diff options
| author | Daniel Istrate <daniel.alexandrux.istrate@intel.com> | 2016-02-15 15:48:01 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-02-28 11:32:33 +0000 |
| commit | 9b704ae44d9dc1d3d5c3aee6d7a5530b642070c4 (patch) | |
| tree | a96b95478fc67bb5a5238db4eb40be820387ac79 /meta/lib | |
| parent | b6c3ea4240e965f69b3cae0b601c8dc8d18c7646 (diff) | |
| download | openembedded-core-9b704ae44d9dc1d3d5c3aee6d7a5530b642070c4.tar.gz openembedded-core-9b704ae44d9dc1d3d5c3aee6d7a5530b642070c4.tar.bz2 openembedded-core-9b704ae44d9dc1d3d5c3aee6d7a5530b642070c4.zip | |
oeqa/selftest/signing: Added test for locked signatures
fix for [YOCTO #8706]
Signed-off-by: Daniel Istrate <daniel.alexandrux.istrate@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/lib')
| -rw-r--r-- | meta/lib/oeqa/selftest/signing.py | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py index c402e3709a..1e710e3cd3 100644 --- a/meta/lib/oeqa/selftest/signing.py +++ b/meta/lib/oeqa/selftest/signing.py @@ -6,6 +6,7 @@ import re import shutil import tempfile from oeqa.utils.decorators import testcase +from oeqa.utils.ftools import write_file class Signing(oeSelfTest): @@ -130,3 +131,50 @@ class Signing(oeSelfTest): # gpg: Good signature from "testuser (nocomment) <testuser@email.com>" self.assertIn('gpg: Good signature from', ret.output, 'Package signed incorrectly.') + +class LockedSignatures(oeSelfTest): + + @testcase(1420) + def test_locked_signatures(self): + """ + Summary: Test locked signature mechanism + Expected: Locked signatures will prevent task to run + Product: oe-core + Author: Daniel Istrate <daniel.alexandrux.istrate@intel.com> + AutomatedBy: Daniel Istrate <daniel.alexandrux.istrate@intel.com> + """ + + test_recipe = 'ed' + locked_sigs_file = 'locked-sigs.inc' + + self.add_command_to_tearDown('rm -f %s' % os.path.join(self.builddir, locked_sigs_file)) + + bitbake(test_recipe) + # Generate locked sigs include file + bitbake('-S none %s' % test_recipe) + + feature = 'require %s\n' % locked_sigs_file + feature += 'SIGGEN_LOCKEDSIGS_CHECK_LEVEL = "warn"\n' + self.write_config(feature) + + # Build a locked recipe + bitbake(test_recipe) + + # Make a change that should cause the locked task signature to change + recipe_append_file = test_recipe + '_' + get_bb_var('PV', test_recipe) + '.bbappend' + recipe_append_path = os.path.join(self.testlayer_path, 'recipes-test', test_recipe, recipe_append_file) + feature = 'SUMMARY += "test locked signature"\n' + + os.mkdir(os.path.join(self.testlayer_path, 'recipes-test', test_recipe)) + write_file(recipe_append_path, feature) + + self.add_command_to_tearDown('rm -rf %s' % os.path.join(self.testlayer_path, 'recipes-test', test_recipe)) + + # Build the recipe again + ret = bitbake(test_recipe) + + # Verify you get the warning and that the real task *isn't* run (i.e. the locked signature has worked) + patt = r'WARNING: The %s:do_package sig \S+ changed, use locked sig \S+ to instead' % test_recipe + found_warn = re.search(patt, ret.output) + + self.assertIsNotNone(found_warn, "Didn't find the expected warning message. Output: %s" % ret.output) |