-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
in-toto Github Actions: different builds for windows fail with the same errors #337
Comments
These don't seem related: in your case TimeoutExpired happens as expected but cleanup fails because something (subprocess or some other process) is still using the file. In my case the TimeoutExpired is expected but does not happen (I suspect our process froze for a moment and the subprocess exited before we started checking timeout). |
I have an idea though... the code uses @SolidifiedRay are you able to test this? |
Thanks for the idea! I will test it. |
Unfortunately, this doesn't work, and the tests give the same errors. Here is the link for the results. I also run the tests on my Windows machine, and no errors show up (as expected). I believe this error is related to how the Github Actions workflow runs windows tests. I think I can run the Github Action locally and see if I can trace the error. |
Are you sure this tests the correct securesystemslib branch? The pinned requirement does not seem to mention a branch and your master does not have the communicate() change? (or maybe i'm reading this incorrectly?) |
Yes, the tests are using my securesystemslib fork with the communicate() change: SolidifiedRay@d285d7d. Is this what you mean? Thanks! @jku (And I have the pinned requirement here. It is in my gh-action-windows branch) |
oh your securesystemslib forks default branch is gh-actions, that explains it. Thanks for the test, sadly we can drop the |
I just realized (not sure if this is correct) that we don't use tox for the in-toto windows tests. Instead, we use |
Hm. That's interesting. It could indeed be related. Maybe with tox there is one subprocess level too much? Would still be nice to figure out the exact source of the problem. Maybe we do have a bug in our process module. |
Just tried to find out why we didn't use tox on appveyor, but I couldn't dig up anything quickly. I suppose it was because tox "didn't work" on appveyor (see theupdateframework/python-tuf@f0cb767 from the PR, which added an appveyor config to TUF, which served as blueprint for the config in in-toto). Regardless, taking a deeper look into |
It looks like it is not related to # I ran this using CPython 3.9.1
import os, sys, io
from tempfile import mkstemp
from subprocess import Popen
from time import sleep
stdout_fd, stdout_name = mkstemp()
with os.fdopen(stdout_fd, "w") as stdout_fp:
proc = Popen(
[sys.executable, "-c", "while True: pass"],
stdout=stdout_fp)
# NOTE: For some reason the issue never occurred
# when I killed the process right away.
sleep(0.1)
proc.kill()
proc.wait()
os.remove(stdout_name) # raises (most of the times, but not always) ...
# PermissionError: [WinError 32] The process cannot access the file because it is being used by another process: 'C:\\Users\\vagrant\\AppData\\Local\\Temp\\tmp8ouavoii'
I am pretty sure that it is related to |
* Instead of `securesystemslib.process.run`, use `subprocess.run` directly. The former is only a thin wrapper over the latter, which provides no advantage in Py3-only times. * Copy `securesystemslib.process.run_duplicate_streams` to a helper in runlib. This function is really only needed internally by in-toto-run tooling, for which it was developped originally (in-toto#160). It does not have to be pulic API in securesystemslib. Moreover, the function is not trivial and there have been multiple related bugs, one of them still unresolved (see secure-systems-lab/securesystemslib#337). This patch allows us to deprecate `securesystemslib.process`, and fix or workaround related issue wrt the specific runlib use case. Signed-off-by: Lukas Puehringer <[email protected]>
* Instead of `securesystemslib.process.run`, use `subprocess.run` directly. The former is only a thin wrapper over the latter, which provides no advantage in Py3-only times. * Copy `securesystemslib.process.run_duplicate_streams` to a helper in runlib. This function is really only needed internally by in-toto-run tooling, for which it was developped originally (in-toto#160). It does not have to be pulic API in securesystemslib. Moreover, the function is not trivial and there have been multiple related bugs, one of them still unresolved (see secure-systems-lab/securesystemslib#337). This patch allows us to deprecate `securesystemslib.process`, and fix or workaround related issue wrt the specific runlib use case. **Note to git historians:** run_duplicate_streams was originally removed from in-toto in in-toto/in-toto@29f063a, and now copied back from https://github.com/secure-systems-lab/securesystemslib/blob/v0.26.0/securesystemslib/process.py Signed-off-by: Lukas Puehringer <[email protected]>
* Instead of `securesystemslib.process.run`, use `subprocess.run` directly. The former is only a thin wrapper over the latter, which provides no advantage in Py3-only times. * Copy `securesystemslib.process.run_duplicate_streams` to a helper in runlib. This function is really only needed internally by in-toto-run tooling, for which it was developped originally (in-toto#160). It does not have to be pulic API in securesystemslib. Moreover, the function is not trivial and there have been multiple related bugs, one of them still unresolved (see secure-systems-lab/securesystemslib#337). This patch allows us to deprecate `securesystemslib.process`, and fix or workaround related issue wrt the specific runlib use case. **Note to git historians:** run_duplicate_streams was originally removed from in-toto in in-toto/in-toto@29f063a, and now copied back from https://github.com/secure-systems-lab/securesystemslib/blob/v0.26.0/securesystemslib/process.py Signed-off-by: Lukas Puehringer <[email protected]>
* Instead of `securesystemslib.process.run`, use `subprocess.run` directly. The former is only a thin wrapper over the latter, which provides no advantage in Py3-only times. * Copy `securesystemslib.process.run_duplicate_streams` to a helper in runlib. This function is really only needed internally by in-toto-run tooling, for which it was developped originally (in-toto#160). It does not have to be public API in securesystemslib. Moreover, the function is not trivial and there have been multiple related bugs, one of them still unresolved (see secure-systems-lab/securesystemslib#337). This patch allows us to deprecate `securesystemslib.process`, and fix or workaround related issue wrt the specific runlib use case. **Note to git historians:** run_duplicate_streams was originally removed from in-toto in in-toto/in-toto@29f063a, and now copied back from https://github.com/secure-systems-lab/securesystemslib/blob/v0.26.0/securesystemslib/process.py Signed-off-by: Lukas Puehringer <[email protected]>
This module was originally developed in in-toto and transferred to securesystemslib in secure-systems-lab#174, primarily as Py2/Py3-agnostic wrapper around stdlib's `subprocess.run`, to to execute `gpg`. In secure-systems-lab#502 we switched to using `subprocess.run` directly. Another wrapper around `subprocess.run`, provided by the module, allows capturing standard streams but still write them to a terminal. It was developed as specific `in-toto-run` feature and does not need to be public API in sslib. in-toto/in-toto#544 moves the function back to in-toto. closes secure-systems-lab#345, transfers secure-systems-lab#337 (to in-toto) Signed-off-by: Lukas Puehringer <[email protected]>
This module was originally developed in in-toto and transferred to securesystemslib in secure-systems-lab#174, primarily as Py2/Py3-agnostic wrapper around stdlib's `subprocess.run`, to run the `gpg` command. In secure-systems-lab#502 we switched to using `subprocess.run` directly. Another wrapper around `subprocess.run`, provided by the module, allows capturing standard streams AND write them to a terminal. It was developed as specific `in-toto-run` feature and does not need to be public API in sslib. in-toto/in-toto#544 moves the function back to in-toto. closes secure-systems-lab#345, transfers secure-systems-lab#337 (to in-toto) Signed-off-by: Lukas Puehringer <[email protected]>
Transferred to in-toto/in-toto#547 |
* Instead of `securesystemslib.process.run`, use `subprocess.run` directly. The former is only a thin wrapper over the latter, which provides no advantage in Py3-only times. * Copy `securesystemslib.process.run_duplicate_streams` to a helper in runlib. This function is really only needed internally by in-toto-run tooling, for which it was developped originally (in-toto#160). It does not have to be public API in securesystemslib. Moreover, the function is not trivial and there have been multiple related bugs, one of them still unresolved (see secure-systems-lab/securesystemslib#337). This patch allows us to deprecate `securesystemslib.process`, and fix or workaround related issue wrt the specific runlib use case. **Note to git historians:** run_duplicate_streams was originally removed from in-toto in in-toto/in-toto@29f063a, and now copied back from https://github.com/secure-systems-lab/securesystemslib/blob/v0.26.0/securesystemslib/process.py Signed-off-by: Lukas Puehringer <[email protected]>
Description of issue or feature request:
As issue #407 suggests, I set up the Github Actions Workflow for in-toto in this draft PR. However, each time I run the workflow on my fork, different builds for windows fail, and they all give the same errors:
Here is the link for the full test results: https://github.com/SolidifiedRay/in-toto/runs/1948989796?check_suite_focus=true
Not sure if it is relevant, but another person also encounter a test failure in the same process module, and it is also related to the
run_duplicate_streams
function.Current behavior:
Failing test: test_timeout_setting (tests.test_runlib.TestLinkCmdExecTimeoutSetting)
Expected behavior:
No failing test.
The text was updated successfully, but these errors were encountered: