Base these on https://osbuild.org/rpmrepo.
Install those repository files when deploying in schutzbot and include
them in tools/deploy/test for local testing.
Also remove copying overrides from deploy.sh, because it copied the
wrong files. We probably want to add this back properly in the future.
Instead, call it osbuild-composer-api.socket, but provide a symlink for
backwards compatibility. Change `schutzbot/provision.sh` to only enable
osbuild-composer-api.socket.
In the future, this new socket is the only API socket, which provides
both the "cloud" API and the one for koji.
This means that the koji API is always enabled.
s3cmd from pip doesn't work with Python 3.9. Fortunately, s3cmd in Fedora has
a downstream patch to fix it.
See rhbz#1884607 and https://github.com/s3tools/s3cmd/pull/1137
In case the job fails completely, resources might leak. This patch
together with the one introducing predictable names for CI artifacts
will make sure we wipe all resources after each CI run.
The -test subpackage should depend on all that it needs, and we should
never need to install anything explicitly from the test scripts.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Deployment is specific to CI, but the provision script is needed to be
run to execute tests locally too.
This should be called from each test, rather than from deploy. For now
this change is a noop.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Our snapshots are currently broken, so until they are fixed revert back
to using an internal RHEL nightly. We choose a slightly older one,
in the hope that it is not going to be deleted anytime soon.
Signed-off-by: Tom Gundersen <teg@jklm.no>
No tests should be run directly from git, but should rather be installed
onto the test system using rpm and run from there. This moves towards
unifying our two types of test cases.
The new structure of is now:
`test/cmd`: the executors, one for each test-case. This is installed
into `/usr/libexec/test/osbuild-composer`.
`test/data`: data and config used by the tests. This is installed into
`/usr/share/tests/osbuild-composer`.
`schutzbot`: configuration of the actual test run. In particular, this
is where the distros and repositories to test against are
configured.
This is very much still work-in-progress, and is only the first step
towards simplifying schutzbot. Apart from moving files around, this
should be a noop.
Signed-off-by: Tom Gundersen <teg@jklm.no>
We already have something called image-tests, so this naming was
confusing. This is a collection of generic integration tests, so name
them accordingly.
Signed-off-by: Tom Gundersen <teg@jklm.no>
These had the generic name osbulid-tests, rename the binary to more
closely describe what is under test: weldr API as composed by
composer-cli.
Signed-off-by: Tom Gundersen <teg@jklm.no>
This commit introduces a new test binary responsible for testing TLS
authentication.
Currently, it covers both remote worker API and Koji API. It tests that
the server refuses certificates issued by an untrusted CA or self-signed ones.
Also, it tests that the certificate is issued for an allowed domain.
TODO: certs with subject alternative name are currently not used in tests.
They should work just right, but a proper testing requires more tinkering with
OpenSSL than I'm willing to accept at this time
The following commits will add testing of authentication on this socket.
This commit also sets up the config for composer other it won't start
with remote socket enabled.
Running mock with verbose enabled made sense a while back when we were
still unsure if things would work, but it's generating a ton of logs now
that eventually clogs Jenkins' disk.
Disable the verbose flag to reduce mock's log output.
Signed-off-by: Major Hayden <major@redhat.com>
CHANGE_ID is set for PRs, which is why it worked during the review
process, but in the master branch it is not set. BRANCH_NAME is set for
both PRs and master branch. In case of PRs it is in form `PR-<pull
request number>`.
This sets up containers running koji and supporting infrastructure, and
calls the osbuild-composer-koji API to build and image and push it into
our testing instance.
koji-compose.py and various fixes by Christian Kellner.
Signed-off-by: Tom Gundersen <teg@jklm.no>
When using random names for artifacts like AWS snapshots, or Azure
images, it becomes hard to clean them up in case of CI failure. See this
issue for more details:
https://github.com/osbuild/osbuild-composer/issues/942
This PR introduces predictable names so that we can easily determine
which artifact belongs to which PR and therefore we can decide to wipe
all resources that are not needed any more.
Notes:
ATM will not run any actual tests b/c we want to make sure the
pipeline configuration is correct.
run_tests() will call the deploy.sh script and then do nothing
b/c of the "dummy-" prefix which doesn't match any actual tests!
We are storing some data in the user's home directory, so let's print
the username so we know what that is.
In particular, this would tell us which user has been authorized to log
in via ssh.
Signed-off-by: Tom Gundersen <teg@jklm.no>
Now that we've reduced how much of our PSI quota we are using so the
OpenStack boot tests will work, we need to use AWS for jobs more often.
This should allow test runs to complete a little sooner by freeing up
PSI resources for the jobs that are only able to run there.
Signed-off-by: Major Hayden <major@redhat.com>
The vmdk images are meant to be imported into VMWare vCenter, not to be
booted directly.
Our image-info tests verifies that this work, they should be converted
into integration tests similar to the aws.sh script in the future.
Signed-off-by: Tom Gundersen <teg@jklm.no>
We will automatically detect whether to use GA or Beta content, so we
can drop the override as 8.2 is GA so will get GA content.
Signed-off-by: Tom Gundersen <teg@jklm.no>
in the same way this is done for Azure we read the OS credentials
and provide them as ENV variables for the test
Note: uses `psi-openstack-creds` and not `psi-openstack-clouds-yaml`
which is a yaml file.
Using `cp` to copy the repo content caused the last part of the path to
be duplicated:
Current: `master/latest/rhel82_x86_64/rhel82_x86_64/repodata/repomd.xml`
Desired: `master/latest/rhel82_x86_64/repodata/repomd.xml`
Remove the VERSION_ID/ARCH from the destination to remove the duplicated
path.
Signed-off-by: Major Hayden <major@redhat.com>
Checking out the code from git during the prepare step is a waste of
time and disk space since we don't need the git repository cloned there.
Signed-off-by: Major Hayden <major@redhat.com>
Although rsync works just fine, it would reduce our package list if we
just used `cp` to create the latest repo.
Signed-off-by: Major Hayden <major@redhat.com>
The image tests for RHEL 8 still download packages from a server that is
only available inside the Red Hat network. 😢
Signed-off-by: Major Hayden <major@redhat.com>
Allow anyone to set up a dnf repository to point to the latest
build for the branch by using a repo file pointing to that build.
This would allow anyone to get the latest set of RPMs for a particular
pull request or branch (especially the master branch.
Signed-off-by: Major Hayden <major@redhat.com>
Remove the nightly repos from the RHEL 8.3 jobs and replace them with
CDN registration for beta content.
Signed-off-by: Major Hayden <major@redhat.com>
We want to deliver images directly to OpenStack during the CI tests.
Ensure the credentials are available during those tests and move them to
the proper location to be read by OpenStack tools and SDKs.
This helps with #876.
Signed-off-by: Major Hayden <major@redhat.com>
