<?php
error_reporting(E_ALL | E_STRICT);
ini_set('track_errors', 'On');
// TODO: add a mock worker?
$rg_cache_debug = TRUE;
$test_normal = TRUE;
$INC = dirname(__FILE__) . '/../inc';
require_once(dirname(__FILE__) . '/config.php');
require_once($INC . '/init.inc.php');
require_once($INC . '/user.inc.php');
require_once($INC . '/user/packages.inc.php');
require_once('helpers.inc.php');
require_once('http.inc.php');
rg_log_set_file('wh_build.log');
require_once('common.php');
$_testns = 'wh_build';
// This test makes sense only on my devel machine
if (php_uname('n') != 'r1.embedromix.ro') {
rg_log('OK!');
exit(0);
}
rg_log('');
rg_log('Creating a user...');
$rg_ui = array(
'username' => 'wh_build-user-' . rg_id(8),
'confirmed' => 20
);
rg_test_create_user($db, $rg_ui);
$info = array('id' => $rg_ui['username']);
prepare_http($info);
rg_log('Creating a bad user...');
$rg_bad = array(
'username' => 'wh_build-mal-' . rg_id(8),
'confirmed' => 20
);
rg_test_create_user($db, $rg_bad);
$info_bad = array('id' => $rg_ui['username']);
prepare_http($info_bad);
rg_log('');
rg_log_enter('Login good user...');
$r = test_login($test_url, $rg_ui);
if ($r === FALSE) {
rg_log('Cannot login good user!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Login bad user...');
$r = test_login($test_url, $rg_bad);
if ($r === FALSE) {
rg_log('Cannot login bad user!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Registering build webhook...');
$extra = array(
'wh::description' => 'description1 <xss> build hook',
'wh::repo' => '',
'wh::refname' => '',
'wh::idata::secrets::0::name' => 'secret1', // we cannot use <xss> here - it will be rejected by bash
'wh::idata::secrets::0::value' => 'value1<xss>',
'wh::idata::events' => 'P',
'wh::idata::envs[fedora-37-x86_64]' => 'on',
'wh::idata::envs[debian-11-amd64]' => 'on',
'wh::idata::packages' => 'nano',
'wh::idata::cmds::1::cmd' => 'make',
'wh::idata::cmds::1::label_ok' => 'success <xss>',
'wh::idata::cmds::1::label_nok' => 'fail <xss>');
rg_test_wh_add_edit($db, $rg_ui, 'build', 'generic', $extra);
$wh_id = $extra['id'];
rg_log('wh_id=' . $wh_id);
rg_log_exit();
rg_test_upload_ssh_key($db, $rg_ui, 'wh_build', $kn);
$pkg_repo_pub_name = 'whbuildpublic' . rg_id(8);
$pkg_repo_pub = array(
'pi::name' => $pkg_repo_pub_name,
'pi::public' => 1
);
rg_test_pkg_repo_add_edit($db, $rg_ui, $pkg_repo_pub);
$pkg_subrepo_pub = array('sr::name' => 'stablepub');
rg_test_pkg_subrepo_add_edit($db, $rg_ui, $pkg_repo_pub, $pkg_subrepo_pub);
$pkg_repo_priv_name = 'whbuildpriv' . rg_id(8);
$pkg_repo_priv = array(
'pi::name' => $pkg_repo_priv_name,
'pi::public' => 0
);
rg_test_pkg_repo_add_edit($db, $rg_ui, $pkg_repo_priv);
$pkg_subrepo_priv = array('sr::name' => 'stablepriv');
rg_test_pkg_subrepo_add_edit($db, $rg_ui, $pkg_repo_priv, $pkg_subrepo_priv);
$pkg_map_pub = array(
'mi::repo' => '',
'mi::ref' => '',
'mi::pkg_subrepo_id' => $pkg_subrepo_pub['id']
);
rg_test_pkg_map_add_edit($db, $rg_ui, $pkg_map_pub);
$pkg_map_priv = array(
'mi::repo' => '',
'mi::ref' => '',
'mi::pkg_subrepo_id' => $pkg_subrepo_priv['id']
);
rg_test_pkg_map_add_edit($db, $rg_ui, $pkg_map_priv);
// Add a global mapping (global package repository)
$pkg_map_priv = array(
'mi::repo' => '',
'mi::ref' => '',
'mi::pkg_subrepo_id' => 2
);
rg_test_pkg_map_add_edit($db, $rg_ui, $pkg_map_priv);
rg_log('');
rg_log_enter('Creating a repo and pushing it');
$repo = array('name' => 'wh_build');
rg_test_create_repo($db, $rg_ui, $repo);
$repo_url = 'ssh://rocketgit@' . $rg_ssh_host . ':' . $rg_ssh_port
. '/user/' . $rg_ui['username'] . '/' . $repo['name'];
rg_log('repo_url=' . escapeshellarg($repo_url));
$r = rg_exec('./wh_build.git.sh ' . escapeshellarg($repo_url),
'', FALSE, FALSE, FALSE);
if ($r['ok'] != 1) {
rg_log('Could not create and push local git repo: ' . $r['errmsg'] . '!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Testing if hook executed with success');
$r = rg_test_packages($rg_ui, $repo);
// We have 1 more build for createrepo and one for Debian
do {
$r = rg_test_packages($rg_ui, $repo);
file_put_contents('wh_build_pkg_r.out', json_encode($r, JSON_PRETTY_PRINT));
file_put_contents('wh_build_pkg_debug.out', json_encode($r['rg_debug_html'], JSON_PRETTY_PRINT));
$_base = '/op/pkgrepo/user/' . $rg_ui['username']
. '/' . $pkg_repo_pub['pi::name'] . '/' . $pkg_subrepo_pub['sr::name'];
$pub_rpm_ready = strstr($r['body'], $_base . '/fedora');
$pub_deb_ready = strstr($r['body'], $_base . '/debian');
$_base = '/op/pkgrepo/user/' . $rg_ui['username']
. '/' . $pkg_repo_priv['pi::name'] . '/' . $pkg_subrepo_priv['sr::name'];
$priv_rpm_ready = strstr($r['body'], $_base . '/fedora');
$priv_deb_ready = strstr($r['body'], $_base . '/debian');
rg_log('pub_rpm_ready=' . ($pub_rpm_ready !== FALSE ? 'true' : 'false'));
rg_log('pub_deb_ready=' . ($pub_deb_ready !== FALSE ? 'true' : 'false'));
rg_log('priv_rpm_ready=' . ($priv_rpm_ready !== FALSE ? 'true' : 'false'));
rg_log('priv_deb_ready=' . ($priv_deb_ready !== FALSE ? 'true' : 'false'));
if ($pub_rpm_ready && $pub_deb_ready && $priv_rpm_ready && $priv_deb_ready)
break;
sleep(5);
} while (1);
rg_log_exit();
// TODO: check user private repo stuff
// TODO: global public repo
rg_log('');
rg_log_enter('Checking packages');
$r = rg_test_packages($rg_ui, $repo);
$e = '>' . $rg_ui['username'] . '+' . $repo['name'] . '-0.1-1.x86_64.rpm<';
if (!strstr($r['body'], $e)) {
rg_log_ml('packages page: ' . $r['body']);
rg_log('Link to os rpm package not found [' . $e . ']!');
exit(1);
}
// TODO: check meta?
// TODO: check if another user does not have access
rg_log_exit();
rg_log('');
rg_log_enter('Checking public dotrepo download');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_pub_name, $pkg_subrepo_pub['sr::name'], 'fedora', 37,
'x86_64/os/rocketgit-' . $rg_ui['username'] . '-'
. $pkg_repo_pub_name . '-' . $pkg_subrepo_pub['sr::name'] . '-1.1-1.noarch.rpm');
// TODO: try to unpack the rpm?
$e = 'content-type: application/x-rpm';
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
// TODO: test private repo (pay attention to password)
rg_log('');
rg_log_enter('Checking private dotrepo download');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_priv_name, $pkg_subrepo_priv['sr::name'], 'fedora', 37,
'x86_64/os/rocketgit-' . $rg_ui['username'] . '-'
. $pkg_repo_priv_name . '-' . $pkg_subrepo_priv['sr::name'] . '-1.1-1.noarch.rpm');
// TODO: try to unpack the rpm?
$e = 'content-type: application/x-rpm';
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Checking private dotrepo download (by bad user)');
$r = rg_test_packages_file($rg_bad, $rg_ui, 'user',
$pkg_repo_priv_name, $pkg_subrepo_priv['sr::name'], 'fedora', 37,
'x86_64/os/rocketgit-' . $rg_ui['username'] . '-'
. $pkg_repo_priv_name . '-' . $pkg_subrepo_priv['sr::name'] . '-1.1-1.noarch.rpm');
// TODO: try to unpack the rpm?
if ($r['ci']['http_code'] != 404) {
rg_log('We must get 404 instead of ' . $r['ci']['http_code']
. ' if we do not have access!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Checking packages repomd download');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_pub_name, $pkg_subrepo_pub['sr::name'], 'fedora', 37,
'x86_64/os/repodata/repomd.xml');
$e = '<?xml ';
if (!strstr($r['body'], $e)) {
rg_log_ml('packages repomd page: ' . $r['body']);
rg_log('XML seems invalid [' . $e . ']!');
exit(1);
}
$e = 'content-type: text/xml';
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Checking packages rpm download');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_pub_name, $pkg_subrepo_pub['sr::name'], 'fedora', 37,
'x86_64/os/' . $rg_ui['username'] . '+' . $repo['name'] . '-0.1-1.x86_64.rpm');
$e = 'content-type: application/x-rpm';
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
////////////////////////// Debian area starts
rg_log('');
rg_log_enter('Checking keyring as owner user');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_pub_name, $pkg_subrepo_pub['sr::name'],
'debian', 'bullseye', 'keyring');
$e = 'content-type: application/octet-stream';
if (!stristr($r['header'], $e) || ($r['ci']['http_code'] != 200)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Code/Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Checking auth as owner user');
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_pub_name, $pkg_subrepo_pub['sr::name'],
'debian', 'bullseye', 'auth');
$e = 'content-type: text/plain';
if (!stristr($r['header'], $e) || ($r['ci']['http_code'] != 200)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
if (strncmp($r['body'], 'machine ', 8) != 0) {
rg_log('Content of auth file does not start with machine keyword: [' . $r['body'] . ']!');
exit(1);
}
// TODO: check if password is ok
rg_log_exit();
rg_log('');
rg_log_enter('Downloading package as good (owner) user');
$u = rg_pkg_transform_user('deb', $rg_ui['uid'], $rg_ui['username']);
$u1 = substr($u, 0, 1); $u2 = substr($u, 1, 1);
$r = rg_test_packages_file($rg_ui, $rg_ui, 'user',
$pkg_repo_priv_name, $pkg_subrepo_priv['sr::name'],
'debian', 'bullseye',
'pool/main/' . $u1 . '/' . $u2 . '/' . $u
. '+' . rg_pkg_transform_repo('deb', $repo['name']) . '_0.1_amd64.deb');
rg_log_ml('r: ' . print_r($r, TRUE));
$e = 'content-type: application/octet-stream';
if (!stristr($r['header'], $e) || ($r['ci']['http_code'] != 200)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Type is not ok [' . $e . ']!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Checking auth as bad (not owner) user');
$r = rg_test_packages_file($rg_bad, $rg_ui, 'user',
$pkg_repo_priv_name, $pkg_subrepo_priv['sr::name'],
'debian', 'bullseye', 'auth');
if ($r['ci']['http_code'] != 404) {
rg_log_ml('headers: ' . $r['header']);
rg_log('We must get 404!');
exit(1);
}
rg_log_exit();
// TODO: bad user + password?
rg_log('');
rg_log_enter('Downloading package as bad (not owner) user');
$u = rg_pkg_transform_user('deb', $rg_ui['uid'], $rg_ui['username']);
$u1 = substr($u, 0, 1); $u2 = substr($u, 1, 1);
$r = rg_test_packages_file($rg_bad, $rg_ui, 'user',
$pkg_repo_priv_name, $pkg_subrepo_priv['sr::name'],
'debian', 'bullseye',
'pool/main/' . $u1 . '/' . $u2 . '/' . $u
. '+' . rg_pkg_transform_repo('deb', $repo['name']) . '_0.1_amd64.deb');
rg_log_ml('r: ' . print_r($r, TRUE));
if ($r['ci']['http_code'] != 404) {
rg_log_ml('headers: ' . $r['header']);
rg_log('We must get 404!');
exit(1);
}
rg_log_exit();
////////////////////////// Debian area ends
rg_log('');
rg_log_enter('Checking artifacts 1');
$r = rg_test_artifacts_page($rg_ui, $repo, '/envs/fedora-37-x86_64');
$e = '<a href="/user/' . $rg_ui['username'] . '/' . $repo['name'] . '/artifacts/download/envs/fedora-37-x86_64/bla%C8%99.out">Download</a>';
if (!strstr($r['body'], $e)) {
rg_log_ml('artifacts: ' . $r['body']);
rg_log('Link to artifact not found [' . $e . ']!');
exit(1);
}
$r = rg_test_artifacts_file($rg_ui, $repo, '/envs/fedora-37-x86_64/blaș.out');
rg_log_ml('blaș.out: ' . print_r($r, TRUE));
$e = 'blaș' . "\n";
if (strcmp($r['body'], $e) != 0) {
rg_log('Content of artifact not ok [' . $r['body'] . '] != [' . $e . ']!');
exit(1);
}
$e = 'content-length: 6' . "\r\n";
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-Length of artifact not ok [' . $e . ']!');
exit(1);
}
$e = 'content-type: text/plain';
if (!stristr($r['header'], $e)) {
rg_log_ml('headers: ' . $r['header']);
rg_log('Content-type of artifact not ok [' . $e . ']!');
exit(1);
}
// TODO: check artifacts fs/meta?
rg_log_exit();
rg_log('OK!');
exit(0);
// We ignore the rest for now, because we do 4 builds and test nothing!
rg_log('');
rg_log_enter('Make a change and push again (for delta packages)');
$r = rg_exec('cd temp_repos/wh_build'
. ' && sed -i -e "s/^Version:.*0.1/Version: 0.2/" wh_build.spec'
. ' && sed -i -e "s/0.1/0.2/" debian/changelog'
. ' && git commit -a -m "new version"'
. ' && git push',
'', FALSE, FALSE, FALSE);
if ($r['ok'] != 1) {
rg_log('Could not push again: ' . $r['errmsg'] . '!');
exit(1);
}
rg_log_exit();
rg_log('');
rg_log_enter('Testing if hook executed with success (part 2)');
$key = 'DEBUG::' . $rg_ui['uid'] . '::webhooks::' . $wh_id;
$r = test_wait_cache($key, 600);
$p = @$r['status']['cmds'][1];
if (strcmp($p['status'], '0') != 0) {
rg_log_ml('r: ' . print_r($r, TRUE));
rg_log('Sseems the build did not work well'
. ' [' . $p['status'] . ']! See above.');
exit(1);
}
rg_log_exit();
// TODO: test artifacts 2 (overwrite)
// TODO: test rgfs/rpm packages (by http)
// TODO: add a test for 'map_into_source'
rg_log('OK!');