sig_core
/
toolkit
7
2
Fork 1
Code Issues 5 Pull Requests Actions Projects Releases Wiki Activity

Compare commits

base: sig_core:devel
Branches Tags
sig_core:devel
sig_core:main
sig_core:feature/variant-images-download
sig_core:fixes/el8
sig_core:feature/imagebuild
sig_core:feature/iso-kube
..
compare: sig_core:feature/iso-kube
Branches Tags
sig_core:devel
sig_core:main
sig_core:feature/variant-images-download
sig_core:fixes/el8
sig_core:feature/imagebuild
sig_core:feature/iso-kube

1 Commits
devel ... feature/is

Author SHA1 Message Date
Neil Hanlon 91c01da5cf
use a flag to determine if we want an RC or not 2022-06-20 20:12:20 -04:00
274 changed files with 1736 additions and 15887 deletions
Show Stats Expand all files Collapse all files

47
.github/workflows/imagefactory-image.yml vendored
View File

@ -1,47 +0,0 @@
---
name: Build empanada images for imagefactory
on:
push:
branches: [ $default-branch, "devel" ]
pull_request:
branches: [ $default-branch ]
workflow_dispatch:
jobs:
buildx:
runs-on:
- ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
with:
install: true
- name: Login to ghcr
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
id: docker_build
uses: docker/build-push-action@v2
with:
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
context: ./iso/empanadas
file: ./iso/empanadas/Containerfile.imagefactory
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/rocky-linux/empanadas-imagefactory:latest
cache-from: type=gha
cache-to: type=gha,mode=max

16
.github/workflows/mix-empanadas.yml vendored
View File

@ -1,9 +1,9 @@
---
name: Build empanada container images for lorax
name: Build empanada container images
on:
push:
branches: [ $default-branch, "devel" ]
branches: [ $default-branch ]
pull_request:
branches: [ $default-branch ]
workflow_dispatch:
@ -17,17 +17,17 @@ jobs:
uses: actions/checkout@v2
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
uses: docker/setup-qemu-action@v1
# https://github.com/docker/setup-buildx-action
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v1
with:
install: true
- name: Login to ghcr
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
@ -35,13 +35,13 @@ jobs:
- name: Build and push
id: docker_build
uses: docker/build-push-action@v5
uses: docker/build-push-action@v2
with:
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le
context: ./iso/empanadas
file: ./iso/empanadas/Containerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ghcr.io/rocky-linux/sig-core-toolkit:latest
tags: ghcr.io/neilhanlon/sig-core-toolkit:latest
cache-from: type=gha
cache-to: type=inline
cache-to: type=gha,mode=max

1
.gitignore vendored
View File

@ -1 +0,0 @@
*.sw[a-z]

0
.disable.gitlab-ci.yml → .gitlab-ci.yml
View File

26
README.md
View File

@ -3,9 +3,10 @@ sig-core-toolkit
Release Engineering toolkit for repeatable operations or functionality testing.
Currently mirrored at our [github](https://github.com/rocky-linux), and the
[RESF Git Service](https://git.resf.org). Changes will typically occur at the
RESF Git Service.
Currently mirrored at our [github](https://github.com/rocky-linux),
[Rocky Linux Git Service](https://git.rockylinux.org), and the
[RESF Git Service](https://git.resf.org). Changes either occur at the Rocky
Linux Git Service or RESF Git Service.
What does this have?
--------------------
@ -13,9 +14,10 @@ What does this have?
* analyze -> Analysis utilities (such as download stats)
* chat -> mattermost related utilities
* func -> (mostly defunct) testing scripts and tools to test base functionality
* iso -> Contains `empanadas`, which provides ISO, Compose, and Sync related utilities.
* iso -> ISO related utilities
* live -> Live image related utilities
* mangle -> Manglers and other misc stuff
* sync -> Sync tools, primarily for Rocky Linux 8 and will eventually be deprecated
* sync -> Sync tools, primarily for Rocky Linux 8
How can I help?
---------------
@ -23,17 +25,13 @@ How can I help?
Fork this repository and open a PR with your changes. Keep these things in mind
when you make changes:
* Your PR should be against the devel branch (not optional)
* Have pre-commit installed if possible
* Have shellcheck installed if possible
* Have pre-commit installed
* Have shellcheck installed
* Shell Scripts: These must pass a shellcheck test!
* Python scripts: Try your best to follow PEP8 guidelines (even the best linters get things wrong)
* Python scripts: Try your best to follow PEP8 guidelines
* Note that not everything has to pass. Just try your best.
PR's against the main branch will be closed.
PR's are preferred at the [RESF Git Service](https://git.resf.org).
Your PR should be against the devel branch at all times. PR's against the main
branch will be closed.
Will some of this be moved into separate repositories?
------------------------------------------------------

3
func/.gitignore vendored
View File

@ -1,5 +1,2 @@
log/*.log
log/*.log.*
clone_again/
cloned/
tftptest

71
func/README.md
View File

@ -5,20 +5,22 @@ These are a set of scripts that are designed to test the core functionality
of a Rocky Linux system. They are designed to work on current versions of
Rocky and are used to test a system as a Release Engineering self-QA but
can be used by others for their own personal testing (under the assumption
that you just want to see what happens, we don't judge.
that you just want to see what happens, we don't judge :).
These tests *must* pass for a X.0 release to be considered "Core Validated".
These tests *must* pass for a release to be considered "Core Validated"
Checking against the upstream repositories for package matches are not enough
and are/will be addressed by other tools.
* common -> Functions that our scripts and tests may or may not use. Templates
and other files should come here too under common/files and
scripts that use them should reference them as `./common/files/...`
* core -> Core functionality and testing. For example, packages and service
functionality.
* lib -> Library tests (these may be done elsewhere, such as openqa)
* lib -> Library tests (these may be done elsewhere)
* log -> Log output. This repository has example logs of running on Rocky
Linux.
* modules -> Tests for module streams and their basic tests
* stacks -> Software stacks, think like LAMP (may be done elsewhere, such as openqa)
* stacks -> Software stacks, think like LAMP.
How to Run
----------
@ -26,11 +28,9 @@ How to Run
There are two ways to run through the tests:
* By running `/bin/bash runtests.sh`
* Runs all core tests
* By running `/bin/bash stacktests.sh`
* Runs all stack tests (eg, lamp, ipa)
* Runs all tests
* By running `/bin/bash monotests.sh`
* Supposed to runs all tests one by one to help identify failures as they happen (not functional)
* Runs all tests one by one to help identify failures as they happen
Adding Tests
------------
@ -148,13 +148,6 @@ security is important, actually work and function correctly.
With that said, There is no reason to disable integral security layers on your
system.
### Should EPEL be enabled?
No. The point is to test Rocky packages, not EPEL. There are also package
differences that will break (eg: nc -> nmap-ncat vs netcat).
### What about CRB or extras?
It may say it's a failure, but it will continue anyway.
Current Tree
------------
```
@ -323,9 +316,6 @@ Current Tree
│   │   ├── 00-install-lsof.sh
│   │   ├── 10-test-lsof.sh
│   │   └── README.md
│   ├── pkg_mdadm
│   │   ├── 00-install-mdadm.sh
│   │   └── 01-test-mdadm.sh
│   ├── pkg_network
│   │   ├── 00-install-packages.sh
│   │   ├── 10-tracepath.sh
@ -358,13 +348,6 @@ Current Tree
│   │   ├── 30-postfix-sasl.sh
│   │   ├── 40-postfix-tls.sh
│   │   └── README.md
│   ├── pkg_postgresql
│   │   ├── 00-install-postgresql.sh
│   │   ├── 01-configure-postgresql.sh
│   │   ├── 10-create-db.sh
│   │   ├── 11-create-user.sh
│   │   ├── 20-drop-db.sh
│   │   └── 21-drop-user.sh
│   ├── pkg_python
│   │   ├── 00-install-python.sh
│   │   ├── 10-test-python3.sh
@ -440,11 +423,6 @@ Current Tree
│   ├── pkg_telnet
│   │   ├── 00-install-telnet.sh
│   │   └── 10-test-telnet.sh
│   ├── pkg_tftp-server
│   │   ├── 00-install-tftp.sh
│   │   ├── 01-configure-tftp.sh
│   │   ├── 10-get-test.sh
│   │   └── 11-put-test.sh
│   ├── pkg_vsftpd
│   │   ├── 00-install-vsftpd.sh
│   │   ├── 10-anonymous-vsftpd.sh
@ -469,21 +447,20 @@ Current Tree
├── README.md
├── runtests.sh
├── skip.list
├── stacks
│   ├── ipa
│   │   ├── 00-ipa-pregame.sh
│   │   ├── 10-install-ipa.sh
│   │   ├── 11-configure-ipa.sh
│   │   ├── 12-verify-ipa.sh
│   │   ├── 20-ipa-user.sh
│   │   ├── 21-ipa-service.sh
│   │   ├── 22-ipa-dns.sh
│   │   ├── 23-ipa-sudo.sh
│   │   ├── 50-cleanup-ipa.sh
│   │   └── README.md
│   └── lamp
│   ├── 00-install-lamp.sh
│   ├── 01-verification.sh
│   └── 10-test-lamp.sh
└── stacks.sh
└── stacks
├── ipa
│   ├── 00-ipa-pregame.sh
│   ├── 10-install-ipa.sh
│   ├── 11-configure-ipa.sh
│   ├── 12-verify-ipa.sh
│   ├── 20-ipa-user.sh
│   ├── 21-ipa-service.sh
│   ├── 22-ipa-dns.sh
│   ├── 23-ipa-sudo.sh
│   ├── 50-cleanup-ipa.sh
│   └── README.md
└── lamp
├── 00-install-lamp.sh
├── 01-verification.sh
└── 10-test-lamp.sh
```

2
func/common/exports.sh
View File

@ -11,5 +11,5 @@ export readonly RELEASE_NAME=rocky
# A 0 means it was successful. It can be changed to 1 on failure.
export IPAINSTALLED=0
LOGFILE="$(pwd)/log/$(date +'%m-%d-%Y')-tests.log"
LOGFILE="./log/$(date +'%m-%d-%Y')-tests.log"
export LOGFILE

27
func/common/imports.sh
View File

@ -36,25 +36,11 @@ function r_processor() {
if [[ "$(basename ${file})" =~ README|^\.|^_ ]]; then
continue
fi
[ -x "${file}" ] && echo "Begin processing script: ${file}" && "${file}"
[ -x "${file}" ] && "${file}"
done
return 0
}
function r_checkEPELEnabled() {
/usr/bin/dnf repolist | grep -q '^epel'
return $?
}
function r_checkTmpNoExec() {
grep 'tmp' /etc/fstab | grep -q noexec
tmpexec=$?
if [ "$tmpexec" -eq "0" ]; then
r_log "internal" "WARN: noexec is set for temporary directories. Some tests may fail."
fi
}
################################################################################
# Functions that deal with (p)ackages
@ -113,11 +99,7 @@ function p_getPackageArch() {
}
function p_getDist() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f1
}
function p_getMinorVersion() {
rpm -q --whatprovides redhat-release --queryformat '%{version}\n' | cut -d'.' -f2
rpm -q "$(rpm -qf /etc/redhat-release)" --queryformat '%{version}\n' | cut -d'.' -f1
}
################################################################################
@ -222,16 +204,12 @@ function m_recycleLog() {
rl_ver=$(p_getDist)
rl_arch=$(m_getArch)
rl_minor_ver=$(p_getMinorVersion)
export rl_ver
export rl_arch
export rl_minor_ver
export -f r_log
export -f r_checkExitStatus
export -f r_processor
export -f r_checkEPELEnabled
export -f r_checkTmpNoExec
export -f p_installPackageNormal
export -f p_installPackageNoWeaks
export -f p_removePackage
@ -240,7 +218,6 @@ export -f p_resetModule
export -f p_getPackageRelease
export -f p_getPackageArch
export -f p_getDist
export -f p_getMinorVersion
export -f m_serviceCycler
export -f m_checkForPort
export -f m_assertCleanExit

1
func/core/o_basic/README.md
View File

@ -1 +0,0 @@
Basic tests, such as repos

56
func/core/o_basic/repos.py
View File

@ -1,56 +0,0 @@
#!/usr/bin/env python3
# label <label@rockylinux.org>
import datetime
import sys
import dnf
import dnf.exceptions
# pylint: disable=unnecessary-lambda-assignment
now = datetime.datetime.today().strftime("%m-%d-%Y %T")
class DnfQuiet(dnf.Base):
"""
DNF object
This is in the event we need special functions
"""
def __init__(self):
dnf.Base.__init__(self)
def main():
"""
Main run
"""
dnfobj = DnfQuiet()
releasever = dnfobj.conf.releasever
try:
dnfobj.read_all_repos()
# pylint: disable=bare-except
except:
print(f'[-] {now} -> Could not read repos', file=sys.stderr)
sys.exit(1)
rocky_default_repos = {
'8': ['baseos', 'appstream', 'extras'],
'9': ['baseos', 'appstream', 'extras']
}.get(releasever, None)
if not rocky_default_repos:
print(f'[-] {now} -> Not a Rocky Linux system')
sys.exit(1)
print(f'[-] {now} -> Checking if non-default repo is enabled')
_not_allowed=False
for repo in list(dnfobj.repos.iter_enabled()):
if not repo.id in rocky_default_repos:
print(f'[-] {now} -> {repo.id} is enabled and should be disabled')
_not_allowed=True
if _not_allowed:
print(f'[-] {now} -> FAIL - There are extra repos enabled')
sys.exit(1)
print(f'[-] {now} -> PASS')
sys.exit(0)
if __name__ == "__main__":
main()

6
func/core/pkg_acl/00-install-acl.sh
View File

@ -1,8 +1,6 @@
#!/bin/bash
r_log "acl" "Install the acl package"
p_installPackageNormal acl
p_installPackageNormal attr
# This normally is not needed.
#r_log "acl" "Remount filesystems with ACL support"
#mount -o remount,acl /
r_log "acl" "Remount filesystems with ACL support (this normally should not be needed)"
mount -o remount,acl /
sleep 3

2
func/core/pkg_acl/10-test-acl-functions.sh
View File

@ -2,7 +2,6 @@
ACLFILE=/tmp/testfile_acl
r_log "acl" "Test that the acl get and set functions work"
touch "${ACLFILE}"
trap '/bin/rm -f ${ACLFILE}' EXIT
# Use setfacl for readonly
r_log "acl" "Set readonly ACL for the user nobody"
@ -13,3 +12,4 @@ r_log "acl" "Verifying that the nobody user is set to read only"
getfacl "${ACLFILE}" | grep -q 'user:nobody:r--'
r_checkExitStatus $?
/bin/rm -f "${ACLFILE}"

22
func/core/pkg_acl/11-test-acl-xattr.sh
View File

@ -1,22 +0,0 @@
#!/bin/bash
ACLIMG=/tmp/testacl.img
r_log "acl" "Test the use of xattr"
touch "${ACLIMG}"
trap '/bin/rm -f ${ACLIMG}' EXIT
# Use setfacl for readonly
r_log "acl" "Create image"
dd if=/dev/zero of=${ACLIMG} bs=1024000 count=100
echo -e 'y\n' | mkfs.ext3 "${ACLIMG}"
mkdir /mnt/xattr
mount -t ext3 -o loop,user_xattr "${ACLIMG}" /mnt/xattr
touch /mnt/xattr/testfile
r_log "acl" "Apply attrs as needed"
setfattr -n user.nobody /mnt/xattr/testfile
getfattr /mnt/xattr/testfile | grep -q 'user.nobody'
final_status=$?
umount /mnt/xattr
r_checkExitStatus $final_status

2
func/core/pkg_archive/00-install-formats.sh
View File

@ -2,4 +2,4 @@
r_log "archive" "Installing appropriate archive formats"
# We might need expect for zmore - does anyone actually use zmore?
p_installPackageNormal bzip2 diffutils gzip less tar unzip util-linux-ng zip lzop
p_installPackageNormal bzip2 diffutils gzip less ncompress tar unzip util-linux-ng zip lzop

3
func/core/pkg_archive/10-bzip.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash
r_log "archive" "Test bzip/bzcat/bunzip"
FILE=/var/tmp/bziptest.txt
trap '/bin/rm -f ${FILE}' EXIT
cat > "$FILE" <<EOF
testing text
@ -24,3 +23,5 @@ fi
grep -q 'testing text' "${FILE}"
r_checkExitStatus $?
/bin/rm -f "${FILE}*"

3
func/core/pkg_archive/20-gzip-bin-test.sh
View File

@ -1,9 +1,8 @@
#!/bin/bash
r_log "archive" "Verifying gzip binaries"
echo -n "Processing; "
for bin in gunzip gzexe gzip zcat zcmp zdiff zegrep zfgrep zforce zgrep zless zmore znew; do
echo -n "$bin "
echo -n "$bin"
r_log "archive" "$bin"
$bin --version &> /dev/null || r_checkExitStatus 1
done

15
func/core/pkg_archive/21-gzip-test.sh
View File

@ -4,9 +4,6 @@ r_log "archive" "Test gzip/zcat/gunzip"
FILE=/var/tmp/gzip-test.txt
MD5HASH=e6331c582fbad6653832860f469f7d1b
# clean up
trap '/bin/rm $FILE* &> /dev/null && /bin/rm -rf /var/tmp/gziptest &> /dev/null' EXIT
# Double check that stuff is cleared out
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null
@ -92,12 +89,8 @@ gzip $FILE $FILE.1 || r_checkExitStatus 1
r_log "archive" "Verify that .Z files can be handled"
gunzip $FILE.gz
ls -l /var/tmp >> $FILE
if [ "$RL_VER" -eq 8 ]; then
compress $FILE || r_checkExitStatus 1
gunzip $FILE.Z || r_checkExitStatus 1
else
r_log "archive" "Skipping for 9"
fi
compress $FILE || r_checkExitStatus 1
gunzip $FILE.Z || r_checkExitStatus 1
# handle some zip files
r_log "archive" "Verify that .zip files can be handled"
@ -110,3 +103,7 @@ tar -czf $FILE.tgz $FILE &> /dev/null
gunzip $FILE.tgz
[ -e $FILE.tar ]
r_checkExitStatus $?
# clean up
/bin/rm $FILE* &> /dev/null
/bin/rm -rf /var/tmp/gziptest &> /dev/null

4
func/core/pkg_archive/22-gzexe.sh
View File

@ -2,8 +2,6 @@
r_log "archive" "Checking gzexe"
r_log "archive" "Creating archive"
FILE=/var/tmp/gzexe-test-script
trap '/bin/rm -f $FILE* 2>/dev/null' EXIT
/bin/rm -f $FILE* &>/dev/null
cat > $FILE <<EOF
@ -20,3 +18,5 @@ r_log "archive" "Test gzexe"
r_log "archive" "Check that it actually runs"
$FILE | grep -q "Hello!"
r_checkExitStatus $?
/bin/rm -f $FILE* 2>/dev/null

3
func/core/pkg_archive/23-zcmp-zdiff.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash
r_log "archive" "Check zcmp and zdiff"
BASEFILE="/var/tmp/gziptest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
@ -16,3 +15,5 @@ r_log "archive" "Check zcmp"
r_log "archive" "Check zdiff"
/bin/zdiff ${BASEFILE}.1.gz ${BASEFILE}.2.gz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

3
func/core/pkg_archive/24-zforce.sh
View File

@ -2,7 +2,6 @@
r_log "archive" "Testing zforce"
BASEFILE="/var/tmp/abcdefg"
trap '/bin/rm "$BASEFILE.gz"' EXIT
/bin/rm $BASEFILE* &>/dev/null
cat > $BASEFILE <<EOF
@ -15,3 +14,5 @@ mv $BASEFILE.gz $BASEFILE
zforce $BASEFILE || r_checkExitStatus 1
[ -e "$BASEFILE.gz" ]
r_checkExitStatus $?
/bin/rm "$BASEFILE.gz"

3
func/core/pkg_archive/25-zgrep.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash
r_log "archive" "Testing zgrep"
BASEFILE=/var/tmp/zgreptest
trap '/bin/rm $BASEFILE*' EXIT
/bin/rm $BASEFILE* &> /dev/null
cat > $BASEFILE <<EOF
@ -12,3 +11,5 @@ gzip $BASEFILE
zgrep -q 'Green Obsidian' $BASEFILE.gz
r_checkExitStatus $?
/bin/rm $BASEFILE*

0
func/core/pkg_archive/27-znew.sh Normal file → Executable file
View File

3
func/core/pkg_archive/30-tar.sh
View File

@ -4,7 +4,6 @@ r_log "archive" "Test tar create and extract"
TARDIR="/var/tmp/tartest"
FILE1="$TARDIR/test.1.txt"
FILE2="$TARDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/tarfile.tar $TARDIR' EXIT
mkdir -p $TARDIR
cat > $FILE1 <<EOF
@ -33,3 +32,5 @@ if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
fi
r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/tarfile.tar $TARDIR

3
func/core/pkg_archive/40-xzcmp-xzdiff.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash
r_log "archive" "Check xzcmp and xzdiff"
BASEFILE="/var/tmp/xztest"
trap '/bin/rm -f ${BASEFILE}*' EXIT
/bin/rm -f ${BASEFILE}
cat > ${BASEFILE}.1 <<EOF
@ -16,3 +15,5 @@ r_log "archive" "Check xzcmp"
r_log "archive" "Check xzdiff"
/bin/zdiff ${BASEFILE}.1.xz ${BASEFILE}.2.xz || r_checkExitStatus 1
/bin/rm -f ${BASEFILE}*

5
func/core/pkg_archive/40-zip.sh
View File

@ -4,7 +4,6 @@ r_log "archive" "Test zip create and extract"
ZIPDIR="/var/tmp/ziptest"
FILE1="$ZIPDIR/test.1.txt"
FILE2="$ZIPDIR/test.2.txt"
trap '/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR' EXIT
mkdir -p $ZIPDIR
cat > $FILE1 <<EOF
@ -32,4 +31,6 @@ if [ $RES1 == 0 ] && [ $RES2 == 0 ]; then
ret_val=0
fi
r_checkExitStatus "$ret_val"
r_checkExitStatus $ret_val
/bin/rm -rf /var/tmp/zipfile.zip $ZIPDIR

5
func/core/pkg_archive/50-lzop.sh
View File

@ -2,7 +2,6 @@
r_log "archive" "Testing lzop compress and decompress"
LZOFILE=/var/tmp/obsidian.txt
trap '/bin/rm ${LZOFILE}' EXIT
echo 'Green Obsidian is the release name' > ${LZOFILE}
@ -14,5 +13,5 @@ lzop -d ${LZOFILE}.lzo -o ${LZOFILE}
/bin/rm ${LZOFILE}.lzo
grep -q 'Green Obsidian' ${LZOFILE}
ret_val="$?"
r_checkExitStatus "$ret_val"
/bin/rm ${LZOFILE}

7
func/core/pkg_attr/10-check-attr.sh
View File

@ -2,8 +2,6 @@
ATTRTEST="/var/tmp/attrtest.img"
ATTRMNT="/mnt/attrtest"
trap 'umount /mnt/attrtest ; /bin/rm -f ${ATTRTEST} ; /bin/rm -rf ${ATTRMNT}' EXIT
r_log "attr" "Checking that *attr works"
dd if=/dev/zero of="${ATTRTEST}" bs=1024000 count=100 &>/dev/null
r_checkExitStatus $?
@ -16,3 +14,8 @@ setfattr -n user.test "${ATTRMNT}/testfile"
getfattr "${ATTRMNT}/testfile" | grep -oq "user.test"
r_checkExitStatus $?
# Cleanup
umount /mnt/attrtest
/bin/rm -f "${ATTRTEST}"
/bin/rm -rf "${ATTRMNT}"

3
func/core/pkg_coreutils/12-cat.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "coreutils" "Testing cat"
trap "/bin/rm /var/tmp/cattest" EXIT
cat > /var/tmp/cattest <<EOF
Green Obsidian
@ -8,3 +7,5 @@ EOF
grep -q "Green Obsidian" /var/tmp/cattest
r_checkExitStatus $?
/bin/rm /var/tmp/cattest

2
func/core/pkg_coreutils/17-readlink.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
r_log "coreutils" "Testing readlink"
trap "/bin/rm /var/tmp/listen" EXIT
ln -s /var/tmp/talk /var/tmp/listen
readlink /var/tmp/listen | grep -q "/var/tmp/talk"
r_checkExitStatus $?
/bin/rm /var/tmp/listen

3
func/core/pkg_coreutils/20-hash.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "coreutils" "Test hash sum tools"
trap '/bin/rm ${HASHFILE}' EXIT
HASHFILE=/var/tmp/obsidian
echo "Green Obsidian is our release name" > ${HASHFILE}
@ -23,3 +22,5 @@ r_checkExitStatus $?
r_log "coreutils" "Test sha512sum"
/usr/bin/sha512sum ${HASHFILE} | grep -q e50554c29a5cb7bd04279d3c0918e486024c79c4b305a2e360a97d4021dacf56ce0d17fa6e6a0e81ad03d5fb74fbe2d50cce6081c2c277f22b958cdae978a2f5
r_checkExitStatus $?
/bin/rm ${HASHFILE}

3
func/core/pkg_coreutils/21-touch-ls.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "coreutils" "Testing touch and ls"
trap '/bin/rm /tmp/touch-?' EXIT
r_log "coreutils" "Touch files with specific dates"
touch -t 199104230420 /tmp/touch-1
@ -11,3 +10,5 @@ r_log "coreutils" "Verify that the oldest file is last"
ls -lt /tmp/touch-? | tail -n 1 | grep -q 'touch-1'
r_checkExitStatus $?
/bin/rm /tmp/touch-?

2
func/core/pkg_coreutils/22-uniq.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "coreutils" "Ensure uniq works as expected"
trap '/bin/rm /var/tmp/uniq' EXIT
cat > /var/tmp/uniq <<EOF
Rocky
@ -15,3 +14,4 @@ EOF
uniq -d /var/tmp/uniq | wc -l | grep -q 2 && uniq -u /var/tmp/uniq | wc -l | grep -q 4
r_checkExitStatus $?
/bin/rm /var/tmp/uniq

3
func/core/pkg_coreutils/23-wc.sh
View File

@ -2,7 +2,6 @@
r_log "coreutils" "Ensure wc works as expected"
r_log "coreutils" "This should have already been done with uniq"
# Context: we should probably test some switches...
trap "/bin/rm /var/tmp/wc" EXIT
cat > /var/tmp/wc <<EOF
Rocky
@ -22,3 +21,5 @@ wc -L /var/tmp/wc | grep -q 8 && \
wc -w /var/tmp/wc | grep -q 8
r_checkExitStatus $?
/bin/rm /var/tmp/wc

8
func/core/pkg_cpio/10-cpio.sh
View File

@ -5,18 +5,14 @@ OUTTER=/var/tmp/cpio/out
INNER=/var/tmp/cpio/in
PASSER=/var/tmp/cpio/pass
trap '/bin/rm -rf /var/tmp/cpio' EXIT
# Nothing should be here. Clean up first.
[ -d /var/tmp/cpio ] && /bin/rm -rf /var/tmp/cpio
r_log "cpio" "Test basic copy out"
mkdir -p "$OUTTER" "$INNER" "$PASSER"
# Ensure at least one file exists in /tmp to prevent errors.
echo 1 > $(mktemp)
# shellcheck disable=2012
find /tmp -type f | cpio -o > "$OUTTER"/cpio.out 2> /dev/null
ls /tmp | cpio -o > "$OUTTER"/cpio.out
r_checkExitStatus $?
r_log "cpio" "Test basic copy in"
@ -27,7 +23,7 @@ popd || exit 1
r_log "cpio" "Test basic passthrough"
pushd "$INNER" || exit 1
find . | cpio -pd "$PASSER"
find /tmp | cpio -pd "$PASSER"
r_checkExitStatus $?
popd || exit 1

1
func/core/pkg_cracklib/10-test-passwords.sh
View File

@ -15,4 +15,3 @@ r_checkExitStatus $?
r_log "cracklib" "Testing a complicated password"
echo -e "2948_Obaym-" | cracklib-check | grep -q "OK"
r_checkExitStatus $?

4
func/core/pkg_cron/10-dot-cron.sh
View File

@ -1,8 +1,6 @@
#!/bin/bash
r_log "cron" "Testing hourly cron jobs"
trap '/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh' EXIT
cat > /etc/cron.hourly/rocky.sh <<EOF
#!/bin/bash
echo "obsidian"
@ -36,3 +34,5 @@ chmod +x /etc/cron.weekly/rocky.sh
run-parts /etc/cron.weekly | grep -q "obsidian"
r_checkExitStatus $?
/bin/rm /etc/cron.{weekly,daily,hourly}/rocky.sh

3
func/core/pkg_file/30-mime-symlink.sh
View File

@ -1,8 +1,9 @@
#!/bin/bash
r_log "file" "Check that we can see a symlink"
FILE_PATH=/var/tmp/linktest
trap '/bin/rm ${FILE_PATH}' EXIT
MIME="inode/symlink"
ln -s /etc/issue $FILE_PATH
file -i $FILE_PATH | grep -q "${MIME}"
r_checkExitStatus $?
/bin/rm /var/tmp/linktest

9
func/core/pkg_findutils/10-find.sh
View File

@ -2,7 +2,6 @@
r_log "findutils" "Testing basic find stuff"
TMPDIR=/var/tmp/find
trap '/bin/rm -rf $TMPDIR' EXIT
[ -e $TMPDIR ] && rm -rf "$TMPDIR"
@ -38,8 +37,8 @@ r_log "findutils" "Perform for xargs test: fails with spaces in the name"
# shellcheck disable=SC2038
find "$TMPDIR" -type f | xargs ls &> /dev/null && { r_log "findutils" "Why did this get a 0 exit?"; exit "$FAIL"; }
ret_val=$?
if [ "$ret_val" -ne "0" ]; then
r_checkExitStatus 0
else
r_checkExitStatus 1
if [ "$ret_val" -ne 0 ]; then
r_checkExitStatus $?
fi
rm -rf "$TMPDIR"

2
func/core/pkg_firefox/10-check-firefox-start-page.sh
View File

@ -9,7 +9,7 @@ fi
COUNTS="$(grep -c rockylinux.org $FIREPATH)"
if [ "$COUNTS" -ge 2 ]; then
if [ "$COUNTS" -eq 2 ]; then
r_checkExitStatus 0
else
r_checkExitStatus 1

13
func/core/pkg_freeradius/10-test-freeradius.sh
View File

@ -1,14 +1,7 @@
#!/bin/bash
function cleanup() {
cp /etc/raddb/users.backup /etc/raddb/users
rm -rf /etc/raddb/users.backup
systemctl stop radiusd.service
}
r_log "freeradius" "Test basic freeradius functionality"
r_log "freeradius" "Configure freeradius"
trap cleanup EXIT
r_log "freeradius" "Configure freeradius"
cp /etc/raddb/users /etc/raddb/users.backup
cat >> /etc/raddb/users << EOF
rocky Cleartext-Password := "rocky"
@ -20,3 +13,7 @@ systemctl start radiusd.service
sleep 1
echo "User-Name=rocky,User-Password=rocky " | radclient -x localhost:1812 auth testing123 | grep -q 'Access-Accept'
r_checkExitStatus $?
cp /etc/raddb/users.backup /etc/raddb/users
rm -rf /etc/raddb/users.backup
systemctl stop radiusd.service

1
func/core/pkg_git/11-test-clone-log.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "git" "Test basic git clones"
trap 'rm -rf $TMPREPO' EXIT
WORKDIR=$(pwd)
TMPREPO=/var/tmp/repo

2
func/core/pkg_httpd/10-httpd-branding.sh
View File

@ -2,7 +2,7 @@
r_log "httpd" "Verify httpd branding"
r_log "httpd" "Token"
curl -sI http://localhost/ | grep -i "Server:\ Apache.*\ (Rocky Linux)" > /dev/null 2>&1
curl -sI http://localhost/ | grep -i "Server:\ Apache.*\ (Rocky)" > /dev/null 2>&1
r_checkExitStatus $?
r_log "httpd" "index"

6
func/core/pkg_httpd/30-test-basic-auth.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "httpd" "Test basic authentication functionality"
trap "rm /etc/httpd/conf.d/test-basic-auth.conf ; m_serviceCycler httpd reload" EXIT
cat > /etc/httpd/conf.d/test-basic-auth.conf <<EOF
## Core basic auth test
@ -16,8 +15,9 @@ EOF
htpasswd -c -b /etc/httpd/htpasswd tester tester
mkdir -p /var/www/html/basic_auth
echo "Basic Auth Test" > /var/www/html/basic_auth/index.html
# This isn't normally needed, it should just work
restorecon -R /var/www/html
m_serviceCycler httpd cycle
curl -s -u tester:tester http://localhost/basic_auth/ | grep -q 'Basic Auth Test' > /dev/null 2>&1
r_checkExitStatus $?
rm /etc/httpd/conf.d/test-basic-auth.conf
m_serviceCycler httpd reload

13
func/core/pkg_httpd/40-test-basic-vhost.sh
View File

@ -1,12 +1,5 @@
#!/bin/bash
function cleanup() {
rm /etc/httpd/conf.d/vhost.conf
sed -i '/127.0.0.1 coretest/d' /etc/hosts
m_serviceCycler httpd reload
}
r_log "httpd" "Test basic vhost functionality"
trap cleanup EXIT
echo "127.0.0.1 coretest" >> /etc/hosts
cat > /etc/httpd/conf.d/vhost.conf << EOF
@ -21,10 +14,12 @@ EOF
mkdir -p /var/www/vhost/coretest
echo "core vhost test page" > /var/www/vhost/coretest/index.html
# This isn't normally needed, it should just work
restorecon -R /var/www/vhost
m_serviceCycler httpd cycle
curl -s http://coretest/ | grep -q 'core vhost test page' > /dev/null 2>&1
r_checkExitStatus $?
rm /etc/httpd/conf.d/vhost.conf
sed -i '/127.0.0.1 coretest/d' /etc/hosts
m_serviceCycler httpd reload

2
func/core/pkg_httpd/50-test-basic-php.sh
View File

@ -2,8 +2,6 @@
r_log "httpd" "Test basic php"
echo "<?php echo phpinfo(); ?>" > /var/www/html/test.php
# This isn't normally needed, it should just work
restorecon -R /var/www/html
curl -s http://localhost/test.php | grep -q 'PHP Version' > /dev/null 2>&1
r_checkExitStatus $?

5
func/core/pkg_lsb/00-install-lsb.sh
View File

@ -1,8 +1,3 @@
#!/bin/bash
r_log "lsb" "Install LSB package"
if [ "$RL_VER" -ge 8 ]; then
r_log "lsb" "redhat-lsb is not in EL9"
exit $PASS
fi
p_installPackageNormal redhat-lsb

5
func/core/pkg_lsb/10-test-branding.sh
View File

@ -1,10 +1,5 @@
#!/bin/bash
r_log "lsb" "Test LSB branding"
if [ "$RL_VER" -ge 8 ]; then
r_log "lsb" "redhat-lsb is not in EL9"
exit $PASS
fi
lsb_release -i | grep -q "Rocky"
r_checkExitStatus $?
lsb_release -d | grep -q "Rocky"

3
func/core/pkg_mdadm/00-install-mdadm.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "mdadm" "Install mdadm"
p_installPackageNormal mdadm

13
func/core/pkg_mdadm/01-test-mdadm.sh
View File

@ -1,13 +0,0 @@
#!/bin/bash
r_log "mdadm" "Check that mdadm will operate and return the right exit codes"
[ ${EUID} -eq 0 ] || { r_log "mdadm" "Not running as root. Skipping." ; exit "$PASS"; }
MDADM=$(which mdadm)
[ -z "${MDADM}" ] && { r_log "mdadm" "which reported the binary but it doesn't exist, why?"; exit "$FAIL"; }
${MDADM} --detail --scan &> /dev/null
ret_val=$?
[ "$ret_val" -eq 0 ] || { r_log "mdadm" "There was a non-zero exit. This is likely fatal."; exit "$FAIL"; }
r_checkExitStatus $ret_val

6
func/core/pkg_network/00-install-packages.sh
View File

@ -1,7 +1,3 @@
#!/bin/bash
r_log "network" "Install necessary network packages and utilities"
pkgs=(traceroute iputils iproute mtr psmisc net-tools which iptraf)
if [ "$RL_VER" -eq 8 ]; then
pkgs+=( arpwatch )
fi
p_installPackageNormal "${pkgs[@]}"
p_installPackageNormal traceroute iputils iproute mtr arpwatch psmisc net-tools which iptraf

0
func/core/pkg_network/30-test-arpwatch.sh Normal file → Executable file
View File

3
func/core/pkg_openssh/00-install-openssh.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "openssh" "Install openssh"
p_installPackageNormal openssh-clients openssh-server sshpass

5
func/core/pkg_openssh/01-test-ssh-listen.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
r_log "openssh" "Ensure ssh is listening"
echo "" > /dev/tcp/localhost/22
r_checkExitStatus $?

16
func/core/pkg_openssh/10-test-login.sh
View File

@ -1,16 +0,0 @@
#!/bin/bash
r_log "openssh" "Testing basic login (using sshpass)"
trap 'userdel -rf sshpasstest; unset SSHPASS' EXIT
if sshd -T | grep -q "passwordauthentication yes"; then
r_log "openssh" "Creating test user"
export SSHPASS="Blu30nyx!"
useradd sshpasstest
echo "${SSHPASS}" | passwd --stdin sshpasstest
r_log "openssh" "Testing login"
sshpass -e ssh sshpasstest@localhost echo 'hello'
r_checkExitStatus $?
else
r_log "openssh" "Skipping test"
exit 0
fi

32
func/core/pkg_openssh/11-test-key.sh
View File

@ -1,32 +0,0 @@
#!/bin/bash
r_log "openssh" "Testing key login (using sshpass)"
case $RL_VER in
8)
KEYTYPES="rsa ecdsa ed25519"
;;
9)
KEYTYPES="rsa ecdsa ed25519"
;;
*)
KEYTYPES="ed25519"
;;
esac
r_log "openssh" "Creating test user"
useradd sshkeytest
echo "Blu30nyx!" | passwd --stdin sshkeytest
for KEYTYPE in $KEYTYPES; do
r_log "openssh" "Creating key: ${KEYTYPE}"
runuser -l sshkeytest -c "echo | ssh-keygen -q -t ${KEYTYPE} -b 4096 -f ~/.ssh/id_${KEYTYPE}" > /dev/null
runuser -l sshkeytest -c "cat ~/.ssh/*pub > ~/.ssh/authorized_keys && chmod 600 ~/.ssh/*keys" > /dev/null
STRINGTEST=$(mktemp -u)
echo "${STRINGTEST}" > /home/sshkeytest/test_file
r_log "openssh" "Testing key: ${KEYTYPE}"
runuser -l sshkeytest -c "ssh -i ~/.ssh/id_${KEYTYPE} localhost | grep -q ${STRINGTEST} /home/sshkeytest/test_file"
ret_val=$?
r_checkExitStatus $ret_val
done
userdel -rf sshkeytest

4
func/core/pkg_podman/00-install-podman.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
#
r_log "podman" "Installing podman"
p_installPackageNormal podman

32
func/core/pkg_podman/10-test-podman.sh
View File

@ -1,32 +0,0 @@
#!/bin/bash
r_log "podman" "Testing podman"
test_to_run=(
"podman version"
"podman info"
"podman run --rm quay.io/rockylinux/rockylinux:${RL_VER}"
"podman system service -t 1"
"touch ${HOME}/test.txt && \
podman run --rm --privileged -v ${HOME}/test.txt:/test.txt quay.io/rockylinux/rockylinux:${RL_VER} bash -c 'echo HELLO > /test.txt' && \
grep -qe 'HELLO' ${HOME}/test.txt && \
rm -f ${HOME}/test.txt"
"printf \"FROM quay.io/rockylinux/rockylinux:${RL_VER}\nCMD echo 'HELLO'\n\" > ${HOME}/Containerfile && \
podman build -t test:latest -f ${HOME}/Containerfile && \
podman image rm localhost/test:latest && \
rm -rf ${HOME}/Containerfile"
)
tmpoutput="$(mktemp)"
trap 'rm -f ${tmpoutput}' EXIT
for command in "${test_to_run[@]}"; do
r_log "podman" "Running $0: ${command}"
if ! eval "${command}" > "${tmpoutput}" 2>&1; then
r_log "podman" "${command} has failed."
cat "${tmpoutput}"
exit 1
else
r_checkExitStatus 0
fi
done

31
func/core/pkg_podman/11-test-podman-socket.sh
View File

@ -1,31 +0,0 @@
#!/bin/bash
r_log "podman" "Testing podman sockets"
useradd podman-remote
loginctl enable-linger podman-remote
tmpoutput="$(mktemp)"
trap 'loginctl terminate-user podman-remote && loginctl disable-linger podman-remote && sleep 1 && userdel -r podman-remote && rm -f ${tmpoutput}' EXIT
sleep 3
su -l podman-remote > "${tmpoutput}" 2>&1 <<EOF
set -e
export XDG_RUNTIME_DIR=/run/user/\$(id -u)
systemctl --user enable --now podman.socket
podman --url unix://run/user/\$(id -u)/podman/podman.sock run --name port-mapping-test -d -p 8080:80 docker.io/nginx
pid=\$(systemctl --user show --property MainPID --value podman.service)
while [ "\${pid}" -ne 0 ] && [ -d /proc/\${pid} ]; do sleep 1; echo "Waiting for podman to exit"; done
podman --url unix://run/user/\$(id -u)/podman/podman.sock ps | grep -q -e port-mapping-test
podman --url unix://run/user/\$(id -u)/podman/podman.sock container rm -f port-mapping-test
systemctl --user disable --now podman.socket
EOF
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
cat "${tmpoutput}"
r_checkExitStatus 1
fi
r_checkExitStatus 0

1
func/core/pkg_postfix/00-install-postfix.sh
View File

@ -1,6 +1,5 @@
#!/bin/bash
r_log "postfix" "Install postfix (requires stop of other pieces)"
# This is OK if it fails - This is also not logged except in stderr
m_serviceCycler sendmail stop
p_installPackageNormal postfix nc dovecot openssl
m_serviceCycler postfix enable

3
func/core/pkg_postfix/30-postfix-sasl.sh
View File

@ -18,3 +18,6 @@ mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
r_checkExitStatus $ret_val
cp -a /etc/postfix/main.cf.backup /etc/postfix/main.cf
cp -a /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf

20
func/core/pkg_postfix/40-postfix-tls.sh
View File

@ -2,17 +2,6 @@
r_log "postfix" "Test postfix with TLS"
DROPDIR=/var/tmp/postfix
function cleanup() {
mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
rm /etc/pki/tls/certs/mail.crt
rm /etc/pki/tls/private/mail.key
rm -rf $DROPDIR/mail.*
rm -rf /var/tmp/postfix
}
trap cleanup EXIT
cp -a /etc/postfix/main.cf /etc/postfix/main.cf.backup
cp -a /etc/dovecot/dovecot.conf /etc/dovecot/dovecot.conf.backup
@ -70,4 +59,11 @@ r_log "postfix" "Testing that postfix offers STARTTLS"
echo "ehlo test" | nc -w 3 127.0.0.1 25 | grep -q "STARTTLS"
ret_val=$?
r_checkExitStatus $ret_val
mv /etc/postfix/main.cf.backup /etc/postfix/main.cf
mv /etc/dovecot/dovecot.conf.backup /etc/dovecot/dovecot.conf
rm /etc/pki/tls/certs/mail.crt
rm /etc/pki/tls/certs/mail.key
rm -rf $DROPDIR/mail.*
rm -rf /var/tmp/postfix
r_checkExitStatus $?

3
func/core/pkg_postgresql/00-install-postgresql.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "postgresql" "Installing postgresql"
p_installPackageNormal postgresql-server postgresql

5
func/core/pkg_postgresql/01-configure-postgresql.sh
View File

@ -1,5 +0,0 @@
#!/bin/bash
r_log "postgresql" "Initialize postgresql"
postgresql-setup --initdb
m_serviceCycler postgresql cycle
sleep 15

4
func/core/pkg_postgresql/10-create-db.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Creating db"
su - postgres -c 'createdb pg_test'
r_checkExitStatus $?

4
func/core/pkg_postgresql/11-create-user.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Creating user"
su - postgres -c 'createuser -S -R -D testuser' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_postgresql/20-drop-db.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Dropping database"
su - postgres -c 'dropdb pg_test' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_postgresql/21-drop-user.sh
View File

@ -1,4 +0,0 @@
#!/bin/bash
r_log "postgresql" "Dropping user"
su - postgres -c 'dropuser testuser' > /dev/null 2>&1
r_checkExitStatus $?

4
func/core/pkg_release/20-check-gpg-keys.sh
View File

@ -4,8 +4,8 @@ if [ "$RL_VER" -eq 8 ]; then
file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial > /dev/null 2>&1 && \
file /etc/pki/rpm-gpg/RPM-GPG-KEY-rockytesting > /dev/null 2>&1
else
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}" > /dev/null 2>&1 && \
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}-Testing" > /dev/null 2>&1
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}" > /ev/null 2>&1 && \
file "/etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-${RL_VER}-Testing" > /ev/null 2>&1
fi
r_checkExitStatus $?

6
func/core/pkg_release/30-os-release.sh
View File

@ -4,10 +4,10 @@ r_log "rocky" "Check /etc/os-release stuff"
r_log "rocky" "Verify support directives"
for s in NAME=\"Rocky\ Linux\" \
ID=\"rocky\" \
ROCKY_SUPPORT_PRODUCT=\"Rocky-Linux-$RL_VER\" \
ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\..*\"; do
ROCKY_SUPPORT_PRODUCT=\"Rocky\ Linux\" \
ROCKY_SUPPORT_PRODUCT_VERSION=\"$RL_VER\"; do
if ! grep -q "$s" /etc/os-release; then
r_log "rocky" "Missing string ($s) in /etc/os-release"
r_log "rocky" "Missing string in /etc/os-release"
r_checkExitStatus 1
fi
done

19
func/core/pkg_release/50-release-ver.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
# Check that the release package is 1.X
r_log "rocky release" "Checking that the package is at least X.Y-1.B"
RELEASE_VER="$(rpm -q rocky-release --qf '%{RELEASE}')"
RELNUM="${RELEASE_VER:0:1}"
if [ "${RELNUM}" -ge "1" ]; then
if [[ "${RELEASE_VER:0:3}" =~ ^${RELNUM}.[[:digit:]] ]]; then
ret_val="0"
else
r_log "rocky release" "FAIL: The release package is not in X.Y-A.B format"
ret_val="1"
fi
else
r_log "rocky release" "FAIL: The release package likely starts with 0 and is not considered production ready."
ret_val="1"
fi
r_checkExitStatus $ret_val

11
func/core/pkg_secureboot/11-test-shim-certs.sh
View File

@ -8,12 +8,7 @@ if [ ! -d /sys/firmware/efi ]; then
exit 0
fi
else
if [[ "$rl_arch" == "x86_64" ]]; then
p_installPackageNormal pesign
pesign --show-signature --in /boot/efi/EFI/rocky/shim.efi | grep -Eq "Microsoft Windows UEFI Driver Publisher"
r_checkExitStatus $?
else
r_log "secureboot" "x86_64 is the only supported secureboot arch at this time"
exit 0
fi
p_installPackageNormal pesign
pesign --show-signature --in /boot/efi/EFI/rocky/shim.efi | grep -Eq "Microsoft Windows UEFI Driver Publisher"
r_checkExitStatus $?
fi

2
func/core/pkg_shadow-utils/30-group-tests.sh
View File

@ -110,6 +110,6 @@ r_log "shadow" "Test sg"
sg onyxuser "touch /var/tmp/onyxsg"
r_checkExitStatus $?
r_log "shadow" "Verify sg worked"
stat --format="%G" /var/tmp/onyxsg | grep -q onyxuser
stat --format="%U" /var/tmp/onyxsg | grep -q onyxuser
r_checkExitStatus $?
rm /var/tmp/onyxsg

13
func/core/pkg_shadow-utils/40-pw.sh
View File

@ -1,11 +1,4 @@
#!/bin/bash
function cleanup() {
pwconv
rm -rf /var/tmp/pwunconv /var/tmp/pwconv
}
trap cleanup EXIT
r_log "shadow" "Check that pwck can use correct files"
pwck -rq ./common/files/correct-passwd ./common/files/correct-shadow
r_checkExitStatus $?
@ -15,11 +8,9 @@ pwck -rq ./common/files/incorrect-passwd ./common/files/incorrect-shadow
ret_val=$?
if [ "$ret_val" -eq 0 ]; then
r_log "shadow" "They're correct."
r_checkExitStatus 1
else
r_log "shadow" "They're incorrect."
r_checkExitStatus 0
exit 1
fi
r_checkExitStatus 0
r_log "shadow" "Check that pwconv is functional"
mkdir -p /var/tmp/pwconv

3
func/core/pkg_tftp-server/00-install-tftp.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "tftp" "Installing packages"
p_installPackageNormal tftp-server tftp

23
func/core/pkg_tftp-server/01-configure-tftp.sh
View File

@ -1,23 +0,0 @@
#!/bin/bash
r_log "tftp" "Configure tftp"
if [ "$RL_VER" -eq 8 ]; then
cat <<EOF > /etc/xinetd.d/tftp
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = no
per_source = 11
cps = 100 2
flags = IPv4
}
EOF
fi
m_serviceCycler tftp.socket start

10
func/core/pkg_tftp-server/10-get-test.sh
View File

@ -1,10 +0,0 @@
#!/bin/bash
r_log "tftp" "Getting a file from tftp"
chmod 777 /var/lib/tftpboot
echo "rocky func" > /var/lib/tftpboot/tftptest
tftp 127.0.0.1 -c get tftptest
grep -q "rocky func" tftptest
r_checkExitStatus $?
/bin/rm tftptest

14
func/core/pkg_tftp-server/11-put-test.sh
View File

@ -1,14 +0,0 @@
#!/bin/bash
r_log "tftp" "Testing anon write"
TFTPDIR=/var/lib/tftpboot
setsebool tftp_anon_write 1
chmod 777 $TFTPDIR
echo "rocky func" > puttest
touch $TFTPDIR > $TFTPDIR/puttest
chmod 666 $TFTPDIR/puttest
tftp 127.0.0.1 -c put puttest
sleep 2
grep -q 'rocky func' $TFTPDIR/puttest
r_checkExitStatus $?
/bin/rm puttest
/bin/rm $TFTPDIR/puttest

59
func/ipa.sh
View File

@ -1,59 +0,0 @@
#!/bin/bash
# Release Engineering Core Functionality Testing
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Settings and variables
# Exits on any non-zero exit status - Disabled for now.
#set -e
# Undefined variables will cause an exit
set -u
COMMON_EXPORTS='./common/exports.sh'
COMMON_IMPORTS='./common/imports.sh'
SELINUX=$(getenforce)
# End
################################################################################
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
# Init log
# shellcheck disable=SC2015
[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
# SELinux check
if [ "$SELINUX" != "Enforcing" ]; then
echo -e "\n[-] $(date): SELinux is not enforcing."
exit 1
fi
r_log "internal" "Starting Release Engineering Core Tests"
################################################################################
# Script Work
# Skip tests in a list - some tests are already -x, so it won't be an issue
if [ -e skip.list ]; then
r_log "internal" "Disabling tests"
# shellcheck disable=SC2162
grep -E "^${RL_VER}" skip.list | while read line; do
# shellcheck disable=SC2086
testFile="$(echo $line | cut -d '|' -f 2)"
r_log "internal" "SKIP ${testFile}"
chmod -x "${testFile}"
done
r_log "internal" "WARNING: Tests above were disabled."
fi
# TODO: should we let $1 judge what directory is ran?
# TODO: get some stacks and lib in there
#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
r_processor <(/usr/bin/find ./stacks/ipa -type f | sort -t'/')
r_log "internal" "Core Tests completed"
exit 0

3
func/lib/pdf/00-install-pdf-utils.sh
View File

@ -1,3 +0,0 @@
#!/bin/bash
r_log "pdf" "Install enscript, ghostscript, and poppler"
p_installPackageNormal fontconfig @fonts enscript ghostscript poppler-utils

23
func/lib/pdf/10-test-pdf.sh
View File

@ -1,23 +0,0 @@
#!/bin/bash
r_log "pdf" "Create a PDF from postscript from text, convert it back to text and check"
trap 'rm -rf $PSFILE $PDFFILE $TESTFILE' EXIT
TOFIND="BlueOnyx"
PSFILE="/var/tmp/test.ps"
PDFFILE="/var/tmp/test.pdf"
TESTFILE="/var/tmp/psresult"
encript -q -p $PSFILE /etc/rocky-release
r_log "pdf" "Check created file"
grep -q $TOFIND $PSFILE
pdf_ret_val=$?
r_checkExitStatus $pdf_ret_val
ps2pdf $PSFILE $PDFFILE
pdftotext -q $PDFFILE $TESTFILE
r_log "pdf" "Checking after conversion to text"
grep -q $TOFIND $TESTFILE
text_ret_val=$?
r_checkExitStatus $text_ret_val

12
func/runtests.sh
View File

@ -30,16 +30,6 @@ if [ "$SELINUX" != "Enforcing" ]; then
exit 1
fi
r_checkEPELEnabled
is_epel=$?
if [[ "$is_epel" == "0" ]]; then
echo "EPEL enabled. Stop."
r_log "internal" "EPEL enabled. Stop."
exit 1
fi
r_checkTmpNoExec
r_log "internal" "Starting Release Engineering Core Tests"
################################################################################
@ -62,7 +52,7 @@ fi
# TODO: get some stacks and lib in there
r_processor <(/usr/bin/find ./core -type f | sort -t'/')
r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
#r_processor <(/usr/bin/find ./stacks -type f | sort -t'/')
r_log "internal" "Core Tests completed"

3
func/skip.list
View File

@ -10,12 +10,9 @@
# -> Must be a URL to bugs.rl.o, a github issue number, or a code, such as:
# * NEEDINFO
# * NOTREADY
# * NOPKG
8|./core/pkg_archive/26-zmore.sh|nazunalika|NEEDINFO
8|./core/pkg_nfs/12-prepare-autofs.sh|nazunalika|NEEDINFO
8|./core/pkg_diffutils/00-install-diff.sh|nazunalika|NOTREADY
8|./core/pkg_snmp/12-test-snmp-3.sh|nazunalika|NOTWORKING
8|./core/pkg_samba/00-install-samba.sh|nazunalika|NOTWORKING
8|./core/pkg_samba/10-test-samba.sh|nazunalika|NOTWORKING
9|./core/pkg_archive/27-znew.sh|nazunalika|NOPKG
9|./core/pkg_network/30-test-arpwatch.sh|nazunalika|NOPKG

59
func/stacks.sh
View File

@ -1,59 +0,0 @@
#!/bin/bash
# Release Engineering Core Functionality Testing
# Louis Abel <label@rockylinux.org> @nazunalika
################################################################################
# Settings and variables
# Exits on any non-zero exit status - Disabled for now.
#set -e
# Undefined variables will cause an exit
set -u
COMMON_EXPORTS='./common/exports.sh'
COMMON_IMPORTS='./common/imports.sh'
SELINUX=$(getenforce)
# End
################################################################################
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_EXPORTS ] && source $COMMON_EXPORTS || { echo -e "\n[-] $(date): Variables cannot be sourced."; exit 1; }
# shellcheck source=/dev/null disable=SC2015
[ -f $COMMON_IMPORTS ] && source $COMMON_IMPORTS || { echo -e "\n[-] $(date): Functions cannot be sourced."; exit 1; }
# Init log
# shellcheck disable=SC2015
[ -e "$LOGFILE" ] && m_recycleLog || touch "$LOGFILE"
# SELinux check
if [ "$SELINUX" != "Enforcing" ]; then
echo -e "\n[-] $(date): SELinux is not enforcing."
exit 1
fi
r_log "internal" "Starting Release Engineering Core Tests"
################################################################################
# Script Work
# Skip tests in a list - some tests are already -x, so it won't be an issue
if [ -e skip.list ]; then
r_log "internal" "Disabling tests"
# shellcheck disable=SC2162
grep -E "^${RL_VER}" skip.list | while read line; do
# shellcheck disable=SC2086
testFile="$(echo $line | cut -d '|' -f 2)"
r_log "internal" "SKIP ${testFile}"
chmod -x "${testFile}"
done
r_log "internal" "WARNING: Tests above were disabled."
fi
# TODO: should we let $1 judge what directory is ran?
# TODO: get some stacks and lib in there
#r_processor <(/usr/bin/find ./core -type f | sort -t'/')
#r_processor <(/usr/bin/find ./lib -type f | sort -t'/')
r_processor <(/usr/bin/find ./stacks -type f | sort -t'/')
r_log "internal" "Core Tests completed"
exit 0

0
func/stacks/ipa/00-ipa-pregame.sh Executable file → Normal file
View File

3
func/stacks/ipa/10-install-ipa.sh Executable file → Normal file
View File

@ -9,6 +9,5 @@ fi
# going to be the same thing or not so this check is there just in case.
if [ "$RL_VER" -eq 8 ]; then
p_enableModule idm:DL1/{client,common,dns,server}
p_installPackageNormal ipa-server ipa-server-dns
fi
p_installPackageNormal ipa-server ipa-server-dns expect

0
func/stacks/ipa/11-configure-ipa.sh Executable file → Normal file
View File

0
func/stacks/ipa/12-verify-ipa.sh Executable file → Normal file
View File

72
func/stacks/ipa/20-ipa-user.sh Executable file → Normal file
View File

@ -4,78 +4,8 @@ if m_getArch aarch64 | grep -qE 'aarch64'; then
exit 0
fi
if [ "$IPAINSTALLED" -eq 1 ]; then
if [ "$IPAINSTALLED" -eq 1 ]; then
r_log "ipa" "IPA was not successfully installed. Aborting."
r_checkExitStatus 1
fi
kdestroy &> /dev/null
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Test adding a user"
ipa user-add --first=test --last=user --random ipatestuser > /tmp/ipatestuser
grep -q 'Added user "ipatestuser"' /tmp/ipatestuser
ret_val=$?
if [ "$ret_val" -ne 0 ]; then
r_log "ipa" "User was not created, this is considered fatal"
r_checkExitStatus 1
exit 1
fi
sed -i 's|^ ||g' /tmp/ipatestuser
grep -q 'First name: test' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Last name: user' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Full name: test user' /tmp/ipatestuser
r_checkExitStatus $?
grep -q 'Home directory: /home/ipatestuser' /tmp/ipatestuser
r_checkExitStatus $?
r_log "ipa" "Changing password of the user"
kdestroy &> /dev/null
userPassword="$(awk '/Random password/ { print $3 }' /tmp/ipatestuser)"
/bin/rm /tmp/ipatestuser
expect -f - <<EOF
set send_human {.1 .3 1 .05 2}
spawn kinit ipatestuser
sleep 1
expect "Password for ipatestuser@RLIPA.LOCAL: "
send -h -- "$(echo "$userPassword")\r"
sleep 1
expect "Enter new password: "
send -h -- "gr@YAm3thy5st!\r"
sleep 1
expect "Enter it again: "
send -h -- "gr@YAm3thy5st!\r"
sleep 5
close
EOF
r_log "ipa" "Re-doing a kinit"
expect -f - <<EOF
set send_human {.1 .3 1 .05 2}
spawn kinit ipatestuser
sleep 1
expect "Password for ipatestuser@C6IPA.LOCAL:"
send -h "gr@YAm3thy5st!\r"
sleep 1
close
EOF
klist | grep "ipatestuser@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
kdestroy &> /dev/null
r_log "ipa" "Testing for user in getent"
getent passwd ipatestuser &> /dev/null
r_checkExitStatus $?

52
func/stacks/ipa/21-ipa-service.sh Executable file → Normal file
View File

@ -1,6 +1,6 @@
#!/bin/bash
if m_getArch aarch64 | grep -qE 'aarch64'; then
r_log "ipa" "Skipping for aarch64"
r_log "ipa -bash" "Skipping for aarch64"
exit 0
fi
@ -9,53 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1
fi
kdestroy &> /dev/null
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding test service"
ipa service-add testservice/onyxtest.rlipa.local &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Getting keytab for service"
ipa-getkeytab -s onyxtest.rlipa.local -p testservice/onyxtest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Getting a certificate for service"
ipa-getcert request -K testservice/onyxtest.rlipa.local -D onyxtest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
r_checkExitStatus $?
while true; do
entry="$(ipa-getcert list -r | sed -n '/Request ID/,/auto-renew: yes/p')"
if [[ $entry =~ "status:" ]] && [[ $entry =~ "CA_REJECTED" ]]; then
r_checkExitStatus 1
break
fi
if [[ $entry =~ "" ]]; then
r_checkExitStatus 0
break
fi
sleep 1
done
while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do
sync
sleep 1
done
r_log "ipa" "Verifying keytab"
klist -k /tmp/testservice.keytab | grep "testservice/onyxtest.rlipa.local" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Verifying key matches the certificate"
diff <(openssl x509 -in /etc/pki/tls/certs/testservice.crt -noout -modulus 2>&1 ) <(openssl rsa -in /etc/pki/tls/private/testservice.key -noout -modulus 2>&1 )
r_checkExitStatus $?
r_log "ipa" "Verifying the certificate against our CA"
openssl verify -CAfile /etc/ipa/ca.crt /etc/pki/tls/certs/testservice.crt | grep "/etc/pki/tls/certs/testservice.crt: OK" &> /dev/null
r_checkExitStatus $?

35
func/stacks/ipa/22-ipa-dns.sh Executable file → Normal file
View File

@ -9,38 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1
fi
kdestroy &> /dev/null
klist 2>&1 | grep -qE "(No credentials|Credentials cache .* not found)" &> /dev/null
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep "admin@RLIPA.LOCAL" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding testzone subdomain"
ipa dnszone-add --name-server=onyxtest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Get SOA from testzone subdomain"
dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding a CNAME record to the primary domain"
ipa dnsrecord-add rlipa.local testrecord --cname-hostname=onyxtest &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Retrieving CNAME record"
dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding a CNAME to subdomain"
ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=onyxtest.rlipa.local. &> /dev/null
r_checkExitStatus $?
sleep 5
r_log "ipa" "Testing can retrieve record from subdomain"
dig @localhost CNAME testrecord.testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
r_checkExitStatus $?

48
func/stacks/ipa/23-ipa-sudo.sh Executable file → Normal file
View File

@ -9,51 +9,3 @@ if [ "$IPAINSTALLED" -eq 1 ]; then
r_checkExitStatus 1
fi
kdestroy -A
klist 2>&1 | grep -E "(No credentials|Credentials cache .* not found)"
r_checkExitStatus $?
echo "b1U3OnyX!" | kinit admin@RLIPA.LOCAL
klist | grep -q "admin@RLIPA.LOCAL"
r_checkExitStatus $?
r_log "ipa" "Creating a test sudo rule"
ipa sudorule-add testrule --desc="Test rule in IPA" --hostcat=all --cmdcat=all --runasusercat=all --runasgroupcat=all &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Adding user to test sudo rule"
ipa sudorule-add-user testrule --users="ipatestuser" &> /dev/null
r_checkExitStatus $?
r_log "ipa" "Verifying rule..."
ipa sudorule-show testrule > /tmp/testrule
grep -q 'Rule name: testrule' /tmp/testrule
r_checkExitStatus $?
grep -q 'Description: Test rule in IPA' /tmp/testrule
r_checkExitStatus $?
grep -q 'Enabled: TRUE' /tmp/testrule
r_checkExitStatus $?
grep -q 'Host category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'Command category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'RunAs User category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'RunAs Group category: all' /tmp/testrule
r_checkExitStatus $?
grep -q 'Users: ipatestuser' /tmp/testrule
r_checkExitStatus $?
m_serviceCycler sssd stop
rm -rf /var/lib/sss/db/*
m_serviceCycler sssd start
sleep 5
r_log "ipa" "Verifying sudo abilities"
sudo -l -U ipatestuser > /tmp/sudooutput
grep -q 'ipatestuser may run the following commands' /tmp/sudooutput
r_checkExitStatus $?
grep -q 'ALL) ALL' /tmp/sudooutput
r_checkExitStatus $?

2
func/stacks/ipa/50-cleanup-ipa.sh Executable file → Normal file
View File

@ -1,6 +1,6 @@
#!/bin/bash
if m_getArch aarch64 | grep -qE 'aarch64'; then
r_log "ipa" "Skipping for aarch64"
r_log "ipa -bash" "Skipping for aarch64"
exit 0
fi

5
func/stacks/ipa/README.md
View File

@ -1,2 +1,7 @@
While not considered a "stack", it's a combination of many things at once. So
it is being tested as a stack.
We will be testing mainly against EL8. It is not clear if EL9 will keep idm as
a module in 9. However, certain tests will be checking for the release just in
case that the modules will disappear. (I can only hope that it does and that
it just goes back to what Fedora is doing and what EL7 does). -label

0
func/stacks/lamp/00-install-lamp.sh Normal file → Executable file
View File

0
func/stacks/lamp/01-verification.sh Normal file → Executable file
View File

0
func/stacks/lamp/10-test-lamp.sh Normal file → Executable file
View File

1
iso/empanadas/.gitignore vendored
View File

@ -2,4 +2,3 @@ __pycache__/
*.py[cod]
*$py.class
*.so
Containerfile*.devel

2
iso/empanadas/Containerfile
View File

@ -56,7 +56,7 @@ RUN rm -rf /etc/yum.repos.d/*.repo
RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
RUN chown peridotbuilder:mock /etc/yum.conf && chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d
RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
RUN pip install 'git+https://git.rockylinux.org/release-engineering/public/toolkit.git@feature/iso-kube#egg=empanadas&subdirectory=iso/empanadas'
RUN pip install awscli

68
iso/empanadas/Containerfile.imagefactory
View File

@ -1,68 +0,0 @@
FROM docker.io/fedora:36
ADD images/get_arch /get_arch
ENV TINI_VERSION v0.19.0
RUN curl -o /tini -L "https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini-$(/get_arch)"
RUN chmod +x /tini
RUN dnf install -y \
bash \
bzip2 \
cpio \
diffutils \
findutils \
gawk \
gcc \
gcc-c++ \
git \
grep \
gzip \
info \
make \
patch \
python3 \
redhat-rpm-config \
rpm-build \
scl-utils-build \
sed \
shadow-utils \
tar \
unzip \
util-linux \
which \
xz \
dnf-plugins-core \
createrepo_c \
rpm-sign \
sudo \
mock \
python-pip \
imagefactory \
imagefactory-plugins*
RUN sed -i -e 's/# memory = 1024/memory = 2048/' /etc/oz/oz.cfg
COPY imagefactory.patch /
COPY oz.rpm /
RUN dnf -y install /oz.rpm
RUN (cd /usr/lib/python3.10/site-packages/; patch -p1 </imagefactory.patch)
RUN ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""
RUN dnf clean all
RUN rm -rf /etc/yum.repos.d/*.repo /get_arch
# RUN useradd -o -d /var/peridot -u 1002 peridotbuilder && usermod -a -G mock peridotbuilder
# RUN chown -R peridotbuilder:mock /etc/dnf && chown -R peridotbuilder:mock /etc/rpm && chown -R peridotbuilder:mock /etc/yum.repos.d && chown -R peridotbuilder:mock /var/lib/imagefactory/storage
RUN pip install awscli
RUN pip install 'git+https://git.resf.org/sig_core/toolkit.git@devel#egg=empanadas&subdirectory=iso/empanadas'
ENV LIBGUESTFS_BACKEND direct
COPY prep-azure.sh /prep-azure.sh
RUN chmod +x /prep-azure.sh
ENTRYPOINT ["/tini", "--"]

Some files were not shown because too many files have changed in this diff Show More