ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Steve Loughran <ste...@apache.org>
Subject Re: Condition check Question
Date Wed, 16 Jan 2008 10:07:18 GMT
David Weintraub wrote:
> Isn't there a "failsonerror" parameter to make the build fail if the
> ssh command called fails? Would that do what you want?
> 
> Unlike "exec" task, the sshexec task doesn't have a "resultsproperty"
> that can contain the exit code if the task fails. So, you can't check
> for that.
> 
> You can set outputproperty, and then use the "matches" condition to
> parse the output to see if your sshexec's output is what you expected:
> 
> <ssh host="${a_hostname}"
>     username="${a_username}"
>     password="${a_password}"
>    command=" test -d ${a_dir} ||
>        mkdir -m 777 ${a_dir} 2>&1;
>        cd ${a_dir} 2>&1;"
>        trust="true
>        outproperty="ssh.output"/>
> 
> <condition property="${dir.not.created.flag}">
>      <matches pattern="[a-z]"  string="${ssh.output}"/>  <!-- If mkdir
> worked, no output is produced -->

Here's the targets to check RPM installs


     <presetdef name="rpmssh">
       <sshexec host="${rpm.ssh.server}"
           username="${rpm.ssh.user}"
           passphrase="${rpm.ssh.passphrase}"
           trust="${rpm.ssh.trust}"
           keyfile="${rpm.ssh.keyfile}"
           timeout="${ssh.command.timeout}"
           />
     </presetdef>
     <presetdef name="rootssh">
       <rpmssh
           username="root"
           timeout="${ssh.rpm.command.timeout}"
           />
     </presetdef>
     <macrodef name="validate-rpm-result">
       <attribute name="result" />
       <sequential >
         <echo>
           @{result}
         </echo>
         <fail>
           <condition >
             <contains
                 string="@{result}"
                 substring="does not exist"/>
           </condition>
           The rpm contains files belonging to an unknown user.
         </fail>
       </sequential>
     </macrodef>


Then I issue commands like

     <rootssh command="rpm --erase ${rpm.verbosity} ${rpms.list}"/>

This will fail if the result !=0;

<rootssh command="rpm --erase --nodeps ${rpm.verbosity} ${rpms.list}"
         failonerror="false"/>

is the same thing with no error

A more complex check grabs the output and looks for a specific string


     <rootssh
       failonerror="true"
       command="rpm -qf ${rpm.install.dir} ;
rpm -qf ${rpm.install.dir}/bin ;
rpm -qf ${rpm.install.dir}/lib ;
rpm -qf ${rpm.install.dir}/links ;
rpm -qf ${rpm.install.dir}/links/smartfrog.jar;
rpm -qf ${rpm.install.dir}/links/sfServices.jar;
rpm -qf ${rpm.install.dir}/bin/security ;
rpm -qf ${rpm.install.dir}/bin/metadata ;
rpm -qf ${rpm.log.dir} ;
rpm -qf ${rpm.etc.dir} ;
rpm -qf ${rpm.install.dir}/testCA ;
rpm -qf ${rpm.install.dir}/private ;
rpm -qf ${rpm.install.dir}/signedLib ;
rpm -qf /etc/profile.d/smartfrog.sh ;
rpm -qf /etc/profile.d/smartfrog.csh ;
rpm -qf ${rpm.install.dir}/docs ;
rpm -qf ${rpm.javadocs.path}/index.html ;
rpm -qf ${rpm.install.dir}/src ;
rpm -qf ${rpm.install.dir}/src.zip ;
rpm -qf ${rpm.install.dir}/lib/ant-${apache.ant.version}.jar;
rpm -qf ${rpm.install.dir}/links/ant.jar
"
         outputProperty="rpm.queries.results"/>

     <echo>${rpm.queries.results}</echo>
     <fail>
       <condition>
         <or>
           <contains string="${rpm.queries.results}"
           substring="is not owned by any package"/>
           <contains string="${rpm.queries.results}"
           substring="No such file or directory"/>
         </or>
       </condition>
       One of the directories/files in the RPM is not declared as being 
owned by any RPM.
       This file/directory will not be managed correctly, or have the 
correct permissions
       on a hardened linux
     </fail>


For the curious, this is how I test my RPMs are valid: we bring up a 
virtual RedHat/CentOS machine and copy then install the artifacts, then 
walk /etc/init.d/smartfrog through its lifecycle. The target hostname is 
all property driven, so I could just as easy hit a remote server, real 
or virtual. The hardest part is getting SCP/SSH happy: always connect by 
hand first.



-- 
Steve Loughran                  http://www.1060.org/blogxter/publish/5
Author: Ant in Action           http://antbook.org/

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@ant.apache.org
For additional commands, e-mail: user-help@ant.apache.org


Mime
View raw message