diff --git a/.vib/odoo/13/vib-publish.json b/.vib/odoo/13/vib-publish.json deleted file mode 100644 index 1e2aad8ef471..000000000000 --- a/.vib/odoo/13/vib-publish.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "context": { - "resources": { - "url": "{VIB_ENV_CONTAINER_URL}", - "path": "{VIB_ENV_PATH}" - } - }, - "phases": { - "package": { - "actions": [ - { - "action_id": "container-image-package", - "params": { - "application": { - "details": { - "name": "{VIB_ENV_CONTAINER}", - "tag": "{VIB_ENV_TAG}" - } - }, - "architectures": [ - "linux/amd64" - ] - } - }, - { - "action_id": "container-image-lint", - "params": { - "threshold": "error" - } - } - ] - }, - "verify": { - "actions": [ - { - "action_id": "trivy", - "params": { - "threshold": "CRITICAL", - "vuln_type": [ - "OS" - ] - } - }, - { - "action_id": "grype", - "params": { - "threshold": "CRITICAL", - "package_type": [ - "OS" - ] - } - }, - { - "action_id": "osspi-application", - "params": { - "additional_packages_file": "osspi-packages-amd64.json", - "scan_type": "BASE_OS", - "osm": { - "associated_bossd_release": "{VIB_ENV_BOSSD_RELEASE_ID}", - "product_name": "main-catalog-{VIB_ENV_CONTAINER}", - "product_version": "{VIB_ENV_APP_VERSION}-{VIB_ENV_OS_FLAVOUR}-container" - }, - "resources": { - "url": "{VIB_ENV_PACKAGES_JSON_URL}", - "path": "/{VIB_ENV_PATH}", - "authn": { - "header": "Authorization", - "token": "Bearer {VIB_ENV_GITHUB_TOKEN}" - } - } - } - } - ] - }, - "publish": { - "actions": [ - { - "action_id": "container-image-publish", - "params": { - "metadata": { - "tags": {VIB_ENV_ROLLING_TAGS} - }, - "repository": { - "kind": "OCI", - "url": "{VIB_ENV_REGISTRY_URL}", - "authn": { - "username": "{VIB_ENV_REGISTRY_USERNAME}", - "password": "{VIB_ENV_REGISTRY_PASSWORD}" - } - } - } - } - ] - } - } -} diff --git a/.vib/odoo/14/vib-publish.json b/.vib/odoo/14/vib-publish.json index 1e2aad8ef471..8e414e9069bb 100644 --- a/.vib/odoo/14/vib-publish.json +++ b/.vib/odoo/14/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -32,6 +33,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "odoo/goss/goss.yaml", + "vars_file": "odoo/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-odoo" + } + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/odoo/goss/goss.yaml b/.vib/odoo/goss/goss.yaml new file mode 100644 index 000000000000..1bff28692331 --- /dev/null +++ b/.vib/odoo/goss/goss.yaml @@ -0,0 +1,13 @@ +gossfile: + # Goss tests exclusive to the current container + ../../odoo/goss/odoo.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-app-version.yaml: {} + ../../common/goss/templates/check-binaries.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-directories.yaml: {} + ../../common/goss/templates/check-files.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} + ../../common/goss/templates/check-spdx.yaml: {} diff --git a/.vib/odoo/goss/odoo.yaml b/.vib/odoo/goss/odoo.yaml new file mode 100644 index 000000000000..377b66a85350 --- /dev/null +++ b/.vib/odoo/goss/odoo.yaml @@ -0,0 +1,12 @@ +command: + check-virtualenv: + exec: bash -c '. /opt/bitnami/odoo/venv/bin/activate; pip install tool; pip uninstall -y tool' + exit-status: 0 + stdout: + - /Successfully installed.* tool-/ +group: + odoo: + exists: true +user: + odoo: + exists: true diff --git a/.vib/odoo/goss/vars.yaml b/.vib/odoo/goss/vars.yaml new file mode 100644 index 000000000000..976f66f56718 --- /dev/null +++ b/.vib/odoo/goss/vars.yaml @@ -0,0 +1,31 @@ +binaries: + - node + - odoo-bin + - psql + - python + - render-template +directories: + - mode: "0775" + paths: + - /bitnami/odoo + - /opt/bitnami/odoo/addons + - /opt/bitnami/odoo/conf + - /opt/bitnami/odoo/data + - /opt/bitnami/odoo/log + - /opt/bitnami/odoo/tmp/pids +files: + - paths: + - /opt/bitnami/odoo/package.json +linked_libraries: + exclude_paths: + # Ignore binaries bundled within Python libs + - .*\/lib\/python[0-9.]*\/site-packages\/.*\.libs\/lib.*\.so\..* +sed_in_place: + exclude_paths: + # Ignore Odoo scripts from upstream + - \/opt\/bitnami\/odoo\/lib\/.* +root_dir: /opt/bitnami +version: + bin_name: odoo + # Convert the version format to the one used by the APP_VERSION environment variable + flag: --version | sed -E 's/([0-9]+\.[0-9]+)-([0-9]+)/\1.\2/' diff --git a/.vib/odoo/vib-publish.json b/.vib/odoo/vib-publish.json index 8b6fe8eab4e6..472aaa9a438c 100644 --- a/.vib/odoo/vib-publish.json +++ b/.vib/odoo/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -33,6 +34,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "odoo/goss/goss.yaml", + "vars_file": "odoo/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-odoo" + } + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/odoo/vib-verify.json b/.vib/odoo/vib-verify.json index a34e8aee9161..0a91097d4f14 100644 --- a/.vib/odoo/vib-verify.json +++ b/.vib/odoo/vib-verify.json @@ -3,7 +3,8 @@ "resources": { "url": "{SHA_ARCHIVE}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -29,6 +30,21 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "odoo/goss/goss.yaml", + "vars_file": "odoo/goss/vars.yaml", + "remote": { + "pod": { + "workload": "deploy-odoo" + } + } + } + }, { "action_id": "trivy", "params": {