Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start date explicit timezone to UTC for all files #210

Closed
wants to merge 3 commits into from
Closed

Start date explicit timezone to UTC for all files #210

wants to merge 3 commits into from

Conversation

mikaelarguedas
Copy link
Member

@mikaelarguedas mikaelarguedas commented May 7, 2020
edited
Loading

Less hacky atlernative to #209

@sloretz I don't know how to test this, could you please give this a round of CI to see if it works with ros2/ci#436 ?

One linux test at https://ci.ros2.org/job/ci_linux/10646, (actually not a useful test because ros2/system_tests#415 is far behind master)

@mikaelarguedas mikaelarguedas force-pushed the start-date-explicit-timezone branch from 4946465 to 897b112 Compare May 7, 2020 07:45
@codecov
Copy link

codecov bot commented May 7, 2020
edited
Loading

Codecov Report

Merging #210 into master will increase coverage by 0.03%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #210      +/-   ##
==========================================
+ Coverage   77.95%   77.98%   +0.03%     
==========================================
  Files          16       16              
  Lines         576      577       +1     
  Branches       52       52              
==========================================
+ Hits          449      450       +1     
  Misses        107      107              
  Partials       20       20
Flag Coverage Δ
#unittests 77.98% <100.00%> (+0.03%) ⬆️
Impacted Files Coverage Δ
sros2/sros2/api/_permission.py 93.18% <100.00%> (+0.15%) ⬆️
sros2/sros2/api/_utilities.py 86.48% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d4b32b4...897b112. Read the comment docs.

mikaelarguedas
mikaelarguedas commented May 7, 2020
View reviewed changes
sros2/sros2/api/_utilities.py
@@ -80,7 +80,7 @@ def build_key_and_cert(subject_name, *, ca=False, ca_key=None, issuer_name=''):
else:
extension = x509.BasicConstraints(ca=False, path_length=None)

utcnow = datetime.datetime.utcnow()
utcnow = datetime.datetime.now(datetime.timezone.utc)
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: the changes to the certificates (so here and in test_create_key.py) have no effect as the datetime used by python cryptography are considered naive and UTC. I added the UTC awareness just for consistency and in case cryptography supports timezones in the future

@kyrofa
Copy link
Member

kyrofa commented May 7, 2020

Yeah assuming this solves the issue I like this approach a lot better.

@sloretz
Copy link
Contributor

sloretz commented May 7, 2020

Tests failed on mini1 :(

The following tests FAILED:
	  7 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_comm_0 (Failed)
	  8 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_comm_1 (Failed)
	  9 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_comm_2 (Failed)
	 10 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_comm_3 (Failed)
	 11 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_0 (Failed)
	 12 - test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1 (Failed)
	 18 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_comm_0 (Failed)
	 19 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_comm_1 (Failed)
	 20 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_comm_2 (Failed)
	 21 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_comm_3 (Failed)
	 22 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_not_connecting_0 (Failed)
	 23 - test_secure_publisher_subscriber__UnboundedSequences__rmw_connext_cpp__secure_not_connecting_1 (Failed)
Errors while running CTest

@sloretz I don't know how to test this, could you please give this a round of CI to see if it works with ros2/ci#436

I've been manually testing on mini1. Process: checked out this branch in sros2, deleted sros2 and test_security folders in build/ and install/, rebuilt packages up to test_security, tested sros2 (tests passed with this PR), then tested test_security (tests) fail.

Output from one of the failing tests

      Start 12: test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1

12: Test command: /Users/osrf/jenkins-agent/workspace/test_ci_osx/venv/bin/python3 "-u" "/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_cmake_test/share/ament_cmake_test/cmake/run_test.py" "/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_results/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1.xunit.xml" "--package-name" "test_security" "--output-file" "/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/launch_test/CHANGEME.txt" "--env" "PATH="/Users/osrf/openssl-1.0.2n/x64Darwin17clang9.0/release/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ros2cli/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/foonathan_memory_vendor/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/launch_testing/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_uncrustify/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/uncrustify_vendor/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_xmllint/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_lint_cmake/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_index_python/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_cpplint/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_copyright/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_pep257/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_flake8/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/cyclonedds/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_cppcheck/bin:/Applications/rti_connext_dds-5.3.1/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/venv/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/Wireshark.app/Contents/MacOS:/usr/local/opt/qt/bin"" "--append-env" "DYLD_LIBRARY_PATH=/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security:/Users/osrf/openssl-1.0.2n/x64Darwin17clang9.0/release/lib" "--command" "/Users/osrf/jenkins-agent/workspace/test_ci_osx/venv/bin/python3" "-m" "launch_testing.launch_test" "/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1_.py" "--junit-xml=/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_results/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1.xunit.xml" "--package-name=test_security"
12: Test timeout computed to be: 20
12: -- run_test.py: extra environment variables:
12:  - PATH="/Users/osrf/openssl-1.0.2n/x64Darwin17clang9.0/release/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ros2cli/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/foonathan_memory_vendor/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/launch_testing/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_uncrustify/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/uncrustify_vendor/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_xmllint/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_lint_cmake/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_index_python/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_cpplint/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_copyright/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_pep257/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_flake8/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/cyclonedds/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/install/ament_cppcheck/bin:/Applications/rti_connext_dds-5.3.1/bin:/Users/osrf/jenkins-agent/workspace/test_ci_osx/venv/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/Wireshark.app/Contents/MacOS:/usr/local/opt/qt/bin"
12: -- run_test.py: extra environment variables to append:
12:  - DYLD_LIBRARY_PATH+=/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security:/Users/osrf/openssl-1.0.2n/x64Darwin17clang9.0/release/lib
12: -- run_test.py: invoking following command in '/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security':
12:  - /Users/osrf/jenkins-agent/workspace/test_ci_osx/venv/bin/python3 -m launch_testing.launch_test /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1_.py --junit-xml=/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_results/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1.xunit.xml --package-name=test_security
12: [INFO] [launch]: All log files can be found below /Users/osrf/.ros/log/2020-05-07-09-01-15-192014-mini1-13211
12: [INFO] [launch]: Default logging verbosity is set to INFO
12: test_subscriber_terminates_in_a_finite_amount_of_time (test_security.TestSecurePublisherSubscriber)
12: Test that the subscriber terminates after a finite amount of time. ... [INFO] [test_publisher-1]: process started with pid [13213]
12: [INFO] [test_subscriber-2]: process started with pid [13214]
12: [test_publisher-1] [INFO] [1588867275.365648956] [rcl]: Found security directory: /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test/test_security_files/enclaves/publisher
12: [test_publisher-1] 
12: [test_publisher-1] >>> [rcutils|error_handling.c:108] rcutils_set_error_state()
12: [test_publisher-1] This error state is being overwritten:
12: [test_publisher-1] 
12: [test_publisher-1]   'failed to create participant, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rmw_connext/rmw_connext_shared_cpp/src/node.cpp:281, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:277'
12: [test_publisher-1] 
12: [test_publisher-1] with this new error message:
12: [test_publisher-1] 
12: [test_publisher-1]   'rcl node's rmw handle is invalid, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:429'
12: [test_publisher-1] 
12: [test_publisher-1] rcutils_reset_error() should be called after error handling to avoid this.
12: [test_publisher-1] <<<
12: [test_publisher-1] [ERROR] [1588867275.497716538] [rcl]: Failed to fini publisher for node: 1
12: [test_publisher-1] should not have thrown!
12: [test_publisher-1] failed to initialize rcl node: rcl node's rmw handle is invalid, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:429
12: [ERROR] [test_publisher-1]: process has died [pid 13213, exit code 1, cmd '/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_secure_publisher_cpp Empty /'].
[Processing: test_security]
12: [INFO] [test_subscriber-2]: process has finished cleanly [pid 13214]
12: Processes under test stopped before tests completed
12: Process 'test_publisher-1' exited with 1
12: ##### 'test_publisher-1' output #####
12: [INFO] [1588867275.365648956] [rcl]: Found security directory: /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test/test_security_files/enclaves/publisher
12: 
12: 
12: >>> [rcutils|error_handling.c:108] rcutils_set_error_state()
12: This error state is being overwritten:
12: 
12:   'failed to create participant, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rmw_connext/rmw_connext_shared_cpp/src/node.cpp:281, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:277'
12: 
12: with this new error message:
12: 
12:   'rcl node's rmw handle is invalid, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:429'
12: 
12: rcutils_reset_error() should be called after error handling to avoid this.
12: <<<
12: [ERROR] [1588867275.497716538] [rcl]: Failed to fini publisher for node: 1
12: 
12: should not have thrown!
12: failed to initialize rcl node: rcl node's rmw handle is invalid, at /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/src/ros2/rcl/rcl/src/rcl/node.c:429
12: 
12: RTI Security Plugins Evaluation License issued to OSRF (OSRF01) ... For non-production use only.
12: Expires on 22-oct-2020 See www.rti.com for more information.
12: [CREATE Participant]RTI_Security_PermissionsGrant_isValidTime:now is before not_before of permissions file
12: [CREATE Participant]RTI_Security_AccessControl_validate_permissions:grant has invalid time
12: [CREATE Participant]RTI_Security_AccessControl_validate_local_permissions:failed to validate local permissions. XML file:
12: [CREATE Participant]RTI_Security_AccessControl_validate_local_permissions:/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test/test_security_files/enclaves/publisher/permissions.p7s
12: [CREATE Participant]DDS_DomainParticipantTrustPlugins_getLocalParticipantSecurityState:!security function validate_local_permissions returned NULL
12: [CREATE Participant]DDS_DomainParticipant_createI:!get local participant security state
12: [CREATE Participant]DDS_DomainParticipantFactory_create_participant_disabledI:!create participant
12: DDSDomainParticipant_impl::create_disabledI:!create participant
12: DDSDomainParticipant_impl::createI:!create participant
12: DomainParticipantFactory_impl::create_participant():!create failure creating participant
12: 
12: #####################################
12: ok
12: 
12: ----------------------------------------------------------------------
12: Ran 1 test in 11.421s
12: 
12: OK
12: -- run_test.py: return code 1
12: -- run_test.py: verify result file '/Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test_results/test_security/test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1.xunit.xml'
12/29 Test #12: test_secure_publisher_subscriber__Empty__rmw_connext_cpp__secure_not_connecting_1 ................***Failed   12.30 sec

And the validity section from /Users/osrf/jenkins-agent/workspace/test_ci_osx/ws/build/test_security/test/test_security_files/enclaves/publisher/permissions.p7s

      <validity>^M
        <not_before>2020-05-07T15:58:26+00:00</not_before>^M
        <not_after>2030-05-05T15:58:26+00:00</not_after>^M
      </validity>^M

@mikaelarguedas
Copy link
Member Author

no way! that's a shame :(

Well then I suggest to put this on standby and merge #209 to fix the nightlies

This was referenced May 7, 2020
Merged
Open
@mikaelarguedas
Copy link
Member Author

CLosing as not fixing the issue. Issue now tracked at #211

@mikaelarguedas mikaelarguedas deleted the start-date-explicit-timezone branch May 7, 2020 20:08
@mikaelarguedas mikaelarguedas mentioned this pull request May 7, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mikaelarguedas @kyrofa @sloretz