Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ngclient: Improve testing (status tracker issue) #1462

Closed
jku opened this issue Jun 22, 2021 · 4 comments
Closed

ngclient: Improve testing (status tracker issue) #1462

jku opened this issue Jun 22, 2021 · 4 comments
Assignees
@sechkova
Labels
backlog Issues to address with priority for current development goals ngclient testing
Milestone
Sprint 8

Comments

@jku
Copy link
Member

jku commented Jun 22, 2021

I thought we had an issue for this but could not find one...

The ngclient (both updater and TrustedMetadataSet) testing is inadequate. At a minimum we need to:

  • write tests to handle missing lines reported by coverage
  • go through the existing updater tests, see if we want to use them and/or if we want to reproduce them

It probably makes sense to file individual issues for smaller pieces of this work and report the overall status back in this issue?

There's some R&D to be done here:
@jku jku mentioned this issue Jun 22, 2021
Merged
@joshuagl
Copy link
Member

I really like the idea of a shared test suite that different implementations can test against and know whether they behave the same way.

I also think we should have tests (perhaps full systems tests, though not if entirely unnecessary) that demonstrate the protections against the attacks TUF was designed to protect against.

@jku
Copy link
Member Author

jku commented Jun 22, 2021
edited
Loading

Yes! the fixture idea is interesting as well, someone needs to get familiar with it: https://github.com/php-tuf/php-tuf/

We should prioritize the more unit testy things (while we don't have the coverage), but nothing prevents looking at this while that happens...

@jku jku mentioned this issue Jun 23, 2021
Closed
@sechkova sechkova added the backlog Issues to address with priority for current development goals label Jun 23, 2021
@MVrachev MVrachev mentioned this issue Jun 23, 2021
Closed
@MVrachev MVrachev mentioned this issue Jul 15, 2021
Closed
@sechkova
Copy link
Contributor

sechkova commented Sep 1, 2021
edited
Loading

Work has already progressed with ngclient testing:

However we are far from ready, after the above two are resolved, there is:

  • Going through the existing updater tests, see if we want to use them and/or if we want to reproduce them
  • Write system tests demonstrating protection against "attacks TUF was designed to protect against".
  • Evaluate the fixture idea and a shared test suit between implementations

I am not closing this issue since it contains good discussing and links, I will update the description to mark it as a placeholder and status tracker.

@sechkova sechkova changed the title ngclient: Improve testing ngclient: Improve testing (status tracker issue) Sep 1, 2021
@sechkova sechkova self-assigned this Sep 15, 2021
@sechkova sechkova added this to the Sprint 8 milestone Sep 15, 2021
@sechkova
Copy link
Contributor

Closing in favour of #1579.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sechkova sechkova

Labels
backlog Issues to address with priority for current development goals ngclient testing
Projects
None yet
Milestone
Sprint 8
Development

No branches or pull requests
3 participants
@jku @joshuagl @sechkova