Merge pull request #24637 from mrc0mmand/TEST-75-tweaks

test: make the resolved notifications check a bit more robust

test/TEST-58-REPART/test.sh

@@ -10,7 +10,6 @@ TEST_DESCRIPTION="test systemd-repart"
 test_append_files() {
     if ! get_bool "${TEST_NO_QEMU:=}"; then
         install_dmevent
-        image_install jq
         instmods dm_verity =md
         generate_module_dependencies
     fi

test/test-functions

@@ -179,6 +179,7 @@ BASICTOOLS=(
     head
     ionice
     ip
+    jq
     killall
     ldd
     ln

test/units/testsuite-75.sh

@@ -11,10 +11,71 @@ RUN_OUT="$(mktemp)"
 NOTIFICATION_SUBSCRIPTION_SCRIPT="/tmp/subscribe.sh"
 NOTIFICATION_LOGS="/tmp/notifications.txt"
 
+at_exit() {
+    set +e
+    cat "$NOTIFICATION_LOGS"
+}
+
+trap at_exit EXIT
+
 run() {
     "$@" |& tee "$RUN_OUT"
 }
 
+run_retry() {
+    local ntries="${1:?}"
+    local i
+
+    shift
+
+    for ((i = 0; i < ntries; i++)); do
+        "$@" && return 0
+        sleep .5
+    done
+
+    return 1
+}
+
+notification_check_host() {
+    local host="${1:?}"
+    local address="${2:?}"
+
+    # Attempt to parse the notification JSON returned over varlink and check
+    # if it contains the requested record. As this is an async operation, let's
+    # retry it a couple of times in case it fails.
+    #
+    # Example JSON:
+    # {
+    #   "parameters": {
+    #     "addresses": [
+    #       {
+    #         "ifindex": 2,
+    #         "family": 2,
+    #         "address": [
+    #           10,
+    #           0,
+    #           0,
+    #           121
+    #         ],
+    #         "type": "A"
+    #       }
+    #     ],
+    #     "name": "untrusted.test"
+    #   },
+    #   "continues": true
+    # }
+    #
+    # Note: we need to do some post-processing of the $NOTIFICATION_LOGS file,
+    #       since the JSON objects are concatenated with \0 instead of a newline
+    # shellcheck disable=SC2016
+    run_retry 10 jq --slurp \
+                    --exit-status \
+                    --arg host "$host" \
+                    --arg address "$address" \
+                    '.[] | select(.parameters.name == $host) | .parameters.addresses[] | select(.address | join(".") == $address) | true' \
+                    <(tr '\0' '\n' <"$NOTIFICATION_LOGS")
+}
+
 ### SETUP ###
 # Configure network
 hostnamectl hostname ns1.unsigned.test
@@ -120,7 +181,7 @@ knotc reload
 # Sanity check
 run getent -s resolve hosts ns1.unsigned.test
 grep -qE "^10\.0\.0\.1\s+ns1\.unsigned\.test" "$RUN_OUT"
-grep -aF "ns1.unsigned.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,1]"
+notification_check_host "ns1.unsigned.test" "10.0.0.1"
 
 # Issue: https://github.com/systemd/systemd/issues/18812
 # PR: https://github.com/systemd/systemd/pull/18896
@@ -213,7 +274,7 @@ grep -qF "; fully validated" "$RUN_OUT"
 run resolvectl query -t A cname-chain.signed.test
 grep -qF "follow14.final.signed.test IN A 10.0.0.14" "$RUN_OUT"
 grep -qF "authenticated: yes" "$RUN_OUT"
-grep -aF "cname-chain.signed.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,14]"
+notification_check_host "cname-chain.signed.test" "10.0.0.14"
 # Non-existing RR + CNAME chain
 run dig +dnssec AAAA cname-chain.signed.test
 grep -qF "status: NOERROR" "$RUN_OUT"
@@ -252,7 +313,7 @@ grep -qF "authenticated: yes" "$RUN_OUT"
 # Resolve via dbus method
 run busctl call org.freedesktop.resolve1 /org/freedesktop/resolve1 org.freedesktop.resolve1.Manager ResolveHostname 'isit' 0 secondsub.onlinesign.test 0 0
 grep -qF '10 0 0 134 "secondsub.onlinesign.test"' "$RUN_OUT"
-grep -aF "secondsub.onlinesign.test" $NOTIFICATION_LOGS | grep -qF "[10,0,0,134]"
+notification_check_host "secondsub.onlinesign.test" "10.0.0.134"
 
 : "--- ZONE: untrusted.test (DNSSEC without propagated DS records) ---"
 run dig +short untrusted.test
@@ -271,7 +332,5 @@ grep -qF "authenticated: no" "$RUN_OUT"
 #run dig +dnssec this.does.not.exist.untrusted.test
 #grep -qF "status: NXDOMAIN" "$RUN_OUT"
 
-cat $NOTIFICATION_LOGS
-
 touch /testok
 rm /failed