diff --git a/codebuild/spec/buildspec_ktls.yml b/codebuild/spec/buildspec_ktls.yml index 9ef592fa39e..f341e20dc51 100644 --- a/codebuild/spec/buildspec_ktls.yml +++ b/codebuild/spec/buildspec_ktls.yml @@ -20,5 +20,5 @@ phases: export S2N_CMAKE_OPTIONS=${S2N_CMAKE_OPTIONS}; \ export S2N_KTLS_TESTING_EXPECTED=1; \ nix develop .#openssl111 --command bash -c \ - 'source ./nix/shell.sh && clean && configure && build && unit' \ + 'source ./nix/shell.sh && clean && configure && unit' \ " diff --git a/nix/README.md b/nix/README.md index 57221bcb742..167f3cbb00b 100644 --- a/nix/README.md +++ b/nix/README.md @@ -41,19 +41,17 @@ The first time this is run, it might take a while to build everything. ### Unit tests -From inside the devShell after configuring and build finish, run `unit `, or with no test name for all of the tests. +From inside the devShell after `configure` finishes, run `unit `, or with no test name for all of the tests. For example, to run the stuffer_test use: `unit stuffer_test`, or `unit stuffer` to run all of tests with stuffer in the name. -The CI does this in one shot with: `nix develop --max-jobs auto --ignore-environment --command bash -c "source ./nix/shell.sh; configure;build;unit" `. - -What is this doing? - +The CI does this in one shot with: `nix develop --max-jobs auto --ignore-environment --command bash -c "source ./nix/shell.sh; configure;unit" `. What this command is doing: 1. max-jobs tells nix to use all the cores available to build 2. ignore-environment strips out environment variables to get a clean environment 3. source the shell functions needed to configure, build and run tests + ### Integration tests -From inside a devShell after running configure and build, use `integ ` to run the integ tests matching the regex ``, or with no arguments to run all the integ tests. Note that some of the tests are still broken under nix, so some failures are expected. +From inside a devShell after running `configure` and `build`, use `integ ` to run the integ tests matching the regex ``, or with no arguments to run all the integ tests. Note that some of the tests are still broken under nix, so some failures are expected. For example: `integ happy_path`. The CI does this in one shot with `nix develop --max-jobs auto --ignore-environnment --command bash -c "source ./nix/shell.sh; configure;build;integ" ` diff --git a/nix/shell.sh b/nix/shell.sh index 3f4359d7744..880422f1a6b 100644 --- a/nix/shell.sh +++ b/nix/shell.sh @@ -26,12 +26,12 @@ libcrypto_alias bssl "${AWSLC_INSTALL_DIR}/bin/bssl" libcrypto_alias libressl "${LIBRESSL_INSTALL_DIR}/bin/openssl" #No need to alias gnutls because it is included in common_packages (see flake.nix). -function clean { +function clean {(set -e banner "Cleanup ./build" rm -rf ./build ./s2n_head -} +)} -function configure { +function configure {(set -e banner "Configuring with cmake" cmake -S . -B./build \ -DBUILD_TESTING=ON \ @@ -41,9 +41,9 @@ function configure { -DBUILD_SHARED_LIBS=ON \ $S2N_CMAKE_OPTIONS \ -DCMAKE_BUILD_TYPE=RelWithDebInfo -} +)} -function build { +function build {(set -e banner "Running Build" javac tests/integrationv2/bin/SSLSocketClient.java cmake --build ./build -j $(nproc) @@ -51,17 +51,25 @@ function build { if [[ -z "${S2N_KTLS_TESTING_EXPECTED}" ]]; then $SRC_ROOT/codebuild/bin/install_s2n_head.sh $(mktemp -d) fi -} +)} -function unit { +function unit {(set -e if [[ -z "$1" ]]; then - (cd $SRC_ROOT/build; ctest -L unit -j $(nproc) --verbose) + cmake --build build -j $(nproc) + ctest --test-dir build -L unit -j $(nproc) --verbose else - (cd $SRC_ROOT/build; ctest -L unit -R $1 -j $(nproc) --verbose) + tests=$(ctest --test-dir build -N -L unit | grep -E "Test +#" | grep -Eo "[^ ]+_test$" | grep "$1") + echo "Tests:" + echo "$tests" + for test in $tests + do + cmake --build build -j $(nproc) --target $test + done + ctest --test-dir build -L unit -R "$1" -j $(nproc) --verbose fi -} +)} -function integ { +function integ {(set -e apache2_start if [[ -z "$1" ]]; then banner "Running all integ tests." @@ -75,9 +83,9 @@ function integ { fi done fi -} +)} -function check-clang-format { +function check-clang-format {(set -e banner "Dry run of clang-format" (cd $SRC_ROOT; include_regex=".*\.(c|h)$"; @@ -99,8 +107,9 @@ function check-clang-format { src_files+=" "; src_files+=`find ./tests/testlib -name .git -prune -o -regextype posix-egrep -regex "$include_regex" -print`; echo $src_files | xargs -n 1 -P $(nproc) clang-format --dry-run -style=file) -} -function do-clang-format { +)} + +function do-clang-format {(set -e banner "In place clang-format" (cd $SRC_ROOT; include_regex=".*\.(c|h)$"; @@ -122,9 +131,9 @@ function do-clang-format { src_files+=" "; src_files+=`find ./tests/testlib -name .git -prune -o -regextype posix-egrep -regex "$include_regex" -print`; echo $src_files | xargs -n 1 -P $(nproc) clang-format -style=file -i) -} +)} -function test_toolchain_counts { +function test_toolchain_counts {(set -e # This is a starting point for a unit test of the devShell. # The chosen S2N_LIBCRYPTO should be 2, and the others should be zero. banner "Checking the CMAKE_INCLUDE_PATH for libcrypto counts" @@ -145,12 +154,12 @@ function test_toolchain_counts { echo -e "Nix sslyze:\t $(which sslyze|grep -c '/nix/store')" echo -e "python nassl:\t $(pip freeze|grep -c 'nassl')" echo -e "valgrind:\t $(valgrind --version|grep -c 'valgrind-3.19.0')" -} +)} -function test_nonstandard_compilation { +function test_nonstandard_compilation {(set -e # Any script that needs to compile s2n in a non-standard way can run here ./codebuild/bin/test_dynamic_load.sh $(mktemp -d) -} +)} function apache2_config(){ export APACHE_NIX_STORE=$(dirname $(dirname $(which httpd))) @@ -181,5 +190,4 @@ function apache2_start(){ else echo "Apache is already running...and if \"$APACHE2_INSTALL_DIR\" is stale, it might be in an unknown state." fi - }