gitlab-ci: Run krb5 tests also with MIT Kerberos 1.20 (prerelease)

This adds test against MIT Kerberos 1.20 (prerelease) in order to test
Bronze Bit, S4U and RBCD functionality supported only in current MIT Kerberos
git master. We created a Fedora COPR package for MIT KRB5 1.20 (prerelease).

MIT Kerberos 1.20 will be released in autumn 2022. As soon as MIT Kerberos 1.20
will be in a Fedora release, these runners will be removed again.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/.gitlab-ci-main.yml b/.gitlab-ci-main.yml
index c1a5e083c492acbe49772add4905bd15c4551138..8b2b6e8c4deb905f23d46d8b8cddeeaebfdaf529 100644 (file)
--- a/.gitlab-ci-main.yml
+++ b/.gitlab-ci-main.yml
@@ -42,7 +42,7 @@ variables:
   # Set this to the contents of bootstrap/sha1sum.txt
   # which is generated by bootstrap/template.py --render
   #
-  SAMBA_CI_CONTAINER_TAG: bac18584d47ffc1acb5a697d83f2232598b6afbf
+  SAMBA_CI_CONTAINER_TAG: 24c7cabf5c7c515ffac905cddc533a26d70abd09
   #
   # We use the ubuntu1804 image as default as
   # it matches what we have on sn-devel-184.
@@ -63,6 +63,7 @@ variables:
   SAMBA_CI_CONTAINER_IMAGE_opensuse152: opensuse152
   SAMBA_CI_CONTAINER_IMAGE_fedora34: fedora34
   SAMBA_CI_CONTAINER_IMAGE_fedora35: fedora35
+  SAMBA_CI_CONTAINER_IMAGE_f35mit120: f35mit120
   SAMBA_CI_CONTAINER_IMAGE_centos7: centos7
   SAMBA_CI_CONTAINER_IMAGE_centos8s: centos8s
 
@@ -260,6 +261,13 @@ samba-mit-build:
     SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_fedora35}
   stage: build_first
 
+samba-mit120-build:
+  extends: .shared_template_build_only
+  variables:
+    AUTOBUILD_JOB_NAME: samba-mit-build
+    SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_f35mit120}
+  stage: build_first
+
 .needs_samba-mit-build:
   extends: .shared_template_test_only
   variables:
@@ -268,6 +276,14 @@ samba-mit-build:
     - job: samba-mit-build
       artifacts: true
 
+.needs_samba-mit120-build:
+  extends: .shared_template_test_only
+  variables:
+    SAMBA_CI_JOB_IMAGE: ${SAMBA_CI_CONTAINER_IMAGE_f35mit120}
+  needs:
+    - job: samba-mit120-build
+      artifacts: true
+
 samba-h5l-build:
   extends: .shared_template_build_only
 
@@ -396,6 +412,11 @@ samba-fips:
     - .needs_samba-mit-build
     - .private_test_only
 
+.needs_samba-mit120-build-private:
+  extends:
+    - .needs_samba-mit120-build
+    - .private_test_only
+
 .needs_samba-h5l-build-private:
   extends:
     - .needs_samba-h5l-build
@@ -430,6 +451,11 @@ samba-nt4:
 samba-addc-mit-1:
   extends: .needs_samba-mit-build-private
 
+samba-addc-mit120:
+  extends: .needs_samba-mit120-build-private
+  variables:
+    AUTOBUILD_JOB_NAME: samba-addc-mit-1
+
 samba-no-opath1:
   extends: .needs_samba-no-opath-build-private
 

diff --git a/bootstrap/.gitlab-ci.yml b/bootstrap/.gitlab-ci.yml
index bf41a9845b8573bb4588ba504453585e0ce701f1..8e221a2b8efb82af77a726e592dc4eaeb02c8649 100644 (file)
--- a/bootstrap/.gitlab-ci.yml
+++ b/bootstrap/.gitlab-ci.yml
@@ -106,6 +106,9 @@ fedora34:
 fedora35:
   extends: .build_image_template
 
+f35mit120:
+  extends: .build_image_template
+
 centos8s:
   extends: .build_image_template
 

diff --git a/bootstrap/config.py b/bootstrap/config.py
index 8bcb9ddbb26ee75a164df9cac2be525536217888..c853c4f0434db4cd4ed59609667ad086026c7973 100644 (file)
--- a/bootstrap/config.py
+++ b/bootstrap/config.py
@@ -267,6 +267,23 @@ dnf install -y \
 dnf clean all
 """
 
+DNF_BOOTSTRAP_MIT = r"""
+#!/bin/bash
+{GENERATED_MARKER}
+set -xueo pipefail
+
+dnf update -y
+dnf install -y dnf-plugins-core
+dnf copr -y enable abbra/krb5-test
+dnf update -y
+
+dnf install -y \
+    --setopt=install_weak_deps=False \
+    {pkgs}
+
+dnf clean all
+"""
+
 ZYPPER_BOOTSTRAP = r"""
 #!/bin/bash
 {GENERATED_MARKER}
@@ -501,6 +518,17 @@ RPM_DISTS = {
             'libtracker-sparql-2.0-dev': '',  # only tracker 3.x is available
         }
     },
+    'f35mit120': {
+        'docker_image': 'fedora:35',
+        'vagrant_box': 'fedora/35-cloud-base',
+        'bootstrap': DNF_BOOTSTRAP_MIT,
+        'replace': {
+            'lsb-release': 'redhat-lsb',
+            'perl-FindBin': '',
+            'python3-iso8601': 'python3-dateutil',
+            'libtracker-sparql-2.0-dev': '',  # only tracker 3.x is available
+        }
+    },
     'opensuse151': {
         'docker_image': 'opensuse/leap:15.1',
         'vagrant_box': 'opensuse/openSUSE-15.1-x86_64',

diff --git a/bootstrap/generated-dists/Vagrantfile b/bootstrap/generated-dists/Vagrantfile
index 0bee124afa92f138a2a7872c72bd4a67bdc620c0..518535f3a616055c1b4d598bd50ea9d3b9514831 100644 (file)
--- a/bootstrap/generated-dists/Vagrantfile
+++ b/bootstrap/generated-dists/Vagrantfile
@@ -38,6 +38,13 @@ Vagrant.configure("2") do |config|
         v.vm.provision :shell, path: "debian11/locale.sh"
     end
 
+    config.vm.define "f35mit120" do |v|
+        v.vm.box = "fedora/35-cloud-base"
+        v.vm.hostname = "f35mit120"
+        v.vm.provision :shell, path: "f35mit120/bootstrap.sh"
+        v.vm.provision :shell, path: "f35mit120/locale.sh"
+    end
+
     config.vm.define "fedora34" do |v|
         v.vm.box = "fedora/34-cloud-base"
         v.vm.hostname = "fedora34"

diff --git a/bootstrap/generated-dists/f35mit120/Dockerfile b/bootstrap/generated-dists/f35mit120/Dockerfile
new file mode 100644 (file)
index 0000000..e66eb84
--- /dev/null
+++ b/bootstrap/generated-dists/f35mit120/Dockerfile
@@ -0,0 +1,29 @@
+#
+# This file is generated by 'bootstrap/template.py --render'
+# See also bootstrap/config.py
+#
+
+FROM fedora:35
+
+# pass in with --build-arg while build
+ARG SHA1SUM
+RUN [ -n $SHA1SUM ] && echo $SHA1SUM > /sha1sum.txt
+
+ADD *.sh /tmp/
+# need root permission, do it before USER samba
+RUN /tmp/bootstrap.sh && /tmp/locale.sh
+
+# if ld.gold exists, force link it to ld
+RUN set -x; LD=$(which ld); LD_GOLD=$(which ld.gold); test -x $LD_GOLD && ln -sf $LD_GOLD $LD && test -x $LD && echo "$LD is now $LD_GOLD"
+# if ld.mold exists, force link it to ld (prefer mold over gold! ;-)
+RUN set -x; LD=$(which ld); LD_MOLD=$(which ld.mold); test -x $LD_MOLD && ln -sf $LD_MOLD $LD && test -x $LD && echo "$LD is now $LD_MOLD"
+
+# make test can not work with root, so we have to create a new user
+RUN useradd -m -U -s /bin/bash samba && \
+    mkdir -p /etc/sudoers.d && \
+    echo "samba ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/samba
+
+USER samba
+WORKDIR /home/samba
+# samba tests rely on this
+ENV USER=samba LC_ALL=en_US.utf8 LANG=en_US.utf8
\ No newline at end of file

diff --git a/bootstrap/generated-dists/f35mit120/bootstrap.sh b/bootstrap/generated-dists/f35mit120/bootstrap.sh
new file mode 100755 (executable)
index 0000000..aa77d63
--- /dev/null
+++ b/bootstrap/generated-dists/f35mit120/bootstrap.sh
@@ -0,0 +1,121 @@
+#!/bin/bash
+
+#
+# This file is generated by 'bootstrap/template.py --render'
+# See also bootstrap/config.py
+#
+
+set -xueo pipefail
+
+dnf update -y
+dnf install -y dnf-plugins-core
+dnf copr -y enable abbra/krb5-test
+dnf update -y
+
+dnf install -y \
+    --setopt=install_weak_deps=False \
+    @development-tools \
+    acl \
+    attr \
+    autoconf \
+    avahi-devel \
+    bind-utils \
+    binutils \
+    bison \
+    ccache \
+    chrpath \
+    cups-devel \
+    curl \
+    dbus-devel \
+    docbook-dtds \
+    docbook-style-xsl \
+    flex \
+    gawk \
+    gcc \
+    gdb \
+    git \
+    glib2-devel \
+    glibc-common \
+    glibc-langpack-en \
+    glusterfs-api-devel \
+    glusterfs-devel \
+    gnutls-devel \
+    gpgme-devel \
+    gzip \
+    hostname \
+    htop \
+    jansson-devel \
+    keyutils-libs-devel \
+    krb5-devel \
+    krb5-server \
+    krb5-workstation \
+    lcov \
+    libacl-devel \
+    libarchive-devel \
+    libattr-devel \
+    libblkid-devel \
+    libbsd-devel \
+    libcap-devel \
+    libcephfs-devel \
+    libicu-devel \
+    libpcap-devel \
+    libtasn1-devel \
+    libtasn1-tools \
+    libtirpc-devel \
+    libunwind-devel \
+    liburing-devel \
+    libuuid-devel \
+    libxslt \
+    lmdb \
+    lmdb-devel \
+    make \
+    mingw64-gcc \
+    mold \
+    ncurses-devel \
+    openldap-devel \
+    pam-devel \
+    patch \
+    perl \
+    perl-Archive-Tar \
+    perl-ExtUtils-MakeMaker \
+    perl-JSON \
+    perl-JSON-Parse \
+    perl-Parse-Yapp \
+    perl-Test-Base \
+    perl-generators \
+    perl-interpreter \
+    pkgconfig \
+    popt-devel \
+    procps-ng \
+    psmisc \
+    python3 \
+    python3-cryptography \
+    python3-dateutil \
+    python3-devel \
+    python3-dns \
+    python3-gpg \
+    python3-libsemanage \
+    python3-markdown \
+    python3-policycoreutils \
+    python3-pyasn1 \
+    python3-setproctitle \
+    quota-devel \
+    readline-devel \
+    redhat-lsb \
+    rng-tools \
+    rpcgen \
+    rpcsvc-proto-devel \
+    rsync \
+    sed \
+    sudo \
+    systemd-devel \
+    tar \
+    tracker-devel \
+    tree \
+    wget \
+    which \
+    xfsprogs-devel \
+    yum-utils \
+    zlib-devel
+
+dnf clean all
\ No newline at end of file

diff --git a/bootstrap/generated-dists/f35mit120/locale.sh b/bootstrap/generated-dists/f35mit120/locale.sh
new file mode 100755 (executable)
index 0000000..cc64e18
--- /dev/null
+++ b/bootstrap/generated-dists/f35mit120/locale.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+#
+# This file is generated by 'bootstrap/template.py --render'
+# See also bootstrap/config.py
+#
+
+set -xueo pipefail
+
+# refer to /usr/share/i18n/locales
+INPUTFILE=en_US
+# refer to /usr/share/i18n/charmaps
+CHARMAP=UTF-8
+# locale to generate in /usr/lib/locale
+# glibc/localedef will normalize UTF-8 to utf8, follow the naming style
+LOCALE=$INPUTFILE.utf8
+
+# if locale is already correct, exit
+( locale | grep LC_ALL | grep -i $LOCALE ) && exit 0
+
+# if locale not available, generate locale into /usr/lib/locale
+if ! ( locale --all-locales | grep -i $LOCALE )
+then
+    # no-archive means create its own dir
+    localedef --inputfile $INPUTFILE --charmap $CHARMAP --no-archive $LOCALE
+fi
+
+# update locale conf and global env file
+# set both LC_ALL and LANG for safe
+
+# update conf for Debian family
+FILE=/etc/default/locale
+if [ -f $FILE ]
+then
+    echo LC_ALL="$LOCALE" > $FILE
+    echo LANG="$LOCALE" >> $FILE
+fi
+
+# update conf for RedHat family
+FILE=/etc/locale.conf
+if [ -f $FILE ]
+then
+    # LC_ALL is not valid in this file, set LANG only
+    echo LANG="$LOCALE" > $FILE
+fi
+
+# update global env file
+FILE=/etc/environment
+if [ -f $FILE ]
+then
+    # append LC_ALL if not exist
+    grep LC_ALL $FILE || echo LC_ALL="$LOCALE" >> $FILE
+    # append LANG if not exist
+    grep LANG $FILE || echo LANG="$LOCALE" >> $FILE
+fi
\ No newline at end of file

diff --git a/bootstrap/generated-dists/f35mit120/packages.yml b/bootstrap/generated-dists/f35mit120/packages.yml
new file mode 100644 (file)
index 0000000..b4a5ec4
--- /dev/null
+++ b/bootstrap/generated-dists/f35mit120/packages.yml
@@ -0,0 +1,105 @@
+---
+packages:
+  - @development-tools
+  - acl
+  - attr
+  - autoconf
+  - avahi-devel
+  - bind-utils
+  - binutils
+  - bison
+  - ccache
+  - chrpath
+  - cups-devel
+  - curl
+  - dbus-devel
+  - docbook-dtds
+  - docbook-style-xsl
+  - flex
+  - gawk
+  - gcc
+  - gdb
+  - git
+  - glib2-devel
+  - glibc-common
+  - glibc-langpack-en
+  - glusterfs-api-devel
+  - glusterfs-devel
+  - gnutls-devel
+  - gpgme-devel
+  - gzip
+  - hostname
+  - htop
+  - jansson-devel
+  - keyutils-libs-devel
+  - krb5-devel
+  - krb5-server
+  - krb5-workstation
+  - lcov
+  - libacl-devel
+  - libarchive-devel
+  - libattr-devel
+  - libblkid-devel
+  - libbsd-devel
+  - libcap-devel
+  - libcephfs-devel
+  - libicu-devel
+  - libpcap-devel
+  - libtasn1-devel
+  - libtasn1-tools
+  - libtirpc-devel
+  - libunwind-devel
+  - liburing-devel
+  - libuuid-devel
+  - libxslt
+  - lmdb
+  - lmdb-devel
+  - make
+  - mingw64-gcc
+  - mold
+  - ncurses-devel
+  - openldap-devel
+  - pam-devel
+  - patch
+  - perl
+  - perl-Archive-Tar
+  - perl-ExtUtils-MakeMaker
+  - perl-JSON
+  - perl-JSON-Parse
+  - perl-Parse-Yapp
+  - perl-Test-Base
+  - perl-generators
+  - perl-interpreter
+  - pkgconfig
+  - popt-devel
+  - procps-ng
+  - psmisc
+  - python3
+  - python3-cryptography
+  - python3-dateutil
+  - python3-devel
+  - python3-dns
+  - python3-gpg
+  - python3-libsemanage
+  - python3-markdown
+  - python3-policycoreutils
+  - python3-pyasn1
+  - python3-setproctitle
+  - quota-devel
+  - readline-devel
+  - redhat-lsb
+  - rng-tools
+  - rpcgen
+  - rpcsvc-proto-devel
+  - rsync
+  - sed
+  - sudo
+  - systemd-devel
+  - tar
+  - tracker-devel
+  - tree
+  - wget
+  - which
+  - xfsprogs-devel
+  - yum-utils
+  - zlib-devel
\ No newline at end of file

diff --git a/bootstrap/sha1sum.txt b/bootstrap/sha1sum.txt
index aa96502dd762641183616a303ea1a7e1714ed036..bd250e98d99d244d937837124b3e45d1e6923dff 100644 (file)
--- a/bootstrap/sha1sum.txt
+++ b/bootstrap/sha1sum.txt
@@ -1 +1 @@
-bac18584d47ffc1acb5a697d83f2232598b6afbf
+24c7cabf5c7c515ffac905cddc533a26d70abd09