From e6c3d78ec4cd67796e1d8dd619c4be64433ba5d7 Mon Sep 17 00:00:00 2001 From: Tomas Hozza Date: Mon, 21 Jun 2021 13:40:13 +0200 Subject: [PATCH] image tests: ignore 'selinux/context-mismatch' in image-info report on RHEL-8 Add a new CLI option to `osbuild-image-tests` called `-skip-selinux-ctx-check` to workaround the limitation of `setfiles` on RHEL-8 [1]. If the option is passed to the binary, then the 'selinux/context-mismatch' part is removed from the "expected" and "actual" image-info report, before these two reports are compared. Modify `image_tests.sh` to run `osbuild-image-tests` with `-skip-selinux-ctx-check` when run on RHEL-8. [1] https://bugzilla.redhat.com/show_bug.cgi?id=1973754 Signed-off-by: Tomas Hozza --- cmd/osbuild-image-tests/main_test.go | 18 ++++++++++++++++++ test/cases/image_tests.sh | 6 ++++++ 2 files changed, 24 insertions(+) diff --git a/cmd/osbuild-image-tests/main_test.go b/cmd/osbuild-image-tests/main_test.go index 4b9351dc1..f6cbccc92 100644 --- a/cmd/osbuild-image-tests/main_test.go +++ b/cmd/osbuild-image-tests/main_test.go @@ -49,6 +49,7 @@ type testcaseStruct struct { var disableLocalBoot = flag.Bool("disable-local-boot", false, "when this flag is given, no images are booted locally using qemu (this does not affect testing in clouds)") var failLocalBoot = flag.Bool("fail-local-boot", true, "when this flag is on (default), local boot will fail. Usually indicates missing cloud credentials") +var skipSELinuxCtxCheck = flag.Bool("skip-selinux-ctx-check", false, "when this flag is on, the 'selinux/context-mismatch' part is removed from the image-info report before it is checked.") // runOsbuild runs osbuild with the specified manifest and output-directory. func runOsbuild(manifest []byte, store, outputDirectory string, exports []string) error { @@ -81,6 +82,17 @@ func runOsbuild(manifest []byte, store, outputDirectory string, exports []string return nil } +// Delete the 'selinux/context-mismatch' part of the image-info report to +// workaround https://bugzilla.redhat.com/show_bug.cgi?id=1973754 +func deleteSELinuxCtxFromImageInfoReport(imageInfoReport interface{}) { + imageInfoMap := imageInfoReport.(map[string]interface{}) + selinuxReport, exists := imageInfoMap["selinux"] + if exists { + selinuxReportMap := selinuxReport.(map[string]interface{}) + delete(selinuxReportMap, "context-mismatch") + } +} + // testImageInfo runs image-info on image specified by imageImage and // compares the result with expected image info func testImageInfo(t *testing.T, imagePath string, rawImageInfoExpected []byte) { @@ -103,6 +115,12 @@ func testImageInfo(t *testing.T, imagePath string, rawImageInfoExpected []byte) err = cmd.Wait() require.NoErrorf(t, err, "running image-info failed: %v", err) + if *skipSELinuxCtxCheck { + fmt.Println("ignoring 'selinux/context-mismatch' part of the image-info report") + deleteSELinuxCtxFromImageInfoReport(imageInfoExpected) + deleteSELinuxCtxFromImageInfoReport(imageInfoGot) + } + assert.Equal(t, imageInfoExpected, imageInfoGot) } diff --git a/test/cases/image_tests.sh b/test/cases/image_tests.sh index b02388104..915b11dcc 100755 --- a/test/cases/image_tests.sh +++ b/test/cases/image_tests.sh @@ -16,6 +16,12 @@ if [[ "${ARCH}" == "aarch64" ]]; then IMAGE_TEST_CASE_RUNNER="${IMAGE_TEST_CASE_RUNNER} --disable-local-boot" fi +# Skip 'selinux/contect-mismatch' part of the image-info report on RHEL-8. +# https://bugzilla.redhat.com/show_bug.cgi?id=1973754 +if [[ "${DISTRO_CODE}" =~ "rhel_8" ]]; then + IMAGE_TEST_CASE_RUNNER="${IMAGE_TEST_CASE_RUNNER} -skip-selinux-ctx-check" +fi + PASSED_TESTS=() FAILED_TESTS=()