add encrypted workstation upgrade tests (current and previous)
Summary: This requires us to handle decryption each time we reboot in the upgrade process, so factor that little block out into the base class so we don't have to keep pasting it. It's also a bit tricky to integrate into the 'catch a boot loop' code we have to deal with #1349721, but I think this should work. There is a matching openqa_fedora_tools diff to generate the disk image. Test Plan: Run the tests, check that they work, run the other upgrade and encrypted install tests and check they still work properly too. Reviewers: garretraziel Reviewed By: garretraziel Subscribers: tflink Differential Revision: https://phab.qadevel.cloud.fedoraproject.org/D922
This commit is contained in:
parent
31328c17a8
commit
aacd01ea8b
@ -224,6 +224,15 @@ sub get_host_dns {
|
|||||||
return @forwards;
|
return @forwards;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub boot_decrypt {
|
||||||
|
# decrypt storage during boot; arg is timeout (in seconds)
|
||||||
|
my $self = shift;
|
||||||
|
my $timeout = shift || 60;
|
||||||
|
assert_screen "boot_enter_passphrase", $timeout; #
|
||||||
|
type_string get_var("ENCRYPT_PASSWORD");
|
||||||
|
send_key "ret";
|
||||||
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
|
||||||
# vim: set sw=4 et:
|
# vim: set sw=4 et:
|
||||||
|
15
needles/console/boot_enter_passphrase-20160705.json
Normal file
15
needles/console/boot_enter_passphrase-20160705.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"width": 207,
|
||||||
|
"xpos": 0,
|
||||||
|
"ypos": 169,
|
||||||
|
"type": "match",
|
||||||
|
"height": 31
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"tags": [
|
||||||
|
"boot_enter_passphrase"
|
||||||
|
],
|
||||||
|
"properties": []
|
||||||
|
}
|
BIN
needles/console/boot_enter_passphrase-20160705.png
Normal file
BIN
needles/console/boot_enter_passphrase-20160705.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 1.6 KiB |
15
needles/console/boot_enter_passphrase-graphical.json
Normal file
15
needles/console/boot_enter_passphrase-graphical.json
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{
|
||||||
|
"area": [
|
||||||
|
{
|
||||||
|
"xpos": 395,
|
||||||
|
"ypos": 362,
|
||||||
|
"width": 33,
|
||||||
|
"height": 40,
|
||||||
|
"type": "match"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"properties": [],
|
||||||
|
"tags": [
|
||||||
|
"boot_enter_passphrase"
|
||||||
|
]
|
||||||
|
}
|
BIN
needles/console/boot_enter_passphrase-graphical.png
Normal file
BIN
needles/console/boot_enter_passphrase-graphical.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 5.7 KiB |
48
templates
48
templates
@ -809,6 +809,17 @@
|
|||||||
},
|
},
|
||||||
test_suite => { name => "upgrade_kde_64bit" },
|
test_suite => { name => "upgrade_kde_64bit" },
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
machine => { name => "64bit" },
|
||||||
|
prio => 30,
|
||||||
|
product => {
|
||||||
|
arch => "x86_64",
|
||||||
|
distri => "fedora",
|
||||||
|
flavor => "universal",
|
||||||
|
version => "*",
|
||||||
|
},
|
||||||
|
test_suite => { name => "upgrade_desktop_encrypted_64bit" },
|
||||||
|
},
|
||||||
{
|
{
|
||||||
machine => { name => "64bit" },
|
machine => { name => "64bit" },
|
||||||
prio => 50,
|
prio => 50,
|
||||||
@ -853,6 +864,17 @@
|
|||||||
},
|
},
|
||||||
test_suite => { name => "upgrade_2_kde_64bit" },
|
test_suite => { name => "upgrade_2_kde_64bit" },
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
machine => { name => "64bit" },
|
||||||
|
prio => 50,
|
||||||
|
product => {
|
||||||
|
arch => "x86_64",
|
||||||
|
distri => "fedora",
|
||||||
|
flavor => "universal",
|
||||||
|
version => "*",
|
||||||
|
},
|
||||||
|
test_suite => { name => "upgrade_2_desktop_encrypted_64bit" },
|
||||||
|
},
|
||||||
{
|
{
|
||||||
machine => { name => "64bit" },
|
machine => { name => "64bit" },
|
||||||
prio => 40,
|
prio => 40,
|
||||||
@ -1577,6 +1599,19 @@
|
|||||||
{ key => "DESKTOP", value => "kde" },
|
{ key => "DESKTOP", value => "kde" },
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name => "upgrade_desktop_encrypted_64bit",
|
||||||
|
settings => [
|
||||||
|
{ key => "ROOT_PASSWORD", value => "weakpassword" },
|
||||||
|
{ key => "USER_LOGIN", value => "test" },
|
||||||
|
{ key => "USER_PASSWORD", value => "weakpassword" },
|
||||||
|
{ key => "BOOTFROM", value => "c" },
|
||||||
|
{ key => "HDD_1", value => "disk_f%CURRREL%_desktopencrypt_x86_64.img" },
|
||||||
|
{ key => "UPGRADE", value => "1" },
|
||||||
|
{ key => "DESKTOP", value => "gnome" },
|
||||||
|
{ key => "ENCRYPT_PASSWORD", value => "weakpassword" },
|
||||||
|
],
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name => "upgrade_2_minimal_64bit",
|
name => "upgrade_2_minimal_64bit",
|
||||||
settings => [
|
settings => [
|
||||||
@ -1623,6 +1658,19 @@
|
|||||||
{ key => "DESKTOP", value => "kde" },
|
{ key => "DESKTOP", value => "kde" },
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name => "upgrade_2_desktop_encrypted_64bit",
|
||||||
|
settings => [
|
||||||
|
{ key => "ROOT_PASSWORD", value => "weakpassword" },
|
||||||
|
{ key => "USER_LOGIN", value => "test" },
|
||||||
|
{ key => "USER_PASSWORD", value => "weakpassword" },
|
||||||
|
{ key => "BOOTFROM", value => "c" },
|
||||||
|
{ key => "HDD_1", value => "disk_f%PREVREL%_desktopencrypt_x86_64.img" },
|
||||||
|
{ key => "UPGRADE", value => "1" },
|
||||||
|
{ key => "DESKTOP", value => "gnome" },
|
||||||
|
{ key => "ENCRYPT_PASSWORD", value => "weakpassword" },
|
||||||
|
],
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name => "upgrade_desktop_32bit",
|
name => "upgrade_desktop_32bit",
|
||||||
settings => [
|
settings => [
|
||||||
|
@ -5,9 +5,11 @@ use testapi;
|
|||||||
sub run {
|
sub run {
|
||||||
# If KICKSTART is set, then the wait_time needs to consider the
|
# If KICKSTART is set, then the wait_time needs to consider the
|
||||||
# install time. if UPGRADE, we have to wait for the entire upgrade
|
# install time. if UPGRADE, we have to wait for the entire upgrade
|
||||||
|
# unless ENCRYPT_PASSWORD is set (in which case the postinstall
|
||||||
|
# test does the waiting)
|
||||||
my $wait_time = 300;
|
my $wait_time = 300;
|
||||||
$wait_time = 1800 if (get_var("KICKSTART"));
|
$wait_time = 1800 if (get_var("KICKSTART"));
|
||||||
$wait_time = 6000 if (get_var("UPGRADE"));
|
$wait_time = 6000 if (get_var("UPGRADE") && !get_var("ENCRYPT_PASSWORD"));
|
||||||
|
|
||||||
# Wait for the login screen
|
# Wait for the login screen
|
||||||
assert_screen "graphical_login", $wait_time;
|
assert_screen "graphical_login", $wait_time;
|
||||||
|
@ -3,10 +3,13 @@ use strict;
|
|||||||
use testapi;
|
use testapi;
|
||||||
|
|
||||||
sub run {
|
sub run {
|
||||||
|
my $self = shift;
|
||||||
|
my $wait_time = 300;
|
||||||
|
# if we're running an upgrade, we must wait for the entire upgrade
|
||||||
|
# process to run
|
||||||
|
$wait_time = 6000 if (get_var("UPGRADE"));
|
||||||
# decrypt disks during boot
|
# decrypt disks during boot
|
||||||
assert_screen "boot_enter_passphrase", 300; #
|
$self->boot_decrypt($wait_time);
|
||||||
type_string get_var("ENCRYPT_PASSWORD");
|
|
||||||
send_key "ret";
|
|
||||||
}
|
}
|
||||||
|
|
||||||
sub test_flags {
|
sub test_flags {
|
||||||
|
@ -4,6 +4,10 @@ use testapi;
|
|||||||
|
|
||||||
sub run {
|
sub run {
|
||||||
my $self = shift;
|
my $self = shift;
|
||||||
|
# decrypt disks during boot if necessary
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
$self->boot_decrypt(60);
|
||||||
|
}
|
||||||
|
|
||||||
# wait for either graphical or text login
|
# wait for either graphical or text login
|
||||||
if (get_var('DESKTOP')) {
|
if (get_var('DESKTOP')) {
|
||||||
@ -22,6 +26,11 @@ sub run {
|
|||||||
|
|
||||||
script_run "reboot";
|
script_run "reboot";
|
||||||
|
|
||||||
|
# decrypt if necessary
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
$self->boot_decrypt(60);
|
||||||
|
}
|
||||||
|
|
||||||
if (get_var('DESKTOP')) {
|
if (get_var('DESKTOP')) {
|
||||||
$self->boot_to_login_screen("graphical_login", 30, 90); # DM takes time to load
|
$self->boot_to_login_screen("graphical_login", 30, 90); # DM takes time to load
|
||||||
} else {
|
} else {
|
||||||
|
@ -23,16 +23,31 @@ sub run {
|
|||||||
|
|
||||||
script_run "dnf system-upgrade reboot";
|
script_run "dnf system-upgrade reboot";
|
||||||
# fail immediately if we see a DNF error message
|
# fail immediately if we see a DNF error message
|
||||||
die "DNF reported failure" if (check_screen "upgrade_fail");
|
die "DNF reported failure" if (check_screen "upgrade_fail", 15);
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
$self->boot_decrypt(60);
|
||||||
|
}
|
||||||
# try and catch if we hit RHBZ #1349721 and work around it
|
# try and catch if we hit RHBZ #1349721 and work around it
|
||||||
if (check_screen "bootloader") {
|
if (check_screen "bootloader") {
|
||||||
# wait some secs for the screen to clear
|
# wait some secs for the screen to clear
|
||||||
sleep 10;
|
sleep 10;
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
$self->boot_decrypt(60);
|
||||||
|
}
|
||||||
if (check_screen "bootloader") {
|
if (check_screen "bootloader") {
|
||||||
record_soft_failure;
|
record_soft_failure;
|
||||||
$self->do_bootloader(postinstall=>1, params=>"enforcing=0");
|
$self->do_bootloader(postinstall=>1, params=>"enforcing=0");
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
$self->boot_decrypt(60);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
# in encrypted case we need to wait a bit so postinstall test
|
||||||
|
# doesn't bogus match on the encryption prompt we just completed
|
||||||
|
# before it disappears from view
|
||||||
|
if (get_var("ENCRYPT_PASSWORD")) {
|
||||||
|
sleep 5;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user