From c3cdb610a4a65fe55bbcd41c219b178621bc83bc Mon Sep 17 00:00:00 2001 From: Francisco de Paz Galan Date: Thu, 9 Feb 2023 17:04:36 +0100 Subject: [PATCH] [bitnami/mariadb] Add VIB tests (#23253) * [bitnami/mariadb] Add VIB tests Signed-off-by: FraPazGal * Remove VIB trigger Signed-off-by: FraPazGal * Avoid using BITNAMI_APP_NAME env for asset test files Signed-off-by: FraPazGal --------- Signed-off-by: FraPazGal --- .../goss/scripts/check-linked-libraries.sh | 11 +++++++++++ .vib/common/goss/scripts/check-sed-in-place.sh | 11 +++++++++++ .../goss/templates/check-app-version.yaml | 12 ++++++++++++ .../goss/templates/check-broken-symlinks.yaml | 9 +++++++++ .vib/common/goss/templates/check-ca-certs.yaml | 7 +++++++ .../templates/check-components-binaries.yaml | 11 +++++++++++ .../check-components-directories.yaml | 11 +++++++++++ .../goss/templates/check-components-files.yaml | 11 +++++++++++ .../check-directories-permissions.yaml | 17 +++++++++++++++++ .../goss/templates/check-linked-libraries.yaml | 9 +++++++++ .../goss/templates/check-sed-in-place.yaml | 10 ++++++++++ .vib/mariadb/10.3/vib-publish.json | 16 +++++++++++++++- .vib/mariadb/10.4/vib-publish.json | 16 +++++++++++++++- .vib/mariadb/goss/goss.yaml | 11 +++++++++++ .vib/mariadb/goss/templates/mariadb.yaml | 16 ++++++++++++++++ .vib/mariadb/goss/vars.yaml | 18 ++++++++++++++++++ .vib/mariadb/vib-publish.json | 16 +++++++++++++++- .vib/mariadb/vib-verify.json | 18 ++++++++++++++++-- 18 files changed, 225 insertions(+), 5 deletions(-) create mode 100755 .vib/common/goss/scripts/check-linked-libraries.sh create mode 100755 .vib/common/goss/scripts/check-sed-in-place.sh create mode 100644 .vib/common/goss/templates/check-app-version.yaml create mode 100644 .vib/common/goss/templates/check-broken-symlinks.yaml create mode 100644 .vib/common/goss/templates/check-ca-certs.yaml create mode 100644 .vib/common/goss/templates/check-components-binaries.yaml create mode 100644 .vib/common/goss/templates/check-components-directories.yaml create mode 100644 .vib/common/goss/templates/check-components-files.yaml create mode 100644 .vib/common/goss/templates/check-directories-permissions.yaml create mode 100644 .vib/common/goss/templates/check-linked-libraries.yaml create mode 100644 .vib/common/goss/templates/check-sed-in-place.yaml create mode 100644 .vib/mariadb/goss/goss.yaml create mode 100644 .vib/mariadb/goss/templates/mariadb.yaml create mode 100644 .vib/mariadb/goss/vars.yaml diff --git a/.vib/common/goss/scripts/check-linked-libraries.sh b/.vib/common/goss/scripts/check-linked-libraries.sh new file mode 100755 index 000000000000..3c8502d8b1b1 --- /dev/null +++ b/.vib/common/goss/scripts/check-linked-libraries.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +mapfile -t files < <( find "$BITNAMI_ROOT_DIR"/"$BITNAMI_APP_NAME" "$BITNAMI_ROOT_DIR"/common -type f -executable ) + +for file in "${files[@]}"; do + [[ $(ldd "$file" | grep -c "not found") -eq 0 ]] || exit 1 +done diff --git a/.vib/common/goss/scripts/check-sed-in-place.sh b/.vib/common/goss/scripts/check-sed-in-place.sh new file mode 100755 index 000000000000..d7c89f754179 --- /dev/null +++ b/.vib/common/goss/scripts/check-sed-in-place.sh @@ -0,0 +1,11 @@ +#!/bin/bash + +set -o errexit +set -o nounset +set -o pipefail + +mapfile -t files < <( find /bitnami "$BITNAMI_ROOT_DIR" -name '*.sh' ) + +for file in "${files[@]}"; do + [[ $(grep -cE "sed -i|sed --in-place" "$file") -eq 0 ]] || exit 1 +done diff --git a/.vib/common/goss/templates/check-app-version.yaml b/.vib/common/goss/templates/check-app-version.yaml new file mode 100644 index 000000000000..29dc25dad722 --- /dev/null +++ b/.vib/common/goss/templates/check-app-version.yaml @@ -0,0 +1,12 @@ +######################## +# Checks asset version via its binary +# Needed vars: +# - .Vars.version.bin_name (String) +# - .Vars.version.flag (String) +######################## +command: + check-app-version: + exec: {{ .Vars.version.bin_name }} {{ .Vars.version.flag }} + exit-status: 0 + stdout: + - {{ .Env.APP_VERSION }} diff --git a/.vib/common/goss/templates/check-broken-symlinks.yaml b/.vib/common/goss/templates/check-broken-symlinks.yaml new file mode 100644 index 000000000000..949a14a1a0e1 --- /dev/null +++ b/.vib/common/goss/templates/check-broken-symlinks.yaml @@ -0,0 +1,9 @@ +######################## +# Checks there are no broken symlinks in the components folders +# Needed vars: +# - .Vars.root_dir (String) +######################## +command: + check-broken-symlinks: + exec: if [ $(find {{ .Vars.root_dir }} -xtype l | wc -l) -gt 0 ]; then exit 1; fi + exit-status: 0 diff --git a/.vib/common/goss/templates/check-ca-certs.yaml b/.vib/common/goss/templates/check-ca-certs.yaml new file mode 100644 index 000000000000..e4cc79cc0533 --- /dev/null +++ b/.vib/common/goss/templates/check-ca-certs.yaml @@ -0,0 +1,7 @@ +######################## +# Checks the ca-certificates package +# is installed accesing an HTTPS URL +######################## +http: + https://www.bitnami.com: + status: 200 diff --git a/.vib/common/goss/templates/check-components-binaries.yaml b/.vib/common/goss/templates/check-components-binaries.yaml new file mode 100644 index 000000000000..2aba2424206d --- /dev/null +++ b/.vib/common/goss/templates/check-components-binaries.yaml @@ -0,0 +1,11 @@ +######################## +# Checks components binaries are added to the $PATH +# Needed vars: +# - .Vars.components.binaries (Array) +######################## +command: + {{ range $binary := .Vars.components.binaries }} + check-{{ $binary }}-binary: + exec: which {{ $binary }} + exit-status: 0 + {{ end }} diff --git a/.vib/common/goss/templates/check-components-directories.yaml b/.vib/common/goss/templates/check-components-directories.yaml new file mode 100644 index 000000000000..f28ee37aae9f --- /dev/null +++ b/.vib/common/goss/templates/check-components-directories.yaml @@ -0,0 +1,11 @@ +######################## +# Checks components directories exist +# Needed vars: +# - .Vars.components.directories (Array) +######################## +file: + {{ range $directory := .Vars.components.directories }} + {{ $directory }}: + exists: true + filetype: directory + {{ end }} diff --git a/.vib/common/goss/templates/check-components-files.yaml b/.vib/common/goss/templates/check-components-files.yaml new file mode 100644 index 000000000000..67645885d3d2 --- /dev/null +++ b/.vib/common/goss/templates/check-components-files.yaml @@ -0,0 +1,11 @@ +######################## +# Checks components files exist +# Needed vars: +# - .Vars.components.files (Array) +######################## +file: + {{ range $file := .Vars.components.files }} + {{ $file }}: + exists: true + filetype: file + {{ end }} diff --git a/.vib/common/goss/templates/check-directories-permissions.yaml b/.vib/common/goss/templates/check-directories-permissions.yaml new file mode 100644 index 000000000000..e0cad8d67b46 --- /dev/null +++ b/.vib/common/goss/templates/check-directories-permissions.yaml @@ -0,0 +1,17 @@ +######################## +# Checks directories permissions, usually changed in the postunpack stage +# Needed vars: +# - .Vars.filesystem (Array) +# - .Vars.filesystem.directories (Array) +# - .Vars.filesystem.mode (String) +######################## +file: + {{ range .Vars.filesystem }} + {{ $mode := .mode }} + {{ range $directory := .directories }} + {{ $directory }}: + exists: true + filetype: directory + mode: "{{ $mode }}" + {{ end }} + {{ end }} diff --git a/.vib/common/goss/templates/check-linked-libraries.yaml b/.vib/common/goss/templates/check-linked-libraries.yaml new file mode 100644 index 000000000000..6d22576dd9fa --- /dev/null +++ b/.vib/common/goss/templates/check-linked-libraries.yaml @@ -0,0 +1,9 @@ +######################## +# Check components executables have no missing linked libraries +# Needed vars: +# - .Vars.root_dir +######################## +command: + check-linked-libraries: + exec: export BITNAMI_ROOT_DIR={{ .Vars.root_dir }} && ./common/goss/scripts/check-linked-libraries.sh + exit-status: 0 diff --git a/.vib/common/goss/templates/check-sed-in-place.yaml b/.vib/common/goss/templates/check-sed-in-place.yaml new file mode 100644 index 000000000000..c28be4eeeb05 --- /dev/null +++ b/.vib/common/goss/templates/check-sed-in-place.yaml @@ -0,0 +1,10 @@ +######################## +# Checks components scripts do not have calls +# to sed commands with the in-place argument +# Needed vars: +# - .Vars.root_dir +######################## +command: + check-sed-in-place: + exec: export BITNAMI_ROOT_DIR={{ .Vars.root_dir }} && ./common/goss/scripts/check-sed-in-place.sh + exit-status: 0 diff --git a/.vib/mariadb/10.3/vib-publish.json b/.vib/mariadb/10.3/vib-publish.json index c3b18078c0ce..e9f7e1222321 100644 --- a/.vib/mariadb/10.3/vib-publish.json +++ b/.vib/mariadb/10.3/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -32,6 +33,19 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "mariadb/goss/goss.yaml", + "vars_file": "mariadb/goss/vars.yaml", + "remote": { + "workload": "deploy-mariadb" + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/mariadb/10.4/vib-publish.json b/.vib/mariadb/10.4/vib-publish.json index c3b18078c0ce..e9f7e1222321 100644 --- a/.vib/mariadb/10.4/vib-publish.json +++ b/.vib/mariadb/10.4/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -32,6 +33,19 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "mariadb/goss/goss.yaml", + "vars_file": "mariadb/goss/vars.yaml", + "remote": { + "workload": "deploy-mariadb" + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/mariadb/goss/goss.yaml b/.vib/mariadb/goss/goss.yaml new file mode 100644 index 000000000000..6301ce9cdcef --- /dev/null +++ b/.vib/mariadb/goss/goss.yaml @@ -0,0 +1,11 @@ +gossfile: + # Goss tests exclusive to the current container + ../../mariadb/goss/templates/mariadb.yaml: {} + # Load scripts from .vib/common/goss/templates + ../../common/goss/templates/check-app-version.yaml: {} + ../../common/goss/templates/check-broken-symlinks.yaml: {} + ../../common/goss/templates/check-ca-certs.yaml: {} + ../../common/goss/templates/check-components-binaries.yaml: {} + ../../common/goss/templates/check-directories-permissions.yaml: {} + ../../common/goss/templates/check-linked-libraries.yaml: {} + ../../common/goss/templates/check-sed-in-place.yaml: {} diff --git a/.vib/mariadb/goss/templates/mariadb.yaml b/.vib/mariadb/goss/templates/mariadb.yaml new file mode 100644 index 000000000000..fec80c568dca --- /dev/null +++ b/.vib/mariadb/goss/templates/mariadb.yaml @@ -0,0 +1,16 @@ +file: + # Checks there is a template already loaded as a config file + {{ .Vars.root_dir }}/mariadb/conf/my.cnf: + exists: true + filetype: file + contains: + - socket={{ .Vars.root_dir }}/mariadb/tmp/mysql.sock + # Checks the postunpack phase properly creates the plugin's symlink + {{ .Vars.root_dir }}/mariadb/lib/plugin: + exists: true + filetype: symlink + # Check the plugins added at compilation time are available + {{ .Vars.root_dir }}/mariadb/plugin/auth_pam.so: + exists: true + filetype: file + mode: "0644" diff --git a/.vib/mariadb/goss/vars.yaml b/.vib/mariadb/goss/vars.yaml new file mode 100644 index 000000000000..f6c61fc119ba --- /dev/null +++ b/.vib/mariadb/goss/vars.yaml @@ -0,0 +1,18 @@ +components: + binaries: + - gosu + - ini-file + - mysql +filesystem: + - mode: "0775" + directories: + - /bitnami/mariadb + - /bitnami/mariadb/data + - /opt/bitnami/mariadb/conf + - /opt/bitnami/mariadb/conf/bitnami + - /opt/bitnami/mariadb/logs + - /opt/bitnami/mariadb/tmp +root_dir: /opt/bitnami +version: + bin_name: mysql + flag: --version diff --git a/.vib/mariadb/vib-publish.json b/.vib/mariadb/vib-publish.json index f58738648055..fa6aa0eedc72 100644 --- a/.vib/mariadb/vib-publish.json +++ b/.vib/mariadb/vib-publish.json @@ -3,7 +3,8 @@ "resources": { "url": "{VIB_ENV_CONTAINER_URL}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -33,6 +34,19 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "mariadb/goss/goss.yaml", + "vars_file": "mariadb/goss/vars.yaml", + "remote": { + "workload": "deploy-mariadb" + } + } + }, { "action_id": "trivy", "params": { diff --git a/.vib/mariadb/vib-verify.json b/.vib/mariadb/vib-verify.json index 835cd556e241..e1252f92a885 100644 --- a/.vib/mariadb/vib-verify.json +++ b/.vib/mariadb/vib-verify.json @@ -3,7 +3,8 @@ "resources": { "url": "{SHA_ARCHIVE}", "path": "{VIB_ENV_PATH}" - } + }, + "runtime_parameters": "Y29tbWFuZDogWyJ0YWlsIiwgIi1mIiwgIi9kZXYvbnVsbCJd" }, "phases": { "package": { @@ -29,6 +30,19 @@ }, "verify": { "actions": [ + { + "action_id": "goss", + "params": { + "resources": { + "path": "/.vib" + }, + "tests_file": "mariadb/goss/goss.yaml", + "vars_file": "mariadb/goss/vars.yaml", + "remote": { + "workload": "deploy-mariadb" + } + } + }, { "action_id": "trivy", "params": { @@ -50,4 +64,4 @@ ] } } -} \ No newline at end of file +}