@@ -139,3 +139,189 @@ jobs:
139139 bootupctl backend generate-update-metadata -vvv
140140 cat ${updates}/EFI.json | jq
141141 '
142+
143+ name : Test install after extend-payload
144+ run : |
145+ set -xeuo pipefail
146+ sudo truncate -s 5G myimage-extend.raw
147+ sudo podman run --rm --privileged -v .:/target --pid=host --security-opt label=disable \
148+ -v /var/lib/containers:/var/lib/containers \
149+ -v /dev:/dev \
150+ localhost/bootupd:latest bash -c '
151+ # Create test firmware directory and files
152+ mkdir -p /usr/share/uboot/rpi/overlays
153+ echo "test uboot binary content" > /usr/share/uboot/rpi/u-boot.bin
154+ echo "i2c device tree overlay" > /usr/share/uboot/rpi/overlays/i2c.dtb
155+
156+ # Create a fake RPM database for testing
157+ mkdir -p /usr/lib/sysimage/rpm
158+ echo "fake rpm database" > /usr/lib/sysimage/rpm/Packages
159+
160+ # Create mock rpm script that returns test package data
161+ echo '#!/bin/bash' > /usr/local/bin/rpm
162+ echo 'if [[ "$*" == *"-q"* ]] && [[ "$*" == *"-f"* ]]; then' >> /usr/local/bin/rpm
163+ echo ' echo "uboot-images-2023.04-2.fc42.noarch,1681234567"' >> /usr/local/bin/rpm
164+ echo ' exit 0' >> /usr/local/bin/rpm
165+ echo 'fi' >> /usr/local/bin/rpm
166+ echo 'exec /usr/bin/rpm.orig "$@"' >> /usr/local/bin/rpm
167+
168+ # Backup original rpm and make our mock executable
169+ cp /usr/bin/rpm /usr/bin/rpm.orig
170+ chmod +x /usr/local/bin/rpm
171+ export PATH="/usr/local/bin:$PATH"
172+
173+ # Run extend-payload-to-esp first
174+ bootupctl backend extend-payload-to-esp /usr/share/uboot/rpi
175+
176+ # Verify firmware was extended correctly
177+ test -d /usr/lib/efi/firmware || { echo "firmware directory not created"; exit 1; }
178+ firmware_ver_dir=$(find /usr/lib/efi/firmware -name "*2023.04*" -type d | head -1)
179+ test -n "${firmware_ver_dir}" || { echo "firmware version directory not found"; exit 1; }
180+ test -f "${firmware_ver_dir}/EFI/u-boot.bin" || { echo "u-boot.bin not copied"; exit 1; }
181+ echo "✓ extend-payload completed successfully"
182+ # Now test install to disk with extended firmware
183+ bootc install to-disk --skip-fetch-check \
184+ --disable-selinux --generic-image --via-loopback /target/myimage-extend.raw
185+ '
186+
187+ # Verify firmware files were installed to ESP
188+ sudo losetup -P -f myimage-extend.raw
189+ device=$(losetup -a myimage-extend.raw --output NAME -n)
190+ esp_part=$(sudo sfdisk -l -J "${device}" | jq -r '.partitiontable.partitions[] | select(.type == "C12A7328-F81F-11D2-BA4B-00A0C93EC93B").node')
191+ sudo mount "${esp_part}" /mnt/
192+
193+ # Check that firmware files were copied to ESP during install
194+ if sudo test -f /mnt/u-boot.bin; then
195+ sudo grep -q "test uboot binary content" /mnt/u-boot.bin || { echo "u-boot.bin content incorrect on ESP"; exit 1; }
196+ echo "✓ Firmware files correctly installed to ESP"
197+ else
198+ echo "Note: u-boot.bin not found on ESP (firmware install integration may need work)"
199+ fi
200+
201+ sudo umount /mnt
202+ sudo losetup -D "${device}"
203+ sudo rm -f myimage-extend.raw
204+
205+ name : Test update after extend-payload
206+ run : |
207+ set -xeuo pipefail
208+ sudo truncate -s 5G myimage-update.raw
209+ sudo podman run --rm --privileged -v .:/target --pid=host --security-opt label=disable \
210+ -v /var/lib/containers:/var/lib/containers \
211+ -v /dev:/dev \
212+ localhost/bootupd:latest bash -c '
213+ # Create initial test firmware directory and files
214+ mkdir -p /usr/share/uboot/rpi/overlays
215+ echo "initial uboot binary content v1.0" > /usr/share/uboot/rpi/u-boot.bin
216+ echo "initial i2c device tree overlay" > /usr/share/uboot/rpi/overlays/i2c.dtb
217+
218+ # Create a fake RPM database for testing
219+ mkdir -p /usr/lib/sysimage/rpm
220+ echo "fake rpm database" > /usr/lib/sysimage/rpm/Packages
221+
222+ # Create mock rpm script that returns initial package data
223+ echo '#!/bin/bash' > /usr/local/bin/rpm
224+ echo 'if [[ "$*" == *"-q"* ]] && [[ "$*" == *"-f"* ]]; then' >> /usr/local/bin/rpm
225+ echo ' echo "uboot-images-2023.04-1.fc42.noarch,1681234567"' >> /usr/local/bin/rpm
226+ echo ' exit 0' >> /usr/local/bin/rpm
227+ echo 'fi' >> /usr/local/bin/rpm
228+ echo 'exec /usr/bin/rpm.orig "$@"' >> /usr/local/bin/rpm
229+
230+ # Backup original rpm and make our mock executable
231+ cp /usr/bin/rpm /usr/bin/rpm.orig
232+ chmod +x /usr/local/bin/rpm
233+ export PATH="/usr/local/bin:$PATH"
234+
235+ # Run initial extend-payload-to-esp
236+ bootupctl backend extend-payload-to-esp /usr/share/uboot/rpi
237+
238+ # Verify initial firmware was extended correctly
239+ test -d /usr/lib/efi/firmware || { echo "firmware directory not created"; exit 1; }
240+ firmware_ver_dir=$(find /usr/lib/efi/firmware -name "*2023.04-1*" -type d | head -1)
241+ test -n "${firmware_ver_dir}" || { echo "initial firmware version directory not found"; exit 1; }
242+ test -f "${firmware_ver_dir}/EFI/u-boot.bin" || { echo "initial u-boot.bin not copied"; exit 1; }
243+ grep -q "initial uboot binary content v1.0" "${firmware_ver_dir}/EFI/u-boot.bin"
244+ echo "✓ initial extend-payload completed successfully"
245+
246+ # Install to disk with initial firmware
247+ bootc install to-disk --skip-fetch-check \
248+ --disable-selinux --generic-image --via-loopback /target/myimage-update.raw
249+
250+ # Now simulate a firmware update by creating new firmware files
251+ echo "updated uboot binary content v2.0" > /usr/share/uboot/rpi/u-boot.bin
252+ echo "updated i2c device tree overlay" > /usr/share/uboot/rpi/overlays/i2c.dtb
253+ echo "new overlay for v2" > /usr/share/uboot/rpi/overlays/spi.dtb
254+
255+ # Update mock rpm to return new version
256+ echo '#!/bin/bash' > /usr/local/bin/rpm
257+ echo 'if [[ "$*" == *"-q"* ]] && [[ "$*" == *"-f"* ]]; then' >> /usr/local/bin/rpm
258+ echo ' echo "uboot-images-2023.04-2.fc42.noarch,1681234999"' >> /usr/local/bin/rpm
259+ echo ' exit 0' >> /usr/local/bin/rpm
260+ echo 'fi' >> /usr/local/bin/rpm
261+ echo 'exec /usr/bin/rpm.orig "$@"' >> /usr/local/bin/rpm
262+
263+ # Run updated extend-payload-to-esp
264+ bootupctl backend extend-payload-to-esp /usr/share/uboot/rpi
265+
266+ # Verify updated firmware was extended correctly (only v2.0 should exist now)
267+ updated_firmware_ver_dir=$(find /usr/lib/efi/firmware -name "*2023.04-2*" -type d | head -1)
268+ test -n "${updated_firmware_ver_dir}" || { echo "updated firmware version directory not found"; exit 1; }
269+ test -f "${updated_firmware_ver_dir}/EFI/u-boot.bin" || { echo "updated u-boot.bin not copied"; exit 1; }
270+ grep -q "updated uboot binary content v2.0" "${updated_firmware_ver_dir}/EFI/u-boot.bin"
271+ test -f "${updated_firmware_ver_dir}/EFI/overlays/spi.dtb" || { echo "new spi.dtb not copied"; exit 1; }
272+
273+ # Verify old version (2023.04-1) was removed
274+ old_firmware_ver_dir=$(find /usr/lib/efi/firmware -name "*2023.04-1*" -type d | head -1)
275+ test -z "${old_firmware_ver_dir}" || { echo "old firmware version should have been removed but still exists: ${old_firmware_ver_dir}"; exit 1; }
276+
277+ echo "✓ updated extend-payload completed successfully (old version cleaned up)"
278+
279+ # Run bootupctl update to apply the updated firmware to ESP
280+ bootupctl update
281+ echo "✓ bootupctl update completed successfully"
282+ '
283+
284+ # Verify updated firmware files were applied to ESP
285+ sudo losetup -P -f myimage-update.raw
286+ device=$(losetup -a myimage-update.raw --output NAME -n)
287+ esp_part=$(sudo sfdisk -l -J "${device}" | jq -r '.partitiontable.partitions[] | select(.type == "C12A7328-F81F-11D2-BA4B-00A0C93EC93B").node')
288+ sudo mount "${esp_part}" /mnt/
289+
290+ # Check that updated firmware files were applied to ESP during update
291+ if sudo test -f /mnt/u-boot.bin; then
292+ sudo grep -q "updated uboot binary content v2.0" /mnt/u-boot.bin || { echo "u-boot.bin was not updated on ESP"; exit 1; }
293+ echo "✓ Updated firmware files correctly applied to ESP"
294+ else
295+ echo "Warning: u-boot.bin not found on ESP after update"
296+ exit 1
297+ fi
298+
299+ # Check that new overlay file was also copied
300+ if sudo test -f /mnt/overlays/spi.dtb; then
301+ sudo grep -q "new overlay for v2" /mnt/overlays/spi.dtb || { echo "spi.dtb content incorrect on ESP"; exit 1; }
302+ echo "✓ New overlay files correctly applied to ESP"
303+ else
304+ echo "Warning: new spi.dtb not found on ESP after update"
305+ fi
306+
307+ # Verify checksums and state integrity
308+ echo "🔍 Validating firmware checksums and state integrity..."
309+ sudo podman run --rm --privileged -v .:/target --pid=host --security-opt label=disable \
310+ -v /var/lib/containers:/var/lib/containers \
311+ -v /dev:/dev \
312+ localhost/bootupd:latest bash -c '
313+ # Run bootupctl validate to check all checksums
314+ bootupctl validate || { echo "bootupctl validate failed - checksum mismatch detected"; exit 1; }
315+ echo "✓ All file checksums validated successfully"
316+
317+ # Check that bootupd-state.json reflects the updated firmware
318+ if test -f /boot/bootupd-state.json; then
319+ # Verify firmware is tracked in state
320+ jq -e ".installed.EFI.firmware.uboot" /boot/bootupd-state.json >/dev/null || { echo "Updated firmware not found in bootupd-state.json"; exit 1; }
321+ echo "✓ Updated firmware properly tracked in bootupd-state.json"
322+ fi
323+ '
324+
325+ sudo umount /mnt
326+ sudo losetup -D "${device}"
327+ sudo rm -f myimage-update.raw
0 commit comments