Add Docker-based test suite and fix install/uninstall for all 6 OSes#35
Closed
DASimp wants to merge 5 commits into
Closed
Add Docker-based test suite and fix install/uninstall for all 6 OSes#35DASimp wants to merge 5 commits into
DASimp wants to merge 5 commits into
Conversation
## Test infrastructure (new)
- tests/run-tests.sh: orchestrates build → install → verify → uninstall → verify
across all 6 supported OSes; runs each OS sequentially with full logging to
tests/logs/<os-slug>/
- tests/verify-install.sh: 24-point post-install checklist (services running,
files present, DB accessible, SimpleRisk web UI reachable, cron job installed,
SSL cert present, PHP settings applied)
- tests/verify-uninstall.sh: 12-point post-uninstall checklist (packages removed,
files/dirs gone, DB dropped, cron job removed)
- tests/dockerfiles/Dockerfile.ubuntu-{22.04,24.04}: pre-install lamp-server^ with
policy-rc.d deny so services are installed but not started; start them before
running the setup script to match a real server state
- tests/dockerfiles/Dockerfile.debian-{12,13}: /etc/init.d/mysql shim that manages
mysqld directly (no systemd); /usr/sbin/policy-rc.d deny gate during image build
- tests/dockerfiles/Dockerfile.centos-stream-{9,10}: /usr/local/bin/systemctl shim
(takes PATH precedence over real systemctl installed by MySQL's systemd RPM dep)
that manages mysqld and httpd directly; no-op shims for firewall-cmd, setsebool,
chcon; innodb_use_native_aio=0 for Docker overlayfs compatibility
- .github/workflows/install-test.yml: CI matrix over all 6 OSes on push/PR to main
- CLAUDE.md: project documentation for Claude Code
## Bug fixes in simplerisk-setup.sh
- Add --uninstall flag: routes to per-OS uninstall functions with dedicated
ask_user_uninstall() prompt and uninstall_final_message(); previously the flag
was accepted but silently fell through to installation
- CentOS/RHEL: add php-cli to explicit dnf install list — on el10 it is a
Recommended (weak) dep of php and was being silently omitted
- CentOS/RHEL: add --exclude 'mysql8.4*' to mysql-community-server install —
CentOS Stream 10's AppStream ships mysql8.4-server which conflicts on
/usr/sbin/mysqld; the exclude is a no-op on el9/el8
All 6 OS tests (ubuntu-22.04, ubuntu-24.04, debian-12, debian-13,
centos-stream-9, centos-stream-10) pass the full 7-step suite locally on
Docker Desktop for Windows.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
…fix CentOS start Three CI failures fixed: 1. Dockerfile heredoc parse error (Debian-12, Debian-13, CentOS-9, CentOS-10) Docker's standard Dockerfile parser treats `RUN cat > /file << 'EOF'` as a single-line RUN — subsequent lines are parsed as new Dockerfile instructions, causing "unknown instruction: PIDFILE=..." errors on the Linux CI runner. Fix: extract the mysql init script and systemctl shim to separate files (mysql-init-debian.sh, systemctl-shim-centos.sh) and use COPY + chmod. Also add eol=lf to .gitattributes for *.sh, Dockerfile*, and *.yml so CRLF conversion on Windows never affects files parsed on Linux. 2. Ubuntu Apache restart timeout during apt post-install triggers The libapache2-mod-php post-install script fires `service apache2 restart` multiple times in quick succession. Without --init (tini as PID 1), child processes are not properly reaped and a graceful restart can hang for the full 60s timeout. Fix: add --init to all docker run commands in the CI workflow (matches what run-tests.sh already does locally). 3. CentOS CI container start used the systemd path The CI workflow started CentOS containers with --cgroupns=host / --tmpfs expecting systemd as PID 1, then waited for multi-user.target. But the Dockerfiles use the /usr/local/bin/systemctl shim (no real systemd). Fix: unify container start for all OSes to --init + tail -f /dev/null; remove the separate CentOS systemd-start step and the "Wait for systemd" step entirely. Also adds a "Start pre-installed services" step in CI for Ubuntu only, to mirror what run-tests.sh does locally: start MySQL and Apache before the setup script runs, since Ubuntu images pre-install lamp-server^ during the Docker build (services blocked by policy-rc.d). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
On CentOS/RHEL with MySQL 8.4.9, appending sql_mode to /etc/my.cnf did not take effect after restart — the vendor-supplied files in /etc/my.cnf.d/ appear to override it. Two-part fix: 1. Write sql_mode to /etc/my.cnf.d/zz-simplerisk.cnf (the "zz-" prefix ensures it sorts last alphabetically among included files, so it wins regardless of what other files the MySQL RPM installs). 2. After the restart, also run SET GLOBAL sql_mode=... so the change is applied to the running instance immediately, without relying solely on config-file parsing order. Also enhances the CI diagnostics step to dump /etc/my.cnf, all files in /etc/my.cnf.d/, and the live sql_mode value on failure. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Switch all package removal steps in uninstall_ubuntu_debian, uninstall_centos_rhel, and uninstall_suse from exec_cmd (bail on failure) to exec_cmd_nobail so the uninstaller continues even when packages were never installed or only partially set up. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The mysql84-community-release RPM (updated in-place to -3) now also enables a mysql-9.7-lts-community repo. DNF was resolving mysql-community-server to 9.7.0 instead of 8.4.x. Add --disablerepo='mysql-9*' to the install command so we always get the 8.4 LTS release. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Contributor
Author
|
Closing — all changes from this PR have been moved to simplerisk/setup-scripts-dev#13 (merged) to keep CI/test infrastructure out of the public repo and away from external contributors. The bug fixes to simplerisk-setup.sh are included there as well. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR adds a complete Docker-based automated test suite covering all 6 supported OSes, wires up CI, and fixes three bugs in
simplerisk-setup.shuncovered during testing.What changed
New: Docker test infrastructure (
tests/)tests/run-tests.shtests/verify-install.shtests/verify-uninstall.shtests/dockerfiles/Dockerfile.ubuntu-{22.04,24.04}lamp-server^withpolicy-rc.ddeny during build; starts services before the setup script runs to replicate a real server statetests/dockerfiles/Dockerfile.debian-{12,13}/etc/init.d/mysqlshim that managesmysqlddirectly (no systemd);policy-rc.ddeny gate during image buildtests/dockerfiles/Dockerfile.centos-stream-{9,10}/usr/local/bin/systemctlshim (takes PATH precedence over the realsystemctlinstalled by MySQL'ssystemdRPM dep) that starts/stopsmysqldandhttpddirectly; no-op shims forfirewall-cmd,setsebool,chcon;innodb_use_native_aio=0for Docker overlayfsAll containers run with
--init+tail -f /dev/null(no systemd as PID 1) — required for Docker Desktop on Windows where cgroup v2 is unavailable.New: CI (
.github/workflows/install-test.yml)Matrix workflow over all 6 OSes triggered on push/PR to
main. Usesfail-fast: falseso all OSes always run.New:
CLAUDE.mdProject documentation for Claude Code describing the repo structure, supported OSes, how to run tests, and key conventions.
Bug fixes in
simplerisk-setup.sh1.
--uninstallflag was silently ignoredThe flag was parsed but
perform_installationwas always called. Added routing insetup()to callperform_uninstallation()whenUNINSTALLis set, along with a dedicatedask_user_uninstall()prompt anduninstall_final_message().2. CentOS/RHEL:
php-clinot installed on el10On CentOS Stream 10,
php-cliis only aRecommends(weak) dependency ofphp. Without it,which phpreturns empty and the backup cron job installation fails withInvalid crontab file. Fixed by addingphp-cliexplicitly to thednf installline (no-op on el9/el8 where it is a hard dep).3. CentOS/RHEL 10:
mysql8.4-serverAppStream conflictCentOS Stream 10's AppStream ships
mysql8.4-server, which DNF pulls in as a weak dependency and which conflicts on dozens of files (including/usr/sbin/mysqld) withmysql-community-serverfrom dev.mysql.com. Fixed by adding--exclude 'mysql8.4*'to thednf install mysql-community-servercommand. No-op on el9/el8 where the package doesn't exist.Test results
All 6 OSes pass the full 7-step suite (build → start → install → verify-install → uninstall → verify-uninstall) on Docker Desktop for Windows:
Reviewer notes
systemctlshim on CentOS/RHEL is placed at/usr/local/bin/systemctlso it takes PATH precedence over/usr/bin/systemctl(which gets overwritten by MySQL'ssystemdRPM dependency). On a real Linux host running systemd,/usr/local/bin/still comes first in PATH — if this becomes a concern for production use the shim could add a check forsystemdas PID 1 and exec the real binary.ubuntu-latestrunners; systemd is available there but theuses_systemd()function inrun-tests.shcurrently returnsfalsefor all OSes (comment explains why). This can be revisited if a future CI environment supports cgroup v2 in Docker.🤖 Generated with Claude Code