From 05f03a36ef6575b12e85670f3430a5e6e55dd547 Mon Sep 17 00:00:00 2001 From: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com> Date: Tue, 9 Jul 2024 15:20:10 +0200 Subject: [PATCH] Replace centos7 with rockylinux9 in integration-tests (#906) * add rockylinux9 test image * use own .PHONY directive to avoid merge conflicts * replace centos7 with rockylinux9 in integration tests --------- Co-authored-by: Ahmed Elsabbahy --- .github/workflows/golangci.yaml | 10 +- Makefile | 12 +- integration-tests/Dockerfile_rockylinux9 | 25 +++ integration-tests/goss/generate_goss.sh | 4 +- integration-tests/goss/goss-service.yaml | 2 +- .../goss/rockylinux9/goss-aa-expected.yaml | 17 ++ .../goss/rockylinux9/goss-expected-q.yaml | 127 +++++++++++++ .../goss/rockylinux9/goss-expected.yaml | 177 ++++++++++++++++++ integration-tests/goss/rockylinux9/goss.yaml | 33 ++++ integration-tests/goss/vars.yaml | 6 + integration-tests/test.sh | 4 +- 11 files changed, 402 insertions(+), 15 deletions(-) create mode 100644 integration-tests/Dockerfile_rockylinux9 create mode 100644 integration-tests/goss/rockylinux9/goss-aa-expected.yaml create mode 100644 integration-tests/goss/rockylinux9/goss-expected-q.yaml create mode 100644 integration-tests/goss/rockylinux9/goss-expected.yaml create mode 100644 integration-tests/goss/rockylinux9/goss.yaml diff --git a/.github/workflows/golangci.yaml b/.github/workflows/golangci.yaml index c9cad6e74..c04a58a99 100644 --- a/.github/workflows/golangci.yaml +++ b/.github/workflows/golangci.yaml @@ -51,11 +51,5 @@ jobs: with: go-version-file: go.mod - #- name: Integration tests - # run: make test-int-all - - # GHA does not work with centos7 - - name: Integration tests-64 - run: make wheezy trusty alpine3 arch test-int-serve-linux-amd64 - - name: Integration tests-32 - run: make wheezy-32 trusty-32 alpine3-32 arch-32 + - name: Integration tests + run: make test-int-all diff --git a/Makefile b/Makefile index d45d21084..b5148e82f 100644 --- a/Makefile +++ b/Makefile @@ -96,8 +96,8 @@ test-darwin-all: test-short-all test-int-darwin-all test-linux-all: test-short-all test-int-64 test-int-32 test-windows-all: test-short-all test-int-windows-all -test-int-64: centos7 wheezy trusty alpine3 arch test-int-serve-linux-amd64 -test-int-32: centos7-32 wheezy-32 trusty-32 alpine3-32 arch-32 +test-int-64: rockylinux9 wheezy trusty alpine3 arch test-int-serve-linux-amd64 +test-int-32: rockylinux9-32 wheezy-32 trusty-32 alpine3-32 arch-32 test-int-darwin-all: test-int-validate-darwin-amd64 test-int-serve-darwin-amd64 test-int-windows-all: test-int-validate-windows-amd64 test-int-serve-windows-amd64 test-int-all: test-int-32 test-int-64 @@ -105,6 +105,10 @@ test-int-all: test-int-32 test-int-64 centos7-32: build $(info INFO: Starting build $@) cd integration-tests/ && ./test.sh centos7 386 +.PHONY: rockylinux9-32 +rockylinux9-32: build + $(info INFO: Starting build $@) + cd integration-tests/ && ./test.sh rockylinux9 386 wheezy-32: build $(info INFO: Starting build $@) cd integration-tests/ && ./test.sh wheezy 386 @@ -120,6 +124,10 @@ arch-32: build centos7: build $(info INFO: Starting build $@) cd integration-tests/ && ./test.sh centos7 amd64 +.PHONY: rockylinux9 +rockylinux9: build + $(info INFO: Starting build $@) + cd integration-tests/ && ./test.sh rockylinux9 amd64 wheezy: build $(info INFO: Starting build $@) cd integration-tests/ && ./test.sh wheezy amd64 diff --git a/integration-tests/Dockerfile_rockylinux9 b/integration-tests/Dockerfile_rockylinux9 new file mode 100644 index 000000000..5416e89b0 --- /dev/null +++ b/integration-tests/Dockerfile_rockylinux9 @@ -0,0 +1,25 @@ +FROM rockylinux:9 + +ENV container docker + +RUN dnf install -y systemd httpd diffutils 'dnf-command(config-manager)' && \ + dnf config-manager --set-enabled crb && \ + dnf install -y epel-release && \ + dnf install -y tinyproxy && \ + dnf remove -y 'dnf-command(config-manager)' epel-release + +RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ + rm -f /lib/systemd/system/multi-user.target.wants/*;\ + rm -f /etc/systemd/system/*.wants/*;\ + rm -f /lib/systemd/system/local-fs.target.wants/*; \ + rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ + rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ + rm -f /lib/systemd/system/basic.target.wants/*;\ + rm -f /lib/systemd/system/anaconda.target.wants/*; + +CMD ["/usr/sbin/init"] + +RUN systemctl enable httpd +RUN systemctl enable tinyproxy +RUN chmod 700 ~root +RUN mkfifo /pipe diff --git a/integration-tests/goss/generate_goss.sh b/integration-tests/goss/generate_goss.sh index e07cb28d5..096bfa89d 100755 --- a/integration-tests/goss/generate_goss.sh +++ b/integration-tests/goss/generate_goss.sh @@ -18,8 +18,8 @@ for x in /etc/passwd /tmp/goss/foobar;do goss a "${args[@]}" file $x done -[[ $OS == "centos7" ]] && package="httpd" || package="apache2" -[[ $OS == "centos7" ]] && user="apache" || user="www-data" +[[ $OS == "centos7" || $OS == "rockylinux9" ]] && package="httpd" || package="apache2" +[[ $OS == "centos7" || $OS == "rockylinux9" ]] && user="apache" || user="www-data" goss a "${args[@]}" package $package foobar vim-tiny goss a "${args[@]}" addr --timeout 1s httpbin:80 httpbin:22 diff --git a/integration-tests/goss/goss-service.yaml b/integration-tests/goss/goss-service.yaml index 102c92cbf..08633b078 100644 --- a/integration-tests/goss/goss-service.yaml +++ b/integration-tests/goss/goss-service.yaml @@ -3,7 +3,7 @@ service: foobar: enabled: false running: false -{{ if .Env.OS | regexMatch "centos[7]" }} +{{ if .Env.OS | regexMatch "centos[7]|rockylinux[9]" }} httpd: {{else}} apache2: diff --git a/integration-tests/goss/rockylinux9/goss-aa-expected.yaml b/integration-tests/goss/rockylinux9/goss-aa-expected.yaml new file mode 100644 index 000000000..7fd1552f4 --- /dev/null +++ b/integration-tests/goss/rockylinux9/goss-aa-expected.yaml @@ -0,0 +1,17 @@ +package: + httpd: + installed: true + versions: + - 2.4.57-8.el9 +port: + tcp:80: + listening: true + ip: + - 0.0.0.0 +service: + httpd: + enabled: true + running: true +process: + httpd: + running: true diff --git a/integration-tests/goss/rockylinux9/goss-expected-q.yaml b/integration-tests/goss/rockylinux9/goss-expected-q.yaml new file mode 100644 index 000000000..b66ad535a --- /dev/null +++ b/integration-tests/goss/rockylinux9/goss-expected-q.yaml @@ -0,0 +1,127 @@ +file: + /etc/passwd: + exists: true + contents: [] + /tmp/goss/foobar: + exists: false + contents: [] +package: + foobar: + installed: false + httpd: + installed: true + vim-tiny: + installed: false +addr: + tcp://httpbin:22: + reachable: false + timeout: 1000 + tcp://httpbin:80: + reachable: true + timeout: 1000 + udp://8.8.8.8:53: + reachable: true + timeout: 1000 +port: + tcp:80: + listening: true + tcp:9999: + listening: false + tcp6:80: + listening: false +service: + foobar: + enabled: false + running: false + httpd: + enabled: true + running: true +user: + apache: + exists: true + foobar: + exists: false +group: + apache: + exists: true + foobar: + exists: false +command: + echo 'hi': + exit-status: 0 + stdout: "" + stderr: "" + timeout: 10000 + foobar: + exit-status: 127 + stdout: "" + stderr: "" + timeout: 10000 +dns: + CAA:dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + CNAME:c.dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + MX:dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + NS:dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + PTR:54.243.154.1: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + SRV:_https._tcp.dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + TXT:txt._test.dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + ip6.dnstest.io: + resolvable: true + timeout: 1000 + server: 8.8.8.8 + localhost: + resolvable: true + timeout: 1000 +process: + foobar: + running: false + httpd: + running: true +kernel-param: + kernel.ostype: + value: Linux +mount: + /dev: + exists: true + timeout: 1000 +http: + http://google.com: + status: 301 + allow-insecure: false + no-follow-redirects: true + timeout: 5000 + body: [] + https://www.apple.com: + status: 200 + allow-insecure: false + no-follow-redirects: false + timeout: 5000 + body: [] + proxy: http://127.0.0.1:8888 + https://www.google.com: + status: 200 + allow-insecure: false + no-follow-redirects: false + timeout: 5000 + body: [] diff --git a/integration-tests/goss/rockylinux9/goss-expected.yaml b/integration-tests/goss/rockylinux9/goss-expected.yaml new file mode 100644 index 000000000..bbd4249ea --- /dev/null +++ b/integration-tests/goss/rockylinux9/goss-expected.yaml @@ -0,0 +1,177 @@ +file: + /etc/passwd: + exists: true + mode: "0644" + owner: root + group: root + filetype: file + contents: [] + /tmp/goss/foobar: + exists: false + contents: [] +package: + foobar: + installed: false + httpd: + installed: true + versions: + - 2.4.57-8.el9 + vim-tiny: + installed: false +addr: + tcp://httpbin:22: + reachable: false + timeout: 1000 + tcp://httpbin:80: + reachable: true + timeout: 1000 + udp://8.8.8.8:53: + reachable: true + timeout: 1000 +port: + tcp:80: + listening: true + ip: + - 0.0.0.0 + tcp:9999: + listening: false + ip: [] + tcp6:80: + listening: false + ip: [] +service: + foobar: + enabled: false + running: false + httpd: + enabled: true + running: true +user: + apache: + exists: true + uid: 48 + gid: 48 + groups: + - apache + home: /usr/share/httpd + shell: /sbin/nologin + foobar: + exists: false +group: + apache: + exists: true + gid: 48 + foobar: + exists: false +command: + echo 'hi': + exit-status: 0 + stdout: + - hi + stderr: "" + timeout: 10000 + foobar: + exit-status: 127 + stdout: "" + stderr: + - 'sh: line 1: foobar: command not found' + timeout: 10000 +dns: + CAA:dnstest.io: + resolvable: true + addrs: + - 0 issue comodoca.com + - 0 issue letsencrypt.org + - 0 issuewild ; + timeout: 1000 + server: 8.8.8.8 + CNAME:c.dnstest.io: + resolvable: true + addrs: + - a.dnstest.io. + timeout: 1000 + server: 8.8.8.8 + MX:dnstest.io: + resolvable: true + addrs: + - 10 b.dnstest.io. + - 5 a.dnstest.io. + timeout: 1000 + server: 8.8.8.8 + NS:dnstest.io: + resolvable: true + addrs: + - ns1.dnstest.io. + - ns2.dnstest.io. + timeout: 1000 + server: 8.8.8.8 + PTR:54.243.154.1: + resolvable: true + addrs: + - ec2-54-243-154-1.compute-1.amazonaws.com. + timeout: 1000 + server: 8.8.8.8 + SRV:_https._tcp.dnstest.io: + resolvable: true + addrs: + - 0 5 443 a.dnstest.io. + - 10 10 443 b.dnstest.io. + timeout: 1000 + server: 8.8.8.8 + TXT:txt._test.dnstest.io: + resolvable: true + addrs: + - Hello DNS + timeout: 1000 + server: 8.8.8.8 + ip6.dnstest.io: + resolvable: true + addrs: + - 2404:6800:4001:807::200e + timeout: 1000 + server: 8.8.8.8 + localhost: + resolvable: true + addrs: + - 127.0.0.1 + - ::1 + timeout: 1000 +process: + foobar: + running: false + httpd: + running: true +kernel-param: + kernel.ostype: + value: Linux +mount: + /dev: + exists: true + opts: + - rw + - nosuid + vfs-opts: + - rw + source: tmpfs + filesystem: tmpfs + timeout: 1000 +http: + http://google.com: + status: 301 + allow-insecure: false + no-follow-redirects: true + timeout: 5000 + body: [] + https://www.apple.com: + status: 200 + allow-insecure: false + no-follow-redirects: false + timeout: 5000 + body: [] + proxy: http://127.0.0.1:8888 + https://www.google.com: + status: 200 + allow-insecure: false + no-follow-redirects: false + timeout: 5000 + body: [] diff --git a/integration-tests/goss/rockylinux9/goss.yaml b/integration-tests/goss/rockylinux9/goss.yaml new file mode 100644 index 000000000..818b2c34d --- /dev/null +++ b/integration-tests/goss/rockylinux9/goss.yaml @@ -0,0 +1,33 @@ +service: + autofs: + enabled: false + running: false +user: + apache: + exists: true + uid: 48 + gid: 48 + groups: + - apache + home: "/usr/share/httpd" +group: + apache: + exists: true + gid: 48 +process: + httpd: + running: true +port: + tcp:80: + listening: true + ip: + - '0.0.0.0' +addr: + tcp://127.0.0.1:80: + reachable: true + timeout: 500 + local-address: 127.0.0.1 +gossfile: + "../goss-s*.yaml": {} + bypath: + file: "../goss-dummy.yaml" diff --git a/integration-tests/goss/vars.yaml b/integration-tests/goss/vars.yaml index dd505182b..0cc72dbab 100644 --- a/integration-tests/goss/vars.yaml +++ b/integration-tests/goss/vars.yaml @@ -13,6 +13,12 @@ centos7: httpd: "2.4.6-95.el7.centos" services: httpd: [] +rockylinux9: + proxy: http://127.0.0.1:8888 + packages: + httpd: "2.4.57-8.el9" + services: + httpd: [] trusty: proxy: http://127.0.0.1:8888 packages: diff --git a/integration-tests/test.sh b/integration-tests/test.sh index 3225d37bf..2b9936d19 100755 --- a/integration-tests/test.sh +++ b/integration-tests/test.sh @@ -4,7 +4,7 @@ source "$(dirname "${BASH_SOURCE[0]}")/../ci/lib/setup.sh" || exit 67 # preserve current behaviour set -x -os="${1:?"Need OS as 1st arg. e.g. alpine arch centos7 trusty wheezy"}" +os="${1:?"Need OS as 1st arg. e.g. alpine arch centos7 rockylinux9 trusty wheezy"}" arch="${2:?"Need arch as 2nd arg. e.g. amd64 386"}" vars_inline="{inline: bar, overwrite: bar}" @@ -36,7 +36,7 @@ fi network=goss-test docker network create --driver bridge --subnet '172.19.0.0/16' $network docker run -d --name httpbin --network $network kennethreitz/httpbin -opts=(--env OS=$os --cap-add SYS_ADMIN -v "$PWD/goss:/goss" -d --name "$container_name" --security-opt seccomp:unconfined --security-opt label:disable) +opts=(--env OS=$os --cap-add SYS_ADMIN -v "$PWD/goss:/goss" -d --name "$container_name" --security-opt seccomp:unconfined --security-opt label:disable --privileged) id=$(docker run "${opts[@]}" --network $network "aelsabbahy/goss_$os" /sbin/init) ip=$(docker inspect --format '{{ .NetworkSettings.IPAddress }}' "$id") trap "rv=\$?; docker rm -vf $id;docker rm -vf httpbin;docker network rm $network; exit \$rv" INT TERM EXIT