tests/api: add container related test

Add a new cloud API test that will build an edge-container, upload it to the gitlab CI registry, fetch it from there, run it and compare that the OSTree commit contained in it is indeed the one we expect. Co-Developed-By: Christian Kellner <christian@kellner.me>
2022-07-28 13:18:45 +03:00 · 2022-07-28 13:18:45 +03:00 · 1847a6ae05
commit 1847a6ae05
parent c845a11881
7 changed files with 122 additions and 8 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -509,6 +509,7 @@ cross-distro.sh:
    - gcp
    - vsphere
    - edge-commit generic.s3
+    - edge-container

 API:
  stage: test
--- a/cmd/osbuild-worker/config.go
+++ b/cmd/osbuild-worker/config.go
@ -53,7 +53,7 @@ type authenticationConfig struct {
 type containersConfig struct {
 	AuthFilePath string `toml:"auth_file_path"`
 	Domain       string `toml:"domain"`
-	Account      string `toml:"account"`
+	PathPrefix   string `toml:"path_prefix"`
 	CertPath     string `toml:"cert_path"`
 	TLSVerify    bool   `toml:"tls_verify"`
 }
--- a/cmd/osbuild-worker/jobimpl-osbuild.go
+++ b/cmd/osbuild-worker/jobimpl-osbuild.go
@ -43,7 +43,7 @@ type S3Configuration struct {
 type ContainersConfiguration struct {
 	AuthFilePath string
 	Domain       string
-	Account      string
+	PathPrefix   string
 	CertPath     string
 	TLSVerify    *bool
 }
@ -208,7 +208,7 @@ func uploadToS3(a *awscloud.AWS, outputDirectory, exportPath, bucket, key, filen
 }

 func (impl *OSBuildJobImpl) getContainerClient(destination string, targetOptions *target.ContainerTargetOptions) (*container.Client, error) {
-	destination, appliedDefaults := container.ApplyDefaultDomainPath(destination, impl.ContainersConfig.Domain, impl.ContainersConfig.Account)
+	destination, appliedDefaults := container.ApplyDefaultDomainPath(destination, impl.ContainersConfig.Domain, impl.ContainersConfig.PathPrefix)
 	client, err := container.NewClient(destination)
 	if err != nil {
 		return nil, err
--- a/cmd/osbuild-worker/main.go
+++ b/cmd/osbuild-worker/main.go
@ -379,13 +379,13 @@ func main() {

 	var containersAuthFilePath string
 	var containersDomain = ""
-	var containersAccount = ""
+	var containersPathPrefix = ""
 	var containersCertPath = ""
 	var containersTLSVerify = true
 	if config.Containers != nil {
 		containersAuthFilePath = config.Containers.AuthFilePath
 		containersDomain = config.Containers.Domain
-		containersAccount = config.Containers.Account
+		containersPathPrefix = config.Containers.PathPrefix
 		containersCertPath = config.Containers.CertPath
 		containersTLSVerify = config.Containers.TLSVerify
 	}
@ -446,7 +446,7 @@ func main() {
 			ContainersConfig: ContainersConfiguration{
 				AuthFilePath: containersAuthFilePath,
 				Domain:       containersDomain,
-				Account:      containersAccount,
+				PathPrefix:   containersPathPrefix,
 				CertPath:     containersCertPath,
 				TLSVerify:    &containersTLSVerify,
 			},
--- a/test/cases/api.sh
+++ b/test/cases/api.sh
@ -21,6 +21,7 @@ CLOUD_PROVIDER_GCP="gcp"
 CLOUD_PROVIDER_AZURE="azure"
 CLOUD_PROVIDER_AWS_S3="aws.s3"
 CLOUD_PROVIDER_GENERIC_S3="generic.s3"
+CLOUD_PROVIDER_CONTAINER_IMAGE_REGISTRY="container"

 #
 # Supported Image type names
@ -62,7 +63,10 @@ case ${IMAGE_TYPE} in
    "$IMAGE_TYPE_GCP")
        CLOUD_PROVIDER="${CLOUD_PROVIDER_GCP}"
        ;;
-    "$IMAGE_TYPE_EDGE_COMMIT"|"$IMAGE_TYPE_EDGE_CONTAINER"|"$IMAGE_TYPE_EDGE_INSTALLER"|"$IMAGE_TYPE_IMAGE_INSTALLER"|"$IMAGE_TYPE_GUEST"|"$IMAGE_TYPE_VSPHERE")
+    "$IMAGE_TYPE_EDGE_CONTAINER")
+        CLOUD_PROVIDER="${CLOUD_PROVIDER_CONTAINER_IMAGE_REGISTRY}"
+        ;;
+    "$IMAGE_TYPE_EDGE_COMMIT"|"$IMAGE_TYPE_EDGE_INSTALLER"|"$IMAGE_TYPE_IMAGE_INSTALLER"|"$IMAGE_TYPE_GUEST"|"$IMAGE_TYPE_VSPHERE")
        # blobby image types: upload to s3 and provide download link
        CLOUD_PROVIDER="${2:-$CLOUD_PROVIDER_AWS_S3}"
        if [ "${CLOUD_PROVIDER}" != "${CLOUD_PROVIDER_AWS_S3}" ] && [ "${CLOUD_PROVIDER}" != "${CLOUD_PROVIDER_GENERIC_S3}" ]; then
@ -174,6 +178,9 @@ case $CLOUD_PROVIDER in
  "$CLOUD_PROVIDER_AZURE")
    source /usr/libexec/tests/osbuild-composer/api/azure.sh
    ;;
+  "$CLOUD_PROVIDER_CONTAINER_IMAGE_REGISTRY")
+    source /usr/libexec/tests/osbuild-composer/api/container.registry.sh
+    ;;
  *)
    echo "Unknown cloud provider: ${CLOUD_PROVIDER}"
    exit 1
--- a/test/cases/api/container.registry.sh
+++ b/test/cases/api/container.registry.sh
@ -0,0 +1,106 @@
+#!/usr/bin/bash
+
+source /usr/libexec/tests/osbuild-composer/api/common/common.sh
+
+function checkEnv() {
+    printenv CI_REGISTRY_USER > /dev/null
+    printenv CI_JOB_TOKEN > /dev/null
+    printenv CI_REGISTRY > /dev/null
+    printenv CI_PROJECT_PATH > /dev/null
+}
+
+# Global var for ostree ref
+export OSTREE_REF="test/osbuild/edge"
+
+function cleanup() {
+    CONTAINER_NAME="${OSTREE_CONTAINER_NAME:-}"
+    if [ -n "${CONTAINER_NAME}" ]; then
+        sudo "${CONTAINER_RUNTIME}" kill "${CONTAINER_NAME}"
+    fi
+}
+
+function installClient() {
+    local WORKER_CONFIG_DIR="/etc/osbuild-worker"
+    local AUTH_FILE_PATH="${WORKER_CONFIG_DIR}/containerauth.json"
+
+    sudo mkdir -p "${WORKER_CONFIG_DIR}"
+
+    sudo "${CONTAINER_RUNTIME}" login --authfile "${AUTH_FILE_PATH}" --username "${CI_REGISTRY_USER}" --password "${CI_JOB_TOKEN}" "${CI_REGISTRY_IMAGE}"
+
+    cat <<EOF | sudo tee "${WORKER_CONFIG_DIR}/osbuild-worker.toml"
+[containers]
+auth_file_path="${AUTH_FILE_PATH}"
+domain="${CI_REGISTRY}"
+path_prefix="${CI_PROJECT_PATH}"
+EOF
+
+  sudo systemctl restart "osbuild-worker@1"
+}
+
+function createReqFile() {
+      cat > "$REQUEST_FILE" << EOF
+{
+  "distribution": "$DISTRO",
+  "customizations": {
+    "payload_repositories": [
+      {
+        "baseurl": "$PAYLOAD_REPO_URL"
+      }
+    ],
+    "packages": [
+      "postgresql",
+      "dummy"
+    ],
+    "users":[
+      {
+        "name": "user1",
+        "groups": ["wheel"],
+        "key": "$(cat "${WORKDIR}/usertest.pub")"
+      },
+      {
+        "name": "user2",
+        "key": "$(cat "${WORKDIR}/usertest.pub")"
+      }
+    ]
+  },
+  "image_request": {
+    "architecture": "$ARCH",
+    "image_type": "${IMAGE_TYPE}",
+    "repositories": $(jq ".\"$ARCH\"" /usr/share/tests/osbuild-composer/repositories/"$DISTRO".json),
+    "ostree": {
+      "ref": "${OSTREE_REF}"
+    },
+    "upload_options": {
+      "name": "${DISTRO}-${IMAGE_TYPE}",
+      "tag": "${CI_COMMIT_REF_SLUG}"
+    }
+  }
+}
+EOF
+}
+
+function checkUploadStatusOptions() {
+  local IMAGE_URL
+  IMAGE_URL=$(echo "$UPLOAD_OPTIONS" | jq -r '.url')
+
+  test "${IMAGE_URL}" = "${CI_REGISTRY}/${CI_PROJECT_PATH}/${DISTRO}-${IMAGE_TYPE}:${CI_COMMIT_REF_SLUG}"
+}
+
+function verify() {
+  OSTREE_CONTAINER_NAME=osbuild-test
+  local IMAGE_URL
+  IMAGE_URL=$(echo "$UPLOAD_OPTIONS" | jq -r '.url')
+  sudo "${CONTAINER_RUNTIME}" run -d --name osbuild-test -p 8080:8080 "${IMAGE_URL}"
+
+  GET_METADATA_CURL_REQUEST="curl --silent \
+      --show-error \
+      --cacert /etc/osbuild-composer/ca-crt.pem \
+      --key /etc/osbuild-composer/client-key.pem \
+      --cert /etc/osbuild-composer/client-crt.pem \
+      https://localhost/api/image-builder-composer/v2/composes/${COMPOSE_ID}/metadata"
+
+  BUILD_OSTREE_COMMIT=$(${GET_METADATA_CURL_REQUEST} | jq -r '.ostree_commit')
+  SERVICED_OSTREE_COMMIT=$(curl http://localhost:8080/repo/refs/heads/${OSTREE_REF})
+
+  test "${BUILD_OSTREE_COMMIT}" = "${SERVICED_OSTREE_COMMIT}"
+}
--- a/test/cases/api/generic.s3.sh
+++ b/test/cases/api/generic.s3.sh
@ -96,7 +96,7 @@ EOF
 # implementation
 function createReqFile() {
    case ${IMAGE_TYPE} in
-        "$IMAGE_TYPE_EDGE_COMMIT"|"$IMAGE_TYPE_EDGE_CONTAINER"|"$IMAGE_TYPE_EDGE_INSTALLER"|"$IMAGE_TYPE_IMAGE_INSTALLER")
+        "$IMAGE_TYPE_EDGE_COMMIT"|"$IMAGE_TYPE_EDGE_INSTALLER"|"$IMAGE_TYPE_IMAGE_INSTALLER")
            AWS_REGION='' createReqFileEdge
            ;;
        "$IMAGE_TYPE_VSPHERE")