diff --git a/.fmf/version b/.fmf/version new file mode 100644 index 000000000..d00491fd7 --- /dev/null +++ b/.fmf/version @@ -0,0 +1 @@ +1 diff --git a/.gitignore b/.gitignore index 6db072ba2..2f05f1675 100644 --- a/.gitignore +++ b/.gitignore @@ -7,3 +7,6 @@ vendor/ .idea/* contrib/systemd/*/*.service .vscode* +rpm/RPMS +rpm/SRPMS +rpm/*.tar.gz diff --git a/.packit.yaml b/.packit.yaml index bcfce0109..b5bd2eb59 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -5,6 +5,31 @@ downstream_package_name: netavark upstream_tag_template: v{version} +# These files get synced from upstream to downstream (Fedora / CentOS Stream) on every +# propose-downstream job. This is done so tests maintained upstream can be run +# downstream in Zuul CI and Bodhi. +# Ref: https://packit.dev/docs/configuration#files_to_sync +files_to_sync: + - src: rpm/gating.yaml + dest: gating.yaml + delete: true + - src: plans/ + dest: plans/ + delete: true + mkpath: true + - src: test/tmt + dest: test/tmt + delete: true + mkpath: true + - src: test-dhcp/tmt + dest: test-dhcp/tmt + delete: true + mkpath: true + - src: .fmf/ + dest: .fmf/ + delete: true + - .packit.yaml + packages: netavark-fedora: pkg_tool: fedpkg @@ -12,6 +37,8 @@ packages: netavark-centos: pkg_tool: centpkg specfile_path: rpm/netavark.spec + netavark-eln: + specfile_path: rpm/netavark.spec srpm_build_deps: - cargo @@ -22,12 +49,21 @@ jobs: - job: copr_build trigger: pull_request packages: [netavark-fedora] - notifications: &copr_build_failure_notification - failure_comment: - message: "Ephemeral COPR build failed. @containers/packit-build please check." + #notifications: &copr_build_failure_notification + # failure_comment: + # message: "Ephemeral COPR build failed. @containers/packit-build please check." + targets: &fedora_copr_targets + - fedora-all-x86_64 + - fedora-all-aarch64 + enable_net: true + + - job: copr_build + trigger: ignore + packages: [netavark-eln] + #notifications: &copr_build_failure_notification + # failure_comment: + # message: "Ephemeral COPR build failed. @containers/packit-build please check." targets: - fedora-all-x86_64: {} - fedora-all-aarch64: {} fedora-eln-x86_64: additional_repos: - "https://kojipkgs.fedoraproject.org/repos/eln-build/latest/x86_64/" @@ -39,12 +75,14 @@ jobs: - job: copr_build trigger: pull_request packages: [netavark-centos] - notifications: *copr_build_failure_notification - targets: + #notifications: *copr_build_failure_notification + targets: ¢os_copr_targets - centos-stream-9-x86_64 - centos-stream-9-aarch64 - - centos-stream-10-x86_64 - - centos-stream-10-aarch64 + # FIXME: EPEL-10 doesn't have bridge-utils yet + # https://bugzilla.redhat.com/show_bug.cgi?id=2334212 + #- centos-stream-10-x86_64 + #- centos-stream-10-aarch64 enable_net: true # Run on commit to main branch @@ -59,6 +97,32 @@ jobs: project: podman-next enable_net: true + - job: tests + trigger: pull_request + packages: [netavark-fedora] + #notifications: + #failure_comment: + # message: "TMT tests failed. @containers/packit-build please check." + targets: *fedora_copr_targets + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/fedora-$releasever/rhcontainerbot-podman-next-fedora-$releasever.repo + + - job: tests + trigger: pull_request + packages: [netavark-centos] + #notifications: + #failure_comment: + # message: "TMT tests failed. @containers/packit-build please check." + targets: *centos_copr_targets + tf_extra_params: + environments: + - artifacts: + - type: repository-file + id: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/repo/centos-stream-$releasever/rhcontainerbot-podman-next-centos-stream-$releasever.repo + # Sync to Fedora - job: propose_downstream trigger: release diff --git a/Makefile b/Makefile index 4b0a18a88..c8656afe3 100644 --- a/Makefile +++ b/Makefile @@ -96,6 +96,7 @@ NV_UNIT_FILES = contrib/systemd/system/netavark-dhcp-proxy.service \ .PHONY: install install: $(NV_UNIT_FILES) install ${SELINUXOPT} -D -m0755 bin/netavark $(DESTDIR)$(LIBEXECPODMAN)/netavark + install ${SELINUXOPT} -D -m0755 bin/netavark-dhcp-proxy-client $(DESTDIR)$(LIBEXECPODMAN)/netavark-dhcp-proxy-client $(MAKE) -C docs install install ${SELINUXOPT} -m 755 -d ${DESTDIR}${SYSTEMDDIR} install ${SELINUXOPT} -m 644 contrib/systemd/system/netavark-dhcp-proxy.socket ${DESTDIR}${SYSTEMDDIR}/netavark-dhcp-proxy.socket diff --git a/plans/main.fmf b/plans/main.fmf new file mode 100644 index 000000000..f63b8d074 --- /dev/null +++ b/plans/main.fmf @@ -0,0 +1,40 @@ +discover: + how: fmf +execute: + how: tmt +adjust: + - when: initiator == packit + because: "We need to test with updated packages from rhcontainerbot/podman-next copr" + prepare+: + how: shell + script: | + sed -i -n '/^priority=/!p;$apriority=1' /etc/yum.repos.d/*podman-next*.repo + dnf -y upgrade --allowerasing + # FIXME: Use epel10 once bats is available there + - when: distro == centos-stream-10 or distro == rhel-10 + because: "bats isn't yet available on epel10" + prepare+: + how: install + copr: rhcontainerbot/bats-el10 + package: bats + - when: distro == centos-stream or distro == rhel + because: "bats and bridge-utils are present on EPEL" + prepare+: + how: feature + epel: enabled + +/upstream: + summary: Run tests on upstream PRs + discover+: + filter: tag:upstream + adjust+: + - enabled: false + when: initiator is not defined or initiator != packit + +/downstream: + summary: Run tests on bodhi / errata and dist-git PRs + discover+: + filter: tag:downstream + adjust+: + - enabled: false + when: initiator == packit diff --git a/rpm/gating.yaml b/rpm/gating.yaml new file mode 100644 index 000000000..6e93959ab --- /dev/null +++ b/rpm/gating.yaml @@ -0,0 +1,16 @@ +--- !Policy +product_versions: + - fedora-* +decision_context: + - bodhi_update_push_stable + - bodhi_update_push_testing +subject_type: koji_build +rules: + - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional} + +--- !Policy +product_versions: + - rhel-* +decision_context: osci_compose_gate +rules: + - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional} diff --git a/rpm/netavark.spec b/rpm/netavark.spec index 0e8b3f1b5..3426e7dda 100644 --- a/rpm/netavark.spec +++ b/rpm/netavark.spec @@ -88,6 +88,30 @@ Its features include: * Support for IPv4 and IPv6 * Support for container DNS resolution via aardvark-dns. +# Only intended to be used for gating tests +# End user usecases not supported +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{epoch}:%{version}-%{release} +%if %{defined bats_ofc} +Requires: bats +%else +Recommends: bats +%endif +Requires: bind-utils +Requires: bridge-utils +Requires: dbus-daemon +Requires: dnsmasq +Requires: firewalld +Requires: iptables +Requires: jq +Requires: net-tools +Requires: nftables +Requires: nmap-ncat + +%description tests +%{summary} + %prep %autosetup -Sgit %{name}-%{version} # Following steps are only required on environments like koji which have no @@ -104,18 +128,30 @@ tar fx %{SOURCE1} %build NETAVARK_DEFAULT_FW=%{default_fw} %{__make} CARGO="%{__cargo}" build +%{__make} CARGO="%{__cargo}" build_proxy_client %if (0%{?fedora} || 0%{?rhel} >= 10) && !%{defined copr_username} %cargo_license_summary %{cargo_license} > LICENSE.dependencies %cargo_vendor_manifest %endif +# Build examples package for tests +%{__make} CARGO="%{__cargo}" examples + cd docs %{__make} %install %{__make} DESTDIR=%{buildroot} PREFIX=%{_prefix} install +%{__install} -d -p %{buildroot}%{_datadir}/%{name}/{examples,test,test-dhcp} +%{__cp} -rpav targets/release/examples/* %{buildroot}%{_datadir}/%{name}/examples +%{__cp} -rpav test/* %{buildroot}%{_datadir}/%{name}/test +%{__cp} -rpav test-dhcp/* %{buildroot}%{_datadir}/%{name}/test-dhcp + +%{__rm} -rf %{buildroot}%{_datadir}/%{name}/test/tmt +%{__rm} -rf %{buildroot}%{_datadir}/%{name}/test-dhcp/tmt + %preun %systemd_preun %{name}-dhcp-proxy.service %systemd_preun %{name}-firewalld-reload.service @@ -137,5 +173,14 @@ cd docs %{_unitdir}/%{name}-dhcp-proxy.socket %{_unitdir}/%{name}-firewalld-reload.service +%files tests +%dir %{_datadir}/%{name} +%dir %{_datadir}/%{name}/examples +%dir %{_datadir}/%{name}/test +%dir %{_datadir}/%{name}/test-dhcp +%{_datadir}/%{name}/examples/* +%{_datadir}/%{name}/test/* +%{_datadir}/%{name}/test-dhcp/* + %changelog %autochangelog diff --git a/test-dhcp/helpers.bash b/test-dhcp/helpers.bash index e1b59ff1c..3eb849ef1 100644 --- a/test-dhcp/helpers.bash +++ b/test-dhcp/helpers.bash @@ -11,7 +11,7 @@ TMP_TESTDIR= # Netavark binary to run NETAVARK=${NETAVARK:-./bin/netavark} - +NETAVARK_DHCP_PROXY_CLIENT=${NETAVARK_DHCP_PROXY_CLIENT:-./bin/netavark-dhcp-proxy-client} TESTSDIR=${TESTSDIR:-$(dirname ${BASH_SOURCE})} # export RUST_BACKTRACE so that we get a helpful stack trace @@ -407,7 +407,7 @@ function run_teardown(){ function run_client(){ local verb=$1 local conf=$2 - run_in_container_netns "./bin/netavark-dhcp-proxy-client" --uds "$TMP_TESTDIR/nv-proxy.sock" -f "${conf}" "${verb}" + run_in_container_netns "$NETAVARK_DHCP_PROXY_CLIENT" --uds "$TMP_TESTDIR/nv-proxy.sock" -f "${conf}" "${verb}" } ################### diff --git a/test-dhcp/tmt/integration.fmf b/test-dhcp/tmt/integration.fmf new file mode 100644 index 000000000..863318920 --- /dev/null +++ b/test-dhcp/tmt/integration.fmf @@ -0,0 +1,17 @@ +# Only common dependencies that are NOT required to run test_integration.sh are +# specified here. Everything else is in test_integration.sh. +require: + - iptables + - netavark-tests + +adjust: + duration: 10m + when: arch == aarch64 + +tag: [ upstream, downstream ] +summary: Integration tests +test: bash integration.sh +environment: + NETAVARK: /usr/libexec/podman/netavark + NETAVARK_DHCP_PROXY_CLIENT: /usr/libexec/podman/netavark-dhcp-proxy-client + TEST_PLUGINS: /usr/share/netavark/examples diff --git a/test-dhcp/tmt/integration.sh b/test-dhcp/tmt/integration.sh new file mode 100644 index 000000000..7eef3a09c --- /dev/null +++ b/test-dhcp/tmt/integration.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +set -exo pipefail + +rpm -q aardvark-dns cargo netavark + +# Run tests +bats /usr/share/netavark/test-dhcp diff --git a/test/500-plugin.bats b/test/500-plugin.bats index 6649d503e..39b7f1411 100644 --- a/test/500-plugin.bats +++ b/test/500-plugin.bats @@ -33,7 +33,7 @@ EOF } function run_netavark_plugins() { - run_netavark --plugin-directory ./targets/release/examples/ "$@" + run_netavark --plugin-directory $TEST_PLUGINS "$@" } @test "plugin - test error message" { diff --git a/test/helpers.bash b/test/helpers.bash index 93b480d00..4a365ca39 100644 --- a/test/helpers.bash +++ b/test/helpers.bash @@ -2,6 +2,7 @@ # Netavark binary to run NETAVARK=${NETAVARK:-./bin/netavark} +TEST_PLUGINS=${TEST_PLUGINS:-./targets/release/examples} TESTSDIR=${TESTSDIR:-$(dirname ${BASH_SOURCE})} diff --git a/test/tmt/integration.sh b/test/tmt/integration.sh new file mode 100644 index 000000000..cff682b0d --- /dev/null +++ b/test/tmt/integration.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +set -exo pipefail + +rpm -q aardvark-dns cargo netavark + +# Run tests +bats /usr/share/netavark/test diff --git a/test/tmt/netavark.fmf b/test/tmt/netavark.fmf new file mode 100644 index 000000000..6bc63896e --- /dev/null +++ b/test/tmt/netavark.fmf @@ -0,0 +1,32 @@ +require: + - cargo + - clippy + - go-md2man + - git-core + - iptables + - make + - netavark-tests + - protobuf-compiler + - rustfmt + +adjust+: + - duration: 10m + when: arch == aarch64 + +/validate: + tag: upstream + summary: Validate test + test: make -C $TMT_TREE validate + +/unit: + tag: upstream + summary: Unit test + test: make -C $TMT_TREE unit + +/integration: + tag: [ upstream, downstream ] + summary: Integration tests + test: bash integration.sh + environment: + NETAVARK: /usr/libexec/podman/netavark + TEST_PLUGINS: /usr/share/netavark/examples diff --git a/test/tmt/podman.fmf b/test/tmt/podman.fmf new file mode 100644 index 000000000..e7e2f1a66 --- /dev/null +++ b/test/tmt/podman.fmf @@ -0,0 +1,13 @@ +summary: Podman tests dependent on netavark +require: + - netavark + - podman-tests + +tag: [upstream, downstream] + +test: | + /usr/bin/bats -t /usr/share/podman/test/system/030-run.bats + /usr/bin/bats -t /usr/share/podman/test/system/075-exec.bats + /usr/bin/bats -t /usr/share/podman/test/system/500-networking.bats + +duration: 15m