YunoHost/package_check
1
0
Fork 0
mirror of https://github.com/YunoHost/package_check.git synced 2024-09-03 20:06:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Moar fiksize

Browse source
This commit is contained in:
Alexandre Aubin 2020-12-17 18:43:33 +01:00
parent 5c8290511b
commit 345b60fe32
8 changed files with 428 additions and 460 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
package_check.sh
View file

@ -40,14 +40,9 @@ exit 0
clean_exit () { clean_exit () {
# Exit and remove all temp files
# $1 = exit code
LXC_RESET LXC_RESET
# Remove temporary files
rm -rf "$TEST_CONTEXT" rm -rf "$TEST_CONTEXT"
# Remove the lock file
rm -f "$lock_file" rm -f "$lock_file"
exit $1 exit $1
@ -64,12 +59,14 @@ clean_exit () {
gitbranch="" gitbranch=""
force_install_ok=0 force_install_ok=0
interactive=0 interactive=0
arguments=("$@")
getopts_built_arg=()
# Read the array value per value function parse_args() {
for i in `seq 0 $(( ${#arguments[@]} -1 ))`
do local getopts_built_arg=()
# Read the array value per value
for i in `seq 0 $(( ${#arguments[@]} -1 ))`
do
if [[ "${arguments[$i]}" =~ "--branch=" ]] if [[ "${arguments[$i]}" =~ "--branch=" ]]
then then
getopts_built_arg+=(-b) getopts_built_arg+=(-b)
@ -79,11 +76,11 @@ do
arguments[$i]=${arguments[$i]//--interactive/-i} arguments[$i]=${arguments[$i]//--interactive/-i}
arguments[$i]=${arguments[$i]//--help/-h} arguments[$i]=${arguments[$i]//--help/-h}
getopts_built_arg+=("${arguments[$i]}") getopts_built_arg+=("${arguments[$i]}")
done done
# Read and parse all the arguments # Read and parse all the arguments
# Use a function here, to use standart arguments $@ and be able to use shift. # Use a function here, to use standart arguments $@ and be able to use shift.
parse_arg () { parse_arg () {
while [ $# -ne 0 ] while [ $# -ne 0 ]
do do
# If the paramater begins by -, treat it with getopts # If the paramater begins by -, treat it with getopts
@ -125,10 +122,14 @@ parse_arg () {
# Shift the parameter and its argument # Shift the parameter and its argument
shift $shift_value shift $shift_value
done done
}
# Call parse_arg and pass the modified list of args as a array of arguments.
parse_arg "${getopts_built_arg[@]}"
} }
# Call parse_arg and pass the modified list of args as a array of arguments. arguments=("$@")
parse_arg "${getopts_built_arg[@]}" parse_args
#================================================= #=================================================
# Check if the lock file exist # Check if the lock file exist
@ -158,12 +159,14 @@ echo "start:$(date +%s):$$" > "$lock_file"
# Various logistic checks and upgrades... # Various logistic checks and upgrades...
#================================================= #=================================================
assert_we_are_the_setup_user
assert_we_are_connected_to_the_internets assert_we_are_connected_to_the_internets
#self_upgrade
#self_upgrade # FIXME renenable this later
fetch_or_upgrade_package_linter fetch_or_upgrade_package_linter
# Reset and create a fresh container to work with # Reset and create a fresh container to work with
check_lxd_setup
lxc image list $LXC_BASE | grep -q -w $LXC_BASE || log_critical "The base image $LXC_BASE doesn't exist yet. Consider using the build_base_lxc.sh to create it first"
LXC_RESET LXC_RESET
LXC_CREATE LXC_CREATE

53
sub_scripts/build_base_lxc.sh Executable file
View file

@ -0,0 +1,53 @@
#!/bin/bash
cd $(dirname $(realpath $0) | sed 's@/sub_scripts$@@g')
source "./sub_scripts/common.sh"
function rebuild_base_lxc()
{
check_lxd_setup
set -x
sudo lxc info $LXC_BASE >/dev/null && sudo lxc delete $LXC_BASE --force
sudo lxc launch images:debian/$DIST/$ARCH $LXC_BASE
sudo lxc config set $LXC_BASE security.privileged true
sudo lxc config set $LXC_BASE security.nesting true # Need this for apparmor for some reason
sudo lxc restart $LXC_BASE
sleep 5
IN_LXC="sudo lxc exec $LXC_BASE"
INSTALL_SCRIPT="https://install.yunohost.org/$DIST"
$IN_LXC apt install curl -y
$IN_LXC /bin/bash -c "curl $INSTALL_SCRIPT | bash -s -- -a $YNH_BRANCH"
$IN_LXC systemctl -q stop apt-daily.timer
$IN_LXC systemctl -q stop apt-daily-upgrade.timer
$IN_LXC systemctl -q stop apt-daily.service
$IN_LXC systemctl -q stop apt-daily-upgrade.service
$IN_LXC systemctl -q disable apt-daily.timer
$IN_LXC systemctl -q disable apt-daily-upgrade.timer
$IN_LXC systemctl -q disable apt-daily.service
$IN_LXC systemctl -q disable apt-daily-upgrade.service
$IN_LXC rm -f /etc/cron.daily/apt-compat
$IN_LXC cp /bin/true /usr/lib/apt/apt.systemd.daily
# Disable password strength check
$IN_LXC yunohost tools postinstall --domain $DOMAIN --password $YUNO_PWD --force-password
$IN_LXC yunohost settings set security.password.admin.strength -v -1
$IN_LXC yunohost settings set security.password.user.strength -v -1
$IN_LXC yunohost domain add $SUBDOMAIN
TEST_USER_DISPLAY=${TEST_USER//"_"/""}
$IN_LXC yunohost user create $TEST_USER --firstname $TEST_USER_DISPLAY --mail $TEST_USER@$DOMAIN --lastname $TEST_USER_DISPLAY --password '$YUNO_PWD'
$IN_LXC yunohost --version
sudo lxc stop $LXC_BASE
sudo lxc image delete $LXC_BASE
sudo lxc publish $LXC_BASE --alias $LXC_BASE
set +x
}
rebuild_base_lxc 2>&1 | tee -a "./build_base_lxc.log"

31
sub_scripts/common.sh
View file

@ -1,6 +1,7 @@
#!/bin/bash #!/bin/bash
DEFAULT_DIST="buster" ARCH="amd64"
DIST="buster"
# By default we'll install Yunohost with the default branch # By default we'll install Yunohost with the default branch
YNH_INSTALL_SCRIPT_BRANCH="" YNH_INSTALL_SCRIPT_BRANCH=""
@ -15,7 +16,8 @@ SUBDOMAIN="sub.$DOMAIN"
# User de test # User de test
TEST_USER="package_checker" TEST_USER="package_checker"
LXC_NAME="ynh-appci-$DEFAULT_DIST" LXC_BASE="ynh-appci-$DIST-$ARCH-base"
LXC_NAME="ynh-appci-$DIST"
[[ -e "./config" ]] && source "./config" [[ -e "./config" ]] && source "./config"
@ -25,20 +27,29 @@ readonly lock_file="./pcheck.lock"
# LXC helpers # LXC helpers
#================================================= #=================================================
assert_we_are_the_setup_user() {
[ -e "./.setup_user" ] || return
local setup_user=$(cat "./.setup_user")
[ "$(whoami)" == $setup_user ] \
|| log_critical "Ce script doit être exécuté avec l'utilisateur $setup_user !\nL'utilisateur actuel est $(whoami)."
}
assert_we_are_connected_to_the_internets() { assert_we_are_connected_to_the_internets() {
ping -q -c 2 yunohost.org > /dev/null 2>&1 \ ping -q -c 2 yunohost.org > /dev/null 2>&1 \
|| ping -q -c 2 framasoft.org > /dev/null 2>&1 \ || ping -q -c 2 framasoft.org > /dev/null 2>&1 \
|| log_critical "Unable to connect to internet." || log_critical "Unable to connect to internet."
} }
function check_lxd_setup()
{
# Check lxd is installed somehow
[[ -e /snap/bin/lxd ]] || which lxd &>/dev/null \
|| critical "You need to have LXD installed. Refer to the README to know how to install it."
# Check that we'll be able to use lxc/lxd using sudo (for which the PATH is defined in /etc/sudoers and probably doesn't include /snap/bin)
if [[ ! -e /usr/bin/lxc ]] && [[ ! -e /usr/bin/lxd ]]
then
[[ -e /usr/local/bin/lxc ]] && [[ -e /usr/local/bin/lxd ]] \
|| critical "You might want to add lxc and lxd inside /usr/local/bin so that there's no tricky PATH issue with sudo. If you installed lxd/lxc with snapd, this should do the trick: sudo ln -s /snap/bin/lxc /usr/local/bin/lxc && sudo ln -s /snap/bin/lxd /usr/local/bin/lxd"
fi
ip a | grep -q lxdbr0 \
|| critical "There is no 'lxdbr0' interface... Did you ran 'lxd init' ?"
}
#================================================= #=================================================
# Logging helpers # Logging helpers
#================================================= #=================================================

4
sub_scripts/lxc.sh
View file

@ -60,10 +60,6 @@ LXC_START () {
start_timer start_timer
# Copy the package into the container.
lxc exec $LXC_NAME -- rm -rf /app_folder
lxc file push -p -r "$package_path" $LXC_NAME/app_folder --quiet
# Execute the command given in argument in the container and log its results. # Execute the command given in argument in the container and log its results.
lxc exec $LXC_NAME --env PACKAGE_CHECK_EXEC=1 -t -- $cmd | tee -a "$complete_log" lxc exec $LXC_NAME --env PACKAGE_CHECK_EXEC=1 -t -- $cmd | tee -a "$complete_log"

72
sub_scripts/lxc_build.sh
View file

@ -1,72 +0,0 @@
#!/bin/bash
cd $(dirname $(realpath $0) | sed 's@/sub_scripts$@@g')
source "./sub_scripts/common.sh"
function check_lxd_setup()
{
# Check lxd is installed somehow
[[ -e /snap/bin/lxd ]] || which lxd &>/dev/null \
|| critical "You need to have LXD installed. Refer to the README to know how to install it."
# Check that we'll be able to use lxc/lxd using sudo (for which the PATH is defined in /etc/sudoers and probably doesn't include /snap/bin)
if [[ ! -e /usr/bin/lxc ]] && [[ ! -e /usr/bin/lxd ]]
then
[[ -e /usr/local/bin/lxc ]] && [[ -e /usr/local/bin/lxd ]] \
|| critical "You might want to add lxc and lxd inside /usr/local/bin so that there's no tricky PATH issue with sudo. If you installed lxd/lxc with snapd, this should do the trick: sudo ln -s /snap/bin/lxc /usr/local/bin/lxc && sudo ln -s /snap/bin/lxd /usr/local/bin/lxd"
fi
ip a | grep -q lxdbr0 \
|| critical "There is no 'lxdbr0' interface... Did you ran 'lxd init' ?"
}
function rebuild_ynh_appci_base()
{
check_lxd_setup
local DIST=${1:-$DEFAULT_DIST}
local BOX=${2:-ynh-appci}-${DIST}
set -x
sudo lxc info $BOX-base >/dev/null && sudo lxc delete $BOX-base --force
sudo lxc launch images:debian/$DIST/$ARCH $BOX-base
sudo lxc config set $BOX-base security.privileged true
sudo lxc config set $BOX-base security.nesting true # Need this for apparmor for some reason
sudo lxc restart $BOX-base
sleep 5
IN_LXC="sudo lxc exec $BOX-base -- /bin/bash -c"
INSTALL_SCRIPT="https://install.yunohost.org/$DIST"
$IN_LXC "apt install curl -y"
$IN_LXC "curl $INSTALL_SCRIPT | bash -s -- -a $YNH_BRANCH"
$IN_LXC "systemctl -q stop apt-daily.timer"
$IN_LXC "systemctl -q stop apt-daily-upgrade.timer"
$IN_LXC "systemctl -q stop apt-daily.service"
$IN_LXC "systemctl -q stop apt-daily-upgrade.service "
$IN_LXC "systemctl -q disable apt-daily.timer"
$IN_LXC "systemctl -q disable apt-daily-upgrade.timer"
$IN_LXC "systemctl -q disable apt-daily.service"
$IN_LXC "systemctl -q disable apt-daily-upgrade.service"
$IN_LXC "rm -f /etc/cron.daily/apt-compat"
$IN_LXC "cp /bin/true /usr/lib/apt/apt.systemd.daily"
# Disable password strength check
$IN_LXC "yunohost tools postinstall --domain $DOMAIN --password $YUNO_PWD --force-password"
$IN_LXC "yunohost settings set security.password.admin.strength -v -1"
$IN_LXC "yunohost settings set security.password.user.strength -v -1"
$IN_LXC "yunohost domain add $SUBDOMAIN"
TEST_USER_DISPLAY=${TEST_USER//"_"/""}
$IN_LXC "yunohost user create $TEST_USER --firstname $TEST_USER_DISPLAY --mail $TEST_USER@$DOMAIN --lastname $TEST_USER_DISPLAY --password '$YUNO_PWD'"
$IN_LXC "yunohost --version"
sudo lxc stop $BOX-base
sudo lxc publish $BOX-base --alias $BOX-base
set +x
}
rebuild_ynh_appci_base 2>&1 | tee -a "./lxc_build.log"

41
sub_scripts/lxc_remove.sh
View file

@ -1,41 +0,0 @@
#!/bin/bash
cd $(dirname $(realpath $0) | sed 's@/sub_scripts$@@g')
source "./sub_scripts/common.sh"
# Check user
assert_we_are_the_setup_user
touch "$lock_file"
log_title "Retire l'ip forwarding."
sudo rm -f /etc/sysctl.d/lxc_pchecker.conf
sudo sysctl -p
log_title "Désactive le bridge réseau"
sudo ifdown --force $LXC_BRIDGE
log_title "Supprime le brige réseau"
sudo rm -f /etc/network/interfaces.d/$LXC_BRIDGE
log_title "Suppression de la machine et de son snapshots"
sudo lxc-snapshot -n $LXC_NAME -d snap0
for SNAP in $(sudo ls $LXC_SNAPSHOTS/snap_*install 2>/dev/null)
do
sudo lxc-snapshot -n $LXC_NAME -d $(basename $SNAP)
done
sudo rm -f /var/lib/lxcsnaps/$LXC_NAME/snap0.tar.gz
sudo lxc-destroy -n $LXC_NAME -f
log_title "Suppression des lignes de pchecker_lxc dans $HOME/.ssh/config"
BEGIN_LINE=$(cat $HOME/.ssh/config | grep -n "^# ssh pchecker_lxc$" | cut -d':' -f 1 | tail -n1)
sed -i "$BEGIN_LINE,/^IdentityFile/d" $HOME/.ssh/config

406
sub_scripts/testing_process.sh
View file

@ -1,6 +1,91 @@
#!/bin/bash #!/bin/bash
source sub_scripts/witness.sh
#================================================= #=================================================
# Misc test helpers & coordination
#=================================================
RUN_ALL_TESTS() {
# Launch all tests successively
curl_error=0
# Be sure that the container is running
LXC_START "true"
# Print the version of YunoHost from the LXC container
log_small_title "YunoHost versions"
LXC_START "sudo yunohost --version"
# Init the value for the current test
current_test_number=1
# The list of test contains for example "TEST_UPGRADE some_commit_id
for testfile in $(ls $TEST_CONTEXT/tests/*.json);
do
TEST_LAUNCHER $testfile
done
}
TEST_LAUNCHER () {
local testfile="$1"
# Start the timer for this test
start_timer
# And keep this value separately
local global_start_timer=$starttime
current_test_id=$(basename $testfile | cut -d. -f1)
current_test_infos="$TEST_CONTEXT/tests/$current_test_id.json"
current_test_results="$TEST_CONTEXT/results/$current_test_id.json"
echo "{}" > $current_test_results
local test_type=$(jq -r '.test_type' $testfile)
local test_arg=$(jq -r '.test_arg' $testfile)
# Execute the test
$test_type $test_arg
[ $? -eq 0 ] && SET_RESULT "success" main_result || SET_RESULT "failure" main_result
break_before_continue
# Restore the started time for the timer
starttime=$global_start_timer
# End the timer for the test
stop_timer 2
LXC_STOP
# Update the lock file with the date of the last finished test.
# $$ is the PID of package_check itself.
echo "$1 $2:$(date +%s):$$" > "$lock_file"
}
SET_RESULT() {
local result=$1
local name=$2
[ "$result" == "success" ] && log_report_test_success || log_report_test_failed
local current_results="$(cat $current_test_results)"
echo "$current_results" | jq --arg result $result ".$name=\$result" > $current_test_results
}
#=================================================
at_least_one_install_succeeded () {
for TEST in $(ls $TEST_CONTEXT/tests/*.json)
do
local test_id=$(basename $TEST | cut -d. -f1)
jq -e '. | select(.test_type == "TEST_INSTALL")' $TEST >/dev/null \
&& jq -e '. | select(.main_result == "success")' $TEST_CONTEXT/results/$test_id.json >/dev/null \
&& return 0
done
log_error "All installs failed, therefore the following tests cannot be performed..."
return 1
}
break_before_continue () { break_before_continue () {
@ -26,6 +111,10 @@ RUN_YUNOHOST_CMD() {
log_debug "Running yunohost $1" log_debug "Running yunohost $1"
# Copy the package into the container.
lxc exec $LXC_NAME -- rm -rf /app_folder
lxc file push -p -r "$package_path" $LXC_NAME/app_folder --quiet
# --output-as none is to disable the json-like output for some commands like backup create # --output-as none is to disable the json-like output for some commands like backup create
LXC_START "yunohost --output-as none --debug $1" \ LXC_START "yunohost --output-as none --debug $1" \
| grep --line-buffered -v --extended-regexp '^[0-9]+\s+.{1,15}DEBUG' \ | grep --line-buffered -v --extended-regexp '^[0-9]+\s+.{1,15}DEBUG' \
@ -53,6 +142,15 @@ default_install_path() {
this_is_a_web_app && echo "/" || echo "" this_is_a_web_app && echo "/" || echo ""
} }
path_to_install_type() {
local check_path="$1"
[ -z "$check_path" ] && echo "nourl" \
|| [ "$check_path" == "/" ] && echo "root" \
|| echo "subdir"
}
#================================================= #=================================================
# Install and remove an app # Install and remove an app
#================================================= #=================================================
@ -96,15 +194,6 @@ INSTALL_APP () {
return $ret return $ret
} }
path_to_install_type() {
local check_path="$1"
[ -z "$check_path" ] && echo "nourl" \
|| [ "$check_path" == "/" ] && echo "root" \
|| echo "subdir"
}
LOAD_SNAPSHOT_OR_INSTALL_APP () { LOAD_SNAPSHOT_OR_INSTALL_APP () {
local check_path="$1" local check_path="$1"
@ -285,15 +374,70 @@ VALIDATE_THAT_APP_CAN_BE_ACCESSED () {
&& SET_RESULT "failure" alias_traversal && SET_RESULT "failure" alias_traversal
[ "$curl_error" -eq 0 ] || return 1 [ "$curl_error" -eq 0 ] || return 1
[ "$install_type" != "private" ] && [ $fell_on_sso_portal -eq 0 ] || return 2 local expected_to_fell_on_portal=""
[ "$install_type" == "private" ] && [ $fell_on_sso_portal -eq 1 ] || return 2 [ "$install_type" == "private" ] && expected_to_fell_on_portal=1 || expected_to_fell_on_portal=0
return 0 [ $fell_on_sso_portal -eq $expected_to_fell_on_portal ] && return 0 || return 0
} }
#================================================= #=================================================
# Unit tests # The
# Actual
# Tests
#================================================= #=================================================
PACKAGE_LINTER () {
# Package linter
start_test "Package linter"
# Execute package linter and linter_result gets the return code of the package linter
./package_linter/package_linter.py "$package_path" | tee -a "$complete_log"
./package_linter/package_linter.py "$package_path" --json | tee -a "$complete_log" > $current_test_results
# # Check we qualify for level 6, 7, 8
# # Linter will have a warning called "app_in_github_org" if app ain't in the
# # yunohost-apps org...
# if ! cat "./temp_linter_result.json" | jq ".warning" | grep -q "app_in_github_org"
# then
# local pass_level_6="true"
# fi
# if cat "./temp_linter_result.json" | jq ".success" | grep -q "qualify_for_level_7"
# then
# local pass_level_7="true"
# fi
# if cat "./temp_linter_result.json" | jq ".success" | grep -q "qualify_for_level_8"
# then
# local pass_level_8="true"
# fi
#
# # If there are any critical errors, we'll force level 0
# if [[ -n "$(cat "./temp_linter_result.json" | jq ".critical" | grep -v '\[\]')" ]]
# then
# local pass_level_0="false"
# # If there are any regular errors, we'll cap to 4
# elif [[ -n "$(cat "./temp_linter_result.json" | jq ".error" | grep -v '\[\]')" ]]
# then
# local pass_level_4="false"
# # Otherwise, test pass (we'll display a warning depending on if there are
# # any remaning warnings or not)
# else
# if [[ -n "$(cat "./temp_linter_result.json" | jq ".warning" | grep -v '\[\]')" ]]
# then
# log_report_test_warning
# else
# log_report_test_success
# fi
# local pass_level_4="true"
# fi
}
TEST_INSTALL () { TEST_INSTALL () {
# Try to install in a sub path, on root or without url access # Try to install in a sub path, on root or without url access
# $1 = install type # $1 = install type
@ -595,9 +739,14 @@ TEST_CHANGE_URL () {
return $main_result return $main_result
} }
# Define a function to split a file in multiple parts. Used for actions and config-panel toml
splitterAA() ACTIONS_CONFIG_PANEL () {
{
test_type=$1
# Define a function to split a file in multiple parts. Used for actions and config-panel toml
splitterAA()
{
local bound="$1" local bound="$1"
local file="$2" local file="$2"
@ -629,12 +778,8 @@ splitterAA()
parts[line_number]="$(echo "$file" | head --lines=$first_bound \ parts[line_number]="$(echo "$file" | head --lines=$first_bound \
| tail --lines=$second_bound)" | tail --lines=$second_bound)"
done done
} }
ACTIONS_CONFIG_PANEL () {
# Try the actions and config-panel features
test_type=$1
if [ "$test_type" == "actions" ] if [ "$test_type" == "actions" ]
then then
start_test "Actions" start_test "Actions"
@ -884,222 +1029,3 @@ ACTIONS_CONFIG_PANEL () {
return $main_result return $main_result
} }
PACKAGE_LINTER () {
# Package linter
start_test "Package linter"
# Execute package linter and linter_result gets the return code of the package linter
"./package_linter/package_linter.py" "$package_path" | tee -a "$complete_log"
"./package_linter/package_linter.py" "$package_path" --json | tee -a "$complete_log" > $current_test_results
# # Check we qualify for level 6, 7, 8
# # Linter will have a warning called "app_in_github_org" if app ain't in the
# # yunohost-apps org...
# if ! cat "./temp_linter_result.json" | jq ".warning" | grep -q "app_in_github_org"
# then
# local pass_level_6="true"
# fi
# if cat "./temp_linter_result.json" | jq ".success" | grep -q "qualify_for_level_7"
# then
# local pass_level_7="true"
# fi
# if cat "./temp_linter_result.json" | jq ".success" | grep -q "qualify_for_level_8"
# then
# local pass_level_8="true"
# fi
#
# # If there are any critical errors, we'll force level 0
# if [[ -n "$(cat "./temp_linter_result.json" | jq ".critical" | grep -v '\[\]')" ]]
# then
# local pass_level_0="false"
# # If there are any regular errors, we'll cap to 4
# elif [[ -n "$(cat "./temp_linter_result.json" | jq ".error" | grep -v '\[\]')" ]]
# then
# local pass_level_4="false"
# # Otherwise, test pass (we'll display a warning depending on if there are
# # any remaning warnings or not)
# else
# if [[ -n "$(cat "./temp_linter_result.json" | jq ".warning" | grep -v '\[\]')" ]]
# then
# log_report_test_warning
# else
# log_report_test_success
# fi
# local pass_level_4="true"
# fi
}
set_witness_files () {
# Create files to check if the remove script does not remove them accidentally
log_debug "Create witness files..."
create_witness_file () {
[ "$2" = "file" ] && local action="touch" || local action="mkdir -p"
RUN_INSIDE_LXC $action $1
}
# Nginx conf
create_witness_file "/etc/nginx/conf.d/$DOMAIN.d/witnessfile.conf" file
create_witness_file "/etc/nginx/conf.d/$SUBDOMAIN.d/witnessfile.conf" file
# /etc
create_witness_file "/etc/witnessfile" file
# /opt directory
create_witness_file "/opt/witnessdir" directory
# /var/www directory
create_witness_file "/var/www/witnessdir" directory
# /home/yunohost.app/
create_witness_file "/home/yunohost.app/witnessdir" directory
# /var/log
create_witness_file "/var/log/witnessfile" file
# Config fpm
create_witness_file "/etc/php/7.3/fpm/pool.d/witnessfile.conf" file
# Config logrotate
create_witness_file "/etc/logrotate.d/witnessfile" file
# Config systemd
create_witness_file "/etc/systemd/system/witnessfile.service" file
# Database
local mysqlpwd=$(RUN_INSIDE_LXC cat /etc/yunohost/mysql)
RUN_INSIDE_LXC mysqladmin --user=root --password="$mysqlpwd" --wait status > /dev/null 2>&1
echo "CREATE DATABASE witnessdb" | RUN_INSIDE_LXC mysql --user=root --password="$mysqlpwd" --wait > /dev/null 2>&1
}
check_witness_files () {
# Check all the witness files, to verify if them still here
check_file_exist () {
if RUN_INSIDE_LXC test ! -e "$1"
then
log_error "The file $1 is missing ! Something gone wrong !"
SET_RESULT "failure" witness
fi
}
# Nginx conf
check_file_exist "/etc/nginx/conf.d/$DOMAIN.d/witnessfile.conf"
check_file_exist "/etc/nginx/conf.d/$SUBDOMAIN.d/witnessfile.conf"
# /etc
check_file_exist "/etc/witnessfile"
# /opt directory
check_file_exist "/opt/witnessdir"
# /var/www directory
check_file_exist "/var/www/witnessdir"
# /home/yunohost.app/
check_file_exist "/home/yunohost.app/witnessdir"
# /var/log
check_file_exist "/var/log/witnessfile"
# Config fpm
check_file_exist "/etc/php/7.3/fpm/pool.d/witnessfile.conf"
# Config logrotate
check_file_exist "/etc/logrotate.d/witnessfile"
# Config systemd
check_file_exist "/etc/systemd/system/witnessfile.service"
# Database
local mysqlpwd=$(RUN_INSIDE_LXC cat /etc/yunohost/mysql)
if ! RUN_INSIDE_LXC mysqlshow --user=root --password="$mysqlpwd" witnessdb > /dev/null 2>&1
then
log_error "The database witnessdb is missing ! Something gone wrong !"
SET_RESULT "failure" witness
return 1
fi
}
RUN_ALL_TESTS() {
# Launch all tests successively
curl_error=0
# Be sure that the container is running
LXC_START "true"
log_small_title "YunoHost versions"
# Print the version of YunoHost from the LXC container
LXC_START "sudo yunohost --version"
# Init the value for the current test
current_test_number=1
# The list of test contains for example "TEST_UPGRADE some_commit_id
for testfile in $(ls $TEST_CONTEXT/tests/*.json);
do
TEST_LAUNCHER $testfile
done
}
TEST_LAUNCHER () {
local testfile="$1"
# Start the timer for this test
start_timer
# And keep this value separately
local global_start_timer=$starttime
current_test_id=$(basename $testfile | cut -d. -f1)
current_test_infos="$TEST_CONTEXT/tests/$current_test_id.json"
current_test_results="$TEST_CONTEXT/results/$current_test_id.json"
echo "{}" > $current_test_results
local test_type=$(jq -r '.test_type' $testfile)
local test_arg=$(jq -r '.test_arg' $testfile)
# Execute the test
$test_type $test_arg
[ $? -eq 0 ] && SET_RESULT "success" main_result || SET_RESULT "failure" main_result
break_before_continue
# Restore the started time for the timer
starttime=$global_start_timer
# End the timer for the test
stop_timer 2
LXC_STOP
# Update the lock file with the date of the last finished test.
# $$ is the PID of package_check itself.
echo "$1 $2:$(date +%s):$$" > "$lock_file"
}
SET_RESULT() {
local result=$1
local name=$2
[ "$result" == "success" ] && log_report_test_success || log_report_test_failed
local current_results="$(cat $current_test_results)"
echo "$current_results" | jq --arg result $result ".$name=\$result" > $current_test_results
}
at_least_one_install_succeeded () {
for TEST in $(ls $TEST_CONTEXT/tests/*.json)
do
local test_id=$(basename $TEST | cut -d. -f1)
jq -e '. | select(.test_type == "TEST_INSTALL")' $TEST >/dev/null \
&& jq -e '. | select(.main_result == "success")' $TEST_CONTEXT/results/$test_id.json >/dev/null \
&& return 0
done
log_error "All installs failed, therefore the following tests cannot be performed..."
return 1
}

92
sub_scripts/witness.sh Normal file
View file

@ -0,0 +1,92 @@
set_witness_files () {
# Create files to check if the remove script does not remove them accidentally
log_debug "Create witness files..."
create_witness_file () {
[ "$2" = "file" ] && local action="touch" || local action="mkdir -p"
RUN_INSIDE_LXC $action $1
}
# Nginx conf
create_witness_file "/etc/nginx/conf.d/$DOMAIN.d/witnessfile.conf" file
create_witness_file "/etc/nginx/conf.d/$SUBDOMAIN.d/witnessfile.conf" file
# /etc
create_witness_file "/etc/witnessfile" file
# /opt directory
create_witness_file "/opt/witnessdir" directory
# /var/www directory
create_witness_file "/var/www/witnessdir" directory
# /home/yunohost.app/
create_witness_file "/home/yunohost.app/witnessdir" directory
# /var/log
create_witness_file "/var/log/witnessfile" file
# Config fpm
create_witness_file "/etc/php/7.3/fpm/pool.d/witnessfile.conf" file
# Config logrotate
create_witness_file "/etc/logrotate.d/witnessfile" file
# Config systemd
create_witness_file "/etc/systemd/system/witnessfile.service" file
# Database
local mysqlpwd=$(RUN_INSIDE_LXC cat /etc/yunohost/mysql)
RUN_INSIDE_LXC mysqladmin --user=root --password="$mysqlpwd" --wait status > /dev/null 2>&1
echo "CREATE DATABASE witnessdb" | RUN_INSIDE_LXC mysql --user=root --password="$mysqlpwd" --wait > /dev/null 2>&1
}
check_witness_files () {
# Check all the witness files, to verify if them still here
check_file_exist () {
if RUN_INSIDE_LXC test ! -e "$1"
then
log_error "The file $1 is missing ! Something gone wrong !"
SET_RESULT "failure" witness
fi
}
# Nginx conf
check_file_exist "/etc/nginx/conf.d/$DOMAIN.d/witnessfile.conf"
check_file_exist "/etc/nginx/conf.d/$SUBDOMAIN.d/witnessfile.conf"
# /etc
check_file_exist "/etc/witnessfile"
# /opt directory
check_file_exist "/opt/witnessdir"
# /var/www directory
check_file_exist "/var/www/witnessdir"
# /home/yunohost.app/
check_file_exist "/home/yunohost.app/witnessdir"
# /var/log
check_file_exist "/var/log/witnessfile"
# Config fpm
check_file_exist "/etc/php/7.3/fpm/pool.d/witnessfile.conf"
# Config logrotate
check_file_exist "/etc/logrotate.d/witnessfile"
# Config systemd
check_file_exist "/etc/systemd/system/witnessfile.service"
# Database
local mysqlpwd=$(RUN_INSIDE_LXC cat /etc/yunohost/mysql)
if ! RUN_INSIDE_LXC mysqlshow --user=root --password="$mysqlpwd" witnessdb > /dev/null 2>&1
then
log_error "The database witnessdb is missing ! Something gone wrong !"
SET_RESULT "failure" witness
return 1
fi
}