Improve results.add_log() to make sure added logs survive reboots

Author: matusmarhefka

hardening/host-os/oscap/test.py

@@ -25,6 +25,7 @@ def do_one_remediation(ds, profile, arf_results):
     proc = util.subprocess_run(cmd)
     if proc.returncode not in [0,2]:
         raise RuntimeError(f"remediation oscap failed with {proc.returncode}")
+    results.add_log(arf_results)
 
 
 if util.get_reboot_count() == 0:
@@ -40,7 +41,7 @@ def do_one_remediation(ds, profile, arf_results):
 
     oscap.unselect_rules(util.get_datastream(), remediation_ds, remediation.excludes())
 
-    do_one_remediation(remediation_ds, profile, tmpdir / 'remediation-arf.xml')
+    do_one_remediation(remediation_ds, profile, 'remediation-arf.xml')
 
     util.reboot()
 
@@ -49,7 +50,7 @@ def do_one_remediation(ds, profile, arf_results):
 elif util.get_reboot_count() == 1:
     util.log("second boot, doing second remediation")
 
-    do_one_remediation(remediation_ds, profile, tmpdir / 'remediation2-arf.xml')
+    do_one_remediation(remediation_ds, profile, 'remediation2-arf.xml')
 
     util.reboot()
 
@@ -71,9 +72,4 @@ def do_one_remediation(ds, profile, arf_results):
     pack = util.RpmPack()
     pack.uninstall()
 
-    shutil.move(tmpdir / 'remediation-arf.xml', '.')
-    shutil.move(tmpdir / 'remediation2-arf.xml', '.')
-
-    results.report_and_exit(logs=[
-        'report.html', 'remediation-arf.xml', 'remediation2-arf.xml', 'scan-arf.xml',
-    ])
+    results.report_and_exit(logs=['report.html', 'scan-arf.xml'])

hardening/oscap/old-new/test.py

@@ -42,6 +42,8 @@ def remediate(datastream, arf_results, arf_results2):
             proc = g.ssh(' '.join(cmd))
             if proc.returncode not in [0,2]:
                 raise RuntimeError(f"remediation oscap failed with {proc.returncode}")
+            g.copy_from(arf_output)
+            results.add_log(arf_output)
             g.soft_reboot()
 
     # remediate using old content,
@@ -61,17 +63,5 @@ def remediate(datastream, arf_results, arf_results2):
 
     g.copy_from('report.html')
     g.copy_from('scan-arf.xml')
-    g.copy_from('remediation-arf-old.xml')
-    g.copy_from('remediation-arf-old2.xml')
-    g.copy_from('remediation-arf-new.xml')
-    g.copy_from('remediation-arf-new2.xml')
 
-logs = [
-    'report.html',
-    'scan-arf.xml',
-    'remediation-arf-old.xml',
-    'remediation-arf-old2.xml',
-    'remediation-arf-new.xml',
-    'remediation-arf-new2.xml',
-]
-results.report_and_exit(logs=logs)
+results.report_and_exit(logs=['report.html', 'scan-arf.xml'])

hardening/oscap/test.py

@@ -42,6 +42,8 @@
         proc = g.ssh(' '.join(cmd))
         if proc.returncode not in [0,2]:
             raise RuntimeError(f"remediation oscap failed with {proc.returncode}")
+        g.copy_from(arf_results)
+        results.add_log(arf_results)
         g.soft_reboot()
 
     # copy the original DS to the guest
@@ -56,14 +58,6 @@
         raise RuntimeError(f"post-reboot oscap failed unexpectedly with {proc.returncode}")
 
     g.copy_from('report.html')
-    g.copy_from('remediation-arf.xml')
-    g.copy_from('remediation2-arf.xml')
     g.copy_from('scan-arf.xml')
 
-logs = [
-    'report.html',
-    'remediation-arf.xml',
-    'remediation2-arf.xml',
-    'scan-arf.xml',
-]
-results.report_and_exit(logs=logs)
+results.report_and_exit(logs=['report.html', 'scan-arf.xml'])

lib/results.py

@@ -32,7 +32,9 @@ def total(self):
 
 
 global_counts = Counter()
-global_logs = []
+
+# file for storing global logs across reboots (only for TMT and plain reporting)
+GLOBAL_LOGS_FILE = '_global_logs.json'
 
 
 def have_atex_api():
@@ -72,6 +74,43 @@ def _count_yaml_results(path):
     return counter
 
 
+def _get_global_logs_path():
+    """Get the path for the logs persistence file. Only for TMT and plain reporting."""
+    if have_tmt_api():
+        return Path(os.environ['TMT_TEST_DATA']) / GLOBAL_LOGS_FILE
+    else:
+        # plain mode: use current working directory
+        return Path(GLOBAL_LOGS_FILE)
+
+
+def _store_to_global_logs(new_logs):
+    """Append logs to the persistence file (survives reboots). Only for TMT and plain reporting."""
+    if have_atex_api():
+        return  # ATEX handles logs itself via partial results
+    logs_file = _get_global_logs_path()
+    # read existing logs
+    if logs_file.exists():
+        with open(logs_file) as f:
+            existing = json.load(f)
+    else:
+        existing = []
+    # append new logs and write back
+    existing.extend(new_logs)
+    with open(logs_file, 'w') as f:
+        json.dump(existing, f)
+
+
+def _read_from_global_logs():
+    """Read all logs from the persistence file. Only for TMT and plain reporting."""
+    if have_atex_api():
+        return []  # ATEX handles logs itself via partial results
+    logs_file = _get_global_logs_path()
+    if logs_file.exists():
+        with open(logs_file) as f:
+            return json.load(f)
+    return []
+
+
 def report_atex(status, name=None, note=None, logs=None, *, partial=False):
     report_plain(status, name, note, logs)
 
@@ -159,7 +198,9 @@ def report_tmt(status, name=None, note=None, logs=None, *, add_output=True):
         for log in logs:
             log = Path(log)
             dstfile = dst / log.name
-            shutil.copyfile(log, dstfile)
+            # Only copy if not already present (add_log() may have already copied it)
+            if not dstfile.exists():
+                shutil.copyfile(log, dstfile)
             log_entries.append(str(dstfile.relative_to(test_data)))
     # add an empty log if none are present, to work around Testing Farm
     # and its Oculus result viewer expecting at least something
@@ -231,8 +272,8 @@ def add_log(*logs):
 
     The log file(s) will be processed immediately:
     - For ATEX: uploaded incrementally using report_atex() with partial=True
-    - For TMT: copied to the TMT data directory and stored in global_logs for later upload
-    - For plain: stored in global_logs for later upload
+    - For TMT: copied to the TMT data directory and stored in global logs file to survive reboots
+    - For plain: stored in global logs file to survive reboots
 
     This allows logs to be added incrementally throughout the test,
     and ensures they're available even if the test later fails with a traceback.
@@ -249,13 +290,15 @@ def add_log(*logs):
         report_atex(status='error', logs=logs, partial=True)
     elif have_tmt_api():
         test_data = Path(os.environ['TMT_TEST_DATA'])
+        new_logs = []
         for log in logs:
             log = Path(log)
             dstfile = test_data / log.name
             shutil.copyfile(log, dstfile)
-            global_logs.append(str(dstfile.relative_to(test_data)))
+            new_logs.append(str(dstfile.relative_to(test_data)))
+        _store_to_global_logs(new_logs)
     else:
-        global_logs.extend(str(log) for log in logs)
+        _store_to_global_logs([str(log) for log in logs])
 
 
 def report_and_exit(status=None, note=None, logs=None):
@@ -279,8 +322,9 @@ def report_and_exit(status=None, note=None, logs=None):
         else:
             status = 'pass'
 
-    # combine accumulated logs with any directly passed logs
-    all_logs = (global_logs + logs) if logs else global_logs
+    # read logs from global logs file (survives reboots) and combine with directly passed logs
+    stored_logs = _read_from_global_logs()
+    all_logs = (stored_logs + logs) if logs else stored_logs
 
     # report and pass the status through the waiving logic, use combined logs or None if empty
     status = report(status=status, note=note, logs=(all_logs or None))