Skip to content

ci: Add rolling update kind testing#480

Merged
fegmorte merged 29 commits intomainfrom
fred/ci/testing-rolling-update-mix
Apr 2, 2026
Merged

ci: Add rolling update kind testing#480
fegmorte merged 29 commits intomainfrom
fred/ci/testing-rolling-update-mix

Conversation

@fegmorte
Copy link
Copy Markdown
Contributor

@fegmorte fegmorte commented Mar 25, 2026

Description of changes

Issue ticket number and link

PR Checklist

I attest that all checked items are satisfied. Any deviation is clearly justified above.

  • Title follows conventional commits (e.g. chore: ...).
  • Tests added for every new pub item and test coverage has not decreased.
  • Public APIs and non-obvious logic documented; unfinished work marked as TODO(#issue).
  • unwrap/expect/panic only in tests or for invariant bugs (documented if present).
  • No dependency version changes OR (if changed) only minimal required fixes.
  • No architectural protocol changes OR linked spec PR/issue provided.
  • No breaking deployment config changes OR devops label + infra notified + infra-team reviewer assigned.
  • No breaking gRPC / serialized data changes OR commit marked with ! and affected teams notified.
  • No modifications to existing versionized structs OR backward compatibility tests updated.
  • No critical business logic / crypto changes OR ≥2 reviewers assigned.
  • No new sensitive data fields added OR Zeroize + ZeroizeOnDrop implemented.
  • No new public storage data OR data is verifiable (signature / digest).
  • No unsafe; if unavoidable: minimal, justified, documented, and test/fuzz covered.
  • Strongly typed boundaries: typed inputs validated at the edge; no untyped values or errors cross modules.
  • Self-review completed.

Dependency Update Questionnaire (only if deps changed or added)

Answer in the Cargo.toml next to the dependency (or here if updating):

  1. Ownership changes or suspicious concentration?
  2. Low popularity?
  3. Unusual version jump?
  4. Lacking documentation?
  5. Missing CI?
  6. No security / disclosure policy?
  7. Significant size increase?

More details and explanations for the checklist and dependency updates can be found in CONTRIBUTING.md

@cla-bot cla-bot bot added the cla-signed The CLA has been signed. label Mar 25, 2026
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 25, 2026
View reviewed changes
@github-actions
Copy link
Copy Markdown

github-actions bot commented Mar 25, 2026
edited
Loading

Consolidated Tests Results 2026-04-02 - 11:35:16

Test Results

passed 1053 passed

Details

tests 1053 tests
clock not captured
tool junit-to-ctrf
build main arrow-right test-reporter link #3724
pull-request ci: Add rolling update kind testing link #480

test-reporter: Run #3724

Tests 📝 Passed ✅ Failed ❌ Skipped ⏭️ Pending ⏳ Other ❓ Flaky 🍂 Duration ⏱️
1053 1053 0 0 0 0 0 not captured

🎉 All tests passed!

Tests

View All Tests
Test Name Status Flaky Duration
backup::custodian::tests::invalid_threshold_should_fail 7ms
client::tests::testing_infra_tests::test_threshold_material_validation 6ms
client::tests::threshold::crs_gen_tests::secure_threshold_crs 9m 17s
client::tests::threshold::crs_gen_tests::test_crs_gen_threshold 1m 11s
client::tests::threshold::crs_gen_tests::test_insecure_crs_gen_threshold 1m 6s
client::tests::threshold::custodian_backup_tests::test_auto_update_backups_threshold::case_1 2m 35s
client::tests::threshold::custodian_backup_tests::test_auto_update_backups_threshold::case_2 2m 30s
client::tests::threshold::custodian_backup_tests::test_backup_after_crs_threshold::case_1 48.7s
client::tests::threshold::custodian_backup_tests::test_backup_after_crs_threshold::case_2 48.7s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold::case_1 11.3s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold::case_2 11.3s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold_negative 4.6s
client::tests::threshold::custodian_context_tests::test_new_custodian_context_threshold::case_1 9.0s
client::tests::threshold::custodian_context_tests::test_new_custodian_context_threshold::case_2 9.0s
client::tests::threshold::key_gen_tests::default_insecure_dkg::case_1 2m 53s
client::tests::threshold::key_gen_tests::secure_threshold_compressed_keygen_test 6m 22s
client::tests::threshold::key_gen_tests::secure_threshold_keygen_test 6m 25s
client::tests::threshold::key_gen_tests::secure_threshold_keygen_test_crash_online 6m 36s
client::tests::threshold::key_gen_tests::secure_threshold_keygen_test_crash_preprocessing 5m 25s
client::tests::threshold::key_gen_tests::test_insecure_compressed_dkg::case_1 34.8s
client::tests::threshold::key_gen_tests::test_insecure_dkg::case_1 34.6s
client::tests::threshold::key_gen_tests::test_insecure_threshold_decompression_keygen 5m 43s
client::tests::threshold::key_gen_tests_isolated::default_insecure_dkg_isolated 4m 2s
client::tests::threshold::key_gen_tests_isolated::secure_threshold_compressed_keygen_from_existing_isolated 12m 4s
client::tests::threshold::key_gen_tests_isolated::secure_threshold_keygen_crash_online_isolated 5m 52s
client::tests::threshold::key_gen_tests_isolated::secure_threshold_keygen_crash_preprocessing_isolated 5m 8s
client::tests::threshold::key_gen_tests_isolated::secure_threshold_keygen_isolated 6m 4s
client::tests::threshold::key_gen_tests_isolated::test_insecure_dkg_isolated 5.3s
client::tests::threshold::key_gen_tests_isolated::test_insecure_threshold_decompression_keygen_isolated 2m 34s
client::tests::threshold::misc_tests::test_ratelimiter 33.6s
client::tests::threshold::misc_tests::test_threshold_close_after_drop 34.0s
client::tests::threshold::misc_tests::test_threshold_health_endpoint_availability 38.1s
client::tests::threshold::misc_tests::test_threshold_shutdown 35.3s
client::tests::threshold::misc_tests_isolated::test_ratelimiter_isolated 195ms
client::tests::threshold::misc_tests_isolated::test_threshold_close_after_drop_isolated 996ms
client::tests::threshold::misc_tests_isolated::test_threshold_health_endpoint_availability_isolated 4.6s
client::tests::threshold::misc_tests_isolated::test_threshold_shutdown_isolated 1.9s
client::tests::threshold::mpc_context_tests::test_context_switch_4p 38.1s
client::tests::threshold::mpc_epoch_tests::test_new_epoch_with_reshare 19m 40s
client::tests::threshold::public_decryption_tests::default_decryption_threshold::case_1 42.0s
client::tests::threshold::public_decryption_tests::default_decryption_threshold_precompute_sns::case_1::compression_1_true 37.4s
client::tests::threshold::public_decryption_tests::default_decryption_threshold_precompute_sns::case_1::compression_2_false 37.7s
client::tests::threshold::public_decryption_tests::default_decryption_threshold_with_crash::case_1 38.3s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_1 1m 3s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_2 38.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_3 38.5s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_1 50.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_2 35.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_3 35.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_precompute_sns::case_1::compression_1_true 38.7s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_precompute_sns::case_1::compression_2_false 38.5s
client::tests::threshold::restore_from_backup_tests::test_insecure_threshold_crs_backup 1m 29s
client::tests::threshold::restore_from_backup_tests_isolated::test_insecure_threshold_crs_backup_isolated 17.2s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_1 6m 18s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_2 24.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_3 26.6s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_4 26.4s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_5 29.8s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_6 28.6s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_7 28.8s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_all_malicious_failure 25.2s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious::case_1 26.9s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious::case_2 27.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious_failure 27.5s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns::case_1 27.0s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns::case_2 26.7s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns_legacy::case_1 26.7s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns_legacy::case_2 26.9s
conf::tests::test_threshold_config 8ms
conf::tests::test_threshold_config_negative 7ms
conf::threshold::test_pem_serialization 5ms
engine::migration::tests::s3_tests::test_0_13_x_to_0_13_10_threshold_s3 70ms
engine::migration::tests::s3_tests::test_after_0_13_x_threshold_s3 52ms
engine::migration::tests::s3_tests::test_migrate_threshold_s3 60ms
engine::migration::tests::s3_tests::test_remove_old_keys_threshold_s3 49ms
engine::migration::tests::test_0_13_x_to_0_13_10_threshold_file 8ms
engine::migration::tests::test_0_13_x_to_0_13_10_threshold_ram 6ms
engine::migration::tests::test_after_0_13_x_threshold_file 7ms
engine::migration::tests::test_after_0_13_x_threshold_ram 5ms
engine::migration::tests::test_migrate_threshold_file 7ms
engine::migration::tests::test_migrate_threshold_ram 5ms
engine::migration::tests::test_migrate_to_0_13_10_threshold 6ms
engine::migration::tests::test_migrate_to_0_13_x_threshold 5ms
engine::migration::tests::test_remove_old_keys_threshold_file 7ms
engine::migration::tests::test_remove_old_keys_threshold_ram 5ms
engine::threshold::service::crs_generator::tests::already_exists 7ms
engine::threshold::service::crs_generator::tests::internal_failure 7ms
engine::threshold::service::crs_generator::tests::invalid_argument 6ms
engine::threshold::service::crs_generator::tests::not_found 6ms
engine::threshold::service::crs_generator::tests::resource_exhausted 6ms
engine::threshold::service::crs_generator::tests::sunshine 50ms
engine::threshold::service::crs_generator::tests::unavailable 1m
engine::threshold::service::epoch_manager::tests::already_exists 7ms
engine::threshold::service::epoch_manager::tests::invalid_argument 7ms
engine::threshold::service::epoch_manager::tests::load_all_prss 6ms
engine::threshold::service::epoch_manager::tests::not_found 6ms
engine::threshold::service::epoch_manager::tests::prss_from_storage_test 2m 30s
engine::threshold::service::epoch_manager::tests::sunshine 8ms
engine::threshold::service::epoch_manager::tests::test_destroy_epoch_not_found 6ms
engine::threshold::service::epoch_manager::tests::test_destroy_epoch_success 6ms
engine::threshold::service::epoch_manager::tests::test_resource_exhausted 6ms
engine::threshold::service::epoch_manager::tests::test_verify_epoch_info 6ms
engine::threshold::service::key_generator::tests::aborted 5ms
engine::threshold::service::key_generator::tests::already_exists 7ms
engine::threshold::service::key_generator::tests::internal 7ms
engine::threshold::service::key_generator::tests::invalid_argument 6ms
engine::threshold::service::key_generator::tests::not_found 7ms
engine::threshold::service::key_generator::tests::resource_exhausted 6ms
engine::threshold::service::key_generator::tests::sunshine 101ms
engine::threshold::service::key_generator::tests::use_existing_key_tag_with_wrong_keyset_id 8ms
engine::threshold::service::preprocessor::tests::already_exists 8ms
engine::threshold::service::preprocessor::tests::internal 8ms
engine::threshold::service::preprocessor::tests::invalid_argument 7ms
engine::threshold::service::preprocessor::tests::not_found 7ms
engine::threshold::service::preprocessor::tests::resource_exhausted 6ms
engine::threshold::service::preprocessor::tests::sunshine 804ms
engine::threshold::service::public_decryptor::tests::already_exists 84ms
engine::threshold::service::public_decryptor::tests::invalid_argument 85ms
engine::threshold::service::public_decryptor::tests::not_found 261ms
engine::threshold::service::public_decryptor::tests::sunshine 87ms
engine::threshold::service::public_decryptor::tests::test_resource_exhausted 81ms
engine::threshold::service::reshare_utils::tests::bad_digests_get_verified_public_materials 158ms
engine::threshold::service::reshare_utils::tests::bad_digests_get_verified_public_materials_compressed 230ms
engine::threshold::service::reshare_utils::tests::empty_storage_fetch_public_materials_from_peers 169ms
engine::threshold::service::reshare_utils::tests::sunshine_fetch_public_materials_from_peers 171ms
engine::threshold::service::reshare_utils::tests::sunshine_fetch_public_materials_from_peers_compressed 95ms
engine::threshold::service::reshare_utils::tests::sunshine_get_verified_public_materials 16ms
engine::threshold::service::reshare_utils::tests::sunshine_get_verified_public_materials_compressed 92ms
engine::threshold::service::reshare_utils::tests::test_find_region 6ms
engine::threshold::service::reshare_utils::tests::test_split_devnet_url 5ms
engine::threshold::service::reshare_utils::tests::wrong_digest_fetch_public_materials_from_peers 19ms
engine::threshold::service::reshare_utils::tests::wrong_digest_fetch_public_materials_from_peers_compressed 90ms
engine::threshold::service::user_decryptor::tests::already_exists 80ms
engine::threshold::service::user_decryptor::tests::invalid_argument 86ms
engine::threshold::service::user_decryptor::tests::not_found 278ms
engine::threshold::service::user_decryptor::tests::resource_exhausted 88ms
engine::threshold::service::user_decryptor::tests::sunshine 91ms
testing::material::manager::tests::test_setup_threshold_material 24ms
testing::material::spec::tests::test_threshold_basic_spec 6ms
testing::material::spec::tests::test_threshold_default_no_prss_spec 6ms
testing::material::spec::tests::test_threshold_default_spec_requires_prss 6ms
vault::storage::crypto_material::tests::read_guarded_threshold_fhe_keys_not_found 6ms
vault::storage::crypto_material::tests::write_threshold_empty_update 75ms
vault::storage::crypto_material::tests::write_threshold_keys_failed_storage 82ms
vault::storage::crypto_material::tests::write_threshold_keys_meta_update 79ms
vault::storage::file::tests::storage_helper_methods::threshold_1_true 16ms
vault::storage::file::tests::storage_helper_methods::threshold_2_false 13ms
test_backward_compatibility_threshold_fhe 112ms
kms_gen_keys_binary_test::gen_key_tempdir_threshold 665ms
kms_gen_keys_binary_test::gen_key_threshold 3.6s
kms_gen_keys_binary_test::threshold_signing_key 57ms
kms_gen_keys_binary_test::threshold_signing_key_wrong_party_id 168ms
kms_gen_keys_binary_test::threshold_wrong_num_parties 134ms
kms_server_binary_test::subcommand_dev_threshold 5.9s
test_threshold_custodian_backup 1.0s
test_threshold_insecure_compressed_keygen 1.1s
test_threshold_restore_from_backup 1.3s
test_threshold_mpc_context_switch 1.6s
test_threshold_mpc_context_init 8m 14s
test_threshold_reshare 8m 55s
test_threshold_concurrent_preproc_keygen 13m 35s
test_threshold_compressed_preproc_keygen 16m 41s
test_threshold_insecure 19m 57s
test_threshold_mpc_context_switch_6 21m 59s
test_threshold_compressed_keygen_from_existing 30m 43s
test_threshold_compressed_preproc_keygen 11m 43s
test_threshold_concurrent_crs 1m 33s
test_threshold_concurrent_preproc_keygen 7m 31s
test_threshold_custodian_backup 1m
test_threshold_insecure 6m 14s
test_threshold_insecure_compressed_keygen 8m 37s
test_threshold_mpc_context_init 6m 15s
test_threshold_mpc_context_switch 57.3s
test_threshold_mpc_context_switch_6 6m 13s
test_threshold_reshare 6m 34s
test_threshold_restore_from_backup 56.5s
backup::custodian::tests::internal_custodian_context_duplicate_role_should_fail 7ms
backup::custodian::tests::internal_custodian_context_role_greater_than_nodes_should_fail 6ms
backup::custodian::tests::internal_custodian_context_zero_role_should_fail 6ms
backup::operator::tests::operator_new_fails_with_bad_n_t 5ms
backup::operator::tests::operator_new_fails_with_duplicate_roles 6ms
backup::operator::tests::operator_new_fails_with_insufficient_messages 6ms
backup::operator::tests::operator_new_fails_with_invalid_header 6ms
backup::operator::tests::operator_new_fails_with_invalid_role 6ms
backup::operator::tests::operator_new_fails_with_invalid_timestamp_future 6ms
backup::operator::tests::operator_new_fails_with_invalid_timestamp_past 6ms
backup::operator::tests::operator_new_fails_with_not_enough 6ms
backup::operator::tests::operator_new_fails_with_zero_n 5ms
backup::operator::tests::operator_new_fails_with_zero_t 5ms
backup::operator::tests::operator_timestamp_validation 6ms
backup::operator::tests::validate_recovery_validation_material 7ms
backup::secretsharing::pkcs7::tests::padding_sunshine 6ms
backup::secretsharing::pkcs7::tests::padding_wrong_data 6ms
backup::secretsharing::tests::sharing_missing_shares 104ms
backup::secretsharing::tests::sharing_no_error 168ms
backup::secretsharing::tests::sharing_randomness_test 15.4s
backup::secretsharing::tests::sharing_too_many_missing_shares 13ms
backup::secretsharing::tests::sharing_wrong_params 6ms
backup::secretsharing::tests::sharing_wrong_shares 15ms
backup::seed_phrase::tests::difference 6ms
backup::seed_phrase::tests::mnemonic_robustness 6ms
backup::seed_phrase::tests::sunshine 6ms
backup::tests::custodian_reencrypt 10ms
backup::tests::full_flow::case_1 50ms
backup::tests::full_flow::case_2 33ms
backup::tests::full_flow::case_3 89ms
backup::tests::full_flow_drop_msg 38ms
backup::tests::full_flow_malicious_custodian_init 13ms
backup::tests::full_flow_malicious_custodian_not_enough 135ms
backup::tests::full_flow_malicious_custodian_second 65ms
backup::tests::full_flow_malicious_operator 34ms
backup::tests::operator_setup 9ms
client::crs_gen::tests::process_distributed_crs_result_invalid_signature_does_not_insert_key 9.5s
client::crs_gen::tests::verify_pp_with_tfhers 18.5s
client::tests::centralized::crs_gen_tests::test_crs_gen_centralized 7m 26s
client::tests::centralized::crs_gen_tests::test_crs_gen_manual 12.2s
client::tests::centralized::crs_gen_tests::test_insecure_crs_gen_centralized 22.2s
client::tests::centralized::custodian_backup_tests::test_auto_update_backups_central 5.8s
client::tests::centralized::custodian_backup_tests::test_backup_after_crs_central 17.9s
client::tests::centralized::custodian_backup_tests::test_decrypt_after_recovery_central 7.3s
client::tests::centralized::custodian_backup_tests::test_decrypt_after_recovery_centralized_negative 5.7s
client::tests::centralized::custodian_context_tests::test_new_custodian_context_central 5.4s
client::tests::centralized::key_gen_tests::default_decompression_key_gen_centralized 2m 23s
client::tests::centralized::key_gen_tests::default_key_gen_centralized 1m 5s
client::tests::centralized::key_gen_tests::test_compressed_key_gen_centralized 27.3s
client::tests::centralized::key_gen_tests::test_decompression_key_gen_centralized 3m 7s
client::tests::centralized::key_gen_tests::test_key_gen_centralized 37.4s
client::tests::centralized::misc_tests::test_central_close_after_drop 35.6s
client::tests::centralized::misc_tests::test_central_health_endpoint_availability 35.8s
client::tests::centralized::misc_tests::test_largecipher 1m 11s
client::tests::centralized::misc_tests_isolated::test_central_close_after_drop_isolated 421ms
client::tests::centralized::misc_tests_isolated::test_central_health_endpoint_availability_isolated 775ms
client::tests::centralized::misc_tests_isolated::test_largecipher_isolated 21.8s
client::tests::centralized::public_decryption_tests::default_decryption_centralized::case_1 40.3s
client::tests::centralized::public_decryption_tests::default_decryption_centralized_precompute_sns::case_1 41.8s
client::tests::centralized::public_decryption_tests::test_decryption_central 37.2s
client::tests::centralized::public_decryption_tests::test_decryption_central_no_decompression 36.9s
client::tests::centralized::public_decryption_tests::test_decryption_central_precompute_sns 37.1s
client::tests::centralized::restore_from_backup_tests::test_insecure_central_autobackup_after_deletion 1m 16s
client::tests::centralized::restore_from_backup_tests::test_insecure_central_dkg_backup 1m 45s
client::tests::centralized::restore_from_backup_tests_isolated::test_insecure_central_autobackup_after_deletion_isolated 1.5s
client::tests::centralized::restore_from_backup_tests_isolated::test_insecure_central_dkg_backup_isolated 1.6s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized::secure_1_true 1m 13s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized::secure_2_false 15.4s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_no_compression::secure_1_true 15.1s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_no_compression::secure_2_false 15.0s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_precompute_sns::secure_1_true::compression_1_true 16.5s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_precompute_sns::secure_1_true::compression_2_false 16.9s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_precompute_sns::secure_2_false::compression_1_true 16.6s
client::tests::centralized::user_decryption_tests::default_user_decryption_centralized_precompute_sns::secure_2_false::compression_2_false 16.7s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized::secure_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized::secure_2_false 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_1_true::compression_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_1_true::compression_2_false 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_2_false::compression_1_true 12.0s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_2_false::compression_2_false 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_1_true::compression_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_1_true::compression_2_false 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_2_false::compression_1_true 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_2_false::compression_2_false 12.0s
client::tests::common::num_blocks_sunshine 6ms
client::tests::testing_infra_tests::test_centralized_material_validation 7ms
client::tests::testing_infra_tests::tests::test_material_spec_creation 6ms
client::tests::testing_infra_tests::tests::test_material_spec_serialization 6ms
conf::tests::test_centralized_config 7ms
cryptography::decompression::test::test_1024b 3.8s
cryptography::decompression::test::test_128b 1.9s
cryptography::decompression::test::test_16b 1.7s
cryptography::decompression::test::test_2048b 5.7s
cryptography::decompression::test::test_256b 2.1s
cryptography::decompression::test::test_32b 1.8s
cryptography::decompression::test::test_4b 1.7s
cryptography::decompression::test::test_512b 2.6s
cryptography::decompression::test::test_64b 1.8s
cryptography::decompression::test::test_8b 1.6s
cryptography::decompression::test::test_bad_ciphertext 1.4s
cryptography::decompression::test::test_bad_fhe_type 1.6s
cryptography::decompression::test::test_bool 1.7s
cryptography::decompression::test::test_full_chain_client_copro_kms_uint8::case_1 46ms
cryptography::decompression::test::test_full_chain_client_copro_kms_uint8::case_2 1.9s
cryptography::decompression::test::test_tolerate_non_compressed 575ms
cryptography::encryption::tests::nested_pke_sunshine 7ms
cryptography::encryption::tests::pke_wrong_ct_enc 7ms
cryptography::encryption::tests::pke_wrong_kem_key 6ms
cryptography::hybrid_ml_kem::tests::pke_sunshine 56ms
cryptography::hybrid_ml_kem::tests::pke_wrong_ct_hybrid 50ms
cryptography::hybrid_ml_kem::tests::pke_wrong_kem 51ms
cryptography::hybrid_ml_kem::tests::pke_wrong_key 63ms
cryptography::hybrid_ml_kem::tests::pke_wrong_nonce 52ms
cryptography::hybrid_ml_kem::tests::test_pke_serialize_size 7ms
cryptography::hybrid_ml_kem::tests::validate_consistent_cipher_encoding 6ms
cryptography::signatures::tests::bad_dsep 6ms
cryptography::signatures::tests::bad_signature 7ms
cryptography::signatures::tests::plain_signing 7ms
cryptography::signatures::tests::regression_consistent_enc 6ms
cryptography::signatures::tests::sunshine_verf_key_legacy_serialization 6ms
cryptography::signatures::tests::unnormalized_signature 7ms
cryptography::signatures::tests::validate_zeroize_signing_key 6ms
cryptography::signcryption::tests::bad_signcryption 8ms
cryptography::signcryption::tests::incorrect_server_verf_key 6ms
cryptography::signcryption::tests::signcryption_with_bad_link 7ms
cryptography::signcryption::tests::sunshine 7ms
cryptography::signcryption::tests::sunshine_encoding_decoding 7ms
cryptography::signcryption::tests::test_signcryption_payload_v0_serialization_locked 6ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_custodian_role 8ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_operator_role 8ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_signature 7ms
engine::backup_operator::tests::test_filter_custodian_data_missing_verification_key 7ms
engine::backup_operator::tests::test_filter_custodian_missing_cus_output 7ms
engine::backup_operator::tests::test_update_backup_vault 6ms
engine::backup_operator::tests::test_update_backup_vault_with_overwrite 6ms
engine::backup_operator::tests::test_update_backup_vault_without_overwrite 6ms
engine::backup_operator::tests::test_update_epoch_backup_vault 6ms
engine::backup_operator::tests::test_update_epoch_backup_vault_with_overwrite 6ms
engine::backup_operator::tests::test_update_epoch_backup_vault_without_overwrite 6ms
engine::base::tests::sunshine_plaintext_as_u256 6ms
engine::base::tests::test_abi_encoding_fhevm_ebytes 6ms
engine::base::tests::test_compute_external_signature_preproc 8ms
engine::base::tests::test_compute_info_crs 905ms
engine::base::tests::test_compute_info_standard_keygen 145ms
engine::base::tests::test_compute_pt_message_hash 7ms
engine::base::tests::test_deserialize_ciphertext_missing_decompression_key 113ms
engine::base::tests::test_deserialize_ciphertext_wrong_ct_format 100ms
engine::base::tests::test_deserialize_ciphertext_wrong_type 102ms
engine::centralized::central_kms::tests::decrypt_with_bad_client_key 290ms
engine::centralized::central_kms::tests::multiple_default_keys_decrypt 20.8s
engine::centralized::central_kms::tests::multiple_default_keys_user_decrypt 21.2s
engine::centralized::central_kms::tests::multiple_test_keys_access 40ms
engine::centralized::central_kms::tests::multiple_test_keys_decrypt 123ms
engine::centralized::central_kms::tests::multiple_test_keys_user_decrypt 132ms
engine::centralized::central_kms::tests::sanity_check_sns_compression_test_params 69ms
engine::centralized::central_kms::tests::sunshine_default_decrypt 21.5s
engine::centralized::central_kms::tests::sunshine_default_user_decrypt 21.4s
engine::centralized::central_kms::tests::sunshine_test_decrypt 120ms
engine::centralized::central_kms::tests::sunshine_test_user_decrypt 120ms
engine::centralized::central_kms::tests::test_gen_keys 24.8s
engine::centralized::central_kms::tests::test_generate_compressed_fhe_keys 164ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_client_key 132ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_ephemeral_key 125ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_sig_key 130ms
engine::centralized::service::crs_gen::tests::already_exists 8ms
engine::centralized::service::crs_gen::tests::default_epoch_id 782ms
engine::centralized::service::crs_gen::tests::invalid_argument 9ms
engine::centralized::service::crs_gen::tests::not_found 8ms
engine::centralized::service::crs_gen::tests::resource_exhausted 7ms
engine::centralized::service::crs_gen::tests::sunshine 771ms
engine::centralized::service::decryption::test_user_decryption::already_exists 124ms
engine::centralized::service::decryption::test_user_decryption::invalid_argument 122ms
engine::centralized::service::decryption::test_user_decryption::not_found 122ms
engine::centralized::service::decryption::test_user_decryption::resource_exhausted 122ms
engine::centralized::service::decryption::test_user_decryption::sunshine 129ms
engine::centralized::service::decryption::tests_public_decryption::already_exists 128ms
engine::centralized::service::decryption::tests_public_decryption::invalid_argument 129ms
engine::centralized::service::decryption::tests_public_decryption::not_found 129ms
engine::centralized::service::decryption::tests_public_decryption::resource_exhausted 123ms
engine::centralized::service::decryption::tests_public_decryption::sunshine 123ms
engine::centralized::service::initiator::tests::already_exists 9ms
engine::centralized::service::initiator::tests::invalid_argument 8ms
engine::centralized::service::initiator::tests::sunshine 8ms
engine::centralized::service::key_gen::tests::already_exists 113ms
engine::centralized::service::key_gen::tests::invalid_argument 10ms
engine::centralized::service::key_gen::tests::not_found 112ms
engine::centralized::service::key_gen::tests::resource_exhausted 9ms
engine::centralized::service::key_gen::tests::sunshine 112ms
engine::centralized::service::preprocessing::tests::already_exists 9ms
engine::centralized::service::preprocessing::tests::invalid_argument 8ms
engine::centralized::service::preprocessing::tests::not_found 8ms
engine::centralized::service::preprocessing::tests::resource_exhausted 8ms
engine::centralized::service::preprocessing::tests::sunshine 8ms
engine::context::tests::parse_software_semantic_version 6ms
engine::context::tests::test_context_info_duplicate_party_ids 7ms
engine::context::tests::test_software_version_display 6ms
engine::context::tests::test_software_version_equality 5ms
engine::context::tests::test_software_version_major_comparison 6ms
engine::context::tests::test_software_version_minor_comparison 6ms
engine::context::tests::test_software_version_no_tag 6ms
engine::context::tests::test_software_version_patch_comparison 6ms
engine::context::tests::test_software_version_unordered_tag 5ms
engine::context_manager::tests::test_centralized_context_cache 8ms
engine::context_manager::tests::test_centralized_context_exists_and_consistent 7ms
engine::context_manager::tests::test_centralized_multiple_contexts 8ms
engine::context_manager::tests::test_custodian_context 14ms
engine::context_manager::tests::test_gen_recovery_request_payloads 9ms
engine::context_manager::tests::test_kms_context 8ms
engine::context_manager::tests::test_kms_context_load_from_storage 7ms
engine::context_manager::tests::test_kms_context_load_multiple_from_storage 8ms
engine::context_manager::tests::test_kms_context_load_multiple_from_storage_with_error 8ms
engine::context_manager::tests::test_load_mpc_context_without_signing_key 8ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_missing_added_info 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_with_added_info_missing_ids 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_with_added_info_with_ids 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_none_defaults_to_standard 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_default 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_missing_added_info 5ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_with_added_info_missing_ids 5ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_with_added_info_with_ids 5ms
engine::keyset_configuration::tests::test_new_decompression_only_unparseable_from_id 6ms
engine::keyset_configuration::tests::test_new_decompression_only_unparseable_to_id 6ms
engine::keyset_configuration::tests::test_new_use_existing_unparseable_epoch_id 6ms
engine::migration::tests::s3_tests::test_0_13_x_to_0_13_10_centralized_s3 44ms
engine::migration::tests::s3_tests::test_0_13_x_to_0_13_10_idempotent_s3 43ms
engine::migration::tests::s3_tests::test_0_13_x_to_0_13_10_no_legacy_s3 15ms
engine::migration::tests::s3_tests::test_0_13_x_to_0_13_10_skips_existing_s3 39ms
engine::migration::tests::s3_tests::test_after_0_13_x_centralized_s3 36ms
engine::migration::tests::s3_tests::test_after_0_13_x_idempotent_s3 37ms
engine::migration::tests::s3_tests::test_after_0_13_x_no_legacy_s3 15ms
engine::migration::tests::s3_tests::test_migrate_centralized_s3 40ms
engine::migration::tests::s3_tests::test_migrate_idempotent_s3 37ms
engine::migration::tests::s3_tests::test_migrate_no_legacy_data_s3 15ms
engine::migration::tests::s3_tests::test_migrate_skips_existing_s3 32ms
engine::migration::tests::s3_tests::test_remove_old_keys_centralized_s3 35ms
engine::migration::tests::s3_tests::test_remove_old_keys_no_legacy_s3 14ms
engine::migration::tests::s3_tests::test_remove_old_keys_skips_without_new_epoch_s3 25ms
engine::migration::tests::test_0_13_x_to_0_13_10_centralized_file 8ms
engine::migration::tests::test_0_13_x_to_0_13_10_centralized_ram 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_idempotent_file 8ms
engine::migration::tests::test_0_13_x_to_0_13_10_idempotent_ram 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_no_legacy_file 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_no_legacy_ram 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_skips_existing_file 7ms
engine::migration::tests::test_0_13_x_to_0_13_10_skips_existing_ram 6ms
engine::migration::tests::test_after_0_13_x_centralized_file 8ms
engine::migration::tests::test_after_0_13_x_centralized_ram 6ms
engine::migration::tests::test_after_0_13_x_idempotent_file 7ms
engine::migration::tests::test_after_0_13_x_idempotent_ram 6ms
engine::migration::tests::test_after_0_13_x_no_legacy_file 6ms
engine::migration::tests::test_after_0_13_x_no_legacy_ram 6ms
engine::migration::tests::test_migrate_centralized_file 7ms
engine::migration::tests::test_migrate_centralized_ram 6ms
engine::migration::tests::test_migrate_combined_prss_no_data_file 7ms
engine::migration::tests::test_migrate_combined_prss_no_data_ram 6ms
engine::migration::tests::test_migrate_combined_prss_sunshine 6ms
engine::migration::tests::test_migrate_context_idempotent 6ms
engine::migration::tests::test_migrate_context_no_legacy 6ms
engine::migration::tests::test_migrate_context_sunshine 6ms
engine::migration::tests::test_migrate_idempotent_file 8ms
engine::migration::tests::test_migrate_idempotent_ram 5ms
engine::migration::tests::test_migrate_legacy_prss_sunshine 6ms
engine::migration::tests::test_migrate_no_legacy_data_file 6ms
engine::migration::tests::test_migrate_no_legacy_data_ram 6ms
engine::migration::tests::test_migrate_prss_already_migrated_skips 6ms
engine::migration::tests::test_migrate_prss_missing_z128_errors 6ms
engine::migration::tests::test_migrate_prss_missing_z64_errors 6ms
engine::migration::tests::test_migrate_prss_no_legacy_data_errors 7ms
engine::migration::tests::test_migrate_skips_existing_file 8ms
engine::migration::tests::test_migrate_skips_existing_ram 6ms
engine::migration::tests::test_migrate_to_0_13_10_centralized 6ms
engine::migration::tests::test_migrate_to_0_13_10_empty_storage 6ms
engine::migration::tests::test_migrate_to_0_13_x_centralized 6ms
engine::migration::tests::test_migrate_to_0_13_x_empty_storage 6ms
engine::migration::tests::test_remove_old_keys_centralized_file 7ms
engine::migration::tests::test_remove_old_keys_centralized_ram 6ms
engine::migration::tests::test_remove_old_keys_no_legacy_file 5ms
engine::migration::tests::test_remove_old_keys_no_legacy_ram 6ms
engine::migration::tests::test_remove_old_keys_skips_without_new_epoch_file 6ms
engine::migration::tests::test_remove_old_keys_skips_without_new_epoch_ram 5ms
engine::utils::tests::sanity_check_crs_invalid_digest 453ms
engine::utils::tests::sanity_check_crs_legacy_readability_only 448ms
engine::utils::tests::sanity_check_crs_valid_digest 455ms
engine::utils::tests::sanity_check_current_compressed_keys_invalid_digest 86ms
engine::utils::tests::sanity_check_current_compressed_keys_valid_digests 84ms
engine::utils::tests::sanity_check_current_standard_keys_invalid_digest 15ms
engine::utils::tests::sanity_check_current_standard_keys_valid_digests 12ms
engine::utils::tests::sanity_check_legacy_metadata_readability_only 14ms
engine::utils::tests::test_metriced_error_creation 6ms
engine::utils::tests::test_metriced_error_drop_logging 6ms
engine::utils::tests::test_metriced_error_no_dropping 6ms
engine::validation_non_wasm::tests::test_max_num_bits_verification 6ms
engine::validation_non_wasm::tests::test_select_most_common_dec 6ms
engine::validation_non_wasm::tests::test_validate_new_mpc_epoch_request 6ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_meta_response 8ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_meta_response_with_eip712 8ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_req 6ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_responses 10ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_responses_against_request 12ms
engine::validation_non_wasm::tests::test_validate_request_id 5ms
engine::validation_non_wasm::tests::test_validate_user_decrypt_req 6ms
engine::validation_non_wasm::tests::test_verify_user_decrypt_eip712 6ms
engine::validation_wasm::tests::test_check_ext_user_decryption_signature 8ms
engine::validation_wasm::tests::test_select_most_common_user_dec 6ms
engine::validation_wasm::tests::test_validate_user_decrypt_meta_data_and_signature 8ms
engine::validation_wasm::tests::test_validate_user_decrypt_responses 147ms
engine::validation_wasm::tests::test_validate_user_decrypt_responses_against_request 10ms
grpc::tests::regression_tests::test_request_id_compile_time_interface_stability 7ms
grpc::tests::regression_tests::test_request_id_core_structure_and_api_consistency 6ms
grpc::tests::regression_tests::test_request_id_validation_and_error_handling 5ms
grpc::tests::unit_tests::test_get_meta_store_info_with_real_stores 6ms
grpc::tests::unit_tests::test_get_meta_store_info_with_unavailable_stores 6ms
grpc::tests::unit_tests::test_list_requests_invalid_store_type 6ms
grpc::tests::unit_tests::test_list_requests_pagination 5ms
grpc::tests::unit_tests::test_list_requests_with_real_stores 6ms
grpc::tests::unit_tests::test_list_requests_with_unavailable_stores 6ms
grpc::tests::unit_tests::test_service_with_mixed_store_availability 5ms
testing::material::manager::tests::test_setup_centralized_material 14ms
testing::material::spec::tests::test_centralized_basic_spec 5ms
testing::material::spec::tests::test_comprehensive_spec 5ms
testing::material::spec::tests::test_key_type_covers_all_priv_data_types 5ms
testing::material::spec::tests::test_key_type_covers_all_pub_data_types 5ms
testing::material::spec::tests::test_serialization 6ms
testing::utils::test_purge 10ms
util::file_handling::tests::read_write_element 6ms
util::file_handling::tests::read_write_text 6ms
util::key_setup::tests::test_max_num_bits 4.7s
util::meta_store::tests::auto_remove 6ms
util::meta_store::tests::delete 6ms
util::meta_store::tests::double_insert 6ms
util::meta_store::tests::sunshine 6ms
util::meta_store::tests::test_kickout_of_errors 6ms
util::meta_store::tests::test_subscription 5.0s
util::meta_store::tests::too_many_elements 6ms
util::rate_limiter::tests::test_rate_limiting_1 6ms
util::rate_limiter::tests::test_rate_limiting_more 5ms
util::rate_limiter::tests::test_rate_limiting_refusal 6ms
util::retry::tests::fatal_loop_fails 51ms
util::retry::tests::retry_loop_fails 52ms
util::retry::tests::sunshine_fatal_loop 62ms
util::retry::tests::sunshine_retry_loop 62ms
vault::keychain::secretsharing::tests::test_encrypt_and_decrypt_roundtrip 7ms
vault::keychain::secretsharing::tests::test_new_keychain_without_pub_storage 6ms
vault::keychain::secretsharing::tests::test_operator_public_key_bytes_error 6ms
vault::keychain::secretsharing::tests::test_set_and_get_backup_enc_key 6ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_invalid_signature 7ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_no_material_is_ok 6ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_valid_signature 8ms
vault::keychain::tests::test_verify_root_key_measurements 6ms
vault::storage::crypto_material::tests::read_guarded_crypto_material_from_cache_not_found 6ms
vault::storage::crypto_material::tests::read_public_key 6ms
vault::storage::crypto_material::tests::write_central_keys 15ms
vault::storage::crypto_material::tests::write_crs 453ms
vault::storage::file::tests::test_all_data_ids_from_all_epochs_file 10ms
vault::storage::file::tests::test_data_ids_with_only_epoch_data_file 7ms
vault::storage::file::tests::test_delete_at_epoch_keeps_dir_when_not_empty 8ms
vault::storage::file::tests::test_delete_at_epoch_removes_empty_epoch_dir 7ms
vault::storage::file::tests::test_epoch_ids_with_only_non_epoch_data_file 7ms
vault::storage::file::tests::test_epoch_storage 8ms
vault::storage::file::tests::test_mixed_epoch_and_non_epoch_data_file 9ms
vault::storage::file::tests::test_overwrite_logic_files 8ms
vault::storage::file::tests::test_store_bytes_at_epoch_does_not_overwrite_file 8ms
vault::storage::file::tests::test_store_load_bytes_at_epoch_file 8ms
vault::storage::ram::tests::storage_helper_methods 6ms
vault::storage::ram::tests::test_all_data_ids_from_all_epochs_ram 6ms
vault::storage::ram::tests::test_data_ids_with_only_epoch_data_ram 7ms
vault::storage::ram::tests::test_epoch_ids_with_only_non_epoch_data_ram 6ms
vault::storage::ram::tests::test_mixed_epoch_and_non_epoch_data_ram 6ms
vault::storage::ram::tests::test_overwrite_logic_ram 6ms
vault::storage::ram::tests::test_overwrite_logic_ram_on_epoch 6ms
vault::storage::ram::tests::test_store_load_bytes_at_epoch_ram 6ms
vault::storage::s3::tests::s3_storage_helper_methods 136ms
vault::storage::s3::tests::test_all_data_ids_from_all_epochs_s3 80ms
vault::storage::s3::tests::test_data_ids_with_only_epoch_data_s3 35ms
vault::storage::s3::tests::test_epoch_ids_with_only_non_epoch_data_s3 34ms
vault::storage::s3::tests::test_epoch_methods_in_s3 52ms
vault::storage::s3::tests::test_mixed_epoch_and_non_epoch_data_s3 74ms
vault::storage::s3::tests::test_overwrite_logic_files 38ms
vault::storage::s3::tests::test_s3_anon 147ms
vault::storage::s3::tests::test_store_bytes_at_epoch_does_not_overwrite_s3 27ms
vault::storage::s3::tests::test_store_load_bytes_at_epoch_s3 44ms
vault::tests::regression_test_vault_data_type_serialization 6ms
test_backward_compatibility_kms 703ms
test_backward_compatibility_kms_grpc 15ms
kms_custodian_binary_tests::sunshine_decrypt_custodian 234ms
kms_custodian_binary_tests::sunshine_generate 30ms
kms_custodian_binary_tests::sunshine_verify 29ms
kms_gen_keys_binary_test::central_s3 47ms
kms_gen_keys_binary_test::central_signing_address_format 25ms
kms_gen_keys_binary_test::central_signing_keys_overwrite 45ms
kms_gen_keys_binary_test::gen_key_centralized 3.3s
kms_gen_keys_binary_test::gen_key_tempdir_centralized 707ms
kms_gen_keys_binary_test::help 37ms
kms_init_binary_test::help 14ms
kms_init_binary_test::init 297ms
kms_server_binary_test::help 8ms
kms_server_binary_test::subcommand_dev_centralized 5.9s
kms_server_binary_test::test_cert_paths 49ms
test_centralized_insecure_compressed_keygen 892ms
test_centralized_custodian_backup 1.1s
test_centralized_crsgen_secure 1.5s
test_centralized_restore_from_backup 1.6s
test_centralized_insecure 42.2s
test_centralized_crsgen_secure 12m 1s
test_centralized_custodian_backup 1m 8s
test_centralized_insecure 4m 47s
test_centralized_insecure_compressed_keygen 9m 36s
test_centralized_restore_from_backup 53.1s
backup::custodian::tests::internal_custodian_context_duplicate_role_should_fail 6ms
backup::custodian::tests::internal_custodian_context_role_greater_than_nodes_should_fail 5ms
backup::custodian::tests::internal_custodian_context_zero_role_should_fail 5ms
backup::custodian::tests::invalid_threshold_should_fail 5ms
backup::operator::tests::operator_new_fails_with_bad_n_t 4ms
backup::operator::tests::operator_new_fails_with_duplicate_roles 5ms
backup::operator::tests::operator_new_fails_with_insufficient_messages 5ms
backup::operator::tests::operator_new_fails_with_invalid_header 5ms
backup::operator::tests::operator_new_fails_with_invalid_role 5ms
backup::operator::tests::operator_new_fails_with_invalid_timestamp_future 5ms
backup::operator::tests::operator_new_fails_with_invalid_timestamp_past 5ms
backup::operator::tests::operator_new_fails_with_not_enough 5ms
backup::operator::tests::operator_new_fails_with_zero_n 4ms
backup::operator::tests::operator_new_fails_with_zero_t 4ms
backup::operator::tests::operator_timestamp_validation 5ms
backup::operator::tests::validate_recovery_validation_material 6ms
backup::secretsharing::pkcs7::tests::padding_sunshine 5ms
backup::secretsharing::pkcs7::tests::padding_wrong_data 5ms
backup::secretsharing::tests::sharing_missing_shares 103ms
backup::secretsharing::tests::sharing_no_error 164ms
backup::secretsharing::tests::sharing_randomness_test 15.6s
backup::secretsharing::tests::sharing_too_many_missing_shares 12ms
backup::secretsharing::tests::sharing_wrong_params 6ms
backup::secretsharing::tests::sharing_wrong_shares 13ms
backup::seed_phrase::tests::difference 5ms
backup::seed_phrase::tests::mnemonic_robustness 5ms
backup::seed_phrase::tests::sunshine 6ms
backup::tests::custodian_reencrypt 9ms
backup::tests::full_flow::case_1 48ms
backup::tests::full_flow::case_2 33ms
backup::tests::full_flow::case_3 88ms
backup::tests::full_flow_drop_msg 35ms
backup::tests::full_flow_malicious_custodian_init 10ms
backup::tests::full_flow_malicious_custodian_not_enough 128ms
backup::tests::full_flow_malicious_custodian_second 65ms
backup::tests::full_flow_malicious_operator 33ms
backup::tests::operator_setup 8ms
client::crs_gen::tests::process_distributed_crs_result_invalid_signature_does_not_insert_key 8.9s
client::crs_gen::tests::verify_pp_with_tfhers 14.1s
client::tests::centralized::crs_gen_tests::test_crs_gen_centralized 10.2s
client::tests::centralized::crs_gen_tests::test_crs_gen_manual 2.0s
client::tests::centralized::crs_gen_tests::test_insecure_crs_gen_centralized 7.9s
client::tests::centralized::custodian_backup_tests::test_auto_update_backups_central 3.9s
client::tests::centralized::custodian_backup_tests::test_backup_after_crs_central 9.5s
client::tests::centralized::custodian_backup_tests::test_decrypt_after_recovery_central 5.0s
client::tests::centralized::custodian_backup_tests::test_decrypt_after_recovery_centralized_negative 3.7s
client::tests::centralized::custodian_context_tests::test_new_custodian_context_central 3.4s
client::tests::centralized::key_gen_tests::test_decompression_key_gen_centralized 1m 52s
client::tests::centralized::key_gen_tests::test_key_gen_centralized 12.1s
client::tests::centralized::misc_tests::test_central_close_after_drop 11.0s
client::tests::centralized::misc_tests::test_central_health_endpoint_availability 11.1s
client::tests::centralized::misc_tests_isolated::test_central_close_after_drop_isolated 287ms
client::tests::centralized::misc_tests_isolated::test_central_health_endpoint_availability_isolated 753ms
client::tests::centralized::public_decryption_tests::test_decryption_central 12.1s
client::tests::centralized::public_decryption_tests::test_decryption_central_no_decompression 12.2s
client::tests::centralized::public_decryption_tests::test_decryption_central_precompute_sns 12.2s
client::tests::centralized::restore_from_backup_tests_isolated::test_insecure_central_autobackup_after_deletion_isolated 1.5s
client::tests::centralized::restore_from_backup_tests_isolated::test_insecure_central_dkg_backup_isolated 1.5s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized::secure_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized::secure_2_false 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_1_true::compression_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_1_true::compression_2_false 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_2_false::compression_1_true 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns::secure_2_false::compression_2_false 12.0s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_1_true::compression_1_true 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_1_true::compression_2_false 12.1s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_2_false::compression_1_true 12.2s
client::tests::centralized::user_decryption_tests::test_user_decryption_centralized_precompute_sns_legacy::secure_2_false::compression_2_false 12.3s
client::tests::common::num_blocks_sunshine 6ms
client::tests::testing_infra_tests::test_centralized_material_validation 6ms
client::tests::testing_infra_tests::test_threshold_material_validation 6ms
client::tests::testing_infra_tests::tests::test_material_spec_creation 5ms
client::tests::testing_infra_tests::tests::test_material_spec_serialization 5ms
client::tests::threshold::crs_gen_tests::test_insecure_crs_gen_threshold 34.4s
client::tests::threshold::custodian_backup_tests::test_auto_update_backups_threshold::case_1 5.3s
client::tests::threshold::custodian_backup_tests::test_auto_update_backups_threshold::case_2 5.3s
client::tests::threshold::custodian_backup_tests::test_backup_after_crs_threshold::case_1 43.4s
client::tests::threshold::custodian_backup_tests::test_backup_after_crs_threshold::case_2 43.5s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold::case_1 11.2s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold::case_2 11.2s
client::tests::threshold::custodian_backup_tests::test_decrypt_after_recovery_threshold_negative 4.6s
client::tests::threshold::custodian_context_tests::test_new_custodian_context_threshold::case_1 6.8s
client::tests::threshold::custodian_context_tests::test_new_custodian_context_threshold::case_2 6.8s
client::tests::threshold::key_gen_tests::default_insecure_dkg::case_1 2m 2s
client::tests::threshold::key_gen_tests::test_insecure_compressed_dkg::case_1 10.2s
client::tests::threshold::key_gen_tests::test_insecure_dkg::case_1 9.7s
client::tests::threshold::key_gen_tests_isolated::test_insecure_dkg_isolated 5.2s
client::tests::threshold::misc_tests::test_threshold_close_after_drop 9.0s
client::tests::threshold::misc_tests::test_threshold_health_endpoint_availability 13.2s
client::tests::threshold::misc_tests::test_threshold_shutdown 9.9s
client::tests::threshold::misc_tests_isolated::test_threshold_close_after_drop_isolated 976ms
client::tests::threshold::misc_tests_isolated::test_threshold_health_endpoint_availability_isolated 4.6s
client::tests::threshold::misc_tests_isolated::test_threshold_shutdown_isolated 1.8s
client::tests::threshold::mpc_context_tests::test_context_switch_4p 13.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_1 15.3s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_2 15.3s
client::tests::threshold::public_decryption_tests::test_decryption_threshold::case_3 15.3s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_1 12.4s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_2 12.0s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_no_decompression::case_3 12.1s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_precompute_sns::case_1::compression_1_true 15.2s
client::tests::threshold::public_decryption_tests::test_decryption_threshold_precompute_sns::case_1::compression_2_false 15.0s
client::tests::threshold::restore_from_backup_tests_isolated::nightly_test_insecure_threshold_autobackup_after_deletion_isolated 5.0s
client::tests::threshold::restore_from_backup_tests_isolated::nightly_test_insecure_threshold_dkg_backup_isolated 13.1s
client::tests::threshold::restore_from_backup_tests_isolated::test_insecure_threshold_crs_backup_isolated 15.6s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_1 8.9s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_2 9.5s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_3 12.0s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_4 11.8s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_5 15.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_6 14.2s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold::case_7 13.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_all_malicious_failure 10.6s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious::case_1 12.0s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious::case_2 11.8s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_malicious_failure 12.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns::case_1 12.0s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns::case_2 12.1s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns_legacy::case_1 12.0s
client::tests::threshold::user_decryption_tests::test_user_decryption_threshold_precompute_sns_legacy::case_2 11.9s
conf::tests::test_centralized_config 6ms
conf::tests::test_threshold_config 6ms
conf::tests::test_threshold_config_negative 6ms
conf::threshold::test_pem_serialization 5ms
cryptography::decompression::test::test_1024b 3.4s
cryptography::decompression::test::test_128b 1.7s
cryptography::decompression::test::test_16b 1.5s
cryptography::decompression::test::test_2048b 5.3s
cryptography::decompression::test::test_256b 1.9s
cryptography::decompression::test::test_32b 1.6s
cryptography::decompression::test::test_4b 1.5s
cryptography::decompression::test::test_512b 2.4s
cryptography::decompression::test::test_64b 1.6s
cryptography::decompression::test::test_8b 1.5s
cryptography::decompression::test::test_bad_ciphertext 1.3s
cryptography::decompression::test::test_bad_fhe_type 1.6s
cryptography::decompression::test::test_bool 1.6s
cryptography::decompression::test::test_full_chain_client_copro_kms_uint8::case_1 32ms
cryptography::decompression::test::test_full_chain_client_copro_kms_uint8::case_2 1.8s
cryptography::decompression::test::test_tolerate_non_compressed 533ms
cryptography::encryption::tests::nested_pke_sunshine 7ms
cryptography::encryption::tests::pke_wrong_ct_enc 6ms
cryptography::encryption::tests::pke_wrong_kem_key 5ms
cryptography::hybrid_ml_kem::tests::pke_sunshine 52ms
cryptography::hybrid_ml_kem::tests::pke_wrong_ct_hybrid 46ms
cryptography::hybrid_ml_kem::tests::pke_wrong_kem 47ms
cryptography::hybrid_ml_kem::tests::pke_wrong_key 58ms
cryptography::hybrid_ml_kem::tests::pke_wrong_nonce 47ms
cryptography::hybrid_ml_kem::tests::test_pke_serialize_size 6ms
cryptography::hybrid_ml_kem::tests::validate_consistent_cipher_encoding 5ms
cryptography::signatures::tests::bad_dsep 5ms
cryptography::signatures::tests::bad_signature 6ms
cryptography::signatures::tests::plain_signing 6ms
cryptography::signatures::tests::regression_consistent_enc 5ms
cryptography::signatures::tests::sunshine_verf_key_legacy_serialization 5ms
cryptography::signatures::tests::unnormalized_signature 5ms
cryptography::signatures::tests::validate_zeroize_signing_key 5ms
cryptography::signcryption::tests::bad_signcryption 7ms
cryptography::signcryption::tests::incorrect_server_verf_key 5ms
cryptography::signcryption::tests::signcryption_with_bad_link 6ms
cryptography::signcryption::tests::sunshine 6ms
cryptography::signcryption::tests::sunshine_encoding_decoding 6ms
cryptography::signcryption::tests::test_signcryption_payload_v0_serialization_locked 4ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_custodian_role 6ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_operator_role 6ms
engine::backup_operator::tests::test_filter_custodian_data_invalid_signature 6ms
engine::backup_operator::tests::test_filter_custodian_data_missing_verification_key 6ms
engine::backup_operator::tests::test_filter_custodian_missing_cus_output 6ms
engine::backup_operator::tests::test_update_backup_vault 5ms
engine::backup_operator::tests::test_update_backup_vault_with_overwrite 5ms
engine::backup_operator::tests::test_update_backup_vault_without_overwrite 5ms
engine::backup_operator::tests::test_update_epoch_backup_vault 5ms
engine::backup_operator::tests::test_update_epoch_backup_vault_with_overwrite 5ms
engine::backup_operator::tests::test_update_epoch_backup_vault_without_overwrite 5ms
engine::base::tests::sunshine_plaintext_as_u256 4ms
engine::base::tests::test_abi_encoding_fhevm_ebytes 5ms
engine::base::tests::test_compute_external_signature_preproc 6ms
engine::base::tests::test_compute_info_crs 763ms
engine::base::tests::test_compute_info_standard_keygen 132ms
engine::base::tests::test_compute_pt_message_hash 6ms
engine::base::tests::test_deserialize_ciphertext_missing_decompression_key 101ms
engine::base::tests::test_deserialize_ciphertext_wrong_ct_format 92ms
engine::base::tests::test_deserialize_ciphertext_wrong_type 92ms
engine::centralized::central_kms::tests::decrypt_with_bad_client_key 272ms
engine::centralized::central_kms::tests::multiple_test_keys_access 36ms
engine::centralized::central_kms::tests::multiple_test_keys_decrypt 114ms
engine::centralized::central_kms::tests::multiple_test_keys_user_decrypt 115ms
engine::centralized::central_kms::tests::sanity_check_sns_compression_test_params 61ms
engine::centralized::central_kms::tests::sunshine_test_decrypt 114ms
engine::centralized::central_kms::tests::sunshine_test_user_decrypt 114ms
engine::centralized::central_kms::tests::test_gen_keys 23.7s
engine::centralized::central_kms::tests::test_generate_compressed_fhe_keys 151ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_client_key 122ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_ephemeral_key 118ms
engine::centralized::central_kms::tests::user_decrypt_with_bad_sig_key 115ms
engine::centralized::service::crs_gen::tests::already_exists 8ms
engine::centralized::service::crs_gen::tests::default_epoch_id 644ms
engine::centralized::service::crs_gen::tests::invalid_argument 8ms
engine::centralized::service::crs_gen::tests::not_found 7ms
engine::centralized::service::crs_gen::tests::resource_exhausted 7ms
engine::centralized::service::crs_gen::tests::sunshine 640ms
engine::centralized::service::decryption::test_user_decryption::already_exists 113ms
engine::centralized::service::decryption::test_user_decryption::invalid_argument 113ms
engine::centralized::service::decryption::test_user_decryption::not_found 114ms
engine::centralized::service::decryption::test_user_decryption::resource_exhausted 111ms
engine::centralized::service::decryption::test_user_decryption::sunshine 115ms
engine::centralized::service::decryption::tests_public_decryption::already_exists 114ms
engine::centralized::service::decryption::tests_public_decryption::invalid_argument 112ms
engine::centralized::service::decryption::tests_public_decryption::not_found 112ms
engine::centralized::service::decryption::tests_public_decryption::resource_exhausted 112ms
engine::centralized::service::decryption::tests_public_decryption::sunshine 115ms
engine::centralized::service::initiator::tests::already_exists 8ms
engine::centralized::service::initiator::tests::invalid_argument 7ms
engine::centralized::service::initiator::tests::sunshine 7ms
engine::centralized::service::key_gen::tests::already_exists 103ms
engine::centralized::service::key_gen::tests::invalid_argument 8ms
engine::centralized::service::key_gen::tests::not_found 104ms
engine::centralized::service::key_gen::tests::resource_exhausted 8ms
engine::centralized::service::key_gen::tests::sunshine 105ms
engine::centralized::service::preprocessing::tests::already_exists 8ms
engine::centralized::service::preprocessing::tests::invalid_argument 7ms
engine::centralized::service::preprocessing::tests::not_found 7ms
engine::centralized::service::preprocessing::tests::resource_exhausted 6ms
engine::centralized::service::preprocessing::tests::sunshine 7ms
engine::context::tests::parse_software_semantic_version 5ms
engine::context::tests::test_context_info_duplicate_party_ids 6ms
engine::context::tests::test_software_version_display 5ms
engine::context::tests::test_software_version_equality 5ms
engine::context::tests::test_software_version_major_comparison 4ms
engine::context::tests::test_software_version_minor_comparison 5ms
engine::context::tests::test_software_version_no_tag 5ms
engine::context::tests::test_software_version_patch_comparison 5ms
engine::context::tests::test_software_version_unordered_tag 5ms
engine::context_manager::tests::test_centralized_context_cache 7ms
engine::context_manager::tests::test_centralized_context_exists_and_consistent 6ms
engine::context_manager::tests::test_centralized_multiple_contexts 6ms
engine::context_manager::tests::test_custodian_context 13ms
engine::context_manager::tests::test_gen_recovery_request_payloads 8ms
engine::context_manager::tests::test_kms_context 6ms
engine::context_manager::tests::test_kms_context_load_from_storage 6ms
engine::context_manager::tests::test_kms_context_load_multiple_from_storage 7ms
engine::context_manager::tests::test_kms_context_load_multiple_from_storage_with_error 7ms
engine::context_manager::tests::test_load_mpc_context_without_signing_key 6ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_missing_added_info 4ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_with_added_info_missing_ids 4ms
engine::keyset_configuration::tests::test_internal_keyset_config_decompression_only_with_added_info_with_ids 4ms
engine::keyset_configuration::tests::test_internal_keyset_config_none_defaults_to_standard 4ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_default 5ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_missing_added_info 4ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_with_added_info_missing_ids 5ms
engine::keyset_configuration::tests::test_internal_keyset_config_standard_use_existing_with_added_info_with_ids 5ms
engine::keyset_configuration::tests::test_new_decompression_only_unparseable_from_id 5ms
engine::keyset_configuration::tests::test_new_decompression_only_unparseable_to_id 4ms
engine::keyset_configuration::tests::test_new_use_existing_unparseable_epoch_id 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_centralized_file 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_centralized_ram 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_idempotent_file 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_idempotent_ram 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_no_legacy_file 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_no_legacy_ram 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_skips_existing_file 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_skips_existing_ram 5ms
engine::migration::tests::test_0_13_x_to_0_13_10_threshold_file 6ms
engine::migration::tests::test_0_13_x_to_0_13_10_threshold_ram 5ms
engine::migration::tests::test_after_0_13_x_centralized_file 6ms
engine::migration::tests::test_after_0_13_x_centralized_ram 4ms
engine::migration::tests::test_after_0_13_x_idempotent_file 6ms
engine::migration::tests::test_after_0_13_x_idempotent_ram 5ms
engine::migration::tests::test_after_0_13_x_no_legacy_file 5ms
engine::migration::tests::test_after_0_13_x_no_legacy_ram 4ms
engine::migration::tests::test_after_0_13_x_threshold_file 6ms
engine::migration::tests::test_after_0_13_x_threshold_ram 5ms
engine::migration::tests::test_migrate_centralized_file 6ms
engine::migration::tests::test_migrate_centralized_ram 5ms
engine::migration::tests::test_migrate_combined_prss_no_data_file 5ms
engine::migration::tests::test_migrate_combined_prss_no_data_ram 5ms
engine::migration::tests::test_migrate_combined_prss_sunshine 5ms
engine::migration::tests::test_migrate_context_idempotent 5ms
engine::migration::tests::test_migrate_context_no_legacy 5ms
engine::migration::tests::test_migrate_context_sunshine 5ms
engine::migration::tests::test_migrate_idempotent_file 5ms
engine::migration::tests::test_migrate_idempotent_ram 5ms
engine::migration::tests::test_migrate_legacy_prss_sunshine 5ms
engine::migration::tests::test_migrate_no_legacy_data_file 5ms
engine::migration::tests::test_migrate_no_legacy_data_ram 5ms
engine::migration::tests::test_migrate_prss_already_migrated_skips 5ms
engine::migration::tests::test_migrate_prss_missing_z128_errors 5ms
engine::migration::tests::test_migrate_prss_missing_z64_errors 5ms
engine::migration::tests::test_migrate_prss_no_legacy_data_errors 6ms
engine::migration::tests::test_migrate_skips_existing_file 6ms
engine::migration::tests::test_migrate_skips_existing_ram 5ms
engine::migration::tests::test_migrate_threshold_file 6ms
engine::migration::tests::test_migrate_threshold_ram 5ms
engine::migration::tests::test_migrate_to_0_13_10_centralized 5ms
engine::migration::tests::test_migrate_to_0_13_10_empty_storage 5ms
engine::migration::tests::test_migrate_to_0_13_10_threshold 5ms
engine::migration::tests::test_migrate_to_0_13_x_centralized 5ms
engine::migration::tests::test_migrate_to_0_13_x_empty_storage 5ms
engine::migration::tests::test_migrate_to_0_13_x_threshold 5ms
engine::migration::tests::test_remove_old_keys_centralized_file 6ms
engine::migration::tests::test_remove_old_keys_centralized_ram 5ms
engine::migration::tests::test_remove_old_keys_no_legacy_file 5ms
engine::migration::tests::test_remove_old_keys_no_legacy_ram 5ms
engine::migration::tests::test_remove_old_keys_skips_without_new_epoch_file 5ms
engine::migration::tests::test_remove_old_keys_skips_without_new_epoch_ram 5ms
engine::migration::tests::test_remove_old_keys_threshold_file 6ms
engine::migration::tests::test_remove_old_keys_threshold_ram 5ms
engine::threshold::service::crs_generator::tests::already_exists 6ms
engine::threshold::service::crs_generator::tests::internal_failure 5ms
engine::threshold::service::crs_generator::tests::invalid_argument 5ms
engine::threshold::service::crs_generator::tests::not_found 5ms
engine::threshold::service::crs_generator::tests::resource_exhausted 6ms
engine::threshold::service::crs_generator::tests::sunshine 51ms
engine::threshold::service::crs_generator::tests::unavailable 1m
engine::threshold::service::epoch_manager::tests::already_exists 7ms
engine::threshold::service::epoch_manager::tests::invalid_argument 6ms
engine::threshold::service::epoch_manager::tests::load_all_prss 5ms
engine::threshold::service::epoch_manager::tests::not_found 6ms
engine::threshold::service::epoch_manager::tests::prss_from_storage_test 58.4s
engine::threshold::service::epoch_manager::tests::sunshine 8ms
engine::threshold::service::epoch_manager::tests::test_destroy_epoch_not_found 6ms
engine::threshold::service::epoch_manager::tests::test_destroy_epoch_success 6ms
engine::threshold::service::epoch_manager::tests::test_resource_exhausted 6ms
engine::threshold::service::epoch_manager::tests::test_verify_epoch_info 5ms
engine::threshold::service::key_generator::tests::aborted 5ms
engine::threshold::service::key_generator::tests::already_exists 7ms
engine::threshold::service::key_generator::tests::internal 7ms
engine::threshold::service::key_generator::tests::invalid_argument 6ms
engine::threshold::service::key_generator::tests::not_found 6ms
engine::threshold::service::key_generator::tests::resource_exhausted 6ms
engine::threshold::service::key_generator::tests::sunshine 99ms
engine::threshold::service::key_generator::tests::use_existing_key_tag_with_wrong_keyset_id 8ms
engine::threshold::service::preprocessor::tests::already_exists 7ms
engine::threshold::service::preprocessor::tests::internal 7ms
engine::threshold::service::preprocessor::tests::invalid_argument 6ms
engine::threshold::service::preprocessor::tests::not_found 6ms
engine::threshold::service::preprocessor::tests::resource_exhausted 6ms
engine::threshold::service::preprocessor::tests::sunshine 864ms
engine::threshold::service::public_decryptor::tests::already_exists 77ms
engine::threshold::service::public_decryptor::tests::invalid_argument 77ms
engine::threshold::service::public_decryptor::tests::not_found 222ms
engine::threshold::service::public_decryptor::tests::sunshine 81ms
engine::threshold::service::public_decryptor::tests::test_resource_exhausted 78ms
engine::threshold::service::reshare_utils::tests::bad_digests_get_verified_public_materials 171ms
engine::threshold::service::reshare_utils::tests::bad_digests_get_verified_public_materials_compressed 243ms
engine::threshold::service::reshare_utils::tests::empty_storage_fetch_public_materials_from_peers 179ms
engine::threshold::service::reshare_utils::tests::sunshine_fetch_public_materials_from_peers 175ms
engine::threshold::service::reshare_utils::tests::sunshine_fetch_public_materials_from_peers_compressed 96ms
engine::threshold::service::reshare_utils::tests::sunshine_get_verified_public_materials 12ms
engine::threshold::service::reshare_utils::tests::sunshine_get_verified_public_materials_compressed 92ms
engine::threshold::service::reshare_utils::tests::test_find_region 6ms
engine::threshold::service::reshare_utils::tests::test_split_devnet_url 6ms
engine::threshold::service::reshare_utils::tests::wrong_digest_fetch_public_materials_from_peers 17ms
engine::threshold::service::reshare_utils::tests::wrong_digest_fetch_public_materials_from_peers_compressed 91ms
engine::threshold::service::user_decryptor::tests::already_exists 81ms
engine::threshold::service::user_decryptor::tests::invalid_argument 79ms
engine::threshold::service::user_decryptor::tests::not_found 229ms
engine::threshold::service::user_decryptor::tests::resource_exhausted 80ms
engine::threshold::service::user_decryptor::tests::sunshine 85ms
engine::utils::tests::sanity_check_crs_invalid_digest 392ms
engine::utils::tests::sanity_check_crs_legacy_readability_only 393ms
engine::utils::tests::sanity_check_crs_valid_digest 376ms
engine::utils::tests::sanity_check_current_compressed_keys_invalid_digest 85ms
engine::utils::tests::sanity_check_current_compressed_keys_valid_digests 83ms
engine::utils::tests::sanity_check_current_standard_keys_invalid_digest 10ms
engine::utils::tests::sanity_check_current_standard_keys_valid_digests 9ms
engine::utils::tests::sanity_check_legacy_metadata_readability_only 10ms
engine::utils::tests::test_metriced_error_creation 6ms
engine::utils::tests::test_metriced_error_drop_logging 5ms
engine::utils::tests::test_metriced_error_no_dropping 5ms
engine::validation_non_wasm::tests::test_max_num_bits_verification 5ms
engine::validation_non_wasm::tests::test_select_most_common_dec 5ms
engine::validation_non_wasm::tests::test_validate_new_mpc_epoch_request 5ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_meta_response 7ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_meta_response_with_eip712 6ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_req 4ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_responses 9ms
engine::validation_non_wasm::tests::test_validate_public_decrypt_responses_against_request 10ms
engine::validation_non_wasm::tests::test_validate_request_id 5ms
engine::validation_non_wasm::tests::test_validate_user_decrypt_req 6ms
engine::validation_non_wasm::tests::test_verify_user_decrypt_eip712 5ms
engine::validation_wasm::tests::test_check_ext_user_decryption_signature 8ms
engine::validation_wasm::tests::test_select_most_common_user_dec 5ms
engine::validation_wasm::tests::test_validate_user_decrypt_meta_data_and_signature 7ms
engine::validation_wasm::tests::test_validate_user_decrypt_responses 133ms
engine::validation_wasm::tests::test_validate_user_decrypt_responses_against_request 8ms
grpc::tests::regression_tests::test_request_id_compile_time_interface_stability 5ms
grpc::tests::regression_tests::test_request_id_core_structure_and_api_consistency 5ms
grpc::tests::regression_tests::test_request_id_validation_and_error_handling 5ms
grpc::tests::unit_tests::test_get_meta_store_info_with_real_stores 5ms
grpc::tests::unit_tests::test_get_meta_store_info_with_unavailable_stores 5ms
grpc::tests::unit_tests::test_list_requests_invalid_store_type 4ms
grpc::tests::unit_tests::test_list_requests_pagination 4ms
grpc::tests::unit_tests::test_list_requests_with_real_stores 5ms
grpc::tests::unit_tests::test_list_requests_with_unavailable_stores 4ms
grpc::tests::unit_tests::test_service_with_mixed_store_availability 5ms
testing::material::manager::tests::test_setup_centralized_material 12ms
testing::material::manager::tests::test_setup_threshold_material 21ms
testing::material::spec::tests::test_centralized_basic_spec 5ms
testing::material::spec::tests::test_comprehensive_spec 4ms
testing::material::spec::tests::test_key_type_covers_all_priv_data_types 5ms
testing::material::spec::tests::test_key_type_covers_all_pub_data_types 5ms
testing::material::spec::tests::test_serialization 4ms
testing::material::spec::tests::test_threshold_basic_spec 4ms
testing::material::spec::tests::test_threshold_default_no_prss_spec 5ms
testing::material::spec::tests::test_threshold_default_spec_requires_prss 4ms
testing::utils::test_purge 7ms
util::file_handling::tests::read_write_element 5ms
util::file_handling::tests::read_write_text 5ms
util::key_setup::tests::test_max_num_bits 4.2s
util::meta_store::tests::auto_remove 6ms
util::meta_store::tests::delete 6ms
util::meta_store::tests::double_insert 6ms
util::meta_store::tests::sunshine 5ms
util::meta_store::tests::test_kickout_of_errors 5ms
util::meta_store::tests::test_subscription 5.0s
util::meta_store::tests::too_many_elements 6ms
util::rate_limiter::tests::test_rate_limiting_1 6ms
util::rate_limiter::tests::test_rate_limiting_more 5ms
util::rate_limiter::tests::test_rate_limiting_refusal 6ms
util::retry::tests::fatal_loop_fails 49ms
util::retry::tests::retry_loop_fails 50ms
util::retry::tests::sunshine_fatal_loop 60ms
util::retry::tests::sunshine_retry_loop 61ms
vault::keychain::secretsharing::tests::test_encrypt_and_decrypt_roundtrip 6ms
vault::keychain::secretsharing::tests::test_new_keychain_without_pub_storage 5ms
vault::keychain::secretsharing::tests::test_operator_public_key_bytes_error 5ms
vault::keychain::secretsharing::tests::test_set_and_get_backup_enc_key 5ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_invalid_signature 6ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_no_material_is_ok 5ms
vault::keychain::secretsharing::tests::test_validate_recovery_material_valid_signature 6ms
vault::keychain::tests::test_verify_root_key_measurements 5ms
vault::storage::crypto_material::tests::read_guarded_crypto_material_from_cache_not_found 5ms
vault::storage::crypto_material::tests::read_guarded_threshold_fhe_keys_not_found 5ms
vault::storage::crypto_material::tests::read_public_key 5ms
vault::storage::crypto_material::tests::write_central_keys 12ms
vault::storage::crypto_material::tests::write_crs 385ms
vault::storage::crypto_material::tests::write_threshold_empty_update 75ms
vault::storage::crypto_material::tests::write_threshold_keys_failed_storage 75ms
vault::storage::crypto_material::tests::write_threshold_keys_meta_update 75ms
vault::storage::file::tests::storage_helper_methods::threshold_1_true 11ms
vault::storage::file::tests::storage_helper_methods::threshold_2_false 11ms
vault::storage::file::tests::test_all_data_ids_from_all_epochs_file 8ms
vault::storage::file::tests::test_data_ids_with_only_epoch_data_file 6ms
vault::storage::file::tests::test_delete_at_epoch_keeps_dir_when_not_empty 6ms
vault::storage::file::tests::test_delete_at_epoch_removes_empty_epoch_dir 6ms
vault::storage::file::tests::test_epoch_ids_with_only_non_epoch_data_file 6ms
vault::storage::file::tests::test_epoch_storage 7ms
vault::storage::file::tests::test_mixed_epoch_and_non_epoch_data_file 7ms
vault::storage::file::tests::test_overwrite_logic_files 6ms
vault::storage::file::tests::test_store_bytes_at_epoch_does_not_overwrite_file 6ms
vault::storage::file::tests::test_store_load_bytes_at_epoch_file 6ms
vault::storage::ram::tests::storage_helper_methods 5ms
vault::storage::ram::tests::test_all_data_ids_from_all_epochs_ram 5ms
vault::storage::ram::tests::test_data_ids_with_only_epoch_data_ram 5ms
vault::storage::ram::tests::test_epoch_ids_with_only_non_epoch_data_ram 5ms
vault::storage::ram::tests::test_mixed_epoch_and_non_epoch_data_ram 5ms
vault::storage::ram::tests::test_overwrite_logic_ram 5ms
vault::storage::ram::tests::test_overwrite_logic_ram_on_epoch 5ms
vault::storage::ram::tests::test_store_load_bytes_at_epoch_ram 5ms
vault::tests::regression_test_vault_data_type_serialization 5ms
client::tests::threshold::user_decryption_tests::default_user_decryption_threshold::case_1::secure_1_true 7m 32s
client::tests::threshold::user_decryption_tests::default_user_decryption_threshold::case_2::secure_1_true 28.7s
client::tests::threshold::user_decryption_tests::default_user_decryption_threshold_precompute_sns::case_1::secure_1_true 28.5s
client::tests::threshold::user_decryption_tests::default_user_decryption_threshold_with_crash::case_1::secure_1_true 28.8s
client::tests::threshold::user_decryption_tests::default_user_decryption_threshold_with_crash::case_1::secure_2_false 29.7s
test_backward_compatibility_kms_grpc 4ms
test_backward_compatibility_threshold_fhe 64ms
test_backward_compatibility_kms 584ms

🍂 No flaky tests in this run.

Github Test Reporter by CTRF 💚

🔄 This comment has been updated

dd23
dd23 reviewed Mar 25, 2026
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 26, 2026
View reviewed changes
fegmorte added 19 commits March 26, 2026 10:51
@fegmorte
fix: Fix chart version for old and new version
09e1a76
@fegmorte
fix: Fix chart version for old and new version
fe39b0d
@fegmorte
fix: fix ghcr url
d46fb86
@fegmorte
fix: fix ghcr url
6587bfe
@fegmorte
fix: fix image for upgrade and helm uninstall
b76e57b
@fegmorte
fix: fix chart version for kms version upgrade
2fc9cdf
@fegmorte
fix: fix core-client command with -a
b68afa6
@fegmorte
fix: add new workflow for rolling update
4c668c4
@fegmorte
fix: update workflow summary
74720f7
@fegmorte
fix: update workflow without -a
84e236b
@fegmorte
Merge branch 'main' into fred/ci/testing-rolling-update-mix
5ec24d1
@fegmorte
fix: try with 4 parties
14a7160
@fegmorte
Merge branch 'fred/ci/testing-rolling-update-mix' of github.com:zama-…
dc96fa7 
…ai/kms into fred/ci/testing-rolling-update-mix
@fegmorte
fix: try with 4 parties
387d0e0
@fegmorte
fix: update core-client v0.13.10-rc.2
846753a
@fegmorte
fix: update core-client v0.13.10-rc.2
f597efe
@fegmorte
fix: test with migration fix 26e1273
86c8172
@fegmorte
fix: fix zizmor and remove pr trigger
1a57a54
@fegmorte
Merge branch 'main' into fred/ci/testing-rolling-update-mix
6cf97fa
@fegmorte fegmorte marked this pull request as ready for review March 30, 2026 09:02
@fegmorte fegmorte requested a review from a team as a code owner March 30, 2026 09:02
@fegmorte fegmorte requested review from dd23 and maksymsur March 30, 2026 09:02
maksymsur
maksymsur approved these changes Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@maksymsur maksymsur left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Interesting approach

@maksymsur maksymsur requested a review from Copilot April 2, 2026 10:01
@fegmorte fegmorte merged commit 39ac602 into main Apr 2, 2026
69 checks passed
@fegmorte fegmorte deleted the fred/ci/testing-rolling-update-mix branch April 2, 2026 10:07
Copilot AI reviewed Apr 2, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a GitHub Actions workflow and supporting CI scripts to exercise mixed-version rolling upgrades for the thresholdWithEnclave KMS deployment, including per-party AWS KMS policy updates and TLS attestation compatibility.

Changes:

  • Introduce a dedicated rolling-upgrade-testing GitHub Actions workflow that deploys an all-old cluster, performs two upgrade waves (5/13 then 9/13), and runs Argo perf tests in mixed-version states.
  • Add ci/scripts/rolling_upgrade.sh plus new helper functions to update TKMS infra (per-party PCR0) and Helm-release upgrades with dual trustedReleases.
  • Update perf-testing values and workflow documentation to support the new rolling-upgrade test path.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 9 comments.

Show a summary per file
File Description
ci/scripts/rolling_upgrade.sh New script orchestrating PCR extraction + TKMS infra update + selective Helm upgrades for rolling upgrade tests.
ci/scripts/lib/kms_deployment.sh Adds upgrade_parties() to update trustedReleases cluster-wide and apply per-party tag/chart selection.
ci/scripts/lib/infrastructure.sh Adds TKMS infra upgrade helper and readiness wait for per-party key-policy reconciliation.
ci/scripts/deploy.sh Adjusts deploy logging to print TLS value.
ci/perf-testing/thresholdWithEnclave/kms-ci/kms-service/values-kms-service-init-kms-enclave-ci.yaml Adds kubeUtils image configuration needed by the perf deployment.
ci/perf-testing/thresholdWithEnclave/kms-ci/kms-service/values-kms-service-gen-keys-kms-enclave-ci.yaml Adds kubeUtils image configuration needed by the perf deployment.
ci/perf-testing/thresholdWithEnclave/kms-ci/kms-service/values-kms-enclave-ci.yaml Adds kubeUtils image configuration needed by the perf deployment.
ci/perf-testing/argo-workflow/thresholdWithEnclave-rolling-upgrade-workflow-kms-enclave-ci.yaml New Argo workflow for decrypt-only perf runs against mixed-version clusters.
.github/zizmor.yml Adds zizmor rule ignores for the new rolling-upgrade workflow lines.
.github/workflows/rolling-upgrade-testing.yml New end-to-end manual workflow to deploy, roll forward in batches, run Argo tests, collect logs, and clean up.
.github/workflows/README.md Documents the new rolling upgrade workflow and its parameters/jobs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

ci/scripts/rolling_upgrade.sh
Comment on lines +126 to +147
if ! command -v docker &> /dev/null; then
log_error "Docker is required to fetch PCR values from images"
exit 1
fi

local IMAGE_REPO="hub.zama.org/ghcr/zama-ai/kms"
local FULL_IMAGE="${IMAGE_REPO}/core-service-enclave:${tag}"

log_info "Pulling ${FULL_IMAGE}..."
docker pull "${FULL_IMAGE}" > /dev/null 2>&1 || {
log_error "Failed to pull image: ${FULL_IMAGE}"
exit 1
}

local pcr0 pcr1 pcr2
pcr0=$(docker inspect "${FULL_IMAGE}" | jq -r '.[0].Config.Labels["zama.kms.eif_pcr0"]' || echo "")
pcr1=$(docker inspect "${FULL_IMAGE}" | jq -r '.[0].Config.Labels["zama.kms.eif_pcr1"]' || echo "")
pcr2=$(docker inspect "${FULL_IMAGE}" | jq -r '.[0].Config.Labels["zama.kms.eif_pcr2"]' || echo "")

if [[ -z "${pcr0}" || "${pcr0}" == "null" ]]; then
log_error "Failed to extract PCR0 from image ${FULL_IMAGE}"
exit 1
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fetch_pcrs_for_tag relies on jq to extract PCR labels but only checks for Docker. If jq is missing (or any of the labels are absent), PCR1/PCR2 can become empty/"null" and the script will continue, leading to invalid trustedReleases/attestation config. Add an explicit jq availability check and validate all required PCRs (0/1/2) are non-empty and not "null" before proceeding.

Copilot uses AI. Check for mistakes.
ci/scripts/rolling_upgrade.sh
Comment on lines +150 to +153
eval "export ${prefix}_PCR0='${pcr0}'"
eval "export ${prefix}_PCR1='${pcr1}'"
eval "export ${prefix}_PCR2='${pcr2}'"

Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The eval "export ${prefix}_PCR*='...'" pattern is risky and unnecessary. Prefer printf -v / declare -g to assign to the dynamic variable names and then export them, which avoids eval and makes quoting rules clearer.

Suggested change
eval "export ${prefix}_PCR0='${pcr0}'"
eval "export ${prefix}_PCR1='${pcr1}'"
eval "export ${prefix}_PCR2='${pcr2}'"
local var_pcr0="${prefix}_PCR0"
local var_pcr1="${prefix}_PCR1"
local var_pcr2="${prefix}_PCR2"
printf -v "${var_pcr0}" '%s' "${pcr0}"
printf -v "${var_pcr1}" '%s' "${pcr1}"
printf -v "${var_pcr2}" '%s' "${pcr2}"
export "${var_pcr0}" "${var_pcr1}" "${var_pcr2}"

Copilot uses AI. Check for mistakes.
ci/scripts/rolling_upgrade.sh
Comment on lines +107 to +113
if [[ -z "${PARTIES_TO_UPGRADE}" ]]; then
log_error "--parties-to-upgrade is required (comma-separated party IDs)"
exit 1
fi
if [[ -z "${ALL_UPGRADED_PARTIES}" ]]; then
ALL_UPGRADED_PARTIES="${PARTIES_TO_UPGRADE}"
fi
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

--parties-to-upgrade is required, but the script never uses PARTIES_TO_UPGRADE beyond logging and defaulting --all-upgraded-parties. This is confusing for callers and makes it easy to pass inconsistent inputs. Consider either removing --parties-to-upgrade (derive it from --all-upgraded-parties), or actually use it for the delta upgrade while keeping --all-upgraded-parties for cumulative policy/TLS config.

Copilot uses AI. Check for mistakes.
ci/scripts/deploy.sh
log_info "Core Tag: ${KMS_CORE_TAG}"
log_info "Client Tag: ${KMS_CLIENT_TAG}"
log_info "TLS: ${ENABLE_TLS:-false}"
log_info "TLS: ${TLS}"
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This log prints the TLS input variable, but the actual effective deployment toggle is ENABLE_TLS (derived later in deploy_kms). Logging TLS here can be misleading when users pass --enable-tls/--disable-tls (which set ENABLE_TLS). Consider logging the resolved/active TLS setting instead (or both).

Suggested change
log_info "TLS: ${TLS}"
log_info "TLS (input): ${TLS}"
log_info "TLS (effective): ${ENABLE_TLS:-${TLS}}"

Copilot uses AI. Check for mistakes.
ci/scripts/lib/kms_deployment.sh
Comment on lines +934 to +957
# Performs a partial upgrade of KMS parties during a rolling upgrade test.
# First updates trustedReleases on ALL parties (so they accept TLS from both
# old and new versions), then upgrades only the targeted parties' image tags.
#
# Required env vars: NAMESPACE, TARGET, DEPLOYMENT_TYPE, NUM_PARTIES,
# HELM_RELEASE_PREFIX, ENABLE_TLS
# Arguments:
# $1 - new image tag for upgraded parties
# $2 - old image tag for non-upgraded parties
# $3 - comma-separated list of party IDs to upgrade (e.g. "1,2,3,4,5")
# $4 - old PCR0 value
# $5 - old PCR1 value
# $6 - old PCR2 value
# $7 - new PCR0 value
# $8 - new PCR1 value
# $9 - new PCR2 value
# $10 - old KMS chart version (for non-upgraded parties)
# $11 - new KMS chart version (for upgraded parties)
#=============================================================================
upgrade_parties() {
local new_tag="$1"
local old_tag="$2"
local parties_csv="$3"
local old_pcr0="$4"
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The function/docs say $3 is the list of party IDs to upgrade, but the implementation treats it as the full set of parties that should be on the new version (it selects party_tag/party_chart_version from that set). Please rename parties_csv (e.g., upgraded_parties_csv) and update the docstring so callers don't accidentally pass only the delta batch (which would cause previously-upgraded parties to be reverted).

Copilot uses AI. Check for mistakes.
ci/scripts/lib/kms_deployment.sh
Comment on lines +1049 to +1056
helm_upgrade_with_version "${release_name}" "${helm_chart_location}" \
"${HELM_ARGS[@]}" \
"${wait_args[@]}" &
done

log_info "Waiting for all ${NUM_PARTIES} party upgrades to complete..."
wait

Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Helm upgrades are launched in the background and then a bare wait is used. wait returns only the last job's status, so failures in earlier upgrades can be missed and the script may proceed with a partially-upgraded cluster. Track PIDs and check each exit status (or use wait -n in a loop) so any failed party upgrade fails the rolling-upgrade step.

Copilot uses AI. Check for mistakes.
ci/scripts/lib/infrastructure.sh
Comment on lines +270 to +279
IFS=',' read -ra UPGRADED_IDS <<< "${upgraded_parties_csv}"
local override_idx=0
for party_id in "${UPGRADED_IDS[@]}"; do
party_id=$(echo "${party_id}" | tr -d ' ')
OVERRIDE_ARGS+=(
--set "kmsParties.partyOverrides[${override_idx}].partyIndex=${party_id}"
--set "kmsParties.partyOverrides[${override_idx}].awsKms.recipientAttestationImageSHA384=${new_pcr0}"
)
override_idx=$((override_idx + 1))
done
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If upgraded_parties_csv contains empty entries (e.g., trailing comma or an explicitly empty input), this loop will generate partyIndex= overrides and likely make the Helm upgrade fail in a non-obvious way. Filter out empty IDs (and ideally validate they are numeric and within NUM_PARTIES) before appending to OVERRIDE_ARGS.

Copilot uses AI. Check for mistakes.
ci/scripts/lib/infrastructure.sh
kubectl wait --for=condition=ready Kmsparties "${resource_name}" \
-n "${NAMESPACE}" --timeout=300s || {
log_warn "Timeout waiting for ${resource_name}, checking status..."
kubectl get Kmsparties "${resource_name}" -n "${NAMESPACE}" -o yaml || true
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On timeout, kubectl wait failure is swallowed by the || { ... } block, so the function always continues and the rolling upgrade can proceed even though key policy reconciliation never became Ready. If the intent is to gate the rest of the workflow on policy updates, return a non-zero status after the debug dump (or re-exit 1) so CI fails fast when reconciliation doesn't complete.

Suggested change
kubectl get Kmsparties "${resource_name}" -n "${NAMESPACE}" -o yaml || true
kubectl get Kmsparties "${resource_name}" -n "${NAMESPACE}" -o yaml || true
return 1

Copilot uses AI. Check for mistakes.
.github/workflows/rolling-upgrade-testing.yml
Comment on lines +4 to +15
# Purpose
# -------
# Validates partial rolling upgrades of KMS enclave nodes (thresholdWithEnclave)
# on the aws-perf cluster (namespace kms-ci). The cluster must behave correctly
# while some parties run the old image and others the new image.
#
# What mixed-version state exercises
# ----------------------------------
# - Per-party AWS KMS key policy (recipientAttestationImageSHA384)
# - Dual trustedReleases PCR entries for TLS peer attestation
# - Per-party image tag upgrades (via ci/scripts/rolling_upgrade.sh)
#
Copy link

Copilot AI Apr 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR title mentions "kind testing", but this workflow (and the new scripts) target the aws-perf cluster via Tailscale and Argo. Either update the PR title/description to match the actual scope, or adjust the implementation if kind-based rolling upgrade testing was intended.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@maksymsur maksymsur maksymsur approved these changes

@dd23 dd23 Awaiting requested review from dd23

Assignees

No one assigned

Labels

cla-signed The CLA has been signed.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@fegmorte @dd23 @maksymsur @github-advanced-security