snappy-hwe-snaps

Merge ~ssweeny/snappy-hwe-snaps/+git/tpm2:aliases into ~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2:master

  1. Git
  2. lp:~ssweeny/snappy-hwe-snaps/+git/tpm2
  3. aliases
  4. Merge into master
Proposed by Scott Sweeny
Status: Merged
Approved by: Tony Espy
Approved revision: 593064ecf212a1a441c3e70d2001e260262ede41
Merged at revision: 076274ee827a0c09baf03e0c81ad6ad47ade8e9f
Proposed branch: ~ssweeny/snappy-hwe-snaps/+git/tpm2:aliases
Merge into: ~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2:master
Diff against target: 751 lines (+173/-110)
8 files modified
dev/null (+0/-25)
run-tests.sh (+55/-60)
snapcraft.yaml (+35/-3)
spread.yaml (+4/-1)
tests/lib/prepare-all.sh (+3/-3)
tests/lib/prepare.sh (+4/-18)
tests/lib/utilities.sh (+39/-0)
tests/main/installation/task.yaml (+33/-0)
Reviewer Review Type Date Requested Status
System Enablement Bot continuous-integration Approve
Tony Espy Approve
Jim Hodapp (community) Approve
Simon Fels Needs Fixing
Review via email: mp+316649@code.launchpad.net

Commit message

Enable aliases for all tools

Description of the change

Enable aliases for all tools

To post a comment you must log in.
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

FAILED: Continuous integration, rev:be6844ffc26db60cc653f31bcc3ae15c5697b37a
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/870/
Executed test runs:
    FAILURE: https://jenkins.canonical.com/system-enablement/job/generic-run-snap-spread-tests/581/console
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/778/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/870/rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
Simon Fels (morphis) wrote :

Needs spread tests.

review: Needs Fixing
Revision history for this message
Jim Hodapp (jhodapp) wrote :

Scott, feel free to push back against this if you feel it's too much scope-creep, but could you add a basic index.md file located at docs/index.md to this MR just explaining the very basics of what tpm is, what tpm2 gives you specifically, and a very basic how to use the snap? We need to start adding the basic doc structure to all of our snaps that are missing them today.

review: Needs Information
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:956c3eb22ab78a22c6e3d8525772ff8494411b6d
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/876/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/generic-run-snap-spread-tests/587
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/784/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/876/rebuild

review: Approve (continuous-integration)
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:40ccf539a512afd2215540d76bd4bbd30922357a
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/877/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/generic-run-snap-spread-tests/588
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/785/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/877/rebuild

review: Approve (continuous-integration)
Revision history for this message
Scott Sweeny (ssweeny) wrote :

> Scott, feel free to push back against this if you feel it's too much scope-
> creep, but could you add a basic index.md file located at docs/index.md to
> this MR just explaining the very basics of what tpm is, what tpm2 gives you
> specifically, and a very basic how to use the snap? We need to start adding
> the basic doc structure to all of our snaps that are missing them today.

Jim,

I think adding those docs are a great idea... for a card in the backlog :)

Revision history for this message
Jim Hodapp (jhodapp) wrote :

Fair enough. :) Would you mind adding one to the backlog?

Revision history for this message
Jim Hodapp (jhodapp) wrote :

Looks good overall, a few comments inline below.

review: Needs Fixing
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:6e30d2903e905c9021975397a20bfce3cdb3dfaf
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/899/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/generic-run-snap-spread-tests/601
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/808/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/899/rebuild

review: Approve (continuous-integration)
Revision history for this message
Jim Hodapp (jhodapp) wrote :

LGTM

review: Approve
Revision history for this message
Tony Espy (awe) wrote :

Two minor fixes needed...

review: Needs Fixing
Revision history for this message
Tony Espy (awe) wrote :

LGTM

review: Approve
Revision history for this message
System Enablement Bot (system-enablement-ci-bot) wrote :

PASSED: Continuous integration, rev:593064ecf212a1a441c3e70d2001e260262ede41
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/903/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/system-enablement/job/generic-run-snap-spread-tests/604
    None: https://jenkins.canonical.com/system-enablement/job/generic-update-snap-mp/812/console

Click here to trigger a rebuild:
https://jenkins.canonical.com/system-enablement/job/generic-build-snap/903/rebuild

review: Approve (continuous-integration)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/run-tests.sh b/run-tests.sh
2index 1d58d86..bc4b987 100755
3--- a/run-tests.sh
4+++ b/run-tests.sh
5@@ -1,6 +1,6 @@
6-#!/bin/bash
7+#!/bin/sh
8 #
9-# Copyright (C) 2016 Canonical Ltd
10+# Copyright (C) 2017 Canonical Ltd
11 #
12 # This program is free software: you can redistribute it and/or modify
13 # it under the terms of the GNU General Public License version 3 as
14@@ -16,69 +16,64 @@
15
16 set -e
17
18-image_name=ubuntu-core-16.img
19-channel=candidate
20-spread_opts=
21-force_new_image=0
22-test_from_channel=0
23+TESTS_EXTRAS_URL="https://git.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/tests-extras"
24+TESTS_EXTRAS_PATH=".tests-extras"
25
26+# Display help.
27+# This has to be in sync with the tests-extras/test-runner.sh script
28+# functionalities as the parameters to this one are passed directly there
29+# this function will quit the script because of the 'exec' keyword
30 show_help() {
31- echo "Usage: run-tests.sh [OPTIONS]"
32- echo
33- echo "optional arguments:"
34- echo " --help Show this help message and exit"
35- echo " --channel Select another channel to build the base image from (default: $channel)"
36- echo " --debug Enable verbose debugging output"
37- echo " --test-from-channel Pull tpm2 snap from the specified channel instead of building it from source"
38- echo " --force-new-image Force generating a new image used for testing"
39+ exec cat <<'EOF'
40+Usage: run-tests.sh [OPTIONS]
41+
42+This is fetch & forget script and what it does is to fetch the
43+tests-extras repository and execute the run-tests.sh script from
44+there passing arguments as-is.
45+
46+optional arguments:
47+ --help Show this help message and exit
48+ --channel Select another channel to build the base image from (default: stable)
49+ --snap Extra snap to install
50+ --debug Enable verbose debugging output
51+ --test-from-channel Pull tpm2 snap from the specified channel instead of building it from source
52+ --force-new-image Force generating a new image used for testing
53+EOF
54 }
55
56-while [ -n "$1" ]; do
57- case "$1" in
58- --help)
59- show_help
60- exit
61- ;;
62- --channel=*)
63- channel=${1#*=}
64- shift
65- ;;
66- --test-from-channel)
67- test_from_channel=1
68- shift
69- ;;
70- --debug)
71- spread_opts="$spread_opts -vv -debug"
72- shift
73- ;;
74- --force-new-image)
75- force_new_image=1
76- shift
77- ;;
78- *)
79- echo "Unknown command: $1"
80- exit 1
81- ;;
82- esac
83-done
84+# Clone the tests-extras repository
85+clone_tests_extras() {
86+ echo "INFO: Fetching tests-extras scripts into $TESTS_EXTRAS_PATH ..."
87+ git clone -b master $TESTS_EXTRAS_URL $TESTS_EXTRAS_PATH >/dev/null 2>&1
88+ if [ $? -ne 0 ]; then
89+ echo "ERROR: Failed to fetch the $TESTS_EXTRAS_URL repo, exiting.."
90+ exit 1
91+ fi
92+}
93
94-SPREAD_QEMU_PATH="$HOME/.spread/qemu"
95-if [ `which spread` = /snap/bin/spread ] ; then
96- current_version=`readlink /snap/spread/current`
97- SPREAD_QEMU_PATH="$HOME/snap/spread/$current_version/.spread/qemu/"
98-fi
99+# Make sure the already cloned tests-extras repository is in a known and updated
100+# state before it is going to be used.
101+restore_and_update_tests_extras() {
102+ echo "INFO: Restoring and updating $TESTS_EXTRAS_PATH"
103+ cd $TESTS_EXTRAS_PATH && git reset --hard && git clean -dfx && git pull
104+ cd -
105+}
106
107-# Make sure we have a base image we use for testing
108-if [ ! -e $SPREAD_QEMU_PATH/$image_name ] || [ $force_new_image -eq 1 ] ; then
109- echo "INFO: Creating new qemu test image ..."
110- (cd tests/image ; sudo ./create-image.sh $channel)
111- mkdir -p $SPREAD_QEMU_PATH
112- mv tests/image/ubuntu-core-16.img $SPREAD_QEMU_PATH/$image_name
113-fi
114+# ==============================================================================
115+# This is fetch & forget script and what it does is to fetch the tests-extras
116+# repo and execute the run-tests.sh script from there passing arguments as-is.
117+#
118+# The tests-extras repository ends up checked out in the snap tree but as a
119+# hidden directory which is re-used since then.
120
121-# We currently only run spread tests but we could do other things
122-# here as well like running our snap-lintian tool etc.
123-if [ $test_from_channel -eq 1 ] ; then
124- export SNAP_CHANNEL=$channel
125+# Display help w/o fetching anything and exit
126+[ "$1" = "--help" ] && show_help
127+
128+if [ -d "$TESTS_EXTRAS_PATH" ]; then
129+ restore_and_update_tests_extras
130+else
131+ clone_tests_extras
132 fi
133-spread $spread_opts
134+
135+echo "INFO: Executing tests runner"
136+cd $TESTS_EXTRAS_PATH && ./tests-runner.sh "$@"
137diff --git a/snapcraft.yaml b/snapcraft.yaml
138index 6c30e14..a7c3720 100644
139--- a/snapcraft.yaml
140+++ b/snapcraft.yaml
141@@ -6,6 +6,7 @@ description: |
142 into a wide range of todays devices. Please find the source
143 code at: https://code.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2
144 confinement: strict
145+grade: stable
146
147 apps:
148 resourcemgr:
149@@ -15,100 +16,131 @@ apps:
150 activatecredential:
151 command: sbin/tpm2_activatecredential
152 plugs: [network]
153+ aliases: [tpm2_activatecredential]
154 akparse:
155 command: sbin/tpm2_akparse
156+ aliases: [tpm2_akparse]
157 certify:
158 command: sbin/tpm2_certify
159 plugs: [network]
160+ aliases: [tpm2_certify]
161 create:
162 command: sbin/tpm2_create
163 plugs: [network]
164+ aliases: [tpm2_create]
165 createprimary:
166 command: sbin/tpm2_createprimary
167 plugs: [network]
168+ aliases: [tpm2_createprimary]
169 encryptdecrypt:
170 command: sbin/tpm2_encryptdecrypt
171 plugs: [network]
172+ aliases: [tpm2_encryptdecrypt]
173 evictcontrol:
174 command: sbin/tpm2_evictcontrol
175 plugs: [network]
176+ aliases: [tpm2_evictcontrol]
177 getmanufec:
178 command: sbin/tpm2_getmanufec
179 plugs: [network]
180+ aliases: [tpm2_getmanufec]
181 getpubak:
182 command: sbin/tpm2_getpubak
183 plugs: [network]
184+ aliases: [tpm2_getpubak]
185 getpubek:
186 command: sbin/tpm2_getpubek
187 plugs: [network]
188+ aliases: [tpm2_getpubek]
189 getrandom:
190 command: sbin/tpm2_getrandom
191 plugs: [network]
192+ aliases: [tpm2_getrandom]
193 hash:
194 command: sbin/tpm2_hash
195 plugs: [network]
196+ aliases: [tpm2_hash]
197 hmac:
198 command: sbin/tpm2_hmac
199 plugs: [network]
200+ aliases: [tpm2_hmac]
201 listpcrs:
202 command: sbin/tpm2_listpcrs
203 plugs: [network]
204+ aliases: [tpm2_listpcrs]
205 load:
206 command: sbin/tpm2_load
207 plugs: [network]
208+ aliases: [tpm2_load]
209 loadexternal:
210 command: sbin/tpm2_loadexternal
211 plugs: [network]
212+ aliases: [tpm2_loadexternal]
213 makecredential:
214 command: sbin/tpm2_makecredential
215 plugs: [network]
216+ aliases: [tpm2_makecredential]
217 nvdefine:
218 command: sbin/tpm2_nvdefine
219 plugs: [network]
220+ aliases: [tpm2_nvdefine]
221 nvlist:
222 command: sbin/tpm2_nvlist
223 plugs: [network]
224+ aliases: [tpm2_nvlist]
225 nvread:
226 command: sbin/tpm2_nvread
227 plugs: [network]
228+ aliases: [tpm2_nvread]
229 nvrelease:
230 command: sbin/tpm2_nvrelease
231 plugs: [network]
232+ aliases: [tpm2_nvrelease]
233 nvwrite:
234 command: sbin/tpm2_nvwrite
235 plugs: [network]
236+ aliases: [tpm2_nvwrite]
237 quote:
238 command: sbin/tpm2_quote
239 plugs: [network]
240+ aliases: [tpm2_quote]
241 rc-decode:
242 command: sbin/tpm2_rc_decode
243+ aliases: [tpm2_rc_decode]
244 readpublic:
245 command: sbin/tpm2_readpublic
246 plugs: [network]
247+ aliases: [tpm2_readpublic]
248 rsadecrypt:
249 command: sbin/tpm2_rsadecrypt
250 plugs: [network]
251+ aliases: [tpm2_rsadecrypt]
252 rsaencrypt:
253 command: sbin/tpm2_rsaencrypt
254 plugs: [network]
255+ aliases: [tpm2_rsaencrypt]
256 sign:
257 command: sbin/tpm2_sign
258 plugs: [network]
259+ aliases: [tpm2_sign]
260 takeownership:
261 command: sbin/tpm2_takeownership
262 plugs: [network]
263+ aliases: [tpm2_takeownership]
264 unseal:
265 command: sbin/tpm2_unseal
266 plugs: [network]
267+ aliases: [tpm2_unseal]
268 verifysignature:
269 command: sbin/tpm2_verifysignature
270 plugs: [network]
271+ aliases: [tpm2_verifysignature]
272
273 parts:
274 common:
275 plugin: dump
276 source: .
277- snap:
278+ prime:
279 - copyright.tpm2-tss
280 - copyright.tpm2-tools
281 tpm2-tss:
282@@ -123,7 +155,7 @@ parts:
283 - gcc
284 - g++
285 - libc6-dev
286- snap:
287+ prime:
288 - -include
289 tpm2-tools:
290 plugin: autotools
291@@ -144,7 +176,7 @@ parts:
292 - libcurl4-openssl-dev
293 - libssl-dev
294 - libtool
295- snap:
296+ prime:
297 - -include
298 after:
299 - tpm2-tss
300diff --git a/spread.yaml b/spread.yaml
301index 77659ce..0b5f803 100644
302--- a/spread.yaml
303+++ b/spread.yaml
304@@ -1,5 +1,5 @@
305 #
306-# Copyright (C) 2016 Canonical Ltd
307+# Copyright (C) 2017 Canonical Ltd
308 #
309 # This program is free software: you can redistribute it and/or modify
310 # it under the terms of the GNU General Public License version 3 as
311@@ -20,8 +20,11 @@ environment:
312 PROJECT_PATH: /home/tpm2
313 TESTSLIB: $PROJECT_PATH/tests/lib
314 SNAP_NAME: tpm2
315+ SNAP_ARCH: amd64
316 # Allow the host to pass the channel to use for the test run
317 SNAP_CHANNEL: $(HOST:echo $SNAP_CHANNEL)
318+ SNAP_AUTOCONNECT_CORE_PLUGS: network network-bind tpm
319+ SNAP_AUTO_ALIASES: tpm2_activatecredential tpm2_akparse tpm2_certify tpm2_create tpm2_createprimary tpm2_encryptdecrypt tpm2_evictcontrol tpm2_getmanufec tpm2_getpubak tpm2_getpubek tpm2_getrandom tpm2_hash tpm2_hmac tpm2_listpcrs tpm2_load tpm2_loadexternal tpm2_makecredential tpm2_nvdefine tpm2_nvlist tpm2_nvread tpm2_nvrelease tpm2_nvwrite tpm2_quote tpm2_rc_decode tpm2_readpublic tpm2_rsadecrypt tpm2_rsaencrypt tpm2_sign tpm2_takeownership tpm2_unseal tpm2_verifysignature
320
321 backends:
322 qemu:
323diff --git a/tests/image/.create-image.sh.swp b/tests/image/.create-image.sh.swp
324deleted file mode 100644
325index e94bc8c..0000000
326Binary files a/tests/image/.create-image.sh.swp and /dev/null differ
327diff --git a/tests/image/README.md b/tests/image/README.md
328deleted file mode 100644
329index b75b66e..0000000
330--- a/tests/image/README.md
331+++ /dev/null
332@@ -1,7 +0,0 @@
333-# Generate user password
334-
335-You can generate the password for the system user assertion via
336-
337-```
338- $ python3 -c 'import crypt; print(crypt.crypt("test", crypt.mksalt(crypt.METHOD_SHA512)))'
339-```
340diff --git a/tests/image/create-image.sh b/tests/image/create-image.sh
341deleted file mode 100755
342index 0875b55..0000000
343--- a/tests/image/create-image.sh
344+++ /dev/null
345@@ -1,156 +0,0 @@
346-#!/bin/bash
347-#
348-# Copyright (C) 2016 Canonical Ltd
349-#
350-# This program is free software: you can redistribute it and/or modify
351-# it under the terms of the GNU General Public License version 3 as
352-# published by the Free Software Foundation.
353-#
354-# This program is distributed in the hope that it will be useful,
355-# but WITHOUT ANY WARRANTY; without even the implied warranty of
356-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
357-# GNU General Public License for more details.
358-#
359-# You should have received a copy of the GNU General Public License
360-# along with this program. If not, see <http://www.gnu.org/licenses/>.
361-
362-set -e
363-
364-if [ $(id -u) -ne 0 ] ; then
365- echo "ERROR: needs to be executed as root"
366- exit 1
367-fi
368-
369-channel=candidate
370-if [ ! -z "$1" ] ; then
371- channel=$1
372-fi
373-
374-snap=
375-if [ ! -z "$2" ] ; then
376- snap=$2
377-fi
378-
379-model=pc
380-arch=amd64
381-image_name=ubuntu-core-16.img
382-ubuntu_image_extra_args=
383-
384-if [ ! -z "$snap" ] ; then
385- ubuntu_image_extra_args="--extra-snaps $snap"
386-fi
387-
388-ubuntu-image \
389- --channel $channel \
390- -o $image_name \
391- $ubuntu_image_extra_args \
392- $model.model
393-
394-kpartx -a $image_name
395-sleep 0.5
396-
397-loop_path=`findfs LABEL=writable`
398-tmp_mount=`mktemp -d`
399-
400-mount $loop_path $tmp_mount
401-
402-# Migrate all systemd units from core snap into the writable area. This
403-# would be normally done on firstboot by the initramfs but we can't rely
404-# on that because we are adding another file in there and that will
405-# prevent the initramfs from transitioning any files.
406-core_snap=$(find $tmp_mount/system-data/var/lib/snapd/snaps -name "core_*.snap")
407-tmp_core=`mktemp -d`
408-mount $core_snap $tmp_core
409-mkdir -p $tmp_mount/system-data/etc/systemd
410-cp -rav $tmp_core/etc/systemd/* \
411- $tmp_mount/system-data/etc/systemd/
412-umount $tmp_core
413-rm -rf $tmp_core
414-
415-# system-user assertion which gives us our test:test user we use to
416-# log into the system
417-mkdir -p $tmp_mount/system-data/var/lib/snapd/seed/assertions
418-cp test-user.assertion $tmp_mount/system-data/var/lib/snapd/seed/assertions
419-
420-# Disable console-conf for the first boot
421-mkdir -p $tmp_mount/system-data/var/lib/console-conf/
422-touch $tmp_mount/system-data/var/lib/console-conf/complete
423-
424-# Create systemd service which is running on firstboot and sets up
425-# various things for us.
426-mkdir -p $tmp_mount/system-data/etc/systemd/system
427-cat << 'EOF' > $tmp_mount/system-data/etc/systemd/system/devmode-firstboot.service
428-[Unit]
429-Description=Run devmode firstboot setup
430-After=snapd.service snapd.socket
431-
432-[Service]
433-Type=oneshot
434-ExecStart=/writable/system-data/var/lib/devmode-firstboot/run.sh
435-RemainAfterExit=yes
436-TimeoutSec=3min
437-EOF
438-
439-mkdir -p $tmp_mount/system-data/etc/systemd/system/multi-user.target.wants
440-ln -sf /etc/systemd/system/devmode-firstboot.service \
441- $tmp_mount/system-data/etc/systemd/system/multi-user.target.wants/devmode-firstboot.service
442-
443-mkdir $tmp_mount/system-data/var/lib/devmode-firstboot
444-cat << EOF > $tmp_mount/system-data/var/lib/devmode-firstboot/00-snapd-config.yaml
445-network:
446- version: 2
447- ethernets:
448- eth0:
449- dhcp4: true
450-EOF
451-
452-cat << 'EOF' > $tmp_mount/system-data/var/lib/devmode-firstboot/run.sh
453-#!/bin/bash
454-
455-set -e
456-
457-# Don't start again if we're already done
458-if [ -e /writable/system-data/var/lib/devmode-firstboot/complete ] ; then
459- exit 0
460-fi
461-
462-echo "Start devmode-firstboot $(date -Iseconds --utc)"
463-
464-if [ "$(snap managed)" = "true" ]; then
465- echo "System already managed, exiting"
466- exit 0
467-fi
468-
469-# no changes at all
470-while ! snap changes ; do
471- echo "No changes yet, waiting"
472- sleep 1
473-done
474-
475-while snap changes | grep -qE '(Do|Doing) .*Initialize system state' ; do
476- echo "Initialize system state is in progress, waiting"
477- sleep 1
478-done
479-
480-if [ -n "$(snap known system-user)" ]; then
481- echo "Trying to create known user"
482- snap create-user --known --sudoer
483-fi
484-
485-cp /writable/system-data/var/lib/devmode-firstboot/00-snapd-config.yaml /writable/system-data/etc/netplan
486-
487-# Enable console-conf again
488-rm /writable/system-data/var/lib/console-conf/complete
489-
490-# Mark us done
491-touch /writable/system-data/var/lib/devmode-firstboot/complete
492-
493-# Reboot the system as its now prepared for the user
494-reboot
495-EOF
496-
497-chmod +x $tmp_mount/system-data/var/lib/devmode-firstboot/run.sh
498-
499-umount $tmp_mount
500-kpartx -d $image_name
501-rm -rf $tmp_mount
502diff --git a/tests/image/pc-model.json b/tests/image/pc-model.json
503deleted file mode 100644
504index 2eb1411..0000000
505--- a/tests/image/pc-model.json
506+++ /dev/null
507@@ -1,11 +0,0 @@
508-{
509- "type": "model",
510- "authority-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf",
511- "brand-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf",
512- "series": "16",
513- "model": "pc",
514- "architecture": "amd64",
515- "gadget": "pc",
516- "kernel": "pc-kernel",
517- "timestamp": "2016-09-09T08:27:36+00:00"
518-}
519diff --git a/tests/image/pc.model b/tests/image/pc.model
520deleted file mode 100644
521index 345b7e4..0000000
522--- a/tests/image/pc.model
523+++ /dev/null
524@@ -1,21 +0,0 @@
525-type: model
526-authority-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf
527-series: 16
528-brand-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf
529-model: pc
530-architecture: amd64
531-gadget: pc
532-kernel: pc-kernel
533-timestamp: 2016-09-09T08:27:36+00:00
534-sign-key-sha3-384: a4qX7md6GQGNcZc_cmWPBStTq4RNCnGTzF-4usF5wFylQ-xZQej-SD6prx8Yl89O
535-
536-AcLBXAQAAQoABgUCWBBNTwAKCRAVoE002xqmOPH/EACWLf1UeZgICjNbzLI5bO/84LExS8iUjarG
537-S7DRn8Ln5zu44pxz7UXJNjULgnU8yuKVPVWg0ij7DRvaj8tGxOMMAls1fjSRtEYR8oJFsI3jXDGw
538-cLjvJG/crUxV8DgdZFlF02Kb5VtmNDXs1OE3zpPeniG19JYHaf2hDz4SRmWZe4c2MFrAt2UwI/VC
539-o/209Fl3qA8p8x5EYOBycgHooHm3924NTF9mXbKSfLRgGS7YzmN4FXFyiGOTY6CRsp37XnkxGcA1
540-+lyZz1X97qT/fOGVUFqHDqUZmuCs5sC3+DNonytTgKt5+7S+V+Ai45HEayD5f4gS9uscnTMTwEEJ
541-VgSZRU0My+iJwFlXHaGWQe9eC37YCZ3ahBxc2SpkFffXjYhEMtTtr1vDIYCAhbc2k8aa3hPE2GUg
542-3pv8zs1AuZzSVX+Rp4ysMBqU23UUVP6Bmvr7ZD3E8aEUxE6O/BEA10Km5oZPqpmBfcEVO8a0yZjn
543-YQxn4XzY1Nwq1d0sJIV7FEDsq9dXH9QCa4qsCH3KG3jHv32GapvLf8mpr6HSH+JmPM5kNeVugLVy
544-/RUAFNu+Y4hqhpRNC8fc+UDkVBXsLDqHb5gfXnhbFIH8LvpVFR20SSkg9/Km5xC+7wcey0h8SD6/
545-Eh70OPLxDkzitEn/1L/0V987dlJnhS4WpqrYfbHYwQ==
546diff --git a/tests/image/test-user-assertion.json b/tests/image/test-user-assertion.json
547deleted file mode 100644
548index 81f6beb..0000000
549--- a/tests/image/test-user-assertion.json
550+++ /dev/null
551@@ -1,13 +0,0 @@
552-{
553- "type": "system-user",
554- "authority-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf",
555- "brand-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf",
556- "series": ["16"],
557- "models": ["pc"],
558- "name": "Default Test User",
559- "username": "test",
560- "email": "test@localhost",
561- "password": "$6$OCvKy4w/Ppxp7IvC$WPzWiIW.4y18h9htjbOuxLZ.sjQ5M2hoSiEu3FpMU0PMdHQuQdBOqvk8p6DMdS/R/nU/rXidClD23CbSkSgp30",
562- "since": "2016-10-24T07:12:10+00:00",
563- "until": "2017-10-24T07:12:10+00:00"
564-}
565diff --git a/tests/image/test-user.assertion b/tests/image/test-user.assertion
566deleted file mode 100644
567index 7ebb667..0000000
568--- a/tests/image/test-user.assertion
569+++ /dev/null
570@@ -1,25 +0,0 @@
571-type: system-user
572-authority-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf
573-brand-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf
574-email: test@localhost
575-models:
576- - pc
577-name: Default Test User
578-password: $6$OCvKy4w/Ppxp7IvC$WPzWiIW.4y18h9htjbOuxLZ.sjQ5M2hoSiEu3FpMU0PMdHQuQdBOqvk8p6DMdS/R/nU/rXidClD23CbSkSgp30
579-series:
580- - 16
581-since: 2016-10-24T07:12:10+00:00
582-until: 2017-10-24T07:12:10+00:00
583-username: test
584-sign-key-sha3-384: a4qX7md6GQGNcZc_cmWPBStTq4RNCnGTzF-4usF5wFylQ-xZQej-SD6prx8Yl89O
585-
586-AcLBXAQAAQoABgUCWBBOJAAKCRAVoE002xqmOKaRD/0cEKWb2nbwhk+BTgOrYZHrwzjbIWTZznDh
587-xCD6JWF/yr9br1vEmRz2zCNPPWZgFH9HaJ+mT/lktWIs7VVMIdwMDWYOR8P9rdWM/Jx6iyB3z0OI
588-YO31zaU4XLyolv/YSj/nFXMMD+jIeE4l8j4AtCSJwd7ZS9Jz8F/RfrD8EpG0JU1F55lq8MC0mjZ4
589-ul5ws8k9UiP8nA5IAG30NvvReiUGYqtdkO43eQmy88WABL95MbFsbfEk4/VduG0Gt3y/T8vDDcF6
590-NJEm8L+O9IXnPBAje0Ve0NX3YtOE3CDTkYRKR7xFFJq2cJVCSvf9CsorREg4KyfagIdMKDSa5Tiq
591-FzoAJTfI0ltq5cAnLImtxFKulJ+AnGUNMLrKFr1H0FGtqTZBfs/PcIxy0qY0YDXSF4/9F2PUBdQS
592-tSmN6pT9t1FCGy2Rf5n3QV4e0R2JzS6Kx+vdbPMYqhssQosLU5GwlWj8UbevtphAGf8u8nLBDYWs
593-MNIPi0IrPmzIewZBD05A6a8T+oHZ9dIg5SAnJ4gmz0sCzNDKarvYqLpcU1rZzu78/UypbHXDvBAt
594-gnxYpD6WHR2aHSeyx3WvOp130jFco2/55M0RTEm50isO1uv2DqTn9ULkBdCrG/zOqEmZgY18ds3P
595-yTaAbaIAqUe7scpAHY0a31tfnXq8cRyEX03e9g2Mrg==
596diff --git a/tests/lib/prepare-all.sh b/tests/lib/prepare-all.sh
597index 80be76f..cdb1b80 100644
598--- a/tests/lib/prepare-all.sh
599+++ b/tests/lib/prepare-all.sh
600@@ -6,14 +6,14 @@ if [ -n "$SNAP_CHANNEL" ] ; then
601 exit 0
602 fi
603
604-# Setup classic snap and build the tpm2 snap in there
605+# Set up classic snap and build the tpm2 snap in there
606 snap install --devmode --beta classic
607 cat <<-EOF > /home/test/build-snap.sh
608 #!/bin/sh
609 set -ex
610 apt update
611 apt install -y --force-yes snapcraft
612-cd /home/tpm2
613+cd ${PROJECT_PATH}
614 snapcraft clean
615 snapcraft
616 EOF
617@@ -22,4 +22,4 @@ sudo classic /home/test/build-snap.sh
618 snap remove classic
619
620 # Make sure we have a snap build
621-test -e /home/tpm2/tpm2_*_amd64.snap
622+test -e ${PROJECT_PATH}/${SNAP_NAME}_*_${SNAP_ARCH}.snap
623diff --git a/tests/lib/prepare.sh b/tests/lib/prepare.sh
624index 2fd3d79..e14a9b2 100644
625--- a/tests/lib/prepare.sh
626+++ b/tests/lib/prepare.sh
627@@ -1,5 +1,7 @@
628 #!/bin/bash
629
630+. $TESTSLIB/utilities.sh
631+
632 echo "Wait for firstboot change to be ready"
633 while ! snap changes | grep -q "Done"; do
634 snap changes || true
635@@ -21,28 +23,12 @@ done
636 echo "Kernel has a store revision"
637 snap list | grep ^${kernel_name} | grep -E " [0-9]+\s+canonical"
638
639-# If we don't install tpm2 here we get a system
640-# without any network connectivity after reboot.
641-if [ -n "$SNAP_CHANNEL" ] ; then
642- # Don't reinstall if we have it installed already
643- if ! snap list | grep tpm2 ; then
644- snap install --$SNAP_CHANNEL tpm2
645- fi
646-else
647- # Install prebuilt tpm2 snap
648- snap install --dangerous /home/tpm2/tpm2_*_amd64.snap
649- # As we have a snap which we build locally its unasserted and therefor
650- # we don't have any snap-declarations in place and need to manually
651- # connect all plugs.
652- snap connect tpm2:tpm core:tpm
653- snap connect tpm2:network core:network
654- snap connect tpm2:network-bind core:network-bind
655-fi
656+install_snap_under_test
657
658 # Snapshot of the current snapd state for a later restore
659 if [ ! -f $SPREAD_PATH/snapd-state.tar.gz ] ; then
660 systemctl stop snapd.service snapd.socket
661- tar czf $SPREAD_PATH/snapd-state.tar.gz /var/lib/snapd /etc/netplan
662+ tar czf $SPREAD_PATH/snapd-state.tar.gz /var/lib/snapd
663 systemctl start snapd.socket
664 fi
665
666diff --git a/tests/lib/utilities.sh b/tests/lib/utilities.sh
667new file mode 100644
668index 0000000..03e29dc
669--- /dev/null
670+++ b/tests/lib/utilities.sh
671@@ -0,0 +1,39 @@
672+#!/bin/sh
673+
674+wait_for_systemd_service() {
675+ while ! systemctl status $1 ; do
676+ sleep 1
677+ done
678+ sleep 1
679+}
680+
681+wait_for_systemd_service_exit() {
682+ while systemctl status $1 ; do
683+ sleep 1
684+ done
685+ sleep 1
686+}
687+
688+install_snap_under_test() {
689+ # If we don't install the snap here we get a system
690+ # without any network connectivity after reboot.
691+ if [ -n "$SNAP_CHANNEL" ] ; then
692+ # Don't reinstall if we have it installed already
693+ if ! snap list | grep $SNAP_NAME ; then
694+ snap install --$SNAP_CHANNEL $SNAP_NAME
695+ fi
696+ else
697+ # Install prebuilt snap
698+ snap install --dangerous ${PROJECT_PATH}/${SNAP_NAME}_*_${SNAP_ARCH}.snap
699+ # As we have a snap which we build locally it's unasserted and therefore
700+ # we don't have any snap-declarations in place and need to manually
701+ # connect all plugs.
702+ for plug in $SNAP_AUTOCONNECT_CORE_PLUGS ; do
703+ snap connect ${SNAP_NAME}:${plug} core
704+ done
705+ # Setup all necessary aliases
706+ for alias in $SNAP_AUTO_ALIASES ; do
707+ snap alias $SNAP_NAME $alias
708+ done
709+ fi
710+}
711diff --git a/tests/main/installation/task.yaml b/tests/main/installation/task.yaml
712index aaddf25..f47e701 100644
713--- a/tests/main/installation/task.yaml
714+++ b/tests/main/installation/task.yaml
715@@ -5,3 +5,36 @@ execute: |
716 snap interfaces | grep -Pzq ":tpm +tpm2"
717 snap interfaces | grep -Pzq ":network +tpm2"
718 snap interfaces | grep -Pzq ":network-bind +tpm2"
719+
720+ # Verify aliases are set up
721+ test -x /snap/bin/tpm2_activatecredential
722+ test -x /snap/bin/tpm2_akparse
723+ test -x /snap/bin/tpm2_certify
724+ test -x /snap/bin/tpm2_create
725+ test -x /snap/bin/tpm2_createprimary
726+ test -x /snap/bin/tpm2_encryptdecrypt
727+ test -x /snap/bin/tpm2_evictcontrol
728+ test -x /snap/bin/tpm2_getmanufec
729+ test -x /snap/bin/tpm2_getpubak
730+ test -x /snap/bin/tpm2_getpubek
731+ test -x /snap/bin/tpm2_getrandom
732+ test -x /snap/bin/tpm2_hash
733+ test -x /snap/bin/tpm2_hmac
734+ test -x /snap/bin/tpm2_listpcrs
735+ test -x /snap/bin/tpm2_load
736+ test -x /snap/bin/tpm2_loadexternal
737+ test -x /snap/bin/tpm2_makecredential
738+ test -x /snap/bin/tpm2_nvdefine
739+ test -x /snap/bin/tpm2_nvlist
740+ test -x /snap/bin/tpm2_nvread
741+ test -x /snap/bin/tpm2_nvrelease
742+ test -x /snap/bin/tpm2_nvwrite
743+ test -x /snap/bin/tpm2_quote
744+ test -x /snap/bin/tpm2_rc_decode
745+ test -x /snap/bin/tpm2_readpublic
746+ test -x /snap/bin/tpm2_rsadecrypt
747+ test -x /snap/bin/tpm2_rsaencrypt
748+ test -x /snap/bin/tpm2_sign
749+ test -x /snap/bin/tpm2_takeownership
750+ test -x /snap/bin/tpm2_unseal
751+ test -x /snap/bin/tpm2_verifysignature

Subscribers

People subscribed via source and target branches

to all changes: