1 files changed, 64 insertions, 21 deletions

diff --git a/scripts/check-qemu-install b/scripts/check-qemu-install
index dfb772d8..ab6e1b1f 100755
--- a/scripts/check-qemu-install
+++ b/scripts/check-qemu-install
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2019-2024, VyOS maintainers and contributors
+# Copyright (C) 2019-2025, VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -44,6 +44,7 @@ import logging
 import re
 import tomli
 import shutil
+import json
 
 from io import BytesIO
 from datetime import datetime
@@ -94,12 +95,24 @@ parser.add_argument('--sbtest', help='Execute Secure Boot tests',
                 action='store_true', default=False)
 parser.add_argument('--qemu-cmd', help='Only generate QEMU launch command',
                 action='store_true', default=False)
+parser.add_argument('--cpu', help='Set QEMU CPU', type=int, default=2)
+parser.add_argument('--memory', help='Set QEMU memory', type=int, default=4)
 
 args = parser.parse_args()
 
+# This is what we requested the build to contain
 with open('data/defaults.toml', 'rb') as f:
     vyos_defaults = tomli.load(f)
 
+# This is what we got from the build
+manifest_file = 'build/manifest.json'
+if os.path.isfile(manifest_file):
+    with open('build/manifest.json', 'rb') as f:
+        manifest = json.load(f)
+
+    vyos_version = manifest['build_config']['version']
+    vyos_codename = manifest['build_config']['release_train']
+
 class StreamToLogger(object):
     """
     Fake file-like stream object that redirects writes to a logger instance.
@@ -121,13 +134,6 @@ class StreamToLogger(object):
     def flush(self):
         pass
 
-def get_half_cpus():
-    """ return 1/2 of the numbers of available CPUs """
-    cpu = os.cpu_count()
-    if cpu > 1:
-        cpu /= 2
-    return int(cpu)
-
 OVMF_CODE = '/usr/share/OVMF/OVMF_CODE_4M.secboot.fd'
 OVMF_VARS_TMP = args.disk.replace('.img', '.efivars')
 if args.sbtest:
@@ -162,17 +168,15 @@ def get_qemu_cmd(name, enable_uefi, disk_img, raid=None, iso_img=None, tpm=False
                 f' -device ahci,id=achi0' \
                 f' -device ide-cd,bus=achi0.0,drive=drive-cd1,id=cd1,bootindex=10'
 
-    # test using half of the available CPUs on the system
-    cpucount = get_half_cpus()
-
-    macbase = '52:54:00:00:00'
+    # RFC7042 section 2.1.2 MAC addresses used for documentation
+    macbase = '00:00:5E:00:53'
     cmd = f'qemu-system-x86_64 \
         -name "{name}" \
-        -smp {cpucount},sockets=1,cores={cpucount},threads=1 \
+        -smp {args.cpu},sockets=1,cores={args.cpu},threads=1 \
         -cpu host \
         -machine {machine},accel=kvm \
         {uefi} \
-        -m 4G \
+        -m {args.memory}G \
         -vga none \
         -nographic \
         {vga} {vnc}\
@@ -357,7 +361,7 @@ if args.qemu_cmd:
     os.system(tmp)
     exit(0)
 
-test_timeout = 3 *3600 # 3 hours (in seconds)
+test_timeout = 5 *3600 # 3 hours (in seconds)
 tpm_process = None
 try:
     # Start TPM emulator
@@ -385,14 +389,26 @@ try:
         toggleUEFISecureBoot(c)
 
     try:
-        c.expect('Automatic boot in', timeout=10)
-        c.sendline('')
+        c.expect('Welcome to GRUB', timeout=10)
+        c.send(KEY_DOWN)
+        c.send(KEY_DOWN)
+        c.send(KEY_RETURN)
     except pexpect.TIMEOUT:
         log.warning('Did not find GRUB countdown window, ignoring')
 
     loginVM(c, log)
 
     #################################################
+    # Check for no private key contents within the image
+    #################################################
+    msg = 'Found private key - bailing out'
+    c.sendline(f'if sudo grep -rq "BEGIN PRIVATE KEY" /var/lib/shim-signed/mok; then echo {msg}; exit 1; fi')
+    tmp = c.expect([f'\n{msg}', op_mode_prompt])
+    if tmp == 0:
+        log.error(msg)
+        exit(1)
+
+    #################################################
     # Installing into VyOS system
     #################################################
     log.info('Starting installer')
@@ -544,6 +560,33 @@ try:
     c.sendline('systemd-detect-virt')
     c.expect('kvm')
     c.expect(op_mode_prompt)
+    c.sendline('show system cpu')
+    c.expect(op_mode_prompt)
+    c.sendline('show system memory')
+    c.expect(op_mode_prompt)
+    c.sendline('show version all | grep -e "vpp" -e "vyos-1x"')
+    c.expect(op_mode_prompt)
+
+    #################################################
+    # Verify /etc/os-release via lsb_release
+    #################################################
+    c.sendline('lsb_release --short --id 2>/dev/null')
+    c.expect('VyOS')
+    if os.path.isfile(manifest_file):
+        c.sendline('lsb_release --short --release 2>/dev/null')
+        c.expect(vyos_version)
+        c.sendline('lsb_release --short --codename 2>/dev/null')
+        c.expect(vyos_codename)
+
+    # Ensure ephemeral key is loaded
+    vyos_kernel_key = 'VyOS build time autogenerated kernel key'
+    c.sendline(f'show log kernel | match "{vyos_kernel_key}"')
+    c.expect(f'.*{vyos_kernel_key}.*')
+    c.expect(op_mode_prompt)
+
+    # Inform smoketest about this environment
+    c.sendline('touch /tmp/vyos.smoketests.hint')
+    c.expect(op_mode_prompt)
 
     #################################################
     # Executing test-suite
@@ -558,7 +601,7 @@ try:
         def verify_config():
             # Verify encrypted config is loaded
             c.sendline('show config commands | cat')
-            c.expect('set system option performance \'latency\'')
+            c.expect('set system option performance \'network-latency\'')
             c.expect('set system option reboot-on-panic')
             c.expect(op_mode_prompt)
 
@@ -595,7 +638,7 @@ try:
         log.info('Adding nodes for encrypted config test')
         c.sendline('configure')
         c.expect(cfg_mode_prompt)
-        c.sendline('set system option performance latency')
+        c.sendline('set system option performance network-latency')
         c.expect(cfg_mode_prompt)
         c.sendline('set system option reboot-on-panic')
         c.expect(cfg_mode_prompt)
@@ -755,7 +798,7 @@ try:
         if args.match:
             # Remove tests that we don't want to run
             match_str = '-o '.join([f'-name "test_*{name}*.py" ' for name in args.match.split("|")]).strip()
-            c.sendline(f'sudo find /usr/libexec/vyos/tests/smoke/cli/test_* -type f ! \( {match_str} \) -delete')
+            c.sendline(f'sudo find /usr/libexec/vyos/tests/smoke -maxdepth 2 -type f -name test_* ! \( {match_str} \) -delete')
             c.expect(op_mode_prompt)
         if args.no_interfaces:
             # remove interface tests as they consume a lot of time
@@ -846,7 +889,7 @@ except pexpect.exceptions.ExceptionPexpect:
     EXCEPTION = 1
 
 except Exception:
-    log.error('Unknown error occured while VyOS!')
+    log.error('Unknown error occured!')
     traceback.print_exc()
     EXCEPTION = 1