Generic Tests

Generic tests are tests that don’t check only specific components (e.g. "dnf" or "kernel") but can be typically applied to all artifacts of a certain type. An example of such a test could be a test that can be run on all RPM builds in a Bodhi update.

Fedora CI currently provides 3 generic tests. All of them run on packages that are being pushed to Rawhide via automatic Bodhi updates.

rpmdeplint

rpmdeplint is a generic test that tries to identify problems in RPM packages in the context of their dependency graph.

There are four different checks that the test performs:

check-sat

This checks if all runtime dependencies of the given RPM packages would be satisfied if the packages are pushed to the given repository (like Rawhide).

check-repoclosure

This is similar to check check-sat test, but check-repoclosure checks that all packages in the given repository that don’t have any runtime dependency problems before the new packages are added, won’t have any dependency problems after the packages are added to the repository.

Packages are only considered to be available for dependency resolution if they are the latest version and not obsoleted by any other package. Therefore this check can detect problems where a package under test is updating an existing package in the repository, but it no longer provides a requirement needed by some other package in the repository.

Packages with pre-existing repoclosure problems are ignored.

check-conflicts

This checks for undeclared file conflicts in the given RPM packages: that is when one of the given packages contains a file which is also contained in some other package.

This command will not report a file as conflicting between two packages if:

  • there is an explicit RPM Conflicts between the two packages; or

  • the file’s checksum, permissions, owner, and group are identical in both packages (RPM allows both packages to own the file in this case); or

  • the file’s color is different between the two packages (RPM will silently resolve the conflict in favor of the 64-bit file).

Sometimes files can be owned by literally thousands of different packages. In order to properly check that there are no file conflicts, rpmdeplint would need to download all other packages. This would be very slow, so only a single other package is downloaded and checked.

check-upgrade

Checks that there are no existing packages in the repositories which would upgrade or obsolete the given packages.

If this check fails, it means that the package under test will never be installed (since the package manager will always pick the newer or obsoleting package from the repositories instead) which is not desirable, assuming the package is intended as an update.

rpminspect

RPM build deviation analysis tools. rpminspect looks at the output of an RPM build (e.g., the output of a Koji build) and examines the contents of the build artifacts to report:

  • Policy compliance

  • Changes from a previous build to the current build

    • the previous build is the latest build in the stable repository (in Rawhide, it is simply the previous build)

  • General correctness and best practices

rpminspect performs more than 30 different checks on packages. To list all of them, with a nice description, please run rpminspect -v -l.

installability

This is a generic test that tries to perform the following operations on the given packages:

  • dnf install

  • dnf remove

  • dnf update

  • dnf downgrade

All problems are logged and reported.