Merge pull request #7 from LecrisUT/doc/rpminspect

doc: rpminspect

Author: lbarcziova

README.md

@@ -21,7 +21,7 @@ You can alter the inputs of this plan through environment variables.
 ## Plans available
 
 - Plans equivalent with jobs run on `bohdi`
-  - [ ] `/rpminspect`
+  - [`/plans/rpminspect`](plans/rpminspect)
   - [ ] `/rpmdeplint`
   - [ ] `/installability`
 - Other plans

plans/rpminspect/README.md

@@ -0,0 +1,111 @@
+# Rpminspect
+
+<!-- SPHINX-START -->
+
+Run [rpminspect] on the current Copr project or Koji build
+
+## Synopsis
+
+```yaml
+plans:
+  import:
+    url: https://github.com/packit/tmt-plans
+    ref: main
+    name: /plans/rpminspect
+```
+
+## Description
+
+This plan simply runs the command
+
+```console
+$ rpminspect [previous_build] [koji_build/copr_build]
+```
+
+where `koji_build` is the build specified by `RPMINSPECT_KOJI_BUILD`. If this option is not provided, it is assumed
+that the plan is running against a `copr_build`, and the build artifacts are retrieved automatically from testing-farm.
+
+`previous_build` is automatically determined from running
+
+```console
+$ koji list-tagged
+```
+
+:::note
+
+Some functionalities like automatically determining `previous_build` are only available for Fedora packages.
+
+:::
+
+## Options
+
+`RPMINSPECT_KOJI_BUILD`
+
+: :::note
+
+Not yet implemented
+
+:::
+
+Run `rpminspect` on the specified Koji build instead of the expected Copr project
+
+`RPMINSPECT_TESTS`
+
+: Run only the specified inspections. This option has precedence over `RPMINSPECT_EXCLUDE`.
+
+See `rpminspect -l` for a list of available tests.
+
+`RPMINSPECT_EXCLUDE` \[Default: `metadata`\]
+
+: Exclude the specified inspections. This option has no effect if `RPMINSPECT_TESTS` is specified.
+
+See `rpminspect -l` for a list of available tests.
+
+`RPMINPSECT_ARCHES`
+
+: Run inspection only on the specified architecture packages
+
+::: note
+
+Keep in mind the architectures available in the testing-farm runner that runs this job.
+
+Also note that `src`, and `noarch` are also considered "architectures" in this context.
+
+:::
+
+## Examples
+
+- Inspect the upstream packit projects
+  ```yaml
+  plans:
+    import:
+      url: https://github.com/packit/tmt-plans
+      ref: main
+      name: /plans/rpminspect
+  ```
+- Filter `disttag` inspection
+  ```yaml
+  plans:
+    import:
+      url: https://github.com/packit/tmt-plans
+      ref: main
+      name: /plans/rpminspect
+  environment:
+    RPMINSPECT_EXCLUDE: disttag
+  ```
+- Inspect downstream koji builds
+  ```yaml
+  TBD
+  ```
+
+## See Also
+
+- Downstream Fedora-CI: [docker-runner][fedora-ci-docker], [tmt-plan][fedora-ci-tmt]
+- [rpminspect][rpminspect-doc]
+
+<!-- SPHINX-END -->
+
+[fedora-ci-docker]: https://github.com/fedora-ci/rpminspect-runner
+[fedora-ci-tmt]: https://github.com/fedora-ci/rpminspect-pipeline
+[rpminspect]: https://github.com/rpminspect/rpminspect
+[rpminspect-doc]: https://rpminspect.readthedocs.io

tests/rpminspect/rpminspect.sh

@@ -25,9 +25,16 @@ rlJournalStart
 				rlRun -s "/usr/bin/koji list-tagged --latest --inherit --quiet f${VERSION_ID} ${PACKIT_PACKAGE_NAME}" 0 "Get latest koji build"
 				rlRun "latest_build=\$(cat $rlRun_LOG | sed 's/\s.*//')" 0 "Resolve latest_build variable"
 				if [[ -n "$latest_build" ]]; then
-					# If the package is already uploaded downstream
+					## If the package is already uploaded downstream
+					# Default and required options
+					args="-v -c ${RPMINSPECT_CONFIG:-/usr/share/rpminspect/fedora.yaml}"
+					# Fetch and write to ./inspect_builds
+					args="$args -f  -w ./inspect_builds"
+					# Specify the architectures
 					# TODO: Should have a better way to get the current arch to cover emulated and other cases
-					rlRun "/usr/bin/rpminspect -v -c ${RPMINSPECT_CONFIG:-/usr/share/rpminspect/fedora.yaml} -f -w ./inspect_builds --arches=src,noarch,$(arch) $latest_build" 0 "Downloading latest koji builds"
+					args="$args --arches=src,noarch,$(arch)"
+     					args="$args $latest_build"
+					rlRun "/usr/bin/rpminspect $args" 0 "Downloading latest koji builds"
 				fi
 			else
 				rlFail "Not implemented for tags other than fedora"
@@ -42,18 +49,28 @@ rlJournalStart
 		done
 		rlRun "tree ./inspect_builds"
 
-		# Do actual rpminspect
-		args=""
-		args="$args -c ${RPMINSPECT_CONFIG:-/usr/share/rpminspect/fedora.yaml}"
-		args="$args --output=${TMT_TEST_DATA}/result.json --format=json"
-		args="$args --verbose"
-		# TODO: Only exclude if running with copr
-		args="$args --exclude=metadata"
-		args="$args ${ARCHES:+--arches=$ARCHES}"
-		args="$args ${RPMINSPECT_TESTS:+--tests=$RPMINSPECT}"
-		if [[ -n "$latest_build" ]]; then
-			args="$args ./inspect_builds/$latest_build"
+		## Do actual rpminspect
+		# Default and required options
+		args="-v -c ${RPMINSPECT_CONFIG:-/usr/share/rpminspect/fedora.yaml}"
+		# Output the data to json so that it can be displayed
+		args="$args --output=$TMT_TEST_DATA/result.json --format=json"
+		# Specify the test to run
+		if [[ -n "$RPMINSPECT_TESTS" ]]; then
+			# Run only specified tests. Takes precedence over --exclude
+			args="$args --tests=$RPMINSPECT_TESTS"
+		elif [[ -n "$RPMINSPECT_EXCLUDE" ]]; then
+			# Exclude test lists given. Only run if there is no RPMINSPECT_TESTS
+		 	args="$args --exclude=${RPMINSPECT_EXCLUDE:-metadata}"
+		else
+			# TODO: Only exclude metadata if running with copr
+			# https://tmt.readthedocs.io/en/stable/spec/context.html#initiator
+			args="$args --exclude=metadata"
 		fi
+		# Run rpminspect for the specified architectures
+		[[ -n "$RPMINPSECT_ARCHES" ]] && args="$args --arches=$RPMINPSECT_ARCHES"
+		# If we have a previous build to compare with, use that as before_build
+		[[ -n "$latest_build" ]] && args="$args ./inspect_builds/$latest_build"
+		# The remaining part is treated as the after_build/the build to be inspected
 		args="$args ./inspect_builds/$PACKIT_PACKAGE_NVR"
 	  rlRun "/usr/bin/rpminspect $args" 0 "Run rpminspect"
 		rlRun "cp $TMT_PLAN_DATA/viewer.html $TMT_TEST_DATA/viewer.html"