-
Notifications
You must be signed in to change notification settings - Fork 47
136 lines (131 loc) · 4.6 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
---
name: Build
on:
push:
branches: ["main"]
pull_request:
branches: ["main"]
jobs:
build:
name: CI with software token
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
name: [fedora, debian, centos]
compiler: [gcc, clang]
token: [softokn, softhsm]
include:
- name: fedora
container: fedora:latest
- name: debian
container: debian:sid
- name: centos
container: quay.io/centos/centos:stream9
container: ${{ matrix.container }}
steps:
- name: Install Dependencies
run: |
if [ "${{ matrix.name }}" = centos ]; then
dnf_opts="--enablerepo=crb"
fi
if [ -f /etc/redhat-release ]; then
dnf -y install $dnf_opts \
git ${{ matrix.compiler }} meson \
pkgconf-pkg-config openssl-devel openssl \
diffutils expect valgrind
if [ "${{ matrix.token }}" = "softokn" ]; then
dnf -y install nss-softokn nss-tools nss-softokn-devel
elif [ "${{ matrix.token }}" = "softhsm" ]; then
dnf -y install softhsm opensc p11-kit-devel p11-kit-server \
gnutls-utils
fi
elif [ -f /etc/debian_version ]; then
apt-get -q update
apt-get -yq install git ${{ matrix.compiler }} meson \
pkg-config libssl-dev openssl expect \
valgrind procps
if [ "${{ matrix.token }}" = "softokn" ]; then
apt-get -yq install libnss3 libnss3-tools libnss3-dev
elif [ "${{ matrix.token }}" = "softhsm" ]; then
apt-get -yq install softhsm2 opensc p11-kit libp11-kit-dev \
p11-kit-modules gnutls-bin
fi
fi
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup
run: |
CC=${{ matrix.compiler }} meson setup builddir
- name: Build and Test
run: |
meson compile -C builddir
meson test --num-processes 1 -C builddir
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }}
path: |
builddir/meson-logs/
builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log
builddir/tests/tmp.${{ matrix.token }}/testvars
builddir/tests/tmp.${{ matrix.token }}/openssl.cnf
- name: Run tests with valgrind
run: |
if [ "${{ matrix.compiler }}" = "gcc" ]; then
meson test --num-processes 1 -C builddir --setup=valgrind
fi
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test valgrind logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }}
path: |
builddir/meson-logs/
builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log
builddir/tests/tmp.${{ matrix.token }}/testvars
builddir/tests/tmp.${{ matrix.token }}/openssl.cnf
build-macos:
name: CI with software token
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [macos-14]
token: [softokn, softhsm]
steps:
- name: Install Dependencies
run: |
brew update
brew install \
meson \
openssl@3 \
pkg-config
if [ "${{ matrix.token }}" = "softokn" ]; then
brew install nss
elif [ "${{ matrix.token }}" = "softhsm" ]; then
brew install \
opensc \
p11-kit \
softhsm
fi
- name: Checkout Repository
uses: actions/checkout@v4
- name: Setup
run: |
export PKG_CONFIG_PATH=$(brew --prefix openssl@3)/lib/pkgconfig
export PATH=$(brew --prefix openssl@3)/bin:$PATH
CC=clang meson setup builddir
- name: Build and Test
run: |
export PATH=$(brew --prefix openssl@3)/bin:$PATH
meson compile -j$(sysctl -n hw.ncpu || echo 2) -C builddir
meson test --num-processes 1 -C builddir
- uses: actions/upload-artifact@v3
if: failure()
with:
name: Test logs on macOS-12 with ${{ matrix.token }}
path: |
builddir/meson-logs/*
builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log
builddir/tests/tmp.${{ matrix.token }}/testvars
builddir/tests/tmp.${{ matrix.token }}/openssl.cnf