petri: add ARM CCA test integration#3733
Merged
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a new Petri-based CCA emulation integration test and wires it into the Flowey pipeline, including artifact resolution via known paths and optional build-only execution.
Changes:
- Introduces a new
ccaintegration test binary that prepares a rootfs, injects artifacts, runs shrinkwrap, and monitors test output. - Adds new CCA artifacts to
petri_artifacts_vmm_testand resolves them viaOpenvmmKnownPathsTestArtifactResolver(with env var overrides). - Updates the CCA Flowey pipeline/job to optionally build artifacts only, or run the Petri
ccatest.
Reviewed changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| vmm_tests/vmm_tests/tests/cca.rs | New Petri CCA runtime test: rootfs prep, file injection, emulator lifecycle, output monitoring. |
| vmm_tests/vmm_tests/Cargo.toml | Registers new cca integration test target with harness = false. |
| vmm_tests/petri_artifacts_vmm_test/src/lib.rs | Declares CCA-specific artifacts for Petri resolution. |
| vmm_tests/petri_artifact_resolver_openvmm_known_paths/src/lib.rs | Adds known-path + env-var-based resolution for CCA artifacts; improves TMK binary discovery paths. |
| flowey/flowey_lib_hvlite/src/_jobs/local_run_cca_test.rs | Switches to running the Petri test via cargo test, adds --build-only behavior and env var wiring. |
| flowey/flowey_hvlite/src/pipelines/cca_tests.rs | Adds --build-only CLI option and passes it into the local CCA test job. |
Comment on lines
+510
to
+516
| Err(mpsc::RecvTimeoutError::Disconnected) => { | ||
| if let Some(status) = self.child.as_mut().try_wait()? { | ||
| anyhow::bail!( | ||
| "shrinkwrap output ended before CCA emulator output `{marker}` was observed: {status}" | ||
| ); | ||
| } | ||
| } |
Comment on lines
+475
to
+479
| loop { | ||
| if self.output.contains(marker) { | ||
| tracing::info!(marker, "observed CCA emulator output"); | ||
| return Ok(()); | ||
| } |
smalis-msft
approved these changes
Jun 15, 2026
Contributor
|
Please fix the fmt/clippy stuff, and respond to copilot's comments, but overall this seems fine to me to keep iterating on. |
weiding-msft
force-pushed
the
cca-dev-wei-petri-dev
branch
2 times, most recently
from
130397e to
3a50ecd
Compare
weiding-msft
force-pushed
the
cca-dev-wei-petri-dev
branch
from
3a50ecd to
7954ac1
Compare
Add a CCA Petri test target that prepares a temporary CCA rootfs, injects the Plane0 test artifacts, launches the shrinkwrap/FVP emulation, waits for the Plane0 shell, runs the TMK test command, and waits for the PASS marker. Move the CCA runtime execution out of the Flowey job and into the Petri test so the flow can reuse the existing vmm_tests artifact resolver and test harness. Flowey now builds tmk_vmm and simple_tmk, passes their paths through OPENVMM_CCA_* environment variables, and invokes the CCA Petri test. Teach the OpenVMM known-path artifact resolver about the CCA shrinkwrap artifacts and AArch64 TMK binaries, including Flowey-built output locations, so the test can be run either from xflowey or directly with cargo test. Also add a --build-only mode to compile the CCA test artifacts without launching the Petri emulator run. After the PASS marker is observed, force-stop the FVP emulator for the Petri test so emulator processes do not keep running and hold memory after the test completes. e.g. // only build the CCA test artifacts but no petri run cargo xflowey cca-tests --update-emu --rebuild-rootfs --build-only // run CCA test petri test cargo test -p vmm_tests --test cca
weiding-msft
force-pushed
the
cca-dev-wei-petri-dev
branch
from
7954ac1 to
51ec75a
Compare
Comment on lines
+465
to
+473
| fn env_path_or( | ||
| name: &str, | ||
| fallback: impl FnOnce() -> anyhow::Result<PathBuf>, | ||
| ) -> anyhow::Result<PathBuf> { | ||
| std::env::var_os(name) | ||
| .map(PathBuf::from) | ||
| .map(Ok) | ||
| .unwrap_or_else(fallback) | ||
| } |
Comment on lines
+900
to
+902
| if path.extension().is_some() { | ||
| continue; | ||
| } |
Comment on lines
+321
to
+328
| if mnt_dir.is_dir() { | ||
| if let Err(err) = run_sudo( | ||
| "force remove guest rootfs mount directory", | ||
| &[OsStr::new("rm"), OsStr::new("-rf"), mnt_dir.as_os_str()], | ||
| ) { | ||
| tracing::warn!(error = err.as_ref() as &dyn std::error::Error, "{err:#}"); | ||
| } | ||
| } |
Comment on lines
+382
to
+389
| let stdout = String::from_utf8(output.stdout).context("pgrep output was not utf-8")?; | ||
| for line in stdout.lines() { | ||
| let pid = line | ||
| .parse::<u32>() | ||
| .with_context(|| format!("failed to parse pgrep pid `{line}`"))?; | ||
| tracing::info!(pid, rootfs = %rootfs_file.display(), "found CCA FVP process for test rootfs"); | ||
| terminate_process(pid, "TERM")?; | ||
| } |
smalis-msft
approved these changes
Jun 17, 2026
Contributor
|
At some point we'll want CI to set up the emulator to run this test, but we can definitely do that later. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add a CCA Petri test target that prepares a temporary CCA rootfs, injects the Plane0 test artifacts, launches the shrinkwrap/FVP emulation, waits for the Plane0 shell, runs the TMK test command, and waits for the PASS marker.
Move the CCA runtime execution out of the Flowey job and into the Petri test so the flow can reuse the existing vmm_tests artifact resolver and test harness. Flowey now builds tmk_vmm and simple_tmk, passes their paths through OPENVMM_CCA_* environment variables, and invokes the CCA Petri test.
Teach the OpenVMM known-path artifact resolver about the CCA shrinkwrap artifacts and AArch64 TMK binaries, including Flowey-built output locations, so the test can be run either from xflowey or directly with cargo test.
Also add a --build-only mode to compile the CCA test artifacts without launching the Petri emulator run.
After the PASS marker is observed, force-stop the FVP emulator for the Petri test so emulator processes do not keep running and hold memory after the test completes.
e.g.
// only build the CCA test artifacts but no petri run
cargo xflowey cca-tests --update-emu --rebuild-rootfs --build-only
// run CCA test petri test
cargo test -p vmm_tests --test cca -- --exact cca_runtime