-
Notifications
You must be signed in to change notification settings - Fork 32
120 lines (106 loc) · 4.06 KB
/
curl.yml
File metadata and controls
120 lines (106 loc) · 4.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
name: Curl Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfprovider:
uses: ./.github/workflows/build-wolfprovider.yml
with:
wolfssl_ref: ${{ matrix.wolfssl_ref }}
openssl_ref: ${{ matrix.openssl_ref }}
fips_ref: ${{ matrix.fips_ref }}
replace_default: ${{ matrix.replace_default }}
strategy:
matrix:
wolfssl_ref: [ 'v5.8.4-stable' ]
openssl_ref: [ 'openssl-3.5.4' ]
fips_ref: [ 'FIPS', 'non-FIPS' ]
replace_default: [ true ]
test_curl:
runs-on: ubuntu-22.04
needs: build_wolfprovider
container:
image: debian:bookworm
env:
DEBIAN_FRONTEND: noninteractive
# This should be a safe limit for the tests to run.
timeout-minutes: 20
strategy:
matrix:
curl_ref: [ 'curl-8_4_0', 'curl-7_88_1' ]
wolfssl_ref: [ 'v5.8.4-stable' ]
openssl_ref: [ 'openssl-3.5.4' ]
fips_ref: [ 'FIPS', 'non-FIPS' ]
force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
replace_default: [ true ]
env:
WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages
OPENSSL_PACKAGES_PATH: /tmp/openssl-packages
WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages
steps:
- name: Checkout wolfProvider
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Download packages from build job
uses: actions/download-artifact@v4
with:
name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}
path: /tmp
- name: Install wolfSSL/OpenSSL/wolfprov packages
run: |
apt install --reinstall -y --allow-downgrades --allow-change-held-packages \
${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb
apt install --reinstall -y --allow-downgrades --allow-change-held-packages \
${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \
${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \
${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb
apt install --reinstall -y --allow-downgrades --allow-change-held-packages \
${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb
- name: Verify wolfProvider is properly installed
run: |
$GITHUB_WORKSPACE/scripts/verify-install.sh \
${{ matrix.replace_default && '--replace-default' || '' }} \
${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }}
- name: Install dependencies
run: |
apt-get update
apt-get install -y nghttp2 libpsl5 libpsl-dev python3-impacket \
build-essential autoconf automake libtool
- name: Build curl
uses: wolfSSL/actions-build-autotools-project@v1
with:
repository: curl/curl
path: curl
ref: ${{ matrix.curl_ref }}
configure: --with-openssl
check: false
- name: Generate certificates for curl master force-fail tests
run: |
if [ "${{ matrix.force_fail }}" = "WOLFPROV_FORCE_FAIL=1" ] &&
[ "${{ matrix.curl_ref }}" = "master" ]; then
cd curl/tests/certs
make test-ca.cacert
cd ../..
fi
- name: Test curl with wolfProvider
working-directory: curl
shell: bash
run: |
set +o pipefail # ignore errors from make check
export ${{ matrix.force_fail }}
export CURL_REF=${{ matrix.curl_ref }}
# Tests rely on $USER being set
export USER=testuser
# Run tests and save output to test.log
make -j$(nproc) test-ci 2>&1 | tee curl-test.log
# Capture the test result using PIPESTATUS (Bash only)
TEST_RESULT=${PIPESTATUS[0]}
$GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} curl