add test case for iot-simplified-installer

osbuild · Oct 9, 2023 · fa02a51 · fa02a51
1 parent 98c50e3
commit fa02a51
Show file tree

Hide file tree

Showing 2 changed files with 116 additions and 19 deletions.
diff --git a/test/cases/ostree-simplified-installer.sh b/test/cases/ostree-simplified-installer.sh
@@ -26,6 +26,11 @@ do
 done
 # Prepare service api server config filef
 sudo /usr/local/bin/yq -iy '.service_info.diskencryption_clevis |= [{disk_label: "/dev/vda4", reencrypt: true, binding: {pin: "tpm2", config: "{}"}}]' /etc/fdo/aio/configs/serviceinfo_api_server.yml
+# Fedora iot-simplified-installer uses /dev/vda3, https://github.com/osbuild/osbuild-composer/issues/3527
+if [[ "${ID}" == "fedora" ]]; then
+    echo "Change vda4 to vda3 for fedora in serviceinfo config file"
+    sudo sed -i 's/vda4/vda3/' /etc/fdo/aio/configs/serviceinfo_api_server.yml
+fi
 sudo systemctl restart fdo-aio
 
 # workaround for bug https://bugzilla.redhat.com/show_bug.cgi?id=2213660
@@ -124,6 +129,7 @@ KERNEL_RT_PKG="kernel-rt"
 SYSROOT_RO="false"
 ANSIBLE_USER="admin"
 FDO_USER_ONBOARDING="false"
+IMAGE_TYPE=redhat
 
 case "${ID}-${VERSION_ID}" in
     "rhel-8"* )
@@ -160,6 +166,18 @@ case "${ID}-${VERSION_ID}" in
         sudo setenforce 0
         getenforce
         ;;
+    fedora-*)
+        OSTREE_REF="fedora/${VERSION_ID}/${ARCH}/iot"
+        PARENT_REF="fedora/${VERSION_ID}/${ARCH}/iot"
+        OS_VARIANT="fedora-unknown"
+        CONTAINER_TYPE="iot-container"
+        INSTALLER_TYPE="iot-simplified-installer"
+        REF_PREFIX="fedora-iot"
+        SYSROOT_RO="true"
+        IMAGE_TYPE="fedora"
+        ANSIBLE_USER=fdouser
+        FDO_USER_ONBOARDING="true"
+        ;;
     *)
         redprint "unsupported distro: ${ID}-${VERSION_ID}"
         exit 1;;
@@ -169,12 +187,13 @@ if [[ "$FDO_USER_ONBOARDING" == "true" ]]; then
     # FDO user does not have password, use ssh key and no sudo password instead
     sudo /usr/local/bin/yq -iy ".service_info.initial_user |= {username: \"fdouser\", sshkeys: [\"${SSH_KEY_PUB}\"]}" /etc/fdo/aio/configs/serviceinfo_api_server.yml
     # No sudo password required by ansible
-    tee /tmp/fdouser > /dev/null << EOF
+    sudo tee /var/lib/fdo/fdouser > /dev/null << EOF
 fdouser ALL=(ALL) NOPASSWD: ALL
 EOF
-    sudo /usr/local/bin/yq -iy '.service_info.files |= [{path: "/etc/sudoers.d/fdouser", source_path: "/tmp/fdouser"}]' /etc/fdo/aio/configs/serviceinfo_api_server.yml
+    sudo /usr/local/bin/yq -iy '.service_info.files |= [{path: "/etc/sudoers.d/fdouser", source_path: "/var/lib/fdo/fdouser"}]' /etc/fdo/aio/configs/serviceinfo_api_server.yml
     sudo systemctl restart fdo-aio
 fi
+
 # Wait for fdo server to be running
 until [ "$(curl -X POST http://${FDO_SERVER_ADDRESS}:8080/ping)" == "pong" ]; do
     sleep 1;
@@ -367,9 +386,6 @@ version = "*"
 name = "sssd"
 version = "*"
 
-[customizations.kernel]
-name = "${KERNEL_RT_PKG}"
-
 [[customizations.user]]
 name = "admin"
 description = "Administrator account"
@@ -379,6 +395,14 @@ home = "/home/admin/"
 groups = ["wheel"]
 EOF
 
+# Fedora does not have kernel-rt
+if [[ "$ID" != "fedora" ]]; then
+    tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF
+[customizations.kernel]
+name = "${KERNEL_RT_PKG}"
+EOF
+fi
+
 greenprint "📄 container blueprint"
 cat "$BLUEPRINT_FILE"
 
@@ -541,7 +565,7 @@ EOF
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${INSTALL_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \
@@ -713,7 +737,7 @@ EOF
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${INSTALL_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \
@@ -883,7 +907,7 @@ fi
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${INSTALL_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \
@@ -916,9 +940,6 @@ version = "*"
 name = "wget"
 version = "*"
 
-[customizations.kernel]
-name = "${KERNEL_RT_PKG}"
-
 [[customizations.user]]
 name = "admin"
 description = "Administrator account"
@@ -927,6 +948,14 @@ home = "/home/admin/"
 groups = ["wheel"]
 EOF
 
+# Fedora does not have kernel-rt
+if [[ "$ID" != "fedora" ]]; then
+    tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF
+[customizations.kernel]
+name = "${KERNEL_RT_PKG}"
+EOF
+fi
+
 greenprint "📄 rebase blueprint"
 cat "$BLUEPRINT_FILE"
 
@@ -1020,7 +1049,7 @@ EOF
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${REBASE_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \
@@ -1179,7 +1208,7 @@ EOF
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${INSTALL_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \
@@ -1215,9 +1244,6 @@ version = "*"
 name = "wget"
 version = "*"
 
-[customizations.kernel]
-name = "${KERNEL_RT_PKG}"
-
 [[customizations.user]]
 name = "admin"
 description = "Administrator account"
@@ -1226,6 +1252,14 @@ home = "/home/admin/"
 groups = ["wheel"]
 EOF
 
+# Fedora does not have kernel-rt
+if [[ "$ID" != "fedora" ]]; then
+    tee -a "$BLUEPRINT_FILE" >> /dev/null << EOF
+[customizations.kernel]
+name = "${KERNEL_RT_PKG}"
+EOF
+fi
+
 greenprint "📄 upgrade blueprint"
 cat "$BLUEPRINT_FILE"
 
@@ -1320,7 +1354,7 @@ EOF
 
 # Test IoT/Edge OS
 sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
-    -e image_type=redhat \
+    -e image_type=${IMAGE_TYPE} \
     -e ostree_commit="${UPGRADE_HASH}" \
     -e skip_rollback_test="true" \
     -e edge_type=edge-simplified-installer \

diff --git a/test/data/ansible/check_ostree.yaml b/test/data/ansible/check_ostree.yaml
@@ -13,6 +13,7 @@
     ignition: "false"
     test_custom_dirs_files: "false"
     sysroot_ro: "false"
+    image_type: "none"
 
   tasks:
     # current target host's IP address
@@ -267,6 +268,27 @@
       when:
         - "'/dev/mapper/rootvg-rootlv' in result_sysroot_source.stdout"
         - fdo_credential == "true"
+        - image_type == "redhat"
+
+    # on fedora, it grows to 18.49G
+    - name: "pv size should bigger than 18G for simplified installer"
+      block:
+        - assert:
+            that:
+              - "'18' in result_pv_size.stdout"
+            fail_msg: "pv size is not bigger than 18G"
+            success_msg: "pv size is bigger than 18G"
+      always:
+        - set_fact:
+            total_counter: "{{ total_counter | int + 1 }}"
+      rescue:
+        - name: failed count + 1
+          set_fact:
+            failed_counter: "{{ failed_counter | int + 1 }}"
+      when:
+        - "'/dev/mapper/rootvg-rootlv' in result_sysroot_source.stdout"
+        - fdo_credential == "true"
+        - image_type == "fedora"
 
     # raw image does not have coreos-installer to grow fs to 19G
     - name: "pv size should keep at 9G for raw image"
@@ -307,7 +329,28 @@
         - name: failed count + 1
           set_fact:
             failed_counter: "{{ failed_counter | int + 1 }}"
-      when: "'/dev/mapper/rootvg-rootlv' in result_sysroot_source.stdout"
+      when: 
+        - "'/dev/mapper/rootvg-rootlv' in result_sysroot_source.stdout"
+        - image_type == "redhat"
+
+    # lv size on fedora is 7.8G, https://github.com/osbuild/osbuild-composer/issues/3529
+    - name: "/sysroot lv size should be 7.8G on fedora"
+      block:
+        - assert:
+            that:
+              - "'7.8G' in result_sysroot_lv_size.stdout"
+            fail_msg: "lv size is not 7.8G"
+            success_msg: "lv size is 7.8G"
+      always:
+        - set_fact:
+            total_counter: "{{ total_counter | int + 1 }}"
+      rescue:
+        - name: failed count + 1
+          set_fact:
+            failed_counter: "{{ failed_counter | int + 1 }}"
+      when: 
+        - "'/dev/mapper/rootvg-rootlv' in result_sysroot_source.stdout"
+        - image_type == "fedora"
 
     # case: check /sysroot mount status
     - name: check /sysroot mount status
@@ -976,7 +1019,27 @@
         - name: failed count + 1
           set_fact:
             failed_counter: "{{ failed_counter | int + 1 }}"
-      when: fdo_credential == "true"
+      when:
+        - fdo_credential == "true"
+        - image_type == "redhat"
+
+    - name: wait for FDO re-encryption
+      block:
+        - shell: cryptsetup luksDump /dev/vda3
+          register: result
+          until: not result.stdout_lines is search("cipher_null-ecb")
+          retries: 30
+          delay: 60
+      always:
+        - set_fact:
+            total_counter: "{{ total_counter | int + 1 }}"
+      rescue:
+        - name: failed count + 1
+          set_fact:
+            failed_counter: "{{ failed_counter | int + 1 }}"
+      when:
+        - fdo_credential == "true"
+        - image_type == "fedora"
 
     - name: check fdo-client-linuxapp logs
       command: journalctl -u fdo-client-linuxapp