-
Notifications
You must be signed in to change notification settings - Fork 288
/
test-lib.sh
1509 lines (1377 loc) · 52.5 KB
/
test-lib.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
# shellcheck shell=bash
#
# Test a container image.
#
# Always use sourced from a specific container testfile
#
# Container CI tests
# abbreviated as "ct"
# run ct_init before starting the actual testsuite
# shellcheck disable=SC2148
if [ -z "${sourced_test_lib:-}" ]; then
sourced_test_lib=1
else
return 0
fi
LINE="=============================================="
# may be redefined in the specific container testfile
EXPECTED_EXIT_CODE=0
# define UNSTABLE_TESTS if not already defined, as this variable
# is not mandatory for containers
UNSTABLE_TESTS="${UNSTABLE_TESTS:-""}"
# ct_init
# --------------------
# This function needs to be called before any container test starts
# Sets: $APP_ID_FILE_DIR - path to directory used for storing
# IDs of application images used during tests.
# Sets: $CID_FILE_DIR - path to directory containing cid_files
# Sets: $TEST_SUMMARY - string, where test results are written
# Sets: $TESTSUITE_RESULT - overall result of run testuite
function ct_init() {
APP_ID_FILE_DIR="$(mktemp -d)"
CID_FILE_DIR="$(mktemp -d)"
TEST_SUMMARY=""
TESTSUITE_RESULT=0
ct_enable_cleanup
}
# ct_cleanup
# --------------------
# Cleans up containers used during tests. Stops and removes all containers
# referenced by cid_files in CID_FILE_DIR. Dumps logs if a container exited
# unexpectedly. Removes the cid_files and CID_FILE_DIR as well.
# Uses: $CID_FILE_DIR - path to directory containing cid_files
# Uses: $EXPECTED_EXIT_CODE - expected container exit code
# Uses: $TESTSUITE_RESULT - overall result of all tests
function ct_cleanup() {
echo "$LINE"
echo "Cleaning of testing containers and images started."
echo "It may take a few seconds."
echo "$LINE"
ct_clean_app_images
ct_clean_containers
}
# ct_build_image_and_parse_id
# --------------------
# Return 0 if build was successful, 1 otherwise
# Uses: $1 - path to docckerfile
# Uses: $2 - build params
# Uses: $APP_IMAGE_ID - sets the app image id value to this variable
# this should be replaced by the --iidfile parameter
# when it becames supported by all versions of podman and docker that we support
ct_build_image_and_parse_id() {
local tmpdir
local log_file
local ret_val
local dockerfile
local command
local pid_build
local pid_sleep
local sleep_time
log_file="$(mktemp)"
sleep_time="10m"
[ -n "$1" ] && dockerfile="-f $1"
command="$(echo "docker build --no-cache $dockerfile $2" | tr -d "'")"
# running command in subshell, the subshell in background, storing pid to variable
(
$command > "$log_file" 2>&1
) & pid_build=$!
# creating second subshell with trap function on ALRM signal
# the subshell sleeps for 10m, then kills the first subshell
(
trap 'exit 0' ALRM; sleep "$sleep_time" && kill $pid_build
) & pid_sleep=$!
# waiting for build subshell to finish, either with success, or killed from sleep subshell
wait $pid_build
ret_val=$?
# send ALRM signal to the sleep subshell, so it exits even in case the 10mins
# not yet passed. If the kill was successful (the wait subshell received ALRM signal)
# then the build was not finished yet, so the return value is set to 1
kill -s ALRM $pid_sleep 2>/dev/null || ret_val=1
if [ $ret_val -eq 0 ]; then
APP_IMAGE_ID="$(tail -n 1 "$log_file")"
fi
cat "$log_file" ; rm -r "$log_file"
return "$ret_val"
}
# ct_container_running
# --------------------
# Return 0 if given container is in running state
# Uses: $1 - container id to check
function ct_container_running() {
local running
running="$(docker inspect -f '{{.State.Running}}' "$1")"
[ "$running" = "true" ] || return 1
}
# ct_container_exists
# --------------------
# Return 0 if given container exists
# Uses: $1 - container id to check
function ct_container_exists() {
local exists
exists="$(docker ps -q -a -f "id=$1")"
[ -n "$exists" ] || return 1
}
# ct_clean_app_images
# --------------------
# Cleans up application images referenced by APP_ID_FILE_DIR
# Uses: $APP_ID_FILE_DIR - path to directory containing image ID files
function ct_clean_app_images() {
local image
if [[ ! -d "${APP_ID_FILE_DIR:-}" ]]; then
echo "The \$APP_ID_FILE_DIR=$APP_ID_FILE_DIR is not created. App cleaning is to be skipped."
return 0
fi;
echo "Examining image ID files in \$APP_ID_FILE_DIR=$APP_ID_FILE_DIR"
for file in "${APP_ID_FILE_DIR:?}"/*; do
image="$(cat "$file")"
docker inspect "$image" > /dev/null 2>&1 || continue
containers="$(docker ps -q -a -f ancestor="$image")"
[[ -z "$containers" ]] || docker rm -f "$containers" 2>/dev/null
docker rmi -f "$image"
done
rm -fr "$APP_ID_FILE_DIR"
}
# ct_clean_containers
# --------------------
# Cleans up containers referenced by CID_FILE_DIR
# Uses: $CID_FILE_DIR - path to directory containing cid_files
function ct_clean_containers() {
if [[ -z ${CID_FILE_DIR:-} ]]; then
echo "The \$CID_FILE_DIR is not set. Container cleaning is to be skipped."
return
fi;
echo "Examining CID files in \$CID_FILE_DIR=$CID_FILE_DIR"
for cid_file in "$CID_FILE_DIR"/* ; do
[ -f "$cid_file" ] || continue
local container
container=$(cat "$cid_file")
ct_container_exists "$container" || continue
echo "Stopping and removing container $container..."
if ct_container_running "$container"; then
docker stop "$container"
fi
exit_status=$(docker inspect -f '{{.State.ExitCode}}' "$container")
if [ "$exit_status" != "$EXPECTED_EXIT_CODE" ]; then
echo "Dumping logs for $container"
docker logs "$container"
fi
docker rm -v "$container"
rm -f "$cid_file"
done
rm -rf "$CID_FILE_DIR"
}
# ct_show_results
# ---------------
# Prints results of all test cases that are stored into TEST_SUMMARY variable.
# Uses: $IMAGE_NAME - name of the tested container image
# Uses: $TEST_SUMMARY - text info about test-cases
# Uses: $TESTSUITE_RESULT - overall result of all tests
function ct_show_results() {
echo "$LINE"
#shellcheck disable=SC2153
echo "Tests were run for image ${IMAGE_NAME}"
echo "$LINE"
echo "Test cases results:"
echo
echo "${TEST_SUMMARY:-}"
if [ -n "${TESTSUITE_RESULT:-}" ] ; then
if [ "$TESTSUITE_RESULT" -eq 0 ] ; then
# shellcheck disable=SC2153
echo "Tests for ${IMAGE_NAME} succeeded."
else
# shellcheck disable=SC2153
echo "Tests for ${IMAGE_NAME} failed."
fi
fi
}
# ct_enable_cleanup
# --------------------
# Enables automatic container cleanup after tests.
function ct_enable_cleanup() {
trap ct_trap_on_exit EXIT
trap ct_trap_on_sigint SIGINT
}
# ct_trap_on_exit
# --------------------
function ct_trap_on_exit() {
local exit_code=$?
[ "$exit_code" -eq 130 ] && return # we do not want to catch SIGINT here
# We should not really care about what the script returns
# as the tests are constructed the way they never exit the shell.
# The check is added just to be sure that we catch some not expected behavior
# if any is added in the future.
echo "Tests finished with EXIT=$exit_code"
[ $exit_code -eq 0 ] && exit_code="${TESTSUITE_RESULT:-0}"
[ -n "${DEBUG:-}" ] || ct_show_resources
ct_cleanup
ct_show_results
exit "$exit_code"
}
# ct_trap_on_sigint
# --------------------
function ct_trap_on_sigint() {
echo "Tests were stopped by SIGINT signal"
ct_cleanup
ct_show_results
exit 130
}
# ct_pull_image
# -------------
# Function pull an image before tests execution
# Argument: image_name - string containing the public name of the image to pull
# Argument: exit - in case "true" is defined and pull failed, then script has to exit with 1 and no tests are executed
# Argument: loops - how many times to pull image in case of failure
# Function returns either 0 in case of pull was successful
# Or the test suite exit with 1 in case of pull error
function ct_pull_image() {
local image_name="$1"; [[ $# -gt 0 ]] && shift
local exit_variable=${1:-"false"}; [[ $# -gt 0 ]] && shift
local loops=${1:-10}
local loop=0
# Let's try to pull image.
echo "-> Pulling image $image_name ..."
# Sometimes in Fedora case it fails with HTTP 50X
# Check if the image is available locally and try to pull it if it is not
if [[ "$(docker images -q "$image_name" 2>/dev/null)" != "" ]]; then
echo "The image $image_name is already pulled."
return 0
fi
# Try pulling the image to see if it is accessible
# WORKAROUND: Since Fedora registry sometimes fails randomly, let's try it more times
while ! docker pull "$image_name"; do
((loop++)) || :
echo "Pulling image $image_name failed."
if [ "$loop" -gt "$loops" ]; then
echo "Pulling of image $image_name failed $loops times in a row. Giving up."
echo "!!! ERROR with pulling image $image_name !!!!"
# shellcheck disable=SC2268
if [[ x"$exit_variable" == x"false" ]]; then
return 1
else
exit 1
fi
fi
echo "Let's wait $((loop*5)) seconds and try again."
sleep "$((loop*5))"
done
}
# ct_check_envs_set env_filter check_envs loop_envs [env_format]
# --------------------
# Compares values from one list of environment variable definitions against such list,
# checking if the values are present and have a specific format.
# Argument: env_filter - optional string passed to grep used for
# choosing which variables to filter out in env var lists.
# Argument: check_envs - list of env var definitions to check values against
# Argument: loop_envs - list of env var definitions to check values for
# Argument: env_format (optional) - format string for bash substring deletion used
# for checking whether the value is contained in check_envs.
# Defaults to: "*VALUE*", VALUE string gets replaced by actual value from loop_envs
function ct_check_envs_set {
local env_filter check_envs env_format
env_filter=$1; shift
check_envs=$1; shift
loop_envs=$1; shift
env_format=${1:-"*VALUE*"}
while read -r variable; do
[ -z "$variable" ] && continue
var_name=$(echo "$variable" | awk -F= '{ print $1 }')
stripped=$(echo "$variable" | awk -F= '{ print $2 }')
filtered_envs=$(echo "$check_envs" | grep "^$var_name=")
[ -z "$filtered_envs" ] && { echo "$var_name not found during \` docker exec\`"; return 1; }
old_IFS=$IFS
# For each such variable compare its content with the `docker exec` result, use `:` as delimiter
IFS=:
for value in $stripped; do
# If the falue checked does not go through env_filter we do not care about it
echo "$value" | grep -q "$env_filter" || continue
# shellcheck disable=SC2295
if [ -n "${filtered_envs##${env_format//VALUE/$value}}" ]; then
echo " Value $value is missing from variable $var_name"
echo "$filtered_envs"
IFS=$old_IFS
return 1
fi
done
IFS=$old_IFS
done <<< "$(echo "$loop_envs" | grep "$env_filter" | grep -v "^PWD=")"
}
# ct_get_cid [name]
# --------------------
# Prints container id from cid_file based on the name of the file.
# Argument: name - name of cid_file where the container id will be stored
# Uses: $CID_FILE_DIR - path to directory containing cid_files
function ct_get_cid() {
local name="$1" ; shift || return 1
cat "$CID_FILE_DIR/$name"
}
# ct_get_cip [id]
# --------------------
# Prints container ip address based on the container id.
# Argument: id - container id
function ct_get_cip() {
local id="$1" ; shift
docker inspect --format='{{.NetworkSettings.IPAddress}}' "$(ct_get_cid "$id")"
}
# ct_wait_for_cid [cid_file]
# --------------------
# Holds the execution until the cid_file is created. Usually run after container
# creation.
# Argument: cid_file - name of the cid_file that should be created
function ct_wait_for_cid() {
local cid_file=$1
local max_attempts=10
local sleep_time=1
local attempt=1
local result=1
while [ $attempt -le $max_attempts ]; do
[ -f "$cid_file" ] && [ -s "$cid_file" ] && return 0
echo "Waiting for container start... $attempt"
attempt=$(( attempt + 1 ))
sleep $sleep_time
done
return 1
}
# ct_assert_container_creation_fails [container_args]
# --------------------
# The invocation of docker run should fail based on invalid container_args
# passed to the function. Returns 0 when container fails to start properly.
# Argument: container_args - all arguments are passed directly to dokcer run
# Uses: $CID_FILE_DIR - path to directory containing cid_files
function ct_assert_container_creation_fails() {
local ret=0
local max_attempts=10
local attempt=1
local cid_file=assert
local old_container_args="${CONTAINER_ARGS-}"
# we really work with CONTAINER_ARGS as with a string
# shellcheck disable=SC2124
CONTAINER_ARGS="$@"
if ct_create_container "$cid_file" ; then
local cid
cid=$(ct_get_cid "$cid_file")
while [ "$(docker inspect -f '{{.State.Running}}' "$cid")" == "true" ] ; do
sleep 2
attempt=$(( attempt + 1 ))
if [ "$attempt" -gt "$max_attempts" ]; then
docker stop "$cid"
ret=1
break
fi
done
exit_status=$(docker inspect -f '{{.State.ExitCode}}' "$cid")
if [ "$exit_status" == "0" ]; then
ret=1
fi
docker rm -v "$cid"
rm "$CID_FILE_DIR/$cid_file"
fi
[ -n "$old_container_args" ] && CONTAINER_ARGS="$old_container_args"
return "$ret"
}
# ct_create_container [name, command]
# --------------------
# Creates a container using the IMAGE_NAME and CONTAINER_ARGS variables. Also
# stores the container id to a cid_file located in the CID_FILE_DIR, and waits
# for the creation of the file.
# Argument: name - name of cid_file where the container id will be stored
# Argument: command - optional command to be executed in the container
# Uses: $CID_FILE_DIR - path to directory containing cid_files
# Uses: $CONTAINER_ARGS - optional arguments passed directly to docker run
# Uses: $IMAGE_NAME - name of the image being tested
function ct_create_container() {
local cid_file="$CID_FILE_DIR/$1" ; shift
# create container with a cidfile in a directory for cleanup
# shellcheck disable=SC2086,SC2153
docker run --cidfile="$cid_file" -d ${CONTAINER_ARGS:-} "$IMAGE_NAME" "$@"
ct_wait_for_cid "$cid_file" || return 1
: "Created container $(cat "$cid_file")"
}
# ct_scl_usage_old [name, command, expected]
# --------------------
# Tests three ways of running the SCL, by looking for an expected string
# in the output of the command
# Argument: name - name of cid_file where the container id will be stored
# Argument: command - executed inside the container
# Argument: expected - string that is expected to be in the command output
# Uses: $CID_FILE_DIR - path to directory containing cid_files
# Uses: $IMAGE_NAME - name of the image being tested
function ct_scl_usage_old() {
local name="$1"
local command="$2"
local expected="$3"
local out=""
: " Testing the image SCL enable"
out=$(docker run --rm "${IMAGE_NAME}" /bin/bash -c "${command}")
if ! echo "${out}" | grep -q "${expected}"; then
echo "ERROR[/bin/bash -c \"${command}\"] Expected '${expected}', got '${out}'" >&2
return 1
fi
out=$(docker exec "$(ct_get_cid "$name")" /bin/bash -c "${command}" 2>&1)
if ! echo "${out}" | grep -q "${expected}"; then
echo "ERROR[exec /bin/bash -c \"${command}\"] Expected '${expected}', got '${out}'" >&2
return 1
fi
out=$(docker exec "$(ct_get_cid "$name")" /bin/sh -ic "${command}" 2>&1)
if ! echo "${out}" | grep -q "${expected}"; then
echo "ERROR[exec /bin/sh -ic \"${command}\"] Expected '${expected}', got '${out}'" >&2
return 1
fi
}
# ct_doc_content_old [strings]
# --------------------
# Looks for occurence of stirngs in the documentation files and checks
# the format of the files. Files examined: help.1
# Argument: strings - strings expected to appear in the documentation
# Uses: $IMAGE_NAME - name of the image being tested
function ct_doc_content_old() {
local tmpdir
tmpdir=$(mktemp -d)
local f
: " Testing documentation in the container image"
# Extract the help files from the container
# shellcheck disable=SC2043
for f in help.1 ; do
docker run --rm "${IMAGE_NAME}" /bin/bash -c "cat /${f}" >"${tmpdir}/$(basename "${f}")"
# Check whether the files contain some important information
for term in "$@" ; do
if ! grep -E -q -e "${term}" "${tmpdir}/$(basename "${f}")" ; then
echo "ERROR: File /${f} does not include '${term}'." >&2
return 1
fi
done
# Check whether the files use the correct format
for term in TH PP SH ; do
if ! grep -q "^\.${term}" "${tmpdir}/help.1" ; then
echo "ERROR: /help.1 is probably not in troff or groff format, since '${term}' is missing." >&2
return 1
fi
done
done
: " Success!"
}
# full_ca_file_path
# Return string for full path to CA file
function full_ca_file_path()
{
echo "/etc/pki/ca-trust/source/anchors/RH-IT-Root-CA.crt"
}
# ct_mount_ca_file
# ------------------
# Check if /etc/pki/certs/RH-IT-Root-CA.crt file exists
# return mount string for containers or empty string
function ct_mount_ca_file()
{
# mount CA file only if NPM_REGISTRY variable is present.
local mount_parameter=""
if [ -n "$NPM_REGISTRY" ] && [ -f "$(full_ca_file_path)" ]; then
mount_parameter="-v $(full_ca_file_path):$(full_ca_file_path):Z"
fi
echo "$mount_parameter"
}
# ct_build_s2i_npm_variables URL_TO_NPM_JS_SERVER
# ------------------------------------------
# Function returns -e NPM_MIRROR and -v MOUNT_POINT_FOR_CAFILE
# or empty string
function ct_build_s2i_npm_variables()
{
npm_variables=""
if [ -n "$NPM_REGISTRY" ] && [ -f "$(full_ca_file_path)" ]; then
npm_variables="-e NPM_MIRROR=$NPM_REGISTRY $(ct_mount_ca_file)"
fi
echo "$npm_variables"
}
# ct_npm_works
# --------------------
# Checks existance of the npm tool and runs it.
function ct_npm_works() {
local tmpdir
local cid_file
tmpdir=$(mktemp -d)
: " Testing npm in the container image"
cid_file="$(mktemp --dry-run --tmpdir="${CID_FILE_DIR}")"
if ! docker run --rm "${IMAGE_NAME}" /bin/bash -c "npm --version" >"${tmpdir}/version" ; then
echo "ERROR: 'npm --version' does not work inside the image ${IMAGE_NAME}." >&2
return 1
fi
# shellcheck disable=SC2046
docker run -d $(ct_mount_ca_file) --rm --cidfile="$cid_file" "${IMAGE_NAME}-testapp"
# Wait for the container to write it's CID file
ct_wait_for_cid "$cid_file" || return 1
if ! docker exec "$(cat "$cid_file")" /bin/bash -c "npm --verbose install jquery && test -f node_modules/jquery/src/jquery.js" >"${tmpdir}/jquery" 2>&1 ; then
echo "ERROR: npm could not install jquery inside the image ${IMAGE_NAME}." >&2
cat "${tmpdir}/jquery"
return 1
fi
if [ -n "$NPM_REGISTRY" ] && [ -f "$(full_ca_file_path)" ]; then
if ! grep -qo "$NPM_REGISTRY" "${tmpdir}/jquery"; then
echo "ERROR: Internal repository is NOT set. Even it is requested."
return 1
fi
fi
if [ -f "$cid_file" ]; then
docker stop "$(cat "$cid_file")"
fi
: " Success!"
}
# ct_binary_found_from_df binary [path]
# --------------------
# Checks if a binary can be found in PATH during Dockerfile build
# Argument: binary - name of the binary to test accessibility for
# Argument: path - optional path in which the binary should reside in
# /opt/rh by default
function ct_binary_found_from_df() {
local tmpdir
local id_file
local binary=$1; shift
local binary_path=${1:-"^/opt/rh"}
tmpdir=$(mktemp -d)
: " Testing $binary in build from Dockerfile"
# Create Dockerfile that looks for the binary
cat <<EOF >"$tmpdir/Dockerfile"
FROM $IMAGE_NAME
RUN command -v $binary | grep "$binary_path"
EOF
# Build an image, looking for expected path in the output
ct_build_image_and_parse_id "$tmpdir/Dockerfile" "$tmpdir"
#shellcheck disable=SC2181
if [ $? -ne 0 ]; then
echo " ERROR: Failed to find $binary in \$PATH!" >&2
return 1
fi
id_file="${APP_ID_FILE_DIR:?}"/"$RANDOM"
echo "$APP_IMAGE_ID" > "$id_file"
}
# ct_check_exec_env_vars [env_filter]
# --------------------
# Checks if all relevant environment variables from `docker run`
# can be found in `docker exec` as well.
# Argument: env_filter - optional string passed to grep used for
# choosing which variables to check in the test case.
# Defaults to X_SCLS and variables containing /opt/app-root, /opt/rh
# Uses: $CID_FILE_DIR - path to directory containing cid_files
# Uses: $IMAGE_NAME - name of the image being tested
function ct_check_exec_env_vars() {
local tmpdir exec_envs cid old_IFS env_filter
local var_name stripped filtered_envs run_envs
env_filter=${1:-"^X_SCLS=\|/opt/rh\|/opt/app-root"}
tmpdir=$(mktemp -d)
CID_FILE_DIR=${CID_FILE_DIR:-$(mktemp -d)}
# Get environment variables from `docker run`
run_envs=$(docker run --rm "$IMAGE_NAME" /bin/bash -c "env")
# Get environment variables from `docker exec`
ct_create_container "test_exec_envs" bash -c "sleep 1000" >/dev/null
cid=$(ct_get_cid "test_exec_envs")
exec_envs=$(docker exec "$cid" env)
# Filter out variables we are not interested in
# Always check X_SCLS, ignore PWD
# Check variables from `docker run` that have alternative paths inside (/opt/rh, /opt/app-root)
ct_check_envs_set "$env_filter" "$exec_envs" "$run_envs" "*VALUE*" || return 1
echo " All values present in \`docker exec\`"
return 0
}
# ct_check_scl_enable_vars [env_filter]
# --------------------
# Checks if all relevant environment variables from `docker run`
# are set twice after a second call of `scl enable $SCLS`.
# Argument: env_filter - optional string passed to grep used for
# choosing which variables to check in the test case.
# Defaults to paths containing enabled SCLS in the image
# Uses: $IMAGE_NAME - name of the image being tested
function ct_check_scl_enable_vars() {
local tmpdir exec_envs cid old_IFS env_filter enabled_scls
local var_name stripped filtered_envs loop_envs
env_filter=$1
tmpdir=$(mktemp -d)
enabled_scls=$(docker run --rm "$IMAGE_NAME" /bin/bash -c "echo \$X_SCLS")
if [ -z "$env_filter" ]; then
for scl in $enabled_scls; do
[ -z "$env_filter" ] && env_filter="/$scl" && continue
# env_filter not empty, append to the existing list
env_filter="$env_filter|/$scl"
done
fi
# Get environment variables from `docker run`
loop_envs=$(docker run --rm "$IMAGE_NAME" /bin/bash -c "env")
run_envs=$(docker run --rm "$IMAGE_NAME" /bin/bash -c "X_SCLS= scl enable $enabled_scls env")
# Check if the values are set twice in the second set of envs
ct_check_envs_set "$env_filter" "$run_envs" "$loop_envs" "*VALUE*VALUE*" || return 1
echo " All scl_enable values present"
return 0
}
# ct_path_append PATH_VARNAME DIRECTORY
# -------------------------------------
# Append DIRECTORY to VARIABLE of name PATH_VARNAME, the VARIABLE must consist
# of colon-separated list of directories.
ct_path_append ()
{
if eval "test -n \"\${$1-}\""; then
eval "$1=\$2:\$$1"
else
eval "$1=\$2"
fi
}
# ct_path_foreach PATH ACTION [ARGS ...]
# --------------------------------------
# For each DIR in PATH execute ACTION (path is colon separated list of
# directories). The particular calls to ACTION will look like
# '$ ACTION directory [ARGS ...]'
ct_path_foreach ()
{
local dir dirlist action save_IFS
save_IFS=$IFS
IFS=:
dirlist=$1
action=$2
shift 2
for dir in $dirlist; do "$action" "$dir" "$@" ; done
IFS=$save_IFS
}
# ct_gen_self_signed_cert_pem
# ---------------------------
# Generates a self-signed PEM certificate pair into specified directory.
# Argument: output_dir - output directory path
# Argument: base_name - base name of the certificate files
# Resulted files will be those:
# <output_dir>/<base_name>-cert-selfsigned.pem -- public PEM cert
# <output_dir>/<base_name>-key.pem -- PEM private key
ct_gen_self_signed_cert_pem() {
local output_dir=$1 ; shift
local base_name=$1 ; shift
mkdir -p "${output_dir}"
openssl req -newkey rsa:2048 -nodes -keyout "${output_dir}"/"${base_name}"-key.pem -subj '/C=GB/ST=Berkshire/L=Newbury/O=My Server Company' > "${base_name}"-req.pem
openssl req -new -x509 -nodes -key "${output_dir}"/"${base_name}"-key.pem -batch > "${output_dir}"/"${base_name}"-cert-selfsigned.pem
}
# ct_obtain_input FILE|DIR|URL
# --------------------
# Either copies a file or a directory to a tmp location for local copies, or
# downloads the file from remote location.
# Resulted file path is printed, so it can be later used by calling function.
# Arguments: input - local file, directory or remote URL
function ct_obtain_input() {
local input=$1
local extension="${input##*.}"
# Try to use same extension for the temporary file if possible
[[ "${extension}" =~ ^[a-z0-9]*$ ]] && extension=".${extension}" || extension=""
local output
output=$(mktemp "/var/tmp/test-input-XXXXXX$extension")
if [ -f "${input}" ] ; then
cp -f "${input}" "${output}"
elif [ -d "${input}" ] ; then
rm -f "${output}"
cp -r -LH "${input}" "${output}"
elif echo "${input}" | grep -qe '^http\(s\)\?://' ; then
curl "${input}" > "${output}"
else
echo "ERROR: file type not known: ${input}" >&2
return 1
fi
echo "${output}"
}
# ct_test_response
# ----------------
# Perform GET request to the application container, checks output with
# a reg-exp and HTTP response code.
# Argument: url - request URL path
# Argument: expected_code - expected HTTP response code
# Argument: body_regexp - PCRE regular expression that must match the response body
# Argument: max_attempts - Optional number of attempts (default: 20), three seconds sleep between
# Argument: ignore_error_attempts - Optional number of attempts when we ignore error output (default: 10)
ct_test_response() {
local url="$1"
local expected_code="$2"
local body_regexp="$3"
local max_attempts=${4:-20}
local ignore_error_attempts=${5:-10}
echo " Testing the HTTP(S) response for <${url}>"
local sleep_time=3
local attempt=1
local result=1
local status
local response_code
local response_file
response_file=$(mktemp /tmp/ct_test_response_XXXXXX)
while [ "${attempt}" -le "${max_attempts}" ]; do
echo "Trying to connect ... ${attempt}"
curl --connect-timeout 10 -s -w '%{http_code}' "${url}" >"${response_file}" && status=0 || status=1
if [ "${status}" -eq 0 ]; then
response_code=$(tail -c 3 "${response_file}")
if [ "${response_code}" -eq "${expected_code}" ]; then
result=0
fi
grep -qP -e "${body_regexp}" "${response_file}" || result=1;
# Some services return 40x code until they are ready, so let's give them
# some chance and not end with failure right away
# Do not wait if we already have expected outcome though
if [ "${result}" -eq 0 ] || [ "${attempt}" -gt "${ignore_error_attempts}" ] || [ "${attempt}" -eq "${max_attempts}" ] ; then
break
fi
fi
attempt=$(( attempt + 1 ))
sleep "${sleep_time}"
done
rm -f "${response_file}"
return "${result}"
}
# ct_registry_from_os OS
# ----------------
# Transform operating system string [os] into registry url
# Argument: OS - string containing the os version
ct_registry_from_os() {
local registry=""
case $1 in
rhel*)
registry=registry.redhat.io
;;
*)
registry=quay.io
;;
esac
echo "$registry"
}
# ct_get_public_image_name OS BASE_IMAGE_NAME VERSION
# ----------------
# Transform the arguments into public image name
# Argument: OS - string containing the os version
# Argument: BASE_IMAGE_NAME - string containing the base name of the image as defined in the Makefile
# Argument: VERSION - string containing the version of the image as defined in the Makefile
ct_get_public_image_name() {
local os=$1; shift
local base_image_name=$1; shift
local version=$1; shift
local public_image_name
local registry
registry=$(ct_registry_from_os "$os")
if [ "$os" == "rhel8" ]; then
public_image_name=$registry/rhel8/$base_image_name-${version//./}
elif [ "$os" == "rhel9" ]; then
public_image_name=$registry/rhel9/$base_image_name-${version//./}
elif [ "$os" == "c9s" ]; then
public_image_name=$registry/sclorg/$base_image_name-${version//./}-c9s
elif [ "$os" == "c10s" ]; then
public_image_name=$registry/sclorg/$base_image_name-${version//./}-c10s
fi
echo "$public_image_name"
}
# ct_assert_cmd_success CMD
# ----------------
# Evaluates [cmd] and fails if it does not succeed.
# Argument: CMD - Command to be run
function ct_assert_cmd_success() {
echo "Checking '$*' for success ..."
# shellcheck disable=SC2294
if ! eval "$@" &>/dev/null; then
echo " FAIL"
return 1
fi
echo " PASS"
return 0
}
# ct_assert_cmd_failure CMD
# ----------------
# Evaluates [cmd] and fails if it succeeds.
# Argument: CMD - Command to be run
function ct_assert_cmd_failure() {
echo "Checking '$*' for failure ..."
# shellcheck disable=SC2294
if eval "$@" &>/dev/null; then
echo " FAIL"
return 1
fi
echo " PASS"
return 0
}
# ct_random_string [LENGTH=10]
# ----------------------------
# Generate pseudorandom alphanumeric string of LENGTH bytes, the
# default length is 10. The string is printed on stdout.
ct_random_string()
(
export LC_ALL=C
dd if=/dev/urandom count=1 bs=10k 2>/dev/null \
| tr -dc 'a-z0-9' \
| fold -w "${1-10}" \
| head -n 1
)
# ct_s2i_usage IMG_NAME [S2I_ARGS]
# ----------------------------
# Create a container and run the usage script inside
# Argument: IMG_NAME - name of the image to be used for the container run
# Argument: S2I_ARGS - Additional list of source-to-image arguments, currently unused.
ct_s2i_usage()
{
local img_name=$1; shift
local s2i_args="$*";
local usage_command="/usr/libexec/s2i/usage"
docker run --rm "$img_name" bash -c "$usage_command"
}
# ct_s2i_build_as_df APP_PATH SRC_IMAGE DST_IMAGE [S2I_ARGS]
# ----------------------------
# Create a new s2i app image from local sources in a similar way as source-to-image would have used.
# This function is wrapper for ct_s2i_build_as_df_build_args in case user do not want to add build args
# This function is used in all https://github.com/sclorg/*-container test cases and we do not
# want to break functionality
# Argument: APP_PATH - local path to the app sources to be used in the test
# Argument: SRC_IMAGE - image to be used as a base for the s2i build
# Argument: DST_IMAGE - image name to be used during the tagging of the s2i build result
# Argument: S2I_ARGS - Additional list of source-to-image arguments.
# Only used to check for pull-policy=never and environment variable definitions.
ct_s2i_build_as_df()
{
local app_path=$1; shift
local src_image=$1; shift
local dst_image=$1; shift
local s2i_args="$*";
ct_s2i_build_as_df_build_args "$app_path" "$src_image" "$dst_image" "" "$s2i_args"
}
# ct_s2i_build_as_df_build_args APP_PATH SRC_IMAGE DST_IMAGE BUILD_ARGS [S2I_ARGS]
# ----------------------------
# Create a new s2i app image from local sources in a similar way as source-to-image would have used.
# Argument: APP_PATH - local path to the app sources to be used in the test
# Argument: SRC_IMAGE - image to be used as a base for the s2i build
# Argument: DST_IMAGE - image name to be used during the tagging of the s2i build result
# Argument: BUILD_ARGS - Build arguments to be used in the s2i build
# Argument: S2I_ARGS - Additional list of source-to-image arguments.
# Only used to check for pull-policy=never and environment variable definitions.
ct_s2i_build_as_df_build_args()
{
local app_path=$1; shift
local src_image=$1; shift
local dst_image=$1; shift
local build_args=$1; shift
local s2i_args="$*";
local local_app=upload/src/
local local_scripts=upload/scripts/
local user_id=
local df_name=
local tmpdir=
local incremental=false
local mount_options=()
local id_file
# Run the entire thing inside a subshell so that we do not leak shell options outside of the function
(
# FIXME: removed temporarily, need proper fixing
# Error out if any part of the build fails
# set -e
# Use /tmp to not pollute cwd
tmpdir=$(mktemp -d)
df_name=$(mktemp -p "$tmpdir" Dockerfile.XXXX)
cd "$tmpdir" || return 1
# Check if the image is available locally and try to pull it if it is not
docker images "$src_image" &>/dev/null || echo "$s2i_args" | grep -q "pull-policy=never" || docker pull "$src_image"
user=$(docker inspect -f "{{.Config.User}}" "$src_image")
# Default to root if no user is set by the image
user=${user:-0}
# run the user through the image in case it is non-numeric or does not exist
if ! user_id=$(ct_get_uid_from_image "$user" "$src_image"); then
echo "Terminating s2i build."
return 1
fi
echo "$s2i_args" | grep -q "\--incremental" && incremental=true
if $incremental; then
inc_tmp=$(mktemp -d --tmpdir incremental.XXXX)
setfacl -m "u:$user_id:rwx" "$inc_tmp"
# Check if the image exists, build should fail (for testing use case) if it does not
docker images "$dst_image" &>/dev/null || (echo "Image $dst_image not found."; false)
# Run the original image with a mounted in volume and get the artifacts out of it
cmd="if [ -s /usr/libexec/s2i/save-artifacts ]; then /usr/libexec/s2i/save-artifacts > \"$inc_tmp/artifacts.tar\"; else touch \"$inc_tmp/artifacts.tar\"; fi"
docker run --rm -v "$inc_tmp:$inc_tmp:Z" "$dst_image" bash -c "$cmd"
# Move the created content into the $tmpdir for the build to pick it up
mv "$inc_tmp/artifacts.tar" "$tmpdir/"
fi
# Strip file:// from APP_PATH and copy its contents into current context
mkdir -p "$local_app"
cp -r "${app_path/file:\/\//}/." "$local_app"
[ -d "$local_app/.s2i/bin/" ] && mv "$local_app/.s2i/bin" "$local_scripts"
# Create a Dockerfile named df_name and fill it with proper content
#FIXME: Some commands could be combined into a single layer but not sure if worth the trouble for testing purposes
cat <<EOF >"$df_name"
FROM $src_image
LABEL "io.openshift.s2i.build.image"="$src_image" \\
"io.openshift.s2i.build.source-location"="$app_path"
USER root
COPY $local_app /tmp/src
EOF
[ -d "$local_scripts" ] && echo "COPY $local_scripts /tmp/scripts" >> "$df_name" &&
echo "RUN chown -R $user_id:0 /tmp/scripts" >>"$df_name"
echo "RUN chown -R $user_id:0 /tmp/src" >>"$df_name"
# Check for custom environment variables inside .s2i/ folder
if [ -e "$local_app/.s2i/environment" ]; then
# Remove any comments and add the contents as ENV commands to the Dockerfile
sed '/^\s*#.*$/d' "$local_app/.s2i/environment" | while read -r line; do
echo "ENV $line" >>"$df_name"
done
fi
# Filter out env var definitions from $s2i_args and create Dockerfile ENV commands out of them
echo "$s2i_args" | grep -o -e '\(-e\|--env\)[[:space:]=]\S*=\S*' | sed -e 's/-e /ENV /' -e 's/--env[ =]/ENV /' >>"$df_name"
# Check if CA autority is present on host and add it into Dockerfile
[ -f "$(full_ca_file_path)" ] && echo "RUN cd /etc/pki/ca-trust/source/anchors && update-ca-trust extract" >>"$df_name"
# Add in artifacts if doing an incremental build
if $incremental; then
{ echo "RUN mkdir /tmp/artifacts"
echo "ADD artifacts.tar /tmp/artifacts"
echo "RUN chown -R $user_id:0 /tmp/artifacts" ; } >>"$df_name"
fi
echo "USER $user_id" >>"$df_name"
# If exists, run the custom assemble script, else default to /usr/libexec/s2i/assemble
if [ -x "$local_scripts/assemble" ]; then
echo "RUN /tmp/scripts/assemble" >>"$df_name"
else
echo "RUN /usr/libexec/s2i/assemble" >>"$df_name"
fi
# If exists, set the custom run script as CMD, else default to /usr/libexec/s2i/run