-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathmtps-run-mtests
executable file
·188 lines (171 loc) · 5.73 KB
/
mtps-run-mtests
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
#!/usr/bin/bash -efu
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# See LICENSE for more details.
#
# Copyright: Red Hat Inc. 2018, 2023
# Author: Andrei Stepanov <[email protected]>
PROG="${PROG:-${0##*/}}"
# Source `mtps-setup' from $PATH
if command -v "mtps-setup" >/dev/null; then source "mtps-setup"; fi
# If previous fails source `mtps-setup` from this script dir
if [ -z "${YUMDNFCMD:-}" ]; then source "$(dirname "${BASH_SOURCE[0]}")/mtps-setup" || ( echo "Cannot source mtps-setup" >&2; exit 91 ); fi
# NEVRA - is a new package to test.
msg_usage() {
cat << EOF
Usage:
$PROG <options>
Options:
-t, --test=TYPE one of: install, update, downgrade, remove
-s, --selinux=<0|1> one of: 0|1, defult: run tests in current selinux mode
-m, --mmd=FILE Module meta data yaml file, can be .gz
-h, --help display this help and exit
-v, --verbose print debug messages
EOF
}
box_out() {
local s=("$@")
local b=
local w=
for l in "${s[@]}"; do
((w<${#l})) && { b="$l"; w="${#l}"; }
done
echo -e " -${b//?/-}-\n| ${b//?/ } |"
for l in "${s[@]}"; do
printf '| %*s |\n' "-$w" "$l"
done
echo -e "| ${b//?/ } |\n-${b//?/-}-"
}
# http://wiki.bash-hackers.org/howto/getopts_tutorial
opt_str="$@"
opt=$(getopt -n "$0" --options "hvt:s:m:" --longoptions "help,verbose,mmd:,test:,selinux:" -- "$@")
eval set -- "$opt"
while [[ $# -gt 0 ]]; do
case "$1" in
-t|--test)
TEST="$2"
shift 2
;;
-m|--mmd)
MMD="$2"
shift 2
;;
-s|--selinux)
SELINUX="$2"
shift 2
;;
-v|--verbose)
DEBUG="-v"
shift
;;
-h|--help)
msg_usage
exit 0
;;
--)
shift
;;
*)
msg_usage
exit 1
esac
done
# Entry
DEBUG="${DEBUG:-}"
TEST="${TEST:-}"
MMD="${MMD:-}"
SELINUX="${SELINUX:-}"
# Put logs by default at CDIR/mtps-logs
LOGS_DIR="${LOGS_DIR:-mtps-logs}"
debug "TEST: $TEST"
debug "MMD: $MMD"
debug "SELINUX: $SELINUX"
# Test correct invocation
if [ -z "$TEST" ] || [ -z "$MMD" ]; then
echo "Use: $PROG -h for help."
exit
fi
START_DATE="$(date '+%x')"
START_TIME="$(date '+%T')"
if [ -n "$SELINUX" ]; then
if ! [[ "$SELINUX" -eq 0 || "$SELINUX" -eq 1 ]]; then
echo "Use: $PROG -h for help."
exit
fi
if [ -e '/usr/sbin/setenforce' ]; then
echo "Set selinux enforce to: $SELINUX"
setenforce "$SELINUX"
else
debug "Skipping setenforce. 'setenforce' command is part of libselinux-utils package."
fi
fi
# mtps-mutils requires python module "gi"
# We do not want to make RPM-dependency to this module.
# Reason for this: mini-tps is not-removable package.
# But, "python3-gobject-base" can be removed.
# Install "python3-gobject-base" only we need it, and allow it be removed in tests.
# Otherwise, test will be skipped.
# Works for RHEL/Centos/Fedora:
"$YUMDNFCMD" install -y 'python3dist(pygobject)'
profiles="$(mtps-mutils --modulemd "$MMD" --getprofiles | tr '\n' ' ')"
stream="$(mtps-mutils --modulemd "$MMD" --getstream)"
context="$(mtps-mutils --modulemd "$MMD" --getcontext)"
version="$(mtps-mutils --modulemd "$MMD" --getversion)"
nsvc="$(mtps-mutils --modulemd "$MMD" --getnsvc)"
profiles_list=()
for i in $profiles; do
profiles_list+=(" * $i")
done
box_out "# $(echo $TEST | tr '[:lower:]' '[:upper:]') TEST" "" "Profiles:" "" "${profiles_list[@]:-}"
# Prefix all files with common suffix
TESTRUN_ID="$(date +%H%M%S)"
mkdir -p "$LOGS_DIR"
ret=0
for profile in $profiles; do
# Make 1 sec between audit entries
NEW_START_TIME="$(date '+%T')"
if [ "$NEW_START_TIME" = "$START_TIME" ]; then
sleep 1
NEW_START_TIME="$(date '+%T')"
fi
START_TIME="$NEW_START_TIME"
# Save current YUM transaction ID, to revert it later
box_out \
"TEST" \
"====" \
"" \
" TYPE: $TEST" \
" NSVC: $nsvc" \
" PROFILE: $profile" \
" SELINUX: $(getenforce || echo "unknown")"
logfname="${LOGS_DIR%%/}/${TESTRUN_ID}-profile-${TEST}-${nsvc}-${profile}.log"
mtps-module-test --test="$TEST" --nsvc="$nsvc" --profile="$profile" $DEBUG 2>&1 | tee "$logfname"
test_status="${PIPESTATUS[0]}"
if [ "$test_status" -ne "0" ]; then
ret=1
new_logfname="$(dirname "$logfname")/FAIL-$(basename "$logfname")"
mv "$logfname" "$new_logfname"
else
new_logfname="$(dirname "$logfname")/PASS-$(basename "$logfname")"
mv "$logfname" "$new_logfname"
fi
if [ -n "$SELINUX" ] && rpm --quiet -q audit; then
selinux_status=0
ausearch -m avc,user_avc,selinux_err,user_selinux_err -ts "$START_DATE" "$START_TIME" 2>&1 | grep -s -o 'no matches' >/dev/null 2>&1 || selinux_status=1
if [ "$selinux_status" -ne "0" ]; then
ret=1
# Selinux failed
new_logfname="$(dirname "$logfname")/FAIL-selinux-$(basename "$logfname")"
echo "Selinux policy:" | tee -a "$logfname"
ausearch -m avc,user_avc,selinux_err,user_selinux_err -i -ts "$START_DATE" "$START_TIME" | tee -a "$new_logfname"
fi
fi
done
exit $ret