Google Git
Sign in
fuchsia / fuchsia / ab9d9f237278eb463811785ed232e2080142ac8a / . / src / security / pkg_test / tests / access_ota_blob_as_executable / access_ota_blob_as_executable.gni
blob: 4681053ab32719b28491800a804a9d9bab14be8d [file] [log] [blame]
# Copyright 2022 The Fuchsia Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
import("//build/components/fuchsia_test_component.gni")
import("//build/components/fuchsia_test_package.gni")
import("//build/rust/rustc_test.gni")
import(
"//src/security/pkg_test/assemblies/assemble_security_pkg_test_system.gni")
template("access_ota_blob_as_executable") {
assert(defined(invoker.base_packages),
"base_packages must be defined for $target_name")
assert(defined(invoker.test_config),
"test_config must be defined for $target_name")
assert(defined(invoker.root_ssl_cert),
"root_ssl_cert must be defined for $target_name")
assert(defined(invoker.pkg_server_certchain),
"pkg_server_certchain must be defined for $target_name")
assert(defined(invoker.pkg_server_key),
"pkg_server_key must be defined for $target_name")
assembly_base_packages = invoker.base_packages
root_ssl_cert = invoker.root_ssl_cert
pkg_server_certchain = invoker.pkg_server_certchain
pkg_server_key = invoker.pkg_server_key
test_name = target_name
# System assembly for base system version at start of test.
assemble_security_pkg_test_system("${test_name}_v0") {
test_config = invoker.test_config
board_name = board_name
root_ssl_cert = root_ssl_cert
base_packages = [ "//src/security/pkg_test/assemblies/hello_world_v0:hello_world-package" ] + assembly_base_packages
packaged_assembly_directory = "hello_world_v0"
system_version_file = "//src/security/pkg_test/assemblies/v0_version.txt"
# Calculated on local build from 2022-02-08:
#
# v0 blobs:
# $ wc --bytes $(fx get-build-dir)/obj/src/security/pkg_test/tests/core_access_ota_blob_as_executable_v0/blob.blk
# 3063808 [build-dir]/obj/src/security/pkg_test/tests/core_access_ota_blob_as_executable_v0/blob.blk
#
# v1 TUF repo assets:
# $ wc --bytes $(find $(fx get-build-dir)/gen/src/security/pkg_test/tests/core_access_ota_blob_as_executable_v1_tuf_repo_resources.unzipped -type f | grep '/\(targets\|blobs\)/')
# [...]
# 46365598 total
#
# Total: 3063808 + 46365598 = 49429406
fvm_truncate_to_length = 49429406
}
# System assembly for system version to OTA from package server.
assemble_security_pkg_test_system("${test_name}_v1") {
test_config = invoker.test_config
board_name = board_name
root_ssl_cert = root_ssl_cert
base_packages = [ "//src/security/pkg_test/assemblies/hello_world_v1:hello_world-package" ] + assembly_base_packages
packaged_assembly_directory = "hello_world_v1"
system_version_file = "//src/security/pkg_test/assemblies/v1_version.txt"
# Note: v1 never instantiated as base system from FVM, hence no need to
# specify `fvm_truncate_to_length`.
}
# Resources and component for package server configured to serve "v1" OTA.
resource_group("${test_name}_v1-pkg_server-tls_resources") {
testonly = true
files = [
{
source = pkg_server_certchain
dest = "data/pkg_server/tls/pkg_server.certchain"
},
{
source = pkg_server_key
dest = "data/pkg_server/tls/pkg_server.rsa"
},
]
}
# Resources that constitute inputs to the test component.
resource_group("${test_name}_test-resources") {
testonly = true
files = [
{
source = invoker.test_config
dest = "data/test_config.json5"
},
]
}
# Note: Despite being independent of template parameters, this target must
# be templated because `fuchsia_test_package` requires that all
# `test_components` be defined in the same build directory due to its use of
# `get_target_outputs()`. See
# https://gn.googlesource.com/gn/+/main/docs/reference.md#func_get_target_outputs
# for details.
fuchsia_test_component("${test_name}-component") {
# Note: Test package must include all files designated by cmdline args in
# component manifest. See cml and source for details. These files are not
# included as explicit deps here because they vary across different
# packagings/configurations of the test.
component_name = "access_ota_blob_as_executable"
manifest = "//src/security/pkg_test/tests/access_ota_blob_as_executable/meta/access_ota_blob_as_executable.cml"
deps = [ "//src/security/pkg_test/tests/access_ota_blob_as_executable:access_ota_blob_as_executable-test" ]
}
fuchsia_test_package("${test_name}-package") {
package_name = test_name
test_components = [ ":${test_name}-component" ]
deps = [
# Package server configured to serve "v1" OTA update.
"//src/security/pkg_test/tests:pkg_server-v1-component",
# Filesystem host for test system.
"//src/security/pkg_test/tests:fshost_v0-component",
# Fake services for update flow.
"//src/security/pkg_test/dns_resolver:security_pkg_dns_resolver-component",
"//src/security/pkg_test/paver:security_pkg_paver-component",
"//src/security/pkg_test/reboot:security_pkg_reboot-component",
# Production SWD components.
"//src/sys/pkg/bin/pkg-cache:component",
"//src/sys/pkg/bin/pkg-resolver:component",
"//src/sys/pkg/bin/system-update-committer:component",
"//src/sys/pkg/bin/system-updater:component",
# Production network components for OTA update.
"//src/connectivity/network/netstack:component",
# Mock SWD component dependencies.
"//src/cobalt/bin/testing/mock_cobalt:component_v2",
"//src/security/pkg_test/tests:fake_boot_arguments_v0-component",
#
# Test resources that depend on template parameters:
#
# General shared test resources.
":${test_name}_test-resources",
# System resources for bringing up v0 system.
":${test_name}_v0_system_resources",
# Package server/update resources for delivering v1 OTA update.
":${test_name}_v1-pkg_server-tls_resources",
":${test_name}_v1_tuf_repo_resources",
":${test_name}_v1_update_package_resource",
]
# TODO(fxbug.dev/88453): Complete test dependency composition to eliminate
# error logs:
# - system-updater: "Failed to read vbmeta hash: while opening the file:
# open failed with status: NOT_FOUND: NOT_FOUND".
test_specs = {
log_settings = {
max_severity = "FATAL"
}
}
}
}