From b66a34fad968e3eb363744544e4348ccae0e1617 Mon Sep 17 00:00:00 2001 From: Luke Yang Date: Wed, 3 Jul 2024 13:26:45 -0400 Subject: [PATCH] Test: implement kargs e2e test Update check-system.yaml to check the kargs in the installed system. Update the install Containerfile with install kargs in `/usr/lib/bootc/install` and day 2 kargs in `/usr/lib/bootc/kargs.d`, checking to see that the kargs are applied in the installed system. Update the upgrade Containerfile with different day 2 kargs, checking to see if the delta is applied properly. Signed-off-by: Luke Yang --- tests/e2e/bootc-install.sh | 20 ++++++++++++++++++-- tests/e2e/playbooks/check-system.yaml | 27 +++++++++++++++++++++++++++ 2 files changed, 45 insertions(+), 2 deletions(-) diff --git a/tests/e2e/bootc-install.sh b/tests/e2e/bootc-install.sh index 46ac8c319..9976572dd 100755 --- a/tests/e2e/bootc-install.sh +++ b/tests/e2e/bootc-install.sh @@ -106,13 +106,23 @@ sed "s|REPLACE_COPR_PROJECT|${PACKIT_COPR_PROJECT}|; s|REPLACE_TEST_OS|${REPLACE # Configure continerfile greenprint "Create $TEST_OS installation Containerfile" -tee "$INSTALL_CONTAINERFILE" > /dev/null << EOF +tee "$INSTALL_CONTAINERFILE" > /dev/null << REALEOF FROM "$TIER1_IMAGE_URL" COPY bootc.repo /etc/yum.repos.d/ COPY domain.crt /etc/pki/ca-trust/source/anchors/ RUN dnf -y update bootc && \ update-ca-trust +RUN cat <> /usr/lib/bootc/install/00-mitigations.toml +[install.filesystem.root] +type = "xfs" +[install] +kargs = ["mitigations=on", "nosmt"] EOF +RUN mkdir -p /usr/lib/bootc/kargs.d +RUN cat <> /usr/lib/bootc/kargs.d/01-console.toml +kargs = ["systemd.unified_cgroup_hierarchy=0","console=ttyS0","panic=0"] +EOF +REALEOF case "$TEST_CASE" in "to-existing-root") @@ -244,15 +254,20 @@ ansible-playbook -v \ -e test_os="$TEST_OS" \ -e bootc_image="$TEST_IMAGE_URL" \ -e image_label_version_id="$REDHAT_VERSION_ID" \ + -e kargs="mitigations=on,nosmt,systemd.unified_cgroup_hierarchy=0,console=ttyS0,panic=0" \ playbooks/check-system.yaml # Prepare upgrade containerfile greenprint "Create upgrade Containerfile" -tee "$UPGRADE_CONTAINERFILE" > /dev/null << EOF +tee "$UPGRADE_CONTAINERFILE" > /dev/null << REALEOF FROM "$TEST_IMAGE_URL" RUN dnf -y install wget && \ dnf -y clean all +RUN rm /usr/lib/bootc/kargs.d/01-console.toml +RUN cat <> /usr/lib/bootc/kargs.d/01-console.toml +kargs = ["systemd.unified_cgroup_hierarchy=1","console=ttyS","panic=0"] EOF +REALEOF # Build upgrade container image and push to locay registry greenprint "Build $TEST_OS upgrade container image" @@ -284,6 +299,7 @@ ansible-playbook -v \ -e bootc_image="$BOOTC_IMAGE" \ -e image_label_version_id="$REDHAT_VERSION_ID" \ -e upgrade="true" \ + -e kargs="systemd.unified_cgroup_hierarchy=1,console=ttyS,panic=0" \ playbooks/check-system.yaml # bootc rollback test diff --git a/tests/e2e/playbooks/check-system.yaml b/tests/e2e/playbooks/check-system.yaml index 00927b659..3107b2fa0 100644 --- a/tests/e2e/playbooks/check-system.yaml +++ b/tests/e2e/playbooks/check-system.yaml @@ -4,6 +4,7 @@ vars: bootc_image: "" upgrade: "" + kargs: "" total_counter: "0" failed_counter: "0" @@ -355,6 +356,32 @@ register: result_selinux_denied become: true ignore_errors: true + + # case: check karg + - name: grep for kargs + shell: cat /proc/cmdline | grep {{item}} + with_items: "{{ kargs.split(',') }}" + register: kargs_check + # grep will exit with 1 when no results found. + # This causes the task not to halt play. + ignore_errors: true + when: kargs != '' + + - name: check if kargs exist + block: + - assert: + that: + - kargs_check is succeeded + fail_msg: install kargs not found + success_msg: install kargs found + always: + - set_fact: + total_counter: "{{ total_counter | int + 1 }}" + rescue: + - name: failed count + 1 + set_fact: + failed_counter: "{{ failed_counter | int + 1 }}" + when: kargs != '' # case: check running container with podman in root - name: run CentOS Stream 9 image with podman in root