[meta-parsec][PATCH 1/3] meta-parsec: Add pkg grps

[meta-parsec][PATCH 1/3] meta-parsec: Add pkg grps

[Armin Kuster]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../packagegroup-security-parsec.bb           | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb

diff --git a/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb
new file mode 100644
index 0000000..a8affcd
--- /dev/null
+++ b/meta-parsec/recipes-core/packagegroups/packagegroup-security-parsec.bb
@@ -0,0 +1,26 @@
+DESCRIPTION = "Parsec Security packagegroup for Poky"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302 \
+                    file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+inherit packagegroup
+
+PACKAGES = "\
+    packagegroup-security-parsec \
+    packagegroup-security-parsec-tpm2 \
+    "
+
+SUMMARY:packagegroup-security-parsec = "Security Parsec"
+RDEPENDS:packagegroup-security-parsec = "\
+    softhsm \
+    parsec-tool \
+    parsec-service \
+    "
+
+SUMMARY:packagegroup-security-parsec-tpm2 = "Parsec Security TPM 2.0 support"
+RDEPENDS:packagegroup-security-parsec-tpm2 = " \
+    tpm2-tools \
+    libtss2 \
+    tpm2-abrmd \
+    swtpm \
+    "
-- 
2.25.1

[meta-parsec][PATCH 2/3] meta-parsec: add build image.

[Armin Kuster]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../recipes-core/images/security-parsec-image.bb  | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 meta-parsec/recipes-core/images/security-parsec-image.bb

diff --git a/meta-parsec/recipes-core/images/security-parsec-image.bb b/meta-parsec/recipes-core/images/security-parsec-image.bb
new file mode 100644
index 0000000..547b687
--- /dev/null
+++ b/meta-parsec/recipes-core/images/security-parsec-image.bb
@@ -0,0 +1,15 @@
+DESCRIPTION = "A small image for building meta-parsec packages"
+
+inherit core-image
+
+IMAGE_FEATURES += "ssh-server-openssh"
+
+IMAGE_INSTALL = "\
+    packagegroup-base \
+    packagegroup-core-boot \
+    packagegroup-security-parsec \
+    os-release" 
+
+export IMAGE_BASENAME = "security-parsec-image"
+
+IMAGE_ROOTFS_EXTRA_SPACE = "5242880"
-- 
2.25.1

[meta-parsec][PATCH 3/3] oeqa: add parsec runtime tests

[Armin Kuster]

Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 meta-parsec/lib/oeqa/runtime/cases/parsec.py | 32 ++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 meta-parsec/lib/oeqa/runtime/cases/parsec.py

diff --git a/meta-parsec/lib/oeqa/runtime/cases/parsec.py b/meta-parsec/lib/oeqa/runtime/cases/parsec.py
new file mode 100644
index 0000000..d07028c
--- /dev/null
+++ b/meta-parsec/lib/oeqa/runtime/cases/parsec.py
@@ -0,0 +1,32 @@
+# Copyright (C) 2022 Armin Kuster <akuster808@gmail.com>
+#
+import re
+
+from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.decorator.depends import OETestDepends
+from oeqa.runtime.decorator.package import OEHasPackage
+
+class ParsecTest(OERuntimeTestCase):
+    @OEHasPackage(['parsec-service'])
+    @OETestDepends(['ssh.SSHTest.test_ssh'])
+    def test_parsec_service(self):
+        toml_file = '/etc/parsec/config.tom'
+        status, output = self.target.run('echo -n library_path = "/usr/lib/softhsm/libsofthsm2.so" >> %s' %(toml_file))
+        status, output = self.target.run('echo -n slot_number = 0 >> %s' %(toml_file))
+        status, output = self.target.run('echo -n user_pin = "123456" >> %s' %(toml_file))
+        cmds = [
+                '/etc/init.d/parsec stop',
+                'sleep 5',
+                'softhsm2-util --init-token --slot 0 --label "Parsec Service" --pin 123456 --so-pin 123456',
+                'for d in /var/lib/softhsm/tokens/*; do chown -R parsec $d; done', 
+                'mkdir /tmp/myvtpm',
+                'swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --ctrl type=tcp,port=2322 --server type=tcp,port=2321 --flags not-need-init &',
+                'export TPM2TOOLS_TCTI="swtpm:port=2321"',
+                'tpm2_startup -c',
+                'sleep 2',
+                '/etc/init.d/parsec start',
+               ]
+
+        for cmd in cmds:
+            status, output = self.target.run(cmd)
+            self.assertEqual(status, 0, msg='\n'.join([cmd, output]))
-- 
2.25.1

Re: [meta-parsec][PATCH 3/3] oeqa: add parsec runtime tests

[Anton Antonov]

[-- Attachment #1: Type: text/plain, Size: 573 bytes --]

Hi Amir,

Thank you very much for adding Parsec runtime testing.

I have a few small comments:

1. You defined the security Parsec image without TPM (with packagegroup-security-parsec group) , but in the runtime tests you use TPM. Shouldn't you use an image with packagegroup-security-parsec-tpm2 group instead?
2. Could you add 'parsec-cli-tests.sh' script after "parsec start" in the "cmds" list. This script runs end-to-end tests against Parsec service. The script is a part of the parsec-tool package and it's already included into the image

Regards,
Anton

[-- Attachment #2: Type: text/html, Size: 1584 bytes --]