Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conformance + Load testing infrastructure #59

Open
phbnf opened this issue Nov 21, 2024 · 2 comments
Open

Conformance + Load testing infrastructure #59

phbnf opened this issue Nov 21, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@phbnf
Copy link
Collaborator

phbnf commented Nov 21, 2024

We need to both have a conformance and load test for the SCTFE binary.

Today, we have:

  • the certificate-transparency-go/.../ct_hammer tool. It allows to send generate and send add-chain and add-pre-chain requests, which work with the SCTFE with no modification. However, the read paths are not compatible, so it does not work as a conformance tool.
  • the trillian-tessera/.../hammer tool, which we use for conformance testing and load testing Tessera. To works with CT, it needs to:
    1. support different add endpoints: add-chain and add-prechain instead
    2. support different read endpoints for leaves, which are stored under /tile/data instead of /tile/entries
    3. parse leaf bundles in a different way, since they are sequences of TileLeaf, and instead of sequences of big-endian uint16 length-prefixed entries
    4. support static-ct api checkpoints, instead of classic checkpoints
    5. support generating certificates chains instead of generating regular entries. Note that these chains need to also be compatible with the nice deduplication tests that the hammer supports. That might be a bit of a challenge for CT given that certs generation might not be idempotent for various reasons.
@phbnf phbnf added the enhancement New feature or request label Nov 21, 2024
@phbnf
Copy link
Collaborator Author

phbnf commented Nov 21, 2024

A few weeks ago, I wrote two experiment PRs, that handled i, ii, iii, iv and v.

Changes for i, ii, iii, and iv are not that big, but may require further rearchitecturing shall we decide for the hammer tool to optionally supports CT with flags for instance.

I did something a bit special for v. that I think is out of scope of this issue (though it might be a nice-to-have): instead of generating chains locally, it plugged the certificate-transparency-go/.../scanlog tool into trillian-tessera/.../hammer. Since a lot of things have changed on the hammer since I wrote this, and especially that would impact point v. with respect to deduplication, I think that it won't work anymore. But I'll give it a go when I come around to it. For history and inspiration, here are the two PRs that resulted from this, which I have rebased on main/master.

@phbnf
Copy link
Collaborator Author

phbnf commented Dec 9, 2024

I spoke with Al and Roger today - let's start by updating certificate-transparency-go/.../scanlog changes to make sure that we implement v. appropriately and that it works well with the hammer. That will give us a fork of the hammer that supports CT, and we can take it from there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant