Skip to content

chore(everest-ci): bump build-kit base image version to debian13 #1381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 7 commits into
base: main
Choose a base branch
from
Draft

chore(everest-ci): bump build-kit base image version to debian13 #1381

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
a7a5073
tmp use branch
andistorm Sep 24, 2025
1bc8287
minor fix
andistorm Sep 24, 2025
b627f96
add include
andistorm Sep 24, 2025
d12989d
Fix openssl tests, changed behaviour of function openssl::base64_decode
andistorm Sep 25, 2025
1cc89d0
run integration tests in venv
andistorm Sep 29, 2025
95e53c0
switch to bash
andistorm Sep 29, 2025
3150c93
add --system-site-packages flag
andistorm Sep 29, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion .ci/build-kit/scripts/create_integration_image.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash

rsync -a "$EXT_MOUNT/source/tests" ./
retVal=$?
Expand All @@ -8,6 +8,22 @@ if [ $retVal -ne 0 ]; then
exit $retVal
fi

python3 -m venv "$EXT_MOUNT/venv" --system-site-packages
retVal=$?

if [ $retVal -ne 0 ]; then
echo "Failed to create virtual environment"
exit $retVal
fi

source "$EXT_MOUNT/venv/bin/activate"
retVal=$?

if [ $retVal -ne 0 ]; then
echo "Failed to activate virtual environment"
exit $retVal
fi

pip install --break-system-packages \
$EXT_MOUNT/wheels/everestpy-*.whl \
$EXT_MOUNT/wheels/everest_testing-*.whl \
Expand Down
18 changes: 17 additions & 1 deletion .ci/build-kit/scripts/create_ocpp_tests_image.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/bin/sh
#!/bin/bash

rsync -a "$EXT_MOUNT/source/tests" ./
retVal=$?
Expand All @@ -8,6 +8,22 @@ if [ $retVal -ne 0 ]; then
exit $retVal
fi

python3 -m venv "$EXT_MOUNT/venv" --system-site-packages
retVal=$?

if [ $retVal -ne 0 ]; then
echo "Failed to create virtual environment"
exit $retVal
fi

source "$EXT_MOUNT/venv/bin/activate"
retVal=$?

if [ $retVal -ne 0 ]; then
echo "Failed to activate virtual environment"
exit $retVal
fi

pip install --break-system-packages \
"$EXT_MOUNT"/wheels/everestpy-*.whl \
"$EXT_MOUNT"/wheels/everest_testing-*.whl \
Expand Down
9 changes: 8 additions & 1 deletion .ci/e2e/scripts/run_integration_tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
#!/bin/sh
#!/bin/bash

source "$EXT_MOUNT/venv/bin/activate"
retVal=$?
if [ $retVal -ne 0 ]; then
echo "Failed to activate virtual environment"
exit $retVal
fi

cd tests
pytest \
Expand Down
9 changes: 8 additions & 1 deletion .ci/e2e/scripts/run_ocpp_tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,11 @@
#!/bin/sh
#!/bin/bash

source "$EXT_MOUNT/venv/bin/activate"
retVal=$?
if [ $retVal -ne 0 ]; then
echo "Failed to activate virtual environment"
exit $retVal
fi

cd tests

Expand Down
3 changes: 2 additions & 1 deletion .github/workflows/build_and_test.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ on:
jobs:
ci:
name: Build, Lint and Test
uses: everest/everest-ci/.github/workflows/continuous_integration.yml@v1.4.6
uses: everest/everest-ci/.github/workflows/continuous_integration.yml@chore/update-to-debian-trixie
permissions:
contents: read
secrets:
Expand All @@ -30,6 +30,7 @@ jobs:
do_not_run_coverage_badge_creation: true
run_install_wheels: true
run_integration_tests: true
build_kit_base_image_tag: chore-update-to-debian-trixie
ocpp-tests:
name: OCPP Tests
needs:
Expand Down
12 changes: 6 additions & 6 deletions lib/everest/tls/tests/openssl_util_test.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -254,34 +254,34 @@
}

TEST(openssl, base64Decode) {
auto res = openssl::base64_decode(&iso_exi_a_hash_b64[0], sizeof(iso_exi_a_hash_b64));
auto res = openssl::base64_decode(iso_exi_a_hash_b64, std::strlen(iso_exi_a_hash_b64));

Check failure on line 257 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L257 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change needs to be reverted.
openssl::base64_decode() takes a constant pointer and a length - normally from a buffer of known size. It does not need to be null terminated.
And it if isn't null terminated then strlen() will not help.

ASSERT_EQ(res.size(), sizeof(iso_exi_a_hash));
EXPECT_EQ(std::memcmp(res.data(), &iso_exi_a_hash[0], res.size()), 0);
res = openssl::base64_decode(&iso_exi_sig_b64[0], sizeof(iso_exi_sig_b64));
res = openssl::base64_decode(iso_exi_sig_b64, std::strlen(iso_exi_sig_b64));

Check failure on line 260 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L260 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change needs to be reverted.
openssl::base64_decode() takes a constant pointer and a length - normally from a buffer of known size. It does not need to be null terminated.
And it if isn't null terminated then strlen() will not help.

ASSERT_EQ(res.size(), sizeof(iso_exi_sig));
EXPECT_EQ(std::memcmp(res.data(), &iso_exi_sig[0], res.size()), 0);

std::array<std::uint8_t, 512> buffer{};
std::size_t buffer_len = buffer.size();

EXPECT_TRUE(openssl::base64_decode(&iso_exi_a_hash_b64[0], sizeof(iso_exi_a_hash_b64), buffer.data(), buffer_len));
EXPECT_TRUE(openssl::base64_decode(iso_exi_a_hash_b64, std::strlen(iso_exi_a_hash_b64), buffer.data(), buffer_len));

Check failure on line 267 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L267 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above why strlen isn't a solution

ASSERT_EQ(buffer_len, sizeof(iso_exi_a_hash));
EXPECT_EQ(std::memcmp(buffer.data(), &iso_exi_a_hash[0], buffer_len), 0);
}

TEST(openssl, base64DecodeNl) {
auto res = openssl::base64_decode(&iso_exi_a_hash_b64_nl[0], sizeof(iso_exi_a_hash_b64_nl));
auto res = openssl::base64_decode(iso_exi_a_hash_b64_nl, std::strlen(iso_exi_a_hash_b64_nl));

Check failure on line 273 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L273 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above why strlen isn't a solution

ASSERT_EQ(res.size(), sizeof(iso_exi_a_hash));
EXPECT_EQ(std::memcmp(res.data(), &iso_exi_a_hash[0], res.size()), 0);
res = openssl::base64_decode(&iso_exi_sig_b64_nl[0], sizeof(iso_exi_sig_b64_nl));
res = openssl::base64_decode(iso_exi_sig_b64_nl, std::strlen(iso_exi_sig_b64_nl));

Check failure on line 276 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L276 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above why strlen isn't a solution

ASSERT_EQ(res.size(), sizeof(iso_exi_sig));
EXPECT_EQ(std::memcmp(res.data(), &iso_exi_sig[0], res.size()), 0);

std::array<std::uint8_t, 512> buffer{};
std::size_t buffer_len = buffer.size();

EXPECT_TRUE(
openssl::base64_decode(&iso_exi_a_hash_b64_nl[0], sizeof(iso_exi_a_hash_b64_nl), buffer.data(), buffer_len));
openssl::base64_decode(iso_exi_a_hash_b64_nl, std::strlen(iso_exi_a_hash_b64_nl), buffer.data(), buffer_len));

Check failure on line 284 in lib/everest/tls/tests/openssl_util_test.cpp

View check run for this annotation

Codacy Production / Codacy Static Code Analysis

lib/everest/tls/tests/openssl_util_test.cpp#L284 

Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see above why strlen isn't a solution

ASSERT_EQ(buffer_len, sizeof(iso_exi_a_hash));
EXPECT_EQ(std::memcmp(buffer.data(), &iso_exi_a_hash[0], buffer_len), 0);
}
Expand Down
2 changes: 2 additions & 0 deletions ...PowerSupplies/Huawei_V100R023C10/fusion_charger_lib/goose-lib/libs/goose/tests/sender.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

#include <goose/sender.hpp>

#include <algorithm>

class DummyEthernetInterface : public goose_ethernet::EthernetInterfaceIntf {
std::function<void(const uint8_t*, size_t)> send_callback;
std::function<std::vector<uint8_t>()> receive_callback;
Expand Down
Loading