Where applicable, modify all repo config filenames to use a dot
to separate the release major and minor version. Modify test cases
to not remove dot from the distro version any more.
Existing tests will be extended (or new tests added) to explicitly test
backward compatibility and ensure that using old distro names without a
dot still works.
Signed-off-by: Tomáš Hozza <thozza@redhat.com>
Since we're sharing functions between test scripts, move greenprint(),
the most rewritten function in the history of the project, to
shared_lib.sh and source it everywhere.
- Handle the array responses from the new weldr-client (>= 35.6).
- Move the `get_build_info` function to shared_libs.sh to source and
reuse in multiple places.
some scripts skip the test if it's not supported for that
distro-version. Disable them in gitlab-ci.yml so we don't waste CI
resources.
To disable them, we are using the `rules` on each job with a regex
pattern. Using `=~` (pattern matches) as a WHITELIST and `!~` (pattern
does not match) as a BLACKLIST.
this is no longer needed b/c the nightly CI jobs are now using the same
json definitions as the regular CI jobs, just changing baseurl. See
previous commit.
`tools/provision.sh` is provisioning SUT always in the same way for
both, the Service scenario and the on-premise scenario. While this is
not causing any issues, it does not realistically represent how we
expect osbuild-composer and worker to be used in these scenarios.
The script currently supports the following authentication options:
- `none`
- Intended for the on-premise scenario with Weldr API.
- NO certificates are generated.
- NO osbuild-composer configuration file is created.
- NO osbuild-worker configuration file is created. This means that no
cloud provider credentials are configured directly in the worker.
- Only the local worker is started and used.
- Only the Weldr API socker is started.
- Appropriate repository definitions are copied to
`/etc/osbuild-composer/repositories/`.
- `jwt`
- Intended for the Service scenario with Cloud API.
- Should be the only method supported in the Service scenario in the
future.
- Certificates are generated and copied to `/etc/osbuild-composer`.
- osbuild-composer configuration file is created and configured for
JWT authentication.
- osbuild-worker configuration file is created, configured for JWT
authentication and with appropriate cloud provider credentials.
- Local worker unit is masked. Only the remote worker is used (the
socket is started and one remote-worker instance is created).
- Only the Cloud API socket is started (Weldr API socket is stopped).
- NO repository definitions are copied to
`/etc/osbuild-composer/repositories/`.
- `tls`
- Intended for the Service scenario with Cloud API.
- Should eventually go away.
- Certificates are generated and copied to `/etc/osbuild-composer`.
- osbuild-composer configuration file is created and configured for
TLS client cert authentication.
- osbuild-worker configuration file is created, configured for TLS
authentication and with appropriate cloud provider credentials.
- Services and sockets are started as they used to be originally:
- Both local and remote worker sockets are started.
- Both Weldr and Cloud API sockets are started.
- Only the local worker unit will be started automatically.
- NO repository definitions are copied to
`/etc/osbuild-composer/repositories/`.
When a test script fails in CI, it's often difficult to pinpoint the
exact line in the log where the script failed and the cleanup() function
(trapped on EXIT) begins.
Adding a prominent line (with greenprint where available) at the start
of the cleanup function will make reading logs of failed jobs a lot
easier.
Regression test suite has grown considerably and is taking too long to
run with a single wrapper. Splitting them into individual standalone
tests instead and making them run in parallel.
Most test scripts don't have any documentation regarding it's purpose,
although it can be guessed by the code. There's value in adding this
small comment.
[skip-ci]
Our workers are not named osbuild-worker but usually something like
osbuild-worker@1. Let's steal the code that determines the unit name
from other tests.
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
The CDN repositories require client side SSL certificates, it would have
to be specified in httpd configuration which is technically possible but
in practise it is more troubles than benefits.
It is similar case for the RH internal repositories, there is a new
issue every time we enable the test with them.
Stop wasting dev&qe time and disable the test for anything but rpmrepo
snapshots. It is better to have it running at least for few distros than
to have it disabled globally.
Also display logs for the HTTP proxy to see if there were any errors.
The commonly used 'greenprint' function now adds a date + timestamp to
each message for debugging and tracking the duration of segments of each
scripts.
the prepare-rhel-internal.sh script should be executed on a single
runner and it will loop through all architectures to prepare the
necessary definitions inside .json and .repo files. The resulting
osbuild-composer-tests repository is not multi-arch, containing all
versions of osbuild-composer-tests.rpm downloaded from Brew.
This is needed because jobs from subsequent stages will download
artifacts (.json & .repo files) from the prepare job but there's no
mechanism to control this easily. As a result artifacts are downloaded
from all of the prepare jobs and they overwrite themselves resulting in
test systems being configured with repo files for different CPU
architecture which leads to dnf errors.
The test case used to work only on Fedora 33. This patch introduces
support for all future Fedoras and RHEL 8.
It uses a fair bit of magic because it needs to dynamically discover if
a RHEL runner uses the rhel-8.json or the rhel-8-beta.json repository
override. Furthemore it needs to discover a redirection URL, if any, of
the repository override to correctly configure HTTP proxy.
Introduce a test case where 2 httpd proxies are used to simulate custom
repos with custom subscriptions. That is, every repo requires
client-side tls certificate with its own CA. Make sure both osbuild and
osbuild-composer can use these repositories by issuing an image build.
