Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI: Use noble image for QA tests #641

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

CI: Use noble image for QA tests #641

wants to merge 8 commits into from
+4,677 −4,626

Conversation

3v1n0
Copy link
Collaborator

@3v1n0 3v1n0 commented Nov 18, 2024

That's the ubuntu version we're targetting so far, and so we should care
about having it working as expected when doing integration tests in
particular.

Regenerate the SSH golden files to match post-noble SSH server expectations.

UDENG-5316

@3v1n0 3v1n0 requested a review from a team as a code owner November 18, 2024 15:27
@codecov-commenter
Copy link

codecov-commenter commented Nov 18, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 83.26%. Comparing base (e9cc1e9) to head (572504e).
Report is 6 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #641      +/-   ##
==========================================
- Coverage   83.28%   83.26%   -0.02%     
==========================================
  Files          80       80              
  Lines        8617     8607      -10     
  Branches       75       74       -1     
==========================================
- Hits         7177     7167      -10     
  Misses       1112     1112              
  Partials      328      328

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚨 Try these New Features:

@3v1n0 3v1n0 force-pushed the ci-noble branch 2 times, most recently from c579afa to 671525e Compare November 18, 2024 17:37
@adombeck adombeck mentioned this pull request Nov 19, 2024
Draft
@3v1n0
pam/integration-tests: Increase some tests terminal to not cut output
b6c8203 
Some tests golden files were not including the whole results, let's fix
them by increasing the terminal heights.
@3v1n0
pam/runner: Move format string variables to const values
742b9c6 
In this way we can check for them being in golden files in a reliable
way
@3v1n0
pam/integration-tests: Ensure that golden file contains required results
616c7c7 
Add an helper function to check that the golden files contains the final
pam runner results strings.

In this way we can ensure that the golden files sizes are big enough to
hold all the terminal contents.
@3v1n0
ci: Run QA jobs in ubuntu noble
b833c9f 
That's the ubuntu version we're targetting so far, and so we should care
about having it working as expected when doing integration tests in
particular.
@3v1n0
pam/integration-tests/vhs: Do not use chromium sandboxing when root
78d9558 
When running as root or in a schroot we should not care about chrome
sandbox used by VHS, so let's ignore it.
@3v1n0
pam/integration-tests/ssh: Run tests with noble SSH server and sync g…
2a41522 
…olden
@3v1n0
ci: Drop LSAN suppressions for PAM tests
bb77c86 
These are not needed anymore as the libPAM leaks are fixed in noble
@3v1n0 3v1n0 force-pushed the ci-noble branch 5 times, most recently from 3618848 to 957c746 Compare November 23, 2024 00:08
@3v1n0
auto-updates: Run on host container
572504e 
We don't need a docker image anymore now that we're depending on 24.04
denisonbarbosa
denisonbarbosa approved these changes Nov 27, 2024
View reviewed changes
Copy link
Member

@denisonbarbosa denisonbarbosa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

adombeck
adombeck reviewed Nov 28, 2024
View reviewed changes
pam/integration-tests/vhs-helpers_test.go
Comment on lines +330 to +343
var msgFormat string
switch sessionMode {
case authd.SessionMode_AUTH:
msgFormat = pam_test.RunnerResultActionAuthenticateFormat
case authd.SessionMode_PASSWD:
msgFormat = pam_test.RunnerResultActionChangeAuthTokFormat
default:
t.Errorf("Unsupported mode %s", sessionMode)
}

sessionMsg := fmt.Sprintf(msgFormat, user)
if user == "" {
sessionMsg = strings.ReplaceAll(msgFormat, "%q", "")
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like that we reimplement assembling of that message here. This will break if anything changes in https://github.com/3v1n0/authd/blob/572504e1e0c10d14d2e2afb89018023fb5c3c04f/pam/tools/pam-runner/pam-runner.go#L118-L133. Can we extract a function like this:

func PamResultMessage(mode string, user string) string {
	switch mode {
	case "login":
		return fmt.Sprintf("PAM ChangeAuthTok() for user %q", user)
	case "passwd":
		return fmt.Sprintf("PAM Authenticate() for user %q", user)
	default:
		panic("Invalid PAM operation: " + mode)
	}
}

and use it in both places?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had done that exactly to avoid breakage, but ok we can instead have a function instead I think, under the pam_test namespace.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had done that exactly to avoid breakage

What do you mean? That you reused the pam_test.RunnerResultActionChangeAuthTokFormat and pam_test.RunnerResultActionAuthenticateFormat constants instead of copying the string literal? That's a good first step, but still quite brittle IMO.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, I guess you mean 742b9c6 where you extracted the constants

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, let me reconsider your approach... Will handle ti soon :)

@adombeck adombeck mentioned this pull request Nov 28, 2024
Draft
adombeck
adombeck reviewed Nov 28, 2024
View reviewed changes
pam/integration-tests/ssh_test.go
Comment on lines 52 to 53
require.Empty(t, os.Getenv("GITHUB_REPOSITORY"),
"Golden files needs to be updated to ensure CI runs on Ubuntu %v")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
require.Empty(t, os.Getenv("GITHUB_REPOSITORY"),
"Golden files needs to be updated to ensure CI runs on Ubuntu %v")
require.Empty(t, os.Getenv("GITHUB_REPOSITORY"),
"Golden files need to be updated to run tests on Ubuntu %v", uv)

adombeck
adombeck reviewed Nov 28, 2024
View reviewed changes
.github/workflows/qa.yaml
@@ -257,13 +257,11 @@ jobs:
echo "Running PAM integration tests"
pushd ./pam/integration-tests
go test -asan -gcflags=all="${GO_GC_FLAGS}" -c
# FIXME: Suppression may be removed with newer libpam, as the one we ship in ubuntu as some leaks
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great that you thought about this!

@adombeck
Copy link
Contributor

I'm done with the review, everything looks good beside the small thing I remarked in #641 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@adombeck adombeck adombeck left review comments

@denisonbarbosa denisonbarbosa denisonbarbosa approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@3v1n0 @codecov-commenter @adombeck @denisonbarbosa