From 177bea4a740d9521ae8d6ac6c1ad0434d5dd8257 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kai=20L=C3=BCke?= Date: Mon, 12 Jul 2021 16:10:57 +0200 Subject: [PATCH] Generate test update payload and run the kola update test The kola update tests need a dev-key-signed update payload. This was lacking and caused the update tests to be skipped. Generate the test update payload for both dev builds and release builds and run the kola tests for both. The test update payload has a special name to not confuse it with the real update payload for releases, and we keep the previous behavior to sign releases. Therefore, the generate_update function wasn't used but the extract_update function extended with generating the additional test payload. --- build_library/build_image_util.sh | 11 +++++++++++ jenkins/kola/qemu.sh | 8 ++++++++ jenkins/kola/qemu_uefi.sh | 8 ++++++++ 3 files changed, 27 insertions(+) diff --git a/build_library/build_image_util.sh b/build_library/build_image_util.sh index abe3c57808..3b52d95510 100755 --- a/build_library/build_image_util.sh +++ b/build_library/build_image_util.sh @@ -62,6 +62,17 @@ extract_update() { "${BUILD_LIBRARY_DIR}/disk_util" --disk_layout="${disk_layout}" \ extract "${BUILD_DIR}/${image_name}" "USR-A" "${update_path}" upload_image "${update_path}" + + # For production as well as dev builds we generate a dev-key-signed update + # payload for running tests (the signature won't be accepted by production systems). + local update_test="${BUILD_DIR}/flatcar_test_update.gz" + delta_generator \ + -private_key "/usr/share/update_engine/update-payload-key.key.pem" \ + -new_image "${update_path}" \ + -new_kernel "${BUILD_DIR}/${image_name%.bin}.vmlinuz" \ + -out_file "${update_test}" + + upload_image "${update_test}" } zip_update_tools() { diff --git a/jenkins/kola/qemu.sh b/jenkins/kola/qemu.sh index 9e5735664c..82ae81edcd 100755 --- a/jenkins/kola/qemu.sh +++ b/jenkins/kola/qemu.sh @@ -50,6 +50,13 @@ if [[ "${KOLA_TESTS}" == "" ]]; then KOLA_TESTS="*" fi +rm -f flatcar_test_update.gz +bin/gangue get \ + --json-key="${GOOGLE_APPLICATION_CREDENTIALS}" \ + --verify=true $verify_key \ + "${DOWNLOAD_ROOT}/boards/${BOARD}/${FLATCAR_VERSION}/flatcar_test_update.gz" +mv flatcar_test_update.gz tmp/ + # Do not expand the kola test patterns globs set -o noglob enter sudo timeout --signal=SIGQUIT 12h kola run \ @@ -61,6 +68,7 @@ enter sudo timeout --signal=SIGQUIT 12h kola run \ --qemu-image=/mnt/host/source/tmp/flatcar_production_image.bin \ --tapfile="/mnt/host/source/${JOB_NAME##*/}.tap" \ --torcx-manifest=/mnt/host/source/torcx_manifest.json \ + --update-payload=/mnt/host/source/tmp/flatcar_test_update.gz \ ${KOLA_TESTS} set +o noglob diff --git a/jenkins/kola/qemu_uefi.sh b/jenkins/kola/qemu_uefi.sh index 6b66593323..59b3af5e38 100755 --- a/jenkins/kola/qemu_uefi.sh +++ b/jenkins/kola/qemu_uefi.sh @@ -50,6 +50,13 @@ if [[ "${KOLA_TESTS}" == "" ]]; then KOLA_TESTS="*" fi +rm -f flatcar_test_update.gz +bin/gangue get \ + --json-key="${GOOGLE_APPLICATION_CREDENTIALS}" \ + --verify=true $verify_key \ + "${DOWNLOAD_ROOT}/boards/${BOARD}/${FLATCAR_VERSION}/flatcar_test_update.gz" +mv flatcar_test_update.gz tmp/ + # Do not expand the kola test patterns globs set -o noglob enter sudo timeout --signal=SIGQUIT 14h kola run \ @@ -61,6 +68,7 @@ enter sudo timeout --signal=SIGQUIT 14h kola run \ --qemu-image=/mnt/host/source/tmp/flatcar_production_image.bin \ --tapfile="/mnt/host/source/${JOB_NAME##*/}.tap" \ --torcx-manifest=/mnt/host/source/torcx_manifest.json \ + --update-payload=/mnt/host/source/tmp/flatcar_test_update.gz \ ${KOLA_TESTS} set +o noglob