apt-ostree/.notes/tests/validation.md

APT-OSTree Testing and Validation Strategy

Research Summary

Based on comprehensive analysis of testing infrastructures from rpm-ostree, ostree, apt, and dpkg, this document outlines a comprehensive testing strategy for apt-ostree that mirrors the best practices from these established projects.

Key Findings from Research

rpm-ostree Testing Infrastructure

Repository Structure:

• tests/ - Main test directory with three categories:
  • check/ - Non-destructive unit tests (some require root)
  • compose/ - Tree composition tests (require root, installed)
  • vmcheck/ - VM-based integration tests (Vagrant-based)

Test Categories:

1. Unit Tests (check/): Basic functionality tests, API validation
2. Compose Tests (compose/): Tree building and composition workflows
3. VM Tests (vmcheck/): Full system integration tests with real deployments

Key Test Files:

• test-basic-unified.sh - Core tree composition workflow
• test-layering-basic-1.sh - Package layering functionality
• test-misc-2.sh - Miscellaneous edge cases and error conditions

CI Infrastructure:

• Jenkins-based CI with multiple stages
• Parallel test execution
• Artifact collection and archiving
• VM-based testing with COSA (CoreOS Assembler)

ostree Testing Infrastructure

Repository Structure:

• tests/ - Comprehensive test suite with 100+ test files
• tests-unit-container/ - Container-based unit tests
• manual-tests/ - Manual testing procedures

Test Types:

• C unit tests (.c files)
• Shell script tests (.sh files)
• JavaScript tests (.js files)
• Integration tests with real repositories

Key Features:

• GPG signature verification tests
• Repository corruption and recovery tests
• Network and remote repository tests
• Filesystem and metadata tests

apt Testing Infrastructure

Repository Structure:

• test/ - Unit and integration tests
• debian/tests/ - autopkgtest definitions
• test/integration/ - Integration test suite

Test Types:

• Unit tests for libapt-pkg
• Integration tests for apt commands
• autopkgtest for system-level validation

dpkg Testing Infrastructure

Repository Structure:

• t/ - Perl-based test suite
• tests/ - Additional test utilities
• debian/tests/ - autopkgtest definitions

Test Types:

• Code quality tests (cppcheck, codespell, critic)
• Syntax and documentation tests
• Integration tests with real packages

APT-OSTree Testing Strategy

1. Test Architecture

tests/
├── unit/                    # Unit tests (cargo test)
│   ├── apt/                # APT manager tests
│   ├── ostree/             # OSTree manager tests
│   ├── integration/        # APT-OSTree integration tests
│   └── permissions/        # Permission and security tests
├── integration/            # Integration tests
│   ├── package-install/    # Package installation workflows
│   ├── package-remove/     # Package removal workflows
│   ├── system-upgrade/     # System upgrade workflows
│   └── rollback/           # Rollback functionality tests
├── compose/                # Tree composition tests
│   ├── basic/              # Basic tree composition
│   ├── packages/           # Package layering tests
│   ├── metadata/           # Metadata handling tests
│   └── scripts/            # Package script execution tests
├── vmcheck/                # VM-based integration tests
│   ├── basic-deployment/   # Basic deployment workflows
│   ├── package-layering/   # Package layering in VM
│   ├── upgrade-rollback/   # Upgrade and rollback tests
│   └── edge-cases/         # Edge case testing
├── common/                 # Common test utilities
├── utils/                  # Test helper utilities
└── data/                   # Test data and fixtures

2. Test Categories

A. Unit Tests (Rust-based)

• Scope: Individual component functionality
• Execution: cargo test
• Requirements: No root privileges, isolated environment
• Examples:
  • APT manager initialization and operations
  • OSTree manager repository operations
  • Dependency resolution algorithms
  • Permission validation logic

B. Integration Tests (Shell-based)

• Scope: Component interaction and workflows
• Execution: make integration-test
• Requirements: Root privileges, isolated environment
• Examples:
  • Package installation workflows
  • OSTree commit creation and management
  • APT database synchronization
  • Filesystem assembly and layout

C. Compose Tests (Shell-based)

• Scope: Tree composition and building
• Execution: make compose-test
• Requirements: Root privileges, full system access
• Examples:
  • Tree composition with packages
  • Metadata handling and validation
  • Package script execution
  • OSTree commit metadata

D. VM Tests (VM-based)

• Scope: Full system integration
• Execution: make vmcheck
• Requirements: VM environment, full system access
• Examples:
  • Complete deployment workflows
  • Package layering in real system
  • Upgrade and rollback scenarios
  • Edge cases and error conditions

3. Test Implementation Strategy

Phase 1: Unit Test Foundation

1. Expand Rust unit tests in src/tests.rs
2. Add component-specific tests for each module
3. Implement test utilities for common operations
4. Add property-based tests for complex algorithms

Phase 2: Integration Test Suite

1. Create shell-based test framework similar to rpm-ostree
2. Implement test utilities for APT and OSTree operations
3. Add workflow tests for package management
4. Create test data fixtures for reproducible testing

Phase 3: Compose Test Suite

1. Implement tree composition tests based on rpm-ostree patterns
2. Add package layering tests with real DEB packages
3. Create metadata validation tests
4. Add script execution tests

Phase 4: VM Test Suite

1. Set up VM testing infrastructure using Vagrant or similar
2. Implement deployment tests in VM environment
3. Add upgrade and rollback tests
4. Create edge case and error condition tests

4. Test Utilities and Helpers

Common Test Library (tests/common/libtest.sh)

#!/bin/bash
# Common test utilities for apt-ostree

set -euo pipefail

# Test assertion functions
assert_file_has_content() {
    local file="$1"
    local pattern="$2"
    if ! grep -q "$pattern" "$file"; then
        fatal "File $file does not contain pattern: $pattern"
    fi
}

assert_file_has_content_literal() {
    local file="$1"
    local content="$2"
    if ! grep -Fq "$content" "$file"; then
        fatal "File $file does not contain literal content: $content"
    fi
}

# APT test utilities
build_deb() {
    local pkgname="$1"
    local version="${2:-1.0}"
    local arch="${3:-amd64}"
    # Build test DEB package
}

# OSTree test utilities
create_test_repo() {
    local repo_path="$1"
    # Create test OSTree repository
}

# System test utilities
vm_cmd() {
    # Execute command in VM environment
}

vm_reboot() {
    # Reboot VM and wait for ready state
}

APT Test Utilities (tests/utils/apt-test-utils.sh)

#!/bin/bash
# APT-specific test utilities

setup_test_repo() {
    # Set up test APT repository with packages
}

install_test_package() {
    # Install test package via apt-ostree
}

remove_test_package() {
    # Remove test package via apt-ostree
}

verify_package_installed() {
    # Verify package is properly installed
}

OSTree Test Utilities (tests/utils/ostree-test-utils.sh)

#!/bin/bash
# OSTree-specific test utilities

create_test_commit() {
    # Create test OSTree commit
}

verify_commit_metadata() {
    # Verify commit metadata
}

check_deployment_status() {
    # Check deployment status
}

5. CI/CD Integration

GitHub Actions Workflow (.github/workflows/test.yml)

name: Tests

on: [push, pull_request]

jobs:
  unit-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: actions-rs/toolchain@v1
        with:
          toolchain: stable
      - run: cargo test

  integration-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: sudo make integration-test

  compose-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: sudo make compose-test

  vm-tests:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: make vmcheck

Makefile Targets (Makefile)

.PHONY: test unit-test integration-test compose-test vmcheck

test: unit-test integration-test compose-test

unit-test:
	cargo test

integration-test:
	./tests/run-integration-tests.sh

compose-test:
	./tests/run-compose-tests.sh

vmcheck:
	./tests/vmcheck.sh

install-test-deps:
	./ci/install-test-deps.sh

6. Test Data and Fixtures

Test Packages (tests/data/packages/)

• Minimal test DEB packages
• Packages with various dependency scenarios
• Packages with scripts (preinst, postinst, etc.)
• Packages with different architectures

Test Repositories (tests/data/repos/)

• Minimal APT repositories
• Repositories with different package sets
• Repositories with metadata variations

Test OSTree Commits (tests/data/commits/)

• Base system commits
• Commits with different package sets
• Commits with various metadata

7. Testing Best Practices

Test Isolation

• Each test should be independent
• Use temporary directories and repositories
• Clean up after each test
• Avoid side effects between tests

Error Handling

• Test both success and failure scenarios
• Verify error messages and exit codes
• Test edge cases and boundary conditions
• Validate error recovery mechanisms

Performance Testing

• Measure execution time for key operations
• Test with large package sets
• Validate memory usage
• Test concurrent operations

Security Testing

• Test permission validation
• Verify sandbox isolation
• Test privilege escalation prevention
• Validate input sanitization

8. Implementation Roadmap

Week 1-2: Foundation

• Expand Rust unit tests
• Create test utilities framework
• Set up CI/CD pipeline
• Implement basic integration tests

Week 3-4: Integration Tests

• Implement package installation tests
• Add OSTree integration tests
• Create workflow validation tests
• Add error handling tests

Week 5-6: Compose Tests

• Implement tree composition tests
• Add package layering tests
• Create metadata validation tests
• Add script execution tests

Week 7-8: VM Tests

• Set up VM testing infrastructure
• Implement deployment tests
• Add upgrade and rollback tests
• Create edge case tests

Week 9-10: Polish and Documentation

• Add comprehensive documentation
• Optimize test performance
• Add test coverage reporting
• Create testing guidelines

9. Success Metrics

Test Coverage

• Unit test coverage > 90%
• Integration test coverage > 80%
• Critical path coverage > 95%

Performance Metrics

• Unit tests complete in < 30 seconds
• Integration tests complete in < 5 minutes
• VM tests complete in < 30 minutes

Quality Metrics

• Zero test flakiness
• All tests pass consistently
• Comprehensive error scenario coverage

10. Resources and References

rpm-ostree Testing

• Repository: https://github.com/coreos/rpm-ostree
• Test directory: tests/
• CI configuration: .cci.jenkinsfile
• Hacking guide: docs/HACKING.md

ostree Testing

• Repository: https://github.com/ostreedev/ostree
• Test directory: tests/
• Build system: Makefile-tests.am

apt Testing

• Repository: https://salsa.debian.org/apt-team/apt
• Test directory: test/
• autopkgtest: debian/tests/

dpkg Testing

• Repository: https://salsa.debian.org/dpkg-team/dpkg
• Test directory: t/
• autopkgtest: debian/tests/

This comprehensive testing strategy ensures apt-ostree has robust validation similar to the established projects it's based on, while being tailored to the specific requirements of APT package management and OSTree deployment.