Commit graph

1020 commits

Author SHA1 Message Date
Debarshi Ray
ccaa27e034 playbooks: Rename the file with the dependencies
This will be used by the subsequent commit to have a separate set of
dependencies for CentOS Stream 9 builds.  eg., unlike Fedora, CentOS
Stream 9 doesn't have the ShellCheck, bats and fish RPMs.

https://github.com/containers/toolbox/pull/1171
2022-12-14 23:09:55 +01:00
Debarshi Ray
bc1781085b playbooks: Reveal the standard error & output streams from 'meson test'
Currently, the standard error and output streams of the child commands
invoked by 'meson test' are redirected to a separate log file.  When the
tests fail, it's difficult, or maybe even impossible, to access this
file from the Zuul CI, and all that can be seen is something like:
  1/7 shellcheck src/go-build-wrapper OK              0.04s
  2/7 shellcheck profile.d/toolbox.sh FAIL            0.06s   exit status 1
  >>> MALLOC_PERTURB_=241 /usr/bin/shellcheck
    --shell=sh
    /home/zuul-worker/src/github.com/containers/toolbox/builddir/../profile.d/toolbox.sh

  3/7 go fmt                          FAIL            0.05s   exit status 1
  >>> MALLOC_PERTURB_=209 /usr/bin/python3
    /home/zuul-worker/src/github.com/containers/toolbox/src/meson_go_fmt.py
    /home/zuul-worker/src/github.com/containers/toolbox/src

  4/7 codespell                       FAIL            0.31s   exit status 65
  >>> MALLOC_PERTURB_=180 /usr/bin/codespell
    --check-filenames
    --check-hidden
    --context 3
    --exclude-file /home/zuul-worker/src/github.com/containers/toolbox/.codespellexcludefile
    --skip /home/zuul-worker/src/github.com/containers/toolbox/builddir
    --skip /home/zuul-worker/src/github.com/containers/toolbox/.git
    --skip /home/zuul-worker/src/github.com/containers/toolbox/test/system/libs/bats-assert
    --skip /home/zuul-worker/src/github.com/containers/toolbox/test/system/libs/bats-support
    /home/zuul-worker/src/github.com/containers/toolbox

  5/7 shellcheck toolbox (deprecated) FAIL            1.09s   exit status 1
  >>> MALLOC_PERTURB_=233 /usr/bin/shellcheck
    /home/zuul-worker/src/github.com/containers/toolbox/builddir/../toolbox

  6/7 go test                         OK              1.89s
  7/7 go vet                          OK             17.60s

This doesn't have enough information to understand what caused the tests
to fail on non-interactive CI environments.

Not redirecting the standard error and output streams of the child
commands invoked by 'meson test' will readily reveal more details about
the test failures and remove the need to find the log file created by
Meson.

https://github.com/containers/toolbox/pull/1171
2022-12-14 23:09:55 +01:00
Debarshi Ray
65194bd45e test/system: Avoid false positives from codespell
Otherwise codespell would complain:
  : @test "create: Try to create a container with invalid custom name...
  >   run $TOOLBOX -y create "ßpeci@l.Nam€"
  :
  ./test/system/101-create.bats:57: Nam ==> Name

CentOS Stream 9 has codespell-2.2.1, while so far the 'unit tests' were
being run on Fedora 36, which only has codespell-2.1.0.

This is a step towards testing on CentOS Stream 9.

https://github.com/containers/toolbox/pull/1200
2022-12-14 23:09:21 +01:00
Debarshi Ray
5f5f7b6aab test/system: Fix spelling mistake using codespell
CentOS Stream 9 has codespell-2.2.1, while so far the 'unit tests' were
being run on Fedora 36, which only has codespell-2.1.0.

This is a step towards testing on CentOS Stream 9.

Fallout from ecd1ced719

https://github.com/containers/toolbox/pull/1200
2022-12-14 23:09:21 +01:00
Debarshi Ray
77be1bbfdd .codespellexcludefile: Silence false positives
Otherwise codespell would complain:
  :    {"/tmp", "/run/host/tmp", "rslave"},
  >    {"/var/lib/flatpak", "/run/host/var/lib/flatpak", "ro"},
  :    {"/var/lib/libvirt", "/run/host/var/lib/libvirt", ""},
./src/cmd/initContainer.go:61: ro ==> to, row, rob, rod, roe, rot

CentOS Stream 9 has codespell-2.2.1, while so far the 'unit tests' were
being run on Fedora 36, which only has codespell-2.1.0.

This is a step towards testing on CentOS Stream 9.

https://github.com/containers/toolbox/pull/1200
2022-12-14 23:09:21 +01:00
Debarshi Ray
de1c17804d Silence SC2295
Otherwise https://www.shellcheck.net/ would complain:
  Line 86:
  term_just_first_character="${TERM%$term_without_first_character}"
                                    ^-- SC2295 (info): Expansions inside
                                      ${..} need to be quoted
                                      separately, otherwise they match
                                      as patterns.

See: https://www.shellcheck.net/wiki/SC2295

CentOS Stream 9 has ShellCheck-0.8.0, while so far the 'unit tests' were
being run on Fedora 36, which only has ShellCheck-0.7.2.

This is a step towards testing on CentOS Stream 9.

https://github.com/containers/toolbox/pull/1200
2022-12-14 23:09:21 +01:00
Debarshi Ray
995c6d175e playbooks/dependencies: Avoid stale DNF caches on high-churn RPM repos
Sometimes the RPM dependencies can't be installed because the DNF cache
refers to old packages that have been replaced by newer builds on the
RPM repositories [1].  This often happens on Fedora Rawhide because it
sees a lot more churn than stable Fedoras.

Currently, one has to keep restarting the tests manually by typing
'recheck' until the DNF caches eventually get updated.  This is both
very inefficient because it requires manual intervention; and wasteful
because it can take several attempts and it doesn't just run the failing
Ansible job, but all the other ones too.

It will be good to force the DNF cache to be updated [2] when an Ansible
job is being attempted more than once [3].

[1] https://github.com/containers/toolbox/pull/1171
    https://github.com/containers/toolbox/pull/1200

[2] https://docs.ansible.com/ansible/latest/collections/ansible/builtin/dnf_module.html#parameter-update_cache

[3] https://zuul-ci.org/docs/zuul/latest/job-content.html#var-zuul.attempts

https://github.com/containers/toolbox/pull/1201
2022-12-14 22:38:08 +01:00
Debarshi Ray
42e9501950 cmd/initContainer: Conform to gofmt changes in Go 1.19
CentOS Stream 9 has golang-1.19.2, while so far the 'unit tests' were
being run on Fedora 36, which only has golang-1.18.8.

This is a step towards testing on CentOS Stream 9.

https://github.com/containers/toolbox/pull/1199
2022-12-14 01:04:50 +01:00
Debarshi Ray
0f43be73c6 doc/toolbox.conf: Fix spelling mistake using codespell
CentOS Stream 9 has codespell-2.2.1, while so far the 'unit tests' were
being run on Fedora 36, which only has codespell-2.1.0.

This is a step towards testing on CentOS Stream 9.

Fallout from 708fa593e2

https://github.com/containers/toolbox/pull/1199
2022-12-14 00:35:56 +01:00
Debarshi Ray
35783e0d0c playbooks/dependencies: Show the ShellCheck and codespell versions
Different versions of ShellCheck and codespell may treat the same code
base differently.  eg., these tools are currently being used on Fedora
36 as part of the 'unit tests', but CentOS Stream 9 has newer versions
that are stricter and catch several new problems.

Knowing the versions of the tools used in the tests helps to understand
these differences, and is a step towards testing on CentOS Stream 9.

https://github.com/containers/toolbox/pull/1199
2022-12-14 00:35:43 +01:00
Martin Krajnak
05a062f8c9 test/system: Ensure that copied images are clearly identified
Note that 'run --keep-empty-lines' counts the trailing newline on the
last line as a separate line.

Until Bats 1.7.0, 'run --keep-empty-lines' had a bug where even when a
command produced no output, it would report a line count of one [1] due
to a stray line feed character.  This needs to be conditionalized, since
Fedora 35 has Bats 1.5.0.

[1] https://github.com/bats-core/bats-core/issues/573

https://github.com/containers/toolbox/issues/1043
2022-12-12 21:49:21 +01:00
Debarshi Ray
6aab0a6175 Unbreak sorting and clearly identify copied images in 'list'
Currently, if an image was copied with:
  $ skopeo copy \
      containers-storage:registry.fedoraproject.org/fedora-toolbox:36 \
      containers-storage:localhost/fedora-toolbox:36

... or:
  $ podman tag \
      registry.fedoraproject.org/fedora-toolbox:36 \
      localhost/fedora-toolbox:36

... then it would show up twice in 'list' with the same name, and in the
wrong order.

Either as:
  $ toolbox list --images
  IMAGE ID      IMAGE NAME                                      CREATED
  2110dbbc33d2  localhost/fedora-toolbox:36                     1 day...
  e085805ade4a  registry.access.redhat.com/ubi8/toolbox:latest  1 day...
  2110dbbc33d2  localhost/fedora-toolbox:36                     1 day...
  70cbe2ce60ca  registry.fedoraproject.org/fedora-toolbox:34    1 day...

... or as:
  $ toolbox list --images
  IMAGE ID      IMAGE NAME                                      CREATED
  2110dbbc33d2  registry.fedoraproject.org/fedora-toolbox:36    1 day...
  e085805ade4a  registry.access.redhat.com/ubi8/toolbox:latest  1 day...
  2110dbbc33d2  registry.fedoraproject.org/fedora-toolbox:36    1 day...
  70cbe2ce60ca  registry.fedoraproject.org/fedora-toolbox:34    1 day...

The correct output should be similar to 'podman images', and be sorted
in ascending order of the names:
  $ toolbox list --images
  IMAGE ID      IMAGE NAME                                      CREATED
  2110dbbc33d2  localhost/fedora-toolbox:36                     1 day...
  e085805ade4a  registry.access.redhat.com/ubi8/toolbox:latest  1 day...
  70cbe2ce60ca  registry.fedoraproject.org/fedora-toolbox:34    1 day...
  2110dbbc33d2  registry.fedoraproject.org/fedora-toolbox:36    1 day...

The problem is that, in these situations, 'podman images --format json'
returns separate identical JSON collections for each copy of the image,
and all of those copies have multiple names:
  [
    {
      "Id": "2110dbbc33d2",
      ...
      "Names": [
        "localhost/fedora-toolbox:36",
        "registry.fedoraproject.org/fedora-toolbox:36"
      ],
      ...
    },
    {
      "Id": "e085805ade4a",
      ...
      "Names": [
        "registry.access.redhat.com/ubi8/toolbox:latest"
      ],
      ...
    },
    {
      "Id": "2110dbbc33d2",
      ...
      "Names": [
        "localhost/fedora-toolbox:36",
        "registry.fedoraproject.org/fedora-toolbox:36"
      ],
      ...
    }
    {
      "Id": "70cbe2ce60ca",
      ...
      "Names": [
        "registry.fedoraproject.org/fedora-toolbox:34"
      ],
      ...
    },
  ]

The image objects need to be flattened to have only one unique name per
copy, but with the same ID, and then sorted to ensure the right order.

Note that the ordering was already broken since commit 2369da5d31,
which started using 'podman images --sort repository'.  Podman can sort
by either the image's repository or tag, but not by the unified name,
which is what Toolbx needs.  Therefore, even without copied images,
Toolbx really does need to sort the images itself.

Prior to commit 2369da5d31, the ordering was correct, but copied
images would only show up once.

Fallout from 2369da5d31

This reverts parts of commit 67e210378e.

https://github.com/containers/toolbox/issues/1043
2022-12-12 21:49:21 +01:00
Debarshi Ray
51eccd3da5 test/system: Test 'rmi' with an image
https://github.com/containers/toolbox/pull/1195
2022-12-12 20:59:52 +01:00
Debarshi Ray
bbdf4ddb63 test/system: Test 'rmi' with an image and its copy
https://github.com/containers/toolbox/issues/1043
2022-12-12 20:59:52 +01:00
Martin Krajnak
d5daa7167e test/system: Add a helper to pull the default image and copy it
This will be used in subsequent commits to test the handling of such
copied images in 'toolbox list' and 'toolbox rmi'.

https://github.com/containers/toolbox/issues/1043
2022-12-12 20:59:47 +01:00
Debarshi Ray
a0d4c957b3 test/system: Test 'rmi' with an image without a name
https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
e25ab310fa test/system: Test 'rmi --all' with an image without a name
https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
8a37c08780 test/system: Test 'rmi --all' without any images
https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
e8f4e9c367 .zuul: Try to prevent the CI from timing out on Fedora Rawhide
With the recent expansion of the test suite, it's necessary to increase
the timeout for Fedora Rawhide nodes to prevent the CI from timing out.

https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
210985ecd1 test/system: Ensure that error messages go to the standard error stream
Currently, there's no way to get assert_line to use the stderr_lines
array [1].  This is worked around by assigning stderr_lines to the
'lines' array.

[1] https://github.com/bats-core/bats-assert/issues/42

https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
26ed682cd1 test/system: Keep empty lines to prevent missing and spurious newlines
https://github.com/containers/toolbox/pull/1195
2022-12-12 15:13:26 +01:00
Debarshi Ray
303c7ae99a test/system: Don't ignore copies when counting images
If an image was copied with:
  $ skopeo copy \
      containers-storage:registry.fedoraproject.org/fedora-toolbox:36 \
      containers-storage:localhost/fedora-toolbox:36

... or:
  $ podman tag \
      registry.fedoraproject.org/fedora-toolbox:36 \
      localhost/fedora-toolbox:36

... then the image ID is only showed once in 'podman images --quiet',
not twice.

A subsequent commit will use this to write tests to ensure that copied
images are correctly handled.

https://github.com/containers/toolbox/issues/1043
2022-12-12 15:04:42 +01:00
Debarshi Ray
5e8446971c test/system: Use long options, instead of their shorter aliases
The long options are easier to grep(1) for in the sources than their
shorter aliases.

https://github.com/containers/toolbox/pull/1197
2022-12-12 15:00:46 +01:00
Debarshi Ray
f17a632f9a test/system: Check the line count in the standard error & output streams
Note that 'run --keep-empty-lines' counts the trailing newline on the
last line as a separate line.

Until Bats 1.7.0, 'run --keep-empty-lines' had a bug where even when a
command produced no output, it would report a line count of one [1] due
to a stray line feed character.  This needs to be conditionalized, since
Fedora 35 has Bats 1.5.0.

[1] https://github.com/bats-core/bats-core/issues/573

https://github.com/containers/toolbox/pull/1192
2022-12-08 23:08:47 +01:00
Debarshi Ray
89385e12b5 test/system: Ensure that non-error messages go to the standard output
https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
4d1cc5b39b test/system: Test the order in 'list' for images with & without names
Note that 'run --keep-empty-lines' counts the trailing newline on the
last line as a separate line.

Until Bats 1.7.0, 'run --keep-empty-lines' had a bug where even when a
command produced no output, it would report a line count of one [1] due
to a stray line feed character.  This needs to be conditionalized, since
Fedora 35 has Bats 1.5.0.

[1] https://github.com/bats-core/bats-core/issues/573

https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
cc60bc6893 test/system: Split out the code to build an image without a name
This will be used by a subsequent commit to test the order in which
images with and without names are listed.

https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
54f09ae8a6 test/system: Group the test cases somewhat logically
A subsequent commit will test the order in which images with and without
names are listed.  It's logical for that test to come after the one
about the basic support for images without names.

https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
f0a805af84 test/system: Fix indentation
https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
0fde202d82 test/system: Keep empty lines to prevent missing and spurious newlines
The tests are intended for Toolbx, not Podman or other commands.  Hence,
it's only necessary to keep the empty lines for Toolbx invocations.
Being too sensitive about the exact output of other commands can lead to
spurious failures [1].

[1] Commit 259afdf815
    https://github.com/containers/toolbox/pull/846

https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
da1724c896 test/system: Test the order in 'list' for images and containers
https://github.com/containers/toolbox/pull/1192
2022-12-08 22:33:35 +01:00
Debarshi Ray
ba082abaea build: List out the runtime dependencies for the system tests
Skopeo was already listed, so it didn't make sense to leave out the
others.  It's useful to give the user a heads-up to make it obvious what
the requirements are.

https://github.com/containers/toolbox/pull/1194
2022-12-08 22:25:24 +01:00
Debarshi Ray
f3e005d014 build: Add missing mandatory build-time dependency
Commit bafbbe81c9 started generating the shell completions at
build-time using the 'toolbox completion' command, and toolbox(1)
doesn't start without podman(1).

Fallout from bafbbe81c9

https://github.com/containers/toolbox/pull/1194
2022-12-08 22:24:50 +01:00
Debarshi Ray
7375be82d0 test/system: Remove stray (possibly for debugging) 'podman images'
This was making it difficult to read the Bats assertions on test
failures, by polluting it with unexpected and irrelevant output from
'podman images'.  For example [1]:
  not ok 39 list: Images with and without names in 12332ms
  # (from function `assert' in file test/system/libs/bats-assert/src/assert.bash, line 46,
  #  in test file test/system/102-list.bats, line 126)
  #   `assert [ ${#stderr_lines[@]} -eq 0 ]' failed
  # REPOSITORY                                 TAG         IMAGE ID      CREATED      SIZE
  # registry.fedoraproject.org/fedora-toolbox  35          862705390e8b  4 weeks ago  332 MB
  # REPOSITORY                                 TAG         IMAGE ID      CREATED       SIZE
  # registry.fedoraproject.org/fedora-toolbox  35          862705390e8b  4 weeks ago   332 MB
  # registry.fedoraproject.org/fedora-toolbox  34          70cbe2ce60ca  7 months ago  354 MB
  #
  # -- assertion failed --
  # expression : [ 1 -eq 0 ]
  # --
  #

Fallout from 7973181136

[1] https://github.com/containers/toolbox/pull/1192

https://github.com/containers/toolbox/pull/1193
2022-12-08 00:32:12 +01:00
Debarshi Ray
5f324d537e cmd/list, pkg/podman: Limit access to the raw 'podman images' JSON
This builds on top of commit 0465d78fd9034ce9.

The toolboxImage type has been renamed to Image and moved into the
podman package.

There is nothing Toolbx specific about the type - it represents any
image returned by 'podman images'.  The images are only later filtered
for Toolbx images.

Secondly, having the Image type inside the podman package makes it
possible to encapsulate the unmarshalling of the JSON within the package
without exposing the raw JSON to outside consumers.  This is desirable
because the unmarshalling involves tracking changes in the JSON output
by different Podman versions, and it's better to limit such details to
the podman package.

https://github.com/containers/toolbox/pull/1190
2022-12-07 13:06:20 +01:00
Debarshi Ray
5baf3162a9 cmd/list: Style fixes
This will make the subsequent commit easier to read.

https://github.com/containers/toolbox/pull/1190
2022-12-07 13:06:20 +01:00
Debarshi Ray
e1ead145fc cmd/list: Rename a variable for ease of grepping
It's better to avoid single letter variables in general, because they
are so hard to grep for.

This will make the subsequent commit easier to read.

https://github.com/containers/toolbox/pull/1190
2022-12-07 13:06:20 +01:00
Debarshi Ray
2486e25601 cmd/list, pkg/podman: Don't unmarshal the 'podman images' JSON twice
This builds on top of commit e772207831.

Currently, the JSON from 'podman images --format json' gets unmarshalled
into a []map[string]interface{} in podman.GetImages, where the maps in
the slice represent images.  Each map is then marshalled back into JSON
and then again unmarshalled into a toolboxImage type.

This is wasteful.  The toolboxImage type already implements the
json.Unmarshaler interface [1], since commit e772207831.  Hence,
the entire JSON from 'podman images --format json' can be directly
unmarshalled into a slice of toolboxImages without involving the
[]map[string]interface{}.

A subsequent commit will move the toolboxImage type into the podman
package to more tightly encapsulate the unmarshalling of the JSON.  So,
as an intermediate step in that direction, the podman.GetImages function
has been temporarily changed to return the entire JSON.

[1] https://pkg.go.dev/encoding/json#Unmarshaler

https://github.com/containers/toolbox/pull/1190
2022-12-07 13:06:20 +01:00
Debarshi Ray
aeb5d8ec1a test/system: Test a container with an old forward incompatible runtime
Commit ae43560d45 had added a test with a similar intention.  When
the test suite is run on a Fedora Rawhide host, it tests whether the
containers for the two previous stable Fedora releases start or not.
Fedora N-2 reaches End of Life 4 weeks after Fedora N is released [1].
So, testing the containers for Fedora Rawhide and the two previous
stable releases on a Fedora Rawhide host is a decent test of general
backwards compatibility.

However, as seen recently [2], this isn't enough to catch some known
ABI compatibility issues [3,4].  These involve toolbox binaries built
on hosts with newer toolchains that aren't meant to be run against
containers with older runtimes.  A targeted test is needed to defend
against these scenarios.

The fedora-toolbox:34 image has glibc-2.33, which is old enough to be
unable to run binaries compiled on Fedora 35 with glibc-2.34 and newer.

[1] https://docs.fedoraproject.org/en-US/releases/

[2] https://github.com/containers/toolbox/pull/1180

[3] Commit 6063eb27b9
    https://github.com/containers/toolbox/issues/821

[4] Commit 6ad9c63180
    https://github.com/containers/toolbox/issues/529

https://github.com/containers/toolbox/pull/1187
2022-12-07 13:03:09 +01:00
Debarshi Ray
7ab2f9b866 test/system: Replace fedora-toolbox:32 with fedora-toolbox:34
Fedora 32 reached End of Life on 25th May 2021:
https://docs.fedoraproject.org/en-US/releases/eol/

That's quite old because right now Fedora 35 is nearing its End of Life.

Since the tests are intended for Toolbx, not the Fedora infrastructure,
it will be better to use a newer image, because images that are too old
can get lost from registry.fedoraproject.org.  The fedora-toolbox:34
image can be a drop-in replacement for the fedora-toolbox:32 image for
the purposes of this test suite, and has the advantage of being newer.

Note that fedora-toolbox:34 is also old enough to test that the toolbox
binary runs against it's build-time ABI from the host, and not the
Toolbx container's ABI, when it's invoked as the entry point of the
container [1,2].  This is important because the subsequent commit will
add a test to ensure that.

[1] Commit 6063eb27b9
    https://github.com/containers/toolbox/issues/821

[2] Commit 6ad9c63180
    https://github.com/containers/toolbox/issues/529

https://github.com/containers/toolbox/pull/1187
2022-12-07 12:56:41 +01:00
Debarshi Ray
67e210378e cmd/list: Simplify code
Fallout from 2369da5d31

https://github.com/containers/toolbox/pull/1189
2022-12-06 00:27:55 +01:00
Debarshi Ray
71f73a4b31 cmd/list: Remove redundant initializations
Fallout from 2369da5d31

https://github.com/containers/toolbox/pull/1188
2022-12-05 22:21:09 +01:00
Debarshi Ray
9e1cc2afaf build: Reduce the verbosity of 'go test'
Otherwise, there's so much spew from 'go test', including the successful
tests, that the actual failures don't stand out.

Note that, the different steps involved in building the code base are a
lot more interdependent on each other.  Hence, some extra verbosity
can help understand what caused a build failure on non-interactive build
environments.  In contrast, the runtime outputs from each test case are
a lot more isolated and independent from one another.  The additional
verbosity from successful tests doesn't really help understand why a
particular test failed.

https://github.com/containers/toolbox/pull/1186
2022-12-02 13:05:29 +01:00
Debarshi Ray
f695012faf build: Enforce all the default 'go vet' checks on all Go sources
Currently, only a so-called high-confidence subset of the default checks
in 'go vet' are being run by 'go test' [1].  Since 'go vet' is part of
the core Go tools, it's worth trying to use more of it.  After all,
golangci-lint, which is currently being run through a GitHub Action,
is running the default 'go vet' checks as one of its linters [2].

It's good to have as much of the testing wrapped inside 'meson test', as
possible, because it's easier to run locally and on other non-GitHub CI
environments like those of downstream distributors.

[1] https://pkg.go.dev/cmd/go/internal/test

[2] https://golangci-lint.run/usage/linters/
    https://golangci-lint.run/usage/linters/#govet

https://github.com/containers/toolbox/pull/1186
2022-12-02 11:39:03 +01:00
Debarshi Ray
f0425d4240 build: Rename the 'go test' test for consistency
https://github.com/containers/toolbox/pull/1186
2022-12-02 11:12:21 +01:00
Debarshi Ray
fa1b7e26a2 cmd/initContainer: Limit the scope of the error
Fallout from d323143c46

https://github.com/containers/toolbox/pull/1185
2022-12-01 18:24:59 +01:00
Debarshi Ray
b85ab0a4f1 cmd/initContainer, cmd/run: Restore hints about unreachable code
In the past, before commit d323143c46, there was either had a
dummy 'return' statement or a self-documenting 'panic' that said that
the code should not be reached.  Since neither golangci-lint nor
'go vet' likes those, a comment is the only option left.

Note that the core Go tools like 'go vet' [1], but also 'go lint' [2],
explicitly don't intend to add fine-grained configuration options,
including inline directives or pragmas, to silence specific warnings.
That's something golangci-lint offers [3], to the extent that it's
supported by its linters [4].  However, golangci-lint also uses 'go vet'
as one of those linters, so it's the same problem all over again.

Therefore, between the two extremes of leaving the code difficult to
read and using a very big hammer to disable a needlessly big chuck of
'go vet', a comment is the least worst option.

[1] https://github.com/golang/go/issues/17058
    https://github.com/golang/go/issues/18432

[2] https://github.com/golang/lint/issues/263

[3] https://golangci-lint.run/usage/false-positives/

[4] https://golangci-lint.run/usage/linters/

Fallout from d323143c46

https://github.com/containers/toolbox/pull/1185
2022-12-01 18:24:15 +01:00
Debarshi Ray
d0fe8c45f7 README.md: Clarify that Toolbx isn't a security mechanism
Using the word 'containerized' gives the false impression of heightened
security.  As if it's a mechanism to run untrusted software in a
sandboxed environment without access to the user's private data (such as
$HOME), hardware peripherals (such as cameras and microphones), etc..
That's not what Toolbx is for.

Toolbx aims to offer an interactive command line environment for
development and troubleshooting the host operating system, without
having to install software on the host.  That's all.  It makes no
promise about security beyond what's already available in the usual
command line environment on the host that everybody is familiar with.

https://github.com/containers/toolbox/issues/1020
2022-11-29 17:46:34 +01:00
Debarshi Ray
f5057d782e README.md: Tweak
Mention that Toolbx is meant for system administrators to troubleshoot
the host operating system.  The word 'debugging' is often used in the
context of software development, and hence most readers might not
interpret it as 'troubleshooting'.

https://github.com/containers/toolbox/pull/1182
2022-11-29 17:46:25 +01:00
Debarshi Ray
11d3c6bda5 README.md: Remove trailing newline
Fallout from bafbbe81c9

https://github.com/containers/toolbox/pull/1182
2022-11-29 17:01:06 +01:00