[isar-cip-core,v2,3/3] customizations-security: add curl to download LAVA overlay

Commit Message

Quirin Gylstorff Jan. 24, 2025, 1:22 p.m. UTC

From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

Lava generates an directory, in LAVA called overlay, which contains
all scripts and tests of the test stage. The Device-under-test
needs to be instrumented with with this overlay.  LAVA provides the
possibility to download the overlay via http or NFS. We use curl
to download to the overlay from a http server.

Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 .gitlab-ci.yml   | 3 ++-
 kas/opt/test.yml | 3 +++
 2 files changed, 5 insertions(+), 1 deletion(-)

Comments

Sai.Sathujoda@toshiba-tsip.com Jan. 30, 2025, 8:52 a.m. UTC | #1

Hi Quirin,

Including test extensions to security shall make the artifact name cip-core-image-security-cip-core-bookworm-x86-uefi-test.wic. So, the artifact's upload to s3 shall fail<https://gitlab.com/cip-project/cip-core/isar-cip-core/-/jobs/8943849473#L2128> due to current logic mentioned here<https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/deploy-cip-core.sh?ref_type=heads#L22>.

Regards,
Sai Ashrith

Quirin Gylstorff Jan. 30, 2025, 9:06 a.m. UTC | #2

On 1/30/25 09:52, Sai.Sathujoda@toshiba-tsip.com wrote:
> Hi Quirin,
> 
> Including test extensions to security shall make the artifact name cip-core-image-security-cip-core-bookworm-x86-uefi-test.wic. So, the artifact's upload to s3 shall fail<https://gitlab.com/cip-project/cip-core/isar-cip-core/-/jobs/8943849473#L2128> due to current logic mentioned here<https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/deploy-cip-core.sh?ref_type=heads#L22>.

Do we need that `-test` or can we drop it?

Best regards,
Quirin
> 
> Regards,
> Sai Ashrith
> 
> ________________________________
> From: Quirin Gylstorff <Quirin.Gylstorff@siemens.com>
> Sent: Friday, January 24, 2025 6:52 PM
> To: ashrith sai(ＴＳＩＰ) <Sai.Sathujoda@toshiba-tsip.com>; jan.kiszka@siemens.com <jan.kiszka@siemens.com>; cip-dev@lists.cip-project.org <cip-dev@lists.cip-project.org>
> Subject: [cip-dev][isar-cip-core][PATCH v2 3/3] customizations-security: add curl to download LAVA overlay
> 
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> Lava generates an directory, in LAVA called overlay, which contains
> all scripts and tests of the test stage. The Device-under-test
> needs to be instrumented with with this overlay.  LAVA provides the
> possibility to download the overlay via http or NFS. We use curl
> to download to the overlay from a http server.
> 
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
>   .gitlab-ci.yml   | 3 ++-
>   kas/opt/test.yml | 3 +++
>   2 files changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
> index 686ce48..d63ef2e 100644
> --- a/.gitlab-ci.yml
> +++ b/.gitlab-ci.yml
> @@ -65,6 +65,7 @@ default:
>       - if [ "${release}" = "trixie" ]; then base_yaml="${base_yaml}:kas/opt/trixie.yml"; fi
>       - if [ "${encrypt}" = "enable" ]; then base_yaml="${base_yaml}:kas/opt/encrypt-data.yml"; fi
>       - if [ "${watchdog}" = "disable" ]; then base_yaml="${base_yaml}:kas/opt/disable-watchdog.yml"; fi
> +    - if [ "${test}" = "enable" ]; then base_yaml="${base_yaml}:kas/opt/test.yml"; fi
>       - if [ "${swupdate_version}" = "2022.12" ]; then base_yaml="${base_yaml}:kas/opt/swupdate-2022.12.yaml"; fi
>       - echo "Building ${base_yaml}"
>       - kas build ${base_yaml}
> @@ -250,8 +251,8 @@ build:x86-uefi-secure-boot:
>       extension: security
>       use_rt: disable
>       targz: disable
> -    encrypt: disable
>       watchdog: disable
> +    test: enable
> 
>   build:qemu-amd64-swupdate:
>     extends:
> diff --git a/kas/opt/test.yml b/kas/opt/test.yml
> index 4a60ad4..b23f437 100644
> --- a/kas/opt/test.yml
> +++ b/kas/opt/test.yml
> @@ -17,3 +17,6 @@ local_conf_header:
>       IMAGE_PREINSTALL += "rt-tests stress-ng"
>       DESCRIPTION:append = " with test packages"
>       IMAGE_FULLNAME:append = "-test"
> +  lava-testing-add-curl: |
> +    IMAGE_PREINSTALL += "curl"
> +
> --
> 2.47.0
>

Sai.Sathujoda@toshiba-tsip.com Jan. 30, 2025, 9:28 a.m. UTC | #3

I think dropping '-test' itself can affect pure test targets like build:qemu-amd64-test, build:x86-uefi-test etc. The user cannot know what kind of targets they are without a '-test' at the end of the artifact's name.

Regards,
Sai Ashrith

Patch

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 686ce48..d63ef2e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -65,6 +65,7 @@  default:
     - if [ "${release}" = "trixie" ]; then base_yaml="${base_yaml}:kas/opt/trixie.yml"; fi
     - if [ "${encrypt}" = "enable" ]; then base_yaml="${base_yaml}:kas/opt/encrypt-data.yml"; fi
     - if [ "${watchdog}" = "disable" ]; then base_yaml="${base_yaml}:kas/opt/disable-watchdog.yml"; fi
+    - if [ "${test}" = "enable" ]; then base_yaml="${base_yaml}:kas/opt/test.yml"; fi
     - if [ "${swupdate_version}" = "2022.12" ]; then base_yaml="${base_yaml}:kas/opt/swupdate-2022.12.yaml"; fi
     - echo "Building ${base_yaml}"
     - kas build ${base_yaml}
@@ -250,8 +251,8 @@  build:x86-uefi-secure-boot:
     extension: security
     use_rt: disable
     targz: disable
-    encrypt: disable
     watchdog: disable
+    test: enable
 
 build:qemu-amd64-swupdate:
   extends:
diff --git a/kas/opt/test.yml b/kas/opt/test.yml
index 4a60ad4..b23f437 100644
--- a/kas/opt/test.yml
+++ b/kas/opt/test.yml
@@ -17,3 +17,6 @@  local_conf_header:
     IMAGE_PREINSTALL += "rt-tests stress-ng"
     DESCRIPTION:append = " with test packages"
     IMAGE_FULLNAME:append = "-test"
+  lava-testing-add-curl: |
+    IMAGE_PREINSTALL += "curl"
+