Adding nightly FIPS tests #345
Conversation
|
Attached issue: https://pulp.plan.io/issues/3800 |
|
I'll be testing on pulp_npm: |
fao89
force-pushed
the
3800
branch
3 times, most recently
from
040a805
to
9537649
Compare
|
could see it running here: |
|
This work looks great. 💯 I see that the centos 7 test is failing against pulp_npm and pulp_ansible? |
| cd ../pulp_installer/ | ||
| git submodule update --init | ||
| {%- if plugin_name in ['pulp_file', 'pulpcore'] %} | ||
| sed -i "/{{ plugin_name }}/d" .github/workflows/scripts/install.sh |
There was a problem hiding this comment.
This looks dangerous to me. Looking at these lines here, it's not even clear to me, what lines are supposed to be deleted. And if that file introduces a new important line containing "pulpcore" it will break in a way that is almost impossible to debug.
There was a problem hiding this comment.
I agree, it currently deletes git clone of pulpcore and pulp_file, I plan to change the script on the installer side, make it more customizable there
There was a problem hiding this comment.
Being customizable in the script is great, because then you can see there that there might be an expected interface to it.
There was a problem hiding this comment.
I've started a PR: pulp/pulp_installer#539
yes, it failed all over the weekend, I've noticed GHA on my fork is behaving differently, |
|
LGTM. @mdellweg did you want to review again before we merge? |
plugin-template
Outdated
| @@ -48,6 +48,7 @@ DEFAULT_SETTINGS = { | |||
| 'redmine_project': None, | |||
| 'test_bindings': True, | |||
| 'test_cli': False, | |||
| 'fips_test': True, | |||
There was a problem hiding this comment.
Is True the proper default here? I know we want that on most plugins, but usually we add features disabled by default here.
(e.g. redmine_project, test_cli, test_performance, test_released_plugin_with_next_pulpcore_release, test_s3, ...)
edit: I see, that i 👍d the idea to add it True... So don't see this as a blocker.
There was a problem hiding this comment.
I suggested true by default but i think you’re right.
| # runs at 4:00 UTC daily | ||
| - cron: '00 4 * * *' | ||
| {%- else -%} | ||
| workflow_dispatch: |
There was a problem hiding this comment.
Does this mean, that you can still trigger the test by hand?
Can we rename the variable to test_fips_nightly to reflect that?
| cd ../pulp_installer/ | ||
| git submodule update --init | ||
| {%- if plugin_name in ['pulp_file', 'pulpcore'] %} | ||
| sed -i "/{{ plugin_name }}/d" .github/workflows/scripts/install.sh |
There was a problem hiding this comment.
Being customizable in the script is great, because then you can see there that there might be an expected interface to it.
| run: | | ||
| cd ../pulp_installer | ||
| {% if plugin_name not in ['pulp_file', 'pulpcore'] -%} | ||
| sed -e "s/pulp-file/{{ plugin_dash }}/g" -e "s/pulp_file/{{ plugin_name }}/g" -e "/pulp_source_dir/a pulp_webserver_disable_https: true" example.dev-config.yml > local.dev-config.yml |
There was a problem hiding this comment.
👍
Maybe in a next iteration, we should just provide the proper dev-config in the assets directory. It can use the additional_plugins variable at templating to determine what to install.
https://pulp.plan.io/issues/3800
closes #3800