Add env-setup to the dist #980
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OpenSC Tests | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| fips_ref: ${{ matrix.fips_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true ] | |
| test_opensc: | |
| runs-on: ubuntu-22.04 | |
| needs: build_wolfprovider | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 30 | |
| strategy: | |
| matrix: | |
| opensc_ref: [ '0.25.1' ] | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| replace_default: [ true ] | |
| env: | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| steps: | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Download packages from build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }} | |
| path: /tmp | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| - name: Verify wolfProvider is properly installed | |
| run: | | |
| $GITHUB_WORKSPACE/scripts/verify-install.sh \ | |
| ${{ matrix.replace_default && '--replace-default' || '' }} \ | |
| ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }} | |
| - name: Install OpenSC dependencies | |
| run: | | |
| apt-get update | |
| apt-get install -y \ | |
| autotools-dev libtool automake autoconf make pkg-config \ | |
| libeac-dev gengetopt libpcsclite-dev libreadline-dev \ | |
| zlib1g-dev docbook-xsl xsltproc pcscd softhsm2 opensc pcsc-tools \ | |
| vim libcmocka-dev libjson-c-dev libp11-dev patch | |
| - name: Download OpenSC | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: OpenSC/OpenSC | |
| ref: ${{ matrix.opensc_ref }} | |
| path: opensc | |
| fetch-depth: 1 | |
| - name: Checkout OSP | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: wolfssl/osp | |
| path: osp | |
| fetch-depth: 1 | |
| - run: | | |
| cd opensc | |
| patch -p1 < $GITHUB_WORKSPACE/osp/wolfProvider/opensc/opensc-${{ matrix.opensc_ref }}-wolfprovider.patch | |
| - name: Build OpenSC | |
| working-directory: opensc | |
| run: | | |
| # Configure with custom OpenSSL and wolfProvider | |
| ./bootstrap | |
| ./configure \ | |
| --enable-openssl \ | |
| --enable-pcsc \ | |
| --disable-doc \ | |
| --prefix=$GITHUB_WORKSPACE/opensc-install \ | |
| --with-completiondir="$GITHUB_WORKSPACE/opensc-install/share/completions" \ | |
| CFLAGS="-Wno-error" | |
| # Build OpenSC | |
| make -j$(nproc) | |
| make install | |
| - name: Run OpenSC tests | |
| working-directory: opensc | |
| shell: bash | |
| run: | | |
| set +o pipefail # ignore errors from make check | |
| export ${{ matrix.force_fail }} | |
| # Run tests and save output | |
| make check | tee opensc-test.log | |
| # Check for expected test results in the test log (18 passes, 2 expected failures, with WPFF we expect 6 failures) | |
| TEST_RESULT=$(((grep -q "# PASS: 10" opensc-test.log) && (grep -q "# PASS: 8" opensc-test.log) && (grep -q "# XFAIL: 2" opensc-test.log)) && echo "0" || echo "1") | |
| $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} opensc |