir waive.XXXXXX.headers) +JSON_OUT=$(mktemp --tmpdir out.XXXXXX.json) + +CACERT=/etc/ssl/certs/2022-IT-Root-CA.pem +CACERT_DIR=$(dirname ${CACERT}) +URL="https://waiverdb.engineering.redhat.com/api/v1.0/waivers/" + +if test -z "${JSON_TOOL}" -o ! -x "${JSON_TOOL}" ; then + echo "JSON verifier not found. Skipping verification."; + SKIP_JSON=1; +else + SKIP_JSON=0; +fi + +if test "x${RHEL_VER}" = "x"; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "x${NVR}" = "x"; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +if test "x${TESTCASE}" = "x"; then + echo "No testcase specified."; + echo "${0} "; + exit 3; +fi + +if test "x${COMMENT}" = "x"; then + COMMENT="Gating broken"; + echo "Setting COMMENT to default of '${COMMENT}'" +fi + +if test "${CURL}" = ""; then + echo "curl not found"; + exit 4; +fi + +if test "${JSON_FORMAT}" = ""; then + echo "jq not found"; + exit 5; +fi + +{ + echo "{"; + printf "\t\"subject_type\":\"brew-build\",\n"; + printf "\t\"subject_identifier\":\"%s\",\n" "${NVR}"; + printf "\t\"testcase\":\"%s\",\n" "${TESTCASE}"; + printf "\t\"waived\":true,\n"; + printf "\t\"product_version\":\"rhel-%d\",\n" "${RHEL_VER}" + printf "\t\"comment\":\"%s\"\n" "${COMMENT}"; + echo "}" +} > "${JSON_FILE}" + +if [ "${SKIP_JSON}" -eq 0 ] ; then + "${JSON_TOOL}" < "${JSON_FILE}" || exit 6; +fi + +CMD=("${CURL}" --silent --show-error --capath "${CACERT_DIR}" --negotiate -u :) + +JSON_COMMAND="--json"; +# Check --json is available +${CURL} ${JSON_COMMAND} 2> /dev/null +if [ $? -eq 2 ] ; then + echo "--json unsupported; falling back on --data-binary"; + { + echo "Content-Type: application/json"; + echo "Accept: application/json"; + } > "${HEADER_FILE}" + echo "Header file:"; + cat "${HEADER_FILE}" + CMD=("${CMD[@]}" --header "@${HEADER_FILE}" --data-binary); +else + CMD=("${CMD[@]}" "${JSON_COMMAND}"); +fi +CMD=("${CMD[@]}" "@${JSON_FILE}" "${URL}") + +echo "Sending the following JSON..."; +cat "${JSON_FILE}" + +echo "${CMD[@]}" + +if command "${CMD[@]}" > "${JSON_OUT}" ; then + "${JSON_FORMAT}" < "${JSON_OUT}" +else + echo "Failed to file waiver"; + exit 7; +fi + +rm -v "${JSON_FILE}" +rm -v "${HEADER_FILE}" + +# Local Variables: +# compile-command: "shellcheck waive_issue.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/waive_leapp_issue.sh b/scripts/builds/waive_leapp_issue.sh new file mode 100755 index 0000000..2dc3e71 --- /dev/null +++ b/scripts/builds/waive_leapp_issue.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Waive the leapp gating test which never seems to work + +RHEL_VER=${1} +NVR=${2} + +WORKING_DIR=$(dirname "${0}") + +if test "x${RHEL_VER}" = "x"; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "x${NVR}" = "x"; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +"${WORKING_DIR}"/waive_issue.sh "${RHEL_VER}" "${NVR}" leapp.brew-build.upgrade.distro "AWOL" + +# Local Variables: +# compile-command: "shellcheck waive_leapp_issue.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/waive_rpminspect.sh b/scripts/builds/waive_rpminspect.sh new file mode 100755 index 0000000..453b892 --- /dev/null +++ b/scripts/builds/waive_rpminspect.sh @@ -0,0 +1,53 @@ +#!/bin/sh + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Waive a rpminspect gating issue + +RHEL_VER=${1} +NVR=${2} +COMMENT=${3} + +WORKING_DIR=$(dirname "${0}") + +if test "x${RHEL_VER}" = "x"; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "x${NVR}" = "x"; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +if test "${COMMENT}" = ""; then + echo "No comment specified."; + echo "${0} "; + exit 3; +fi + +"${WORKING_DIR}"/waive_issue.sh "${RHEL_VER}" "${NVR}" osci.brew-build.rpminspect.static-analysis "${COMMENT}" + +# Local Variables: +# compile-command: "shellcheck waive_rpminspect.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/waive_usual_rpminspect.sh b/scripts/builds/waive_usual_rpminspect.sh new file mode 100755 index 0000000..5b4f26d --- /dev/null +++ b/scripts/builds/waive_usual_rpminspect.sh @@ -0,0 +1,46 @@ +#!/bin/sh + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Waive the recurring rpminspect gating issues +# Should be resolved by RHELPLAN-102267 + +RHEL_VER=${1} +NVR=${2} + +if test "x${RHEL_VER}" = "x"; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "x${NVR}" = "x"; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +"${WORKING_DIR}"/waive_rpminspect.sh "${RHEL_VER}" "${NVR}" \ + "Usual failures we waived through rpmdiff; slowdebug unoptimised, RPATH and IPv4 functions" + +# Local Variables: +# compile-command: "shellcheck waive_usual_rpminspect.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: diff --git a/scripts/builds/waive_usual_tier0.sh b/scripts/builds/waive_usual_tier0.sh new file mode 100755 index 0000000..6e06564 --- /dev/null +++ b/scripts/builds/waive_usual_tier0.sh @@ -0,0 +1,47 @@ +#!/bin/sh + +# Copyright (C) 2026 Red Hat, Inc. +# Written by: +# Andrew John Hughes +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as +# published by the Free Software Foundation, either version 3 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +# Waive the usual tier0 gating issue +# Should be resolved by OPENJDK-4517 + +RHEL_VER=${1} +NVR=${2} + +WORKING_DIR=$(dirname "${0}") + +if test "x${RHEL_VER}" = "x"; then + echo "No RHEL version specified."; + echo "${0} "; + exit 1; +fi + +if test "x${NVR}" = "x"; then + echo "No NVR specified."; + echo "${0} "; + exit 2; +fi + +"${WORKING_DIR}"/waive_issue.sh "${RHEL_VER}" "${NVR}" osci.brew-build.tier0.functional "Test unable to parse spec file" + +# Local Variables: +# compile-command: "shellcheck waive_usual_tier0.sh" +# fill-column: 80 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: