diff options
author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-12-05 01:18:15 +0300 |
---|---|---|
committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2018-12-17 16:07:13 +0300 |
commit | f86d0556ed6040140f3d635b0bb2eeb1c507f818 (patch) | |
tree | bbf8537d5de28d729402c6458d4f67360e3f531b /poky/meta/lib/oeqa/selftest/cases/signing.py | |
parent | 5a60ea963172683f7e8dab81bc77d92f12fbd18b (diff) | |
download | openbmc-f86d0556ed6040140f3d635b0bb2eeb1c507f818.tar.xz |
poky: sumo refresh a4c7d28688..78020fb639
Update poky to sumo HEAD.
Michael Halstead (1):
scripts/runqemu: Replace subprocess.run() for compatibilty
Richard Purdie (35):
scripts/runqemu: Tidy up lock handling code
scripts/runqemu: Improve lockfile handling for python with close_fd=True
oeqa/selftest/signing: Skip tests if gpg isn't found
oeqa/selftest/signing: Allow tests not to need gpg on the host
oeqa/selftest/signing: Use do_populate_lic target instead of do_package
oeqa/selftest/case: Use bb.utils.remove() instead of shutil.remove()
oeqa/selftest/buildoptions: Improve ccache test failure output
oeqa/utils/commands: Add extra qemu failure logging
oeqa/utils/qemurunner: Fix python ResourceWarning for unclosed file
oeqa/utils/commands: Avoid log message duplication
oeqa/qemurunner: Remove resource python warnings
oeqa/selftest/buildoptions: Improve ccache test
oeqa/selftest/buildoptions: Ensure diskmon tests run consistently
oeqa/selftest/runqemu: Improve testcase failure handling
oeqa/utils/qemurunner: Avoid tracebacks on closed files
oeqa/loader: Fix deprecation warning
oeqa/utils/commands: Avoid unclosed file warnings
oeqa/selftest/context: Replace deprecated imp module usage
oeqa/utils/qemurunner.py: Fix python regex warnings
oeqa/selftest/context: Improve log file handling
oeqa/core/runner: Improve test case comparision
oeqa/runner: Ensure we don't print misleading results output
oeqa/core/threaded: Remove in favour of using concurrenttests
oeqa/runner: Simplify code
oeqa: Remove xmlrunner
oeqa/runtime/ptest: Inject results+logs into stored json results file
oeqa/runner: Always show a summary of success/fail/error/skip counts
oeqa/runner: Sort the test result output by result class
oeqa/selftest: Improvements to the json logging
oeqa/utils/metadata: Allow to function without the git module
image-buildinfo,oeqa/selftest/containerimage: Ensure image-buildinfo doesn't break tests
oeqa/selftest/esdk: Ensure parent directory exists
oeqa/selftest/esdk: Fix typo causing test failure
testimage: Improvements to the json logging
testsdk: Improvements to the json logging
Ross Burton (3):
oeqa/oelib/path: don't leak temporary directories
oeqa: don't litter /tmp with temporary directories
oeqa/selftest/esdk: run selftest inside workdir not /tmp
Scott Rifenbark (1):
documentation: Prepared for 2.5.2 document release
Stefan Lendl (1):
default-versions.inc: Make PREFERRED_VERSION_openssl* overwritable
Yeoh Ee Peng (6):
oeqa/core/runner: refactor for OEQA to write json testresult
oeqa/core/runner: write testresult to json files
oeqa/selftest/context: write testresult to json files
testimage.bbclass: write testresult to json files
testsdk.bbclass: write testresult to json files
oeqa/selftest: Standardize json logging output directory
Change-Id: I3c8123930c8c3441126c1e81b3bbbde9f2b126f2
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/lib/oeqa/selftest/cases/signing.py')
-rw-r--r-- | poky/meta/lib/oeqa/selftest/cases/signing.py | 80 |
1 files changed, 54 insertions, 26 deletions
diff --git a/poky/meta/lib/oeqa/selftest/cases/signing.py b/poky/meta/lib/oeqa/selftest/cases/signing.py index a750cfc7b..0edaf400b 100644 --- a/poky/meta/lib/oeqa/selftest/cases/signing.py +++ b/poky/meta/lib/oeqa/selftest/cases/signing.py @@ -1,10 +1,12 @@ from oeqa.selftest.case import OESelftestTestCase from oeqa.utils.commands import runCmd, bitbake, get_bb_var, get_bb_vars import os +import oe import glob import re import shutil import tempfile +from contextlib import contextmanager from oeqa.core.decorator.oeid import OETestID from oeqa.utils.ftools import write_file @@ -15,23 +17,39 @@ class Signing(OESelftestTestCase): pub_key_path = "" secret_key_path = "" - @classmethod - def setUpClass(cls): - super(Signing, cls).setUpClass() - # Check that we can find the gpg binary and fail early if we can't - if not shutil.which("gpg"): - raise AssertionError("This test needs GnuPG") + def setup_gpg(self): + bitbake('gnupg-native -c addto_recipe_sysroot') - cls.gpg_dir = tempfile.mkdtemp(prefix="oeqa-signing-") + self.gpg_dir = tempfile.mkdtemp(prefix="oeqa-signing-") + self.track_for_cleanup(self.gpg_dir) - cls.pub_key_path = os.path.join(cls.testlayer_path, 'files', 'signing', "key.pub") - cls.secret_key_path = os.path.join(cls.testlayer_path, 'files', 'signing', "key.secret") + self.pub_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.pub") + self.secret_key_path = os.path.join(self.testlayer_path, 'files', 'signing', "key.secret") - runCmd('gpg --batch --homedir %s --import %s %s' % (cls.gpg_dir, cls.pub_key_path, cls.secret_key_path)) + nsysroot = get_bb_var("RECIPE_SYSROOT_NATIVE", "gnupg-native") + runCmd('gpg --batch --homedir %s --import %s %s' % (self.gpg_dir, self.pub_key_path, self.secret_key_path), native_sysroot=nsysroot) + return nsysroot + get_bb_var("bindir_native") - @classmethod - def tearDownClass(cls): - shutil.rmtree(cls.gpg_dir, ignore_errors=True) + + @contextmanager + def create_new_builddir(self, builddir, newbuilddir): + bb.utils.mkdirhier(newbuilddir) + oe.path.copytree(builddir + "/conf", newbuilddir + "/conf") + oe.path.copytree(builddir + "/cache", newbuilddir + "/cache") + + origenv = os.environ.copy() + + for e in os.environ: + if builddir in os.environ[e]: + os.environ[e] = os.environ[e].replace(builddir, newbuilddir) + + os.chdir(newbuilddir) + try: + yield + finally: + for e in origenv: + os.environ[e] = origenv[e] + os.chdir(builddir) @OETestID(1362) def test_signing_packages(self): @@ -46,6 +64,8 @@ class Signing(OESelftestTestCase): """ import oe.packagedata + self.setup_gpg() + package_classes = get_bb_var('PACKAGE_CLASSES') if 'package_rpm' not in package_classes: self.skipTest('This test requires RPM Packaging.') @@ -108,11 +128,12 @@ class Signing(OESelftestTestCase): test_recipe = 'ed' - builddir = os.environ.get('BUILDDIR') + # Since we need gpg but we can't use gpg-native for sstate signatures, we + # build gpg-native in our original builddir then run the tests in a second one. + builddir = os.environ.get('BUILDDIR') + "-testsign" sstatedir = os.path.join(builddir, 'test-sstate') - self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe) - self.add_command_to_tearDown('rm -rf %s' % sstatedir) + nsysroot = self.setup_gpg() feature = 'SSTATE_SIG_KEY ?= "testuser"\n' feature += 'SSTATE_SIG_PASSPHRASE ?= "test123"\n' @@ -124,19 +145,26 @@ class Signing(OESelftestTestCase): self.write_config(feature) - bitbake('-c clean %s' % test_recipe) - bitbake(test_recipe) + with self.create_new_builddir(os.environ['BUILDDIR'], builddir): + + os.environ["PATH"] = nsysroot + ":" + os.environ["PATH"] + self.add_command_to_tearDown('bitbake -c clean %s' % test_recipe) + self.add_command_to_tearDown('rm -rf %s' % sstatedir) + self.add_command_to_tearDown('rm -rf %s' % builddir) + + bitbake('-c clean %s' % test_recipe) + bitbake('-c populate_lic %s' % test_recipe) - recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_package.tgz.sig') - recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_package.tgz') + recipe_sig = glob.glob(sstatedir + '/*/*:ed:*_populate_lic.tgz.sig') + recipe_tgz = glob.glob(sstatedir + '/*/*:ed:*_populate_lic.tgz') - self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.') - self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.') + self.assertEqual(len(recipe_sig), 1, 'Failed to find .sig file.') + self.assertEqual(len(recipe_tgz), 1, 'Failed to find .tgz file.') - ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0])) - # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30 - # gpg: Good signature from "testuser (nocomment) <testuser@email.com>" - self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.') + ret = runCmd('gpg --homedir %s --verify %s %s' % (self.gpg_dir, recipe_sig[0], recipe_tgz[0])) + # gpg: Signature made Thu 22 Oct 2015 01:45:09 PM EEST using RSA key ID 61EEFB30 + # gpg: Good signature from "testuser (nocomment) <testuser@email.com>" + self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.') class LockedSignatures(OESelftestTestCase): |