From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: Thomas Haller <thaller@redhat.com>, netfilter-devel@vger.kernel.org
Subject: Re: [PATCH RFC] tests: add feature probing
Date: Wed, 6 Sep 2023 13:03:38 +0200 [thread overview]
Message-ID: <ZPhciq9YRuJfWAgT@calendula> (raw)
In-Reply-To: <20230906100440.GD9603@breakpoint.cc>
On Wed, Sep 06, 2023 at 12:04:40PM +0200, Florian Westphal wrote:
> Thomas Haller <thaller@redhat.com> wrote:
> > On Mon, 2023-09-04 at 10:53 +0200, Florian Westphal wrote:
> > > Thomas Haller <thaller@redhat.com> wrote:
> > > >
> > > >
> > > > But why this "nft -f" specific detection? Why not just executable
> > > > scripts?
> > >
> > > Because I want it to be simple,
> >
> > It does not seem "simple[r]" to me. The approach requires extra
> > infrastructure in run-test.sh, while being less flexible.
>
> I can add bla.nft and use nft --check -f bla.nft.
>
> Or, I can add bla.sh, which does
>
> exec $NFT -f - <<EOF
> table ...
> EOF
>
> I see zero reason why we can't add scripts later on if there
> are cases where flat-files don't work.
Agreed, we need this flexibility.
> At this point, its just more boilerplate to add a script wrapper
> around the .nft file.
>
> > > I could do that, but I don't see the need for arbitrary scripts so
> > > far.
> >
> > When building without JSON support, various tests fail, but should be
> > skipped.
> >
> > Could we detect JSON support via .nft files? Would we drop then a JSON
> > .nft file and change the check call to `nft --check -j`?).
>
> No, but the test that should be skipped can do
>
> $NFT -j list ruleset || exit 77
>
> as first line of the script, no need to load any files, nft will fail
> with error in case its not built with json support.
This is fine to start with.
> > Or maybe detection of JSON support needs to be a shell script (doing
> > `ldd "$NFT_REAL" | greq libjansson`)? In that case, we would have
> > features-as-shell-scripts very soon.
>
> Sure, I see no reason why to not have both. The flat files have the
> '*nft' suffix for a reason...
I think this feature approach you propose is good enough and it is
rather incremental and small.
next prev parent reply other threads:[~2023-09-06 11:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-31 13:51 [PATCH RFC] tests: add feature probing Florian Westphal
2023-09-01 11:58 ` Florian Westphal
2023-09-01 15:37 ` Thomas Haller
2023-09-04 8:53 ` Florian Westphal
2023-09-06 5:44 ` Thomas Haller
2023-09-06 10:04 ` Florian Westphal
2023-09-06 11:03 ` Pablo Neira Ayuso [this message]
2023-09-06 11:33 ` Thomas Haller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZPhciq9YRuJfWAgT@calendula \
--to=pablo@netfilter.org \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=thaller@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.