From 679d83789b638cbb10c3c49af601043af19ca6b8 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 30 Sep 2024 13:09:31 -0500 Subject: [PATCH] Update rpminspect test The pom.xml files have been updated to define the target Java version using maven.compiler.release property. The maven-compiler-plugin is no longer used so it has been removed. The pki-rpminspect.yaml has been updated to no longer define the javabytecode requirement so it will use the standard requirement for the platform. The rpminspect test has been updated to call rpminspect directly in separate steps to make it easier to inspect the failures. The rpminspect.sh is no longer used so it has been removed. Currently the test is failing because some dependencies were built with older Java bytecode versions. They need to be rebuilt with the proper version. --- .github/workflows/rpminspect-test.yml | 164 +++++++++++++++++++++++++- base/acme/pom.xml | 8 -- base/ca/pom.xml | 8 -- base/common/pom.xml | 8 -- base/console/pom.xml | 8 -- base/est/pom.xml | 8 -- base/kra/pom.xml | 8 -- base/ocsp/pom.xml | 8 -- base/server-webapp/pom.xml | 8 -- base/server/pom.xml | 8 -- base/tks/pom.xml | 8 -- base/tomcat-9.0/pom.xml | 8 -- base/tomcat/pom.xml | 8 -- base/tools/pom.xml | 8 -- base/tps/pom.xml | 8 -- pom.xml | 1 + tests/bin/rpminspect.sh | 12 -- tests/pki-rpminspect.yaml | 7 +- 18 files changed, 164 insertions(+), 132 deletions(-) delete mode 100755 tests/bin/rpminspect.sh diff --git a/.github/workflows/rpminspect-test.yml b/.github/workflows/rpminspect-test.yml index b8692d28078..3710f8713e2 100644 --- a/.github/workflows/rpminspect-test.yml +++ b/.github/workflows/rpminspect-test.yml @@ -49,7 +49,165 @@ jobs: docker rm -f pki-dist - - name: Run rpminspect on SRPM and RPMs + # get RPM version and release number + VERSION=$(docker exec pki ls build/SRPMS | sed -e 's/^pki-\(.*\)\.src\.rpm$/\1/') + echo "VERSION: $VERSION" + echo "$VERSION" > VERSION + + - name: Install rpminspect profile + run: | + docker exec pki ls -lR /usr/share/rpminspect/profiles + docker exec pki cp \ + /usr/share/pki/tests/pki-rpminspect.yaml \ + /usr/share/rpminspect/profiles/fedora + + - name: Check pki SRPM + if: always() + run: | + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/SRPMS/pki-*.src.rpm + + - name: Check dogtag-pki RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-$VERSION.*.rpm + + - name: Check dogtag-pki-acme RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-acme-$VERSION.*.rpm + + - name: Check dogtag-pki-base RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-base-$VERSION.*.rpm + + - name: Check dogtag-pki-ca RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-ca-$VERSION.*.rpm + + - name: Check dogtag-pki-est RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-est-$VERSION.*.rpm + + - name: Check dogtag-pki-java RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-java-$VERSION.*.rpm + + - name: Check dogtag-pki-javadoc RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-javadoc-$VERSION.*.rpm + + - name: Check dogtag-pki-kra RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-kra-$VERSION.*.rpm + + - name: Check dogtag-pki-ocsp RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-ocsp-$VERSION.*.rpm + + - name: Check dogtag-pki-server RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-server-$VERSION.*.rpm + + - name: Check dogtag-pki-tests RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-tests-$VERSION.*.rpm + + - name: Check dogtag-pki-theme RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-theme-$VERSION.*.rpm + + - name: Check dogtag-pki-tks RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-tks-$VERSION.*.rpm + + - name: Check dogtag-pki-tools RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-tools-$VERSION.*.rpm + + - name: Check dogtag-pki-tools-debuginfo RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-tools-debuginfo-$VERSION.*.rpm + + - name: Check dogtag-pki-tps RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/dogtag-pki-tps-$VERSION.*.rpm + + - name: Check pki-debugsource RPM + if: always() + run: | + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/pki-debugsource-$VERSION.*.rpm + + - name: Check python3-dogtag-pki RPM + if: always() run: | - docker exec pki cp /usr/share/pki/tests/pki-rpminspect.yaml /usr/share/rpminspect/profiles/fedora/pki-rpminspect.yaml - docker exec pki /usr/share/pki/tests/bin/rpminspect.sh + VERSION=$(cat VERSION) + docker exec pki rpminspect-fedora \ + -p pki-rpminspect \ + build/RPMS/python3-dogtag-pki-$VERSION.*.rpm diff --git a/base/acme/pom.xml b/base/acme/pom.xml index dee0e6b1177..26463c1eeff 100644 --- a/base/acme/pom.xml +++ b/base/acme/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/ca/pom.xml b/base/ca/pom.xml index 0a876ced584..1114481228d 100644 --- a/base/ca/pom.xml +++ b/base/ca/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/common/pom.xml b/base/common/pom.xml index a4b7f9acaf3..73acb7f8095 100644 --- a/base/common/pom.xml +++ b/base/common/pom.xml @@ -176,14 +176,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/console/pom.xml b/base/console/pom.xml index 08eecc5b76b..7ccaaedf1e9 100644 --- a/base/console/pom.xml +++ b/base/console/pom.xml @@ -31,14 +31,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/est/pom.xml b/base/est/pom.xml index e58ca1d5fb1..ccb1a5979c1 100644 --- a/base/est/pom.xml +++ b/base/est/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/kra/pom.xml b/base/kra/pom.xml index 816f389f04a..816e088945c 100644 --- a/base/kra/pom.xml +++ b/base/kra/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/ocsp/pom.xml b/base/ocsp/pom.xml index af9aefaec9d..85025d307c3 100644 --- a/base/ocsp/pom.xml +++ b/base/ocsp/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/server-webapp/pom.xml b/base/server-webapp/pom.xml index c754b02a2bd..1ef36bcf8f6 100644 --- a/base/server-webapp/pom.xml +++ b/base/server-webapp/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/server/pom.xml b/base/server/pom.xml index b1a0259ce25..98029805e04 100644 --- a/base/server/pom.xml +++ b/base/server/pom.xml @@ -32,14 +32,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/tks/pom.xml b/base/tks/pom.xml index a2bc7a8f30f..89707aedc11 100644 --- a/base/tks/pom.xml +++ b/base/tks/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/tomcat-9.0/pom.xml b/base/tomcat-9.0/pom.xml index f5141fad84b..c3859e656b9 100644 --- a/base/tomcat-9.0/pom.xml +++ b/base/tomcat-9.0/pom.xml @@ -56,14 +56,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/tomcat/pom.xml b/base/tomcat/pom.xml index b02f1940f43..613d8ae7a9f 100644 --- a/base/tomcat/pom.xml +++ b/base/tomcat/pom.xml @@ -32,14 +32,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/tools/pom.xml b/base/tools/pom.xml index 58e3abf2b90..530297653c5 100644 --- a/base/tools/pom.xml +++ b/base/tools/pom.xml @@ -35,14 +35,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/base/tps/pom.xml b/base/tps/pom.xml index 78399d383e9..0c8ab8a0f43 100644 --- a/base/tps/pom.xml +++ b/base/tps/pom.xml @@ -26,14 +26,6 @@ - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.1 - - 17 - - org.apache.maven.plugins maven-jar-plugin diff --git a/pom.xml b/pom.xml index 7fb775999db..e6de758b960 100644 --- a/pom.xml +++ b/pom.xml @@ -12,6 +12,7 @@ UTF-8 github + 17 diff --git a/tests/bin/rpminspect.sh b/tests/bin/rpminspect.sh deleted file mode 100755 index a29caaecded..00000000000 --- a/tests/bin/rpminspect.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -e - -echo "::group::Running RPMInspect on SRPM" -rpminspect-fedora -p pki-rpminspect build/SRPMS/*.rpm -echo "::endgroup::" - -# Run RPMInspect on RPMs -for f in build/RPMS/*rpm; do - echo "::group::Running RPMInspect on $f" - rpminspect-fedora -p pki-rpminspect "$f" - echo "::endgroup::" -done diff --git a/tests/pki-rpminspect.yaml b/tests/pki-rpminspect.yaml index 69ec73db433..d33ee282602 100755 --- a/tests/pki-rpminspect.yaml +++ b/tests/pki-rpminspect.yaml @@ -11,11 +11,8 @@ annocheck: jobs: - hardened: --skip-lto --skip-cf-protection -# Use Java 21 on Fedora 40+, otherwise use Java 17 -javabytecode: - - fc39: 61 - - fc40: 65 - - default: 65 +# use javabytecode configuration from rpminspect-data-fedora +# https://github.com/rpminspect/rpminspect-data-fedora/blob/main/fedora.yaml#L572-L596 runpath: # The TPS needs access to this path