commit f714eeb4dffb9cdcfb72ddfceb3e6669f35cfd5e
author Andrew Walbran <qwandor@google.com> Wed Nov 30 11:15:56 2022 +0000
committer Andrew Walbran <qwandor@google.com> Tue May 09 14:35:48 2023 +0000
tree b6baa6729ac90696d9bb9b03a49805127f5e62cd
parent 13d5ebc5a3782b1b074cd5386e8b0d4fac1bc87b

Use ignorabletest for apkdmverity tests.

Bug: 260692911
Test: atest apkdmverity.test
Change-Id: I8927af0ee9f4c00a47efc714159bcbe305e1a63a

apkdmverity/Android.bp

diff --git a/apkdmverity/Android.bp b/apkdmverity/Android.bp
index 92b23a7..fae7e99 100644
--- a/apkdmverity/Android.bp
+++ b/apkdmverity/Android.bp
@@ -38,7 +38,10 @@
 
 rust_test {
     name: "apkdmverity.test",
-    defaults: ["apkdmverity.defaults"],
+    defaults: [
+        "apkdmverity.defaults",
+        "ignorabletest.defaults",
+    ],
     test_suites: ["general-tests"],
     compile_multilib: "first",
     rustlibs: [

apkdmverity/src/main.rs

diff --git a/apkdmverity/src/main.rs b/apkdmverity/src/main.rs
index b9b88d4..506af48 100644
--- a/apkdmverity/src/main.rs
+++ b/apkdmverity/src/main.rs
@@ -21,6 +21,8 @@
 //! system managed by the host Android which is assumed to be compromisable, it is important to
 //! keep the integrity of the file "inside" Microdroid.
 
+#![cfg_attr(test, allow(unused))]
+
 use anyhow::{bail, Context, Result};
 use apkverify::{HashAlgorithm, V4Signature};
 use clap::{arg, Arg, ArgAction, Command};
@@ -33,6 +35,7 @@
 use std::os::unix::fs::FileTypeExt;
 use std::path::{Path, PathBuf};
 
+#[cfg(not(test))]
 fn main() -> Result<()> {
     let matches = clap_command().get_matches();
 
@@ -150,12 +153,28 @@
 }
 
 #[cfg(test)]
+ignorabletest::test_main!(tests::all_tests());
+
+#[cfg(test)]
 mod tests {
     use crate::*;
+    use ignorabletest::{list_tests, test};
     use std::fs::{File, OpenOptions};
     use std::io::Write;
+    use std::ops::Deref;
     use std::os::unix::fs::FileExt;
 
+    list_tests! {all_tests: [
+        correct_inputs,
+        incorrect_apk,
+        incorrect_merkle_tree,
+        tampered_apk,
+        tampered_idsig,
+        inputs_are_block_devices,
+        correct_custom_roothash,
+        verify_command,
+    ]}
+
     struct TestContext<'a> {
         data_backing_file: &'a Path,
         hash_backing_file: &'a Path,
@@ -202,9 +221,6 @@
         roothash: Option<&[u8]>,
         check: fn(TestContext),
     ) {
-        if should_skip() {
-            return;
-        }
         let test_dir = tempfile::TempDir::new().unwrap();
         let (apk_path, idsig_path) = prepare_inputs(test_dir.path(), apk, idsig);
 
@@ -224,7 +240,7 @@
         });
     }
 
-    #[test]
+    test!(correct_inputs, ignore_if: should_skip());
     fn correct_inputs() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -237,7 +253,7 @@
     }
 
     // A single byte change in the APK file causes an IO error
-    #[test]
+    test!(incorrect_apk, ignore_if: should_skip());
     fn incorrect_apk() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -254,7 +270,7 @@
     }
 
     // A single byte change in the merkle tree also causes an IO error
-    #[test]
+    test!(incorrect_merkle_tree, ignore_if: should_skip());
     fn incorrect_merkle_tree() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -278,7 +294,7 @@
     // APK is not altered when the verity device is created, but later modified. IO error should
     // occur when trying to read the data around the modified location. This is the main scenario
     // that we'd like to protect.
-    #[test]
+    test!(tampered_apk, ignore_if: should_skip());
     fn tampered_apk() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -299,7 +315,7 @@
 
     // idsig file is not alread when the verity device is created, but later modified. Unlike to
     // the APK case, this doesn't occur IO error because the merkle tree is already cached.
-    #[test]
+    test!(tampered_idsig, ignore_if: should_skip());
     fn tampered_idsig() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -316,13 +332,8 @@
     }
 
     // test if both files are already block devices
-    #[test]
+    test!(inputs_are_block_devices, ignore_if: should_skip());
     fn inputs_are_block_devices() {
-        if should_skip() {
-            return;
-        }
-
-        use std::ops::Deref;
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
 
@@ -371,7 +382,7 @@
     }
 
     // test with custom roothash
-    #[test]
+    test!(correct_custom_roothash, ignore_if: should_skip());
     fn correct_custom_roothash() {
         let apk = include_bytes!("../testdata/test.apk");
         let idsig = include_bytes!("../testdata/test.apk.idsig");
@@ -393,7 +404,7 @@
         );
     }
 
-    #[test]
+    test!(verify_command);
     fn verify_command() {
         // Check that the command parsing has been configured in a valid way.
         clap_command().debug_assert();