Merge pull request #304 from lsm5/remove-el8

Packit: remove el8 and add centos stream 10
containers · Apr 24, 2024 · 654b2a4 · 654b2a4 · packit-as-a-service · Apr 24, 2024
2 parents 5d98341 + 652675e
commit 654b2a4
Show file tree

Hide file tree

Showing 6 changed files with 47 additions and 61 deletions.
diff --git a/.packit.yaml b/.packit.yaml
@@ -20,7 +20,7 @@ jobs:
       - fedora-all
       - fedora-eln
       - epel-9
-      - epel-8
+      - centos-stream-10
 
   # Run on commit to main branch
   # Build targets managed in copr settings
@@ -44,7 +44,8 @@ jobs:
     targets: &pr_test_targets
       - fedora-all
       - epel-9
-      - epel-8
+      # TODO: Enable cs10, rhel10 tests once netavark defaults to nftablesthere's
+      #- centos-stream-10
     identifier: podman_e2e_test
     tmt_plan: "/plans/podman_e2e_test"
 
@@ -68,8 +69,6 @@ jobs:
     targets: &pr_test_targets_rhel
       epel-9-x86_64:
         distros: [RHEL-9.4.0-Nightly,RHEL-9-Nightly]
-      epel-8-x86_64:
-        distros: [RHEL-8.9.0-Nightly,RHEL-8-Nightly]
     identifier: podman_e2e_test_internal
     tmt_plan: "/plans/podman_e2e_test"
 

diff --git a/plans/main.fmf b/plans/main.fmf
@@ -1,14 +1,39 @@
+## Note: "order" is set to 50 by default. Orders with lower values are
+## prioritized.
+## Ref: https://tmt.readthedocs.io/en/stable/spec/core.html#order
+
 adjust:
-    - environment:
-        PODMAN_IGNORE_CGROUPSV1_WARNING: "true"
-      when: distro == rhel-8 or distro == centos-stream-8
-      because: el8 uses cgroups-v1
+    - when: distro != fedora
+      prepare+:
+        - how: shell
+          order: 20
+          script: rpm -q bats || dnf -y install https://dl.fedoraproject.org/pub/epel/9/Everything/x86_64/Packages/b/bats-1.8.0-1.el9.noarch.rpm https://dl.fedoraproject.org/pub/epel/9/Everything/x86_64/Packages/p/parallel-20230822-1.el9.noarch.rpm
+      because: Need `bats` to run podman system tests, present by default on Fedora but EL needs to use EPEL repos.
+    - when: distro == fedora
+      prepare+:
+        - how: shell
+          order: 20
+          script:  dnf config-manager --set-disabled testing-farm-tag-repository
+      because: We don't want to use this repository for Fedora tests.
+    - when: distro != centos-stream-10
+      prepare+:
+        - how: shell
+          order: 30
+          script: dnf -y copr enable rhcontainerbot/podman-next
+      because: We can't use the idiomatic `copr` key globally because of non-default instructions for centos-stream-10.
+    - when: distro == centos-stream-10
+      prepare+:
+        - how: shell
+          order: 30
+          script: dnf -y copr enable rhcontainerbot/podman-next centos-stream-10
+      because: The default epel-10 target doesn't exist yet.
 
 prepare:
+    # Ensure podman-next has higher priority than default repos
     - how: shell
-      script: bash ./plans/prepare.sh
+      script: dnf config-manager --save --setopt="*:rhcontainerbot:podman-next.priority=5"
+    # Install packages to run podman revdep tests
     - how: install
-      copr: rhcontainerbot/podman-next
       package:
         - bats
         - golang

diff --git a/plans/podman_e2e_test.sh b/plans/podman_e2e_test.sh
@@ -1,14 +1,18 @@
 #!/usr/bin/env bash
 
-set -eox pipefail
+set -exo pipefail
 
 cat /etc/redhat-release
 rpm -q container-selinux golang podman
-if [[ -f /etc/fedora-release ]]; then
-    export TMPDIR=/var/tmp
-fi
+
+# /tmp is often unsufficient
+export TMPDIR=/var/tmp
+
+# Fetch and extract latest podman source from podman-next copr
 dnf --disablerepo=* --enablerepo=copr:copr.fedorainfracloud.org:rhcontainerbot:podman-next download --source podman
 rpm2cpio podman*.src.rpm | cpio -di
 tar zxf podman-*-dev.tar.gz
+
+# Run podman e2e tests
 cd podman-*-dev/test/e2e
 PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go
diff --git a/plans/podman_system_test.sh b/plans/podman_system_test.sh
@@ -1,7 +1,9 @@
 #!/usr/bin/env bash
 
-set -eox pipefail
+set -exo pipefail
 
 cat /etc/redhat-release
 rpm -q container-selinux podman podman-tests
+
+# Run podman system tests
 bats /usr/share/podman/test/system/410-selinux.bats
diff --git a/plans/prepare.sh b/plans/prepare.sh
diff --git a/rpm/container-selinux.spec b/rpm/container-selinux.spec
@@ -11,23 +11,13 @@
 # Format must contain '$x' somewhere to do anything useful
 %global _format() export %1=""; for x in %{modulenames}; do %1+=%2; %1+=" "; done;
 
-# RHEL 8 doesn't allow watch and systemd_chat_resolved
-%if %{defined rhel} && 0%{?rhel} == 8
-%define no_watch 1
-%define no_systemd_chat_resolved 1
-%global _selinux_policy_version 3.14.3-80.el8
-%endif
-
 # RHEL < 10 and Fedora < 40 use file context entries in /var/run
-%if %{defined rhel} && 0%{?rhel} < 10
-%define legacy_var_run 1
-%endif
-%if %{defined fedora} && 0%{?fedora} < 40
+%if %{defined rhel} && 0%{?rhel} < 10 || %{defined fedora} && 0%{?fedora} < 40
 %define legacy_var_run 1
 %endif
 
 # https://github.com/containers/container-selinux/issues/203
-%if %{!defined fedora} && %{!defined rhel} || %{defined fedora} && 0%{?fedora} <= 37 || %{defined rhel} && 0%{?rhel} <= 9
+%if %{!defined fedora} && %{!defined rhel} || %{defined rhel} && 0%{?rhel} <= 9
 %define no_user_namespace 1
 %endif
 
@@ -75,17 +65,6 @@ SELinux policy modules for use with container runtimes.
 sed -i 's/^man: install-policy/man:/' Makefile
 sed -i 's/^install: man/install:/' Makefile
 
-%if %{defined no_watch}
-sed -i 's/watch watch_reads//' container.if
-sed -i 's/watch watch_reads//' container.te
-sed -i '/sysfs_t:dir watch/d' container.te
-sed -i '/fifo_file watch/d' container.te
-%endif
-
-%if %{defined no_systemd_chat_resolved}
-sed -i '/^systemd_chat_resolved/d' container.te
-%endif
-
 %if %{defined no_user_namespace}
 sed -i '/user_namespace/d' container.te
 %endif