Re: Fedora VM On Travis for Testing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, May 14, 2020 at 5:03 PM William Roberts
<bill.c.roberts@xxxxxxxxx> wrote:
>
> I just wanted to lay out a demo of a Fedora 32 cloud VM image booting
> on Travis with execution happening in the Fedora VM.
> The Fedora VM contains the selinux source code for that particular
> travis build, so it has the PR patches, etc.
> The VM has networking.
>
> The build logs for the Travis run are here:
>   - https://travis-ci.org/github/williamcroberts/selinux/builds/687185489
>
> Which comes from my git tree here:
>   - https://github.com/williamcroberts/selinux/tree/kvm-fedora-testing
>
> Note that it's super messy, I need to go through and cleanup both the
> patch and the git
> history. I also should verify the downloaded image is signed for the VM.
> Also note that I may rebase/squash my git branch at any time.
>
> Petr started a release document here:
>   - https://github.com/bachradsusi/SELinuxProject-selinux/blob/RELEASE/RELEASE_PROCESS.md
>
> I'd like to gather feedback, and perhaps more comments on:
> 1. Is this CI approach worth continuing?
> 2. Comments on the CI scripts (I have no idea what I am doing, common issue)
> 3. Comments, patches, suggestions on what tests to run in this CI environment.
> 4. More information in in the RELEASE_PROCESS.md file. I made some
> comments there
>     as well on ideas.
>
> My goal here is that a release can occur if CI is passing without
> worry, and that
> we automate manual steps as much as possible. This way, if we get hit by a bus
> releases can occur without much effort.

I'm amazed travis-ci supports all of that (especially for free).
Hopefully you aren't violating their terms of use.
The biggest thing I'd add is to build and install the selinux
userspace in place of the stock Fedora versions (sudo make
LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel) and
then build and run the selinux-testsuite to exercise the SELinux
userspace and kernel runtime functionality.  Other things to possibly
add would be rebuilding upstream refpolicy (similar to its
.travis.yml) with the latest userspace, rebuilding and running setools
(but until we decouple it from libsepol internals this will
periodically break).



[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux