From cf9b9a7fec46830815d61f6306408f74f2c4c2b3 Mon Sep 17 00:00:00 2001 From: Brad Fitzpatrick Date: Wed, 20 Apr 2022 12:14:45 -0700 Subject: [PATCH] tstest/iosdeps: add test for forbidden iOS dependencies Fixes #4463 Change-Id: I8305710e8a075263ae9a88a29624b19032d5beeb Signed-off-by: Brad Fitzpatrick --- tstest/iosdeps/iosdeps.go | 62 ++++++++++++++++++++++++++++++++++ tstest/iosdeps/iosdeps_test.go | 42 +++++++++++++++++++++++ 2 files changed, 104 insertions(+) create mode 100644 tstest/iosdeps/iosdeps.go create mode 100644 tstest/iosdeps/iosdeps_test.go diff --git a/tstest/iosdeps/iosdeps.go b/tstest/iosdeps/iosdeps.go new file mode 100644 index 000000000..1776391fa --- /dev/null +++ b/tstest/iosdeps/iosdeps.go @@ -0,0 +1,62 @@ +// Copyright (c) 2022 Tailscale Inc & AUTHORS All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package iosdeps is a just a list of the packages we import on iOS, to let us +// test that our transitive closure of dependencies on iOS doesn't accidentally +// grow too large, as we've historically been memory constrained there. +package iosdeps + +import ( + _ "bufio" + _ "bytes" + _ "context" + _ "crypto/rand" + _ "crypto/sha256" + _ "encoding/json" + _ "errors" + _ "fmt" + _ "io" + _ "io/fs" + _ "io/ioutil" + _ "log" + _ "math" + _ "net" + _ "net/http" + _ "os" + _ "os/signal" + _ "path/filepath" + _ "runtime" + _ "runtime/debug" + _ "strings" + _ "sync" + _ "sync/atomic" + _ "syscall" + _ "time" + _ "unsafe" + + _ "go4.org/mem" + _ "golang.org/x/sys/unix" + _ "golang.zx2c4.com/wireguard/device" + _ "golang.zx2c4.com/wireguard/tun" + _ "inet.af/netaddr" + _ "tailscale.com/hostinfo" + _ "tailscale.com/ipn" + _ "tailscale.com/ipn/ipnlocal" + _ "tailscale.com/ipn/localapi" + _ "tailscale.com/log/logheap" + _ "tailscale.com/logtail" + _ "tailscale.com/logtail/filch" + _ "tailscale.com/net/dns" + _ "tailscale.com/net/tsdial" + _ "tailscale.com/net/tstun" + _ "tailscale.com/paths" + _ "tailscale.com/tempfork/pprof" + _ "tailscale.com/types/empty" + _ "tailscale.com/types/logger" + _ "tailscale.com/util/clientmetric" + _ "tailscale.com/util/dnsname" + _ "tailscale.com/version" + _ "tailscale.com/wgengine" + _ "tailscale.com/wgengine/router" +) diff --git a/tstest/iosdeps/iosdeps_test.go b/tstest/iosdeps/iosdeps_test.go new file mode 100644 index 000000000..7a3bc0cf3 --- /dev/null +++ b/tstest/iosdeps/iosdeps_test.go @@ -0,0 +1,42 @@ +// Copyright (c) 2022 Tailscale Inc & AUTHORS All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// No need to run this on Windows where CI's slow enough. Then we don't need to +// worry about "go.exe" etc. + +//go:build !windows +// +build !windows + +package iosdeps + +import ( + "encoding/json" + "os" + "os/exec" + "path/filepath" + "runtime" + "testing" +) + +func TestDeps(t *testing.T) { + cmd := exec.Command(filepath.Join(runtime.GOROOT(), "bin", "go"), "list", "-json", ".") + cmd.Env = append(os.Environ(), "GOOS=ios", "GOARCH=arm64") + out, err := cmd.Output() + if err != nil { + t.Fatal(err) + } + var res struct { + Deps []string + } + if err := json.Unmarshal(out, &res); err != nil { + t.Fatal(err) + } + for _, dep := range res.Deps { + switch dep { + case "regexp", "regexp/syntax", "text/template", "html/template": + t.Errorf("package %q is not allowed as a dependency on iOS", dep) + } + } + t.Logf("got %d dependencies", len(res.Deps)) +}