Currently, the firmware packer has pack_firmware_func/unittest.py, the updater has some primitive shell tests, and the signer has some primitive shell tests.
There is no easy mechanism to bring together all 3 components and test the complete lifecycle (since the components are so interdependent).
Currently, FAFT testing sort of does this, but it's highly coupled to a heavy test setup and doesn't fully invoke the signer features (it's all dev keys).
Goal is to do the following:
- Use config to generate a real keyset at runtime (with dev keys, but matching the actual signer keyset config structure)
- Pack the firmware
- Invoke the signer with the generated keyset config
- Invoke the updater and make various assertions about the state of the signed package
Comment 1 by jclinton@chromium.org
, Oct 17 2017