stage(selinux): move to schema_2 to allow adding mounts/devices

This is a preparation to allow adding mounts/devices to the users stage so that we can eventually support bootc install to-filesystem.
2024-04-05 10:13:03 +02:00 · 2024-04-05 10:13:03 +02:00 · ba85d30cee
commit ba85d30cee
parent 72a2334fbe
3 changed files with 35 additions and 32 deletions
--- a/stages/org.osbuild.selinux.meta.json
+++ b/stages/org.osbuild.selinux.meta.json
@ -17,34 +17,36 @@
  "capabilities": [
    "CAP_MAC_ADMIN"
  ],
-  "schema": {
-    "additionalProperties": false,
-    "required": [
-      "file_contexts"
-    ],
-    "properties": {
-      "file_contexts": {
-        "type": "string",
-        "description": "Path to the active SELinux policy's `file_contexts`"
-      },
-      "exclude_paths": {
-        "type": "array",
-        "description": "Paths to exclude when setting labels via file_contexts",
-        "items": {
-          "type": "string"
+  "schema_2": {
+    "options": {
+      "additionalProperties": false,
+      "required": [
+        "file_contexts"
+      ],
+      "properties": {
+        "file_contexts": {
+          "type": "string",
+          "description": "Path to the active SELinux policy's `file_contexts`"
+        },
+        "exclude_paths": {
+          "type": "array",
+          "description": "Paths to exclude when setting labels via file_contexts",
+          "items": {
+            "type": "string"
+          }
+        },
+        "labels": {
+          "type": "object",
+          "description": "Labels to set of the specified files or folders",
+          "items": {
+            "type": "object"
+          }
+        },
+        "force_autorelabel": {
+          "type": "boolean",
+          "description": "Do not use. Forces auto-relabelling on first boot.",
+          "default": false
        }
-      },
-      "labels": {
-        "type": "object",
-        "description": "Labels to set of the specified files or folders",
-        "items": {
-          "type": "object"
-        }
-      },
-      "force_autorelabel": {
-        "type": "boolean",
-        "description": "Do not use. Forces auto-relabelling on first boot.",
-        "default": false
      }
    }
  }
--- a/stages/test/test_selinux.py
+++ b/stages/test/test_selinux.py
@ -12,7 +12,7 @@ STAGE_NAME = "org.osbuild.selinux"

 def get_test_input(test_data, implicit_file_contexts=True):
    test_input = {
-        "name": STAGE_NAME,
+        "type": STAGE_NAME,
        "options": {}
    }
    if implicit_file_contexts:
@ -32,7 +32,6 @@ def get_test_input(test_data, implicit_file_contexts=True):
    ({"labels": "xxx"}, "'xxx' is not of type 'object'"),
    ({"force_autorelabel": "foo"}, "'foo' is not of type 'boolean'"),
 ])
-@pytest.mark.parametrize("stage_schema", ["1"], indirect=True)
 def test_schema_validation_selinux(stage_schema, test_data, expected_err):
    res = stage_schema.validate(get_test_input(test_data))
    if expected_err == "":
@ -42,7 +41,6 @@ def test_schema_validation_selinux(stage_schema, test_data, expected_err):
        testutil.assert_jsonschema_error_contains(res, expected_err, expected_num_errs=1)


-@pytest.mark.parametrize("stage_schema", ["1"], indirect=True)
 def test_schema_validation_selinux_file_context_required(stage_schema):
    res = stage_schema.validate(get_test_input({}, implicit_file_contexts=False))
    assert res.valid is False
--- a/stages/test/test_users.py
+++ b/stages/test/test_users.py
@ -4,8 +4,11 @@ from unittest.mock import patch

 import pytest

-from osbuild.testutil import assert_jsonschema_error_contains, make_fake_tree, mock_command
-
+from osbuild.testutil import (
+    assert_jsonschema_error_contains,
+    make_fake_tree,
+    mock_command,
+)

 STAGE_NAME = "org.osbuild.users"