Merge ~ssweeny/snappy-hwe-snaps/+git/tpm2:aliases into ~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2:master
- Git
- lp:~ssweeny/snappy-hwe-snaps/+git/tpm2
- aliases
- Merge into master
Status: | Merged | ||||
---|---|---|---|---|---|
Approved by: | Tony Espy | ||||
Approved revision: | 593064ecf212a1a441c3e70d2001e260262ede41 | ||||
Merged at revision: | 076274ee827a0c09baf03e0c81ad6ad47ade8e9f | ||||
Proposed branch: | ~ssweeny/snappy-hwe-snaps/+git/tpm2:aliases | ||||
Merge into: | ~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2:master | ||||
Diff against target: |
751 lines (+173/-110) 8 files modified
dev/null (+0/-25) run-tests.sh (+55/-60) snapcraft.yaml (+35/-3) spread.yaml (+4/-1) tests/lib/prepare-all.sh (+3/-3) tests/lib/prepare.sh (+4/-18) tests/lib/utilities.sh (+39/-0) tests/main/installation/task.yaml (+33/-0) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
System Enablement Bot | continuous-integration | Approve | |
Tony Espy | Approve | ||
Jim Hodapp (community) | Approve | ||
Simon Fels | Needs Fixing | ||
Review via email: mp+316649@code.launchpad.net |
Commit message
Enable aliases for all tools
Description of the change
Enable aliases for all tools
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
Simon Fels (morphis) wrote : | # |
Needs spread tests.
Jim Hodapp (jhodapp) wrote : | # |
Scott, feel free to push back against this if you feel it's too much scope-creep, but could you add a basic index.md file located at docs/index.md to this MR just explaining the very basics of what tpm is, what tpm2 gives you specifically, and a very basic how to use the snap? We need to start adding the basic doc structure to all of our snaps that are missing them today.
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:956c3eb22ab
https:/
Executed test runs:
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:40ccf539a51
https:/
Executed test runs:
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Scott Sweeny (ssweeny) wrote : | # |
> Scott, feel free to push back against this if you feel it's too much scope-
> creep, but could you add a basic index.md file located at docs/index.md to
> this MR just explaining the very basics of what tpm is, what tpm2 gives you
> specifically, and a very basic how to use the snap? We need to start adding
> the basic doc structure to all of our snaps that are missing them today.
Jim,
I think adding those docs are a great idea... for a card in the backlog :)
Jim Hodapp (jhodapp) wrote : | # |
Fair enough. :) Would you mind adding one to the backlog?
Jim Hodapp (jhodapp) wrote : | # |
Looks good overall, a few comments inline below.
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:6e30d2903e9
https:/
Executed test runs:
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Tony Espy (awe) wrote : | # |
Two minor fixes needed...
System Enablement Bot (system-enablement-ci-bot) wrote : | # |
PASSED: Continuous integration, rev:593064ecf21
https:/
Executed test runs:
SUCCESS: https:/
None: https:/
Click here to trigger a rebuild:
https:/
Preview Diff
1 | diff --git a/run-tests.sh b/run-tests.sh |
2 | index 1d58d86..bc4b987 100755 |
3 | --- a/run-tests.sh |
4 | +++ b/run-tests.sh |
5 | @@ -1,6 +1,6 @@ |
6 | -#!/bin/bash |
7 | +#!/bin/sh |
8 | # |
9 | -# Copyright (C) 2016 Canonical Ltd |
10 | +# Copyright (C) 2017 Canonical Ltd |
11 | # |
12 | # This program is free software: you can redistribute it and/or modify |
13 | # it under the terms of the GNU General Public License version 3 as |
14 | @@ -16,69 +16,64 @@ |
15 | |
16 | set -e |
17 | |
18 | -image_name=ubuntu-core-16.img |
19 | -channel=candidate |
20 | -spread_opts= |
21 | -force_new_image=0 |
22 | -test_from_channel=0 |
23 | +TESTS_EXTRAS_URL="https://git.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/tests-extras" |
24 | +TESTS_EXTRAS_PATH=".tests-extras" |
25 | |
26 | +# Display help. |
27 | +# This has to be in sync with the tests-extras/test-runner.sh script |
28 | +# functionalities as the parameters to this one are passed directly there |
29 | +# this function will quit the script because of the 'exec' keyword |
30 | show_help() { |
31 | - echo "Usage: run-tests.sh [OPTIONS]" |
32 | - echo |
33 | - echo "optional arguments:" |
34 | - echo " --help Show this help message and exit" |
35 | - echo " --channel Select another channel to build the base image from (default: $channel)" |
36 | - echo " --debug Enable verbose debugging output" |
37 | - echo " --test-from-channel Pull tpm2 snap from the specified channel instead of building it from source" |
38 | - echo " --force-new-image Force generating a new image used for testing" |
39 | + exec cat <<'EOF' |
40 | +Usage: run-tests.sh [OPTIONS] |
41 | + |
42 | +This is fetch & forget script and what it does is to fetch the |
43 | +tests-extras repository and execute the run-tests.sh script from |
44 | +there passing arguments as-is. |
45 | + |
46 | +optional arguments: |
47 | + --help Show this help message and exit |
48 | + --channel Select another channel to build the base image from (default: stable) |
49 | + --snap Extra snap to install |
50 | + --debug Enable verbose debugging output |
51 | + --test-from-channel Pull tpm2 snap from the specified channel instead of building it from source |
52 | + --force-new-image Force generating a new image used for testing |
53 | +EOF |
54 | } |
55 | |
56 | -while [ -n "$1" ]; do |
57 | - case "$1" in |
58 | - --help) |
59 | - show_help |
60 | - exit |
61 | - ;; |
62 | - --channel=*) |
63 | - channel=${1#*=} |
64 | - shift |
65 | - ;; |
66 | - --test-from-channel) |
67 | - test_from_channel=1 |
68 | - shift |
69 | - ;; |
70 | - --debug) |
71 | - spread_opts="$spread_opts -vv -debug" |
72 | - shift |
73 | - ;; |
74 | - --force-new-image) |
75 | - force_new_image=1 |
76 | - shift |
77 | - ;; |
78 | - *) |
79 | - echo "Unknown command: $1" |
80 | - exit 1 |
81 | - ;; |
82 | - esac |
83 | -done |
84 | +# Clone the tests-extras repository |
85 | +clone_tests_extras() { |
86 | + echo "INFO: Fetching tests-extras scripts into $TESTS_EXTRAS_PATH ..." |
87 | + git clone -b master $TESTS_EXTRAS_URL $TESTS_EXTRAS_PATH >/dev/null 2>&1 |
88 | + if [ $? -ne 0 ]; then |
89 | + echo "ERROR: Failed to fetch the $TESTS_EXTRAS_URL repo, exiting.." |
90 | + exit 1 |
91 | + fi |
92 | +} |
93 | |
94 | -SPREAD_QEMU_PATH="$HOME/.spread/qemu" |
95 | -if [ `which spread` = /snap/bin/spread ] ; then |
96 | - current_version=`readlink /snap/spread/current` |
97 | - SPREAD_QEMU_PATH="$HOME/snap/spread/$current_version/.spread/qemu/" |
98 | -fi |
99 | +# Make sure the already cloned tests-extras repository is in a known and updated |
100 | +# state before it is going to be used. |
101 | +restore_and_update_tests_extras() { |
102 | + echo "INFO: Restoring and updating $TESTS_EXTRAS_PATH" |
103 | + cd $TESTS_EXTRAS_PATH && git reset --hard && git clean -dfx && git pull |
104 | + cd - |
105 | +} |
106 | |
107 | -# Make sure we have a base image we use for testing |
108 | -if [ ! -e $SPREAD_QEMU_PATH/$image_name ] || [ $force_new_image -eq 1 ] ; then |
109 | - echo "INFO: Creating new qemu test image ..." |
110 | - (cd tests/image ; sudo ./create-image.sh $channel) |
111 | - mkdir -p $SPREAD_QEMU_PATH |
112 | - mv tests/image/ubuntu-core-16.img $SPREAD_QEMU_PATH/$image_name |
113 | -fi |
114 | +# ============================================================================== |
115 | +# This is fetch & forget script and what it does is to fetch the tests-extras |
116 | +# repo and execute the run-tests.sh script from there passing arguments as-is. |
117 | +# |
118 | +# The tests-extras repository ends up checked out in the snap tree but as a |
119 | +# hidden directory which is re-used since then. |
120 | |
121 | -# We currently only run spread tests but we could do other things |
122 | -# here as well like running our snap-lintian tool etc. |
123 | -if [ $test_from_channel -eq 1 ] ; then |
124 | - export SNAP_CHANNEL=$channel |
125 | +# Display help w/o fetching anything and exit |
126 | +[ "$1" = "--help" ] && show_help |
127 | + |
128 | +if [ -d "$TESTS_EXTRAS_PATH" ]; then |
129 | + restore_and_update_tests_extras |
130 | +else |
131 | + clone_tests_extras |
132 | fi |
133 | -spread $spread_opts |
134 | + |
135 | +echo "INFO: Executing tests runner" |
136 | +cd $TESTS_EXTRAS_PATH && ./tests-runner.sh "$@" |
137 | diff --git a/snapcraft.yaml b/snapcraft.yaml |
138 | index 6c30e14..a7c3720 100644 |
139 | --- a/snapcraft.yaml |
140 | +++ b/snapcraft.yaml |
141 | @@ -6,6 +6,7 @@ description: | |
142 | into a wide range of todays devices. Please find the source |
143 | code at: https://code.launchpad.net/~snappy-hwe-team/snappy-hwe-snaps/+git/tpm2 |
144 | confinement: strict |
145 | +grade: stable |
146 | |
147 | apps: |
148 | resourcemgr: |
149 | @@ -15,100 +16,131 @@ apps: |
150 | activatecredential: |
151 | command: sbin/tpm2_activatecredential |
152 | plugs: [network] |
153 | + aliases: [tpm2_activatecredential] |
154 | akparse: |
155 | command: sbin/tpm2_akparse |
156 | + aliases: [tpm2_akparse] |
157 | certify: |
158 | command: sbin/tpm2_certify |
159 | plugs: [network] |
160 | + aliases: [tpm2_certify] |
161 | create: |
162 | command: sbin/tpm2_create |
163 | plugs: [network] |
164 | + aliases: [tpm2_create] |
165 | createprimary: |
166 | command: sbin/tpm2_createprimary |
167 | plugs: [network] |
168 | + aliases: [tpm2_createprimary] |
169 | encryptdecrypt: |
170 | command: sbin/tpm2_encryptdecrypt |
171 | plugs: [network] |
172 | + aliases: [tpm2_encryptdecrypt] |
173 | evictcontrol: |
174 | command: sbin/tpm2_evictcontrol |
175 | plugs: [network] |
176 | + aliases: [tpm2_evictcontrol] |
177 | getmanufec: |
178 | command: sbin/tpm2_getmanufec |
179 | plugs: [network] |
180 | + aliases: [tpm2_getmanufec] |
181 | getpubak: |
182 | command: sbin/tpm2_getpubak |
183 | plugs: [network] |
184 | + aliases: [tpm2_getpubak] |
185 | getpubek: |
186 | command: sbin/tpm2_getpubek |
187 | plugs: [network] |
188 | + aliases: [tpm2_getpubek] |
189 | getrandom: |
190 | command: sbin/tpm2_getrandom |
191 | plugs: [network] |
192 | + aliases: [tpm2_getrandom] |
193 | hash: |
194 | command: sbin/tpm2_hash |
195 | plugs: [network] |
196 | + aliases: [tpm2_hash] |
197 | hmac: |
198 | command: sbin/tpm2_hmac |
199 | plugs: [network] |
200 | + aliases: [tpm2_hmac] |
201 | listpcrs: |
202 | command: sbin/tpm2_listpcrs |
203 | plugs: [network] |
204 | + aliases: [tpm2_listpcrs] |
205 | load: |
206 | command: sbin/tpm2_load |
207 | plugs: [network] |
208 | + aliases: [tpm2_load] |
209 | loadexternal: |
210 | command: sbin/tpm2_loadexternal |
211 | plugs: [network] |
212 | + aliases: [tpm2_loadexternal] |
213 | makecredential: |
214 | command: sbin/tpm2_makecredential |
215 | plugs: [network] |
216 | + aliases: [tpm2_makecredential] |
217 | nvdefine: |
218 | command: sbin/tpm2_nvdefine |
219 | plugs: [network] |
220 | + aliases: [tpm2_nvdefine] |
221 | nvlist: |
222 | command: sbin/tpm2_nvlist |
223 | plugs: [network] |
224 | + aliases: [tpm2_nvlist] |
225 | nvread: |
226 | command: sbin/tpm2_nvread |
227 | plugs: [network] |
228 | + aliases: [tpm2_nvread] |
229 | nvrelease: |
230 | command: sbin/tpm2_nvrelease |
231 | plugs: [network] |
232 | + aliases: [tpm2_nvrelease] |
233 | nvwrite: |
234 | command: sbin/tpm2_nvwrite |
235 | plugs: [network] |
236 | + aliases: [tpm2_nvwrite] |
237 | quote: |
238 | command: sbin/tpm2_quote |
239 | plugs: [network] |
240 | + aliases: [tpm2_quote] |
241 | rc-decode: |
242 | command: sbin/tpm2_rc_decode |
243 | + aliases: [tpm2_rc_decode] |
244 | readpublic: |
245 | command: sbin/tpm2_readpublic |
246 | plugs: [network] |
247 | + aliases: [tpm2_readpublic] |
248 | rsadecrypt: |
249 | command: sbin/tpm2_rsadecrypt |
250 | plugs: [network] |
251 | + aliases: [tpm2_rsadecrypt] |
252 | rsaencrypt: |
253 | command: sbin/tpm2_rsaencrypt |
254 | plugs: [network] |
255 | + aliases: [tpm2_rsaencrypt] |
256 | sign: |
257 | command: sbin/tpm2_sign |
258 | plugs: [network] |
259 | + aliases: [tpm2_sign] |
260 | takeownership: |
261 | command: sbin/tpm2_takeownership |
262 | plugs: [network] |
263 | + aliases: [tpm2_takeownership] |
264 | unseal: |
265 | command: sbin/tpm2_unseal |
266 | plugs: [network] |
267 | + aliases: [tpm2_unseal] |
268 | verifysignature: |
269 | command: sbin/tpm2_verifysignature |
270 | plugs: [network] |
271 | + aliases: [tpm2_verifysignature] |
272 | |
273 | parts: |
274 | common: |
275 | plugin: dump |
276 | source: . |
277 | - snap: |
278 | + prime: |
279 | - copyright.tpm2-tss |
280 | - copyright.tpm2-tools |
281 | tpm2-tss: |
282 | @@ -123,7 +155,7 @@ parts: |
283 | - gcc |
284 | - g++ |
285 | - libc6-dev |
286 | - snap: |
287 | + prime: |
288 | - -include |
289 | tpm2-tools: |
290 | plugin: autotools |
291 | @@ -144,7 +176,7 @@ parts: |
292 | - libcurl4-openssl-dev |
293 | - libssl-dev |
294 | - libtool |
295 | - snap: |
296 | + prime: |
297 | - -include |
298 | after: |
299 | - tpm2-tss |
300 | diff --git a/spread.yaml b/spread.yaml |
301 | index 77659ce..0b5f803 100644 |
302 | --- a/spread.yaml |
303 | +++ b/spread.yaml |
304 | @@ -1,5 +1,5 @@ |
305 | # |
306 | -# Copyright (C) 2016 Canonical Ltd |
307 | +# Copyright (C) 2017 Canonical Ltd |
308 | # |
309 | # This program is free software: you can redistribute it and/or modify |
310 | # it under the terms of the GNU General Public License version 3 as |
311 | @@ -20,8 +20,11 @@ environment: |
312 | PROJECT_PATH: /home/tpm2 |
313 | TESTSLIB: $PROJECT_PATH/tests/lib |
314 | SNAP_NAME: tpm2 |
315 | + SNAP_ARCH: amd64 |
316 | # Allow the host to pass the channel to use for the test run |
317 | SNAP_CHANNEL: $(HOST:echo $SNAP_CHANNEL) |
318 | + SNAP_AUTOCONNECT_CORE_PLUGS: network network-bind tpm |
319 | + SNAP_AUTO_ALIASES: tpm2_activatecredential tpm2_akparse tpm2_certify tpm2_create tpm2_createprimary tpm2_encryptdecrypt tpm2_evictcontrol tpm2_getmanufec tpm2_getpubak tpm2_getpubek tpm2_getrandom tpm2_hash tpm2_hmac tpm2_listpcrs tpm2_load tpm2_loadexternal tpm2_makecredential tpm2_nvdefine tpm2_nvlist tpm2_nvread tpm2_nvrelease tpm2_nvwrite tpm2_quote tpm2_rc_decode tpm2_readpublic tpm2_rsadecrypt tpm2_rsaencrypt tpm2_sign tpm2_takeownership tpm2_unseal tpm2_verifysignature |
320 | |
321 | backends: |
322 | qemu: |
323 | diff --git a/tests/image/.create-image.sh.swp b/tests/image/.create-image.sh.swp |
324 | deleted file mode 100644 |
325 | index e94bc8c..0000000 |
326 | Binary files a/tests/image/.create-image.sh.swp and /dev/null differ |
327 | diff --git a/tests/image/README.md b/tests/image/README.md |
328 | deleted file mode 100644 |
329 | index b75b66e..0000000 |
330 | --- a/tests/image/README.md |
331 | +++ /dev/null |
332 | @@ -1,7 +0,0 @@ |
333 | -# Generate user password |
334 | - |
335 | -You can generate the password for the system user assertion via |
336 | - |
337 | -``` |
338 | - $ python3 -c 'import crypt; print(crypt.crypt("test", crypt.mksalt(crypt.METHOD_SHA512)))' |
339 | -``` |
340 | diff --git a/tests/image/create-image.sh b/tests/image/create-image.sh |
341 | deleted file mode 100755 |
342 | index 0875b55..0000000 |
343 | --- a/tests/image/create-image.sh |
344 | +++ /dev/null |
345 | @@ -1,156 +0,0 @@ |
346 | -#!/bin/bash |
347 | -# |
348 | -# Copyright (C) 2016 Canonical Ltd |
349 | -# |
350 | -# This program is free software: you can redistribute it and/or modify |
351 | -# it under the terms of the GNU General Public License version 3 as |
352 | -# published by the Free Software Foundation. |
353 | -# |
354 | -# This program is distributed in the hope that it will be useful, |
355 | -# but WITHOUT ANY WARRANTY; without even the implied warranty of |
356 | -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
357 | -# GNU General Public License for more details. |
358 | -# |
359 | -# You should have received a copy of the GNU General Public License |
360 | -# along with this program. If not, see <http://www.gnu.org/licenses/>. |
361 | - |
362 | -set -e |
363 | - |
364 | -if [ $(id -u) -ne 0 ] ; then |
365 | - echo "ERROR: needs to be executed as root" |
366 | - exit 1 |
367 | -fi |
368 | - |
369 | -channel=candidate |
370 | -if [ ! -z "$1" ] ; then |
371 | - channel=$1 |
372 | -fi |
373 | - |
374 | -snap= |
375 | -if [ ! -z "$2" ] ; then |
376 | - snap=$2 |
377 | -fi |
378 | - |
379 | -model=pc |
380 | -arch=amd64 |
381 | -image_name=ubuntu-core-16.img |
382 | -ubuntu_image_extra_args= |
383 | - |
384 | -if [ ! -z "$snap" ] ; then |
385 | - ubuntu_image_extra_args="--extra-snaps $snap" |
386 | -fi |
387 | - |
388 | -ubuntu-image \ |
389 | - --channel $channel \ |
390 | - -o $image_name \ |
391 | - $ubuntu_image_extra_args \ |
392 | - $model.model |
393 | - |
394 | -kpartx -a $image_name |
395 | -sleep 0.5 |
396 | - |
397 | -loop_path=`findfs LABEL=writable` |
398 | -tmp_mount=`mktemp -d` |
399 | - |
400 | -mount $loop_path $tmp_mount |
401 | - |
402 | -# Migrate all systemd units from core snap into the writable area. This |
403 | -# would be normally done on firstboot by the initramfs but we can't rely |
404 | -# on that because we are adding another file in there and that will |
405 | -# prevent the initramfs from transitioning any files. |
406 | -core_snap=$(find $tmp_mount/system-data/var/lib/snapd/snaps -name "core_*.snap") |
407 | -tmp_core=`mktemp -d` |
408 | -mount $core_snap $tmp_core |
409 | -mkdir -p $tmp_mount/system-data/etc/systemd |
410 | -cp -rav $tmp_core/etc/systemd/* \ |
411 | - $tmp_mount/system-data/etc/systemd/ |
412 | -umount $tmp_core |
413 | -rm -rf $tmp_core |
414 | - |
415 | -# system-user assertion which gives us our test:test user we use to |
416 | -# log into the system |
417 | -mkdir -p $tmp_mount/system-data/var/lib/snapd/seed/assertions |
418 | -cp test-user.assertion $tmp_mount/system-data/var/lib/snapd/seed/assertions |
419 | - |
420 | -# Disable console-conf for the first boot |
421 | -mkdir -p $tmp_mount/system-data/var/lib/console-conf/ |
422 | -touch $tmp_mount/system-data/var/lib/console-conf/complete |
423 | - |
424 | -# Create systemd service which is running on firstboot and sets up |
425 | -# various things for us. |
426 | -mkdir -p $tmp_mount/system-data/etc/systemd/system |
427 | -cat << 'EOF' > $tmp_mount/system-data/etc/systemd/system/devmode-firstboot.service |
428 | -[Unit] |
429 | -Description=Run devmode firstboot setup |
430 | -After=snapd.service snapd.socket |
431 | - |
432 | -[Service] |
433 | -Type=oneshot |
434 | -ExecStart=/writable/system-data/var/lib/devmode-firstboot/run.sh |
435 | -RemainAfterExit=yes |
436 | -TimeoutSec=3min |
437 | -EOF |
438 | - |
439 | -mkdir -p $tmp_mount/system-data/etc/systemd/system/multi-user.target.wants |
440 | -ln -sf /etc/systemd/system/devmode-firstboot.service \ |
441 | - $tmp_mount/system-data/etc/systemd/system/multi-user.target.wants/devmode-firstboot.service |
442 | - |
443 | -mkdir $tmp_mount/system-data/var/lib/devmode-firstboot |
444 | -cat << EOF > $tmp_mount/system-data/var/lib/devmode-firstboot/00-snapd-config.yaml |
445 | -network: |
446 | - version: 2 |
447 | - ethernets: |
448 | - eth0: |
449 | - dhcp4: true |
450 | -EOF |
451 | - |
452 | -cat << 'EOF' > $tmp_mount/system-data/var/lib/devmode-firstboot/run.sh |
453 | -#!/bin/bash |
454 | - |
455 | -set -e |
456 | - |
457 | -# Don't start again if we're already done |
458 | -if [ -e /writable/system-data/var/lib/devmode-firstboot/complete ] ; then |
459 | - exit 0 |
460 | -fi |
461 | - |
462 | -echo "Start devmode-firstboot $(date -Iseconds --utc)" |
463 | - |
464 | -if [ "$(snap managed)" = "true" ]; then |
465 | - echo "System already managed, exiting" |
466 | - exit 0 |
467 | -fi |
468 | - |
469 | -# no changes at all |
470 | -while ! snap changes ; do |
471 | - echo "No changes yet, waiting" |
472 | - sleep 1 |
473 | -done |
474 | - |
475 | -while snap changes | grep -qE '(Do|Doing) .*Initialize system state' ; do |
476 | - echo "Initialize system state is in progress, waiting" |
477 | - sleep 1 |
478 | -done |
479 | - |
480 | -if [ -n "$(snap known system-user)" ]; then |
481 | - echo "Trying to create known user" |
482 | - snap create-user --known --sudoer |
483 | -fi |
484 | - |
485 | -cp /writable/system-data/var/lib/devmode-firstboot/00-snapd-config.yaml /writable/system-data/etc/netplan |
486 | - |
487 | -# Enable console-conf again |
488 | -rm /writable/system-data/var/lib/console-conf/complete |
489 | - |
490 | -# Mark us done |
491 | -touch /writable/system-data/var/lib/devmode-firstboot/complete |
492 | - |
493 | -# Reboot the system as its now prepared for the user |
494 | -reboot |
495 | -EOF |
496 | - |
497 | -chmod +x $tmp_mount/system-data/var/lib/devmode-firstboot/run.sh |
498 | - |
499 | -umount $tmp_mount |
500 | -kpartx -d $image_name |
501 | -rm -rf $tmp_mount |
502 | diff --git a/tests/image/pc-model.json b/tests/image/pc-model.json |
503 | deleted file mode 100644 |
504 | index 2eb1411..0000000 |
505 | --- a/tests/image/pc-model.json |
506 | +++ /dev/null |
507 | @@ -1,11 +0,0 @@ |
508 | -{ |
509 | - "type": "model", |
510 | - "authority-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf", |
511 | - "brand-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf", |
512 | - "series": "16", |
513 | - "model": "pc", |
514 | - "architecture": "amd64", |
515 | - "gadget": "pc", |
516 | - "kernel": "pc-kernel", |
517 | - "timestamp": "2016-09-09T08:27:36+00:00" |
518 | -} |
519 | diff --git a/tests/image/pc.model b/tests/image/pc.model |
520 | deleted file mode 100644 |
521 | index 345b7e4..0000000 |
522 | --- a/tests/image/pc.model |
523 | +++ /dev/null |
524 | @@ -1,21 +0,0 @@ |
525 | -type: model |
526 | -authority-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf |
527 | -series: 16 |
528 | -brand-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf |
529 | -model: pc |
530 | -architecture: amd64 |
531 | -gadget: pc |
532 | -kernel: pc-kernel |
533 | -timestamp: 2016-09-09T08:27:36+00:00 |
534 | -sign-key-sha3-384: a4qX7md6GQGNcZc_cmWPBStTq4RNCnGTzF-4usF5wFylQ-xZQej-SD6prx8Yl89O |
535 | - |
536 | -AcLBXAQAAQoABgUCWBBNTwAKCRAVoE002xqmOPH/EACWLf1UeZgICjNbzLI5bO/84LExS8iUjarG |
537 | -S7DRn8Ln5zu44pxz7UXJNjULgnU8yuKVPVWg0ij7DRvaj8tGxOMMAls1fjSRtEYR8oJFsI3jXDGw |
538 | -cLjvJG/crUxV8DgdZFlF02Kb5VtmNDXs1OE3zpPeniG19JYHaf2hDz4SRmWZe4c2MFrAt2UwI/VC |
539 | -o/209Fl3qA8p8x5EYOBycgHooHm3924NTF9mXbKSfLRgGS7YzmN4FXFyiGOTY6CRsp37XnkxGcA1 |
540 | -+lyZz1X97qT/fOGVUFqHDqUZmuCs5sC3+DNonytTgKt5+7S+V+Ai45HEayD5f4gS9uscnTMTwEEJ |
541 | -VgSZRU0My+iJwFlXHaGWQe9eC37YCZ3ahBxc2SpkFffXjYhEMtTtr1vDIYCAhbc2k8aa3hPE2GUg |
542 | -3pv8zs1AuZzSVX+Rp4ysMBqU23UUVP6Bmvr7ZD3E8aEUxE6O/BEA10Km5oZPqpmBfcEVO8a0yZjn |
543 | -YQxn4XzY1Nwq1d0sJIV7FEDsq9dXH9QCa4qsCH3KG3jHv32GapvLf8mpr6HSH+JmPM5kNeVugLVy |
544 | -/RUAFNu+Y4hqhpRNC8fc+UDkVBXsLDqHb5gfXnhbFIH8LvpVFR20SSkg9/Km5xC+7wcey0h8SD6/ |
545 | -Eh70OPLxDkzitEn/1L/0V987dlJnhS4WpqrYfbHYwQ== |
546 | diff --git a/tests/image/test-user-assertion.json b/tests/image/test-user-assertion.json |
547 | deleted file mode 100644 |
548 | index 81f6beb..0000000 |
549 | --- a/tests/image/test-user-assertion.json |
550 | +++ /dev/null |
551 | @@ -1,13 +0,0 @@ |
552 | -{ |
553 | - "type": "system-user", |
554 | - "authority-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf", |
555 | - "brand-id": "4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf", |
556 | - "series": ["16"], |
557 | - "models": ["pc"], |
558 | - "name": "Default Test User", |
559 | - "username": "test", |
560 | - "email": "test@localhost", |
561 | - "password": "$6$OCvKy4w/Ppxp7IvC$WPzWiIW.4y18h9htjbOuxLZ.sjQ5M2hoSiEu3FpMU0PMdHQuQdBOqvk8p6DMdS/R/nU/rXidClD23CbSkSgp30", |
562 | - "since": "2016-10-24T07:12:10+00:00", |
563 | - "until": "2017-10-24T07:12:10+00:00" |
564 | -} |
565 | diff --git a/tests/image/test-user.assertion b/tests/image/test-user.assertion |
566 | deleted file mode 100644 |
567 | index 7ebb667..0000000 |
568 | --- a/tests/image/test-user.assertion |
569 | +++ /dev/null |
570 | @@ -1,25 +0,0 @@ |
571 | -type: system-user |
572 | -authority-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf |
573 | -brand-id: 4BKZlf4WMNBKgQfij0rftmp5BzDdVhlf |
574 | -email: test@localhost |
575 | -models: |
576 | - - pc |
577 | -name: Default Test User |
578 | -password: $6$OCvKy4w/Ppxp7IvC$WPzWiIW.4y18h9htjbOuxLZ.sjQ5M2hoSiEu3FpMU0PMdHQuQdBOqvk8p6DMdS/R/nU/rXidClD23CbSkSgp30 |
579 | -series: |
580 | - - 16 |
581 | -since: 2016-10-24T07:12:10+00:00 |
582 | -until: 2017-10-24T07:12:10+00:00 |
583 | -username: test |
584 | -sign-key-sha3-384: a4qX7md6GQGNcZc_cmWPBStTq4RNCnGTzF-4usF5wFylQ-xZQej-SD6prx8Yl89O |
585 | - |
586 | -AcLBXAQAAQoABgUCWBBOJAAKCRAVoE002xqmOKaRD/0cEKWb2nbwhk+BTgOrYZHrwzjbIWTZznDh |
587 | -xCD6JWF/yr9br1vEmRz2zCNPPWZgFH9HaJ+mT/lktWIs7VVMIdwMDWYOR8P9rdWM/Jx6iyB3z0OI |
588 | -YO31zaU4XLyolv/YSj/nFXMMD+jIeE4l8j4AtCSJwd7ZS9Jz8F/RfrD8EpG0JU1F55lq8MC0mjZ4 |
589 | -ul5ws8k9UiP8nA5IAG30NvvReiUGYqtdkO43eQmy88WABL95MbFsbfEk4/VduG0Gt3y/T8vDDcF6 |
590 | -NJEm8L+O9IXnPBAje0Ve0NX3YtOE3CDTkYRKR7xFFJq2cJVCSvf9CsorREg4KyfagIdMKDSa5Tiq |
591 | -FzoAJTfI0ltq5cAnLImtxFKulJ+AnGUNMLrKFr1H0FGtqTZBfs/PcIxy0qY0YDXSF4/9F2PUBdQS |
592 | -tSmN6pT9t1FCGy2Rf5n3QV4e0R2JzS6Kx+vdbPMYqhssQosLU5GwlWj8UbevtphAGf8u8nLBDYWs |
593 | -MNIPi0IrPmzIewZBD05A6a8T+oHZ9dIg5SAnJ4gmz0sCzNDKarvYqLpcU1rZzu78/UypbHXDvBAt |
594 | -gnxYpD6WHR2aHSeyx3WvOp130jFco2/55M0RTEm50isO1uv2DqTn9ULkBdCrG/zOqEmZgY18ds3P |
595 | -yTaAbaIAqUe7scpAHY0a31tfnXq8cRyEX03e9g2Mrg== |
596 | diff --git a/tests/lib/prepare-all.sh b/tests/lib/prepare-all.sh |
597 | index 80be76f..cdb1b80 100644 |
598 | --- a/tests/lib/prepare-all.sh |
599 | +++ b/tests/lib/prepare-all.sh |
600 | @@ -6,14 +6,14 @@ if [ -n "$SNAP_CHANNEL" ] ; then |
601 | exit 0 |
602 | fi |
603 | |
604 | -# Setup classic snap and build the tpm2 snap in there |
605 | +# Set up classic snap and build the tpm2 snap in there |
606 | snap install --devmode --beta classic |
607 | cat <<-EOF > /home/test/build-snap.sh |
608 | #!/bin/sh |
609 | set -ex |
610 | apt update |
611 | apt install -y --force-yes snapcraft |
612 | -cd /home/tpm2 |
613 | +cd ${PROJECT_PATH} |
614 | snapcraft clean |
615 | snapcraft |
616 | EOF |
617 | @@ -22,4 +22,4 @@ sudo classic /home/test/build-snap.sh |
618 | snap remove classic |
619 | |
620 | # Make sure we have a snap build |
621 | -test -e /home/tpm2/tpm2_*_amd64.snap |
622 | +test -e ${PROJECT_PATH}/${SNAP_NAME}_*_${SNAP_ARCH}.snap |
623 | diff --git a/tests/lib/prepare.sh b/tests/lib/prepare.sh |
624 | index 2fd3d79..e14a9b2 100644 |
625 | --- a/tests/lib/prepare.sh |
626 | +++ b/tests/lib/prepare.sh |
627 | @@ -1,5 +1,7 @@ |
628 | #!/bin/bash |
629 | |
630 | +. $TESTSLIB/utilities.sh |
631 | + |
632 | echo "Wait for firstboot change to be ready" |
633 | while ! snap changes | grep -q "Done"; do |
634 | snap changes || true |
635 | @@ -21,28 +23,12 @@ done |
636 | echo "Kernel has a store revision" |
637 | snap list | grep ^${kernel_name} | grep -E " [0-9]+\s+canonical" |
638 | |
639 | -# If we don't install tpm2 here we get a system |
640 | -# without any network connectivity after reboot. |
641 | -if [ -n "$SNAP_CHANNEL" ] ; then |
642 | - # Don't reinstall if we have it installed already |
643 | - if ! snap list | grep tpm2 ; then |
644 | - snap install --$SNAP_CHANNEL tpm2 |
645 | - fi |
646 | -else |
647 | - # Install prebuilt tpm2 snap |
648 | - snap install --dangerous /home/tpm2/tpm2_*_amd64.snap |
649 | - # As we have a snap which we build locally its unasserted and therefor |
650 | - # we don't have any snap-declarations in place and need to manually |
651 | - # connect all plugs. |
652 | - snap connect tpm2:tpm core:tpm |
653 | - snap connect tpm2:network core:network |
654 | - snap connect tpm2:network-bind core:network-bind |
655 | -fi |
656 | +install_snap_under_test |
657 | |
658 | # Snapshot of the current snapd state for a later restore |
659 | if [ ! -f $SPREAD_PATH/snapd-state.tar.gz ] ; then |
660 | systemctl stop snapd.service snapd.socket |
661 | - tar czf $SPREAD_PATH/snapd-state.tar.gz /var/lib/snapd /etc/netplan |
662 | + tar czf $SPREAD_PATH/snapd-state.tar.gz /var/lib/snapd |
663 | systemctl start snapd.socket |
664 | fi |
665 | |
666 | diff --git a/tests/lib/utilities.sh b/tests/lib/utilities.sh |
667 | new file mode 100644 |
668 | index 0000000..03e29dc |
669 | --- /dev/null |
670 | +++ b/tests/lib/utilities.sh |
671 | @@ -0,0 +1,39 @@ |
672 | +#!/bin/sh |
673 | + |
674 | +wait_for_systemd_service() { |
675 | + while ! systemctl status $1 ; do |
676 | + sleep 1 |
677 | + done |
678 | + sleep 1 |
679 | +} |
680 | + |
681 | +wait_for_systemd_service_exit() { |
682 | + while systemctl status $1 ; do |
683 | + sleep 1 |
684 | + done |
685 | + sleep 1 |
686 | +} |
687 | + |
688 | +install_snap_under_test() { |
689 | + # If we don't install the snap here we get a system |
690 | + # without any network connectivity after reboot. |
691 | + if [ -n "$SNAP_CHANNEL" ] ; then |
692 | + # Don't reinstall if we have it installed already |
693 | + if ! snap list | grep $SNAP_NAME ; then |
694 | + snap install --$SNAP_CHANNEL $SNAP_NAME |
695 | + fi |
696 | + else |
697 | + # Install prebuilt snap |
698 | + snap install --dangerous ${PROJECT_PATH}/${SNAP_NAME}_*_${SNAP_ARCH}.snap |
699 | + # As we have a snap which we build locally it's unasserted and therefore |
700 | + # we don't have any snap-declarations in place and need to manually |
701 | + # connect all plugs. |
702 | + for plug in $SNAP_AUTOCONNECT_CORE_PLUGS ; do |
703 | + snap connect ${SNAP_NAME}:${plug} core |
704 | + done |
705 | + # Setup all necessary aliases |
706 | + for alias in $SNAP_AUTO_ALIASES ; do |
707 | + snap alias $SNAP_NAME $alias |
708 | + done |
709 | + fi |
710 | +} |
711 | diff --git a/tests/main/installation/task.yaml b/tests/main/installation/task.yaml |
712 | index aaddf25..f47e701 100644 |
713 | --- a/tests/main/installation/task.yaml |
714 | +++ b/tests/main/installation/task.yaml |
715 | @@ -5,3 +5,36 @@ execute: | |
716 | snap interfaces | grep -Pzq ":tpm +tpm2" |
717 | snap interfaces | grep -Pzq ":network +tpm2" |
718 | snap interfaces | grep -Pzq ":network-bind +tpm2" |
719 | + |
720 | + # Verify aliases are set up |
721 | + test -x /snap/bin/tpm2_activatecredential |
722 | + test -x /snap/bin/tpm2_akparse |
723 | + test -x /snap/bin/tpm2_certify |
724 | + test -x /snap/bin/tpm2_create |
725 | + test -x /snap/bin/tpm2_createprimary |
726 | + test -x /snap/bin/tpm2_encryptdecrypt |
727 | + test -x /snap/bin/tpm2_evictcontrol |
728 | + test -x /snap/bin/tpm2_getmanufec |
729 | + test -x /snap/bin/tpm2_getpubak |
730 | + test -x /snap/bin/tpm2_getpubek |
731 | + test -x /snap/bin/tpm2_getrandom |
732 | + test -x /snap/bin/tpm2_hash |
733 | + test -x /snap/bin/tpm2_hmac |
734 | + test -x /snap/bin/tpm2_listpcrs |
735 | + test -x /snap/bin/tpm2_load |
736 | + test -x /snap/bin/tpm2_loadexternal |
737 | + test -x /snap/bin/tpm2_makecredential |
738 | + test -x /snap/bin/tpm2_nvdefine |
739 | + test -x /snap/bin/tpm2_nvlist |
740 | + test -x /snap/bin/tpm2_nvread |
741 | + test -x /snap/bin/tpm2_nvrelease |
742 | + test -x /snap/bin/tpm2_nvwrite |
743 | + test -x /snap/bin/tpm2_quote |
744 | + test -x /snap/bin/tpm2_rc_decode |
745 | + test -x /snap/bin/tpm2_readpublic |
746 | + test -x /snap/bin/tpm2_rsadecrypt |
747 | + test -x /snap/bin/tpm2_rsaencrypt |
748 | + test -x /snap/bin/tpm2_sign |
749 | + test -x /snap/bin/tpm2_takeownership |
750 | + test -x /snap/bin/tpm2_unseal |
751 | + test -x /snap/bin/tpm2_verifysignature |
FAILED: Continuous integration, rev:be6844ffc26 db60cc653f31bcc 3ae15c5697b37a /jenkins. canonical. com/system- enablement/ job/generic- build-snap/ 870/ /jenkins. canonical. com/system- enablement/ job/generic- run-snap- spread- tests/581/ console /jenkins. canonical. com/system- enablement/ job/generic- update- snap-mp/ 778/console
https:/
Executed test runs:
FAILURE: https:/
None: https:/
Click here to trigger a rebuild: /jenkins. canonical. com/system- enablement/ job/generic- build-snap/ 870/rebuild
https:/