-
Notifications
You must be signed in to change notification settings - Fork 46
136 lines (132 loc) · 4.35 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
---
name: Build
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
jobs:
build:
name: CI with software token
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
name: [fedora, debian, centos]
compiler: [gcc, clang]
token: [softokn, softhsm]
include:
- name: fedora
container: fedora:latest
- name: debian
container: debian:sid
- name: centos
container: quay.io/centos/centos:stream9
container: ${{ matrix.container }}
steps:
- name: Install Dependencies
run: |
if [ -f /etc/redhat-release ]; then
dnf -y install git ${{ matrix.compiler }} automake libtool \
pkgconf-pkg-config autoconf-archive openssl-devel openssl \
diffutils expect valgrind
if [ "${{ matrix.token }}" = "softokn" ]; then
dnf -y install nss-softokn nss-tools nss-softokn-devel
elif [ "${{ matrix.token }}" = "softhsm" ]; then
dnf -y install softhsm opensc p11-kit-devel p11-kit-server \
gnutls-utils
fi
elif [ -f /etc/debian_version ]; then
apt-get -q update
apt-get -yq install git ${{ matrix.compiler }} make automake \
libtool pkg-config autoconf-archive libssl-dev openssl expect \
valgrind procps
if [ "${{ matrix.token }}" = "softokn" ]; then
apt-get -yq install libnss3 libnss3-tools libnss3-dev
elif [ "${{ matrix.token }}" = "softhsm" ]; then
apt-get -yq install softhsm2 opensc p11-kit libp11-kit-dev \
p11-kit-modules gnutls-bin
fi
fi
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup
run: |
autoreconf -fiv
CC=${{ matrix.compiler }} ./configure
- name: Build and Test
run: make check
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }}
path: |
tests/*.log
tests/openssl.cnf
tests/tmp.${{ matrix.token }}/p11prov-debug.log
tests/tmp.${{ matrix.token }}/testvars
config.log
- name: Run tests with valgrind
run: |
if [ "${{ matrix.compiler }}" = "gcc" ]; then
make check-valgrind-memcheck
fi
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test valgrind logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }}
path: |
tests/*.log
tests/openssl.cnf
tests/tmp.${{ matrix.token }}/p11prov-debug.log
tests/tmp.${{ matrix.token }}/testvars
config.log
build-macos:
name: CI with software token
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [macos-12]
token: [softokn, softhsm]
steps:
- name: Install Dependencies
run: |
brew update
brew install \
autoconf-archive \
automake \
libtool \
openssl@3 \
pkg-config
if [ "${{ matrix.token }}" = "softokn" ]; then
brew install nss
elif [ "${{ matrix.token }}" = "softhsm" ]; then
brew install \
opensc \
p11-kit \
softhsm
fi
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup
run: |
export PKG_CONFIG_PATH=$(brew --prefix openssl@3)/lib/pkgconfig
export PATH=$(brew --prefix openssl@3)/bin:$PATH
autoreconf -fiv
CC=clang ./configure
- name: Build and Test
run: |
export PATH=$(brew --prefix openssl@3)/bin:$PATH
make -j$(sysctl -n hw.ncpu || echo 2)
make check
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test logs on macOS-12 with ${{ matrix.token }}
path: |
tests/*.log
tests/openssl.cnf
tests/tmp.${{ matrix.token }}/p11prov-debug.log
tests/tmp.${{ matrix.token }}/testvars
config.log