wip

Author: daniel-noland

.cargo/config.toml

@@ -8,3 +8,6 @@ LIBCLANG_PATH = { value = "devroot/lib", relative = true, force = false }
 
 [build]
 rustflags = ["--cfg=tokio_unstable"]
+
+[target.x86_64-unknown-linux-gnu]
+runner = "scripts/test-runner.sh"

default.nix

@@ -122,6 +122,7 @@ let
       cargo-nextest
       direnv
       gateway-crd
+      hwloc.dev
       just
       kopium
       llvmPackages'.clang # you need the host compiler in order to link proc macros
@@ -383,8 +384,8 @@ let
     }
   ) package-list;
 
-  dataplane-tar = pkgs.stdenv'.mkDerivation {
-    pname = "dataplane-tar";
+  min-tar = pkgs.stdenv'.mkDerivation {
+    pname = "min-tar";
     inherit version;
     dontUnpack = true;
     src = null;
@@ -394,12 +395,8 @@ let
       in
       ''
         tmp="$(mktemp -d)"
-        mkdir -p "$tmp/"{bin,lib,var,etc,run/dataplane,run/frr/hh,run/netns}
+        mkdir -p "$tmp/"{bin,lib,var,etc,run/dataplane,run/frr/hh,run/netns,home}
         ln -s /run "$tmp/var/run"
-        cp --dereference "${workspace.dataplane}/bin/dataplane" "$tmp/bin"
-        cp --dereference "${workspace.cli}/bin/cli" "$tmp/bin"
-        cp --dereference "${workspace.init}/bin/dataplane-init" "$tmp/bin"
-        ln -s cli "$tmp/bin/sh"
         for f in "${pkgs.pkgsHostHost.dockerTools.fakeNss}/etc/"* ; do
           cp --archive "$(readlink -e "$f")" "$tmp/etc/$(basename "$f")"
         done
@@ -419,8 +416,8 @@ let
           --group=0 \
           \
           `# anybody editing the files shipped in the container image is up to no good, block all of that.` \
-          `# More, we expressly forbid setuid / setgid anything.  May as well toss in the sticky bit as well.` \
-          --mode='u-sw,go=' \
+          `# More, we expressly forbid setuid / setgid anything.` \
+          --mode='ugo-sw' \
           \
           `# acls / setcap / selinux isn't going to be reliably copied into the image; skip to make more reproducible` \
           --no-acls \
@@ -469,6 +466,70 @@ let
 
   };
 
+  dataplane-tar = pkgs.stdenv'.mkDerivation {
+    pname = "dataplane-tar";
+    inherit version;
+    dontUnpack = true;
+    src = null;
+    buildPhase =
+      ''
+        tmp="$(mktemp -d)"
+        tar xf "${min-tar}" -C "$tmp"
+        chown -R $(id -u):$(id -g) $tmp
+        chmod +w $tmp/bin
+        cp --dereference "${workspace.dataplane}/bin/dataplane" "$tmp/bin"
+        cp --dereference "${workspace.cli}/bin/cli" "$tmp/bin"
+        cp --dereference "${workspace.init}/bin/dataplane-init" "$tmp/bin"
+        ln -s cli "$tmp/bin/sh"
+        cd "$tmp"
+        # we take some care to make the tar file reproducible here
+        tar \
+          --create \
+          --file "$out" \
+          --sort=name \
+          --clamp-mtime \
+          --mtime=0 \
+          --format=posix \
+          --numeric-owner \
+          --owner=0 \
+          --group=0 \
+          --mode='ugo-sw' \
+          --no-acls \
+          --no-xattrs \
+          --no-selinux \
+          --verbose \
+          .
+      '';
+
+  };
+
+  containers.libc = pkgs.dockerTools.buildLayeredImage {
+    name = "dataplane-debugger";
+    tag = "latest";
+    contents = pkgs.buildEnv {
+      name = "dataplane-debugger-env";
+      pathsToLink = [
+        "/bin"
+        "/etc"
+        "/var"
+        "/lib"
+      ];
+      paths = [
+        pkgs.pkgsBuildHost.gdb
+        pkgs.pkgsBuildHost.rr
+        pkgs.pkgsBuildHost.coreutils
+        pkgs.pkgsBuildHost.bashInteractive
+        pkgs.pkgsBuildHost.iproute2
+        pkgs.pkgsBuildHost.ethtool
+
+        pkgs.pkgsHostHost.libc.debug
+        workspace.cli.debug
+        workspace.dataplane.debug
+        workspace.init.debug
+      ];
+    };
+  };
+
   containers.dataplane-debugger = pkgs.dockerTools.buildLayeredImage {
     name = "dataplane-debugger";
     tag = "latest";
@@ -500,11 +561,12 @@ in
 {
   inherit
     clippy
-    dataplane-tar
     containers
+    dataplane-tar
     dev-pkgs
-    devroot
     devenv
+    devroot
+    min-tar
     package-list
     pkgs
     sources

npins/sources.json

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+set -euxo pipefail
+
+if [ -L /nix ]; then
+  echo "fake nix detected, removing"
+  rm /nix
+  echo "installing real nix"
+  sh <(curl --proto '=https' --tlsv1.2 -sSf -L https://nixos.org/nix/install) --no-daemon
+elif  [ -d /nix ]; then
+  echo "real nix detected, nothing to do"
+elif [ -a /nix ]; then
+  echo "/nix exists but is neither directory no symlink, unsure what is happening"
+  exit 99
+else
+  echo "installing real nix"
+  sh <(curl --proto '=https' --tlsv1.2 -sSf -L https://nixos.org/nix/install) --no-daemon
+fi

scripts/installl-real-nix.sh

@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
 
 # SPDX-License-Identifier: Apache-2.0
 # Copyright Open Network Fabric Authors
@@ -177,7 +177,7 @@ docker run \
   --tmpfs "/run/netns:noexec,nosuid,uid=$(id -u),gid=$(id -g)" \
   --tmpfs "/var/run/netns:noexec,nosuid,uid=$(id -u),gid=$(id -g)" \
   --tmpfs "/tmp:nodev,noexec,nosuid,uid=$(id -u),gid=$(id -g)" \
-  --user="$(id -u):$(id -g)" \
+  --user="0:0" \
   --group-add="$(getent group docker | cut -d: -f3)" \
   --env LLVM_PROFILE_FILE="${LLVM_PROFILE_FILE:-""}" \
   --env CARGO_LLVM_COV="${CARGO_LLVM_COV:-0}" \
@@ -191,5 +191,5 @@ docker run \
   --cap-add SYS_ADMIN \
   --cap-add SYS_RAWIO \
   --read-only \
-  "ghcr.io/githedgehog/dpdk-sys/libc-env:${DPDK_SYS_COMMIT}.${LIBC_ENV_PROFILE:-release}" \
+  "min:release" \
   "${@}"

scripts/test-runner.sh

@@ -0,0 +1,54 @@
+#!/usr/bin/env bash
+
+set -euxo pipefail
+
+# This script must be run from within a nix shell
+
+# Step 1: check npins
+
+npins verify
+
+# Step 2: build dataplane
+
+mkdir -p results
+nix build -f default.nix min-tar --out-link results/min.tar
+
+mkdir -p results
+nix build -f default.nix dataplane-tar --out-link results/dataplane.tar
+
+# Step 3: import dataplane
+
+docker import results/min.tar min:release
+docker import results/dataplane.tar dataplane:debug
+
+# Step 4: cargo build
+
+cargo build
+
+# Step 5: cargo nextest run
+
+# (one test is xfail)
+
+cargo nextest run || true
+
+# Step 6: cargo test run
+
+# (one test is xfail)
+
+cargo test || true
+
+# Step 7: build test archive
+
+nix build -f default.nix tests.all --out-link results/tests.all
+# (one test is xfail)
+
+cargo nextest run --archive-file results/tests.all/*.tar.zst --workspace-remap "$(pwd)" || true
+
+# Step 8: build individual tests archive
+
+nix build -f default.nix tests.pkg --out-link results/tests.pkg --max-jobs 4
+
+for pkg in results/tests.pkg/*/*.tar.zst; do
+  # (one test is xfail)
+  cargo nextest run --archive-file "${pkg}" --workspace-remap "$(pwd)" || true
+done