From b0a7f740186a431646d9159a2f71629b8e9bb5e9 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Thu, 7 Nov 2024 20:13:38 -0500 Subject: [PATCH] wip --- tests-integration/src/install.rs | 115 ++++++++++--------------------- 1 file changed, 37 insertions(+), 78 deletions(-) diff --git a/tests-integration/src/install.rs b/tests-integration/src/install.rs index d7c046937..54b34a00b 100644 --- a/tests-integration/src/install.rs +++ b/tests-integration/src/install.rs @@ -84,89 +84,48 @@ pub(crate) fn run_alongside(image: &str, mut testargs: libtest_mimic::Arguments) // We always need this as we assume we're operating on a local image let generic_inst_args = ["--skip-fetch-check"]; - let tests = [ - Trial::test("loopback install", move || { + let tests = [Trial::test( + "replace=alongside with ssh keys and a karg, and SELinux disabled", + move || { let sh = &xshell::Shell::new()?; reset_root(sh, image)?; - let size = 10 * 1000 * 1000 * 1000; - let mut tmpdisk = tempfile::NamedTempFile::new_in("/var/tmp")?; - tmpdisk.as_file_mut().set_len(size)?; - let tmpdisk = tmpdisk.into_temp_path(); - let tmpdisk = tmpdisk.to_str().unwrap(); - cmd!(sh, "sudo {BASE_ARGS...} -v {tmpdisk}:/disk {image} bootc install to-disk --via-loopback {generic_inst_args...} /disk").run()?; - Ok(()) - }), - Trial::test( - "replace=alongside with ssh keys and a karg, and SELinux disabled", - move || { - let sh = &xshell::Shell::new()?; - reset_root(sh, image)?; - let tmpd = &sh.create_temp_dir()?; - let tmp_keys = tmpd.path().join("test_authorized_keys"); - let tmp_keys = tmp_keys.to_str().unwrap(); - std::fs::write(&tmp_keys, b"ssh-ed25519 ABC0123 testcase@example.com")?; - cmd!(sh, "sudo {BASE_ARGS...} {target_args...} -v {tmp_keys}:/test_authorized_keys {image} bootc install to-filesystem {generic_inst_args...} --acknowledge-destructive --karg=foo=bar --replace=alongside --root-ssh-authorized-keys=/test_authorized_keys /target").run()?; - - generic_post_install_verification()?; + let tmpd = &sh.create_temp_dir()?; + let tmp_keys = tmpd.path().join("test_authorized_keys"); + let tmp_keys = tmp_keys.to_str().unwrap(); + std::fs::write(&tmp_keys, b"ssh-ed25519 ABC0123 testcase@example.com")?; + cmd!(sh, "sudo {BASE_ARGS...} {target_args...} -v {tmp_keys}:/test_authorized_keys {image} bootc install to-filesystem {generic_inst_args...} --acknowledge-destructive --karg=foo=bar --replace=alongside --root-ssh-authorized-keys=/test_authorized_keys /target").run()?; - // Test kargs injected via CLI - cmd!( - sh, - "sudo /bin/sh -c 'grep foo=bar /boot/loader/entries/*.conf'" - ) - .run()?; - // And kargs we added into our default container image - cmd!( - sh, - "sudo /bin/sh -c 'grep localtestkarg=somevalue /boot/loader/entries/*.conf'" - ) - .run()?; - cmd!( - sh, - "sudo /bin/sh -c 'grep testing-kargsd=3 /boot/loader/entries/*.conf'" - ) - .run()?; - let deployment = &find_deployment_root()?; - let cwd = sh.push_dir(format!("/proc/self/fd/{}", deployment.as_raw_fd())); - cmd!( - sh, - "grep authorized_keys etc/tmpfiles.d/bootc-root-ssh.conf" - ) - .run()?; - drop(cwd); - Ok(()) - }, - ), - Trial::test("Install and verify selinux state", move || { - let sh = &xshell::Shell::new()?; - reset_root(sh, image)?; - cmd!(sh, "sudo {BASE_ARGS...} {target_args...} {image} bootc install to-existing-root --acknowledge-destructive {generic_inst_args...}").run()?; - generic_post_install_verification()?; - let root = &Dir::open_ambient_dir("/ostree", cap_std::ambient_authority()).unwrap(); - let mut path = PathBuf::from("."); - crate::selinux::verify_selinux_recurse(root, &mut path, false)?; - Ok(()) - }), - Trial::test("Install to non-default stateroot", move || { - let sh = &xshell::Shell::new()?; - reset_root(sh, image)?; - cmd!(sh, "sudo {BASE_ARGS...} {target_args...} {image} bootc install to-existing-root --stateroot {NON_DEFAULT_STATEROOT} --acknowledge-destructive {generic_inst_args...}").run()?; - generic_post_install_verification()?; - assert!( - Utf8Path::new(&format!("/ostree/deploy/{NON_DEFAULT_STATEROOT}")).try_exists()? - ); - Ok(()) - }), - Trial::test("without an install config", move || { - let sh = &xshell::Shell::new()?; - reset_root(sh, image)?; - let empty = sh.create_temp_dir()?; - let empty = empty.path().to_str().unwrap(); - cmd!(sh, "sudo {BASE_ARGS...} {target_args...} -v {empty}:/usr/lib/bootc/install {image} bootc install to-existing-root {generic_inst_args...}").run()?; generic_post_install_verification()?; + + // Test kargs injected via CLI + cmd!( + sh, + "sudo /bin/sh -c 'grep foo=bar /boot/loader/entries/*.conf'" + ) + .run()?; + // And kargs we added into our default container image + cmd!(sh, "cat /boot/loader/entries/*.conf").run()?; + cmd!( + sh, + "sudo /bin/sh -c 'grep localtestkarg=somevalue /boot/loader/entries/*.conf'" + ) + .run()?; + cmd!( + sh, + "sudo /bin/sh -c 'grep testing-kargsd=3 /boot/loader/entries/*.conf'" + ) + .run()?; + let deployment = &find_deployment_root()?; + let cwd = sh.push_dir(format!("/proc/self/fd/{}", deployment.as_raw_fd())); + cmd!( + sh, + "grep authorized_keys etc/tmpfiles.d/bootc-root-ssh.conf" + ) + .run()?; + drop(cwd); Ok(()) - }), - ]; + }, + )]; libtest_mimic::run(&testargs, tests.into()).exit() }