From 6ec6c714132948dc93d1583787c15afdd5c3253d Mon Sep 17 00:00:00 2001
From: John Starks <jostarks@microsoft.com>
Date: Fri, 23 May 2025 16:36:13 -0700
Subject: [PATCH 1/7] petri: don't write identical screenshots (#1409)

This should reduce artifact size for most test runs.
---
 petri/src/vm/openvmm/start.rs | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/petri/src/vm/openvmm/start.rs b/petri/src/vm/openvmm/start.rs
index d9f2a5a98ff..9d6847178fc 100644
--- a/petri/src/vm/openvmm/start.rs
+++ b/petri/src/vm/openvmm/start.rs
@@ -277,11 +277,11 @@ impl PetriVmConfigOpenVmm {
             let mut timer = PolledTimer::new(driver);
             let log_source = log_source.clone();
             tasks.push(driver.spawn("petri-watchdog-screenshot", async move {
-                let mut count = 0;
+                let mut image = Vec::new();
+                let mut last_image = Vec::new();
                 loop {
                     timer.sleep(Duration::from_secs(2)).await;
-                    count += 1;
-                    tracing::info!(count, "Taking screenshot.");
+                    tracing::info!("Taking screenshot.");
 
                     // Our framebuffer uses 4 bytes per pixel, approximating an
                     // BGRA image, however it only actually contains BGR data.
@@ -293,7 +293,7 @@ impl PetriVmConfigOpenVmm {
                     let (widthsize, heightsize) = (width as usize, height as usize);
                     let len = widthsize * heightsize * BYTES_PER_PIXEL;
 
-                    let mut image = vec![0; len];
+                    image.resize(len, 0);
                     for (i, line) in
                         (0..height).zip(image.chunks_exact_mut(widthsize * BYTES_PER_PIXEL))
                     {
@@ -304,6 +304,11 @@ impl PetriVmConfigOpenVmm {
                         }
                     }
 
+                    if image == last_image {
+                        tracing::info!("No change in framebuffer, skipping screenshot.");
+                        continue;
+                    }
+
                     let r = log_source
                         .create_attachment("screenshot.png")
                         .and_then(|mut f| {
@@ -321,8 +326,9 @@ impl PetriVmConfigOpenVmm {
                     if let Err(e) = r {
                         tracing::error!(?e, "Failed to save screenshot");
                     } else {
-                        tracing::info!(count, "Screenshot saved.");
+                        tracing::info!("Screenshot saved.");
                     }
+                    std::mem::swap(&mut image, &mut last_image);
                 }
             }));
         }

From 54e9dec0f7506e298fb399ee814f5f824100bcb1 Mon Sep 17 00:00:00 2001
From: John Starks <jostarks@microsoft.com>
Date: Tue, 27 May 2025 09:59:10 -0700
Subject: [PATCH 2/7] ci: add workflow to publish petri results to blob storage
 (#1412)

Automatically publish petri results to blob storage after a test
workflow runs. This will later make it easier to view petri logs,
without having to manually download artifacts or sift through the
actions log output.
---
 .github/workflows/upload-petri-results.yml | 83 ++++++++++++++++++++++
 1 file changed, 83 insertions(+)
 create mode 100644 .github/workflows/upload-petri-results.yml

diff --git a/.github/workflows/upload-petri-results.yml b/.github/workflows/upload-petri-results.yml
new file mode 100644
index 00000000000..47b1b74c50a
--- /dev/null
+++ b/.github/workflows/upload-petri-results.yml
@@ -0,0 +1,83 @@
+name: Upload Petri Test Results
+
+on:
+  workflow_run:
+    types: completed
+    workflows:
+      - "[flowey] OpenVMM CI"
+      - "[flowey] OpenVMM PR"
+
+permissions:
+  id-token: write
+  contents: read
+  actions: read  # Needed to download artifacts from other runs
+  pull-requests: write # Needed to create PR comments
+
+jobs:
+  upload-logs:
+    runs-on: ubuntu-latest
+    env:
+      BASE_URL: https://openvmmghtestresults.blob.core.windows.net/results
+
+    steps:
+      - name: Authenticate to Azure
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.OPENVMM_TEST_RESULT_CLIENT_ID }}
+          tenant-id: ${{ secrets.OPENVMM_TENANT_ID }}
+          subscription-id: ${{ secrets.OPENVMM_SUBSCRIPTION_ID }}
+
+      - name: Download matching artifacts
+        run: |
+          if [ "$event" = "pull_request" ]; then
+            echo "UPLOAD_PATH=pr/$run_id" >> "$GITHUB_ENV"
+          else
+            echo "UPLOAD_PATH=ci/$head_branch/$run_id" >> "$GITHUB_ENV"
+          fi
+          mkdir -p results
+          gh run \
+            -R "$repo" \
+            download "$run_id" \
+            -p "*-vmm-tests-logs" \
+            -D results
+          FAIL_COUNT=$(find results -name petri.failed | wc -l)
+          echo "FAIL_COUNT=$FAIL_COUNT" >> $GITHUB_ENV
+        env:
+          event: ${{ github.event.workflow_run.event }}
+          repo: ${{ github.event.workflow_run.repository.full_name }}
+          run_id: ${{ github.event.workflow_run.id }}
+          head_branch: ${{ github.event.workflow_run.head_branch }}
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Upload to Azure Blob Storage
+        run: |
+          az storage blob upload-batch \
+            --destination "$BASE_URL" \
+            --destination-path "$UPLOAD_PATH" \
+            --source results \
+            --auth-mode login
+
+          # Store a metadata blob in a separate portion of the hierarchy so that
+          # it can be cheaply queried.
+          az storage blob upload \
+            --blob-url "$BASE_URL/runs/$UPLOAD_PATH" \
+            --file /dev/null \
+            --metadata petrifailed="$FAIL_COUNT" \
+            --auth-mode login
+        env:
+          run_id: ${{ github.event.workflow_run.id }}
+
+      - name: Report failing tests
+        if: ${{ github.event.workflow_run.event == 'pull_request' && env.FAIL_COUNT > 0 }}
+        run: |
+          gh pr comment \
+            -R "$repo" \
+            "$pr" \
+            -F - <<EOF
+          [At least one Petri test failed.](https://openvmm.dev/test-results/index.html?run=$UPLOAD_PATH)
+          EOF
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          repo: ${{ github.event.workflow_run.repository.full_name }}
+          pr: ${{ github.event.workflow_run.pull_requests[0].number }}
+          run_id: ${{ github.event.workflow_run.id }}

From 30a0f2b1d9bfc408dc68797c5cd57ee1a8cb1271 Mon Sep 17 00:00:00 2001
From: Chris Oo <cho@microsoft.com>
Date: Tue, 27 May 2025 13:05:49 -0400
Subject: [PATCH 3/7] deps: update jiff to fix zoneinfo wsl searching (#1407)

If you cross compiled and ran inside wsl, you would be hit by
https://github.com/BurntSushi/jiff/issues/376. Pickup the fix for this,
so launching openhcl with openvmm doesn't take 10+ seconds to just
traverse a bunch of files over the wsl share.
---
 Cargo.lock | 8 ++++----
 Cargo.toml | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 95fe6eb39eb..b450c3e16b2 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -3551,9 +3551,9 @@ checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
 
 [[package]]
 name = "jiff"
-version = "0.2.10"
+version = "0.2.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5a064218214dc6a10fbae5ec5fa888d80c45d611aba169222fc272072bf7aef6"
+checksum = "a194df1107f33c79f4f93d02c80798520551949d59dfad22b6157048a88cca93"
 dependencies = [
  "jiff-static",
  "jiff-tzdb-platform",
@@ -3566,9 +3566,9 @@ dependencies = [
 
 [[package]]
 name = "jiff-static"
-version = "0.2.10"
+version = "0.2.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "199b7932d97e325aff3a7030e141eafe7f2c6268e1d1b24859b753a627f45254"
+checksum = "6c6e1db7ed32c6c71b759497fae34bf7933636f75a251b9e736555da426f6442"
 dependencies = [
  "proc-macro2",
  "quote",
diff --git a/Cargo.toml b/Cargo.toml
index 1abba1656d0..18c5a3ffb9e 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -455,7 +455,7 @@ igvm = {git = "https://github.com/microsoft/igvm", rev = "365065d7e31da0a0116e79
 igvm_defs = {git = "https://github.com/microsoft/igvm", rev = "365065d7e31da0a0116e7934de3ecd85f00bab70", default-features = false, features = [ "unstable" ]}
 image = { version = "0.25.1", default-features = false }
 io-uring = "0.7.4"
-jiff = "0.2"
+jiff = "0.2.14"
 kvm-bindings = "0.11.1"
 # Use of these specific REPO will go away when changes are taken upstream.
 landlock = "0.4.1"

From a5fa461ca6388abdeefd678e23aa61f59e0884c6 Mon Sep 17 00:00:00 2001
From: John Starks <jostarks@microsoft.com>
Date: Tue, 27 May 2025 10:25:38 -0700
Subject: [PATCH 4/7] petri: add and publish log viewer web tool (#1413)

Create a simple client-side HTML+JS solution for parsing and viewing
petri logs. Point it to the OpenVMM test results storage account, which
will soon be populated automatically. Publish it at
<https://openvmm.dev/test-results>.
---
 .github/workflows/openvmm-docs-ci.yaml        |  26 +-
 .../_jobs/consolidate_and_publish_gh_pages.rs |  11 +
 petri/logview/index.html                      | 175 +++++++
 petri/logview/test.html                       | 479 ++++++++++++++++++
 4 files changed, 689 insertions(+), 2 deletions(-)
 create mode 100644 petri/logview/index.html
 create mode 100644 petri/logview/test.html

diff --git a/.github/workflows/openvmm-docs-ci.yaml b/.github/workflows/openvmm-docs-ci.yaml
index 1a1e9bfd17c..db955d18925 100644
--- a/.github/workflows/openvmm-docs-ci.yaml
+++ b/.github/workflows/openvmm-docs-ci.yaml
@@ -556,14 +556,36 @@ jobs:
         echo "$AgentTempDirNormal/used_artifacts/x64-linux-rustdoc" | flowey v 3 'artifact_use_from_x64-linux-rustdoc' --is-raw-string update
         echo "$AgentTempDirNormal/used_artifacts/x64-windows-rustdoc" | flowey v 3 'artifact_use_from_x64-windows-rustdoc' --is-raw-string update
       shell: bash
-    - name: generate consolidated gh pages html
+    - name: check if openvmm needs to be cloned
       run: |-
         flowey e 3 flowey_core::pipeline::artifact::resolve 1
         flowey e 3 flowey_core::pipeline::artifact::resolve 2
         flowey e 3 flowey_core::pipeline::artifact::resolve 0
+        flowey e 3 flowey_lib_common::git_checkout 0
+        flowey v 3 'flowey_lib_common::git_checkout:0:flowey_lib_common/src/git_checkout.rs:469:80' --is-raw-string --condvar flowey_lib_common::git_checkout:1:flowey_lib_common/src/git_checkout.rs:470:46 write-to-env github floweyvar2
+        flowey v 3 'flowey_lib_common::git_checkout:1:flowey_lib_common/src/git_checkout.rs:470:46' write-to-env github FLOWEY_CONDITION
+      shell: bash
+    - id: flowey_lib_common__git_checkout__1
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: '1'
+        path: repo0
+        persist-credentials: ${{ env.floweyvar2 }}
+      name: checkout repo openvmm
+      if: ${{ fromJSON(env.FLOWEY_CONDITION) }}
+    - name: report cloned repo directories
+      run: |-
+        flowey v 3 'flowey_lib_common::git_checkout:4:flowey_core/src/node/github_context.rs:55:41' --is-raw-string update --env-source github.workspace <<EOF
+        ${{ github.workspace }}
+        EOF
+        flowey e 3 flowey_lib_common::git_checkout 3
+        flowey e 3 flowey_lib_hvlite::git_checkout_openvmm_repo 0
+      shell: bash
+    - name: generate consolidated gh pages html
+      run: |-
         flowey e 3 flowey_lib_hvlite::_jobs::consolidate_and_publish_gh_pages 0
         flowey e 3 flowey_lib_hvlite::_jobs::consolidate_and_publish_gh_pages 1
-        flowey v 3 'flowey_lib_hvlite::_jobs::consolidate_and_publish_gh_pages:1:flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs:94:39' --is-raw-string write-to-env github floweyvar1
+        flowey v 3 'flowey_lib_hvlite::_jobs::consolidate_and_publish_gh_pages:2:flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs:105:39' --is-raw-string write-to-env github floweyvar1
       shell: bash
     - id: flowey_lib_hvlite___jobs__consolidate_and_publish_gh_pages__2
       uses: actions/upload-pages-artifact@v3
diff --git a/flowey/flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs b/flowey/flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs
index 72d79382a9f..70bc076db50 100644
--- a/flowey/flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs
+++ b/flowey/flowey_lib_hvlite/src/_jobs/consolidate_and_publish_gh_pages.rs
@@ -32,6 +32,7 @@ impl SimpleFlowNode for Node {
 
     fn imports(ctx: &mut ImportCtx<'_>) {
         ctx.import::<flowey_lib_common::copy_to_artifact_dir::Node>();
+        ctx.import::<crate::git_checkout_openvmm_repo::Node>();
     }
 
     fn process_request(request: Self::Request, ctx: &mut NodeCtx<'_>) -> anyhow::Result<()> {
@@ -42,14 +43,18 @@ impl SimpleFlowNode for Node {
             output,
         } = request;
 
+        let repo = ctx.reqv(crate::git_checkout_openvmm_repo::req::GetRepoDir);
+
         let consolidated_html = ctx.emit_rust_stepv("generate consolidated gh pages html", |ctx| {
             let rendered_guide = rendered_guide.claim(ctx);
             let rustdoc_windows = rustdoc_windows.claim(ctx);
             let rustdoc_linux = rustdoc_linux.claim(ctx);
+            let repo = repo.claim(ctx);
             |rt| {
                 let rendered_guide = rt.read(rendered_guide);
                 let rustdoc_windows = rt.read(rustdoc_windows);
                 let rustdoc_linux = rt.read(rustdoc_linux);
+                let repo = rt.read(repo);
 
                 let consolidated_html = std::env::current_dir()?.join("out").absolute()?;
                 fs_err::create_dir(&consolidated_html)?;
@@ -78,6 +83,12 @@ impl SimpleFlowNode for Node {
                     consolidated_html.join("rustdoc/linux"),
                 )?;
 
+                // Make petri logview available under `openvmm.dev/test-results/`
+                flowey_lib_common::_util::copy_dir_all(
+                    repo.join("petri/logview"),
+                    consolidated_html.join("test-results"),
+                )?;
+
                 // as we do not currently have any form of "landing page",
                 // redirect `openvmm.dev` to `openvmm.dev/guide`
                 fs_err::write(consolidated_html.join("index.html"), REDIRECT)?;
diff --git a/petri/logview/index.html b/petri/logview/index.html
new file mode 100644
index 00000000000..c6dd79352c2
--- /dev/null
+++ b/petri/logview/index.html
@@ -0,0 +1,175 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Petri test results</title>
+    <style type="text/css">
+        body {
+            font-family: monospace;
+            font-size: 14px;
+        }
+    </style>
+    <script>
+        const baseUrl = "https://openvmmghtestresults.blob.core.windows.net/results";
+
+        const cross = "&#10060;"; // Cross for failed tests
+        const check = "&#9989;"; // Check for passed tests
+
+        function parseBlobs(xmlText) {
+            const parser = new DOMParser();
+            const xmlDoc = parser.parseFromString(xmlText, "text/xml");
+            const blobs = xmlDoc.getElementsByTagName("Blob");
+            let blobNames = [];
+            for (const blob of blobs) {
+                const name = blob.getElementsByTagName("Name")[0].textContent;
+                const date = new Date(blob.getElementsByTagName("Creation-Time")[0].textContent);
+                let metadata = {};
+                for (const meta of blob.getElementsByTagName("Metadata")) {
+                    const child = meta.children[0];
+                    metadata[child.tagName] = child.textContent;
+                }
+                blobNames.push({
+                    name: name,
+                    creationTime: date,
+                    metadata: metadata,
+                });
+            }
+            return blobNames;
+        }
+
+        // Get the blob list, which is in XML via a GET request.
+        function getTestList(runName) {
+            const url = `${baseUrl}?restype=container&comp=list&showonly=files&prefix=${encodeURIComponent(runName)}`;
+            fetch(url)
+                .then(response => response.text())
+                .then(data => {
+                    let blobs = parseBlobs(data);
+                    let run = {};
+                    for (const blob of blobs) {
+                        const nameParts = blob.name.split("/");
+                        let fileName = nameParts[nameParts.length - 1];
+                        let failed;
+                        if (fileName === "petri.passed") {
+                            failed = false;
+                        } else if (fileName === "petri.failed") {
+                            failed = true;
+                        } else {
+                            continue; // Not a test result file.
+                        }
+                        const testName = nameParts[nameParts.length - 2];
+                        const jobName = nameParts[nameParts.length - 3];
+                        const path = nameParts.slice(0, -3).join("/");
+                        const url = `test.html?run=${path}&job=${jobName}&test=${testName}`;
+                        if (!run[jobName]) {
+                            run[jobName] = {
+                                failed: false,
+                                tests: [],
+                            };
+                        }
+                        let job = run[jobName];
+                        job.failed |= failed;
+                        job.tests.push({
+                            name: testName,
+                            url: url,
+                            failed: failed,
+                        });
+                    }
+
+                    let failedHtml = "";
+                    let passingHtml = "";
+
+                    for (const job in run) {
+                        run[job].tests.sort((a, b) => {
+                            if (a.failed !== b.failed) {
+                                return a.failed ? -1 : 1; // Failed tests first.
+                            }
+                            return a.name.localeCompare(b.name); // Then by name.
+                        });
+                        let thisHtml = `<li>${job}<ul>`;
+                        for (const test of run[job].tests) {
+                            let icon = test.failed ? cross : check;
+                            thisHtml += `<li><a href="${test.url}">${icon} ${test.name}</a></li>`;
+                        }
+                        thisHtml += "</ul></li>";
+                        if (run[job].failed) {
+                            failedHtml += thisHtml;
+                        } else {
+                            passingHtml += thisHtml;
+                        }
+                    }
+
+                    let html = `<h2>Failed jobs</h2>
+                        <ul>${failedHtml}</ul>
+                        <h2>Passing jobs</h2>
+                        <ul>${passingHtml}</ul>`;
+
+                    document.getElementById("runList").innerHTML = html;
+                })
+                .catch(error => console.error('Error fetching blob list:', error));
+        }
+
+        function getRunList() {
+            const url = `${baseUrl}?restype=container&comp=list&showonly=files&include=metadata&prefix=runs/`;
+            fetch(url)
+                .then(response => response.text())
+                .then(data => {
+                    const blobs = parseBlobs(data);
+                    const runs = blobs.map(blob => {
+                        // Remove runs/ prefix.
+                        return {
+                            name: blob.name.replace(/^runs\//, ''),
+                            creationTime: blob.creationTime,
+                            failed: blob.metadata["petrifailed"],
+                        };
+                    });
+                    runs.sort((a, b) => b.creationTime - a.creationTime); // Sort by creation time, newest first.
+                    let html = `<table>
+                        <thead>
+                            <tr>
+                                <th>Time</th>
+                                <th>Run</th>
+                                <th>Failed</th>
+                            </tr>
+                        </thead>
+                        <tbody>`;
+                    for (const run of runs) {
+                        const marker = run.failed > 0 ? cross : check;
+                        html += `<tr>
+                            <td>${run.creationTime.toLocaleString()}</td>
+                            <td><a href="?run=${encodeURIComponent(run.name)}">${run.name} ${marker}</a></td>
+                            <td>${run.failed}</td>
+                        </tr>`;
+                    }
+                    html += "</table>";
+                    if (runs.length === 0) {
+                        html = "No runs found.";
+                    }
+                    document.getElementById("runList").innerHTML = html;
+                })
+                .catch(error => console.error('Error fetching run list:', error));
+        }
+
+        window.onload = function () {
+            const urlParams = new URLSearchParams(window.location.search);
+            const run = urlParams.get('run');
+            document.getElementById("runList").innerText = "Loading...";
+            if (run) {
+                document.getElementById("runName").innerText = run;
+                document.getElementById("backToRuns").innerHTML = `<a href="?">All runs</a>`;
+                getTestList(run);
+            } else {
+                document.getElementById("runName").innerText = "Runs";
+                getRunList();
+            }
+        };
+    </script>
+</head>
+
+<body>
+    <h1 id="runName">Loading</h1>
+    <div id="backToRuns"></div>
+    <div id="runList"></div>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/petri/logview/test.html b/petri/logview/test.html
new file mode 100644
index 00000000000..4b7688e1eb4
--- /dev/null
+++ b/petri/logview/test.html
@@ -0,0 +1,479 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Petri test results</title>
+    <style type="text/css">
+        body {
+            font-family: monospace;
+            font-size: 14px;
+        }
+
+        #logContainer table {
+            width: 100%;
+            border-collapse: collapse;
+        }
+
+        #logContainer th,
+        #logContainer td {
+            border: 1px solid #ddd;
+            padding: 6px 10px;
+            text-align: left;
+        }
+
+        #logContainer thead {
+            background-color: #f0f0f0;
+            font-weight: bold;
+        }
+
+        #logContainer tr.selected {
+            outline: 2px solid #007acc;
+            outline-offset: -2px;
+        }
+
+        /* Zebra striping for rows */
+        #logContainer tbody tr:nth-child(even) {
+            background-color: #fafafa;
+        }
+
+        #logContainer tbody tr:nth-child(odd) {
+            background-color: #ffffff;
+        }
+
+        /* Severity-based highlighting */
+        #logContainer tr.severity-ERROR td {
+            border-left: 4px solid #d00;
+            color: #900;
+        }
+
+        #logContainer tr.severity-WARN td {
+            border-left: 4px solid #d98e00;
+            color: #a65f00;
+        }
+
+        #logContainer tr.severity-INFO td {
+            border-left: 4px solid #007acc;
+            color: #004e7a;
+        }
+
+        #logContainer tr.severity-DEBUG td {
+            border-left: 4px solid #888;
+            color: #555;
+        }
+
+        #logContainer td.timestamp {
+            white-space: nowrap;
+        }
+
+        #filterBar {
+            position: sticky;
+            top: 0;
+            left: 0;
+            right: 0;
+            background: white;
+            display: flex;
+            justify-content: space-between;
+            /* left + right */
+            align-items: center;
+            padding: 8px 16px;
+            border-bottom: 1px solid #ccc;
+            z-index: 10;
+            box-sizing: border-box;
+        }
+
+        #testName {
+            font-weight: bold;
+            font-size: 16px;
+            white-space: nowrap;
+            overflow: hidden;
+            text-overflow: ellipsis;
+            max-width: 50%;
+        }
+
+        #filterWrapper {
+            position: relative;
+            display: inline-block;
+        }
+
+        #search {
+            font-size: 14px;
+            padding: 6px 28px 6px 10px;
+            /* leave space for the X */
+            border: 1px solid #ccc;
+            border-radius: 4px;
+            font-family: monospace;
+            min-width: 200px;
+        }
+
+        #clearFilter {
+            position: absolute;
+            right: 6px;
+            top: 50%;
+            transform: translateY(-50%);
+            background: none;
+            border: none;
+            font-size: 16px;
+            color: #888;
+            cursor: pointer;
+            padding: 0;
+            line-height: 1;
+        }
+
+        #clearFilter:hover {
+            color: #000;
+        }
+    </style>
+    <script>
+        function removeTimestamp(orig, entryTimestamp) {
+            const message = orig.trim();
+            const i = message.indexOf(" ");
+            if (i === -1) {
+                return orig;
+            }
+            let ts = message.slice(0, i);
+            if (ts.endsWith("s")) {
+                const secs = parseFloat(ts.slice(0, -1));
+                if (!isNaN(secs)) {
+                    return message.slice(i + 1);
+                }
+            }
+
+            if (ts.startsWith("[")) {
+                ts = ts.slice(1, -1);
+            }
+            const parsedTs = new Date(ts);
+            if (isNaN(parsedTs.getTime())) {
+                return orig;
+            }
+            parsedTs.setMilliseconds(0);
+            const truncatedTs = new Date(entryTimestamp.getTime());
+            truncatedTs.setMilliseconds(0);
+            if (parsedTs.getTime() !== truncatedTs.getTime()) {
+                return orig;
+            }
+            return message.slice(i + 1);
+        }
+
+        function replaceSeverity(orig, severity) {
+            // If the message starts with a severity level, remove it and also return it.
+            const severityLevels = ["ERROR", "WARN", "INFO", "DEBUG"];
+            const message = orig.trim();
+            for (const level of severityLevels) {
+                if (message.startsWith(level)) {
+                    return {
+                        message: message.slice(level.length + 1),
+                        severity: level
+                    };
+                }
+            }
+            // If no severity level is found, return the original message.
+            return {
+                message: orig,
+                severity: severity,
+            };
+        }
+
+        function formatRelative(from, to) {
+            const deltaMs = new Date(to) - new Date(from);
+            const sec = (deltaMs % 1000000) / 1000;
+            const min = Math.floor((deltaMs / 60000) % 60);
+            const hr = Math.floor(deltaMs / 3600000);
+
+            return `${hr > 0 ? hr + 'h ' : ''}${min}m ${sec}s`;
+        }
+
+        function ansiToHtml(str) {
+            const ANSI_STYLE_MAP = {
+                // Text styles
+                '1': 'font-weight: bold',
+                '3': 'font-style: italic',
+                '4': 'text-decoration: underline',
+
+                // Foreground colors
+                '30': 'color: black', '31': 'color: red', '32': 'color: green',
+                '33': 'color: #b58900', '34': 'color: blue', '35': 'color: magenta',
+                '36': 'color: cyan', '37': 'color: white',
+
+                '90': 'color: gray', '91': 'color: lightcoral', '92': 'color: lightgreen',
+                '93': 'color: gold', '94': 'color: lightskyblue', '95': 'color: plum',
+                '96': 'color: lightcyan', '97': 'color: white',
+
+                // Reset foreground
+                '39': 'color: inherit'
+            };
+
+            const ESC = '\u001b';
+            const ESC_REGEX = /\u001b\[([0-9;]*)m/g;
+
+            let result = '';
+            let lastIndex = 0;
+            let currentStyles = [];
+
+            const flush = (text) => {
+                if (!text) return;
+                if (currentStyles.length > 0) {
+                    result += `<span style="${currentStyles.join('; ')}">${escapeHtml(text)}</span>`;
+                } else {
+                    result += escapeHtml(text);
+                }
+            };
+
+            const escapeHtml = (text) => text
+                .replace(/&/g, '&amp;')
+                .replace(/</g, '&lt;')
+                .replace(/>/g, '&gt;');
+
+            for (const match of str.matchAll(ESC_REGEX)) {
+                const [fullMatch, codeStr] = match;
+                const index = match.index;
+
+                // Flush plain text before this escape sequence
+                flush(str.slice(lastIndex, index));
+
+                // Update styles
+                const codes = codeStr.split(';');
+                for (const code of codes) {
+                    if (code === '0') {
+                        currentStyles = [];
+                        continue;
+                    }
+                    const style = ANSI_STYLE_MAP[code];
+                    if (style) {
+                        // Replace style of the same type
+                        const type = style.split(':')[0];
+                        currentStyles = currentStyles.filter(s => !s.startsWith(type));
+                        currentStyles.push(style);
+                    }
+                }
+
+                lastIndex = index + fullMatch.length;
+            }
+
+            // Flush any trailing text
+            flush(str.slice(lastIndex));
+            return result;
+        }
+
+        let logEntries = [];
+
+        function getTestResults(run, job, test) {
+            const url = `https://openvmmghtestresults.blob.core.windows.net/results/${run}/${job}/${test}/petri.jsonl`;
+            console.log(url);
+            fetch(url)
+                .then(response => response.text())
+                .then(data => {
+                    let lines = data.split("\n").filter(line => line.trim() !== "").map(line => JSON.parse(line));
+                    lines.sort((a, b) => new Date(a.timestamp) - new Date(b.timestamp));
+                    let start;
+                    for (let i = 0; i < lines.length; i++) {
+                        const line = lines[i];
+
+                        const timestamp = line.timestamp;
+                        let message = line.message || "";
+                        let severity = line.severity || "INFO";
+                        const source = line.source || "unknown";
+
+                        if (!line.message) {
+                            console.log(line);
+                            continue;
+                        }
+
+                        if (!start) {
+                            start = line.timestamp;
+                        }
+                        const relative = formatRelative(start, timestamp);
+
+                        message = removeTimestamp(message, new Date(line.timestamp));
+
+                        const r = replaceSeverity(message, severity);
+                        message = r.message;
+                        severity = r.severity;
+
+                        message = ansiToHtml(message);
+
+                        logEntries.push({
+                            timestamp: timestamp,
+                            relative: relative,
+                            severity: severity,
+                            source: source,
+                            message: message
+                        });
+                    }
+
+                    prepTestResults();
+
+                })
+                .catch(error => console.error('Error fetching test results:', error));
+        }
+
+        function prepTestResults() {
+            const container = document.getElementById("logContainer");
+            container.innerHTML = `<table>
+                        <thead>
+                            <tr>
+                                <th>Timestamp</th>
+                                <th>Severity</th>
+                                <th>Source</th>
+                                <th>Message</th>
+                            </tr>
+                        </thead>
+                        <tbody id="logBody">
+                        </tbody>
+                        </table>
+                        `;
+
+            // Clear on X click
+            document.getElementById("clearFilter").addEventListener('click', () => {
+                input.value = '';
+                renderLogTable(logEntries);
+                input.focus();
+            });
+
+            document.addEventListener('keydown', (e) => {
+                const isMac = navigator.platform.toUpperCase().indexOf('MAC') >= 0;
+                const isF = e.key === 'f' || e.key === 'F';
+
+                if ((isMac && e.metaKey && isF) || (!isMac && e.ctrlKey && isF)) {
+                    e.preventDefault();
+                    searchInput.focus();
+                    searchInput.select();
+                    return;
+                }
+
+                if (e.key === 'Escape') {
+                    if (searchInput.value) {
+                        searchInput.value = '';
+                        renderLogs(logEntries);
+                    } else {
+                        searchInput.blur();
+                    }
+                }
+            });
+
+            renderLogs(logEntries);
+            const searchInput = document.getElementById("search");
+            searchInput.addEventListener("input", function () {
+                const tokens = tokenizeSearchQuery(this.value);
+                const filteredLogs = logEntries.filter(log => rowMatchesQuery(log, tokens));
+                renderLogs(filteredLogs);
+            });
+
+            enableRowSelectionAndCopy(container);
+
+        }
+
+        function renderLogs(filteredLogs) {
+            let html = "";
+            for (const log of filteredLogs) {
+                html += `<tr class="severity-${log.severity}">
+                        <td class="timestamp" title="${log.timestamp}">${log.relative}</td>
+                        <td>${log.severity}</td>
+                        <td>${log.source}</td>
+                        <td>${log.message}</td>
+                    </tr>`;
+
+            }
+            const logBody = document.getElementById("logBody");
+            logBody.innerHTML = html;
+        }
+
+        function tokenizeSearchQuery(query) {
+            // If there's an unmatched quote, pretend it's closed at the end
+            const quoteCount = (query.match(/"/g) || []).length;
+            if (quoteCount % 2 !== 0) {
+                query += '"';
+            }
+            const regex = /"([^"]+)"|(\S+)/g;
+            const tokens = [];
+            let match;
+            while ((match = regex.exec(query))) {
+                tokens.push(match[1] || match[2]);
+            }
+            return tokens;
+        }
+
+        function rowMatchesQuery(log, tokens) {
+            return tokens.every(token => {
+                const [prefix, ...rest] = token.split(':');
+                const term = rest.join(':').toLowerCase();
+
+                if (prefix === 'source') {
+                    return log.source.toLowerCase().includes(term);
+                } else if (prefix === 'severity') {
+                    return log.severity.toLowerCase().includes(term);
+                } else if (prefix === 'message') {
+                    return log.message.toLowerCase().includes(term);
+                } else {
+                    // general match
+                    return (
+                        log.source.toLowerCase().includes(token.toLowerCase()) ||
+                        log.severity.toLowerCase().includes(token.toLowerCase()) ||
+                        log.message.toLowerCase().includes(token.toLowerCase())
+                    );
+                }
+            });
+        }
+
+        function enableRowSelectionAndCopy(container) {
+            let selectedRow = null;
+
+            container.addEventListener('click', (e) => {
+                const row = e.target.closest('tr');
+                if (!row || !row.parentElement.matches('tbody')) return;
+
+                // Remove previous selection
+                if (selectedRow) selectedRow.classList.remove('selected');
+
+                // Select new row
+                selectedRow = row;
+                selectedRow.classList.add('selected');
+            });
+
+            document.addEventListener('copy', (e) => {
+                if (!selectedRow) return;
+                const selection = window.getSelection();
+                if (selection && selection.toString().trim()) return; // user selected text, let it be
+
+                // Copy text content of row, tab-separated
+                const cells = Array.from(selectedRow.querySelectorAll('td'));
+                const text = cells.map(td => td.textContent.trim()).join('\t');
+
+                e.clipboardData.setData('text/plain', text);
+                e.preventDefault();
+            });
+        }
+
+        window.onload = function () {
+            const urlParams = new URLSearchParams(window.location.search);
+            const run = urlParams.get('run');
+            const test = urlParams.get('test');
+            const job = urlParams.get('job');
+            if (!run || !test || !job) {
+                document.getElementById("runName").innerText = "No test specified";
+                return;
+            }
+            document.getElementById("runName").innerHTML = `<a href="index.html?run=${encodeURIComponent(run)}">${run}</a>`;
+            document.getElementById("jobName").innerText = job;
+            document.getElementById("testName").innerText = test;
+            document.getElementById("logContainer").innerText = "Loading...";
+            getTestResults(run, job, test);
+        };
+    </script>
+
+</head>
+
+<body>
+    <h1 id="runName">Loading</h1>
+    <h2 id="jobName"></h2>
+    <div id="filterBar">
+        <div id="testName"></div>
+        <div id="filterWrapper">
+            <input type="text" id="search" placeholder="Filter logs…" />
+            <button id="clearFilter" title="Clear filter">&times;</button>
+        </div>
+    </div>
+    <div id="logContainer"></div>
+</body>
+
+</html>
\ No newline at end of file

From ef03ec42a65c2a705cd4e9916bffbe362bc370ab Mon Sep 17 00:00:00 2001
From: Chris Oo <cho@microsoft.com>
Date: Tue, 27 May 2025 15:20:44 -0400
Subject: [PATCH 5/7] ci: fix trigger for upload petri test results (#1416)

This didn't seem to trigger, so try changing up the inputs to see if
it'll trigger now.
---
 .github/workflows/upload-petri-results.yml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/upload-petri-results.yml b/.github/workflows/upload-petri-results.yml
index 47b1b74c50a..dfd2fcae55c 100644
--- a/.github/workflows/upload-petri-results.yml
+++ b/.github/workflows/upload-petri-results.yml
@@ -2,10 +2,11 @@ name: Upload Petri Test Results
 
 on:
   workflow_run:
-    types: completed
+    types:
+      - completed
     workflows:
-      - "[flowey] OpenVMM CI"
-      - "[flowey] OpenVMM PR"
+      - '[flowey] OpenVMM CI'
+      - '[flowey] OpenVMM PR'
 
 permissions:
   id-token: write

From ced1562135db6a106e7a9fa83cb53f7ef3557580 Mon Sep 17 00:00:00 2001
From: John Starks <jostarks@microsoft.com>
Date: Tue, 27 May 2025 12:43:41 -0700
Subject: [PATCH 6/7] flowey: fix saving secret vars (#1417)

We are trying to write a non-JSON-formatted value to track that an
env-var-sourced variable is secret. Fix this by writing `null`. Also add
in some diagnostics and improve the in-memory variable representation to
avoid so many allocations.
---
 flowey/flowey_cli/Cargo.toml                  |  2 +-
 flowey/flowey_cli/src/cli/var_db.rs           |  2 +-
 .../flowey_cli/src/var_db/single_json_file.rs | 26 +++++++++----------
 3 files changed, 14 insertions(+), 16 deletions(-)

diff --git a/flowey/flowey_cli/Cargo.toml b/flowey/flowey_cli/Cargo.toml
index 7909b7cc731..525cb6feb2c 100644
--- a/flowey/flowey_cli/Cargo.toml
+++ b/flowey/flowey_cli/Cargo.toml
@@ -19,7 +19,7 @@ log.workspace = true
 parking_lot.workspace = true
 petgraph.workspace = true
 serde = { workspace = true, features = ["derive"] }
-serde_json.workspace = true
+serde_json = { workspace = true, features = ["raw_value"] }
 serde_yaml.workspace = true
 toml_edit = { workspace = true, features = ["serde"] }
 xshell.workspace = true
diff --git a/flowey/flowey_cli/src/cli/var_db.rs b/flowey/flowey_cli/src/cli/var_db.rs
index 1163f7a7831..0d2fb1f46db 100644
--- a/flowey/flowey_cli/src/cli/var_db.rs
+++ b/flowey/flowey_cli/src/cli/var_db.rs
@@ -273,7 +273,7 @@ impl VarDb {
                 if is_secret {
                     // Remember that this environment variable is secret so that
                     // it cannot be easily laundered into a non-secret variable.
-                    runtime_var_db.set_var(&env_source_name(&env), false, Vec::new());
+                    runtime_var_db.set_var(&env_source_name(&env), false, "null".into());
                 }
 
                 match backend {
diff --git a/flowey/flowey_cli/src/var_db/single_json_file.rs b/flowey/flowey_cli/src/var_db/single_json_file.rs
index 84a443fb45c..a80a5816e94 100644
--- a/flowey/flowey_cli/src/var_db/single_json_file.rs
+++ b/flowey/flowey_cli/src/var_db/single_json_file.rs
@@ -7,6 +7,8 @@ use anyhow::Context;
 use fs_err::File;
 use serde::Deserialize;
 use serde::Serialize;
+use serde_json::value::RawValue;
+use std::borrow::Cow;
 use std::collections::BTreeMap;
 use std::io::Seek;
 use std::io::Write;
@@ -15,8 +17,8 @@ use std::path::Path;
 /// On-disk format for the var db
 #[derive(Serialize, Deserialize)]
 #[serde(transparent)]
-struct VarDb {
-    vars: BTreeMap<String, (bool, serde_json::Value)>,
+struct VarDb<'a> {
+    vars: BTreeMap<String, (bool, Cow<'a, RawValue>)>,
 }
 
 /// Implements [`flowey_core::node::RuntimeVarDb`] backed by a JSON file.
@@ -47,7 +49,7 @@ impl SingleJsonFileVarDb {
         Ok(Self { file })
     }
 
-    fn load_db(&mut self) -> VarDb {
+    fn load_db(&mut self) -> VarDb<'static> {
         self.file.rewind().unwrap();
         serde_json::from_reader(&self.file).expect("corrupt runtime variable db")
     }
@@ -57,30 +59,26 @@ impl flowey_core::node::RuntimeVarDb for SingleJsonFileVarDb {
     fn try_get_var(&mut self, var_name: &str) -> Option<(Vec<u8>, bool)> {
         let db = self.load_db();
         let (is_secret, ref val) = *db.vars.get(var_name)?;
-        let val = val.to_string();
         if is_secret {
             log::debug!("[db] read var: {} = <secret>", var_name);
         } else {
             log::debug!("[db] read var: {} = {}", var_name, val);
         }
-        Some((val.into(), is_secret))
+        Some((val.get().into(), is_secret))
     }
 
     fn set_var(&mut self, var_name: &str, is_secret: bool, value: Vec<u8>) {
+        let value: &RawValue = serde_json::from_slice(&value)
+            .unwrap_or_else(|err| panic!("invalid JSON for var {}: {}", var_name, err));
         if is_secret {
             log::debug!("[db] set var: {} = <secret>", var_name)
         } else {
-            log::debug!(
-                "[db] set var: {} = {}",
-                var_name,
-                String::from_utf8_lossy(&value)
-            )
+            log::debug!("[db] set var: {} = {}", var_name, value)
         };
         let mut db = self.load_db();
-        let existing = db.vars.insert(
-            var_name.into(),
-            (is_secret, serde_json::from_slice(&value).unwrap()),
-        );
+        let existing = db
+            .vars
+            .insert(var_name.into(), (is_secret, Cow::Borrowed(value)));
         assert!(existing.is_none()); // all vars are one-time-write
         self.file.set_len(0).unwrap();
         self.file.rewind().unwrap();

From 4e13b6d60b14f6a74cd4dc2d06daf3acc23c7f07 Mon Sep 17 00:00:00 2001
From: John Starks <jostarks@microsoft.com>
Date: Tue, 27 May 2025 13:31:08 -0700
Subject: [PATCH 7/7] ci: escape special characters in workflow names (#1418)

This should do the trick.
---
 .github/workflows/upload-petri-results.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/upload-petri-results.yml b/.github/workflows/upload-petri-results.yml
index dfd2fcae55c..6cb03d3884b 100644
--- a/.github/workflows/upload-petri-results.yml
+++ b/.github/workflows/upload-petri-results.yml
@@ -5,8 +5,8 @@ on:
     types:
       - completed
     workflows:
-      - '[flowey] OpenVMM CI'
-      - '[flowey] OpenVMM PR'
+      - '\[flowey\] OpenVMM CI'
+      - '\[flowey\] OpenVMM PR'
 
 permissions:
   id-token: write