From f1e26c2b7767ca6094355174a4f9f32b7e037edd Mon Sep 17 00:00:00 2001 From: Sanne Raymaekers Date: Thu, 22 Aug 2019 10:32:41 +0200 Subject: [PATCH 1/2] bots: Add fedora-31 It's currently unclear whether or not docker will make it to fedora-31, so we can't run docker tests for now. --- bots/image-refresh | 3 ++ bots/image-trigger | 1 + bots/images/scripts/fedora-31.bootstrap | 23 +++++++++++ bots/images/scripts/fedora-31.install | 4 ++ bots/images/scripts/fedora-31.setup | 1 + bots/images/scripts/fedora.setup | 38 ++++++++++++------- bots/images/scripts/lib/zero-disk.setup | 7 ++-- bots/naughty/fedora-31/10038-abrtd-crash-fn | 5 +++ bots/naughty/fedora-31/10038-abrtd-crash-fn-2 | 5 +++ .../fedora-31/12721-selinux-timedatectl | 1 + .../fedora-31/12721-selinux-timedatectl-2 | 1 + .../fedora-31/12744-selinux-nm-system-cat | 1 + .../fedora-31/8905-nm-bond-autoconnect-slaves | 3 ++ .../8905-nm-bridge-autoconnect-slaves | 3 ++ test/common/testlib.py | 4 +- test/verify/check-dashboard | 5 ++- test/verify/check-docker | 4 +- test/verify/check-docker-storage | 2 + test/verify/check-multi-machine | 4 ++ test/verify/check-packagekit | 2 +- test/verify/machineslib.py | 15 +++++--- 21 files changed, 105 insertions(+), 27 deletions(-) create mode 100755 bots/images/scripts/fedora-31.bootstrap create mode 100755 bots/images/scripts/fedora-31.install create mode 120000 bots/images/scripts/fedora-31.setup create mode 100644 bots/naughty/fedora-31/10038-abrtd-crash-fn create mode 100644 bots/naughty/fedora-31/10038-abrtd-crash-fn-2 create mode 100644 bots/naughty/fedora-31/12721-selinux-timedatectl create mode 100644 bots/naughty/fedora-31/12721-selinux-timedatectl-2 create mode 100644 bots/naughty/fedora-31/12744-selinux-nm-system-cat create mode 100644 bots/naughty/fedora-31/8905-nm-bond-autoconnect-slaves create mode 100644 bots/naughty/fedora-31/8905-nm-bridge-autoconnect-slaves diff --git a/bots/image-refresh b/bots/image-refresh index 6ae512b968c4..e8c0ca55e52b 100755 --- a/bots/image-refresh +++ b/bots/image-refresh @@ -57,6 +57,9 @@ TRIGGERS = { "fedora-30/firefox@weldr/cockpit-composer", "fedora-30/edge@weldr/cockpit-composer", ], + "fedora-31": [ + "fedora-31", + ], "fedora-atomic": [ "fedora-atomic", "fedora-atomic@cockpit-project/cockpit-ostree", diff --git a/bots/image-trigger b/bots/image-trigger index fd61ca8fdf80..eafb7038b07a 100755 --- a/bots/image-trigger +++ b/bots/image-trigger @@ -27,6 +27,7 @@ REFRESH = { "debian-stable": { }, "fedora-29": { }, "fedora-30": { }, + "fedora-31": { }, "fedora-atomic": { }, "fedora-testing": { }, "fedora-i386": { }, diff --git a/bots/images/scripts/fedora-31.bootstrap b/bots/images/scripts/fedora-31.bootstrap new file mode 100755 index 000000000000..2d6dc0e000e5 --- /dev/null +++ b/bots/images/scripts/fedora-31.bootstrap @@ -0,0 +1,23 @@ +#!/bin/bash +# +# Copyright (C) 2019 Red Hat Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +# 02110-1301 USA. + +BASE=$(dirname $0) +# once fedora 31 is released, replace url: +# http://dl.fedoraproject.org/pub/fedora/linux/releases/31/Server/x86_64/os/ +$BASE/virt-install-fedora "$1" x86_64 "https://dl.fedoraproject.org/pub/fedora/linux/development/31/Everything/x86_64/os/" diff --git a/bots/images/scripts/fedora-31.install b/bots/images/scripts/fedora-31.install new file mode 100755 index 000000000000..2ad1e852faf7 --- /dev/null +++ b/bots/images/scripts/fedora-31.install @@ -0,0 +1,4 @@ +#! /bin/bash + +set -e +/var/lib/testvm/fedora.install "$@" diff --git a/bots/images/scripts/fedora-31.setup b/bots/images/scripts/fedora-31.setup new file mode 120000 index 000000000000..f78434e0cb34 --- /dev/null +++ b/bots/images/scripts/fedora-31.setup @@ -0,0 +1 @@ +fedora.setup \ No newline at end of file diff --git a/bots/images/scripts/fedora.setup b/bots/images/scripts/fedora.setup index 4cac51919eba..10301aec412a 100755 --- a/bots/images/scripts/fedora.setup +++ b/bots/images/scripts/fedora.setup @@ -17,7 +17,9 @@ fi # depending on how it was compiled and which plugins are installed, # and will just silently not do it. So we do it here. # -xfs_growfs / +if [ "$IMAGE" != fedora-31 ]; then + xfs_growfs / +fi df -h / echo foobar | passwd --stdin root @@ -27,16 +29,23 @@ if [ $(uname -m) = x86_64 ]; then HAVE_KUBERNETES=1 fi +# HACK docker not available on f31 +# https://github.com/cockpit-project/cockpit/issues/12670 +HAVE_DOCKER= +if [ "$1" != fedora-31 ]; then + HAVE_DOCKER=1 +fi + # We install all dependencies of the cockpit packages since we want # them to not spontaneously change from one test run to the next when # the distribution repository is updated. # COCKPIT_DEPS="\ -atomic \ device-mapper-multipath \ -docker \ etcd \ +glibc-all-langpacks \ glib-networking \ +grubby \ json-glib \ kexec-tools \ libssh \ @@ -60,6 +69,8 @@ tuned \ virt-install \ " +[ -z "$HAVE_DOCKER" ] || COCKPIT_DEPS="$COCKPIT_DEPS atomic docker" + COCKPIT_DEPS="$COCKPIT_DEPS udisks2 udisks2-lvm2 udisks2-iscsi" [ -z "$HAVE_KUBERNETES" ] || COCKPIT_DEPS="$COCKPIT_DEPS kubernetes" @@ -164,23 +175,24 @@ if ! [ "$version" -eq "$version" ] 2>/dev/null; then version=30; fi su builder -c "/usr/bin/mock --no-bootstrap-chroot --verbose -i $(/var/lib/testvm/build-deps.sh "$opsys $version")" su builder -c "/usr/bin/mock --install --verbose rpmlint" -# HACK: docker falls over regularly, print its log if it does -systemctl start docker || journalctl -u docker - -# our cockpit/base container is only really a thing on x86_64, just skip it on other arches -if [ $(uname -m) = x86_64 ]; then - docker build -t cockpit/base /var/tmp/cockpit-base +if [ -n "$HAVE_DOCKER" ]; then + # HACK: docker falls over regularly, print its log if it does + systemctl start docker || journalctl -u docker + # docker images that we need for integration testing + /var/lib/testvm/docker-images.setup fi # Configure kubernetes [ -z "$HAVE_KUBERNETES" ] || /var/lib/testvm/kubernetes.setup -# docker images that we need for integration testing -/var/lib/testvm/docker-images.setup - # reduce image size dnf clean all -/var/lib/testvm/zero-disk.setup +zd_opts= +# Offline Mock with dnf isn't happy anymore without a cache +if [ "$IMAGE" = fedora-31 ]; then + zd_opts="--keep-mock-cache" +fi +/var/lib/testvm/zero-disk.setup $zd_opts ln -sf ../selinux/config /etc/sysconfig/selinux printf "SELINUX=enforcing\nSELINUXTYPE=targeted\n" > /etc/selinux/config diff --git a/bots/images/scripts/lib/zero-disk.setup b/bots/images/scripts/lib/zero-disk.setup index 10ee74ac554c..888b63c3e17c 100755 --- a/bots/images/scripts/lib/zero-disk.setup +++ b/bots/images/scripts/lib/zero-disk.setup @@ -17,10 +17,9 @@ # You should have received a copy of the GNU Lesser General Public License # along with Cockpit; If not, see . -# We don't want to delete the pbuilder caches since we need them -# during build. Mock with --offline and dnf is happy without caches, -# but with yum it isn't, so we provide an option to also leave the -# mock caches in place. +# We don't want to delete the pbuilder caches since we need them during build. +# Mock with --offline and dnf is sometimes happy without caches, and with yum it +# never is, so we provide an option to also leave the mock caches in place. # # We also want to keep cracklib since otherwise password quality # checks break on Debian. diff --git a/bots/naughty/fedora-31/10038-abrtd-crash-fn b/bots/naughty/fedora-31/10038-abrtd-crash-fn new file mode 100644 index 000000000000..64d0a812eb69 --- /dev/null +++ b/bots/naughty/fedora-31/10038-abrtd-crash-fn @@ -0,0 +1,5 @@ +Traceback (most recent call last): + File "test/verify/check-journal", line *, in testAbrtSegv + b.wait_visible(sel) +* +Error: timeout diff --git a/bots/naughty/fedora-31/10038-abrtd-crash-fn-2 b/bots/naughty/fedora-31/10038-abrtd-crash-fn-2 new file mode 100644 index 000000000000..2927986c11e3 --- /dev/null +++ b/bots/naughty/fedora-31/10038-abrtd-crash-fn-2 @@ -0,0 +1,5 @@ +Traceback (most recent call last): + File "test/verify/check-journal", line *, in testAbrtDelete + b.click(sel) +* +Error: timeout diff --git a/bots/naughty/fedora-31/12721-selinux-timedatectl b/bots/naughty/fedora-31/12721-selinux-timedatectl new file mode 100644 index 000000000000..39f3f9eadca9 --- /dev/null +++ b/bots/naughty/fedora-31/12721-selinux-timedatectl @@ -0,0 +1 @@ +*Failed to set time zone: Failed to update /etc/localtime* diff --git a/bots/naughty/fedora-31/12721-selinux-timedatectl-2 b/bots/naughty/fedora-31/12721-selinux-timedatectl-2 new file mode 100644 index 000000000000..0c98e1d91bd2 --- /dev/null +++ b/bots/naughty/fedora-31/12721-selinux-timedatectl-2 @@ -0,0 +1 @@ +*Failed to set time: Failed to set system clock: Operation not permitted* diff --git a/bots/naughty/fedora-31/12744-selinux-nm-system-cat b/bots/naughty/fedora-31/12744-selinux-nm-system-cat new file mode 100644 index 000000000000..43f5f2c481d5 --- /dev/null +++ b/bots/naughty/fedora-31/12744-selinux-nm-system-cat @@ -0,0 +1 @@ +testlib.Error: audit: type=1400 audit(*): avc: denied { write } for pid=* comm="NetworkManager" path="/var/tmp/dracut.*/systemd-cat" dev="dm-0" ino=* scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:object_r:kdumpctl_tmp_t:s0 tclass=fifo_file permissive=0 diff --git a/bots/naughty/fedora-31/8905-nm-bond-autoconnect-slaves b/bots/naughty/fedora-31/8905-nm-bond-autoconnect-slaves new file mode 100644 index 000000000000..d825651e7a35 --- /dev/null +++ b/bots/naughty/fedora-31/8905-nm-bond-autoconnect-slaves @@ -0,0 +1,3 @@ +Traceback (most recent call last): + File "check-networking-bond", line *, in testBondActive + b.wait_in_text("#network-interface .panel:contains('tbond')", ip) diff --git a/bots/naughty/fedora-31/8905-nm-bridge-autoconnect-slaves b/bots/naughty/fedora-31/8905-nm-bridge-autoconnect-slaves new file mode 100644 index 000000000000..57103b52fa3c --- /dev/null +++ b/bots/naughty/fedora-31/8905-nm-bridge-autoconnect-slaves @@ -0,0 +1,3 @@ +Traceback (most recent call last): + File "check-networking-bridge", line *, in testBridgeActive + b.wait_in_text("#network-interface .panel:contains('tbridge')", ip) diff --git a/test/common/testlib.py b/test/common/testlib.py index 647a2c696ebf..b81288dcc869 100644 --- a/test/common/testlib.py +++ b/test/common/testlib.py @@ -928,8 +928,8 @@ def check_journal_messages(self, machine=None): if "TEST_AUDIT_NO_SELINUX" not in os.environ: messages += machine.audit_messages("14", cursor=cursor) # 14xx is selinux - if self.image in ['fedora-30', 'fedora-testing', 'fedora-i386']: - # Fedora 30 switched to dbus-broker + if self.image in ['fedora-31', 'fedora-30', 'fedora-testing', 'fedora-i386']: + # Fedora >= 30 switched to dbus-broker self.allowed_messages.append("dbus-daemon didn't send us a dbus address; not installed?.*") all_found = True diff --git a/test/verify/check-dashboard b/test/verify/check-dashboard index 24eb7c942d29..6abe67b53746 100755 --- a/test/verify/check-dashboard +++ b/test/verify/check-dashboard @@ -94,7 +94,7 @@ class TestBasicDashboard(MachineCase, DashBoardHelpers): # Start second browser and check that it is in sync b2 = self.new_browser() - b2.default_user = "root" + b2.default_user = "admin" b2.login_and_go("/dashboard") self.wait_dashboard_addresses(b2, ["localhost"]) b.wait_present("#dashboard-hosts a[data-address='localhost'] button.pficon-delete.disabled") @@ -236,6 +236,9 @@ class TestDashboardSetup(MachineCase, DashBoardHelpers): # lockout admin m2.execute("echo admin:badpass | chpasswd") + # Logging in as root is no longer allowed by default by sshd + m2.execute("sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config") + m2.execute("systemctl restart sshd") # Create some users on m1 and m2. m1.execute("getent group docker >/dev/null || groupadd docker") diff --git a/test/verify/check-docker b/test/verify/check-docker index d13de7d03462..e266305dd0ff 100755 --- a/test/verify/check-docker +++ b/test/verify/check-docker @@ -26,6 +26,7 @@ from testlib import * @skipPackage("cockpit-docker") @skipImage("No docker packaged", "rhel-8-1", "rhel-8-1-distropkg") +@skipImage("Docker not available", "fedora-31") # https://github.com/cockpit-project/cockpit/issues/12670 class TestDocker(MachineCase): def setUp(self): @@ -588,7 +589,8 @@ CMD ["/bin/sh"] @skipImage("Skip on systems without atomic and ones with missing deps", "debian-stable", - "debian-testing", "ubuntu-1804", "ubuntu-stable", "fedora-atomic", "fedora-i386") + "debian-testing", "ubuntu-1804", "ubuntu-stable", "fedora-atomic", "fedora-i386", + "fedora-31") @skipImage("No docker packaged", "rhel-8-1", "rhel-8-1-distropkg") @skipPackage("cockpit-docker") class TestAtomicScan(MachineCase): diff --git a/test/verify/check-docker-storage b/test/verify/check-docker-storage index 4a449198deaf..b538e64a6c65 100755 --- a/test/verify/check-docker-storage +++ b/test/verify/check-docker-storage @@ -36,6 +36,7 @@ def can_manage(machine): @skipImage("No cockpit-docker on i386", "fedora-i386") @skipImage("No docker packaged", "rhel-8-1", "rhel-8-1-distropkg") +@skipImage("Docker not available", "fedora-31") # https://github.com/cockpit-project/cockpit/issues/12670 @skipPackage("cockpit-docker") class TestDockerStorageDirect(MachineCase): @@ -55,6 +56,7 @@ class TestDockerStorageDirect(MachineCase): @skipImage("No cockpit-docker on i386", "fedora-i386") @skipImage("No docker packaged", "rhel-8-1", "rhel-8-1-distropkg") +@skipImage("Docker not available", "fedora-31") # https://github.com/cockpit-project/cockpit/issues/12670 @skipPackage("cockpit-docker") class TestDockerStorage(MachineCase): provision = {"machine1": {"address": "10.111.113.1/20"}} diff --git a/test/verify/check-multi-machine b/test/verify/check-multi-machine index 20d28cacf1d0..a355d3816440 100755 --- a/test/verify/check-multi-machine +++ b/test/verify/check-multi-machine @@ -690,6 +690,10 @@ class TestMultiMachine(MachineCase): m1 = self.machine m2 = self.machine2 + # Logging in as root is no longer allowed by default by sshd + m2.execute("sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config") + m2.execute("systemctl restart sshd") + machine_path = "/@10.111.113.2" self.login_and_go(None) diff --git a/test/verify/check-packagekit b/test/verify/check-packagekit index 415aa9565c46..a9ba7f904c2c 100755 --- a/test/verify/check-packagekit +++ b/test/verify/check-packagekit @@ -647,7 +647,7 @@ class TestUpdates(PackageCase): @skipImage("Image uses OSTree", "fedora-atomic") -@skipImage("No subscriptions", "debian-stable", "debian-testing", +@skipImage("No subscriptions", "debian-stable", "debian-testing", "fedora-31", "fedora-30", "fedora-i386", "fedora-testing", "ubuntu-1804", "ubuntu-stable") class TestUpdatesSubscriptions(PackageCase): provision = { diff --git a/test/verify/machineslib.py b/test/verify/machineslib.py index 35f1b652c2e1..5d695610c965 100755 --- a/test/verify/machineslib.py +++ b/test/verify/machineslib.py @@ -702,7 +702,7 @@ def verify_disk_added(self): b.click("#vm-subVmTest1-disks") # open the "Disks" subtab # Detect volume format - detect_format_cmd = "virsh vol-dumpxml {0} {1} | xmllint --xpath '/volume/target/format' -".format(self.volume_name, self.pool_name) + detect_format_cmd = "virsh vol-dumpxml {0} {1} | xmllint --xpath '{2}' -" if self.test_obj.provider == "libvirt-dbus": b.wait_in_text('#vm-{0}-disks-{1}-source-volume'.format(self.vm_name, self.expected_target), self.volume_name) @@ -713,10 +713,15 @@ def verify_disk_added(self): expected_format = 'unknown' else: expected_format = 'qcow2' - self.test_obj.assertEqual( - m.execute(detect_format_cmd).rstrip(), - ''.format(self.volume_format or expected_format) - ) + + # Unknown pool format isn't present in xml anymore + if expected_format == "unknown" and m.execute("virsh --version") >= "5.6.0": + m.execute(detect_format_cmd.format(self.volume_name, self.pool_name, "/volume/target") + " | grep -qv format") + else: + self.test_obj.assertEqual( + m.execute(detect_format_cmd.format(self.volume_name, self.pool_name, "/volume/target/format")).rstrip(), + ''.format(self.volume_format or expected_format) + ) else: if self.pool_type == 'disk': b.wait_in_text('#vm-{0}-disks-{1}-source-device'.format(self.vm_name, self.expected_target), self.volume_name) From 8836df8f47ba8bd347e7f2140b2ec52577aecdc1 Mon Sep 17 00:00:00 2001 From: Cockpituous Date: Fri, 6 Sep 2019 17:08:48 +0000 Subject: [PATCH 2/2] images: Update fedora-31 image --- bots/images/fedora-31 | 1 + 1 file changed, 1 insertion(+) create mode 120000 bots/images/fedora-31 diff --git a/bots/images/fedora-31 b/bots/images/fedora-31 new file mode 120000 index 000000000000..e2fa3267b2fc --- /dev/null +++ b/bots/images/fedora-31 @@ -0,0 +1 @@ +fedora-31-9c3f49f6738dadbf33f49d98ba08f9fecf256de96ee370d11e3711aba1d5a3ab.qcow2 \ No newline at end of file