Skip to content

Commit

Permalink
Bug 1388021 - add mac TC builds and tests, r=ttaubert
Browse files Browse the repository at this point in the history 
Differential Revision: https://nss-review.dev.mozaws.net/D367

--HG--
extra : rebase_source : a5ca152b06219edc5870b621f8ace6863b2bd3fc
extra : amend_source : 9bbb146bb18e9a96b7b34b29055503a74fd7478c
extra : histedit_source : 504e1a7388b3af1b8844c25e4d4509131329bf0b%2C6aab270fe89162cc430a378b6816c8593bae7d37
  • Loading branch information
@franziskuskiefer
franziskuskiefer committed Jul 11, 2017
1 parent e0f6112 commit f04ae27
Show file tree
Hide file tree
Showing 6 changed files with 118 additions and 28 deletions.
78 changes: 78 additions & 0 deletions automation/taskcluster/graph/src/extend.js
View file
Expand Up @@ -24,6 +24,10 @@ const WINDOWS_CHECKOUT_CMD =
"bash -c \"hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss || " +
"(sleep 2; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss) || " +
"(sleep 5; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss)\"";
const MAC_CHECKOUT_CMD = ["bash", "-c",
"hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss || " +
"(sleep 2; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss) || " +
"(sleep 5; hg clone -r $NSS_HEAD_REVISION $NSS_HEAD_REPOSITORY nss)"];

/*****************************************************************************/

Expand Down Expand Up @@ -51,6 +55,15 @@ queue.filter(task => {
if (task.platform == "aarch64") {
return false;
}

// No mac
if (task.platform == "mac") {
return false;
}
}

if (task.tests == "fips" && task.platform == "mac") {
return false;
}

// Only old make builds have -Ddisable_libpkix=0 and can run chain tests.
Expand Down Expand Up @@ -216,6 +229,71 @@ export default async function main() {
collection: "opt",
}, aarch64_base)
);

await scheduleMac("Mac (opt)", {collection: "opt"}, "--opt");
await scheduleMac("Mac (debug)", {collection: "debug"});
}


async function scheduleMac(name, base, args = "") {
let mac_base = merge(base, {
env: {
PATH: "/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin",
NSS_TASKCLUSTER_MAC: "1",
DOMSUF: "localdomain",
HOST: "localhost",
},
provisioner: "localprovisioner",
workerType: "nss-macos-10-12",
platform: "mac",
tier: 3
});

// Build base definition.
let build_base = merge({
command: [
MAC_CHECKOUT_CMD,
["bash", "-c",
"nss/automation/taskcluster/scripts/build_gyp.sh", args]
],
provisioner: "localprovisioner",
workerType: "nss-macos-10-12",
platform: "mac",
maxRunTime: 7200,
artifacts: [{
expires: 24 * 7,
type: "directory",
path: "public"
}],
kind: "build",
symbol: "B"
}, mac_base);

// The task that builds NSPR+NSS.
let task_build = queue.scheduleTask(merge(build_base, {name}));

// The task that generates certificates.
let task_cert = queue.scheduleTask(merge(build_base, {
name: "Certificates",
command: [
MAC_CHECKOUT_CMD,
["bash", "-c",
"nss/automation/taskcluster/scripts/gen_certs.sh"]
],
parent: task_build,
symbol: "Certs"
}));

// Schedule tests.
scheduleTests(task_build, task_cert, merge(mac_base, {
command: [
MAC_CHECKOUT_CMD,
["bash", "-c",
"nss/automation/taskcluster/scripts/run_tests.sh"]
]
}));

return queue.submit();
}

/*****************************************************************************/
Expand Down
2 changes: 1 addition & 1 deletion automation/taskcluster/graph/src/try_syntax.js
View file
Expand Up @@ -25,7 +25,7 @@ function parseOptions(opts) {
let allPlatforms = ["linux", "linux64", "linux64-asan",
"win", "win64", "win-make", "win64-make",
"linux64-make", "linux-make", "linux-fuzz",
"linux64-fuzz", "aarch64"];
"linux64-fuzz", "aarch64", "mac"];
let platforms = intersect(opts.platform.split(/\s*,\s*/), allPlatforms);

// If the given value is nonsense or "none" default to all platforms.
Expand Down
9 changes: 7 additions & 2 deletions automation/taskcluster/scripts/build_gyp.sh
View file
Expand Up @@ -9,5 +9,10 @@ hg_clone https://hg.mozilla.org/projects/nspr ./nspr default
nss/build.sh -g -v "$@"

# Package.
mkdir artifacts
tar cvfjh artifacts/dist.tar.bz2 dist
if [[ $(uname) = "Darwin" ]]; then
mkdir -p public
tar cvfjh public/dist.tar.bz2 dist
else
mkdir artifacts
tar cvfjh artifacts/dist.tar.bz2 dist
fi
9 changes: 7 additions & 2 deletions automation/taskcluster/scripts/gen_certs.sh
View file
Expand Up @@ -12,5 +12,10 @@ NSS_TESTS=cert NSS_CYCLES="standard pkix sharedb" $(dirname $0)/run_tests.sh
echo 1 > tests_results/security/localhost

# Package.
mkdir artifacts
tar cvfjh artifacts/dist.tar.bz2 dist tests_results
if [[ $(uname) = "Darwin" ]]; then
mkdir -p public
tar cvfjh public/dist.tar.bz2 dist tests_results
else
mkdir artifacts
tar cvfjh artifacts/dist.tar.bz2 dist tests_results
fi
4 changes: 0 additions & 4 deletions readme.md
View file
Expand Up @@ -122,10 +122,6 @@ set or export:
Note that you might have to add `nss.local` to `/etc/hosts` if it's not
there. The entry should look something like `127.0.0.1 nss.local nss`.

If you get name resolution errors, try to ensure that you are using an IPv4
address; IPv6 is the default on many systems for the loopback device which
doesn't work.

### Running tests

**Runnning all tests will take a while!**
Expand Down
44 changes: 25 additions & 19 deletions tests/ssl/ssl.sh
View file
Expand Up @@ -57,6 +57,12 @@ ssl_init()
fi

PORT=${PORT-8443}
# Avoid port conflicts when multiple tests are running on the same machine.
if [ -n "$NSS_TASKCLUSTER_MAC" ]; then
cwd=$(cd $(dirname $0); pwd -P)
padd=$(echo $cwd | cut -d "/" -f4 | sed 's/[^0-9]//g')
PORT=$(($PORT + $padd))
fi
NSS_SSL_TESTS=${NSS_SSL_TESTS:-normal_normal}
nss_ssl_run="stapling signed_cert_timestamps cov auth stress"
NSS_SSL_RUN=${NSS_SSL_RUN:-$nss_ssl_run}
Expand Down Expand Up @@ -141,16 +147,16 @@ wait_for_selfserv()
{
#verbose="-v"
echo "trying to connect to selfserv at `date`"
echo "tstclnt -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \\"
echo " -d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}"
${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
-d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}
if [ $? -ne 0 ]; then
sleep 5
echo "retrying to connect to selfserv at `date`"
echo "tstclnt -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \\"
echo " -d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}"
${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} ${CLIENT_OPTIONS} -q \
-d ${P_R_CLIENTDIR} $verbose < ${REQUEST_FILE}
if [ $? -ne 0 ]; then
html_failed "Waiting for Server"
Expand Down Expand Up @@ -295,11 +301,11 @@ ssl_cov()
VMAX="tls1.2"
fi

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\"
echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}"

rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \
-d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -343,10 +349,10 @@ ssl_auth()
fi
start_selfserv

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo " ${cparam} < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${cparam} $verbose ${CLIENT_OPTIONS} \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} $verbose ${CLIENT_OPTIONS} \
-d ${P_R_CLIENTDIR} < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -395,10 +401,10 @@ ssl_stapling_sub()

start_selfserv

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo " -c v -T -O -F -M 1 -V ssl3:tls1.2 < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
-d ${P_R_CLIENTDIR} $verbose -c v -T -O -F -M 1 -V ssl3:tls1.2 < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -514,10 +520,10 @@ ssl_signed_cert_timestamps()

# Since we don't have server-side support, this test only covers advertising the
# extension in the client hello.
echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${P_R_CLIENTDIR} $verbose ${CLIENT_OPTIONS} \\"
echo " -U -V tls1.0:tls1.2 < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${CLIENT_OPTIONS} \
-d ${P_R_CLIENTDIR} $verbose -U -V tls1.0:tls1.2 < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -642,10 +648,10 @@ ssl_crl_ssl()
cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `
start_selfserv

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo " ${cparam} < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
-d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -733,11 +739,11 @@ NSS=trustOrder=100
cat ${P_R_CLIENTDIR}/pkcs11.txt
echo "******************************"

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\"
echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}"

rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \
-d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down Expand Up @@ -826,7 +832,7 @@ load_group_crl() {
fi
echo "================= Reloading ${eccomment}CRL for group $grpBegin - $grpEnd ============="

echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo " -V ssl3:tls1.2 -w nss -n TestUser${UNREVOKED_CERT_GRP_1}${ecsuffix}"
echo "Request:"
echo "GET crl://${SERVERDIR}/root.crl_${grpBegin}-${grpEnd}${ecsuffix}"
Expand All @@ -839,7 +845,7 @@ GET crl://${SERVERDIR}/root.crl_${grpBegin}-${grpEnd}${ecsuffix}
_EOF_REQUEST_

${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f \
-d ${R_CLIENTDIR} $verbose -V ssl3:tls1.2 -w nss -n TestUser${UNREVOKED_CERT_GRP_1}${ecsuffix} \
>${OUTFILE_TMP} 2>&1 < ${REQF}

Expand Down Expand Up @@ -930,10 +936,10 @@ ssl_crl_cache()
cparam=`echo $_cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" `

echo "Server Args: $SERV_ARG"
echo "tstclnt -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f -d ${R_CLIENTDIR} $verbose \\"
echo " ${cparam} < ${REQUEST_FILE}"
rm ${TMP}/$HOST.tmp.$$ 2>/dev/null
${PROFTOOL} ${BINDIR}/tstclnt -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -f ${cparam} \
-d ${R_CLIENTDIR} $verbose < ${REQUEST_FILE} \
>${TMP}/$HOST.tmp.$$ 2>&1
ret=$?
Expand Down

0 comments on commit f04ae27

Please sign in to comment.