test: add test for fdo interface in simplified installer

osbuild · Dec 12, 2023 · e88a544 · e88a544
1 parent e2d1897
commit e88a544
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 0 deletions.
diff --git a/test/cases/ostree-simplified-installer.sh b/test/cases/ostree-simplified-installer.sh
@@ -26,6 +26,11 @@ do
 done
 # Prepare service api server config filef
 sudo /usr/local/bin/yq -iy '.service_info.diskencryption_clevis |= [{disk_label: "/dev/vda4", reencrypt: true, binding: {pin: "tpm2", config: "{}"}}]' /etc/fdo/aio/configs/serviceinfo_api_server.yml
+if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
+    # Modify manufacturing server config to process fdo
+    # guest interface during onboarding
+    sudo sed -i 's/SerialNumber/MACAddress/g' /etc/fdo/aio/configs/manufacturing_server.yml
+fi
 sudo systemctl restart fdo-aio
 
 # workaround for bug https://bugzilla.redhat.com/show_bug.cgi?id=2213660
@@ -522,6 +527,9 @@ done
 # Check image installation result
 check_result
 
+# Get VM interface name in advance
+MFG_GUEST_INT_NAME=$(sudo ssh "${SSH_OPTIONS[@]}" -i "${SSH_KEY}" "simple@${EDGE_GUEST_ADDRESS}" "nmcli device status | grep ethernet & exit" | awk '{print $1}')
+
 greenprint "🕹 Get ostree install commit value"
 INSTALL_HASH=$(curl "${PROD_REPO_URL}/refs/heads/${OSTREE_REF}")
 
@@ -586,6 +594,12 @@ manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080"
 diun_pub_key_insecure="true"
 EOF
 
+if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
+    tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
+di_mfg_string_type_mac_iface="${MFG_GUEST_INT_NAME}"
+EOF
+fi
+
 # workaround selinux bug https://bugzilla.redhat.com/show_bug.cgi?id=2026795
 if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
     tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
@@ -594,6 +608,7 @@ append = "enforcing=0"
 EOF
 fi
 
+
 greenprint "📄 installer blueprint"
 cat "$BLUEPRINT_FILE"
 
@@ -719,6 +734,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
     -e edge_type=edge-simplified-installer \
     -e fdo_credential="true" \
     -e sysroot_ro="$SYSROOT_RO" \
+    -e mfg_guest_int_name="${MFG_GUEST_INT_NAME}" \
     /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
 check_result
 
@@ -754,6 +770,12 @@ manufacturing_server_url="http://${FDO_SERVER_ADDRESS}:8080"
 diun_pub_key_hash="${DIUN_PUB_KEY_HASH}"
 EOF
 
+if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
+    tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
+di_mfg_string_type_mac_iface="${MFG_GUEST_INT_NAME}"
+EOF
+fi
+
 # workaround selinux bug https://bugzilla.redhat.com/show_bug.cgi?id=2026795
 if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
     tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
@@ -889,6 +911,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
     -e edge_type=edge-simplified-installer \
     -e fdo_credential="true" \
     -e sysroot_ro="$SYSROOT_RO" \
+    -e mfg_guest_int_name="${MFG_GUEST_INT_NAME}" \
     /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
 check_result
 
@@ -1026,6 +1049,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
     -e edge_type=edge-simplified-installer \
     -e fdo_credential="true" \
     -e sysroot_ro="$SYSROOT_RO" \
+    -e mfg_guest_int_name="${MFG_GUEST_INT_NAME}" \
     /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
 
 check_result
@@ -1069,6 +1093,12 @@ diun_pub_key_root_certs="""
 ${DIUN_PUB_KEY_ROOT_CERTS}"""
 EOF
 
+if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
+    tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
+di_mfg_string_type_mac_iface="${MFG_GUEST_INT_NAME}"
+EOF
+fi
+
 # workaround selinux bug https://bugzilla.redhat.com/show_bug.cgi?id=2026795
 if [[ "$VERSION_ID" == "9.3" || "$VERSION_ID" == "9" ]]; then
     tee -a "$BLUEPRINT_FILE" > /dev/null << EOF
@@ -1185,6 +1215,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
     -e edge_type=edge-simplified-installer \
     -e fdo_credential="true" \
     -e sysroot_ro="$SYSROOT_RO" \
+    -e mfg_guest_int_name="${MFG_GUEST_INT_NAME}" \
     /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
 check_result
 
@@ -1326,6 +1357,7 @@ sudo ansible-playbook -v -i "${TEMPDIR}"/inventory \
     -e edge_type=edge-simplified-installer \
     -e fdo_credential="true" \
     -e sysroot_ro="$SYSROOT_RO" \
+    -e mfg_guest_int_name="${MFG_GUEST_INT_NAME}" \
     /usr/share/tests/osbuild-composer/ansible/check_ostree.yaml || RESULTS=0
 
 check_result

diff --git a/test/data/ansible/check_ostree.yaml b/test/data/ansible/check_ostree.yaml
@@ -986,6 +986,29 @@
     - debug:
         var: result_fdo_client_linuxapp_journalctl
 
+    # case: check fdo device mac in device info field within device credentials
+    - name: Check mac address within device credentials
+      block:
+        - name: Check MAC address of interface taken from fdo customization
+          shell: "cat /sys/class/net/{{ mfg_guest_int_name }}/address"
+          register: fdo_cust_mac_add
+        - name: Check mac within fdo device credentials
+          shell: fdo-owner-tool dump-device-credential /etc/device-credentials | grep -E 'Device Info' | awk '{print $3}'
+          register: dev_credentials_mac_add
+        - assert:
+            that:
+              - dev_credentials_mac_add.stdout == fdo_cust_mac_add.stdout
+            fail_msg: "Wrong device info within device credentials"
+            success_msg: "Device onboarded successfully via network interface"
+      always:
+        - set_fact:
+            total_counter: "{{ total_counter | int + 1 }}"
+      rescue:
+        - name: failed count + 1
+          set_fact:
+            failed_counter: "{{ failed_counter | int + 1 }}"
+      when: fdo_credential == "true"
+
     # case: checking firewall customizations
     - name: Check applied firewall customizations
       block: