-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
murdock: allow multiple files to be sent along with a test job #11697
murdock: allow multiple files to be sent along with a test job #11697
Conversation
No "issue/PRs References", how is this supposed to be used ? The testing procedure only shows that it does not break the previous state not that it solved a new one. From usage it looks like the files in |
A PR using the new functionality is now open. I've added the reference.
Please use #11707 as test for the new functionality.
Hm, how did you deduce that? Any file from any path can be specified, but they will end up in BINDIR. |
That is why I need a use case. From this PR only, as the test script is run without additional configuration, there is no information of where the file will be for the test script, so I imagine this will be set in the build system and so should be in the "same" place. |
Do you need more use-case than #11707? |
I should have written "needed" here. My bad. |
From the use case, I would not add a murdock specific variable. It would make more sense from a general build system point of view to have a It was in my plans, but was for after the I think that currently murdock does not handle testing applications with As a result, it would by default also upload the |
Well, as is this is not murdock specific. There's just no other use-case (for now) that splits compilation and test execution.
#11707 adds the riotboot files to "link".
Well, right now the use case is testing. I'm happy to rename the variable to whatever fits better. Should do that when there is another use-case. I did not fold ELFFILE. FLASHFILE etc. together into one variable so it is more flexible. Sending large .elf files does matter for the CI use case. Currently, only one test will make use of this facility. This should not add cost to others.
IMO that is a useless restriction. In its current implementation, only the target is restricted, but more for lazyness of getting the relative handling path right wrt. differing BINDIRs on build host and test host. This is very fine for the intended use case. We should get that in and improve later. |
Without "documenting" the The murdock case needs a test target that has the exact same riot version on it. If other files than ones in I do not see any reason to upload other generated files than files from For uploads, I would only handle relative path inside
They must only be generated in the building machine, so not on the host when building in docker. This should also be documented. |
I noticed one bug I think, we are checking the While thinking about it a bit more, also applied to the given example, I imagine somehow two variables for this.
|
7dde77d
to
4e35ebc
Compare
I changed TEST_EXTRA_FILES to only allow files from
Could change to check FLASHFILE (now that we have one). Other construction zone, though.
Let's not overthink this. Usually, FLASHFILE is all that is needed. In the RIOTBOOT tests case, some extra files are needed. softdevice will be gone before we can add it here. |
This was not sufficient for transmitting the suit update keys.
So far so good. For a regular CI build, the keys from BINDIR are sent along with the test job. So I changed the logic that if a file is within BINDIR, it'll put into the path relative to BINDIR on the worker node. If a file is not in BINDIR, it's to |
@cladmi ping |
ping This is a dependency of #11707. It would be very handy to confirm riotboot support using an automated test, with upcoming release testing in mind. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it normal to generate files outside of BINDIR
or BINDIRBASE
?
I thought we were trying to get rid of them.
But if now a local user tries "make test-murdock", with the keys residing outside of BINDIR, it fails because of that.
I would not support any direction where a private key needs to be sent to an external test setup. These things are normally stored in a central system place with limited permissions and a passphrase or even on external hardware to never be seen.
I mean, why does the test script need to even use the private key?
The update mechanism is supposed to work with signed files.
It is the goal that the files can be signed files can be freely distributed without ever disclosing the private key.
Does it mean compilation or generation on the test device? This implies that generation tools are put as input to test-input-hash
otherwise it is just inconsistent.
.murdock
Outdated
# get relative (to $(BINDIR) path | ||
local relpath="$(realpath --relative-to ${BINDIR} ${filename})" | ||
else | ||
local relpath="$(basename ${filename})" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If a file was in a subdirectory it ends up at the root of bindir. So not in the same place as the makefile would remotely expect it.
I do not see how this would work without a specific murdock
hack in the test.
It should just be required or handled.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is "./,murdock". Everything in here is quite murdock specific. Yes, the SUIT makefile has a CI specific hack (if RIOT_CI_BUILD: KEYDIR=BINDIR, else: ...), but that is a pragmatic solution that works in practice.
Where exactly do you see an issue?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
basename
.
# check if the file is within $(BINDIR) | ||
if startswith "${BINDIR}" "${filename}"; then | ||
# get relative (to $(BINDIR) path | ||
local relpath="$(realpath --relative-to ${BINDIR} ${filename})" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
realpath
is not supported onOSx
makefiles/docker: fix mounting localtime on OSX #10568 (comment) so it avoided in the build system. If we can force them to install it I would gladly use it at some other places.BINDIR
is allowed to be locally overwritten and it is not handled.
If even supported to not be in BINDIR
, I would handle it relative to RIOTBASE
and only in a subdirectory of RIOTBASE
.
Relative previous directories handling is the first thing banned in any services to keep sandboxed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
* `realpath` is not supported on `OSx` [#10568 (comment)](https://github.com/RIOT-OS/RIOT/pull/10568#issuecomment-445221113) so it avoided in the build system. If we can force them to install it I would gladly use it at some other places.
All CI workers are required to provide realpath. This is a closed ecosystem, if we (finally) add OSX builders, we can surely make them also provide that.
* `BINDIR` is allowed to be locally overwritten and it is not handled.
Local BINDIR overrides are handled by using BINDIR as variable. Remote (on workers) BINDIR overrides are currently not handled, as that is currently not needed. There's a comment on that.
Relative previous directories handling is the first thing banned in any services to keep sandboxed.
A check whether one of the files is are in RIOTBASE can be easily added.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A check whether
one ofthe filesisare in RIOTBASE can be easily added.
they now have to be in BINDIR.
This is meant for testing, the key does not need to be kept secret. Providing a secure key distribution system in order to provide a rather open test system with "secure" keys is a complete waste of time. |
The update mechanismn works with signed files. Having the key available on the test workers makes the test much more flexible. Without the key, tests like "try updating a lower version number, see it fail" or "provide a correctly signed image with broken sha checksum" etc. would need all of the necessary signed binaries to be created at compile time, on the compilation worker. That would split the testing logic between the test script and the test application Makefile, instead of having it contained in just the test script. |
Although I think @cladmi comment here is valid I agree with the fact that this can be added when the use case arises, no need to add it now when there is no use-case.
I agree witch @cladmi concern here, even if I'm testing I do not think my personal private keys should be sent. But I don't see why a pair of keys can't be generated just for testing, and those be sent out to the workers? Maybe I'm not following correctly but isn't that what is happening here?
If the user insists on using his personal private keys for testing a warning message where he is informed that they are being sent in a insecure way should be enough for now, or even an error message which the user could comment out to force it. What do you think? |
I think this comment is still not addressed, right? |
Well, I've removed the support for "TEST_EXTRA_FILES" outside of BINDIR. That alright with everyone? |
Im ok with this. |
239b42c
to
c837ab6
Compare
IIRC this is not part of this PR. |
@kaspar030 sorry for taking sor long, I didn't realize @cladmi basename comment had been addressed. It all looks good to me, can you squash? Lets see |
Previously, this was hard-coded to allow one file, hard-coded to be called "flash file". This commit allows multiple files to be specified via adding them to the TEST_EXTRA_FILES variable. All files will be stored in the worker's application bin directory. Also, the existence check has been removed, as dwqc bails out on missing file anyways.
c837ab6
to
a214ba4
Compare
I've disabled the test cache so all tests get run. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The CI shows no regression as far as I can tell, I see that the review concerns have been addressed and I see a clear use case for #11707 and future tests. ACK and GO!
Contribution description
Previously, this was hard-coded to allow one file, hard-coded to be
called "flash file".
This commit allows multiple files to be specified via adding them to the
TEST_EXTRA_FILES variable. All files will be stored in the worker's
application bin directory.
Also, the existence check has been removed, as dwqc bails out on missing
file anyways.
Testing procedure
confirm CI tests on hardware are still working.
Issues/PRs references
Prerequisite for #11707.