Enable 12sp5 ltss and ltss_es virt tests

[tbaev]

Variable EXTENDED_SECURITY is set automatically if INCIDENT_REPO conatins ltts or ltss_se repo. No need for new test suites or job groups to run tests.

• Related ticket: https://progress.opensuse.org/issues/165243
• Needles: N/A
• Verification run:

LTSS:
XEN Migration => http://openqa.qam.suse.cz/tests/81030#dependencies
KVM Migration => http://openqa.qam.suse.cz/tests/81032#dependencies
XEN => http://openqa.qam.suse.cz/tests/81045
KVM => http://openqa.qam.suse.cz/tests/81021
HyperV => https://openqa.suse.de/tests/15732313
VMware => https://openqa.suse.de/tests/15732314

LTSS_ES:
XEN Migration => http://openqa.qam.suse.cz/tests/81028#dependencies
KVM Migration => http://openqa.qam.suse.cz/tests/81025#dependencies
XEN => http://openqa.qam.suse.cz/tests/81033
KVM => http://openqa.qam.suse.cz/tests/81022
HyperV => https://openqa.suse.de/tests/15732311
VMware => https://openqa.suse.de/tests/15732312

[github-actions]

Great PR! Please pay attention to the following items before merging:

Files matching lib/**.pm:

• Consider adding or extending unit tests in t/

This is an automatically generated QA checklist based on modified files.

[alice-suse]

A minor suggestion, it maybe more name telling with ltss-es? Given that not all know the details of 12sp5 ltss es, suggest to add a comment here to explain a little bit and add the progress ticket.

[tbaev]

Yes, ltss-es is better name.

[alice-suse]

This will add handling requirement in this task -- adopt MU CI tool A5, https://progress.opensuse.org/issues/160868. I will extend it later.

[alice-suse]

As stated in the ticket, only 12sp5 ltss-es host has test for 12sp5 ltss-es guest, any other host does not need to test 12sp5 ltss-es guest.

[alice-suse]

same here, no 12sp5 ltss-es guest on 15sp6 host

[alice-suse]

I am afraid, here differentiation is needed, as given in ticket:

if  (get_var('EXTENDED_SECURITY'))  {
  @allowed_guests = qw(sles12sp5ltssesHVM sles12sp5ltssesPV sles15sp5HVM sles15sp5PV sles15sp6HVM sles15sp6PV);
} else
  @allowed_guests = qw(sles12sp5HVM sles12sp5PV sles15sp5HVM sles15sp5PV sles15sp6HVM sles15sp6PV);
}

[alice-suse]

same here,

• 12sp5 ltss host has 12sp5 ltss
• 12sp5 ltss es host has 12sp5 ltss-es guest.

Not both.

[alice-suse]

no ltss-es

[alice-suse]

no ltss-es

[alice-suse]

If all the vm names of 12sp5 ltss-es can align with this one, it will be be more aligned in naming style ;). This is optional ofc.

[alice-suse]

This will need corresponding handling in adopt CI tools A5 task too. I will do.

[alice-suse]

@tbaev Thanks for providing this. I gave some comments. Some may need necessary changes, while some are optional for coding style. Please have a look. Feel free to reply if anything unclear.

Besides, I guess this will also need adjustment in schedule_issue.py? Because 12sp5 ltss es updates will trigger 12sp5 ES host jobs, while 12sp5 ltss will trigger regular 12sp5 ltss host tests?

Also in your overall solution, would you please explain how you differentiate the ES and NON-ES test/testsuite? Additional testsuite introduced? Otherwise if sharing the same testsuite, some logic in openqa code shall be here to dynamically set EXTENDED_SECURITY? To be honest, I would suggest more the latter way, otherwise the adopt MU CI tools relevant tasks would need many adjustments for additional testsuite which is avoidable.

[tbaev]

I have created a new flavor "flavor: Server-DVD-Virt-XEN-Incidents-Extended_Security" and job group "SLE 12 SP5 ES Virt XEN Incidents", but it is easier for MU CI tools task to use the old ones I can change the logic.

If I understand correctly it will be best to change it like this: run 12SP5ltss if EXTENDED_SECURITY="" and will run ltts_es if EXTENDED_SECURITY="12.5"

[alice-suse]

I have created a new flavor "flavor: Server-DVD-Virt-XEN-Incidents-Extended_Security" and job group "SLE 12 SP5 ES Virt XEN Incidents", but it is easier for MU CI tools task to use the old ones I can change the logic.

Yep, that will be so considerate. Thanks!

If I understand correctly it will be best to change it like this: run 12SP5ltss if EXTENDED_SECURITY="" and will run ltts_es if EXTENDED_SECURITY="12.5"

Yes, EXTENDED_SECURITY can be a flag var -- 1 or 0, the version can be told from scheduled product's VERSION. It can scale well if in future there are other ES :) .

[tbaev]

Okay, I have a suspicion that maybe more ES version are coming and wanted to made it easy to add future ones.
Thank you for the corrections/advises.

[alice-suse]

Okay, I have a suspicion that maybe more ES version are coming and wanted to made it easy to add future ones. Thank you for the corrections/advises.

@tbaev Sorry, Teodor, I replied too fast about flavor for ES flavor, please let me think about it more overall. Will reply ASAP.

[alice-suse]

Okay, I have a suspicion that maybe more ES version are coming and wanted to made it easy to add future ones. Thank you for the corrections/advises.

@tbaev Sorry, Teodor, I replied too fast about flavor for ES flavor, please let me think about it more overall. Will reply ASAP.

Hi @tbaev , after more careful consideration, I think

• it is fine that in your current solution, you create new flavor and job group, although IMHO, it is optional, reusing existing ones would be fine. In adopt MU CI tool task, I will need new flavors for LTSS-ES anyway, which comes from requirement of bot, so similar case with TERADATA. And actually I would need 5 new flavors, which will be independent with your flavor/job group for this task.
• it will be good that NO NEW TESTSUITE is created, so same testsuites can be shared between other products and 12sp5 LTSS-ES, then
  • EXTENDED_SECURITY(a flag var) can be set within openqa test code here by judging if the incident repo contains key word 'LTSS-Extended-Security' based on this

[tbaev]

@alice-suse EXTENDED_SECURITY variable is set by checking the incident repo urls. Using only EXTENDED_SECURITY variable test is set to run ltss or ltss_es version. With this change I think we don't need new flavors/test suites.

[tbaev]

@alice-suse one more thing , becouse only 12sp5ltss-se is tested on sles12sp5ltss-es host, I can remove sles12sp5ltss-es names and just use sles12sp5. Will make that change too.

[alice-suse]

@alice-suse one more thing , becouse only 12sp5ltss-se is tested on sles12sp5ltss-es host, I can remove sles12sp5ltss-es names and just use sles12sp5. Will make that change too.

@tbaev 12sp5ltss-se is tested on sles12sp5ltss-es host, vmware host, and hyperv host, similar with TERADATA. I guess your above statement is for sles host case, right? So basically similar with TERADATA, for kvm/xen hosts, only one 12sp5 guest, while for vmware/hyperv, two separate names, one with ES, one without ES. Right? I think this is good and more aligned.

[waynechen55]

What to be checked here ? A && B || C && !D && E. This checking looks not scientific enough.

[tbaev]

A && B = sle12 guest with ltss keys will use ltss key to register, when we are not testing ltss_es.
C && !D && E = When testing ltss_es we will register all sle12 ltss guests that have ltss key, except the guest with ltss_se key

But on second look I think C && !D && E is redundant. Only sles12 guest we test when EXTENDED_SECURITY=1 is sles12sp5. I will remove C && !D && E .

[waynechen55]

Make sure you implement when you want. Also add parentheses to make it better if necessary.

[tbaev]

@alice-suse Yes, statement is for sles host case. Names for sles hosts are sles12sp5HVM and names for hyperV/VMware guests are with ES suffix.