diff --git a/.gitignore b/.gitignore index 9452199..fc1b678 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ -/*.tar.xz +SOURCES/toolbox-0.0.99.3-vendored.tar.xz +/toolbox-0.0.99.3-vendored.tar.xz diff --git a/gating.yaml b/gating.yaml new file mode 100644 index 0000000..4124226 --- /dev/null +++ b/gating.yaml @@ -0,0 +1,6 @@ +--- !Policy +product_versions: + - rhel-9 +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: desktop-qe.desktop-ci.tier1-gating.functional} diff --git a/rpminspect.yaml b/rpminspect.yaml new file mode 100644 index 0000000..7187c9a --- /dev/null +++ b/rpminspect.yaml @@ -0,0 +1,9 @@ +# https://one.redhat.com/rhel-developer-guide/#_modifying_a_per_package_rpminspect_yaml_file +# https://github.com/rpminspect/rpminspect/blob/master/data/generic.yaml + +annocheck: + - hardened: --ignore-unknown --verbose --skip-run-path + +runpath: + allowed_paths: + - /run/host/usr/lib64 diff --git a/tests/roles/bats_installed/tasks/main.yml b/tests/roles/bats_installed/tasks/main.yml new file mode 100644 index 0000000..3fa1798 --- /dev/null +++ b/tests/roles/bats_installed/tasks/main.yml @@ -0,0 +1,12 @@ +--- +# Sigh; RHEL8 doesn't have BATS +- name: bats | fetch and unpack tarball + unarchive: + src: https://github.com/bats-core/bats-core/archive/v1.4.1.tar.gz + dest: /root + remote_src: true + +- name: bats | install + command: ./install.sh /usr/local + args: + chdir: /root/bats-core-1.4.1 diff --git a/tests/roles/nonroot_user/tasks/main.yml b/tests/roles/nonroot_user/tasks/main.yml new file mode 100644 index 0000000..51bf44a --- /dev/null +++ b/tests/roles/nonroot_user/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: create nonroot user + user: + name: testuser + shell: /bin/bash +- name: enable linger + command: loginctl enable-linger testuser diff --git a/tests/roles/run_bats_tests/files/run_bats_tests.sh b/tests/roles/run_bats_tests/files/run_bats_tests.sh new file mode 100755 index 0000000..e9f5f5f --- /dev/null +++ b/tests/roles/run_bats_tests/files/run_bats_tests.sh @@ -0,0 +1,72 @@ +#!/bin/bash +# +# Run bats tests for a given $TEST_PACKAGE, e.g. buildah, podman +# +# This is invoked by the 'run_bats_tests' role; we assume that +# the package foo has a foo-tests subpackage which provides the +# directory /usr/share/foo/test/system, containing one or more .bats +# test files. +# + +export PATH=/usr/local/bin:/usr/sbin:/usr/bin + +FULL_LOG=/tmp/test.debug.log +BATS_LOG=/tmp/test.bats.log +rm -f $FULL_LOG $BATS_LOG +touch $FULL_LOG $BATS_LOG + +exec &> $FULL_LOG + +# Log program versions +echo "Packages:" +rpm -q ${TEST_PACKAGE} ${TEST_PACKAGE}-tests + +echo "------------------------------" +printenv | sort + +testdir=/usr/share/${TEST_PACKAGE}/test/system + +if ! cd $testdir; then + echo "FAIL ${TEST_NAME} : cd $testdir" >> /tmp/test.log + exit 0 +fi + +if [ -e /tmp/helper.sh ]; then + echo "------------------------------" + echo ". /tmp/helper.sh" + . /tmp/helper.sh +fi + +if [ "$(type -t setup)" = "function" ]; then + echo "------------------------------" + echo "\$ setup" + setup + if [ $? -ne 0 ]; then + echo "FAIL ${TEST_NAME} : setup" >> /tmp/test.log + exit 0 + fi +fi + +echo "------------------------------" +echo "\$ bats ." +bats . &> $BATS_LOG +rc=$? + +echo "------------------------------" +echo "bats completed with status $rc" + +status=PASS +if [ $rc -ne 0 ]; then + status=FAIL +fi + +echo "${status} ${TEST_NAME}" >> /tmp/test.log + +if [ "$(type -t teardown)" = "function" ]; then + echo "------------------------------" + echo "\$ teardown" + teardown +fi + +# FIXME: for CI purposes, always exit 0. This allows subsequent tests. +exit 0 diff --git a/tests/roles/run_bats_tests/tasks/main.yml b/tests/roles/run_bats_tests/tasks/main.yml new file mode 100644 index 0000000..da79a4c --- /dev/null +++ b/tests/roles/run_bats_tests/tasks/main.yml @@ -0,0 +1,37 @@ +--- +# Create empty results file, world-writable +- name: initialize test.log file + copy: dest=/tmp/test.log content='' force=yes mode=0666 + +- name: execute tests + include: run_one_test.yml + with_items: "{{ tests }}" + loop_control: + loop_var: test + +- name: pull test.log results + fetch: + src: "/tmp/test.log" + dest: "{{ artifacts }}/test.log" + flat: yes + +# Copied from standard-test-basic +- name: check results + shell: grep "^FAIL" /tmp/test.log + register: test_fails + # Never fail at this step. Just store result of tests. + failed_when: False + +- name: preserve results + set_fact: + role_result_failed: "{{ (test_fails.stdout|d|length > 0) or (test_fails.stderr|d|length > 0) }}" + role_result_msg: "{{ test_fails.stdout|d('tests failed.') }}" + +- name: display results + vars: + msg: | + Tests failed: {{ role_result_failed|d('Undefined') }} + Tests msg: {{ role_result_msg|d('None') }} + debug: + msg: "{{ msg.split('\n') }}" + failed_when: "role_result_failed|bool" diff --git a/tests/roles/run_bats_tests/tasks/run_one_test.yml b/tests/roles/run_bats_tests/tasks/run_one_test.yml new file mode 100644 index 0000000..b44ed42 --- /dev/null +++ b/tests/roles/run_bats_tests/tasks/run_one_test.yml @@ -0,0 +1,52 @@ +--- +- name: "{{ test.name }} | install test packages" + dnf: name="{{ test.package }}-tests" state=installed + +- name: "{{ test.name }} | define helper variables" + set_fact: + test_name_oneword: "{{ test.name | replace(' ','-') }}" + +# UGH. This is necessary because our caller sets some environment variables +# and we need to set a few more based on other caller variables; then we +# need to combine the two dicts when running the test. This seems to be +# the only way to do it in ansible. +- name: "{{ test.name }} | define local environment" + set_fact: + local_environment: + TEST_NAME: "{{ test.name }}" + TEST_PACKAGE: "{{ test.package }}" + TEST_ENV: "{{ test.environment }}" + +- name: "{{ test.name }} | setup/teardown helper | see if exists" + local_action: stat path={{ role_path }}/files/helper.{{ test_name_oneword }}.sh + register: helper + +- name: "{{ test.name }} | setup/teardown helper | install" + copy: src=helper.{{ test_name_oneword }}.sh dest=/tmp/helper.sh + when: helper.stat.exists + +- name: "{{ test.name }} | run test" + script: ./run_bats_tests.sh + args: + chdir: /usr/share/{{ test.package }}/test/system + become: "{{ true if test.become is defined else false }}" + become_user: testuser + environment: "{{ local_environment | combine(test.environment) }}" + +- name: "{{ test.name }} | pull logs" + fetch: + src: "/tmp/test.{{ item }}.log" + dest: "{{ artifacts }}/test.{{ test_name_oneword }}.{{ item }}.log" + flat: yes + with_items: + - bats + - debug + +- name: "{{ test.name }} | remove remote logs and helpers" + file: + dest=/tmp/{{ item }} + state=absent + with_items: + - test.bats.log + - test.debug.log + - helper.sh diff --git a/tests/roles/set_image/files/toolbox.conf b/tests/roles/set_image/files/toolbox.conf new file mode 100644 index 0000000..73b52c4 --- /dev/null +++ b/tests/roles/set_image/files/toolbox.conf @@ -0,0 +1,17 @@ +[general] +# Create a toolbox container for a different operating system distro than the +# host. Cannot be used with 'image'. +## distro = "fedora" + +# Create a toolbox container for a different operating system release than the +# host. Cannot be used with 'image'. +## release = "33" + +# Change the name of the image used to create the toolbox container. This is +# useful for creating containers from custom-built images. Cannot be used with +# 'distro' or 'release'. +# +# If the name does not contain a registry, the local image storage will be +# consulted, and if it's not present there then it will be pulled from a +# suitable remote registry. +image = "registry-proxy.engineering.redhat.com/rh-osbs/toolbox-container:8.5" diff --git a/tests/roles/set_image/tasks/main.yml b/tests/roles/set_image/tasks/main.yml new file mode 100644 index 0000000..0857d13 --- /dev/null +++ b/tests/roles/set_image/tasks/main.yml @@ -0,0 +1,8 @@ +--- +# Copy the toolbox.conf file to /etc/containers/ +- name: Check containers directory exists + file: + path: /etc/containers + state: directory +- name: Copy toolbox.conf file to set default image + copy: src={{ role_path }}/files/toolbox.conf dest=/etc/containers/toolbox.conf force=yes mode=0644 diff --git a/tests/tests.yml b/tests/tests.yml new file mode 100644 index 0000000..635319b --- /dev/null +++ b/tests/tests.yml @@ -0,0 +1,17 @@ +--- +- hosts: localhost + tags: classic + vars: + - artifacts: ./artifacts + roles: + - role: bats_installed + - role: set_image + - role: nonroot_user + - role: run_bats_tests + tests: + - name: toolbox + package: toolbox + environment: + PODMAN: /usr/bin/podman + TOOLBOX_TEST_DEFAULT_CONTAINER_NAME: toolbox-container-8.5 + become: true diff --git a/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch index 95fed10..db06e9b 100644 --- a/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch +++ b/toolbox-Add-migration-paths-for-coreos-toolbox-users.patch @@ -1,4 +1,4 @@ -From cc15d0ac76fa77a2fa0f3c73e1a3ed4e7ceb2b29 Mon Sep 17 00:00:00 2001 +From 565947a7df6f4d18cb2f2d3a172b79391880288a Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Wed, 18 Aug 2021 17:55:21 +0200 Subject: [PATCH 1/2] cmd/run: Make sosreport work by setting the HOST @@ -22,10 +22,10 @@ index 5954eac55fad..ca363815d4c9 100644 "--tty", "--user", currentUser.Username, -- -2.39.1 +2.31.1 -From a47cd46e0ca32b8af0ea8181c856ce2a8d8307fd Mon Sep 17 00:00:00 2001 +From fecbda4c3ea823eb04ebe392a6e1422e8ce8dd41 Mon Sep 17 00:00:00 2001 From: Debarshi Ray Date: Fri, 10 Dec 2021 13:42:15 +0100 Subject: [PATCH 2/2] test/system: Update to test the migration path for @@ -97,5 +97,5 @@ index 000000000000..32d87904213e + skip "Testing of entering toolboxes is not implemented" +} -- -2.39.1 +2.31.1 diff --git a/toolbox.spec b/toolbox.spec index 1b04aba..9a2b48b 100644 --- a/toolbox.spec +++ b/toolbox.spec @@ -11,7 +11,7 @@ Version: 0.0.99.3 %global goipath github.com/containers/%{name} %gometa -Release: 8%{?dist} +Release: 4%{?dist} Summary: Tool for containerized command line environments on Linux License: ASL 2.0 @@ -24,12 +24,6 @@ URL: https://containertoolbx.org/ Source0: %{name}-%{version}-vendored.tar.xz Source1: %{name}.conf -# https://bugzilla.redhat.com/show_bug.cgi?id=2152907 -Patch0: toolbox-Unbreak-sorting-and-clearly-identify-copied-images-in-list.patch - -# https://bugzilla.redhat.com/show_bug.cgi?id=2165610 -Patch1: toolbox-Support-RHEL-9-containers.patch - # RHEL specific Patch100: toolbox-Make-the-build-flags-match-RHEL-s-gobuild.patch Patch101: toolbox-Make-the-build-flags-match-RHEL-s-gobuild-for-PPC64.patch @@ -38,7 +32,7 @@ Patch102: toolbox-Add-migration-paths-for-coreos-toolbox-users.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1905383 ExcludeArch: %{ix86} -BuildRequires: golang >= 1.19.4 +BuildRequires: golang >= 1.19.1 BuildRequires: /usr/bin/go-md2man BuildRequires: meson >= 0.58.0 BuildRequires: pkgconfig(bash-completion) @@ -70,9 +64,6 @@ The %{name}-tests package contains system tests for %{name}. %prep %setup -q -%patch0 -p1 -%patch1 -p1 - %ifnarch ppc64 %patch100 -p1 %else @@ -133,10 +124,6 @@ install -m0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/containers/%{name}.conf %changelog -* Tue Mar 14 2023 Jindrich Novy - 0.0.99.3-8 -- sync with stream-container-tools-4.0-rhel-8.8.0 -- Related: #2176055 - * Mon Nov 07 2022 Debarshi Ray - 0.0.99.3-4 - Rebuild for CVE-2022-27664 and CVE-2022-32189 Resolves: #2116761, #2126749