]>
Commit | Line | Data |
---|---|---|
da1c088f | 1 | # Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved. |
08d8c2d8 P |
2 | # |
3 | # Licensed under the Apache License 2.0 (the "License"). You may not use | |
4 | # this file except in compliance with the License. You can obtain a copy | |
5 | # in the file LICENSE in the source distribution or at | |
6 | # https://www.openssl.org/source/license.html | |
7 | ||
9524a308 MC |
8 | name: GitHub CI |
9 | ||
4159ebca | 10 | on: [pull_request, push] |
9524a308 | 11 | |
ae290d8f DDO |
12 | # for some reason, this does not work: |
13 | # variables: | |
14 | # BUILDOPTS: "-j4" | |
15 | # HARNESS_JOBS: "${HARNESS_JOBS:-4}" | |
16 | ||
17 | # for some reason, this does not work: | |
18 | # before_script: | |
19 | # - make="make -s" | |
20 | ||
c6e7f427 VS |
21 | permissions: |
22 | contents: read | |
23 | ||
1a74f32d | 24 | env: |
d1fe5738 | 25 | OSSL_RUN_CI_TESTS: 1 |
1a74f32d | 26 | |
9524a308 | 27 | jobs: |
8175476b | 28 | check_update: |
834a2d70 | 29 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
8175476b | 30 | steps: |
49f699b5 RL |
31 | - name: install unifdef |
32 | run: | | |
33 | sudo apt-get update | |
34 | sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install unifdef | |
d4231af6 | 35 | - uses: actions/checkout@v4 |
fd84b9c3 BE |
36 | with: |
37 | fetch-depth: 0 | |
8175476b | 38 | - name: config |
8a764202 | 39 | run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump |
8175476b RL |
40 | - name: make build_generated |
41 | run: make -s build_generated | |
42 | - name: make update | |
f97bc7c4 | 43 | run: make update |
8175476b RL |
44 | - name: git diff |
45 | run: git diff --exit-code | |
46 | ||
47 | check_docs: | |
834a2d70 | 48 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
8175476b | 49 | steps: |
d4231af6 | 50 | - uses: actions/checkout@v4 |
8175476b | 51 | - name: config |
8a764202 | 52 | run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump |
8175476b RL |
53 | - name: make build_generated |
54 | run: make -s build_generated | |
5bac37cb DDO |
55 | - name: make doc-nits |
56 | run: make doc-nits | |
d1080823 TS |
57 | - name: make help |
58 | run: make help | |
43c2456f RS |
59 | - name: make md-nits |
60 | run: | | |
61 | sudo gem install mdl | |
62 | make md-nits | |
8175476b | 63 | |
a350e3ef RL |
64 | # This checks that we use ANSI C language syntax and semantics. |
65 | # We are not as strict with libraries, but rather adapt to what's | |
66 | # expected to be available in a certain version of each platform. | |
67 | check-ansi: | |
834a2d70 | 68 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
a350e3ef | 69 | steps: |
d4231af6 | 70 | - uses: actions/checkout@v4 |
a350e3ef | 71 | - name: config |
8a764202 | 72 | run: CPPFLAGS=-ansi ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump |
a350e3ef RL |
73 | - name: make |
74 | run: make -s -j4 | |
75 | ||
9524a308 | 76 | basic_gcc: |
834a2d70 | 77 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 78 | steps: |
d4231af6 | 79 | - uses: actions/checkout@v4 |
1ac0464d TM |
80 | - name: checkout fuzz/corpora submodule |
81 | run: git submodule update --init --depth 1 fuzz/corpora | |
c29cf394 DB |
82 | - name: localegen |
83 | run: sudo locale-gen tr_TR.UTF-8 | |
9524a308 | 84 | - name: config |
8a764202 | 85 | # enable-quic is on by default, but we leave it here to check we're testing the explicit enable somewhere |
e98940d6 | 86 | run: CC=gcc ./config --banner=Configured enable-fips enable-quic --strict-warnings && perl configdata.pm --dump |
9524a308 | 87 | - name: make |
ae290d8f | 88 | run: make -s -j4 |
2d374e1c DM |
89 | - name: get cpu info |
90 | run: | | |
91 | cat /proc/cpuinfo | |
92 | ./util/opensslwrap.sh version -c | |
9524a308 | 93 | - name: make test |
f2db7096 HL |
94 | run: .github/workflows/make-test |
95 | - name: save artifacts | |
96 | uses: actions/upload-artifact@v4 | |
97 | with: | |
98 | name: "ci@basic-gcc" | |
99 | path: artifacts/ | |
9524a308 MC |
100 | |
101 | basic_clang: | |
834a2d70 | 102 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 103 | steps: |
d4231af6 | 104 | - uses: actions/checkout@v4 |
1ac0464d TM |
105 | - name: checkout fuzz/corpora submodule |
106 | run: git submodule update --init --depth 1 fuzz/corpora | |
9524a308 | 107 | - name: config |
e98940d6 | 108 | run: CC=clang ./config --banner=Configured no-fips --strict-warnings && perl configdata.pm --dump |
9524a308 | 109 | - name: make |
ae290d8f | 110 | run: make -s -j4 |
2d374e1c DM |
111 | - name: get cpu info |
112 | run: | | |
113 | cat /proc/cpuinfo | |
114 | ./util/opensslwrap.sh version -c | |
9524a308 | 115 | - name: make test |
f2db7096 HL |
116 | run: .github/workflows/make-test |
117 | - name: save artifacts | |
118 | uses: actions/upload-artifact@v4 | |
119 | with: | |
120 | name: "ci@basic-clang" | |
121 | path: artifacts/ | |
9524a308 | 122 | |
6b7a11d8 | 123 | self-hosted: |
74fd6823 | 124 | if: github.repository == 'openssl/openssl' |
6b7a11d8 DM |
125 | strategy: |
126 | matrix: | |
127 | os: [freebsd-13.2, ubuntu-arm64-22.04] | |
128 | runs-on: ${{ matrix.os }}-self-hosted | |
129 | continue-on-error: true | |
130 | steps: | |
131 | - uses: actions/checkout@v4 | |
132 | - name: config | |
e98940d6 | 133 | run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace |
6b7a11d8 DM |
134 | - name: config dump |
135 | run: ./configdata.pm --dump | |
136 | - name: make | |
137 | run: make -j4 | |
138 | - name: get cpu info | |
139 | run: ./util/opensslwrap.sh version -c | |
140 | - name: make test | |
f2db7096 HL |
141 | run: .github/workflows/make-test |
142 | - name: save artifacts | |
143 | uses: actions/upload-artifact@v4 | |
144 | with: | |
9abcf116 | 145 | name: "ci@self-hosted-${{ matrix.os }}" |
f2db7096 | 146 | path: artifacts/ |
6b7a11d8 | 147 | |
9524a308 | 148 | minimal: |
834a2d70 | 149 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 150 | steps: |
d4231af6 | 151 | - uses: actions/checkout@v4 |
1ac0464d TM |
152 | - name: checkout fuzz/corpora submodule |
153 | run: git submodule update --init --depth 1 fuzz/corpora | |
9524a308 | 154 | - name: config |
e98940d6 | 155 | run: ./config --banner=Configured --strict-warnings no-bulk no-pic no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump |
9524a308 | 156 | - name: make |
d0196ddc | 157 | run: make -j4 # verbose, so no -s here |
2d374e1c DM |
158 | - name: get cpu info |
159 | run: | | |
160 | cat /proc/cpuinfo | |
161 | ./util/opensslwrap.sh version -c | |
9524a308 | 162 | - name: make test |
f2db7096 HL |
163 | run: .github/workflows/make-test |
164 | - name: save artifacts | |
165 | uses: actions/upload-artifact@v4 | |
166 | with: | |
167 | name: "ci@minimal" | |
168 | path: artifacts/ | |
169 | if-no-files-found: ignore | |
9524a308 | 170 | |
e3577add | 171 | no-deprecated: |
834a2d70 | 172 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
e3577add | 173 | steps: |
d4231af6 | 174 | - uses: actions/checkout@v4 |
1ac0464d TM |
175 | - name: checkout fuzz/corpora submodule |
176 | run: git submodule update --init --depth 1 fuzz/corpora | |
e3577add | 177 | - name: config |
e98940d6 | 178 | run: ./config --banner=Configured --strict-warnings no-deprecated enable-fips && perl configdata.pm --dump |
e3577add RL |
179 | - name: make |
180 | run: make -s -j4 | |
2d374e1c DM |
181 | - name: get cpu info |
182 | run: | | |
183 | cat /proc/cpuinfo | |
184 | ./util/opensslwrap.sh version -c | |
e3577add | 185 | - name: make test |
f2db7096 HL |
186 | run: .github/workflows/make-test |
187 | - name: save artifacts | |
188 | uses: actions/upload-artifact@v4 | |
189 | with: | |
190 | name: "ci@no-deprecated" | |
191 | path: artifacts/ | |
e3577add | 192 | |
834a2d70 DM |
193 | no-shared-ubuntu: |
194 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} | |
4a95b70d | 195 | steps: |
d4231af6 | 196 | - uses: actions/checkout@v4 |
1ac0464d TM |
197 | - name: checkout fuzz/corpora submodule |
198 | run: git submodule update --init --depth 1 fuzz/corpora | |
4a95b70d | 199 | - name: config |
e98940d6 | 200 | run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump |
4a95b70d RL |
201 | - name: make |
202 | run: make -s -j4 | |
2d374e1c | 203 | - name: get cpu info |
834a2d70 DM |
204 | run: | |
205 | cat /proc/cpuinfo | |
206 | ./util/opensslwrap.sh version -c | |
207 | - name: make test | |
f2db7096 HL |
208 | run: .github/workflows/make-test |
209 | - name: save artifacts | |
210 | uses: actions/upload-artifact@v4 | |
211 | with: | |
212 | name: "ci@no-shared-ubuntu" | |
213 | path: artifacts/ | |
834a2d70 DM |
214 | |
215 | no-shared-macos: | |
ada9d8c7 DM |
216 | strategy: |
217 | fail-fast: false | |
218 | matrix: | |
219 | os: [macos-13, macos-14] | |
834a2d70 | 220 | if: github.server_url == 'https://github.com' |
ada9d8c7 | 221 | runs-on: ${{ matrix.os }} |
834a2d70 DM |
222 | steps: |
223 | - uses: actions/checkout@v4 | |
224 | - name: checkout fuzz/corpora submodule | |
225 | run: git submodule update --init --depth 1 fuzz/corpora | |
226 | - name: config | |
e98940d6 | 227 | run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump |
834a2d70 DM |
228 | - name: make |
229 | run: make -s -j4 | |
230 | - name: get cpu info | |
231 | run: | | |
232 | sysctl machdep.cpu | |
233 | ./util/opensslwrap.sh version -c | |
4a95b70d | 234 | - name: make test |
f2db7096 HL |
235 | run: .github/workflows/make-test |
236 | - name: save artifacts | |
237 | uses: actions/upload-artifact@v4 | |
238 | with: | |
239 | name: "ci@no-shared-macos" | |
240 | path: artifacts/ | |
4a95b70d | 241 | |
499f2ae9 | 242 | non-caching: |
834a2d70 | 243 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
499f2ae9 | 244 | steps: |
d4231af6 | 245 | - uses: actions/checkout@v4 |
1ac0464d TM |
246 | - name: checkout fuzz/corpora submodule |
247 | run: git submodule update --init --depth 1 fuzz/corpora | |
37cd49f5 NH |
248 | - name: Adjust ASLR for sanitizer |
249 | run: | | |
250 | sudo cat /proc/sys/vm/mmap_rnd_bits | |
251 | sudo sysctl -w vm.mmap_rnd_bits=28 | |
499f2ae9 | 252 | - name: config |
e98940d6 | 253 | run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump |
499f2ae9 P |
254 | - name: make |
255 | run: make -s -j4 | |
2d374e1c DM |
256 | - name: get cpu info |
257 | run: | | |
258 | cat /proc/cpuinfo | |
259 | ./util/opensslwrap.sh version -c | |
499f2ae9 | 260 | - name: make test |
f2db7096 HL |
261 | run: .github/workflows/make-test OPENSSL_TEST_RAND_ORDER=0 TESTS="-test_fuzz* -test_ssl_* -test_sslapi -test_evp -test_cmp_http -test_verify -test_cms -test_store -test_enc -[01][0-9]" |
262 | - name: save artifacts | |
263 | uses: actions/upload-artifact@v4 | |
264 | with: | |
265 | name: "ci@non-caching" | |
266 | path: artifacts/ | |
499f2ae9 | 267 | |
a5a4dac9 | 268 | address_ub_sanitizer: |
834a2d70 | 269 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 270 | steps: |
d4231af6 | 271 | - uses: actions/checkout@v4 |
1ac0464d TM |
272 | - name: checkout fuzz/corpora submodule |
273 | run: git submodule update --init --depth 1 fuzz/corpora | |
37cd49f5 NH |
274 | - name: Adjust ASLR for sanitizer |
275 | run: | | |
276 | sudo cat /proc/sys/vm/mmap_rnd_bits | |
277 | sudo sysctl -w vm.mmap_rnd_bits=28 | |
9524a308 | 278 | - name: config |
e98940d6 | 279 | run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump |
9524a308 | 280 | - name: make |
ae290d8f | 281 | run: make -s -j4 |
2d374e1c DM |
282 | - name: get cpu info |
283 | run: | | |
284 | cat /proc/cpuinfo | |
285 | ./util/opensslwrap.sh version -c | |
9524a308 | 286 | - name: make test |
f2db7096 HL |
287 | run: .github/workflows/make-test OPENSSL_TEST_RAND_ORDER=0 |
288 | - name: save artifacts | |
289 | uses: actions/upload-artifact@v4 | |
290 | with: | |
291 | name: "ci@address_ub_sanitizer" | |
292 | path: artifacts/ | |
9524a308 | 293 | |
27d88270 | 294 | fuzz_tests: |
834a2d70 | 295 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
27d88270 MC |
296 | steps: |
297 | - uses: actions/checkout@v4 | |
298 | - name: checkout fuzz/corpora submodule | |
299 | run: git submodule update --init --depth 1 fuzz/corpora | |
37cd49f5 NH |
300 | - name: Adjust ASLR for sanitizer |
301 | run: | | |
302 | sudo cat /proc/sys/vm/mmap_rnd_bits | |
303 | sudo sysctl -w vm.mmap_rnd_bits=28 | |
27d88270 | 304 | - name: config |
e98940d6 | 305 | run: ./config --banner=Configured --debug -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-weak-ssl-ciphers enable-ssl3 enable-ssl3-method enable-nextprotoneg && perl configdata.pm --dump |
27d88270 MC |
306 | - name: make |
307 | run: make -s -j4 | |
308 | - name: get cpu info | |
309 | run: | | |
310 | cat /proc/cpuinfo | |
311 | ./util/opensslwrap.sh version -c | |
312 | - name: make test | |
f2db7096 HL |
313 | run: .github/workflows/make-test OPENSSL_TEST_RAND_ORDER=0 TESTS="test_fuzz*" |
314 | - name: save artifacts | |
315 | uses: actions/upload-artifact@v4 | |
316 | with: | |
317 | name: "ci@fuzz_tests" | |
318 | path: artifacts/ | |
319 | if-no-files-found: ignore | |
27d88270 | 320 | |
a5a4dac9 | 321 | memory_sanitizer: |
834a2d70 | 322 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
a5a4dac9 | 323 | steps: |
d4231af6 | 324 | - uses: actions/checkout@v4 |
1ac0464d TM |
325 | - name: checkout fuzz/corpora submodule |
326 | run: git submodule update --init --depth 1 fuzz/corpora | |
37cd49f5 NH |
327 | - name: Adjust ASLR for sanitizer |
328 | run: | | |
329 | sudo cat /proc/sys/vm/mmap_rnd_bits | |
330 | sudo sysctl -w vm.mmap_rnd_bits=28 | |
a5a4dac9 P |
331 | - name: config |
332 | # --debug -O1 is to produce a debug build that runs in a reasonable amount of time | |
e98940d6 | 333 | run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump |
a5a4dac9 P |
334 | - name: make |
335 | run: make -s -j4 | |
2d374e1c DM |
336 | - name: get cpu info |
337 | run: | | |
338 | cat /proc/cpuinfo | |
339 | ./util/opensslwrap.sh version -c | |
a5a4dac9 | 340 | - name: make test |
f2db7096 HL |
341 | run: .github/workflows/make-test OPENSSL_TEST_RAND_ORDER=0 |
342 | - name: save artifacts | |
343 | uses: actions/upload-artifact@v4 | |
344 | with: | |
345 | name: "ci@memory_sanitizer" | |
346 | path: artifacts/ | |
a5a4dac9 | 347 | |
f94a9169 | 348 | threads_sanitizer: |
834a2d70 | 349 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
f94a9169 | 350 | steps: |
d4231af6 | 351 | - uses: actions/checkout@v4 |
1ac0464d TM |
352 | - name: checkout fuzz/corpora submodule |
353 | run: git submodule update --init --depth 1 fuzz/corpora | |
37cd49f5 NH |
354 | - name: Adjust ASLR for sanitizer |
355 | run: | | |
356 | sudo cat /proc/sys/vm/mmap_rnd_bits | |
357 | sudo sysctl -w vm.mmap_rnd_bits=28 | |
f94a9169 | 358 | - name: config |
e98940d6 | 359 | run: CC=clang ./config --banner=Configured no-fips --strict-warnings -fsanitize=thread && perl configdata.pm --dump |
f94a9169 MC |
360 | - name: make |
361 | run: make -s -j4 | |
2d374e1c DM |
362 | - name: get cpu info |
363 | run: | | |
364 | cat /proc/cpuinfo | |
365 | ./util/opensslwrap.sh version -c | |
f94a9169 | 366 | - name: make test |
f2db7096 HL |
367 | run: .github/workflows/make-test V=1 TESTS="test_threads test_internal_provider test_provfetch test_provider test_pbe test_evp_kdf test_pkcs12 test_store test_evp test_quic*" |
368 | - name: save artifacts | |
369 | uses: actions/upload-artifact@v4 | |
370 | with: | |
371 | name: "ci@threads_sanitizer" | |
372 | path: artifacts/ | |
f94a9169 | 373 | |
9524a308 | 374 | enable_non-default_options: |
834a2d70 | 375 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 376 | steps: |
d4231af6 | 377 | - uses: actions/checkout@v4 |
1ac0464d TM |
378 | - name: checkout fuzz/corpora submodule |
379 | run: git submodule update --init --depth 1 fuzz/corpora | |
c9eb4598 TM |
380 | - name: modprobe tls |
381 | run: sudo modprobe tls | |
9524a308 | 382 | - name: config |
e98940d6 | 383 | run: ./config --banner=Configured --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-egd enable-ktls enable-fips no-threads && perl configdata.pm --dump |
9524a308 | 384 | - name: make |
ae290d8f | 385 | run: make -s -j4 |
2d374e1c DM |
386 | - name: get cpu info |
387 | run: | | |
388 | cat /proc/cpuinfo | |
389 | ./util/opensslwrap.sh version -c | |
9524a308 | 390 | - name: make test |
f2db7096 HL |
391 | run: .github/workflows/make-test |
392 | - name: save artifacts | |
393 | uses: actions/upload-artifact@v4 | |
394 | with: | |
395 | name: "ci@enable_non-default_options" | |
396 | path: artifacts/ | |
9524a308 | 397 | |
5cd00422 | 398 | full_featured: |
834a2d70 | 399 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
a5d8a2f8 | 400 | steps: |
d4231af6 | 401 | - uses: actions/checkout@v4 |
1ac0464d TM |
402 | - name: checkout fuzz/corpora submodule |
403 | run: git submodule update --init --depth 1 fuzz/corpora | |
a5d8a2f8 DB |
404 | - name: modprobe tls |
405 | run: sudo modprobe tls | |
4ede274c NH |
406 | - name: Enable sctp |
407 | run: sudo modprobe sctp | |
408 | - name: Enable auth in sctp | |
409 | run: sudo sysctl -w net.sctp.auth_enable=1 | |
410 | - name: install extra config support | |
411 | run: sudo apt-get -y install libsctp-dev abigail-tools libzstd-dev zstd | |
a5d8a2f8 | 412 | - name: config |
e98940d6 | 413 | run: ./config --banner=Configured --strict-warnings enable-ktls enable-fips enable-egd enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-sctp enable-ssl3 enable-ssl3-method enable-trace enable-zlib enable-zstd && perl configdata.pm --dump |
a5d8a2f8 DB |
414 | - name: make |
415 | run: make -s -j4 | |
2d374e1c DM |
416 | - name: get cpu info |
417 | run: | | |
418 | cat /proc/cpuinfo | |
419 | ./util/opensslwrap.sh version -c | |
a5d8a2f8 | 420 | - name: make test |
f2db7096 HL |
421 | run: .github/workflows/make-test |
422 | - name: save artifacts | |
423 | uses: actions/upload-artifact@v4 | |
424 | with: | |
425 | name: "ci@full_featured" | |
426 | path: artifacts/ | |
a5d8a2f8 | 427 | |
11c7874d | 428 | no-legacy: |
834a2d70 | 429 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
11c7874d | 430 | steps: |
d4231af6 | 431 | - uses: actions/checkout@v4 |
1ac0464d TM |
432 | - name: checkout fuzz/corpora submodule |
433 | run: git submodule update --init --depth 1 fuzz/corpora | |
11c7874d | 434 | - name: config |
e98940d6 | 435 | run: ./config --banner=Configured --strict-warnings no-legacy enable-fips && perl configdata.pm --dump |
11c7874d P |
436 | - name: make |
437 | run: make -s -j4 | |
2d374e1c DM |
438 | - name: get cpu info |
439 | run: | | |
440 | cat /proc/cpuinfo | |
441 | ./util/opensslwrap.sh version -c | |
11c7874d | 442 | - name: make test |
f2db7096 HL |
443 | run: .github/workflows/make-test |
444 | - name: save artifacts | |
445 | uses: actions/upload-artifact@v4 | |
446 | with: | |
447 | name: "ci@no-legacy" | |
448 | path: artifacts/ | |
11c7874d | 449 | |
a67c7010 | 450 | legacy: |
834a2d70 | 451 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
9524a308 | 452 | steps: |
d4231af6 | 453 | - uses: actions/checkout@v4 |
1ac0464d TM |
454 | - name: checkout fuzz/corpora submodule |
455 | run: git submodule update --init --depth 1 fuzz/corpora | |
9524a308 | 456 | - name: config |
e98940d6 | 457 | run: ./config --banner=Configured -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-fips && perl configdata.pm --dump |
9524a308 | 458 | - name: make |
ae290d8f | 459 | run: make -s -j4 |
2d374e1c DM |
460 | - name: get cpu info |
461 | run: | | |
462 | cat /proc/cpuinfo | |
463 | ./util/opensslwrap.sh version -c | |
9524a308 | 464 | - name: make test |
f2db7096 HL |
465 | run: .github/workflows/make-test |
466 | - name: save artifacts | |
467 | uses: actions/upload-artifact@v4 | |
468 | with: | |
469 | name: "ci@legacy" | |
470 | path: artifacts/ | |
4605b34d | 471 | |
266a3553 RL |
472 | # out-of-source-and-install checks multiple things at the same time: |
473 | # - That building, testing and installing works from an out-of-source | |
474 | # build tree | |
475 | # - That building, testing and installing works with a read-only source | |
476 | # tree | |
834a2d70 DM |
477 | out-of-readonly-source-and-install-ubuntu: |
478 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} | |
4605b34d | 479 | steps: |
d4231af6 | 480 | - uses: actions/checkout@v4 |
266a3553 RL |
481 | with: |
482 | path: ./source | |
1ac0464d TM |
483 | - name: checkout fuzz/corpora submodule |
484 | run: git submodule update --init --depth 1 fuzz/corpora | |
266a3553 RL |
485 | working-directory: ./source |
486 | - name: make source read-only | |
487 | run: chmod -R a-w ./source | |
488 | - name: create build and install directories | |
4605b34d RL |
489 | run: | |
490 | mkdir ./build | |
491 | mkdir ./install | |
492 | - name: config | |
266a3553 | 493 | run: | |
e98940d6 | 494 | ../source/config --banner=Configured enable-fips enable-quic enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd) |
266a3553 | 495 | perl configdata.pm --dump |
4605b34d RL |
496 | working-directory: ./build |
497 | - name: make | |
498 | run: make -s -j4 | |
499 | working-directory: ./build | |
2d374e1c | 500 | - name: get cpu info |
834a2d70 DM |
501 | run: | |
502 | cat /proc/cpuinfo | |
503 | ./util/opensslwrap.sh version -c | |
504 | working-directory: ./build | |
505 | - name: make test | |
f2db7096 | 506 | run: ../source/.github/workflows/make-test |
834a2d70 | 507 | working-directory: ./build |
f2db7096 HL |
508 | - name: save artifacts |
509 | uses: actions/upload-artifact@v4 | |
510 | with: | |
511 | name: "ci@out-of-readonly-source-and-install-ubuntu" | |
512 | path: build/artifacts/ | |
834a2d70 DM |
513 | - name: make install |
514 | run: make install | |
515 | working-directory: ./build | |
516 | ||
517 | out-of-readonly-source-and-install-macos: | |
ada9d8c7 DM |
518 | strategy: |
519 | fail-fast: false | |
520 | matrix: | |
521 | os: [macos-13, macos-14] | |
522 | runs-on: ${{ matrix.os }} | |
834a2d70 DM |
523 | if: github.server_url == 'https://github.com' |
524 | steps: | |
525 | - uses: actions/checkout@v4 | |
526 | with: | |
527 | path: ./source | |
528 | - name: checkout fuzz/corpora submodule | |
529 | run: git submodule update --init --depth 1 fuzz/corpora | |
530 | working-directory: ./source | |
531 | - name: make source read-only | |
532 | run: chmod -R a-w ./source | |
533 | - name: create build and install directories | |
534 | run: | | |
535 | mkdir ./build | |
536 | mkdir ./install | |
537 | - name: config | |
538 | run: | | |
e98940d6 | 539 | ../source/config --banner=Configured enable-fips enable-quic enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd) |
834a2d70 DM |
540 | perl configdata.pm --dump |
541 | working-directory: ./build | |
542 | - name: make | |
543 | run: make -s -j4 | |
544 | working-directory: ./build | |
545 | - name: get cpu info | |
546 | run: | | |
547 | sysctl machdep.cpu | |
548 | ./util/opensslwrap.sh version -c | |
2d374e1c | 549 | working-directory: ./build |
4605b34d | 550 | - name: make test |
f2db7096 | 551 | run: ../source/.github/workflows/make-test |
4605b34d | 552 | working-directory: ./build |
f2db7096 HL |
553 | - name: save artifacts |
554 | uses: actions/upload-artifact@v4 | |
555 | with: | |
556 | name: "ci@out-of-readonly-source-and-install-macos" | |
557 | path: build/artifacts/ | |
4605b34d RL |
558 | - name: make install |
559 | run: make install | |
560 | working-directory: ./build | |
b414c811 | 561 | |
996d2693 | 562 | external-tests: |
834a2d70 | 563 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
996d2693 | 564 | steps: |
d4231af6 | 565 | - uses: actions/checkout@v4 |
996d2693 TM |
566 | with: |
567 | submodules: recursive | |
568 | - name: package installs | |
569 | run: | | |
570 | sudo apt-get update | |
dd62ec27 | 571 | sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy |
b414c811 TM |
572 | - name: install cpanm and Test2::V0 for gost_engine testing |
573 | uses: perl-actions/install-with-cpanm@v1 | |
574 | with: | |
575 | install: Test2::V0 | |
cd0aca53 TM |
576 | - name: setup hostname workaround |
577 | run: sudo hostname localhost | |
996d2693 | 578 | - name: config |
d0364dcc | 579 | run: ./config --banner=Configured --strict-warnings --debug no-afalgeng enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 enable-external-tests no-fips && perl configdata.pm --dump |
996d2693 TM |
580 | - name: make |
581 | run: make -s -j4 | |
2d374e1c DM |
582 | - name: get cpu info |
583 | run: | | |
584 | cat /proc/cpuinfo | |
585 | ./util/opensslwrap.sh version -c | |
a7a041c2 TM |
586 | - name: test external gost-engine |
587 | run: make test TESTS="test_external_gost_engine" | |
588 | - name: test external krb5 | |
589 | run: make test TESTS="test_external_krb5" | |
e66c4172 DB |
590 | - name: test external_tlsfuzzer |
591 | run: make test TESTS="test_external_tlsfuzzer" | |
fa66f62e MB |
592 | - name: test external oqs-provider |
593 | run: make test TESTS="test_external_oqsprovider" | |
a938f004 PK |
594 | |
595 | external-test-pyca: | |
834a2d70 | 596 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
a938f004 PK |
597 | strategy: |
598 | matrix: | |
599 | RUST: | |
600 | - 1.51.0 | |
601 | PYTHON: | |
602 | - 3.9 | |
603 | steps: | |
d4231af6 | 604 | - uses: actions/checkout@v4 |
a938f004 PK |
605 | with: |
606 | submodules: recursive | |
607 | - name: Configure OpenSSL | |
d0364dcc | 608 | run: ./config --banner=Configured --strict-warnings --debug enable-external-tests && perl configdata.pm --dump |
a938f004 PK |
609 | - name: make |
610 | run: make -s -j4 | |
611 | - name: Setup Python | |
51c85496 | 612 | uses: actions/setup-python@v5.0.0 |
a938f004 PK |
613 | with: |
614 | python-version: ${{ matrix.PYTHON }} | |
cd5911a6 | 615 | - uses: dtolnay/rust-toolchain@master |
a938f004 | 616 | with: |
a938f004 | 617 | toolchain: ${{ matrix.RUST }} |
2d374e1c DM |
618 | - name: get cpu info |
619 | run: | | |
620 | cat /proc/cpuinfo | |
621 | ./util/opensslwrap.sh version -c | |
a938f004 | 622 | - name: test external pyca |
94471ccf | 623 | run: make test TESTS="test_external_pyca" VERBOSE=1 |
fc110280 TM |
624 | |
625 | external-test-cf-quiche: | |
834a2d70 | 626 | runs-on: ${{ github.server_url == 'https://github.com' && 'ubuntu-latest' || 'ubuntu-22.04-self-hosted' }} |
fc110280 | 627 | steps: |
d4231af6 | 628 | - uses: actions/checkout@v4 |
fc110280 TM |
629 | with: |
630 | submodules: recursive | |
631 | - name: Configure OpenSSL | |
8a764202 | 632 | run: ./config --banner=Configured --strict-warnings enable-external-tests && perl configdata.pm --dump |
fc110280 TM |
633 | - name: make |
634 | run: make -s -j4 | |
cd5911a6 | 635 | - uses: dtolnay/rust-toolchain@stable |
2d374e1c DM |
636 | - name: get cpu info |
637 | run: | | |
638 | cat /proc/cpuinfo | |
639 | ./util/opensslwrap.sh version -c | |
fc110280 TM |
640 | - name: test external Cloudflare quiche |
641 | run: make test TESTS="test_external_cf_quiche" VERBOSE=1 |