sysupdate: Add integration test for updatectl updates

2024-11-23 02:03:37 +08:00 · 2024-06-20 10:26:24 +01:00 · 2024-06-20 10:26:24 +01:00 · b8b38e3da6
commit b8b38e3da6
parent ec15bb71c2
2 changed files with 60 additions and 16 deletions
--- a/test/TEST-72-SYSUPDATE/meson.build
+++ b/test/TEST-72-SYSUPDATE/meson.build
@ -3,5 +3,6 @@
 integration_tests += [
        integration_test_template + {
                'name' : fs.name(meson.current_source_dir()),
+                'vm' : true,
        },
 ]
--- a/test/units/TEST-72-SYSUPDATE.sh
+++ b/test/units/TEST-72-SYSUPDATE.sh
@ -6,8 +6,10 @@ set -eux
 set -o pipefail

 SYSUPDATE=/lib/systemd/systemd-sysupdate
+SYSUPDATED=/lib/systemd/systemd-sysupdated
 SECTOR_SIZES=(512 4096)
 WORKDIR="$(mktemp -d /var/tmp/test-72-XXXXXX)"
+CONFIGDIR="/run/sysupdate.d"
 BACKING_FILE="$WORKDIR/joined.raw"
 export SYSTEMD_ESP_PATH="$WORKDIR/esp"
 export SYSTEMD_XBOOTLDR_PATH="$WORKDIR/xbootldr"
@ -28,6 +30,17 @@ if [[ ! -e /dev/loop-control ]]; then
    SECTOR_SIZES=(512)
 fi

+# Set up sysupdated drop-in pointing at the correct definitions and setting
+# no verification of images.
+mkdir -p /run/systemd/system/systemd-sysupdated.service.d
+cat >/run/systemd/system/systemd-sysupdated.service.d/override.conf<<EOF
+[Service]
+Environment=SYSTEMD_SYSUPDATE_NO_VERIFY=1
+Environment=SYSTEMD_ESP_PATH=${SYSTEMD_ESP_PATH}
+Environment=SYSTEMD_XBOOTLDR_PATH=${SYSTEMD_XBOOTLDR_PATH}
+EOF
+systemctl daemon-reload
+
 at_exit() {
    set +e

@ -68,9 +81,9 @@ update_now() {
    # Update to newest version. First there should be an update ready, then we
    # do the update, and then there should not be any ready anymore

-    "$SYSUPDATE" --definitions="$WORKDIR/defs" --verify=no check-new
-    "$SYSUPDATE" --definitions="$WORKDIR/defs" --verify=no update
-    (! "$SYSUPDATE" --definitions="$WORKDIR/defs" --verify=no check-new)
+    "$SYSUPDATE" --verify=no check-new
+    "$SYSUPDATE" --verify=no update
+    (! "$SYSUPDATE" --verify=no check-new)
 }

 verify_version() {
@ -127,12 +140,12 @@ size=2048, type=2c7357ed-ebd2-46d9-aec1-23d437ec2bf5, name=_empty
 size=2048, type=2c7357ed-ebd2-46d9-aec1-23d437ec2bf5, name=_empty
 EOF

-    for d in "dirs" "defs"; do
-        rm -rf "${WORKDIR:?}/$d"
-        mkdir -p "$WORKDIR/$d"
+    for d in "$WORKDIR/dirs" "$CONFIGDIR"; do
+        rm -rf "$d"
+        mkdir -p "$d"
    done

-    cat >"$WORKDIR/defs/01-first.conf" <<EOF
+    cat >"$CONFIGDIR/01-first.conf" <<EOF
 [Source]
 Type=regular-file
 Path=$WORKDIR/source
@ -145,7 +158,7 @@ MatchPattern=part1-@v
 MatchPartitionType=root-x86-64
 EOF

-    cat >"$WORKDIR/defs/02-second.conf" <<EOF
+    cat >"$CONFIGDIR/02-second.conf" <<EOF
 [Source]
 Type=regular-file
 Path=$WORKDIR/source
@ -158,7 +171,7 @@ MatchPattern=part2-@v
 MatchPartitionType=root-x86-64-verity
 EOF

-    cat >"$WORKDIR/defs/03-third.conf" <<EOF
+    cat >"$CONFIGDIR/03-third.conf" <<EOF
 [Source]
 Type=directory
 Path=$WORKDIR/source
@ -172,7 +185,7 @@ MatchPattern=dir-@v
 InstancesMax=3
 EOF

-    cat >"$WORKDIR/defs/04-fourth.conf" <<EOF
+    cat >"$CONFIGDIR/04-fourth.conf" <<EOF
 [Source]
 Type=regular-file
 Path=$WORKDIR/source
@ -191,7 +204,7 @@ TriesDone=0
 InstancesMax=2
 EOF

-    cat >"$WORKDIR/defs/05-fifth.conf" <<EOF
+    cat >"$CONFIGDIR/05-fifth.conf" <<EOF
 [Source]
 Type=regular-file
 Path=$WORKDIR/source
@ -227,15 +240,45 @@ EOF
    test ! -f "$WORKDIR/xbootldr/EFI/Linux/uki_v1.efi.extra.d/extra.addon.efi"
    test ! -d "$WORKDIR/xbootldr/EFI/Linux/uki_v1.efi.extra.d"

-    # Create fourth version, and update through a file:// URL. This should be
+    # Create fourth version, update using updatectl and verify it replaced the
+    # second version
+    new_version "$sector_size" v4
+    if [[ -x "$SYSUPDATED" ]] && command -v updatectl; then
+        systemctl start systemd-sysupdated
+        "$SYSUPDATE" --verify=no check-new
+        updatectl update
+    else
+        # If no updatectl, gracefully fall back to systemd-sysupdate
+        update_now
+    fi
+    # User-facing updatectl returns 0 if there's no updates, so use the low-level
+    # utility to make sure we did upgrade
+    (! "$SYSUPDATE" --verify=no check-new )
+    verify_version "$blockdev" "$sector_size" v4 2 4
+
+    # Next, let's run updatectl's various inspection commands. We're not
+    # testing for specific output, but this will at least catch obvious crashes
+    # and allow updatectl to run under the various sanitizers. We create a
+    # component so that updatectl has multiple targets to list.
+    if [[ -x "$SYSUPDATED" ]] && command -v updatectl; then
+        mkdir -p /run/sysupdate.test.d/
+        cp "$CONFIGDIR/01-first.conf" /run/sysupdate.test.d/01-first.conf
+        updatectl list
+        updatectl list host
+        updatectl list host@v4
+        updatectl check
+        rm -r /run/sysupdate.test.d
+    fi
+    
+    # Create fifth version, and update through a file:// URL. This should be
    # almost as good as testing HTTP, but is simpler for us to set up. file:// is
    # abstracted in curl for us, and since our main goal is to test our own code
    # (and not curl) this test should be quite good even if not comprehensive. This
    # will test the SHA256SUMS logic at least (we turn off GPG validation though,
    # see above)
-    new_version "$sector_size" v4
+    new_version "$sector_size" v5

-    cat >"$WORKDIR/defs/02-second.conf" <<EOF
+    cat >"$CONFIGDIR/02-second.conf" <<EOF
 [Source]
 Type=url-file
 Path=file://$WORKDIR/source
@ -248,7 +291,7 @@ MatchPattern=part2-@v
 MatchPartitionType=root-x86-64-verity
 EOF

-    cat >"$WORKDIR/defs/03-third.conf" <<EOF
+    cat >"$CONFIGDIR/03-third.conf" <<EOF
 [Source]
 Type=url-tar
 Path=file://$WORKDIR/source
@ -263,7 +306,7 @@ InstancesMax=3
 EOF

    update_now
-    verify_version "$blockdev" "$sector_size" v4 2 4
+    verify_version "$blockdev" "$sector_size" v5 1 3

    # Cleanup
    [[ -b "$blockdev" ]] && losetup --detach "$blockdev"