From 63d0f785a1d3f659690e7db4fab82d13bc512ce0 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 14 Jul 2022 14:14:06 -0400 Subject: [PATCH 1/2] Fix dnf update installing netavark/aardvark-dns The netavark & aardvark-dns binaries should _never_ be present in the netavark CI images for testing. However, the packages are needed to ensure dependencies are properly handled. Since CI runtime will take care of installing or building the binaries, just remove the on-disk files referenced by the packages. Signed-off-by: Chris Evich --- cache_images/fedora-netavark_packaging.sh | 16 +++++++++++++--- lib.sh | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+), 3 deletions(-) diff --git a/cache_images/fedora-netavark_packaging.sh b/cache_images/fedora-netavark_packaging.sh index 2d310189..cf36f4c6 100644 --- a/cache_images/fedora-netavark_packaging.sh +++ b/cache_images/fedora-netavark_packaging.sh @@ -61,16 +61,26 @@ INSTALL_PACKAGES=(\ zip ) -EXARG="--exclude=netavark --exclude=aardvark-dns --exclude=cargo --exclude=rust" +EXARG="--exclude=cargo --exclude=rust" msg "Installing general build/test dependencies" bigto $SUDO dnf install -y $EXARG "${INSTALL_PACKAGES[@]}" -# It was observed in F33, dnf install doesn't always get you the latest/greatest -lilto $SUDO dnf update -y +# It was observed in F33, dnf install doesn't always get you the latest/greatest. +lilto $SUDO dnf update -y $EXARG msg "Initializing upstream rust environment." export CARGO_HOME="/var/cache/cargo" # must match .cirrus.yml in netavark repo $SUDO mkdir -p $CARGO_HOME # CI Runtime takes care of recovering $CARGO_HOME/env curl https://sh.rustup.rs -sSf | $SUDO env CARGO_HOME=$CARGO_HOME sh -s -- -y + +# Downstream users of this image are specifically testing netavark & aardvark-dns +# code changes. We want to start with using the RPMs because they deal with any +# dependency issues. However, we don't actually want the binaries present on +# the system, because: +# 1) They will be compiled from source at runtime +# 2) The file locations may change +# 3) We never want testing ambiguity WRT which binary is under test. +msg "Clobbering netavark & aardvark RPM files" +remove_netavark_aardvark_files diff --git a/lib.sh b/lib.sh index 92dcc9fa..29cb3c52 100644 --- a/lib.sh +++ b/lib.sh @@ -217,6 +217,26 @@ get_pr_labels() { echo -n "$labels" } +remove_netavark_aardvark_files() { + req_env_vars OS_RELEASE_ID + # OS_RELEASE_ID is defined by automation-library + # shellcheck disable=SC2154 + if [[ "$OS_RELEASE_ID" =~ "ubuntu" ]] + then + die "Ubuntu netavark/aardvark-dns testing is not supported" + fi + + LISTING_CMD="rpm -ql podman" + + # yum/dnf/dpkg may list system directories, only remove files + rpm -ql netavark aardvark-dns | while read fullpath + do + # Sub-directories may contain unrelated/valuable stuff + if [[ -d "$fullpath" ]]; then continue; fi + sudo rm -vf "$fullpath" + done +} + # Warning: DO NOT USE the following functions willy-nilly! # They are only intended to be called by other setup scripts, as the very # last step during the build process. They're purpose is to "reset" the From 5a5917397a2fd0c0412d215c4ddb1012b3d430a9 Mon Sep 17 00:00:00 2001 From: Chris Evich Date: Thu, 14 Jul 2022 15:33:17 -0400 Subject: [PATCH 2/2] Fix get_ci_vm test ownership over-sensitivity Signed-off-by: Chris Evich --- get_ci_vm/test.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/get_ci_vm/test.sh b/get_ci_vm/test.sh index 0fecdfa6..46460bc9 100755 --- a/get_ci_vm/test.sh +++ b/get_ci_vm/test.sh @@ -231,6 +231,8 @@ mock_gcevm_workflow() { } # Don't confuse the actual repo. by nesting another repo inside tar -xzf "$GOOD_TEST_REPO/dot_git.tar.gz" -C "$GOOD_TEST_REPO" .git +# Ignore ownership security checks +git config --system --add safe.directory $GOOD_TEST_REPO # Setup should tarball new files in the repo. echo "testing" > "$GOOD_TEST_REPO/uncommited_file" # Setup should tarball changed files in the repo.