diff --git a/test/browser/browser.sh b/test/browser/browser.sh index 1534d93..9db41ab 100755 --- a/test/browser/browser.sh +++ b/test/browser/browser.sh @@ -1,25 +1,14 @@ -#!/bin/sh set -eux -export TEST_BROWSER=${TEST_BROWSER:-firefox} - -TESTS="$(realpath $(dirname "$0"))" -export SOURCE="$(realpath $TESTS/../..)" -export LOGS="${TMT_TEST_DATA:-$(pwd)/logs}" -mkdir -p "$LOGS" -chmod a+w "$LOGS" +cd "${0%/*}/../.." # HACK: https://bugzilla.redhat.com/show_bug.cgi?id=2033020 dnf update -y pam || true -# install firefox (available everywhere in Fedora and RHEL) -# we don't need the H.264 codec, and it is sometimes not available (rhbz#2005760) -dnf install --disablerepo=fedora-cisco-openh264 -y --setopt=install_weak_deps=False firefox - -# nodejs 10 is too old for current Cockpit test API -if grep -q platform:el8 /etc/os-release; then - dnf module switch-to -y nodejs:16 -fi +# allow test to set up things on the machine +mkdir -p /root/.ssh +curl https://raw.githubusercontent.com/cockpit-project/bots/main/machine/identity.pub >> /root/.ssh/authorized_keys +chmod 600 /root/.ssh/authorized_keys # create user account for logging in if ! id admin 2>/dev/null; then @@ -33,25 +22,19 @@ echo root:foobar | chpasswd # avoid sudo lecture during tests su -c 'echo foobar | sudo --stdin whoami' - admin -# create user account for running the test -if ! id runtest 2>/dev/null; then - useradd -c 'Test runner' runtest - # allow test to set up things on the machine - mkdir -p /root/.ssh - curl https://raw.githubusercontent.com/cockpit-project/bots/main/machine/identity.pub >> /root/.ssh/authorized_keys - chmod 600 /root/.ssh/authorized_keys -fi -chown -R runtest "$SOURCE" - # disable core dumps, we rather investigate them upstream where test VMs are accessible echo core > /proc/sys/kernel/core_pattern -systemctl enable --now cockpit.socket +sh test/vm.install -# Run tests as unprivileged user -# once we drop support for RHEL 8, use this: -# runuser -u runtest --whitelist-environment=TEST_BROWSER,TEST_ALLOW_JOURNAL_MESSAGES,TEST_AUDIT_NO_SELINUX,SOURCE,LOGS $TESTS/run-test.sh -runuser -u runtest --preserve-environment env USER=runtest HOME=$(getent passwd runtest | cut -f6 -d:) $TESTS/run-test.sh - -RC=$(cat $LOGS/exitcode) -exit ${RC:-1} +# Run tests in the cockpit tasks container, as unprivileged user +CONTAINER="$(cat .cockpit-ci/container)" +exec podman \ + run \ + --rm \ + --shm-size=1024m \ + --security-opt=label=disable \ + --volume="${TMT_TEST_DATA}":/logs:rw,U --env=LOGS=/logs \ + --volume="$(pwd)":/source:rw,U --env=SOURCE=/source \ + "${CONTAINER}" \ + sh /source/test/browser/run-test.sh diff --git a/test/browser/main.fmf b/test/browser/main.fmf index d2dddd6..1e575ab 100644 --- a/test/browser/main.fmf +++ b/test/browser/main.fmf @@ -2,14 +2,9 @@ summary: Run browser integration tests on the host require: - cockpit-starter-kit + - podman - cockpit-ws - cockpit-system - - bzip2 - - git-core - glibc-langpack-de - - libvirt-python3 - - make - - npm - - python3 test: ./browser.sh duration: 60m diff --git a/test/browser/run-test.sh b/test/browser/run-test.sh old mode 100755 new mode 100644 index bec6e46..c67193e --- a/test/browser/run-test.sh +++ b/test/browser/run-test.sh @@ -1,8 +1,8 @@ -#!/bin/sh set -eux +cd "${SOURCE}" + # tests need cockpit's bots/ libraries and test infrastructure -cd $SOURCE git init rm -f bots # common local case: existing bots symlink make bots test/common @@ -33,10 +33,15 @@ EXCLUDES="" echo "TEST_ALLOW_JOURNAL_MESSAGES: ${TEST_ALLOW_JOURNAL_MESSAGES:-}" echo "TEST_AUDIT_NO_SELINUX: ${TEST_AUDIT_NO_SELINUX:-}" +GATEWAY="$(python3 -c 'import socket; print(socket.gethostbyname("_gateway"))')" RC=0 -test/common/run-tests --nondestructive --machine 127.0.0.1:22 --browser 127.0.0.1:9090 $EXCLUDES || RC=$? +./test/common/run-tests \ + --nondestructive \ + --machine "${GATEWAY}":22 \ + --browser "${GATEWAY}":9090 \ + $EXCLUDES \ +|| RC=$? echo $RC > "$LOGS/exitcode" cp --verbose Test* "$LOGS" || true -# deliver test result via exitcode file -exit 0 +exit $RC diff --git a/test/vm.install b/test/vm.install index 7f3d134..7df33c4 100644 --- a/test/vm.install +++ b/test/vm.install @@ -1,9 +1,10 @@ #!/bin/sh # image-customize script to prepare a bots VM for testing this application # The application package will be installed separately -set -eu +set -eux # don't force https:// (self-signed cert) +mkdir -p /etc/cockpit printf "[WebService]\\nAllowUnencrypted=true\\n" > /etc/cockpit/cockpit.conf if type firewall-cmd >/dev/null 2>&1; then