Use version 0.0.2 of the FIH docker image, which is just a rebuild with
upgraded packages. This should fix the SSL issues cloning the tf-m-tests
repo from the docker run.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Force use of string comparison to avoid issues comparing strings that
include specific characters like `[` and `]`, which are special symbols
and break the bash test.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add workflows to run FIH tests using GH actions. Update scripts to add
parsing of FIH parameters from a env matrix and disable docker caching
when running on GH.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Change the log level of TF-M so that the message that the CI is looking
for appears in the output.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Change-Id: I763ccef4aaf6158ed578b230096f595a1e5cbfd9
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
The running test was generating an YAML output with the following line:
```
last_line: ' Description: 'ECDSA signature test of attest token''
```
This string comes from the test with the single quotes, and using single
quotes twice break the YAML format, so this commit changes the string
after last_line to be enclosed in the double quotes.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This reverts commit 34f68ed67c.
Re-enable certificate checking when downloading the Arm toolchain.
Although, this is probably not all that great of a risk, the certificate
issue was transient, and was fixed shortly after it was noticed.
Signed-off-by: David Brown <david.brown@linaro.org>
Disable certificate verification for developer.arm.com to avoid
certificate issues when installing arm embedded tools to build Mynewt.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Addresses issues when running signed-off-by checks on the Zephyr fork
due to GH rebases done on UX rewriting the commit with the primary email
instead of whatever email was used originally.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
To fix a regression caused by f68473814f,
where an older TF-M version was used that didn't support the bootutil
cmake.
Signed-off-by: Raef Coles <raef.coles@arm.com>
To help determine where time is being spent in tests, add a 'time'
command to the test invocation script. In addition, split the test
invocation into a separate build and run stage. This can be useful with
another change to ptest that logs all test outputs instead of just
failures.
Signed-off-by: David Brown <david.brown@linaro.org>
Update volume maps so local directories in the Travis VM map correctly
to the Docker expected PATH for script running. Misc cleanups.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Update install script to avoid building a docker image and instead pull;
also add proper caching for re-runs.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Update Dockerfile to only build a distro and required tooling, avoiding
adding source repositories, including tfm and mcuboot, so that it can be
reused without the need to rebuild all the time.
This should allow pushing the image under mcuboot/fih-test and
pulling+caching in Travis.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
To avoid problems where the latest master of tf-m-tests is incompatible
with the fixed version used by the FIH test. Bump the version of TF-M
used slightly to a commit that allows the version of tf-m-tests to be
easily overridden.
Signed-off-by: Raef Coles <raef.coles@arm.com>
To a version which uses the new bootutil cmake, allowing the bootutil
files to be moved/renamed without breaking the FIH test.
Signed-off-by: Raef Coles <raef.coles@arm.com>
Add scripts that can run instruction skip FIH tests on QEMU.
Co-authored-by: Raef Coles <raef.coles@arm.com>
Change-Id: Ia6da00174115e1dabaf84fdfc0e40476dc1b7a10
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Build MCUBoot with TF-M build system for AN521 platform, and run it in
QEMU. The result of the test run is not evaluated yet.
Change-Id: I5fbfef8e6d8dec99a8e3e00d659a07ccfcaf0b5b
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
Disable imgtool publishing on Travis; update scripts to work on both
Travis and GH; add GH workflow for publishing.
Signed-off-by: Fabio Utzig <fabio.utzig@nordicsemi.no>
Add new CI vm that parses the imgtool version from __init__.py and
compares with the current published release. If the version in the repo
is newer it will be published automatically.
Signed-off-by: Fabio Utzig <utzig@apache.org>
When running tests from .travis.yml, the passed in features are first
checked locally for support in the current simulator. The list of
supported features was manually maintained, allowing newly implemented
features to be skipped, also skipping the related test (without
warnings). This adds a new tool that parses and prints the list of
features directly from the given Cargo.toml.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Ran automated checker for common typos [1]. Most of these changes have
no functional change *except* for `./ci/sim_run.sh` where, previously
the `bootstrap` feature wasn't being selected properly.
I didn't touch anything in the `./ext/` folder as anything in there
should probably be fixed in the upstream repo.
[1] https://github.com/codespell-project/codespell
Signed-off-by: Sam Bristow <sam@bristow.nz>
This allows the CI targets to be built if MCUBoot is a dependency of
other repos as well as current local package only build support.
Signed-off-by: Fabio Utzig <utzig@apache.org>
This change replaces the slot 0/1 terminology with primary/secondary
slot and replaces FLASH_AREA_IMAGE_0/1 with
FLASH_AREA_IMAGE_PRIMARY/SECONDARY. This naming convention may be more
understandable, fits better to MCUs with multiple images and it is an
architecture agnostic alternative as well.
Change-Id: I655a585f6ae023852c671ee6635399efe25209c9
Signed-off-by: David Vincze <david.vincze@arm.com>
Signed-off-by: David Brown <david.brown@linaro.org>
Adds scripts to build and test many Mynewt project configurations; this
avoids breaking builds after changes are not tested for some particular
configuration option.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Add a new directory "ci", to easily add new tests with setup/run phases
that don't require direct setup in .travis.yml. This also avoids
polution of scripts/.
Signed-off-by: Fabio Utzig <utzig@apache.org>
Fabio Utzig