ci: add Image Mode test automation without Packit #770
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
mcattamoredhat
force-pushed
the
add-ci-make-rpm-2
branch
from
ff2a7b4 to
839d050
Compare
|
@yih-redhat can you review this please? |
mcattamoredhat
force-pushed
the
add-ci-make-rpm-2
branch
from
839d050 to
1afca9e
Compare
test/fmf/tests/fdo-bootc.sh
Outdated
|
|
||
| # Manufacturing server setup | ||
| # Clone downstream repo custom branch (fdo simplified installer setup skipping disk encryption) | ||
| git clone -b fdo-man-server-infra https://github.com/mcattamoredhat/rhel-edge.git && cd rhel-edge |
There was a problem hiding this comment.
I don't like using personal git repos as place to host code we are using more broadly.
Could we create a specific branch under https://github.com/virt-s1/rhel-edge that could contain these modifications?
Longer term, I also worry about keeping the modified version of the test in sync with the main version. Can we explore a way to not have to use this fork/modified version as a future piece of work?
There was a problem hiding this comment.
Agreed, ultimately anything forked for the short term should have a route back upstream to reduce ongoing rebasing, but in the short term we could also have a repo in this org if a PR to get it back upstream isn't possible. It would be good to have the details of the options documented in this ticket or somewhere public.
test/fmf/tests/fdo-bootc.sh
Outdated
| user --name=admin --groups=wheel --iscrypted --password=\$6\$1LgwKw9aOoAi/Zy9\$Pn3ErY1E8/yEanJ98evqKEW.DZp24HTuqXPJl6GYCm8uuobAmwxLv7rGCvTRZhxtcYdmC0.XnYRSR9Sh6de3p0 | ||
| sshkey --username=admin "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCzxo5dEcS+LDK/OFAfHo6740EyoDM8aYaCkBala0FnWfMMTOq7PQe04ahB0eFLS3IlQtK5bpgzxBdFGVqF6uT5z4hhaPjQec0G3+BD5Pxo6V+SxShKZo+ZNGU3HVrF9p2V7QH0YFQj5B8F6AicA3fYh2BVUFECTPuMpy5A52ufWu0r4xOFmbU7SIhRQRAQz2u4yjXqBsrpYptAvyzzoN4gjUhNnwOHSPsvFpWoBFkWmqn0ytgHg3Vv9DlHW+45P02QH1UFedXR2MqLnwRI30qqtaOkVS+9rE/dhnR+XPpHHG+hv2TgMDAuQ3IK7Ab5m/yCbN73cxFifH4LST0vVG3Jx45xn+GTeHHhfkAfBSCtya6191jixbqyovpRunCBKexI5cfRPtWOitM3m7Mq26r7LpobMM+oOLUm4p0KKNIthWcmK9tYwXWSuGGfUQ+Y8gt7E0G06ZGbCPHOrxJ8lYQqXsif04piONPA/c9Hq43O99KPNGShONCS9oPFdOLRT3U= ostree-image-test" |
There was a problem hiding this comment.
Is it possible to configure the password and ssh key as secrets that can be injected when the test is run?
There was a problem hiding this comment.
Personally, I would generate the ssh key pair for each test unless the SSH_KEY var is defined but we can leave that for a follow up PR.
mcattamoredhat
force-pushed
the
add-ci-make-rpm-2
branch
from
1afca9e to
82e3cbd
Compare
|
@mcattamoredhat Hi, I am not familiar with the tmt structure in this pr (it's different than what I did before), just wondering if the workflow can find the tmt plan/tests and trigger test script properly? |
@yih-redhat This is because The workflow is able to discover tmt plans/tests thanks to |
|
Pulled this down and built successfully on my local machine. Thanks for fixing that minor nit too. It looks like there's a couple of clippy/spelling issues but otherwise LGTM. (I see the dev container and triage failures too but I think those are unrelated, someone please correct me if I'm wrong though.) |
This is an approach to add Image Mode RHEL-10 ci tests without using Packit, and making rpm packages within the testing farm spawned VM instead.
The reason to proceed without Packit is to circumvent the difficulty of handling environment secrets, that implies encrypting needed secrets in every fork that opens a pull request against upstream repository.