From a0146a3eb316dde1deabbfaded12b20bf0bec064 Mon Sep 17 00:00:00 2001 From: Dinesh Prasanth M K Date: Mon, 19 Jun 2017 17:39:55 -0400 Subject: Smoke test with FreeIPA Travis CI is configured to build dogtag RPMs, test CA and KRA and finally do a smoke test with stable FreeIPA. Smoke test runs cert related tests: - test_caacl_plugin - test_caacl_profile_enforcement - test_cert_plugin - test_certprofile_plugin - test_vault_plugin https://pagure.io/dogtagpki/issue/2743 Change-Id: I894133f585772673932d1e8d8420c5c4c5ed6b7e --- .test_runner_config.yaml | 84 ++++++++++++++++++++++++++++++++++++++++++++++++ .travis.yml | 35 +++++++++++++++++--- .travis_run_ipa_task.sh | 65 +++++++++++++++++++++++++++++++++++++ 3 files changed, 179 insertions(+), 5 deletions(-) create mode 100644 .test_runner_config.yaml create mode 100755 .travis_run_ipa_task.sh diff --git a/.test_runner_config.yaml b/.test_runner_config.yaml new file mode 100644 index 000000000..1ca5a72c2 --- /dev/null +++ b/.test_runner_config.yaml @@ -0,0 +1,84 @@ +# Authors: +# Dinesh Prasanth M K +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2017 Red Hat, Inc. +# All rights reserved. +# + +container: + detach: true + hostname: master.ipa.test + working_dir: /freeipa +host: + binds: + - /sys/fs/cgroup:/sys/fs/cgroup:ro + - /dev/urandom:/dev/random:ro + privileged: true + security_opt: + - label:disable + tmpfs: + - /tmp + - /run +server: + domain: ipa.test + password: Secret.123 + realm: IPA.TEST +steps: + build: + - echo "Skipping Build. Nothing to do..." + builddep: + - rm -rf /var/cache/dnf/* + - "dnf makecache fast || :" + cleanup: + - chown -R ${uid}:${gid} ${container_working_dir} + - journalctl -b --no-pager > systemd_journal.log + - > + tar --ignore-failed-read -cvf ${container_working_dir}/var_log.tar + /var/log/dirsrv + /var/log/httpd + /var/log/ipa* + /var/log/krb5kdc.log + /var/log/pki + systemd_journal.log + - chown ${uid}:${gid} ${container_working_dir}/var_log.tar + configure: + - dnf repolist + install_packages: + - echo "Installing recently built dogtag RPMs..." + - find /freeipa/dogtag_rpms/ -name '*.rpm' -and -not -name '*debuginfo*' | xargs dnf install -y --best --allowerasing + - rpm -qa freeipa-* + - rpm -qa pki-* + install_server: + - echo "Installing ipa-server..." + - ipa-server-install -U --domain ${server_domain} --realm ${server_realm} -p ${server_password} + -a ${server_password} --setup-dns --setup-kra --auto-forwarders + - systemctl restart httpd.service + lint: + - echo "Skipping lint. Nothing to do here..." + prepare_tests: + - echo ${server_password} | kinit admin && ipa ping + - cp -r /etc/ipa/* ~/.ipa/ + - echo ${server_password} > ~/.ipa/.dmpw + - echo 'wait_for_dns=5' >> ~/.ipa/default.conf + run_tests: + - ipa-run-tests ${tests_ignore} -k-test_dns_soa ${tests_verbose} ${path} + - ipa-server-install --uninstall -U +tests: + ignore: + - test_integration + - test_webui + - test_ipapython/test_keyring.py + verbose: true diff --git a/.travis.yml b/.travis.yml index 54ae88431..4399c67e0 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,11 +3,16 @@ language: python services: - docker - +cache: pip env: global: - CONTAINER=pkitest - SCRIPTDIR=/tmp/workdir/pki/.travis + - DOGTAG_PKI_RPMS=${TRAVIS_BUILD_DIR}/dogtag_rpms + - RPMS_LOCATION=/tmp/workdir/packages/RPMS + - PKI_LOG=pki_log.log + - CI_RESULTS_LOG="ci_results_${TRAVIS_BRANCH}.log" + - IPA_TEST_RUNNER_IMAGE="dogtagpki/dogtag-freeipa-ci-containers:f25_ipa_4-5" matrix: - IMAGE=dogtagpki/pki-ci-containers:f25_104 # F26 repo is unstable @@ -17,6 +22,7 @@ env: before_install: - docker pull ${IMAGE} + - docker pull ${IPA_TEST_RUNNER_IMAGE} - > docker run --detach @@ -33,15 +39,30 @@ before_install: -e TRAVIS_JOB_NUMBER=${TRAVIS_JOB_NUMBER} -ti ${IMAGE} - - docker ps -a install: + - docker exec -ti ${CONTAINER} /bin/ls -la /tmp/workdir + - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/00-init - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/10-compose-rpms + + # Copy the built RPMS to host machine + - mkdir -p ${DOGTAG_PKI_RPMS} + - docker cp ${CONTAINER}:${RPMS_LOCATION}/. ${DOGTAG_PKI_RPMS} + - ls ${DOGTAG_PKI_RPMS} + - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/20-install-rpms - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/30-setup-389ds + # IPA related installs + - pip install --upgrade pip + - pip3 install --upgrade pip + - pip install pep8 + - > + pip3 install + git+https://github.com/freeipa/ipa-docker-test-runner@release-0-2-1 script: + # Test whether pki subsystem works correctly - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/40-spawn-ca - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/50-spawn-kra - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/99-destroy @@ -51,10 +72,14 @@ script: - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/40-spawn-ca - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/50-spawn-kra - docker exec -ti ${CONTAINER} ${SCRIPTDIR}/99-destroy - + # It is time to run FreeIPA tests with new Dogtag RPMS built + - travis_wait 20 ./.travis_run_ipa_task.sh after_script: - docker kill ${CONTAINER} - docker rm ${CONTAINER} - +# The errors can be in either dogtag container or freeipa container after_failure: - - docker exec -ti ${CONTAINER} journalctl -l + - docker exec ${CONTAINER} journalctl -l > ${PKI_LOG} + - echo "Uploading CI Logs to transfer.sh ..." + - curl --upload-file ./${PKI_LOG} https://transfer.sh/dogtag_build_logs.txt + - curl --upload-file ./${CI_RESULTS_LOG} https://transfer.sh/freeipa-integration.txt diff --git a/.travis_run_ipa_task.sh b/.travis_run_ipa_task.sh new file mode 100755 index 000000000..9fb647295 --- /dev/null +++ b/.travis_run_ipa_task.sh @@ -0,0 +1,65 @@ +#!/bin/bash +# +# Authors: +# Dinesh Prasanth M K +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2017 Red Hat, Inc. +# All rights reserved. +# + +PYTHON="/usr/bin/python${TRAVIS_PYTHON_VERSION}" +TEST_RUNNER_CONFIG=".test_runner_config.yaml" +TASK_TO_RUN=run-tests + +test_set="test_caacl_plugin.py test_caacl_profile_enforcement.py test_cert_plugin.py test_certprofile_plugin.py test_vault_plugin.py" +developer_mode_opt="--developer-mode" +cert_test_file_loc="" + + +function truncate_log_to_test_failures() { + # chop off everything in the CI_RESULTS_LOG preceding pytest error output + # if there are pytest errors in the log + error_fail_regexp='\(=== ERRORS ===\)\|\(=== FAILURES ===\)' + + if grep -e "$error_fail_regexp" $CI_RESULTS_LOG > /dev/null + then + sed -i "/$error_fail_regexp/,\$!d" $CI_RESULTS_LOG + fi +} + +for test_files in ${test_set}; do + cert_test_file_loc="${cert_test_file_loc} test_xmlrpc/${test_files}" +done + +echo ${cert_test_file_loc} + +ipa-docker-test-runner -l ${CI_RESULTS_LOG} \ + -c ${TEST_RUNNER_CONFIG} \ + $developer_mode_opt \ + --container-environment "PYTHON=$PYTHON" \ + --container-image ${IPA_TEST_RUNNER_IMAGE} \ + --git-repo ${TRAVIS_BUILD_DIR} \ + ${TASK_TO_RUN} ${cert_test_file_loc} + + +exit_status="$?" + +if [[ "$exit_status" -ne 0 ]] +then + truncate_log_to_test_failures +fi + +exit $exit_status \ No newline at end of file -- cgit