We don't actually need write permission, so going with least privilege
principle. We have observed some mysterious permission denied errors on server environments. Without detailed logs or access to the server it's hard to pinpoint what the root cause is. This is an attempt/hypothesis to fix the permission denied error.
Test: th
Bug: 283033491
Change-Id: I52dc360d593aab57c749109994bf3e1e3625d0ce
The namespace and flag names will be used as identifiers in the
auto-generated code. Place restrictions on what constitutes a valid
name.
Valid identifiers are those that match /[a-z][a-z0-9_]/. aconfig
explicitly does not implement any automatic translation to make names
valid identifiers: this sidesteps potential conflicts such as "foo.bar"
and "foo_bar" mapping to the same name if dots were translated to
underscores.
Bug: b/284252015
Test: atest aconfig.test
Change-Id: I38d005a74311e5829e540063404d1565071e6e96
Add a new `create-rust-lib` command to generate Rust code. The output is
a src/lib.rs file; the build system is assumed to set the generated
crate's name.
For READ_ONLY flags, the generated code returns a hard-coded true or false.
For READ_WRITE flags, the generated code reaches out to DeviceConfig via
the cc_library server_configurable_flags via the
libprofcollect_libflags_rust Rust bindings. The build system is assumed
to add this to the generated crate's dependencies.
Note: libprofcollect_libflags_rust seems generic enough that it should
be moved to an official Rust wrapper for server_configurable_flags. This
is tracked in b/284096062.
Summary of module the built system is assumed to wrap the auto-generated
code in:
rust_library {
name: "lib<namespace>_rs",
crate_name: "<namespace>_rs",
edition: "2021",
clippy_lints: "none",
no_stdlibs: true,
lints: "none",
srcs: ["src/lib.rs"],
rustlibs: [
"libprofcollect_libflags_rust",
],
}
Also add a set of test input to be used in the unit tests for a more
coherent test strategy. A follow-up CL will migrate the code in
commands.rs, codegen_java.rs and codegen_cpp.rs.
Bug: 279483360
Bug: 283907905
Test: atest aconfig.test
Test: manual: create cache from files in testdata, create rust lib, add to module template above, verify the module builds
Change-Id: I02606aa3686eda921116e33f7e2df8fd1156a7aa
Introduce a builder pattern for constructing a cache from flag
declarations and flag values. Teach the builder to sort the flags by
name as the last step. This will ensure consistent dump output
regardless of the order flags are specified in the input files.
Bug: 279485059
Test: atest aconfig.test
Change-Id: Icdd62f51fa3761a469663f17581a83d9909e9ffe
Teach `aconfig dump` to read multiple caches at the same time.
A cache represents a single namespace, and the Android build creates
multiple caches for different namespaces. By passing in all those cache
files to `aconfig dump`, aconfig will create a complete overview of all
flags in the Android tree.
Caches are traversed in order of namespace to produce the same output
regardless of the order the cache files are given on the command line.
If two caches use the same namespace, their order with respect to each
other is undefined.
Bug: 279485059
Test: atest aconfig.test
Change-Id: I54c3950bbb7b2be7d96c8928e78ae83aa626c2e2
The whole GTS-Verifier will be removed. Before that, remove GTS-V
license check first.
Ignore-AOSP-First: This CL must be submit with other CLs in the topic to avoid breaking the test. This CL will be cherry pick to AOSP after submitting.
Bug: 283384166
Test: m gts
Change-Id: I5bc8c1f4609f55cedd5bfbed014b65de164e2b16
1) Use output file path of installed files in build system since there is no PRODUCT_OUT in Bazel
2) Use CONTAINS to describe the relationship between a APEX and files it contains
3) Generate SBOM of APEXs, which is similar to SBOM of products
Bug: 275472038
Test: CIs
(cherry picked from https://android-review.googlesource.com/q/commit:fd7e6517d345d3b8d4af12dae345434d968b83b9)
Merged-In: I41622366e5e6ed9dc78cca7bc7bb69a1f8f9bd9f
Change-Id: I41622366e5e6ed9dc78cca7bc7bb69a1f8f9bd9f
Add options to handle custom payload signer as it is required in
merge_ota.py as well if the original OTA packages are signed by
the signer.
If input is only one OTA, clone apex_info.pb to the target.
Use common.ZipWriteStr instead of zipfile.writestr, this ensures
that the same permission for the entries as done by
ota_from_target_files.
Bug: 282189563
Test: manual. pass single OTA to merge_ota, with same signing
parameters as originally used. Confirm that output zip is
binary identical to input.
(cherry picked from https://android-review.googlesource.com/q/commit:1f93ce20c5a5f3e7c2f6b5e1f9fdc4d2572220cc)
Merged-In: I3b926b8cd69bc74dff6ccf8b5ccc72bedffcac6f
Change-Id: I3b926b8cd69bc74dff6ccf8b5ccc72bedffcac6f
Adding an option to configure max number of threads used during
ota_from_target_files
Bug: 277794445
Test: tested ota_from_target_files
(cherry picked from https://android-review.googlesource.com/q/commit:a30989bafa820faf24eca7e11e48f8f122d7991f)
Merged-In: I9bae92ee43c21926434ab04563a2b4f0678b73eb
Change-Id: I9bae92ee43c21926434ab04563a2b4f0678b73eb
this patch is necessary for partner to improve OTA generation b/277794445
The general idea to reuse java codegen's very neat tiny template idea.
For generated cpp code, it is in the form of a collection of classes
inside a namespace. The reason we choose a collection of classes rather
than a collection of static functions is because gmock test technology
only supports mocking virtual method.
Bug: b/279483801
Test: atest aconfig.test
Change-Id: I9ba00667437ff7c3e147ff2828171fc95528bebf
