From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: Thomas Haller <thaller@redhat.com>, netfilter-devel@vger.kernel.org
Subject: Re: [PATCH RFC] tests: add feature probing
Date: Wed, 6 Sep 2023 13:03:38 +0200 [thread overview]
Message-ID: <ZPhciq9YRuJfWAgT@calendula> (raw)
In-Reply-To: <20230906100440.GD9603@breakpoint.cc>
On Wed, Sep 06, 2023 at 12:04:40PM +0200, Florian Westphal wrote:
> Thomas Haller <thaller@redhat.com> wrote:
> > On Mon, 2023-09-04 at 10:53 +0200, Florian Westphal wrote:
> > > Thomas Haller <thaller@redhat.com> wrote:
> > > >
> > > >
> > > > But why this "nft -f" specific detection? Why not just executable
> > > > scripts?
> > >
> > > Because I want it to be simple,
> >
> > It does not seem "simple[r]" to me. The approach requires extra
> > infrastructure in run-test.sh, while being less flexible.
>
> I can add bla.nft and use nft --check -f bla.nft.
>
> Or, I can add bla.sh, which does
>
> exec $NFT -f - <<EOF
> table ...
> EOF
>
> I see zero reason why we can't add scripts later on if there
> are cases where flat-files don't work.
Agreed, we need this flexibility.
> At this point, its just more boilerplate to add a script wrapper
> around the .nft file.
>
> > > I could do that, but I don't see the need for arbitrary scripts so
> > > far.
> >
> > When building without JSON support, various tests fail, but should be
> > skipped.
> >
> > Could we detect JSON support via .nft files? Would we drop then a JSON
> > .nft file and change the check call to `nft --check -j`?).
>
> No, but the test that should be skipped can do
>
> $NFT -j list ruleset || exit 77
>
> as first line of the script, no need to load any files, nft will fail
> with error in case its not built with json support.
This is fine to start with.
> > Or maybe detection of JSON support needs to be a shell script (doing
> > `ldd "$NFT_REAL" | greq libjansson`)? In that case, we would have
> > features-as-shell-scripts very soon.
>
> Sure, I see no reason why to not have both. The flat files have the
> '*nft' suffix for a reason...
I think this feature approach you propose is good enough and it is
rather incremental and small.
next prev parent reply other threads:[~2023-09-06 11:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-31 13:51 [PATCH RFC] tests: add feature probing Florian Westphal
2023-09-01 11:58 ` Florian Westphal
2023-09-01 15:37 ` Thomas Haller
2023-09-04 8:53 ` Florian Westphal
2023-09-06 5:44 ` Thomas Haller
2023-09-06 10:04 ` Florian Westphal
2023-09-06 11:03 ` Pablo Neira Ayuso [this message]
2023-09-06 11:33 ` Thomas Haller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZPhciq9YRuJfWAgT@calendula \
--to=pablo@netfilter.org \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=thaller@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).