Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rust-keylime for openSUSE:Factory checked in at 2023-06-06 19:55:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rust-keylime (Old) and /work/SRC/openSUSE:Factory/.rust-keylime.new.15902 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rust-keylime" Tue Jun 6 19:55:21 2023 rev:15 rq:1090857 version:0.2.1+git.1685699835.3c9d17c Changes: -------- --- /work/SRC/openSUSE:Factory/rust-keylime/rust-keylime.changes 2023-05-03 12:56:27.531543971 +0200 +++ /work/SRC/openSUSE:Factory/.rust-keylime.new.15902/rust-keylime.changes 2023-06-06 19:56:09.590437899 +0200 @@ -1,0 +2,11 @@ +Mon Jun 05 08:41:33 UTC 2023 - apla...@suse.com + +- Update to version 0.2.1+git.1685699835.3c9d17c: + * Remove MOUNT_SECURE bool + * rpm: Remove unused directory and add dependency for mount + * keylime-agent/src: update API version to 2.1 to consistent with https://github.com/keylime/keylime/blob/master/docs/rest_apis.rst + * docker/fedora/keylime_rust.Dockerfile: add the logic of cloning and compiling rust-keylime + * [tests] Update test coverage task name regexp + * [tests] Simply coverage file URL parsing + +------------------------------------------------------------------- Old: ---- rust-keylime-0.2.1+git.1682587333.b497f1d.tar.xz New: ---- rust-keylime-0.2.1+git.1685699835.3c9d17c.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rust-keylime.spec ++++++ --- /var/tmp/diff_new_pack.AEVTb4/_old 2023-06-06 19:56:11.018446365 +0200 +++ /var/tmp/diff_new_pack.AEVTb4/_new 2023-06-06 19:56:11.022446390 +0200 @@ -25,7 +25,7 @@ %define _config_norepl %config(noreplace) %endif Name: rust-keylime -Version: 0.2.1+git.1682587333.b497f1d +Version: 0.2.1+git.1685699835.3c9d17c Release: 0 Summary: Rust implementation of the keylime agent License: Apache-2.0 AND MIT ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.AEVTb4/_old 2023-06-06 19:56:11.118446958 +0200 +++ /var/tmp/diff_new_pack.AEVTb4/_new 2023-06-06 19:56:11.126447006 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/keylime/rust-keylime.git</param> - <param name="changesrevision">b497f1d9638be6c41b56aaa6855faf7f71c13651</param></service></servicedata> + <param name="changesrevision">3c9d17ccaa8b2ff773cdfb7cc7dedb87f4f1d09d</param></service></servicedata> (No newline at EOF) ++++++ rust-keylime-0.2.1+git.1682587333.b497f1d.tar.xz -> rust-keylime-0.2.1+git.1685699835.3c9d17c.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/docker/fedora/keylime_rust.Dockerfile new/rust-keylime-0.2.1+git.1685699835.3c9d17c/docker/fedora/keylime_rust.Dockerfile --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/docker/fedora/keylime_rust.Dockerfile 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/docker/fedora/keylime_rust.Dockerfile 2023-06-02 11:57:15.000000000 +0200 @@ -10,7 +10,7 @@ # environment variables ARG BRANCH=master -ENV KEYLIME_HOME ${HOME}/keylime +ENV RUST_KEYLIME_HOME ${HOME}/rust-keylime ENV container docker COPY dbus-policy.conf /etc/dbus-1/system.d/ @@ -35,6 +35,7 @@ gnulib \ kmod \ llvm llvm-devel \ +libarchive-devel \ libselinux-python3 \ libtool \ libtpms \ @@ -57,8 +58,10 @@ dnf clean all && \ rm -rf /var/cache/dnf/* -# Move keylime.conf to expected location in /etc/ -WORKDIR ${KEYLIME_HOME} -RUN git clone https://github.com/keylime/keylime.git && \ -cd keylime && \ -cp keylime.conf /etc/keylime.conf +# clone and build rust-keylime +WORKDIR ${RUST_KEYLIME_HOME} +RUN git clone https://github.com/keylime/rust-keylime.git && \ +cd rust-keylime && \ +make && \ +make install && \ +cargo clean diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/common.rs new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/common.rs --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/common.rs 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/common.rs 2023-06-02 11:57:15.000000000 +0200 @@ -35,7 +35,7 @@ /* * Constants and static variables */ -pub const API_VERSION: &str = "v2.0"; +pub const API_VERSION: &str = "v2.1"; pub const TPM_DATA_PCR: usize = 16; pub const IMA_PCR: usize = 10; pub static RSA_PUBLICKEY_EXPORTABLE: &str = "rsa placeholder"; @@ -53,7 +53,6 @@ cfg_if::cfg_if! { if #[cfg(test)] { // Secure mount of tpmfs (False is generally used for development environments) - pub static MOUNT_SECURE: bool = false; pub(crate) fn ima_ml_path_get() -> PathBuf { Path::new(env!("CARGO_MANIFEST_DIR")) @@ -62,7 +61,6 @@ .join("ascii_runtime_measurements") } } else { - pub static MOUNT_SECURE: bool = true; pub(crate) fn ima_ml_path_get() -> PathBuf { Path::new(IMA_ML).to_path_buf() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/errors_handler.rs new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/errors_handler.rs --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/errors_handler.rs 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/errors_handler.rs 2023-06-02 11:57:15.000000000 +0200 @@ -395,10 +395,10 @@ .error_handler(path_parser_error), ) .service( - web::resource("/v2.0/ok").route(web::get().to(dummy)), + web::resource("/v2.1/ok").route(web::get().to(dummy)), ) .service( - web::resource("/v2.0/ok/{number}/{string}") + web::resource("/v2.1/ok/{number}/{string}") .route(web::get().to(dummy_with_path)), ) .service( @@ -410,7 +410,7 @@ // Sanity well formed request let req = test::TestRequest::get() - .uri("/v2.0/ok?param=Test") + .uri("/v2.1/ok?param=Test") .set_json(&DummyPayload { field: 42 }) .to_request(); @@ -432,7 +432,7 @@ // Test JSON parsing error let req = test::TestRequest::get() - .uri("/v2.0/ok?param=Test") + .uri("/v2.1/ok?param=Test") .insert_header(http::header::ContentType::json()) .set_payload("Not JSON") .to_request(); @@ -445,7 +445,7 @@ // Test Query parsing error let req = test::TestRequest::get() - .uri("/v2.0/ok?test=query") + .uri("/v2.1/ok?test=query") .set_json(&DummyPayload { field: 42 }) .to_request(); let resp = test::call_service(&app, req).await; @@ -457,7 +457,7 @@ // Test Path parsing error let req = test::TestRequest::get() - .uri("/v2.0/ok/something/42?test=query") + .uri("/v2.1/ok/something/42?test=query") .set_json(&DummyPayload { field: 42 }) .to_request(); let resp = test::call_service(&app, req).await; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/quotes_handler.rs new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/quotes_handler.rs --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/quotes_handler.rs 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/quotes_handler.rs 2023-06-02 11:57:15.000000000 +0200 @@ -141,7 +141,7 @@ param: web::Query<Integ>, data: web::Data<QuoteData>, ) -> impl Responder { - // nonce, mask, vmask can only be in alphanumerical format + // nonce, mask can only be in alphanumerical format if !param.nonce.chars().all(char::is_alphanumeric) { warn!("Get quote returning 400 response. Parameters should be strictly alphanumeric: {}", param.nonce); return HttpResponse::BadRequest().json(JsonWrapper::error( @@ -396,7 +396,7 @@ let req = test::TestRequest::get() .uri(&format!( - "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&partial=0", )) .to_request(); @@ -454,7 +454,7 @@ let req = test::TestRequest::get() .uri(&format!( - "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=1", + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&partial=1", )) .to_request(); @@ -510,7 +510,7 @@ let req = test::TestRequest::get() .uri(&format!( - "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&vmask=0x808000&partial=0", + "/{API_VERSION}/quotes/integrity?nonce=1234567890ABCDEFHIJ&mask=0x408000&partial=0", )) .to_request(); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/secure_mount.rs new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/secure_mount.rs --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/keylime-agent/src/secure_mount.rs 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/keylime-agent/src/secure_mount.rs 2023-06-02 11:57:15.000000000 +0200 @@ -81,23 +81,6 @@ * functions are unsafe function in Rust to use. */ pub(crate) fn mount(work_dir: &Path, secure_size: &str) -> Result<PathBuf> { - // Use /tmpfs-dev directory if MOUNT_SECURE flag is not set. This - // is for development environment and does not mount to the system. - if !MOUNT_SECURE { - warn!("Using /tmpfs-dev (dev environment)"); - let secure_dir_path = work_dir.join("tmpfs-dev"); - if !secure_dir_path.exists() { - fs::create_dir(&secure_dir_path).map_err(|e| { - Error::SecureMount(format!( - "unable to create secure dir path: {e:?}" - )) - })?; - info!("Directory {:?} created.", &secure_dir_path); - } - - return Ok(secure_dir_path); - } - // Mount the directory to file system let secure_dir_path = Path::new(work_dir).join("secure"); @@ -163,11 +146,9 @@ #[test] fn test_secure_mount() { - let path = "/var/lib/keylime"; - let work_dir = Path::new(&path); - let secure_dir_path = Path::new(work_dir).join("secure"); + let temp_workdir = tempfile::tempdir().unwrap(); //#[allow_ci] let secure_size = "1m"; - let test_mount = mount(&secure_dir_path, secure_size); - assert!(check_mount(&secure_dir_path).is_ok()); + let test_mount = mount(temp_workdir.path(), secure_size); + assert!(check_mount(temp_workdir.path()).is_ok()); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/rpm/centos/keylime-agent-rust.spec new/rust-keylime-0.2.1+git.1685699835.3c9d17c/rpm/centos/keylime-agent-rust.spec --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/rpm/centos/keylime-agent-rust.spec 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/rpm/centos/keylime-agent-rust.spec 2023-06-02 11:57:15.000000000 +0200 @@ -49,6 +49,7 @@ ExclusiveArch: %{rust_arches} Requires: tpm2-tss +Requires: util-linux-core # The keylime-base package provides the keylime user creation. It is available # from Fedora 36 @@ -83,7 +84,6 @@ mkdir -p %{buildroot}/%{_sharedstatedir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime -mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d @@ -134,7 +134,6 @@ %{_unitdir}/keylime_agent.service %{_unitdir}/var-lib-keylime-secure.mount %attr(700,keylime,keylime) %dir %{_rundir}/keylime -%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime %attr(700,keylime,keylime) %{_sharedstatedir}/keylime %attr(700,keylime,keylime) %{_libexecdir}/keylime %{_bindir}/keylime_agent diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/rpm/fedora/keylime-agent-rust.spec new/rust-keylime-0.2.1+git.1685699835.3c9d17c/rpm/fedora/keylime-agent-rust.spec --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/rpm/fedora/keylime-agent-rust.spec 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/rpm/fedora/keylime-agent-rust.spec 2023-06-02 11:57:15.000000000 +0200 @@ -58,6 +58,7 @@ ExclusiveArch: %{rust_arches} Requires: tpm2-tss +Requires: util-linux-core # The keylime-base package provides the keylime user creation. It is available # from Fedora 36 @@ -107,7 +108,6 @@ mkdir -p %{buildroot}/%{_sharedstatedir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_rundir}/keylime -mkdir -p --mode=0700 %{buildroot}/%{_localstatedir}/log/keylime mkdir -p --mode=0700 %{buildroot}/%{_libexecdir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime mkdir -p --mode=0700 %{buildroot}/%{_sysconfdir}/keylime/agent.conf.d @@ -158,7 +158,6 @@ %{_unitdir}/keylime_agent.service %{_unitdir}/var-lib-keylime-secure.mount %attr(700,keylime,keylime) %dir %{_rundir}/keylime -%attr(700,keylime,keylime) %dir %{_localstatedir}/log/keylime %attr(700,keylime,keylime) %{_sharedstatedir}/keylime %attr(700,keylime,keylime) %{_libexecdir}/keylime %{_bindir}/keylime_agent diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/rust-keylime-0.2.1+git.1682587333.b497f1d/scripts/download_packit_coverage.sh new/rust-keylime-0.2.1+git.1685699835.3c9d17c/scripts/download_packit_coverage.sh --- old/rust-keylime-0.2.1+git.1682587333.b497f1d/scripts/download_packit_coverage.sh 2023-04-27 11:22:13.000000000 +0200 +++ new/rust-keylime-0.2.1+git.1685699835.3c9d17c/scripts/download_packit_coverage.sh 2023-06-02 11:57:15.000000000 +0200 @@ -36,13 +36,11 @@ # uploads coverage XML files to a web drive # currently we are doing that in a job running tests on Fedora-37 TF_JOB_DESC="testing-farm:fedora-37-x86_64" -TF_TEST_OUTPUT="/setup/generate_upstream_rust_keylime_code_coverage/output.txt" +TF_TEST_OUTPUT="/setup/generate_upstream_rust_keylime_code_coverage.*/output.txt" TF_ARTIFACTS_URL_PREFIX="https://artifacts.dev.testing-farm.io"; GITHUB_API_PREFIX_URL="https://api.github.com/repos/${PROJECT}"; -WEBDRIVE_URL="https://(transfer.sh|free.keep.sh)" - ################################## # no need to change anything below ################################## @@ -130,34 +128,34 @@ # we will parse artifacts from the log if [ -n "${TT_LOG}" ]; then cat ${TT_LOG} - TF_ARTIFACTS_URL=$( egrep -o "${TF_ARTIFACTS_URL_PREFIX}[^ ]*" ${TT_LOG} ) + TF_ARTIFACTS_URL=$( grep -E -o "${TF_ARTIFACTS_URL_PREFIX}[^ ]*" ${TT_LOG} ) fi # now we have TF_ARTIFACTS_URL so we can proceed with the download echo "TF_ARTIFACTS_URL=${TF_ARTIFACTS_URL}" -TF_TESTLOG=$( curl --retry 5 ${TF_ARTIFACTS_URL}/results.xml | egrep -o "${TF_ARTIFACTS_URL}.*${TF_TEST_OUTPUT}" ) +TF_TESTLOG=$( curl --retry 5 ${TF_ARTIFACTS_URL}/results.xml | grep -E -o "${TF_ARTIFACTS_URL}.*${TF_TEST_OUTPUT}" ) echo "TF_TESTLOG=${TF_TESTLOG}" -# parse the URL of coverage txt file on WEBDRIVE_URL and download it +# parse the URL of coverage txt file and download it curl --retry 5 -s "${TF_TESTLOG}" &> ${TMPFILE} echo "TMPFILE=${TMPFILE}" # probabbly rewrite, different hardcoded files, need to figureout how to export #download test coverage -COVERAGE_URL=$( grep "e2e_coverage.txt report is available at" ${TMPFILE} | egrep -o "${WEBDRIVE_URL}.*\.txt" ) +COVERAGE_URL=$( grep "e2e_coverage.txt report is available at" ${TMPFILE} | grep -E -o "https://.*\.txt"; ) echo "COVERAGE_URL=${COVERAGE_URL}" if [ -z "${COVERAGE_URL}" ]; then - echo "Could not parse e2e_coverage.txt URL at ${WEBDRIVE_URL} from test log ${TF_TESTLOG}" + echo "Could not parse e2e_coverage.txt URL at from test log ${TF_TESTLOG}" exit 5 fi # download the file curl --retry 5 -L -O ${COVERAGE_URL} #download upstream test coverage -COVERAGE_URL=$( grep "upstream_coverage.xml report is available at" ${TMPFILE} | egrep -o "${WEBDRIVE_URL}.*\.xml" ) +COVERAGE_URL=$( grep "upstream_coverage.xml report is available at" ${TMPFILE} | grep -E -o "https://.*\.xml"; ) echo "COVERAGE_URL=${COVERAGE_URL}" if [ -z "${COVERAGE_URL}" ]; then - echo "Could not parse upstream_coverage.xml at ${WEBDRIVE_URL} from test log ${TF_TESTLOG}" + echo "Could not parse upstream_coverage.xml from test log ${TF_TESTLOG}" exit 5 fi # download the file ++++++ vendor.tar.xz ++++++ /work/SRC/openSUSE:Factory/rust-keylime/vendor.tar.xz /work/SRC/openSUSE:Factory/.rust-keylime.new.15902/vendor.tar.xz differ: char 25, line 1
