TMT: Updates to account for official CentOS Stream and OSCI gating.

.packit.yaml

@@ -46,24 +46,28 @@ jobs:
     enable_net: true
     # container-selinux is noarch so we only need to test on one arch
     targets: &fedora_copr_targets
-      - fedora-all
+      - fedora-all-x86_64
+      - fedora-all-aarch64
 
   - job: copr_build
     trigger: pull_request
     packages: [container-selinux-eln]
     notifications: *copr_build_failure_notification
     enable_net: true
     targets:
-      - fedora-eln
+      - fedora-eln-x86_64
+      - fedora-eln-aarch64
 
   - job: copr_build
     trigger: pull_request
     packages: [container-selinux-centos]
     notifications: *copr_build_failure_notification
     enable_net: true
     targets: &centos_copr_targets
-      - centos-stream-9
-      - centos-stream-10
+      - centos-stream-9-x86_64
+      - centos-stream-9-aarch64
+      - centos-stream-10-x86_64
+      - centos-stream-10-aarch64
 
   # Run on commit to main branch
   # Build targets managed in copr settings

plans/main.fmf

@@ -3,21 +3,18 @@ discover:
 execute:
     how: tmt
 prepare:
-    how: feature
-    epel: enabled
-
-/upstream:
-    summary: Run SELinux specific Podman tests on upstream PRs
-    discover+:
-        filter: tag:upstream
-    adjust+:
-        enabled: false
-        when: initiator is not defined or initiator != packit
-
-/downstream:
-    summary: Run SELinux specific Podman tests on bodhi / errata and dist-git PRs
-    discover+:
-        filter: tag:downstream
-    adjust+:
-        enabled: false
-        when: initiator == packit
+    - when: distro == centos-stream or distro == rhel
+      how: shell
+      script: |
+        dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-$(rpm --eval '%{?rhel}').noarch.rpm
+        dnf -y config-manager --set-enabled epel
+      order: 10
+    - when: initiator == packit
+      how: shell
+      script: |
+        COPR_REPO_FILE="/etc/yum.repos.d/*podman-next*.repo"
+        if compgen -G $COPR_REPO_FILE > /dev/null; then
+            sed -i -n '/^priority=/!p;$apriority=1' $COPR_REPO_FILE
+        fi
+        dnf -y upgrade --allowerasing
+      order: 20

rpm/gating.yaml

@@ -1,7 +1,9 @@
 --- !Policy
 product_versions:
   - fedora-*
-decision_context: bodhi_update_push_stable
+decision_context:
+  - bodhi_update_push_stable
+  - bodhi_update_push_testing
 rules:
   - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
 

test/main.fmf

@@ -1,23 +1,17 @@
-# Only common dependencies that are NOT required to run podman-tests.sh are
-# specified here. Everything else is in podman-tests.sh.
 require:
+    - attr
     - bats
-    - cpio
-    - golang
-    - make
+    - container-selinux
+    - podman-tests
     - policycoreutils
 
 /basic_check:
-    tag: [ upstream, downstream ]
     summary: Run basic checks
-    test: make basic_check
-
-/podman_e2e_test:
-    tag: [ upstream, downstream ]
-    summary: Run SELinux specific Podman e2e tests
-    test: make podman_e2e_test
+    test: |
+        semodule --list=full | grep container
+        semodule -B
+        rpm -Vqf /var/lib/selinux/*/active/modules/200/container
 
 /podman_system_test:
-    tag: [ upstream, downstream ]
     summary: Run SELinux specific Podman system tests
-    test: make podman_system_test
+    test: bash ./podman-tests.sh

test/podman-tests.sh

@@ -9,67 +9,8 @@ if [[ "$(id -u)" -ne 0 ]];then
     exit 1
 fi
 
-if [[ -z "$1" ]]; then
-    echo -e "Usage: $(basename ${BASH_SOURCE[0]}) TEST_TYPE\nTEST_TYPE can be 'e2e' or 'system'\n"
-    exit 1
-fi
-
-TEST_TYPE=$1
-
-# Remove testing-farm repos if they exist as these interfere with the packages
-# we want to install, especially when podman-next copr is involved
-rm -f /etc/yum.repos.d/tag-repository.repo
-
-# Fetch and extract latest podman source from the highest priority dnf repo
-# NOTE: On upstream pull-requests, the srpm will be fetched from the
-# podman-next copr while on bodhi updates, it will be fetched from Fedora's
-# official repos.
-PODMAN_DIR=$(mktemp -d)
-pushd $PODMAN_DIR
-
-# Download podman and podman-tests rpms, along with podman srpm
-dnf download podman podman-tests
-# Download srpm, srpm opts differ between dnf and dnf5
-rpm -q dnf5 && dnf download --srpm podman || dnf download --source podman
-
-# Ensure podman-tests RPM and podman SRPM version-release match
-# NOTE: podman RPM and podman-tests RPM matching is ensured by podman.spec so
-# matching podman-tests and podman srpm is sufficient here.
-PODMAN_TESTS_VERSION=$(ls podman-tests* | sed -e "s/.$(uname -m).rpm//" -e "s/podman-tests-//")
-PODMAN_SRPM_VERSION=$(ls podman*.src.rpm | sed -e "s/.src.rpm//" -e "s/podman-//")
-if [[ "$PODMAN_TESTS_VERSION" != "$PODMAN_SRPM_VERSION" ]]; then
-    echo "podman-tests and podman srpm version-release don't match"
-    exit 1
-fi
-
-# Install downloaded podman and podman-tests rpms
-dnf -y install ./podman*.$(uname -m).rpm
-
-# Extract and untar podman source from srpm
-rpm2cpio $(ls podman*.src.rpm) | cpio -di
-tar zxf *.tar.gz
-
-popd
-
 # Print versions of distro and installed packages
-rpm -q bats container-selinux golang podman podman-tests selinux-policy
-
-if [[ "$TEST_TYPE" == "e2e" ]]; then
-    # /tmp is often unsufficient
-    export TMPDIR=/var/tmp
+rpm -q bats container-selinux podman podman-tests policycoreutils selinux-policy
 
-    # dnf5 contains breaking changes
-    # Either of `dnf` OR `dnf5` will be installed, never both.
-    # To fetch srpm, dnf uses `--source`, dnf5 uses `--srpm`.
-    #rpm -q dnf5 && SRPM_OPTS="--srpm" || SRPM_OPTS="--source"
-
-    # Run podman e2e tests
-    pushd $PODMAN_DIR/podman-*/test/e2e
-    PODMAN_BINARY=/usr/bin/podman go test -v config.go config_amd64.go common_test.go libpod_suite_test.go run_selinux_test.go
-    popd
-fi
-
-if [[ "$TEST_TYPE" == "system" ]]; then
-    # Run podman system tests
-    bats /usr/share/podman/test/system/410-selinux.bats
-fi
+# Run podman system tests
+bats /usr/share/podman/test/system/410-selinux.bats