particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/test/cases/regression-include-excluded-packages.sh
Tomas Hozza a4b0efb278 provision.sh: add none authentication method for on-premise scenario 
`tools/provision.sh` is provisioning SUT always in the same way for
both, the Service scenario and the on-premise scenario. While this is
not causing any issues, it does not realistically represent how we
expect osbuild-composer and worker to be used in these scenarios.

The script currently supports the following authentication options:
- `none`
  - Intended for the on-premise scenario with Weldr API.
  - NO certificates are generated.
  - NO osbuild-composer configuration file is created.
  - NO osbuild-worker configuration file is created. This means that no
    cloud provider credentials are configured directly in the worker.
  - Only the local worker is started and used.
  - Only the Weldr API socker is started.
  - Appropriate repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
- `jwt`
  - Intended for the Service scenario with Cloud API.
  - Should be the only method supported in the Service scenario in the
    future.
  - Certificates are generated and copied to `/etc/osbuild-composer`.
  - osbuild-composer configuration file is created and configured for
    JWT authentication.
  - osbuild-worker configuration file is created, configured for JWT
    authentication and with appropriate cloud provider credentials.
  - Local worker unit is masked. Only the remote worker is used (the
    socket is started and one remote-worker instance is created).
  - Only the Cloud API socket is started (Weldr API socket is stopped).
  - NO repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
- `tls`
  - Intended for the Service scenario with Cloud API.
  - Should eventually go away.
  - Certificates are generated and copied to `/etc/osbuild-composer`.
  - osbuild-composer configuration file is created and configured for
    TLS client cert authentication.
  - osbuild-worker configuration file is created, configured for TLS
    authentication and with appropriate cloud provider credentials.
  - Services and sockets are started as they used to be originally:
    - Both local and remote worker sockets are started.
    - Both Weldr and Cloud API sockets are started.
    - Only the local worker unit will be started automatically.
  - NO repository definitions are copied to
    `/etc/osbuild-composer/repositories/`.
2022-08-04 11:55:43 +02:00

85 lines
2.6 KiB
Bash
Raw Blame History

#!/bin/bash
# This test case verifies that a blueprint can include a package which
# is listed among "excluded" for a certain image type and osbuild-composer
# doesn't fail to depsolve this blueprint.
#
# The script currently works only for RHEL and CentOS which provide
# "nss-devel" package and exclude "nss" package in the image type
# definition. The testing blueprint contains explicit "nss" requirement
# to remove it from the list of excluded packages and thus enable the
# installation of "nss-devel".
#
# Bug report: https://github.com/osbuild/osbuild-composer/issues/921
set -xeuo pipefail
source /usr/libexec/osbuild-composer-test/set-env-variables.sh
if [[ "${ID}" == "fedora" ]]; then
echo "$0 is only enabled for rhel like systems; skipping..."
exit 0
fi
# Provision the software under test.
/usr/libexec/osbuild-composer-test/provision.sh none
BLUEPRINT_FILE=/tmp/blueprint.toml
COMPOSE_START=/tmp/compose-start.json
COMPOSE_INFO=/tmp/compose-info.json
# Write a basic blueprint for our image.
tee "$BLUEPRINT_FILE" > /dev/null << EOF
name = "nss-devel"
description = "A base system with nss-devel"
version = "0.0.1"
[[packages]]
name = "nss-devel"
[[packages]]
# The nss package is excluded in the RHEL8.4, RHEL8.5 and RHEL9.0 qcow image type
# but it is required by the nss-devel package.This test verifies it can be added
# again when explicitly mentioned in the blueprint.
name = "nss"
EOF
sudo composer-cli blueprints push "$BLUEPRINT_FILE"
sudo composer-cli blueprints depsolve nss-devel
sudo composer-cli --json compose start nss-devel qcow2 | tee "${COMPOSE_START}"
if rpm -q --quiet weldr-client; then
COMPOSE_ID=$(jq -r '.body.build_id' "$COMPOSE_START")
else
COMPOSE_ID=$(jq -r '.build_id' "$COMPOSE_START")
fi
# Wait for the compose to finish.
echo "⏱ Waiting for compose to finish: ${COMPOSE_ID}"
while true; do
sudo composer-cli --json compose info "${COMPOSE_ID}" | tee "$COMPOSE_INFO" > /dev/null
if rpm -q --quiet weldr-client; then
COMPOSE_STATUS=$(jq -r '.body.queue_status' "$COMPOSE_INFO")
else
COMPOSE_STATUS=$(jq -r '.queue_status' "$COMPOSE_INFO")
fi
# Is the compose finished?
if [[ $COMPOSE_STATUS != RUNNING ]] && [[ $COMPOSE_STATUS != WAITING ]]; then
break
fi
# Wait 30 seconds and try again.
sleep 30
done
sudo composer-cli compose delete "${COMPOSE_ID}" >/dev/null
jq . "${COMPOSE_INFO}"
# Did the compose finish with success?
if [[ $COMPOSE_STATUS == FINISHED ]]; then
echo "Test passed!"
exit 0
else
echo "Something went wrong with the compose. 😢"
exit 1
fi
Reference in a new issue View git blame Copy permalink