Skip to content

Commit

Permalink
Merge main into silo-ip-pools-rename
Browse files Browse the repository at this point in the history
  • Loading branch information
david-crespo committed Jun 24, 2024
2 parents e839eee + 895f280 commit 76810d7
Show file tree
Hide file tree
Showing 167 changed files with 1,938 additions and 10,011 deletions.
6 changes: 6 additions & 0 deletions .cargo/config.toml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,12 @@
# binaries and the test suite. There's no need for typical library
# documentation of public interfaces.)
#
# NOTE: If you change this, also change the `RUSTDOCFLAGS` values in the various
# CI scripts:
# - .github/buildomat/build-and-test.sh
# - .github/buildomat/jobs/clippy.sh
# - .github/workflows/rust.yml
#
[build]
rustdocflags = "--document-private-items"

Expand Down
2 changes: 1 addition & 1 deletion .github/buildomat/build-and-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ ptime -m bash ./tools/install_builder_prerequisites.sh -y
#
banner build
export RUSTFLAGS="-D warnings"
export RUSTDOCFLAGS="-D warnings"
export RUSTDOCFLAGS="--document-private-items -D warnings"
# When running on illumos we need to pass an additional runpath that is
# usually configured via ".cargo/config" but the `RUSTFLAGS` env variable
# takes precedence. This path contains oxide specific libraries such as
Expand Down
2 changes: 1 addition & 1 deletion .github/buildomat/jobs/clippy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,4 @@ ptime -m bash ./tools/install_builder_prerequisites.sh -y
banner clippy
export CARGO_INCREMENTAL=0
ptime -m cargo xtask clippy
ptime -m cargo doc
RUSTDOCFLAGS="--document-private-items -D warnings" ptime -m cargo doc --workspace --no-deps
2 changes: 1 addition & 1 deletion .github/workflows/rust.yml
Original file line number Diff line number Diff line change
Expand Up @@ -108,4 +108,4 @@ jobs:
- name: Install Pre-Requisites
run: ./tools/install_builder_prerequisites.sh -y
- name: Test build documentation
run: RUSTDOCFLAGS="-Dwarnings" cargo doc
run: RUSTDOCFLAGS="--document-private-items -D warnings" cargo doc --workspace --no-deps
15 changes: 8 additions & 7 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 16 additions & 4 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,7 @@ members = [
]

default-members = [
"api_identity",
"bootstore",
"certificates",
"clients/bootstrap-agent-client",
Expand All @@ -113,6 +114,8 @@ default-members = [
# hakari to not work as well and build times to be longer.
# See omicron#4392.
"dns-server",
# Do not include end-to-end-tests in the list of default members, as its
# tests only work on a deployed control plane.
"gateway-cli",
"gateway-test-utils",
"gateway",
Expand All @@ -128,18 +131,21 @@ default-members = [
"nexus-config",
"nexus/authz-macros",
"nexus/auth",
"nexus/macros-common",
"nexus/metrics-producer-gc",
"nexus/networking",
"nexus/db-fixed-data",
"nexus/db-macros",
"nexus/db-model",
"nexus/db-queries",
"nexus/defaults",
"nexus/inventory",
"nexus/macros-common",
"nexus/metrics-producer-gc",
"nexus/networking",
"nexus/reconfigurator/execution",
"nexus/reconfigurator/planning",
"nexus/reconfigurator/preparation",
"nexus/test-interface",
"nexus/test-utils-macros",
"nexus/test-utils",
"nexus/types",
"oximeter/collector",
"oximeter/db",
Expand All @@ -166,6 +172,7 @@ default-members = [
"wicket-dbg",
"wicket",
"wicketd",
"workspace-hack",
"zone-setup",
]
resolver = "2"
Expand Down Expand Up @@ -435,7 +442,12 @@ signal-hook = "0.3"
signal-hook-tokio = { version = "0.3", features = [ "futures-v0_3" ] }
sigpipe = "0.1.3"
similar-asserts = "1.5.0"
sled = "0.34"
# Don't change sled's version on accident; sled's on-disk format is not yet
# stable and requires manual migrations. In the limit this won't matter because
# the upgrade system will replace the DNS server zones entirely, but while we
# are still doing mupdate a change to the on-disk format will break existing DNS
# server zones.
sled = "=0.34.7"
sled-agent-client = { path = "clients/sled-agent-client" }
sled-hardware = { path = "sled-hardware" }
sled-hardware-types = { path = "sled-hardware/types" }
Expand Down
18 changes: 6 additions & 12 deletions api_identity/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,9 @@ mod test {

#[test]
fn test_identity() {
let ret = do_object_identity(
quote! {
struct Foo { identity: IdentityMetadata }
}
.into(),
);
let ret = do_object_identity(quote! {
struct Foo { identity: IdentityMetadata }
});

let expected = quote! {
impl ObjectIdentity for Foo {
Expand All @@ -80,12 +77,9 @@ mod test {

#[test]
fn test_identity_no_field() {
let ret = do_object_identity(
quote! {
struct Foo {}
}
.into(),
);
let ret = do_object_identity(quote! {
struct Foo {}
});

let error = ret.unwrap_err();
assert!(error.to_string().starts_with("deriving ObjectIdentity"));
Expand Down
9 changes: 9 additions & 0 deletions clients/sled-agent-client/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -484,6 +484,15 @@ impl From<omicron_common::api::internal::nexus::KnownArtifactKind>
use omicron_common::api::internal::nexus::KnownArtifactKind;

match s {
KnownArtifactKind::GimletRotBootloader => {
types::KnownArtifactKind::GimletRotBootloader
}
KnownArtifactKind::PscRotBootloader => {
types::KnownArtifactKind::PscRotBootloader
}
KnownArtifactKind::SwitchRotBootloader => {
types::KnownArtifactKind::SwitchRotBootloader
}
KnownArtifactKind::GimletSp => types::KnownArtifactKind::GimletSp,
KnownArtifactKind::GimletRot => types::KnownArtifactKind::GimletRot,
KnownArtifactKind::Host => types::KnownArtifactKind::Host,
Expand Down
10 changes: 4 additions & 6 deletions common/src/api/internal/nexus.rs
Original file line number Diff line number Diff line change
Expand Up @@ -273,16 +273,11 @@ pub struct UpdateArtifactId {
//
// 1. Add it here.
//
// 2. Add the new kind to <repo root>/{nexus-client,sled-agent-client}/lib.rs.
// 2. Add the new kind to <repo root>/clients/src/lib.rs.
// The mapping from `UpdateArtifactKind::*` to `types::UpdateArtifactKind::*`
// must be left as a `todo!()` for now; `types::UpdateArtifactKind` will not
// be updated with the new variant until step 5 below.
//
// 3. Add it to the sql database schema under (CREATE TYPE
// omicron.public.update_artifact_kind).
//
// TODO: After omicron ships this would likely involve a DB migration.
//
// 4. Add the new kind and the mapping to its `update_artifact_kind` to
// <repo root>/nexus/db-model/src/update_artifact.rs
//
Expand Down Expand Up @@ -324,17 +319,20 @@ pub enum KnownArtifactKind {
// Sled Artifacts
GimletSp,
GimletRot,
GimletRotBootloader,
Host,
Trampoline,
ControlPlane,

// PSC Artifacts
PscSp,
PscRot,
PscRotBootloader,

// Switch Artifacts
SwitchSp,
SwitchRot,
SwitchRotBootloader,
}

impl KnownArtifactKind {
Expand Down
17 changes: 17 additions & 0 deletions common/src/update.rs
Original file line number Diff line number Diff line change
Expand Up @@ -177,6 +177,12 @@ impl ArtifactKind {
/// These artifact kinds are not stored anywhere, but are derived from stored
/// kinds and used as internal identifiers.
impl ArtifactKind {
/// Gimlet root of trust bootloader slot image identifier.
///
/// Derived from [`KnownArtifactKind::GimletRotBootloader`].
pub const GIMLET_ROT_STAGE0: Self =
Self::from_static("gimlet_rot_bootloader");

/// Gimlet root of trust A slot image identifier.
///
/// Derived from [`KnownArtifactKind::GimletRot`].
Expand All @@ -189,6 +195,11 @@ impl ArtifactKind {
pub const GIMLET_ROT_IMAGE_B: Self =
Self::from_static("gimlet_rot_image_b");

/// PSC root of trust stage0 image identifier.
///
/// Derived from [`KnownArtifactKind::PscRotBootloader`].
pub const PSC_ROT_STAGE0: Self = Self::from_static("psc_rot_bootloader");

/// PSC root of trust A slot image identifier.
///
/// Derived from [`KnownArtifactKind::PscRot`].
Expand All @@ -199,6 +210,12 @@ impl ArtifactKind {
/// Derived from [`KnownArtifactKind::PscRot`].
pub const PSC_ROT_IMAGE_B: Self = Self::from_static("psc_rot_image_b");

/// Switch root of trust A slot image identifier.
///
/// Derived from [`KnownArtifactKind::SwitchRotBootloader`].
pub const SWITCH_ROT_STAGE0: Self =
Self::from_static("switch_rot_bootloader");

/// Switch root of trust A slot image identifier.
///
/// Derived from [`KnownArtifactKind::SwitchRot`].
Expand Down
1 change: 1 addition & 0 deletions dev-tools/omdb/tests/usage_errors.out
Original file line number Diff line number Diff line change
Expand Up @@ -290,6 +290,7 @@ Options:
for discretionary services)
- query-during-inventory: Sleds whose sled agents should be queried for inventory
- reservation-create: Sleds on which reservations can be created
- v2p-mapping: Sleds which should be sent OPTE V2P mappings
- vpc-firewall: Sleds which should be sent VPC firewall rules

--log-level <LOG_LEVEL>
Expand Down
51 changes: 38 additions & 13 deletions dev-tools/releng/src/hubris.rs
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,17 @@ use omicron_common::api::external::SemverVersion;
use omicron_common::api::internal::nexus::KnownArtifactKind;
use semver::Version;
use serde::Deserialize;
use slog::warn;
use slog::Logger;
use tufaceous_lib::assemble::DeserializedArtifactData;
use tufaceous_lib::assemble::DeserializedArtifactSource;
use tufaceous_lib::assemble::DeserializedFileArtifactSource;
use tufaceous_lib::assemble::DeserializedManifest;

use crate::RETRY_ATTEMPTS;

pub(crate) async fn fetch_hubris_artifacts(
logger: Logger,
base_url: &'static str,
client: reqwest::Client,
manifest_list: Utf8PathBuf,
Expand All @@ -43,7 +48,7 @@ pub(crate) async fn fetch_hubris_artifacts(

for line in fs::read_to_string(manifest_list).await?.lines() {
if let Some(hash) = line.split_whitespace().next() {
let data = fetch_hash(base_url, &client, hash).await?;
let data = fetch_hash(&logger, base_url, &client, hash).await?;
let str = String::from_utf8(data).with_context(|| {
format!("hubris artifact manifest {} was not UTF-8", hash)
})?;
Expand Down Expand Up @@ -85,7 +90,9 @@ pub(crate) async fn fetch_hubris_artifacts(
},
);
for hash in hashes {
let data = fetch_hash(base_url, &client, &hash).await?;
let data =
fetch_hash(&logger, base_url, &client, &hash)
.await?;
fs::write(output_dir.join(zip!(hash)), data).await?;
}
}
Expand All @@ -102,21 +109,39 @@ pub(crate) async fn fetch_hubris_artifacts(
}

async fn fetch_hash(
logger: &Logger,
base_url: &'static str,
client: &reqwest::Client,
hash: &str,
) -> Result<Vec<u8>> {
client
.get(format!("{}/artifact/{}", base_url, hash))
.send()
.and_then(|response| response.json())
.await
.with_context(|| {
format!(
"failed to fetch hubris artifact {} from {}",
hash, base_url
)
})
let url = format!("{}/artifact/{}", base_url, hash);
for attempt in 1..=RETRY_ATTEMPTS {
let result = client
.get(&url)
.send()
.and_then(|response| {
futures::future::ready(response.error_for_status())
})
.and_then(|response| response.json())
.await
.with_context(|| {
format!(
"failed to fetch hubris artifact {} from {}",
hash, base_url
)
});
match result {
Ok(data) => return Ok(data),
Err(err) => {
if attempt == RETRY_ATTEMPTS {
return Err(err);
} else {
warn!(logger, "fetching {} failed, retrying: {}", url, err);
}
}
}
}
unreachable!();
}

// These structs are similar to `DeserializeManifest` and friends from
Expand Down
6 changes: 5 additions & 1 deletion dev-tools/releng/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ use crate::job::Jobs;
/// the future.
const BASE_VERSION: Version = Version::new(9, 0, 0);

const RETRY_ATTEMPTS: usize = 3;

#[derive(Debug, Clone, Copy)]
enum InstallMethod {
/// Unpack the tarball to `/opt/oxide/<service-name>`, and install
Expand Down Expand Up @@ -234,7 +236,8 @@ async fn main() -> Result<()> {

let client = reqwest::ClientBuilder::new()
.connect_timeout(Duration::from_secs(15))
.timeout(Duration::from_secs(15))
.timeout(Duration::from_secs(120))
.tcp_keepalive(Duration::from_secs(60))
.build()
.context("failed to build reqwest client")?;

Expand Down Expand Up @@ -565,6 +568,7 @@ async fn main() -> Result<()> {
jobs.push(
format!("hubris-{}", name),
hubris::fetch_hubris_artifacts(
logger.clone(),
base_url,
client.clone(),
WORKSPACE_DIR.join(format!("tools/permslip_{}", name)),
Expand Down
Loading

0 comments on commit 76810d7

Please sign in to comment.