1
1
mirror of https://github.com/goreleaser/nfpm synced 2024-11-18 23:14:12 +01:00
nfpm/testdata/acceptance/deb.dockerfile
Stefan Schubert b1f3fef606
fix: md5sums entries and lintian errors/warnings (#656)
Missing trailing ./ in md5sums for changelog.Debian.gz caused
md5sums-lists-nonexistent-file and file-missing-in-md5sums
and is fixed using files.AsExplicitRelativePath.
Adding copyright file fixes no-copyright-file.
Set file_info fixes executable-is-not-world-readable,
non-standard-executable-perm, non-standard-file-perm.
Adding section fixes unknown-section, empty-field.
Using standard compress/gzip module fixes
package-contains-timestamped-gzip,
because klauspost/pgzip does not support empty mod time.
Adding urgency and distribution in changelog fixes
syntax-error-in-debian-changelog.
Adding mail address to maintainer fixes malformed-contact.
Correcting description fixes description-starts-with-package-name
and description-starts-with-leading-spaces.
2023-05-11 09:14:54 -03:00

228 lines
7.2 KiB
Docker

FROM debian AS test_base
ARG package
RUN echo "${package}"
COPY ${package} /tmp/foo.deb
# ---- minimal test ----
FROM test_base AS min
RUN dpkg -i /tmp/foo.deb
# ---- symlink test ----
FROM min AS symlink
RUN ls -l /path/to/symlink | grep "/path/to/symlink -> /etc/foo/whatever.conf"
# ---- simple test ----
FROM min AS simple
RUN test -e /usr/bin/fake
RUN test -f /etc/foo/whatever.conf
RUN echo wat >> /etc/foo/whatever.conf
RUN dpkg -r foo
RUN test -f /etc/foo/whatever.conf
RUN test ! -f /usr/bin/fake
# ---- no-glob test ----
FROM min AS no-glob
RUN test -d /usr/share/whatever/
RUN test -f /usr/share/whatever/file1
RUN test -f /usr/share/whatever/file2
RUN test -d /usr/share/whatever/folder2
RUN test -f /usr/share/whatever/folder2/file1
RUN test -f /usr/share/whatever/folder2/file2
# ---- complex test ----
FROM min AS complex
RUN apt-cache show /tmp/foo.deb | grep "Depends: bash"
RUN apt-cache show /tmp/foo.deb | grep "Suggests: zsh"
RUN apt-cache show /tmp/foo.deb | grep "Recommends: fish"
RUN test -e /usr/bin/fake
RUN test -f /etc/foo/whatever.conf
RUN test -d /usr/share/whatever/
RUN test -d /usr/share/whatever/folder
RUN test -f /usr/share/whatever/folder/file1
RUN test -f /usr/share/whatever/folder/file2
RUN test -d /usr/share/whatever/folder/folder2
RUN test -f /usr/share/whatever/folder/folder2/file1
RUN test -f /usr/share/whatever/folder/folder2/file2
RUN test -d /var/log/whatever
RUN test -d /usr/share/foo
RUN test -d /usr/foo/bar/something
RUN test -d /etc/something
RUN test -f /etc/something/a
RUN test -f /etc/something/b
RUN test -d /etc/something/c
RUN test -f /etc/something/c/d
RUN test $(stat -c %a /usr/bin/fake2) -eq 4755
RUN test -f /tmp/preinstall-proof
RUN test -f /tmp/postinstall-proof
RUN test ! -f /tmp/preremove-proof
RUN test ! -f /tmp/postremove-proof
RUN echo wat >> /etc/foo/whatever.conf
RUN dpkg -r foo
RUN test -f /etc/foo/whatever.conf
RUN test ! -f /usr/bin/fake
RUN test ! -f /usr/bin/fake2
RUN test -f /tmp/preremove-proof
RUN test -f /tmp/postremove-proof
RUN test ! -d /var/log/whatever
RUN test ! -d /usr/share/foo
RUN test ! -d /usr/foo/bar/something
# ---- signed test ----
FROM test_base AS signed
COPY keys/pubkey.gpg /usr/share/debsig/keyrings/9890904DFB2EC88A/debsig.gpg
RUN apt update -y
RUN apt install -y debsig-verify
COPY deb.policy.pol /etc/debsig/policies/9890904DFB2EC88A/policy.pol
# manually check signature
RUN debsig-verify /tmp/foo.deb | grep "debsig: Verified package from 'Test package' (test)"
# clear dpkg config as it contains 'no-debsig', now every
# package that will be installed must be signed
RUN echo "" > /etc/dpkg/dpkg.cfg
RUN dpkg -i /tmp/foo.deb
# ---- signed dpkg-sig test ----
FROM test_base AS dpkg-signed
RUN apt update -y
RUN apt install -y dpkg-sig
# TODO: we should properly check the signature here, not sure how to do so.
RUN dpkg-sig --verify /tmp/foo.deb | grep "UNKNOWNSIG _gpgbuilder 15BD80B3"
RUN dpkg -i /tmp/foo.deb
# ---- overrides test ----
FROM min AS overrides
RUN test -e /usr/bin/fake
RUN test -f /etc/foo/whatever.conf
RUN test ! -f /tmp/preinstall-proof
RUN test -f /tmp/postinstall-proof
RUN test ! -f /tmp/preremove-proof
RUN test ! -f /tmp/postremove-proof
RUN echo wat >> /etc/foo/whatever.conf
RUN dpkg -r foo
RUN test -f /etc/foo/whatever.conf
RUN test ! -f /usr/bin/fake
RUN test -f /tmp/preremove-proof
RUN test ! -f /tmp/postremove-proof
# ---- meta test ----
FROM test_base AS meta
RUN apt update && apt install -y /tmp/foo.deb
RUN command -v zsh
# ---- env-var-version test ----
FROM min AS env-var-version
ENV EXPECTVER=" Version: 1.0.0~0.1.b1+git.abcdefgh"
RUN dpkg --info /tmp/foo.deb | grep "Version" > found
RUN export FOUND_VER="$(cat found)" && \
echo "Expected: '${EXPECTVER}' :: Found: '${FOUND_VER}'" && \
test "${FOUND_VER}" = "${EXPECTVER}"
# ---- changelog test ----
FROM test_base AS withchangelog
# the dpkg configuration of the docker
# image filters out changelogs by default
# so we have to remove that rule
RUN apt update -y
RUN apt install -y gzip lintian
RUN dpkg -i /tmp/foo.deb
RUN zcat "/usr/share/doc/foo/changelog.Debian.gz" | grep "Carlos A Becker <pkg@carlosbecker.com>"
RUN zcat "/usr/share/doc/foo/changelog.Debian.gz" | grep "note 1"
RUN zcat "/usr/share/doc/foo/changelog.Debian.gz" | grep "note 2"
RUN zcat "/usr/share/doc/foo/changelog.Debian.gz" | grep "note 3"
RUN lintian /tmp/foo.deb > lintian.out
RUN test $(grep -c 'debian-changelog-file-missing-or-wrong-name' lintian.out) = 0
RUN test $(grep -c 'changelog-not-compressed-with-max-compression' lintian.out) = 0
RUN test $(grep -c 'unknown-control-file' lintian.out) = 0
RUN test $(grep -c 'package-contains-timestamped-gzip' lintian.out) = 0
RUN test $(grep -c 'md5sums-lists-nonexistent-file' lintian.out) = 0
RUN test $(grep -c 'file-missing-in-md5sums' lintian.out) = 0
RUN test $(grep -c 'syntax-error-in-debian-changelog' lintian.out) = 0
RUN test $(grep -c 'no-copyright-file' lintian.out) = 0
RUN test $(grep -c 'executable-is-not-world-readable' lintian.out) = 0
RUN test $(grep -c 'non-standard-executable-perm' lintian.out) = 0
RUN test $(grep -c 'non-standard-file-perm' lintian.out) = 0
RUN test $(grep -c 'unknown-section' lintian.out) = 0
RUN test $(grep -c 'empty-field' lintian.out) = 0
RUN test $(grep -c 'syntax-error-in-debian-changelog' lintian.out) = 0
RUN test $(grep -c 'malformed-contact' lintian.out) = 0
RUN test $(grep -c 'description-starts-with-package-name' lintian.out) = 0
RUN test $(grep -c 'description-starts-with-leading-spaces' lintian.out) = 0
# ---- rules test ----
FROM min AS rules
RUN dpkg -r foo
# ---- triggers test ----
FROM min as triggers
# simulate another package that activates the trigger
RUN dpkg-trigger --by-package foo manual-trigger
RUN dpkg --triggers-only foo
RUN test -f /tmp/trigger-proof
# ---- breaks test ----
FROM test_base AS breaks
COPY dummy.deb /tmp/dummy.deb
# install dummy package
RUN dpkg -i /tmp/dummy.deb
# make sure foo can't be installed
RUN dpkg -i /tmp/foo.deb 2>&1 | grep "foo breaks dummy"
# make sure foo can be installed if dummy is not installed
RUN dpkg -r dummy
RUN dpkg -i /tmp/foo.deb
# ---- compression test ----
FROM min AS compression
RUN test -e /usr/bin/fake
RUN test -f /etc/foo/whatever.conf
RUN echo wat >> /etc/foo/whatever.conf
RUN dpkg -r foo
RUN test ! -f /usr/bin/fake
# ---- zstdcompression test ----
# we can use the regular compression image as
# soon as zstd is supported on debian
FROM ubuntu AS zstdcompression
ARG package
RUN echo "${package}"
COPY ${package} /tmp/foo.deb
RUN dpkg -i /tmp/foo.deb
RUN test -e /usr/bin/fake
RUN test -f /etc/foo/whatever.conf
RUN echo wat >> /etc/foo/whatever.conf
RUN dpkg -r foo
RUN test ! -f /usr/bin/fake
# ---- upgrade test ----
FROM test_base AS upgrade
ARG oldpackage
RUN echo "${oldpackage}"
COPY ${oldpackage} /tmp/old_foo.deb
RUN dpkg -i /tmp/old_foo.deb
RUN test -f /tmp/preinstall-proof
RUN cat /tmp/preinstall-proof | grep "Install"
RUN test -f /tmp/postinstall-proof
RUN cat /tmp/postinstall-proof | grep "Install"
RUN dpkg -i /tmp/foo.deb
RUN test -f /tmp/preremove-proof
RUN cat /tmp/preremove-proof | grep "Upgrade"
RUN test -f /tmp/postremove-proof
RUN cat /tmp/postremove-proof | grep "Upgrade"
RUN test -f /tmp/preinstall-proof
RUN cat /tmp/preinstall-proof | grep "Upgrade"
RUN test -f /tmp/postinstall-proof
RUN cat /tmp/postinstall-proof | grep "Upgrade"