mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-07-30 22:43:08 +03:00
New all.sh wrapper with reduced scope (CI only)
Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>
This commit is contained in:
@ -5,92 +5,98 @@
|
|||||||
# Copyright The Mbed TLS Contributors
|
# Copyright The Mbed TLS Contributors
|
||||||
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
|
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
|
||||||
|
|
||||||
# During the transition of CI associated with the repo split,
|
# This is a transitional wrapper that's only meant for the CI.
|
||||||
# we want all.sh from the mbedtls repo to transparently run both
|
# Developers should directly invoke on or two of:
|
||||||
# mbedtls and tf-psa-crypto components.
|
|
||||||
# This is what this wrapper is about.
|
|
||||||
# Once the transition is over, this wrapper can be removed,
|
|
||||||
# and mbedtls-all.sh renamed again to all.sh.
|
|
||||||
#
|
|
||||||
# This wrapper is mostly for the CI's benefit. Developers probably want to
|
|
||||||
# directly invoke one or two of the following commands:
|
|
||||||
# - tests/scripts/mbedtls-all.sh ...
|
# - tests/scripts/mbedtls-all.sh ...
|
||||||
# - (cd tf-psa-crypto && tests/scripts/all.sh ...)
|
# - (cd tf-psa-crypto && tests/scripts/all.sh ...)
|
||||||
|
#
|
||||||
|
# During the transition, it's illegal for a tf-psa-crypto component to have
|
||||||
|
# the same name as an mbedtls components; since this wrapper handles both
|
||||||
|
# sides at once, component names need to be globally unique. Once the
|
||||||
|
# transition period is over, unicity on each side will be enough.
|
||||||
|
#
|
||||||
|
# For context, here are the steps of the transition:
|
||||||
|
# 1. We have an all.sh in tf-psa-crypto but for now we don't invoke it directly
|
||||||
|
# on the CI, only through this transitional wrapper in mbedtls. (tf-psa-crypto
|
||||||
|
# doesn't have its own CI initially and runs Mbed TLS's instead.)
|
||||||
|
# 2. We move all relevant components to tf-psa-crypto so that it gets the level of
|
||||||
|
# coverage we want. We need to make sure the new names are unique.
|
||||||
|
# 3. We change the CI job on tf-psa-crypto to stop checking out mbedtls and running
|
||||||
|
# its all.sh - instead we do the normal thing of checking out tf-psa-crypto and
|
||||||
|
# running its all.sh. (In two steps: (a) add the new job, (b) remove the old
|
||||||
|
# one.)
|
||||||
|
# 4. We remove the transitional wrapper in mbedtls and we're now free to rename
|
||||||
|
# tf-psa-crypto components as we want. If we followed a consistent naming
|
||||||
|
# pattern, this can be as simple as s/_tf_psa_crypto// in components-*.sh.
|
||||||
|
|
||||||
# This script must be invoked from the project's root.
|
# This script must be invoked from the project's root.
|
||||||
|
|
||||||
|
# There are exactly 4 ways this is invoked in the CI:
|
||||||
|
# 1. tests/scripts/all.sh --help
|
||||||
|
# 2. tests/scripts/all.sh --list-all-components
|
||||||
|
# 3. tests/scripts/all.sh --list-components
|
||||||
|
# 4. tests/scripts/all.sh --seed 4 --keep-going single_component_name
|
||||||
|
# This wrapper does not support other invocations.
|
||||||
|
|
||||||
set -eu
|
set -eu
|
||||||
|
|
||||||
|
# Cases 1-3
|
||||||
|
if [ "$#" -eq 1 ]; then
|
||||||
|
if [ "$1" = '--help' ]; then
|
||||||
|
# It doesn't matter which one we use, they're the same
|
||||||
|
tests/scripts/mbedtls-all.sh "$1"
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
if [ "$1" = '--list-all-components' -o "$1" = '--list-components' ]; then
|
||||||
|
# Invoke both
|
||||||
|
tests/scripts/mbedtls-all.sh "$1"
|
||||||
|
(cd tf-psa-crypto && tests/scripts/all.sh "$1")
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$#" -ne 4 -o "$1" != '--seed' -o "$3" != '--keep-going' ]; then
|
||||||
|
echo "This invocation is not supported by the transitional wrapper." >&2
|
||||||
|
echo "See the comments at the top of $0." >&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Case 4: invoke the right all.sh for this component
|
||||||
|
comp_name=$4
|
||||||
|
|
||||||
# Get the list of components available on each side.
|
# Get the list of components available on each side.
|
||||||
COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | sort)
|
COMP_MBEDTLS=$(tests/scripts/mbedtls-all.sh --list-all-components | tr '\n' ' ')
|
||||||
COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | sort)
|
COMP_CRYPTO=$(cd tf-psa-crypto && tests/scripts/all.sh --list-all-components | tr '\n' ' ')
|
||||||
|
|
||||||
# Error out if any component is available on both sides
|
# tell if $1 is in space-separated list $2
|
||||||
COMMON=$(comm -12 <(echo "$COMP_MBEDTLS") <(echo "$COMP_CRYPTO") | tr '\n' ' ')
|
is_in() {
|
||||||
if [ -n "$COMMON" ]; then
|
needle=$1
|
||||||
echo "The following components are duplicated: $COMMON" >&2
|
haystack=$2
|
||||||
exit 2
|
case " $haystack " in
|
||||||
fi
|
*" $needle "*) echo 1;;
|
||||||
|
*) echo 0;;
|
||||||
# all.sh complains when a component is requested explicitly but is not
|
|
||||||
# available. However, here we actually run two instances of all.sh, so when
|
|
||||||
# requesting one component epxlicitly, at least one instance is not going to
|
|
||||||
# know about it. So, when invoking each side, remove the other side's
|
|
||||||
# components from its command line. This is safe because we know from above
|
|
||||||
# that no component is on both sides.
|
|
||||||
|
|
||||||
# mbedtls args are global args without the crypto components
|
|
||||||
COMP_CRYPTO=$(echo $COMP_CRYPTO | tr '\n' ' ')
|
|
||||||
for arg in "$@"; do
|
|
||||||
case " $COMP_CRYPTO " in
|
|
||||||
*" $arg "*) ;;
|
|
||||||
*) mbedtls_args+=( $arg ) ;;
|
|
||||||
esac
|
esac
|
||||||
done
|
}
|
||||||
|
|
||||||
# crypto args are global args without the mbedtls components
|
is_crypto=$(is_in "$comp_name" "$COMP_CRYPTO")
|
||||||
COMP_MBEDTLS=$(echo $COMP_MBEDTLS | tr '\n' ' ')
|
is_mbedtls=$(is_in "$comp_name" "$COMP_MBEDTLS")
|
||||||
for arg in "$@"; do
|
|
||||||
case " $COMP_MBEDTLS " in
|
|
||||||
*" $arg "*) ;;
|
|
||||||
*) crypto_args+=( $arg ) ;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
# Note: don't print debug info on what commands are being run, because we
|
# Component should be on exactly one side (see comment near the top).
|
||||||
# don't want to pollute the output especially when --list-components is used.
|
if [ "$is_crypto" -eq 1 -a "$is_mbedtls" -eq 1 ]; then
|
||||||
|
echo "Component '$comp_name' is both in crypto and Mbed TLS". >&2
|
||||||
# call mbedtls's all.sh
|
echo "See the comments at the top of $0." >&2
|
||||||
set +e
|
exit 1
|
||||||
tests/scripts/mbedtls-all.sh "${mbedtls_args[@]}"
|
fi
|
||||||
mbedtls_exit=$?
|
if [ "$is_crypto" -eq 0 -a "$is_mbedtls" -eq 0 ]; then
|
||||||
set -e
|
echo "Component '$comp_name' is neither in crypto nor in Mbed TLS". >&2
|
||||||
if [ $mbedtls_exit -ne 0 ]; then
|
echo "See the comments at the top of $0." >&2
|
||||||
echo "mbedtls-all.sh exited $mbedtls_exit" >&2
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# if it returned non-zero, should we keep going?
|
# Invoke the real thing
|
||||||
if [ $mbedtls_exit -ne 0 ]; then
|
if [ "$is_crypto" -eq 1 ]; then
|
||||||
case " $@ " in
|
cd tf-psa-crypto
|
||||||
*" --keep-going "*) ;; # fall through and run tf-psa-crypto's all.sh
|
exec tests/scripts/all.sh "$@"
|
||||||
*) exit $mbedtls_exit;;
|
|
||||||
esac
|
|
||||||
fi
|
|
||||||
|
|
||||||
# call tf-psa-crypto's all.sh
|
|
||||||
set +e
|
|
||||||
(cd tf-psa-crypto && tests/scripts/all.sh "${crypto_args[@]}")
|
|
||||||
crypto_exit=$?
|
|
||||||
set -e
|
|
||||||
if [ $crypto_exit -ne 0 ]; then
|
|
||||||
echo "tf-psa-crypto's all.sh exited $crypto_exit" >&2
|
|
||||||
fi
|
|
||||||
|
|
||||||
# return an appropriate exit code
|
|
||||||
if [ $mbedtls_exit -ne 0 ]; then
|
|
||||||
echo "mbedtls-all.sh exited $mbedtls_exit" >&2
|
|
||||||
echo "Please scroll up for a summary of errors in mbedtls-all.sh" >&2
|
|
||||||
exit $mbedtls_exit
|
|
||||||
else
|
else
|
||||||
exit $crypto_exit
|
exec tests/scripts/mbedtls-all.sh "$@"
|
||||||
fi
|
fi
|
||||||
|
Reference in New Issue
Block a user