Closed
Bug 1506912
Opened 6 years ago
Closed 6 years ago
Raptor tp6 pageload on android geckoview
Categories
(Testing :: Raptor, enhancement, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: rwood, Assigned: rwood)
References
Details
(Whiteboard: [geckoview:p1])
Attachments
(2 files, 1 obsolete file)
Port raptor tp6 pageload to run on android geckoview (local android devices and in production @ bitbar). This will require: - installing CA cert into geckoview - turning on http/https proxy in geckoview - recording mobile-specific mitmproxy pagesets - playing back mitmproxy pagesets via mitmdump on the host but accessing the pages on geckoview on the mobile device via port fw - taskcluster jobs/configs
Assignee | ||
Updated•6 years ago
|
Assignee: nobody → rwood
Status: NEW → ASSIGNED
Keywords: meta
Summary: [meta] Raptor tp6 pageload on android geckoview → Raptor tp6 pageload on android geckoview
Assignee | ||
Comment 1•6 years ago
|
||
Assignee | ||
Comment 2•6 years ago
|
||
Currently Raptor uses policies to import the mitmproxy certificate into Firefox Desktop. That method is not supported on android/geckoview (see https://bugzilla.mozilla.org/show_bug.cgi?id=1485082#c24). :davidb (or other geckoview peeps) can you please tell me how I can programmatically import a security certificate into geckoview (or if that's possible?). Either that or if there's a way to bypass the security checking completely so the certificate isn't required (that's how we currently run pageload on google chrome).
Flags: needinfo?(dbolter)
Comment 3•6 years ago
|
||
James, to disable the sec in chrome Rob uses a command line argument, maybe that's a safe enough path forward for us here?
Flags: needinfo?(dbolter) → needinfo?(snorp)
We've kinda gone down this path before in bug 1197216. Dana did not seem open to adding any knobs for disabling cert checking back then. Having some sort of CA management API in GeckoView seems like a fairly large task. Dana, is there an existing easy way to add a trusted CA that we can use here?
Flags: needinfo?(snorp) → needinfo?(dkeeler)
Comment 5•6 years ago
|
||
If you know what profile directory you'll be using, you can create an NSS certificate database with the appropriate trust settings beforehand (this is what we do for other automated tests that involve Firefox and TLS). `certutil -N -d <path to profile> --empty-password` will create the necessary files (It should create "cert9.db", "key4.db", and "pkcs11.txt" in that directory. If it doesn't, prepend "sql:" to the profile path in these commands.) `certutil -A -d <path to profile> -n "some nickname" -t TC,, -a -i <path to CA.pem>` will import and trust a root certificate to issue certificates for TLS server auth (the nickname doesn't really matter, but I think it needs to be unique) The GeckoView API would need to call nsIX509CertDB.addCertFromBase64 with the contents of a PEM-encoded certificate (i.e. base64) but without the "-----BEGIN/END CERTIFICATE-----" header/footer and the trust string "TC,,".
Flags: needinfo?(dkeeler)
Comment 6•6 years ago
|
||
There's some mochitest code for certutil, if that's useful: https://dxr.mozilla.org/mozilla-central/rev/c2593a3058afdfeaac5c990e18794ee8257afe99/testing/mochitest/runtests.py#1718
:rwood is the above usable for you?
Flags: needinfo?(rwood)
Assignee | ||
Comment 8•6 years ago
|
||
(In reply to Dana Keeler [:keeler] (she/her) (use needinfo) from comment #5) Thanks Dana I'll see if I can get that to work with our automation. Question: > The GeckoView API would need to call nsIX509CertDB.addCertFromBase64 with > the contents of a PEM-encoded certificate (i.e. base64) but without the > "-----BEGIN/END CERTIFICATE-----" header/footer and the trust string "TC,,". Does that mean some work needs to be done in geckoview itself to support this method?
Flags: needinfo?(rwood)
Assignee | ||
Comment 9•6 years ago
|
||
(In reply to Geoff Brown [:gbrown] from comment #6) > There's some mochitest code for certutil, if that's useful: > > https://dxr.mozilla.org/mozilla-central/rev/ > c2593a3058afdfeaac5c990e18794ee8257afe99/testing/mochitest/runtests.py#1718 Thanks Geoff. Does certutil work on every platform? Where do you get the tool in automation, is it already installed on all the production machines? Or is it in the repo somewhere?
Flags: needinfo?(gbrown)
Assignee | ||
Updated•6 years ago
|
Flags: needinfo?(dkeeler)
Comment 10•6 years ago
|
||
certutil is included in the desktop builds' target.common.tests.tar.gz archives. For Android tests, where we need a linux certutil for the host, but we have an android build, certutil is included in the host-utils archive, downloaded from tooltool. There is a tooltool manifest at https://dxr.mozilla.org/mozilla-central/source/testing/config/tooltool-manifests/linux64/hostutils.manifest.
Flags: needinfo?(gbrown)
Comment 11•6 years ago
|
||
(In reply to Robert Wood [:rwood] from comment #8) > Does that mean some work needs to be done in geckoview itself to support > this method? Yes - I was just saying that's what such an API would do if it existed.
Flags: needinfo?(dkeeler)
Assignee | ||
Comment 12•6 years ago
|
||
(In reply to Dana Keeler [:keeler] (she/her) (use needinfo) from comment #11) > (In reply to Robert Wood [:rwood] from comment #8) > > Does that mean some work needs to be done in geckoview itself to support > > this method? > > Yes - I was just saying that's what such an API would do if it existed. Ah, ok I see, thank you!
Assignee | ||
Comment 13•6 years ago
|
||
Update: have the code working to create the cert nss db and import the mitmproxy cert, no errors (at least for me locally on OSX so far). Next issue - looks like geckoview doesn't support turning on the browser proxy (http, ssl). :snorp, do you know if the geckoview example app supports these prefs? user_pref("network.proxy.http", "127.0.0.1") user_pref("network.proxy.http_port", "8080") user_pref("network.proxy.ssl", "127.0.0.1") user_pref("network.proxy.ssl_port", "8080") It looks like the proxy may not be working - when the URL is loaded in the geckoview example app, this error appears: "BOOM! Sommething bad happened... ERROR_CATEGORY_URI: ERROR_UNKNOWN_HOST"
Flags: needinfo?(snorp)
I think those prefs should work fine. Are you forwarding port 8080 via adb?
Flags: needinfo?(snorp)
Assignee | ||
Comment 15•6 years ago
|
||
(In reply to James Willcox (:snorp) (jwillcox@mozilla.com) from comment #14) > I think those prefs should work fine. Are you forwarding port 8080 via adb? Yes, have tried both adb forward and adb reverse - because the mitmproxy server is running on the desktop host, but we want the android device to see it via the proxy. Pageload works great with live pages, but I can't seem to get the device to use mitmproxy on the host via the proxy. Still debugging more...
Assignee | ||
Comment 16•6 years ago
|
||
Ah, good news - I got it to work - adb reverse is fine - but I had the prefs wrong (quotes around the port) and some missing. Works with these: user_pref("network.proxy.type", 1); user_pref("network.proxy.http", "127.0.0.1"); user_pref("network.proxy.http_port", 8080); user_pref("network.proxy.ssl", "127.0.0.1"); user_pref("network.proxy.ssl_port", 8080); user_pref("network.proxy.no_proxies_on", "localhost, 127.0.0.1"); Loads the page into geckoview from the mitmproxy archive. The archive has the desktop site version, and the desktop page (google search) loaded entirely in geckoview. Next step is to try recording a mobile version of the page with mitmproxy and use that.
Assignee | ||
Updated•6 years ago
|
Attachment #9027250 -
Attachment is obsolete: true
Assignee | ||
Comment 17•6 years ago
|
||
Assignee | ||
Comment 18•6 years ago
|
||
(In reply to Robert Wood [:rwood] from comment #17) > Created attachment 9030544 [details] > Bug 1506912 - Raptor support for tp6 pageload on android geckoview; r?jmaher,davehunt This patch adds support to Raptor to run tp6 pageload tests on android geckoview (geckoview example app). This patch doesn't add the actual test and job configs. This patch can be landed first. - I will use follow-up patches to add the mobile recording(s) and create the actual test jobs etc. If you wish to test this patch locally: 1. Add the following test section to the raptor-tp6-1.ini [1]: [raptor-tp6-google-geckoview] page_cycles = 25 apps = geckoview test_url = https://www.google.com/search?hl=en&q=barack+obama&cad=h playback_recordings = google-search.mp measure = fnbpaint, hero, dcf, ttfi hero = hero1 2. Then with the geckoview example app loaded on your device, invoke Raptor with: ./mach raptor-test --test raptor-tp6-google-geckoview --app=geckoview --binary="org.mozilla.geckoview_example" [1] https://searchfox.org/mozilla-central/source/testing/raptor/raptor/tests/raptor-tp6-1.ini
Keywords: leave-open
Assignee | ||
Comment 19•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=246213a9a85e396503282e34866493229b67eae9
Updated•6 years ago
|
Whiteboard: [geckoview:p1]
Comment 20•6 years ago
|
||
Pushed by rwood@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/790e6f59a355 Raptor support for tp6 pageload on android geckoview; r=jmaher
Assignee | ||
Comment 21•6 years ago
|
||
Next patch will be the actual Raptor test and taskcluster configs for 'raptor-tp6m-1', which will test pageload on geckoview for: https://www.amazon.com https://www.facebook.com https://www.google.com https://www.youtube.com I have made the mitmproxy recordings for the above sites on a Google Pixel 2 using the geckoview example app. I have perms to upload to tooltool now, so I should be able to upload the recordings archive myself.
Assignee | ||
Comment 22•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e8430d6c6b4e2d8e6a3668917980445d2e0385ef
Comment 23•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/790e6f59a355
Assignee | ||
Comment 24•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=63e5c2921304c264d8ed55d2c8dd7523b9e2861b
Assignee | ||
Comment 25•6 years ago
|
||
Assignee | ||
Comment 26•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=db60eae368c2fe128fa6ebd76feb19fd2f83199b
Assignee | ||
Comment 27•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=2fc53215226b99389ed1c9eacbe5660b68b813e3
Assignee | ||
Comment 28•6 years ago
|
||
"21:44:47 INFO - raptor-mitmproxy unable to find certutil at /builds/worker/workspace/build/hostutils/host-utils-61.0a1.en-US.linux-x86_64/certutil" Hey :bc, can you pls verify that I have the correct path for the certutil binary inside the bitbar/tc image? I still can't seem to find it. Thanks!
Flags: needinfo?(bob)
Comment 29•6 years ago
|
||
With the recent update to host-utils, it is now at /builds/worker/workspace/build/hostutils/host-utils-66.0a1.en-US.linux-x86_64. That might be backed out though in Bug 1516441.
Flags: needinfo?(bob)
Assignee | ||
Comment 30•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a76c5bfa9e1bd126dc2d57e4c189e651dfe1d86e
Assignee | ||
Comment 31•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e8a7b39f89c4f267c6413033d010f35df163ece0
Assignee | ||
Comment 32•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=c40e968e18df921b44f5b3f77bdc4f86fac0d12f
Assignee | ||
Comment 33•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=0e8e3ac839234c8ca6a0c2b236ddeed4b1231053
Assignee | ||
Comment 34•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=9ffd84986fc2b47282182104842f6425f490a81d
Assignee | ||
Comment 35•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=42c5cad022de27ec547d2334827940a797b555cf
Assignee | ||
Comment 36•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=f1d7cec3e28f1e20c6f9f30d0af90aa1c96911e9
Assignee | ||
Comment 37•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=92310a1c3f5c01d09941b9b0f93050090472ce32
Assignee | ||
Updated•6 years ago
|
Priority: -- → P1
Assignee | ||
Comment 38•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=93877bdec36ccfcc44b42d5a5ddb7ff441c94503
Assignee | ||
Comment 39•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=ec313c81b30586f5bd8d026ec93671051464106f
Assignee | ||
Comment 40•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=102da2e60f0db61639da1c65c754df30ca2d30d9
Assignee | ||
Comment 41•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=28523ecc565cd78ec14d63396e15fe4ae76907fd
Assignee | ||
Comment 42•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=de346bf6226bbd8dbc1cf4952398d5515dd4bf02
Assignee | ||
Comment 43•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=cb2599bb5408dd644eb30e216415b62a2958e595
Assignee | ||
Comment 44•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=890b2e48630745cf7765b1603c6867b8261dde03
Assignee | ||
Comment 45•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=0c1e4898797669dc1772466fd7132fa9ab6e4aaa
Assignee | ||
Comment 46•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a474d5f4e24956e555382cc13bc3b158bd6f37bc
Assignee | ||
Comment 47•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=17e74ac2e61329ae58a0a631c57f04f5c3b3993f
Assignee | ||
Comment 48•6 years ago
|
||
Assignee | ||
Comment 49•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=1cf8544cbe9342572110d886b591b9a0340a5989
Assignee | ||
Comment 50•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=7102cba812bcb5e105b65987a9d187d0497bc051
Assignee | ||
Comment 51•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=066f964c970dbca6b9606585311dd020657326b2
Assignee | ||
Comment 52•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=b25fbe2f0c33d5792967402783740af9a78c4d01
Assignee | ||
Comment 53•6 years ago
|
||
Try runs of tp6m-1 with 25, 20, and 15 page-cycles:
Assignee | ||
Comment 54•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=4671e72ed8bab1383c8f6e2434158289518c365f
Assignee | ||
Comment 55•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=7f7df60539d293f31348e8be0af68c375aafa35b
Assignee | ||
Comment 56•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=6646e424e919d60796bf7dc3734936b3343c2336
Assignee | ||
Comment 57•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=4807eec065d9a3568b5790c10d23bd960021b3c2
Assignee | ||
Comment 58•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=379c80255666df5728b2ad18826306cc7a1b9405
Assignee | ||
Comment 59•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=5c5c38c70b5cec1eb782d5b85b1d016aab0709cc
Assignee | ||
Comment 60•6 years ago
|
||
https://treeherder.mozilla.org/#/jobs?repo=try&revision=e6ca3b2f9c75c9be613de0b67c5f20f4fb078a8d
Comment 61•6 years ago
|
||
Pushed by rwood@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/ef3912c3403b Raptor tp6m-1 pageload test on android geckoview; r=jmaher
Comment 62•6 years ago
|
||
bugherder |
Assignee | ||
Updated•6 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•