particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test: Clean up and improve ostree-simplified-installer.sh

Browse source 
Remove comment out code
Use three different IP address for different test scenarios
Move /boot/device-credentials file checking into playbook
Some shell script improvements
This commit is contained in:
Xiaofeng Wang 2022-03-28 13:56:19 +08:00 committed by Jakub Rusz
parent 55a3556e9f
commit 21b6e95136
2 changed files with 93 additions and 104 deletions
Download patch file Download diff file Expand all files Collapse all files

173
test/cases/ostree-simplified-installer.sh
View file

@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
set -euox pipefail set -euo pipefail
# Provision the software under test. # Provision the software under test.
/usr/libexec/osbuild-composer-test/provision.sh /usr/libexec/osbuild-composer-test/provision.sh
@ -47,7 +47,8 @@ sudo tee /tmp/integration.xml > /dev/null << EOF
<dhcp> <dhcp>
<range start='192.168.100.2' end='192.168.100.254'/> <range start='192.168.100.2' end='192.168.100.254'/>
<host mac='34:49:22:B0:83:30' name='vm-httpboot' ip='192.168.100.50'/> <host mac='34:49:22:B0:83:30' name='vm-httpboot' ip='192.168.100.50'/>
<host mac='34:49:22:B0:83:31' name='vm-uefi' ip='192.168.100.51'/> <host mac='34:49:22:B0:83:31' name='vm-uefi-01' ip='192.168.100.51'/>
<host mac='34:49:22:B0:83:32' name='vm-uefi-02' ip='192.168.100.52'/>
</dhcp> </dhcp>
</ip> </ip>
<dnsmasq:options> <dnsmasq:options>
@ -80,11 +81,19 @@ EOF
TEST_UUID=$(uuidgen) TEST_UUID=$(uuidgen)
IMAGE_KEY="edge-${TEST_UUID}" IMAGE_KEY="edge-${TEST_UUID}"
HTTP_GUEST_ADDRESS=192.168.100.50 HTTP_GUEST_ADDRESS=192.168.100.50
UEFI_GUEST_ADDRESS=192.168.100.51 PUB_KEY_GUEST_ADDRESS=192.168.100.51
ROOT_CERT_GUEST_ADDRESS=192.168.100.52
PROD_REPO_URL=http://192.168.100.1/repo PROD_REPO_URL=http://192.168.100.1/repo
PROD_REPO=/var/www/html/repo PROD_REPO=/var/www/html/repo
STAGE_REPO_ADDRESS=192.168.200.1 STAGE_REPO_ADDRESS=192.168.200.1
STAGE_REPO_URL="http://${STAGE_REPO_ADDRESS}:8080/repo/" STAGE_REPO_URL="http://${STAGE_REPO_ADDRESS}:8080/repo/"
# FDO server repo commit to checkout
FDO_SERVER_REPO_COMMIT=c2bab2c3cda954087fe66b683d31bffeac0c7189
FDO_SERVER_ADDRESS=192.168.200.2
# FDO admin CLI image version
FDO_ADMIN_CLI_VERSION=0.4.0
# FDO Manualfacture server image version
FDO_MF_SERVER_VERSION=0.4.0
ARTIFACTS="ci-artifacts" ARTIFACTS="ci-artifacts"
CONTAINER_TYPE=edge-container CONTAINER_TYPE=edge-container
CONTAINER_FILENAME=container.tar CONTAINER_FILENAME=container.tar
@ -115,7 +124,7 @@ case "${ID}-${VERSION_ID}" in
;; ;;
"centos-8") "centos-8")
OSTREE_REF="centos/8/${ARCH}/edge" OSTREE_REF="centos/8/${ARCH}/edge"
OS_VARIANT="rhel8-unknown" OS_VARIANT="centos8"
;; ;;
"centos-9") "centos-9")
OSTREE_REF="centos/9/${ARCH}/edge" OSTREE_REF="centos/9/${ARCH}/edge"
@ -226,7 +235,7 @@ clean_up () {
fi fi
sudo virsh undefine "${IMAGE_KEY}-fdorootcert" --nvram sudo virsh undefine "${IMAGE_KEY}-fdorootcert" --nvram
# Remove qcow2 file. # Remove qcow2 file.
sudo rm -f "$LIBVIRT_IMAGE_PATH" sudo virsh vol-delete --pool images "$LIBVIRT_IMAGE_PATH"
# Remove any status containers if exist # Remove any status containers if exist
sudo podman ps -a -q --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rm -f sudo podman ps -a -q --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rm -f
@ -275,6 +284,13 @@ sudo mkdir -p "$PROD_REPO"
sudo ostree --repo="$PROD_REPO" init --mode=archive sudo ostree --repo="$PROD_REPO" init --mode=archive
sudo ostree --repo="$PROD_REPO" remote add --no-gpg-verify edge-stage "$STAGE_REPO_URL" sudo ostree --repo="$PROD_REPO" remote add --no-gpg-verify edge-stage "$STAGE_REPO_URL"
# Clear container running env
greenprint "🧹 Clearing container running env"
# Remove any status containers if exist
sudo podman ps -a -q --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rm -f
# Remove all images
sudo podman rmi -f -a
# Prepare stage repo network # Prepare stage repo network
greenprint "🔧 Prepare stage repo network" greenprint "🔧 Prepare stage repo network"
sudo podman network inspect edge >/dev/null 2>&1 || sudo podman network create --driver=bridge --subnet=192.168.200.0/24 --gateway=192.168.200.254 edge sudo podman network inspect edge >/dev/null 2>&1 || sudo podman network create --driver=bridge --subnet=192.168.200.0/24 --gateway=192.168.200.254 edge
@ -286,31 +302,31 @@ sudo podman network inspect edge >/dev/null 2>&1 || sudo podman network create -
########################################################### ###########################################################
greenprint "🔧 Prepare fdo manufacturing server" greenprint "🔧 Prepare fdo manufacturing server"
sudo git clone https://github.com/runcom/fdo-containers sudo git clone https://github.com/runcom/fdo-containers
cd fdo-containers/ || exit pushd fdo-containers
sudo git checkout c2bab2c3cda954087fe66b683d31bffeac0c7189 sudo git checkout "$FDO_SERVER_REPO_COMMIT"
sudo CONTAINER_IMAGE=quay.io/fido-fdo/fdo-admin-cli:0.4.0 ./create-keys.sh sudo CONTAINER_IMAGE="quay.io/fido-fdo/fdo-admin-cli:$FDO_ADMIN_CLI_VERSION" ./create-keys.sh
DIUN_PUB_KEY_HASH=$(cat keys/diun_pub_key_hash) DIUN_PUB_KEY_HASH=$(cat keys/diun_pub_key_hash)
DIUN_PUB_KEY_ROOT_CERTS=$(cat keys/diun_cert.pem) DIUN_PUB_KEY_ROOT_CERTS=$(cat keys/diun_cert.pem)
sudo podman run -d \ sudo podman run -d \
-v "$PWD"/ownership_vouchers:/etc/fdo/ownership_vouchers:z \ -v "$PWD"/ownership_vouchers:/etc/fdo/ownership_vouchers:z \
-v "$PWD"/config/manufacturing-server.yml:/etc/fdo/manufacturing-server.conf.d/00-default.yml:z \ -v "$PWD"/config/manufacturing-server.yml:/etc/fdo/manufacturing-server.conf.d/00-default.yml:z \
-v "$PWD"/keys:/etc/fdo/keys:z \ -v "$PWD"/keys:/etc/fdo/keys:z \
--ip 192.168.200.2 \ --ip "$FDO_SERVER_ADDRESS" \
--name fdo-manufacturing-server \ --name fdo-manufacturing-server \
--network edge \ --network edge \
quay.io/fido-fdo/fdo-manufacturing-server:0.4.0 "quay.io/fido-fdo/fdo-manufacturing-server:$FDO_MF_SERVER_VERSION"
cd .. || exit popd
# Wait for fdo server to be running # Wait for fdo server to be running
until [ "$(curl -X POST http://192.168.200.2:8080/ping)" == "pong" ]; do until [ "$(curl -X POST http://${FDO_SERVER_ADDRESS}:8080/ping)" == "pong" ]; do
sleep 1; sleep 1;
done; done;
########################################################## ###############################
## ##
## Build edge-container image and start it in podman ## Build edge-container image
## ##
########################################################## ###############################
# Write a blueprint for ostree image. # Write a blueprint for ostree image.
tee "$BLUEPRINT_FILE" > /dev/null << EOF tee "$BLUEPRINT_FILE" > /dev/null << EOF
@ -378,43 +394,11 @@ greenprint "🧽 Clean up container blueprint and compose"
sudo composer-cli compose delete "${COMPOSE_ID}" > /dev/null sudo composer-cli compose delete "${COMPOSE_ID}" > /dev/null
sudo composer-cli blueprints delete container > /dev/null sudo composer-cli blueprints delete container > /dev/null
### Will move this negative test cases into downstream. ########################################################################
# Verify that composer can report proper error message if no installation device is specified in blueprint
# https://github.com/osbuild/osbuild-composer/pull/1755
# greenprint "Negative test: checking error message when no installation device specified"
# greenprint "📋 Preparing installer blueprint with no installation device"
# tee "$BLUEPRINT_FILE" > /dev/null << EOF
# name = "simplenodevice"
# description = "A rhel-edge simplified-installer image without installation device specified"
# version = "0.0.1"
# modules = []
# groups = []
# EOF
# sudo composer-cli blueprints push "$BLUEPRINT_FILE"
# sudo composer-cli blueprints depsolve simplenodevice
# result=$(sudo composer-cli compose start-ostree simplenodevice "$INSTALLER_TYPE" --ref "$OSTREE_REF" --url "$PROD_REPO_URL" 2>&1)
# expected='boot ISO image type "edge-simplified-installer" requires specifying an installation device to install to'
# echo "Command output is: $result"
# greenprint "🎏 Checking if command result contains expected error message."
# if [[ "$result" == *"$expected"* ]]; then
# greenprint "Success: osbuild-composer can report proper error messages when no installation device specified for simplified installer image"
# else
# greenprint "Failed: expected error message not found."
# clean_up
# exit 1
# fi
############################################################################
## ##
## Http boot: provision edge-simplified-installer with diun_pub_key_insecure ## Build edge-simplified-installer with diun_pub_key_insecure enabled
## ##
############################################################################ ########################################################################
# Write a blueprint for installer image. # Write a blueprint for installer image.
tee "$BLUEPRINT_FILE" > /dev/null << EOF tee "$BLUEPRINT_FILE" > /dev/null << EOF
name = "installer" name = "installer"
@ -427,7 +411,7 @@ groups = []
installation_device = "/dev/vda" installation_device = "/dev/vda"
[customizations.fdo] [customizations.fdo]
manufacturing_server_url="http://192.168.200.2:8080" manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080"
diun_pub_key_insecure="true" diun_pub_key_insecure="true"
EOF EOF
@ -440,8 +424,7 @@ sudo composer-cli blueprints push "$BLUEPRINT_FILE"
sudo composer-cli blueprints depsolve installer sudo composer-cli blueprints depsolve installer
# Build installer image. # Build installer image.
# Test --url arg following by URL with tailling slash for bz#1942029 build_image installer "${INSTALLER_TYPE}" "${PROD_REPO_URL}"
build_image installer "${INSTALLER_TYPE}" "${PROD_REPO_URL}/"
# Download the image # Download the image
greenprint "📥 Downloading the installer image" greenprint "📥 Downloading the installer image"
@ -478,11 +461,6 @@ sudo qemu-img create -f qcow2 "${LIBVIRT_IMAGE_PATH}" 20G
greenprint "checking running containers" greenprint "checking running containers"
sudo podman ps -a sudo podman ps -a
greenprint "Check manufacturing server up and running"
until [ "$(curl -X POST http://192.168.200.2:8080/ping)" == "pong" ]; do
sleep 1;
done;
greenprint "📋 Install edge vm via http boot" greenprint "📋 Install edge vm via http boot"
sudo virt-install --name="${IMAGE_KEY}-http"\ sudo virt-install --name="${IMAGE_KEY}-http"\
--disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \ --disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \
@ -519,17 +497,6 @@ for LOOP_COUNTER in $(seq 0 30); do
sleep 10 sleep 10
done done
# FDO test case: check if /boot/device-credentials exist.
greenprint "FDO test: Checking if /boot/device-credentials exist."
if_boot_credentials_exist=$(sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" admin@${HTTP_GUEST_ADDRESS} "echo ${EDGE_USER_PASSWORD} |test -f /boot/device-credentials && echo true")
if [ "${if_boot_credentials_exist}" ];then
greenprint "💚 Success"
else
greenprint "❌ Failed"
clean_up
exit 1
fi
# Check image installation result # Check image installation result
check_result check_result
@ -552,7 +519,7 @@ ansible_become_pass=${EDGE_USER_PASSWORD}
EOF EOF
# Test IoT/Edge OS # Test IoT/Edge OS
sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" -e fdo_credential="true" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
check_result check_result
# Clean up BIOS VM # Clean up BIOS VM
@ -561,13 +528,13 @@ if [[ $(sudo virsh domstate "${IMAGE_KEY}-http") == "running" ]]; then
sudo virsh destroy "${IMAGE_KEY}-http" sudo virsh destroy "${IMAGE_KEY}-http"
fi fi
sudo virsh undefine "${IMAGE_KEY}-http" --nvram sudo virsh undefine "${IMAGE_KEY}-http" --nvram
sudo rm -f "$LIBVIRT_IMAGE_PATH" sudo virsh vol-delete --pool images "$LIBVIRT_IMAGE_PATH"
########################################################################### ####################################################################
## ##
## UEFI: Provision edge-simplified-installer with diun_pub_key_hash ## Build edge-simplified-installer with diun_pub_key_hash enabled
## ##
########################################################################### ####################################################################
tee "$BLUEPRINT_FILE" > /dev/null << EOF tee "$BLUEPRINT_FILE" > /dev/null << EOF
name = "fdosshkey" name = "fdosshkey"
@ -580,7 +547,7 @@ groups = []
installation_device = "/dev/vda" installation_device = "/dev/vda"
[customizations.fdo] [customizations.fdo]
manufacturing_server_url="http://192.168.200.2:8080" manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080"
diun_pub_key_hash="${DIUN_PUB_KEY_HASH}" diun_pub_key_hash="${DIUN_PUB_KEY_HASH}"
EOF EOF
@ -593,8 +560,7 @@ sudo composer-cli blueprints push "$BLUEPRINT_FILE"
sudo composer-cli blueprints depsolve fdosshkey sudo composer-cli blueprints depsolve fdosshkey
# Build fdosshkey image. # Build fdosshkey image.
# Test --url arg following by URL with tailling slash for bz#1942029 build_image fdosshkey "${INSTALLER_TYPE}" "${PROD_REPO_URL}"
build_image fdosshkey "${INSTALLER_TYPE}" "${PROD_REPO_URL}/"
# Download the image # Download the image
greenprint "📥 Downloading the fdosshkey image" greenprint "📥 Downloading the fdosshkey image"
@ -643,7 +609,7 @@ sudo virsh start "${IMAGE_KEY}-fdosshkey"
# Check for ssh ready to go. # Check for ssh ready to go.
greenprint "🛃 Checking for SSH is ready to go" greenprint "🛃 Checking for SSH is ready to go"
for LOOP_COUNTER in $(seq 0 30); do for LOOP_COUNTER in $(seq 0 30); do
RESULTS="$(wait_for_ssh_up $UEFI_GUEST_ADDRESS)" RESULTS="$(wait_for_ssh_up $PUB_KEY_GUEST_ADDRESS)"
if [[ $RESULTS == 1 ]]; then if [[ $RESULTS == 1 ]]; then
echo "SSH is ready now! 🥳" echo "SSH is ready now! 🥳"
break break
@ -660,7 +626,7 @@ INSTALL_HASH=$(curl "${PROD_REPO_URL}/refs/heads/${OSTREE_REF}")
# Add instance IP address into /etc/ansible/hosts # Add instance IP address into /etc/ansible/hosts
sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF
[ostree_guest] [ostree_guest]
${UEFI_GUEST_ADDRESS} ${PUB_KEY_GUEST_ADDRESS}
[ostree_guest:vars] [ostree_guest:vars]
ansible_python_interpreter=/usr/bin/python3 ansible_python_interpreter=/usr/bin/python3
@ -673,7 +639,7 @@ ansible_become_pass=${EDGE_USER_PASSWORD}
EOF EOF
# Test IoT/Edge OS # Test IoT/Edge OS
sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" -e fdo_credential="true" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
check_result check_result
# Clean up BIOS VM # Clean up BIOS VM
@ -682,13 +648,13 @@ if [[ $(sudo virsh domstate "${IMAGE_KEY}-fdosshkey") == "running" ]]; then
sudo virsh destroy "${IMAGE_KEY}-fdosshkey" sudo virsh destroy "${IMAGE_KEY}-fdosshkey"
fi fi
sudo virsh undefine "${IMAGE_KEY}-fdosshkey" --nvram sudo virsh undefine "${IMAGE_KEY}-fdosshkey" --nvram
sudo rm -f "$LIBVIRT_IMAGE_PATH" sudo virsh vol-delete --pool images "$LIBVIRT_IMAGE_PATH"
########################################################################### ##################################################################
## ##
## UEFI: Provision edge-simplified-installer with diun_pub_key_root_certs ## Build edge-simplified-installer with diun_pub_key_root_certs
## ##
########################################################################### ##################################################################
tee "$BLUEPRINT_FILE" > /dev/null << EOF tee "$BLUEPRINT_FILE" > /dev/null << EOF
name = "fdorootcert" name = "fdorootcert"
@ -701,7 +667,7 @@ groups = []
installation_device = "/dev/vda" installation_device = "/dev/vda"
[customizations.fdo] [customizations.fdo]
manufacturing_server_url="http://192.168.200.2:8080" manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080"
diun_pub_key_root_certs=""" diun_pub_key_root_certs="""
${DIUN_PUB_KEY_ROOT_CERTS}""" ${DIUN_PUB_KEY_ROOT_CERTS}"""
EOF EOF
@ -715,7 +681,6 @@ sudo composer-cli blueprints push "$BLUEPRINT_FILE"
sudo composer-cli blueprints depsolve fdorootcert sudo composer-cli blueprints depsolve fdorootcert
# Build fdorootcert image. # Build fdorootcert image.
# Test --url arg following by URL with tailling slash for bz#1942029
build_image fdorootcert "${INSTALLER_TYPE}" "${PROD_REPO_URL}/" build_image fdorootcert "${INSTALLER_TYPE}" "${PROD_REPO_URL}/"
# Download the image # Download the image
@ -742,7 +707,7 @@ sudo virt-install --name="${IMAGE_KEY}-fdorootcert"\
--disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \ --disk path="${LIBVIRT_IMAGE_PATH}",format=qcow2 \
--ram 3072 \ --ram 3072 \
--vcpus 2 \ --vcpus 2 \
--network network=integration,mac=34:49:22:B0:83:31 \ --network network=integration,mac=34:49:22:B0:83:32 \
--os-type linux \ --os-type linux \
--os-variant ${OS_VARIANT} \ --os-variant ${OS_VARIANT} \
--cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \ --cdrom "/var/lib/libvirt/images/${ISO_FILENAME}" \
@ -765,7 +730,7 @@ sudo virsh start "${IMAGE_KEY}-fdorootcert"
# Check for ssh ready to go. # Check for ssh ready to go.
greenprint "🛃 Checking for SSH is ready to go" greenprint "🛃 Checking for SSH is ready to go"
for LOOP_COUNTER in $(seq 0 30); do for LOOP_COUNTER in $(seq 0 30); do
RESULTS="$(wait_for_ssh_up $UEFI_GUEST_ADDRESS)" RESULTS="$(wait_for_ssh_up $ROOT_CERT_GUEST_ADDRESS)"
if [[ $RESULTS == 1 ]]; then if [[ $RESULTS == 1 ]]; then
echo "SSH is ready now! 🥳" echo "SSH is ready now! 🥳"
break break
@ -782,7 +747,7 @@ INSTALL_HASH=$(curl "${PROD_REPO_URL}/refs/heads/${OSTREE_REF}")
# Add instance IP address into /etc/ansible/hosts # Add instance IP address into /etc/ansible/hosts
sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF
[ostree_guest] [ostree_guest]
${UEFI_GUEST_ADDRESS} ${ROOT_CERT_GUEST_ADDRESS}
[ostree_guest:vars] [ostree_guest:vars]
ansible_python_interpreter=/usr/bin/python3 ansible_python_interpreter=/usr/bin/python3
@ -795,14 +760,14 @@ ansible_become_pass=${EDGE_USER_PASSWORD}
EOF EOF
# Test IoT/Edge OS # Test IoT/Edge OS
sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${INSTALL_HASH}" -e fdo_credential="true" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
check_result check_result
################################################################## ########################
## ##
## Upgrade and test edge vm with edge-simplified-installer (UEFI) ## Build upgrade image
## ##
################################################################## ########################
# Write a blueprint for ostree image. # Write a blueprint for ostree image.
# NB: no ssh key in this blueprint for the admin user # NB: no ssh key in this blueprint for the admin user
@ -847,12 +812,12 @@ build_image upgrade "${CONTAINER_TYPE}" "$PROD_REPO_URL"
greenprint "📥 Downloading the upgrade image" greenprint "📥 Downloading the upgrade image"
sudo composer-cli compose image "${COMPOSE_ID}" > /dev/null sudo composer-cli compose image "${COMPOSE_ID}" > /dev/null
# Clear stage repo running env # Delete installation rhel-edge container and its image
greenprint "🧹 Clearing stage repo running env" greenprint "🧹 Delete installation rhel-edge container and its image"
# Remove any status containers if exist # Remove rhel-edge container if exists
sudo podman ps -a -q --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rm -f sudo podman ps -q --filter name=rhel-edge --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rm -f
# Remove all images # Remove container image if exists
sudo podman rmi -f -a sudo podman images --filter "dangling=true" --format "{{.ID}}" | sudo xargs --no-run-if-empty podman rmi -f
# Deal with stage repo container # Deal with stage repo container
greenprint "🗜 Extracting image" greenprint "🗜 Extracting image"
@ -888,8 +853,8 @@ sudo composer-cli compose delete "${COMPOSE_ID}" > /dev/null
sudo composer-cli blueprints delete upgrade > /dev/null sudo composer-cli blueprints delete upgrade > /dev/null
greenprint "🗳 Upgrade ostree image/commit" greenprint "🗳 Upgrade ostree image/commit"
sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" admin@${UEFI_GUEST_ADDRESS} "echo ${EDGE_USER_PASSWORD} |sudo -S rpm-ostree upgrade" sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" admin@${ROOT_CERT_GUEST_ADDRESS} "echo ${EDGE_USER_PASSWORD} |sudo -S rpm-ostree upgrade"
sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" admin@${UEFI_GUEST_ADDRESS} "echo ${EDGE_USER_PASSWORD} |nohup sudo -S systemctl reboot &>/dev/null & exit" sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" admin@${ROOT_CERT_GUEST_ADDRESS} "echo ${EDGE_USER_PASSWORD} |nohup sudo -S systemctl reboot &>/dev/null & exit"
# Sleep 10 seconds here to make sure vm restarted already # Sleep 10 seconds here to make sure vm restarted already
sleep 10 sleep 10
@ -898,7 +863,7 @@ sleep 10
greenprint "🛃 Checking for SSH is ready to go" greenprint "🛃 Checking for SSH is ready to go"
# shellcheck disable=SC2034 # Unused variables left for readability # shellcheck disable=SC2034 # Unused variables left for readability
for LOOP_COUNTER in $(seq 0 30); do for LOOP_COUNTER in $(seq 0 30); do
RESULTS="$(wait_for_ssh_up $UEFI_GUEST_ADDRESS)" RESULTS="$(wait_for_ssh_up $ROOT_CERT_GUEST_ADDRESS)"
if [[ $RESULTS == 1 ]]; then if [[ $RESULTS == 1 ]]; then
echo "SSH is ready now! 🥳" echo "SSH is ready now! 🥳"
break break
@ -912,7 +877,7 @@ check_result
# Add instance IP address into /etc/ansible/hosts # Add instance IP address into /etc/ansible/hosts
sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF sudo tee "${TEMPDIR}"/inventory > /dev/null << EOF
[ostree_guest] [ostree_guest]
${UEFI_GUEST_ADDRESS} ${ROOT_CERT_GUEST_ADDRESS}
[ostree_guest:vars] [ostree_guest:vars]
ansible_python_interpreter=/usr/bin/python3 ansible_python_interpreter=/usr/bin/python3
@ -925,7 +890,7 @@ ansible_become_pass=${EDGE_USER_PASSWORD}
EOF EOF
# Test IoT/Edge OS # Test IoT/Edge OS
sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${UPGRADE_HASH}" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory -e image_type=redhat -e ostree_commit="${UPGRADE_HASH}" -e fdo_credential="true" /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
check_result check_result
# Final success clean up # Final success clean up

24
test/data/ansible/check_ostree.yaml
View file

@ -4,6 +4,7 @@
vars: vars:
workspace: "{{ lookup('env', 'WORKSPACE') }}" workspace: "{{ lookup('env', 'WORKSPACE') }}"
skip_rollback_test: "false" skip_rollback_test: "false"
fdo_credential: "false"
total_counter: "0" total_counter: "0"
failed_counter: "0" failed_counter: "0"
@ -44,6 +45,29 @@
- set_fact: - set_fact:
checking_stage: "{{ result_stage.stdout }}" checking_stage: "{{ result_stage.stdout }}"
# case: check /boot/device-credentials exists
# simplified installer installed Edge system ONLY
- name: check /boot/device-credentials exists
stat:
path: /boot/device-credentials
register: stat_result
- name: check commit deployed and built
block:
- assert:
that:
- stat_result.stat.exists
fail_msg: "/boot/device-credentials does not exist"
success_msg: "/boot/device-credentials exists"
always:
- set_fact:
total_counter: "{{ total_counter | int + 1 }}"
rescue:
- name: failed count + 1
set_fact:
failed_counter: "{{ failed_counter | int + 1 }}"
when: fdo_credential == "true"
# case: check ostree commit correctly updated # case: check ostree commit correctly updated
- name: get deployed ostree commit - name: get deployed ostree commit
shell: rpm-ostree status --json | jq -r '.deployments[0].checksum' shell: rpm-ostree status --json | jq -r '.deployments[0].checksum'