Add package_* test scenarios #6752
Conversation
| @@ -0,0 +1,3 @@ | |||
| #!/bin/bash | |||
|
|
|||
| yum install -y openldap-clients | |||
There was a problem hiding this comment.
What about using # packages = openldap-clients? I think it would perform better in case of combined mode as packages from this metadata should be installed at once before running the tests. Is that correct @matejak ?
There was a problem hiding this comment.
Benefit I see in the implemented approach is that it's clear that the installation is the actual test scenario.
With the # packages = ... approach, the installation will be part of test environment preparation and scenario will be empty (or it might be required to call some command in the scenario like true but nothing relevant to the test).
There was a problem hiding this comment.
I prefer Milan's approach with this test
There was a problem hiding this comment.
Benefit I see in the implemented approach is that it's clear that the installation is the actual test scenario.
With the
# packages = ...approach, the installation will be part of test environment preparation and scenario will be empty (or it might be required to call some command in the scenario liketruebut nothing relevant to the test).
Yes, my idea was to have it like that as fetching yum database in every test scenario will significantly increase the tests run time when testing all rules from a profile, for example in combined mode. Isn't it actually obvious from the filename of the test scenario that it is about installation/removal?
To summarize, I am not strictly against this approach, but I would still prefer if we would use the packages metadata. I think that test suite run times are pretty high and I don't want to increase them even more if we don't have to.
There was a problem hiding this comment.
I see both sides, and I think that there may be a solution - if you declare that you need the yum package, the test environment will have the package metadata up-to-date, so it will be only the installation that takes time for that scenario, and that's IMO OK. Moreover, the test scenario clearly needs yum, so that's not a hack.
Without that, I agree that every scenario would fetch the metadata again, which I see as a great waste of time and of electrical power.
There was a problem hiding this comment.
Interesting idea. I have added that in last commit, can you confirm that it's what you meant?
…arios where we want to test installation of a package
Description:
Add test scenarios to
package_*_installedand topackage_*_removedrules from CIS profile.Each rule has test scenario for installation and test scenario for removal of the package except
libselinux. Thelibselinuxpackage has only installation test scenario because after removal of the package, the system becomes unusable - commands start to printlibselinux.so.1: cannot open shared object file: No such file or directory(libselinux is dependency of several core packages, e.g. systemd).