FMF metadata support to colin

[jscotka]

FMF Metadata works well

FMF metadata support in colin. There are two different parts

• test objects can read FMF metadata from files on demand
• scheduler
  • dynamic nosetests generator
  • FMF rulesets support
  • filtering abilities

TODOs:

• research how to ideally solve two __init__() or how to check that all variables are set

• find way how to name tests

• transform all __init__ s to FMF compatible way

• find way how transform rulesets to FMF testsets

• remove all duplicated stuff from colin what is already implemented by FMF** (next PRs)

  • remove duplicated code: Remove duplicated code what is in FMF and colin implementatiopn #155
  • add FMF metadata for all testcases: add FMF metadata to all existing testcases #156

Colin output:

$ python -m colin.cli.colin list-checks

maintainer_label
   -> Label 'maintainer' has to be specified.
   -> The name and email of the maintainer (usually the submitter).
   -> https://fedoraproject.org/wiki/Container:Guidelines#LABELS
   -> maintainer, label, required

from_tag_not_latest
   -> In FROM, tag has to be specified and not 'latest'.
   -> Using the 'latest' tag may cause unpredictable builds.It is recommended that a specific tag is used in the FROM.
   -> https://fedoraproject.org/wiki/Container:Guidelines#FROM
   -> from, dockerfile, baseimage, latest, required

maintainer_deprecated
   -> Dockerfile instruction `MAINTAINER` is deprecated.
   -> Replace with label 'maintainer'.
   -> https://docs.docker.com/engine/reference/builder/#maintainer-deprecated
   -> maintainer, dockerfile, deprecated, required

python -m colin.cli.colin check tests/data/Dockerfile

PASS:Label 'maintainer' has to be specified.
PASS:In FROM, tag has to be specified and not 'latest'.
PASS:Dockerfile instruction `MAINTAINER` is deprecated.

PASS:3 

FMF output

fmf show --path colin/checks

/best_practices/cmd_or_entrypoint
class: CmdOrEntrypointCheck
description: An ENTRYPOINT allows you to configure a container that will run as an executable. The main purpose of a CMD is to provide defaults for an executing container.
message: Cmd or Entrypoint has to be specified
reference_url: https://fedoraproject.org/wiki/Container:Guidelines#CMD.2FENTRYPOINT_2
tags: cmd and entrypoint
test: best_practices.py

/best_practices/help_file_or_readme
all_must_be_present: False
class: HelpFileOrReadmeCheck
description: Just like traditional packages, containers need some 'man page' information about how they are to be used, configured, and integrated into a larger stack.
files: /help.1 and /README.md
message: The 'helpfile' has to be provided.
reference_url: https://fedoraproject.org/wiki/Container:Guidelines#Help_File
tags: filesystem, helpfile and man
test: best_practices.py

/best_practices/no_root
class: NoRootCheck
description: It can be insecure to run service as root.
message: Service should not run as root by default.
reference_url: ?????
tags: root and user
test: best_practices.py

/dockerfile/from_tag_not_latest
class: FromTagNotLatestCheck
description: Using the 'latest' tag may cause unpredictable builds.It is recommended that a specific tag is used in the FROM.
message: In FROM, tag has to be specified and not 'latest'.
reference_url: https://fedoraproject.org/wiki/Container:Guidelines#FROM
tags: from, dockerfile, baseimage and latest
test: dockerfile.py

/dockerfile/maintainer_deprecated
class: MaintainerDeprecatedCheck
description: Replace with label 'maintainer'.
instruction: MAINTAINER
max_count: 0
message: Dockerfile instruction `MAINTAINER` is deprecated.
reference_url: https://docs.docker.com/engine/reference/builder/#maintainer-deprecated
tags: maintainer, dockerfile and deprecated
test: dockerfile.py

/labels/maintainer_label
class: MaintainerLabelCheck
description: The name and email of the maintainer (usually the submitter).
labels: maintainer
message: Label 'maintainer' has to be specified.
reference_url: https://fedoraproject.org/wiki/Container:Guidelines#LABELS
required: True
tags: maintainer and label
test: labels.py
value_regex: None

when I want to be supercool and have backward compilant output:

use format abilites of fmf:
fmf show --path colin/checks --format "{}\n -> {}\n -> {}\n -> {}\n -> {}\n\n" --value name --value "data['description']" --value "data['message']" --value "data['reference_url']" --value "data['tags']"

/best_practices/cmd_or_entrypoint
    -> An ENTRYPOINT allows you to configure a container that will run as an executable. The main purpose of a CMD is to provide defaults for an executing container.
    -> Cmd or Entrypoint has to be specified
    -> https://fedoraproject.org/wiki/Container:Guidelines#CMD.2FENTRYPOINT_2
    -> ['cmd', 'entrypoint']

/best_practices/help_file_or_readme
    -> Just like traditional packages, containers need some 'man page' information about how they are to be used, configured, and integrated into a larger stack.
    -> The 'helpfile' has to be provided.
    -> https://fedoraproject.org/wiki/Container:Guidelines#Help_File
    -> ['filesystem', 'helpfile', 'man']

/best_practices/no_root
    -> It can be insecure to run service as root.
    -> Service should not run as root by default.
    -> ?????
    -> ['root', 'user']

/dockerfile/from_tag_not_latest
    -> Using the 'latest' tag may cause unpredictable builds.It is recommended that a specific tag is used in the FROM.
    -> In FROM, tag has to be specified and not 'latest'.
    -> https://fedoraproject.org/wiki/Container:Guidelines#FROM
    -> ['from', 'dockerfile', 'baseimage', 'latest']

/dockerfile/maintainer_deprecated
    -> Replace with label 'maintainer'.
    -> Dockerfile instruction `MAINTAINER` is deprecated.
    -> https://docs.docker.com/engine/reference/builder/#maintainer-deprecated
    -> ['maintainer', 'dockerfile', 'deprecated']

/labels/maintainer_label
    -> The name and email of the maintainer (usually the submitter).
    -> Label 'maintainer' has to be specified.
    -> https://fedoraproject.org/wiki/Container:Guidelines#LABELS
    -> ['maintainer', 'label']

Nosetests output - direct

TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py

test (fmf_scheduler.from_tag_not_latest) ... ok
test (fmf_scheduler.maintainer_deprecated) ... ok
test (fmf_scheduler.maintainer_label) ... ok

----------------------------------------------------------------------
Ran 3 tests in 0.003s

OK

using rulesets

RULESETPATH=rulesets/ TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py
test (fmf_scheduler.check@from_tag_not_latest) ... ok
test (fmf_scheduler.check@maintainer_deprecated) ... ok
test (fmf_scheduler.check@maintainer_label) ... ok

advanced filtering

possible to apply them to rulesets or directy to testcases
FILTERS=tags:dockerfile TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py

test (fmf_scheduler.from_tag_not_latest) ... ok
test (fmf_scheduler.maintainer_deprecated) ... ok

----------------------------------------------------------------------
Ran 2 tests in 0.001s

OK

$ NAMES="from_tag_not_latest;maintainer_label" TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py

fmf_scheduler.py
test (fmf_scheduler.from_tag_not_latest) ... ok
test (fmf_scheduler.maintainer_label) ... ok

----------------------------------------------------------------------
Ran 2 tests in 0.002s

OK

rulesets filters

$ NAMES=default RULESETPATH=rulesets/ TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py

test (fmf_scheduler.check@from_tag_not_latest) ... ok
test (fmf_scheduler.check@maintainer_deprecated) ... ok
test (fmf_scheduler.check@maintainer_label) ... ok

----------------------------------------------------------------------
Ran 3 tests in 0.003s

OK

$ NAMES=fedora RULESETPATH=rulesets/ TARGET=tests/data/Dockerfile nosetests -d -v fmf_scheduler.py
fedora ruleset is not given there, so that it runs 0 tests

----------------------------------------------------------------------
Ran 0 tests in 0.000s

OK

[TomasTomecek]

It would be for the best to discuss this in person.

[TomasTomecek]

what format is this? is it yaml?

[TomasTomecek]

does this mean that we would have to store the metadata alongside the .py file?

[TomasTomecek]

better logic could be to load the metadata and just enable overriding them

[TomasTomecek]

Since this script actually proposes a new runtime, I would personally prefer to have it proposed in a different PR. I actually dislike that it's not integrated into colin's CLI interface.

[jscotka]

yep, this is my suggested solution, split this PR, to 2 or 3 PRs, and last of them will be this nosetests generator.

But on other hand, without this, it is harder to show benefits eg:

• write tests just in metadata without empty python classes
• using nosetests scheduled tests
• filtering and selecting or test items
• using FMF rulesets

And this PR will just split metadata outside python classes to FMF files.
But I agree and with this knowledge, that these PRs are closely connected I can split it.

[TomasTomecek]

I wonder whether there is a nicer way of doing this. Calling functions on class' attributes outside of methods seems sketchy.

[jscotka]

Yep, I had also troubles with this, but actually there is probably not better way how to do it without bigger changes in colin. Because current colin implementation does static inspection of classes, to find checks based on class attribute name. If you have some idea I'll be happy to change it to better way

[jscotka]

This PR can be closed, PR splitted to more PRs:
#159
#160
#161