Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rust-keylime for openSUSE:Factory checked in at 2023-03-03 22:24:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rust-keylime (Old) and /work/SRC/openSUSE:Factory/.rust-keylime.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rust-keylime" Fri Mar 3 22:24:40 2023 rev:10 rq:1068976 version:0.2.0+git.1677691779.f7edd9a Changes: -------- --- /work/SRC/openSUSE:Factory/rust-keylime/rust-keylime.changes 2023-02-23 16:35:09.094706777 +0100 +++ /work/SRC/openSUSE:Factory/.rust-keylime.new.31432/rust-keylime.changes 2023-03-03 22:24:58.150637989 +0100 @@ -1,0 +2,14 @@ +Thu Mar 02 15:12:27 UTC 2023 - [email protected] + +- Update to version 0.2.0+git.1677691779.f7edd9a: + * Disable e2e on Rawhide due to RHBZ#2171376 + * Change number of required uploaded files + * Coverage for rust agent as github action. + * config: Skip validation of keylime_dir during tests + +------------------------------------------------------------------- +Thu Mar 2 15:11:47 UTC 2023 - Alberto Planas Dominguez <[email protected]> + +- Create the certificiate directory + +------------------------------------------------------------------- Old: ---- rust-keylime-0.2.0+git.1677002906.cf6c4f0.tar.xz New: ---- rust-keylime-0.2.0+git.1677691779.f7edd9a.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rust-keylime.spec ++++++ --- /var/tmp/diff_new_pack.NwmaAH/_old 2023-03-03 22:24:59.674643779 +0100 +++ /var/tmp/diff_new_pack.NwmaAH/_new 2023-03-03 22:24:59.690643840 +0100 @@ -25,7 +25,7 @@ %define _config_norepl %config(noreplace) %endif Name: rust-keylime -Version: 0.2.0+git.1677002906.cf6c4f0 +Version: 0.2.0+git.1677691779.f7edd9a Release: 0 Summary: Rust implementation of the keylime agent License: Apache-2.0 AND MIT @@ -88,8 +88,8 @@ install -d %{buildroot}%{_localstatedir}/log/keylime install -d %{buildroot}%{_libexecdir}/keylime -# Create work directory -mkdir -p %{buildroot}%{_sharedstatedir}/keylime +# Create work directory and the certificate directory +mkdir -p %{buildroot}%{_sharedstatedir}/keylime/cv_ca # %_check # %_{cargo_test} @@ -129,5 +129,6 @@ %dir %attr(0750,keylime,tss) %{_localstatedir}/log/keylime %dir %attr(0750,keylime,tss) %{_libexecdir}/keylime %dir %attr(0700,keylime,tss) %{_sharedstatedir}/keylime +%dir %attr(0700,keylime,tss) %{_sharedstatedir}/keylime/cv_ca %changelog ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.NwmaAH/_old 2023-03-03 22:24:59.762644114 +0100 +++ /var/tmp/diff_new_pack.NwmaAH/_new 2023-03-03 22:24:59.766644129 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/keylime/rust-keylime.git</param> - <param name="changesrevision">cf6c4f090be324b403d908a27af8c737b45f68e9</param></service></servicedata> + <param name="changesrevision">f7edd9a5cd49ef09e95f34a35d0829a90e9d38ff</param></service></servicedata> (No newline at EOF) ++++++ rust-keylime-0.2.0+git.1677002906.cf6c4f0.tar.xz -> rust-keylime-0.2.0+git.1677691779.f7edd9a.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.github/workflows/submit-HEAD-coverage.yaml new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.github/workflows/submit-HEAD-coverage.yaml --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.github/workflows/submit-HEAD-coverage.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.github/workflows/submit-HEAD-coverage.yaml 2023-03-01 18:29:39.000000000 +0100 @@ -0,0 +1,36 @@ +name: Upload code coverage for a merged PR to codecov.io + +on: + push: + branches: + - master + +jobs: + build: + runs-on: ubuntu-22.04 + name: Submit code coverage from merged PR + steps: + - uses: actions/checkout@v3 + - name: Install testing-farm script + run: pip3 -v install tft-cli + - name: Run tests on Testing Farm + run: testing-farm request --context distro=fedora-37 --arch x86_64 --compose Fedora-37 --plan '/e2e' -e UPLOAD_COVERAGE=1 2>&1 | tee tt_output + env: + TESTING_FARM_API_TOKEN: ${{ secrets.TESTING_FARM_API_TOKEN }} + - name: Find PR Packit tests to finish and download e2e_coverage.txt and upstream_coverage.xml coverage files. + run: grep -q 'tests passed' tt_output && sleep 20 && scripts/download_packit_coverage.sh --testing-farm-log tt_output + env: + MAX_DURATION: 120 + SLEEP_DELAY: 20 + - name: List downloaded files. + run: ls + - name: Upload e2e_coverage report to Codecov with GitHub Action. + uses: codecov/codecov-action@v2 + with: + files: e2e_coverage.txt + flags: e2e-testsuite + - name: Upload upstream_coverage report to Codecov with GitHub Action. + uses: codecov/codecov-action@v2 + with: + files: upstream_coverage.xml + flags: upstream-unit-tests diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.github/workflows/submit-PR-coverage.yaml new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.github/workflows/submit-PR-coverage.yaml --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.github/workflows/submit-PR-coverage.yaml 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.github/workflows/submit-PR-coverage.yaml 2023-03-01 18:29:39.000000000 +0100 @@ -0,0 +1,31 @@ +name: PR code coverage measurement on codecov.io + +on: [pull_request] + +jobs: + build: + runs-on: ubuntu-latest + continue-on-error: true + name: Submit code coverage from Packit tests + defaults: + run: + working-directory: scripts + steps: + - uses: actions/checkout@v3 + - name: Wait for Packit tests to finish and download e2e_coverage.txt and upstream_coverage.xml files. + run: ./download_packit_coverage.sh + env: + MAX_DURATION: 5400 + SLEEP_DELAY: 120 + - name: List downloaded files. + run: ls + - name: Upload e2e_coverage.txt report to Codecov with GitHub Action. + uses: codecov/codecov-action@v2 + with: + files: scripts/e2e_coverage.txt + flags: e2e-testsuite + - name: Upload upstream_coverage.xml report to Codecov with GitHub Action. + uses: codecov/codecov-action@v2 + with: + files: scripts/upstream_coverage.xml + flags: upstream-unit-tests diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.packit.yaml new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.packit.yaml --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/.packit.yaml 2023-02-21 19:08:26.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/.packit.yaml 2023-03-01 18:29:39.000000000 +0100 @@ -4,6 +4,6 @@ metadata: targets: - fedora-stable - - fedora-rawhide +# - fedora-rawhide - centos-stream-9-x86_64 skip_build: true diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/codecov.yml new/rust-keylime-0.2.0+git.1677691779.f7edd9a/codecov.yml --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/codecov.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/codecov.yml 2023-03-01 18:29:39.000000000 +0100 @@ -0,0 +1,25 @@ +codecov: + notify: + after_n_builds: 2 + +coverage: + status: + project: + default: + informational: true + +ignore: + - '**/lib.rs' + +comment: + layout: "flags,files" + behavior: default + require_changes: false + require_base: no + after_n_builds: 2 + +flags: + e2e-testsuite: + carryforward: false + upstream-unit-tests: + carryforward: false diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/keylime-agent/src/config.rs new/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/config.rs --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/keylime-agent/src/config.rs 2023-02-21 19:08:26.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/keylime-agent/src/config.rs 2023-03-01 18:29:39.000000000 +0100 @@ -608,51 +608,54 @@ Some(ref dir) => { if dir.is_empty() { match &config.agent.keylime_dir { - s => s.clone(), - _ => DEFAULT_KEYLIME_DIR.to_string(), + s => Path::new(s), + _ => Path::new(DEFAULT_KEYLIME_DIR), } } else { - dir.to_string() + Path::new(dir) } } None => match &config.agent.keylime_dir { - s => s.clone(), - _ => DEFAULT_KEYLIME_DIR.to_string(), + s => Path::new(s), + _ => Path::new(DEFAULT_KEYLIME_DIR), }, }; // Validate that keylime_dir exists - let keylime_dir = Path::new(&keylime_dir).canonicalize().map_err(|e| { + #[cfg(not(test))] + let keylime_dir = &keylime_dir.canonicalize().map_err(|e| { Error::Configuration(format!( - "Path {keylime_dir} set in keylime_dir configuration option not found: {e}" + "Path {} set in keylime_dir configuration option not found: {}", + keylime_dir.display(), + e )) })?; let mut agent_data_path = config_get_file_path( "agent_data_path", &config.agent.agent_data_path, - &keylime_dir, + keylime_dir, DEFAULT_AGENT_DATA_PATH, ); let mut server_key = config_get_file_path( "server_key", &config.agent.server_key, - &keylime_dir, + keylime_dir, DEFAULT_SERVER_KEY, ); let mut server_cert = config_get_file_path( "server_cert", &config.agent.server_cert, - &keylime_dir, + keylime_dir, DEFAULT_SERVER_CERT, ); let mut trusted_client_ca = config_get_file_path( "trusted_client_ca", &config.agent.trusted_client_ca, - &keylime_dir, + keylime_dir, DEFAULT_TRUSTED_CLIENT_CA, ); @@ -686,7 +689,7 @@ let mut revocation_cert = config_get_file_path( "revocation_cert", &config.agent.revocation_cert, - &keylime_dir, + keylime_dir, &format!("secure/unzipped/{DEFAULT_REVOCATION_CERT}"), ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/packit-ci.fmf new/rust-keylime-0.2.0+git.1677691779.f7edd9a/packit-ci.fmf --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/packit-ci.fmf 2023-02-21 19:08:26.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/packit-ci.fmf 2023-03-01 18:29:39.000000000 +0100 @@ -5,6 +5,7 @@ environment: TPM_BINARY_MEASUREMENTS: /var/tmp/binary_bios_measurements RUST_IMA_EMULATOR: 1 + KEYLIME_RUST_CODE_COVERAGE: 1 context: swtpm: yes @@ -53,6 +54,8 @@ - /functional/tpm-issuer-cert-using-ecc - /functional/tpm_policy-sanity-on-localhost - /functional/use-multiple-ima-sign-verification-keys + - /upstream/run_rust_keylime_tests + - /setup/generate_usptream_rust_keylime_code_coverage adjust: # prepare step adjustments @@ -61,6 +64,13 @@ - how: shell script: - yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm + # disable code coverage measurement everywhere except F37 and CS9 + - when: distro != fedora-37 + environment+: + KEYLIME_RUST_CODE_COVERAGE: 0 + discover+: + test-: + - /setup/generate_usptream_rust_keylime_code_coverage execute: how: tmt diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/scripts/download_packit_coverage.sh new/rust-keylime-0.2.0+git.1677691779.f7edd9a/scripts/download_packit_coverage.sh --- old/rust-keylime-0.2.0+git.1677002906.cf6c4f0/scripts/download_packit_coverage.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/rust-keylime-0.2.0+git.1677691779.f7edd9a/scripts/download_packit_coverage.sh 2023-03-01 18:29:39.000000000 +0100 @@ -0,0 +1,165 @@ +#!/bin/bash + +# There are 3 options how to tell this script where to start +# --artifacts-url - Testing Farm artifacts URL, provided by testing-farm script +# --testing-farm-log - Log of 'testing-farm request' command from where artifacts URL will be parsed +# --github-sha - PR merge commit provided by GitHub, here we will try to get artifacts URL using GitHub API + +if [ "$1" == "--artifacts-url" -a -n "$2" ]; then + TF_ARTIFACTS_URL="$2" +elif [ "$1" == "--testing-farm-log" -a -n "$2" ]; then + TT_LOG="$2" +elif [ "$1" == "--github-sha" -a -n "$2" ]; then + GITHUB_SHA="$2" +elif [ -n "$GITHUB_SHA" ]; then + : +else + echo "Neither --github-sha nor --artifacts-url nor --testing-farm-log arguments were provided" + exit 1 +fi + +############################################## +# initial configuration, adjust when necessary +############################################## + +# maximum duration of the task in seconds +MAX_DURATION="${MAX_DURATION:-5400}" # 90 minutes + +# delay in seconds before doing another URL read +# should not be too short not to exceed GitHub API quota +SLEEP_DELAY="${SLEEP_DELAY:-120}" + +# github user/project we are going to work with +PROJECT="keylime/rust-keylime" + +# TF_JOB_DESC points to a Testing farm job that does code coverage measurement and +# uploads coverage XML files to a web drive +# currently we are doing that in a job running tests on Fedora-37 +TF_JOB_DESC="testing-farm:fedora-37-x86_64" +TF_TEST_OUTPUT="/setup/generate_usptream_rust_keylime_code_coverage/output.txt" +TF_ARTIFACTS_URL_PREFIX="https://artifacts.dev.testing-farm.io"; + +GITHUB_API_PREFIX_URL="https://api.github.com/repos/${PROJECT}"; + +WEBDRIVE_URL="https://(transfer.sh|free.keep.sh)" + +################################## +# no need to change anything below +################################## + +# build GITHUB_API_URLs +GITHUB_API_COMMIT_URL="${GITHUB_API_PREFIX_URL}/commits" +DURATION=0 + +TMPFILE=$( mktemp ) + +# run API call and parse the required value +# repeat until we get the value or exceed job duration +# URL - API URL +# JQ_REF - code for jq that will be used for JSON parsing +# ERROR_MSG - error message to print in case we fail to parse the value +# EXP_VALUE - expected value (used e.g. when waiting for job completion) +function do_GitHub_API_call() { + local URL="$1" + local JQ_REF="$2" + local ERROR_MSG="$3" + local EXP_VALUE="$4" + local VALUE='' + + while [ -z "${VALUE}" -o \( -n "${EXP_VALUE}" -a "${VALUE}" != "${EXP_VALUE}" \) ] && [ ${DURATION} -lt ${MAX_DURATION} ]; do + if [ "$URL" != "-" ]; then # when URL='-', we reuse data downloaded previously + curl --retry 5 -s -H "Accept: application/vnd.github.v3+json" "$URL" &> ${TMPFILE} + fi + VALUE=$( cat ${TMPFILE} | jq "${JQ_REF}" | sed 's/"//g' ) + if [ -z "${VALUE}" ] || [ -n "${EXP_VALUE}" -a "${VALUE}" != "${EXP_VALUE}" ]; then + if [ -z "${ERROR_MSG}" ]; then + echo "Warning: Failed to read data using GitHub API, trying again after ${SLEEP_DELAY} seconds" 1>&2 + else + echo "$ERROR_MSG" 1>&2 + fi + sleep ${SLEEP_DELAY} + DURATION=$(( ${DURATION}+${SLEEP_DELAY} )) + fi + done + + if [ ${DURATION} -ge ${MAX_DURATION} ]; then + echo "Error: Maximum job duration exceeded. Terminating" 1>&2 + exit 9 + fi + + echo $VALUE +} + + +# if the GitHub Action has been triggered by a PR, +# we need to find Testing farm test results through GitHub API +if [ -n "${GITHUB_SHA}" -a -z "${TF_ARTIFACTS_URL}" -a -z "${TT_LOG}" ]; then + + echo "Trying to find Testing Farm / Packig CI test results using GitHub API" + + echo "Fist I need to find the respective PR commit" + GITHUB_API_SHA_URL="${GITHUB_API_COMMIT_URL}/${GITHUB_SHA}" + + # Now we try to parse URL of Testing farm job from GITHUB_API_RUNS_URL page + GITHUB_PR_SHA=$( do_GitHub_API_call "${GITHUB_API_SHA_URL}" \ + ".parents[1].sha" \ + "Failed to parse PR commit from ${GITHUB_API_RUNS_URL}, trying again after ${SLEEP_DELAY} seconds..." ) + echo "GITHUB_PR_SHA=${GITHUB_PR_SHA}" + + echo "Now we read check-runs details" + # build GITHUB_API_RUNS_URL using the COMMIT + GITHUB_API_RUNS_URL="${GITHUB_API_COMMIT_URL}/${GITHUB_PR_SHA}/check-runs?check_name=${TF_JOB_DESC}" + echo "GITHUB_API_RUNS_URL=${GITHUB_API_RUNS_URL}" + + # Now we try to parse URL of Testing farm job from GITHUB_API_RUNS_URL page + TF_ARTIFACTS_URL=$( do_GitHub_API_call "${GITHUB_API_RUNS_URL}" \ + ".check_runs[0] | .output.summary | match(\"${TF_ARTIFACTS_URL_PREFIX}[^ ]*\") | .string" \ + "Failed to parse Testing Farm job ${TF_JOB_DESC} URL from ${GITHUB_API_RUNS_URL}, trying again after ${SLEEP_DELAY} seconds..." ) + echo "TF_ARTIFACTS_URL=${TF_ARTIFACTS_URL}" + + # now we wait for the Testing farm job to finish + TF_STATUS=$( do_GitHub_API_call "${GITHUB_API_RUNS_URL}" \ + '.check_runs[0] | .status' \ + "Testing Farm job ${TF_JOB_DESC} hasn't completed yet, trying again after ${SLEEP_DELAY} seconds..." \ + "completed" ) + echo "TF_STATUS=${TF_STATUS}" + +fi + +# if we were provided with testing-farm command log +# we will parse artifacts from the log +if [ -n "${TT_LOG}" ]; then + cat ${TT_LOG} + TF_ARTIFACTS_URL=$( egrep -o "${TF_ARTIFACTS_URL_PREFIX}[^ ]*" ${TT_LOG} ) +fi + +# now we have TF_ARTIFACTS_URL so we can proceed with the download +echo "TF_ARTIFACTS_URL=${TF_ARTIFACTS_URL}" + +TF_TESTLOG=$( curl --retry 5 ${TF_ARTIFACTS_URL}/results.xml | egrep -o "${TF_ARTIFACTS_URL}.*${TF_TEST_OUTPUT}" ) +echo "TF_TESTLOG=${TF_TESTLOG}" + +# parse the URL of coverage txt file on WEBDRIVE_URL and download it +curl --retry 5 -s "${TF_TESTLOG}" &> ${TMPFILE} +echo "TMPFILE=${TMPFILE}" +# probabbly rewrite, different hardcoded files, need to figureout how to export + +#download test coverage +COVERAGE_URL=$( grep "e2e_coverage.txt report is available at" ${TMPFILE} | egrep -o "${WEBDRIVE_URL}.*\.txt" ) +echo "COVERAGE_URL=${COVERAGE_URL}" +if [ -z "${COVERAGE_URL}" ]; then + echo "Could not parse e2e_coverage.txt URL at ${WEBDRIVE_URL} from test log ${TF_TESTLOG}" + exit 5 +fi +# download the file +curl --retry 5 -L -O ${COVERAGE_URL} +#download upstream test coverage +COVERAGE_URL=$( grep "upstream_coverage.xml report is available at" ${TMPFILE} | egrep -o "${WEBDRIVE_URL}.*\.xml" ) +echo "COVERAGE_URL=${COVERAGE_URL}" +if [ -z "${COVERAGE_URL}" ]; then + echo "Could not parse upstream_coverage.xml at ${WEBDRIVE_URL} from test log ${TF_TESTLOG}" + exit 5 +fi +# download the file +curl --retry 5 -L -O ${COVERAGE_URL} +rm ${TMPFILE} ++++++ vendor.tar.xz ++++++ /work/SRC/openSUSE:Factory/rust-keylime/vendor.tar.xz /work/SRC/openSUSE:Factory/.rust-keylime.new.31432/vendor.tar.xz differ: char 27, line 1
