blob: 08887d4aba6d3be62a992f43e9b2d9899f81caa3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
#!/usr/bin/env bash
set -eu
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
cd "$SCRIPT_DIR"
RUNNER_DIR="$1"
APP_PACKAGE="$2"
PREVIOUS_APP="$3"
UI_RUNNER="$4"
UNPRIVILEGED_USER="$5"
# Copy over test runner to correct place
echo "Copying test-runner to $RUNNER_DIR"
mkdir -p "$RUNNER_DIR"
for file in test-runner connection-checker $APP_PACKAGE $PREVIOUS_APP $UI_RUNNER; do
echo "Moving $SCRIPT_DIR/$file to $RUNNER_DIR"
cp -f "$SCRIPT_DIR/$file" "$RUNNER_DIR"
done
# Unprivileged users need execute rights for connection checker
chmod 551 "${RUNNER_DIR}/connection-checker"
chown -R root "$RUNNER_DIR/"
# Create service
function setup_macos {
RUNNER_PLIST_PATH="/Library/LaunchDaemons/net.mullvad.testunner.plist"
echo "Creating test runner service as $RUNNER_PLIST_PATH"
cat > $RUNNER_PLIST_PATH << EOF
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>net.mullvad.testrunner</string>
<key>ProgramArguments</key>
<array>
<string>$RUNNER_DIR/test-runner</string>
<string>/dev/tty.virtio</string>
<string>serve</string>
</array>
<key>UserName</key>
<string>root</string>
<key>RunAtLoad</key>
<true/>
<key>KeepAlive</key>
<true/>
<key>StandardOutPath</key>
<string>/tmp/runner.out</string>
<key>StandardErrorPath</key>
<string>/tmp/runner.err</string>
<key>EnvironmentVariables</key>
<dict>
<key>PATH</key>
<string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin</string>
</dict>
</dict>
</plist>
EOF
create_test_user_macos
echo "Starting test runner service"
launchctl load -w $RUNNER_PLIST_PATH
}
function create_test_user_macos {
echo "Adding test user account"
sysadminctl -addUser "$UNPRIVILEGED_USER" -fullName "$UNPRIVILEGED_USER" -password "$UNPRIVILEGED_USER"
}
function setup_systemd {
RUNNER_SERVICE_PATH="/etc/systemd/system/testrunner.service"
echo "Creating test runner service as $RUNNER_SERVICE_PATH"
cat > $RUNNER_SERVICE_PATH << EOF
[Unit]
Description=Mullvad Test Runner
[Service]
ExecStart=$RUNNER_DIR/test-runner /dev/ttyS0 serve
[Install]
WantedBy=multi-user.target
EOF
echo "Starting test runner service"
semanage fcontext -a -t bin_t "$RUNNER_DIR/.*" &> /dev/null || true
create_test_user_linux
systemctl enable testrunner.service
systemctl start testrunner.service
}
function create_test_user_linux {
echo "Adding test user account"
useradd -m "$UNPRIVILEGED_USER"
echo "$UNPRIVILEGED_USER:$UNPRIVILEGED_USER" | chpasswd
}
if [[ "$(uname -s)" == "Darwin" ]]; then
setup_macos
exit 0
fi
setup_systemd
# Run apt with some arguments
robust_apt () {
# We don't want to fail due to the global apt lock being
# held, which happens sporadically. It is fine to wait for
# some time if it means that the test run can continue.
DEBIAN_FRONTEND=noninteractive apt-get -qy -o DPkg::Lock::Timeout=60 "$@"
}
function install_packages_apt {
echo "Installing required apt packages"
robust_apt update
robust_apt install xvfb wireguard-tools curl
if ! which ping &>/dev/null; then
robust_apt install iputils-ping
fi
curl -fsSL https://get.docker.com | sh
}
# Install required packages
if which apt &>/dev/null; then
install_packages_apt
elif which dnf &>/dev/null; then
dnf install -y xorg-x11-server-Xvfb wireguard-tools podman
fi
|
