-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add rekor test harness to presubmit tests #921
Conversation
This will test critical user journeys against the last three versions of rekor released. Signed-off-by: Priya Wadhwa <[email protected]>
Codecov Report
@@ Coverage Diff @@
## main #921 +/- ##
==========================================
- Coverage 48.25% 48.20% -0.06%
==========================================
Files 62 62
Lines 5398 5398
==========================================
- Hits 2605 2602 -3
- Misses 2511 2513 +2
- Partials 282 283 +1
Help us with your feedback. Take ten seconds to tell us how you rate us. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIUC, this uses the source at head to compile a new rekor-cli
that is then used against prior versions of the server? I'm not sure how frequent of a situation that will be.
I was expecting to see something more similar to this:
- Define a queue of versions to test (similar to how you've picked the last 3 versions here). Call that sorted (ascending) queue
Q
- Define a set of versions you have tested, let's call that
S
, initially empty - Start by popping a version off of the queue
Q
and adding it to the setS
- let
v=max(S)
- start the server with
docker-compose up
rekor-server
and dependencies (redis, mysql, trillian) for versionv
, - for all values in
S
, runHARNESS_TESTS
using therekor-cli
versionv
(we should also capture entryIDs for all inserted entries, and ensure all are readable withrekor-cli
versions inS
) - Pop the next version off of the queue
Q
and add toS
- Repeat this process, assuming the database and trillian instances are persisted across
rekor-server
version upgrades (similar to what was done in sharding). This is critical, since it mirrors what will happen in prod.
tests/rekor-harness.sh
Outdated
@@ -0,0 +1,72 @@ | |||
#!/bin/bash | |||
# | |||
# Copyright 2021 The Sigstore Authors. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
# Copyright 2021 The Sigstore Authors. | |
# Copyright 2022 The Sigstore Authors. |
@bobcallaway so I set up something more like what you were describing:
does that seem reasonable as a skeleton? |
Signed-off-by: Priya Wadhwa <[email protected]>
update: i have tests which should more closely mimic updates in prod. for every server version upgrade, they'll add new entries and also make sure they can still get all the old entries. i might add that in a follow-up pr so this one doesn't get too big |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For inserts at version X and testing if we can run the exact same insert at version X+1, I think this does it. As you note this doesn't cover reading back previously inserted values inserted under code versions that were backlevel from the proposed change.
Signed-off-by: Priya Wadhwa <[email protected]>
Thanks @bobcallaway! Addressed comments, and I'll open a follow-up PR once this is in to check reading previously inserted values. |
* Add rekor test harness to presubmit tests This will test critical user journeys against the last three versions of rekor released. Signed-off-by: Priya Wadhwa <[email protected]> * Set up matrix for testing Signed-off-by: Priya Wadhwa <[email protected]> * Code review comments Signed-off-by: Priya Wadhwa <[email protected]>
This will test critical tests against the last three versions of rekor released.
I picked out a subset of the current e2e tests which I think are important to run against previous versions.
addresses https://github.com/sigstore/public-good-instance/issues/417
Signed-off-by: Priya Wadhwa [email protected]
Summary
Release Note
Documentation