test(install): harden docker tgz smoke flow

2026-04-12 01:31:08 +00:00 · 2026-04-11 14:27:01 +01:00
parent b7cc064961
commit 0dd4958bc8
3 changed files with 90 additions and 32 deletions
--- a/scripts/docker/install-sh-common/version-parse.sh
+++ b/scripts/docker/install-sh-common/version-parse.sh
@@ -16,6 +16,7 @@ extract_openclaw_semver() {
 quiet_npm() {
  npm \
    --loglevel=error \
+    --logs-max=0 \
    --no-update-notifier \
    --no-fund \
    --no-audit \
--- a/scripts/docker/install-sh-smoke/run.sh
+++ b/scripts/docker/install-sh-smoke/run.sh
@@ -7,7 +7,10 @@ SMOKE_PREVIOUS_VERSION="${OPENCLAW_INSTALL_SMOKE_PREVIOUS:-}"
 SKIP_PREVIOUS="${OPENCLAW_INSTALL_SMOKE_SKIP_PREVIOUS:-0}"
 DEFAULT_PACKAGE="openclaw"
 PACKAGE_NAME="${OPENCLAW_INSTALL_PACKAGE:-$DEFAULT_PACKAGE}"
+FRESH_VERSION="${OPENCLAW_INSTALL_FRESH_VERSION:-}"
+FRESH_TAG_URL="${OPENCLAW_INSTALL_FRESH_TAG_URL:-}"
 UPDATE_BASELINE_VERSION="${OPENCLAW_INSTALL_UPDATE_BASELINE:-2026.4.10}"
+UPDATE_BASELINE_TAG_URL="${OPENCLAW_INSTALL_UPDATE_BASELINE_TAG_URL:-}"
 UPDATE_EXPECT_VERSION="${OPENCLAW_INSTALL_UPDATE_EXPECT_VERSION:-}"
 UPDATE_TAG_URL="${OPENCLAW_INSTALL_UPDATE_TAG_URL:-}"
 SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
@@ -16,6 +19,21 @@ SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
 source "$SCRIPT_DIR/../install-sh-common/cli-verify.sh"

 run_install_smoke() {
+  if [[ -n "$FRESH_VERSION" && -n "$FRESH_TAG_URL" ]]; then
+    echo "package=$PACKAGE_NAME latest=$FRESH_VERSION source=$FRESH_TAG_URL"
+    echo "==> Install latest release tarball"
+    quiet_npm install -g --omit=optional "$FRESH_TAG_URL"
+
+    echo "==> Verify installed version"
+    if [[ -n "${OPENCLAW_INSTALL_LATEST_OUT:-}" ]]; then
+      printf "%s" "$FRESH_VERSION" > "${OPENCLAW_INSTALL_LATEST_OUT:-}"
+    fi
+    verify_installed_cli "$PACKAGE_NAME" "$FRESH_VERSION"
+
+    echo "OK"
+    return 0
+  fi
+
  echo "==> Resolve npm versions"
  if [[ "$SKIP_PREVIOUS" == "1" ]]; then
    LATEST_VERSION="$(quiet_npm view "$PACKAGE_NAME" version)"
@@ -84,12 +102,26 @@ run_update_smoke() {

  echo "package=$PACKAGE_NAME baseline=$UPDATE_BASELINE_VERSION target=$UPDATE_EXPECT_VERSION"
  echo "==> Install baseline release"
-  quiet_npm install -g "${PACKAGE_NAME}@${UPDATE_BASELINE_VERSION}"
+  if [[ -n "$UPDATE_BASELINE_TAG_URL" ]]; then
+    quiet_npm install -g --omit=optional "$UPDATE_BASELINE_TAG_URL"
+  else
+    quiet_npm install -g --omit=optional "${PACKAGE_NAME}@${UPDATE_BASELINE_VERSION}"
+  fi
  verify_installed_cli "$PACKAGE_NAME" "$UPDATE_BASELINE_VERSION"

  echo "==> Run openclaw update from host-served tgz"
-  UPDATE_JSON="$(openclaw update --tag "$UPDATE_TAG_URL" --yes --json)"
+  local update_status
+  set +e
+  UPDATE_JSON="$(
+    npm_config_omit=optional NPM_CONFIG_OMIT=optional openclaw update --tag "$UPDATE_TAG_URL" --yes --json 2>&1
+  )"
+  update_status=$?
+  set -e
  printf "%s\n" "$UPDATE_JSON"
+  if [[ "$update_status" -ne 0 ]]; then
+    echo "ERROR: openclaw update failed with exit code $update_status" >&2
+    return "$update_status"
+  fi

  UPDATE_JSON="$UPDATE_JSON" \
    UPDATE_EXPECT_VERSION="$UPDATE_EXPECT_VERSION" \
--- a/scripts/test-install-sh-docker.sh
+++ b/scripts/test-install-sh-docker.sh
@@ -27,7 +27,10 @@ UPDATE_DIR="$(mktemp -d)"
 UPDATE_SERVER_PID=""
 UPDATE_SERVER_LOG="${UPDATE_DIR}/http.log"
 UPDATE_TGZ_FILE=""
+BASELINE_TGZ_FILE=""
 UPDATE_EXPECT_VERSION=""
+BASELINE_TAG_URL=""
+FRESH_TAG_URL=""
 UPDATE_TAG_URL=""
 UPDATE_DOCKER_HOST_ARGS=()

@@ -58,15 +61,18 @@ allocate_host_port() {

 prepare_update_tarball() {
  local pack_json
+  local baseline_pack_json
+  local pack_json_file
+  local baseline_pack_json_file
+  pack_json_file="${UPDATE_DIR}/pack.json"
+  baseline_pack_json_file="${UPDATE_DIR}/baseline-pack.json"
  if [[ -n "$UPDATE_PACKAGE_SPEC" ]]; then
    echo "==> Pack update tgz from spec: $UPDATE_PACKAGE_SPEC"
    if [[ -z "$UPDATE_EXPECT_VERSION" ]]; then
      echo "ERROR: OPENCLAW_INSTALL_SMOKE_UPDATE_EXPECT_VERSION is required with OPENCLAW_INSTALL_SMOKE_UPDATE_PACKAGE_SPEC" >&2
      exit 1
    fi
-    pack_json="$(
-      quiet_npm pack "$UPDATE_PACKAGE_SPEC" --json --pack-destination "$UPDATE_DIR"
-    )"
+    quiet_npm pack "$UPDATE_PACKAGE_SPEC" --json --pack-destination "$UPDATE_DIR" >"$pack_json_file"
  else
    echo "==> Build local release artifacts for update smoke"
    if [[ "$UPDATE_SKIP_LOCAL_BUILD" != "1" ]]; then
@@ -76,20 +82,32 @@ prepare_update_tarball() {
    UPDATE_EXPECT_VERSION="$(
      node -p 'JSON.parse(require("node:fs").readFileSync("package.json", "utf8")).version'
    )"
-    pack_json="$(
-      quiet_npm pack --ignore-scripts --json --pack-destination "$UPDATE_DIR"
-    )"
+    quiet_npm pack --ignore-scripts --json --pack-destination "$UPDATE_DIR" >"$pack_json_file"
  fi
  UPDATE_TGZ_FILE="$(
-    PACK_JSON="$pack_json" node - <<'NODE'
-const raw = process.env.PACK_JSON || "[]";
+    node -e '
+const raw = require("node:fs").readFileSync(process.argv[1], "utf8") || "[]";
 const parsed = JSON.parse(raw);
 const last = Array.isArray(parsed) ? parsed.at(-1) : null;
 if (!last || typeof last.filename !== "string" || last.filename.length === 0) {
  process.exit(1);
 }
 process.stdout.write(last.filename);
-NODE
+' "$pack_json_file"
+  )"
+
+  echo "==> Pack baseline tgz: ${PACKAGE_NAME}@${UPDATE_BASELINE_VERSION}"
+  quiet_npm pack "${PACKAGE_NAME}@${UPDATE_BASELINE_VERSION}" --json --pack-destination "$UPDATE_DIR" >"$baseline_pack_json_file"
+  BASELINE_TGZ_FILE="$(
+    node -e '
+const raw = require("node:fs").readFileSync(process.argv[1], "utf8") || "[]";
+const parsed = JSON.parse(raw);
+const last = Array.isArray(parsed) ? parsed.at(-1) : null;
+if (!last || typeof last.filename !== "string" || last.filename.length === 0) {
+  process.exit(1);
+}
+process.stdout.write(last.filename);
+' "$baseline_pack_json_file"
  )"
 }

@@ -106,8 +124,11 @@ start_update_server() {
  if [[ -z "$UPDATE_PORT" ]]; then
    UPDATE_PORT="$(allocate_host_port)"
  fi
+  BASELINE_TAG_URL="http://${UPDATE_HOST_ALIAS}:${UPDATE_PORT}/${BASELINE_TGZ_FILE}"
+  FRESH_TAG_URL="http://${UPDATE_HOST_ALIAS}:${UPDATE_PORT}/${UPDATE_TGZ_FILE}"
  UPDATE_TAG_URL="http://${UPDATE_HOST_ALIAS}:${UPDATE_PORT}/${UPDATE_TGZ_FILE}"
-  echo "==> Serve update tgz: $UPDATE_TAG_URL"
+  echo "==> Serve baseline tgz: $BASELINE_TAG_URL"
+  echo "==> Serve latest tgz: $FRESH_TAG_URL"
  (
    cd "$UPDATE_DIR"
    exec python3 -m http.server "$UPDATE_PORT" --bind 0.0.0.0
@@ -132,26 +153,6 @@ else
    "$ROOT_DIR/scripts/docker"
 fi

-echo "==> Run installer smoke test (root): $INSTALL_URL"
-docker run --rm -t \
-  --platform "$SMOKE_PLATFORM" \
-  -v "${LATEST_DIR}:/out" \
-  -e OPENCLAW_INSTALL_URL="$INSTALL_URL" \
-  -e OPENCLAW_INSTALL_PACKAGE="$PACKAGE_NAME" \
-  -e OPENCLAW_INSTALL_METHOD=npm \
-  -e OPENCLAW_INSTALL_LATEST_OUT="/out/latest" \
-  -e OPENCLAW_INSTALL_SMOKE_PREVIOUS="${OPENCLAW_INSTALL_SMOKE_PREVIOUS:-}" \
-  -e OPENCLAW_INSTALL_SMOKE_SKIP_PREVIOUS="${OPENCLAW_INSTALL_SMOKE_SKIP_PREVIOUS:-0}" \
-  -e OPENCLAW_NO_ONBOARD=1 \
-  -e OPENCLAW_NO_PROMPT=1 \
-  -e DEBIAN_FRONTEND=noninteractive \
-  "$SMOKE_IMAGE"
-
-LATEST_VERSION=""
-if [[ -f "$LATEST_FILE" ]]; then
-  LATEST_VERSION="$(cat "$LATEST_FILE")"
-fi
-
 if [[ "$SKIP_UPDATE" == "1" ]]; then
  echo "==> Skip update smoke (OPENCLAW_INSTALL_SMOKE_SKIP_UPDATE=1)"
 else
@@ -159,6 +160,27 @@ else
  prepare_update_host_access
  start_update_server

+  echo "==> Run installer smoke test (root): $FRESH_TAG_URL"
+  docker run --rm -t \
+    --platform "$SMOKE_PLATFORM" \
+    "${UPDATE_DOCKER_HOST_ARGS[@]}" \
+    -v "${LATEST_DIR}:/out" \
+    -e OPENCLAW_INSTALL_URL="$INSTALL_URL" \
+    -e OPENCLAW_INSTALL_PACKAGE="$PACKAGE_NAME" \
+    -e OPENCLAW_INSTALL_METHOD=npm \
+    -e OPENCLAW_INSTALL_FRESH_VERSION="$UPDATE_EXPECT_VERSION" \
+    -e OPENCLAW_INSTALL_FRESH_TAG_URL="$FRESH_TAG_URL" \
+    -e OPENCLAW_INSTALL_LATEST_OUT="/out/latest" \
+    -e OPENCLAW_NO_ONBOARD=1 \
+    -e OPENCLAW_NO_PROMPT=1 \
+    -e DEBIAN_FRONTEND=noninteractive \
+    "$SMOKE_IMAGE"
+
+  LATEST_VERSION=""
+  if [[ -f "$LATEST_FILE" ]]; then
+    LATEST_VERSION="$(cat "$LATEST_FILE")"
+  fi
+
  echo "==> Run update smoke (${UPDATE_BASELINE_VERSION} -> ${UPDATE_EXPECT_VERSION})"
  docker run --rm -t \
    --platform "$SMOKE_PLATFORM" \
@@ -166,6 +188,7 @@ else
    -e OPENCLAW_INSTALL_PACKAGE="$PACKAGE_NAME" \
    -e OPENCLAW_INSTALL_SMOKE_MODE=update \
    -e OPENCLAW_INSTALL_UPDATE_BASELINE="$UPDATE_BASELINE_VERSION" \
+    -e OPENCLAW_INSTALL_UPDATE_BASELINE_TAG_URL="$BASELINE_TAG_URL" \
    -e OPENCLAW_INSTALL_UPDATE_EXPECT_VERSION="$UPDATE_EXPECT_VERSION" \
    -e OPENCLAW_INSTALL_UPDATE_TAG_URL="$UPDATE_TAG_URL" \
    -e OPENCLAW_NO_ONBOARD=1 \
@@ -174,6 +197,8 @@ else
    "$SMOKE_IMAGE"
 fi

+LATEST_VERSION="${LATEST_VERSION:-}"
+
 if [[ "$SKIP_NONROOT" == "1" ]]; then
  echo "==> Skip non-root installer smoke (OPENCLAW_INSTALL_SMOKE_SKIP_NONROOT=1)"
 else