]>
Commit | Line | Data |
---|---|---|
08d8c2d8 P |
1 | # Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. |
2 | # | |
3 | # Licensed under the Apache License 2.0 (the "License"). You may not use | |
4 | # this file except in compliance with the License. You can obtain a copy | |
5 | # in the file LICENSE in the source distribution or at | |
6 | # https://www.openssl.org/source/license.html | |
7 | ||
9524a308 MC |
8 | name: GitHub CI |
9 | ||
4159ebca | 10 | on: [pull_request, push] |
9524a308 | 11 | |
ae290d8f DDO |
12 | # for some reason, this does not work: |
13 | # variables: | |
14 | # BUILDOPTS: "-j4" | |
15 | # HARNESS_JOBS: "${HARNESS_JOBS:-4}" | |
16 | ||
17 | # for some reason, this does not work: | |
18 | # before_script: | |
19 | # - make="make -s" | |
20 | ||
9524a308 | 21 | jobs: |
8175476b RL |
22 | check_update: |
23 | runs-on: ubuntu-latest | |
24 | steps: | |
49f699b5 RL |
25 | - name: install unifdef |
26 | run: | | |
27 | sudo apt-get update | |
28 | sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install unifdef | |
8175476b RL |
29 | - uses: actions/checkout@v2 |
30 | - name: config | |
d0364dcc | 31 | run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump |
8175476b RL |
32 | - name: make build_generated |
33 | run: make -s build_generated | |
34 | - name: make update | |
f97bc7c4 | 35 | run: make update |
8175476b RL |
36 | - name: git diff |
37 | run: git diff --exit-code | |
38 | ||
39 | check_docs: | |
40 | runs-on: ubuntu-latest | |
41 | steps: | |
42 | - uses: actions/checkout@v2 | |
43 | - name: config | |
d0364dcc | 44 | run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump |
8175476b RL |
45 | - name: make build_generated |
46 | run: make -s build_generated | |
5bac37cb DDO |
47 | - name: make doc-nits |
48 | run: make doc-nits | |
43c2456f RS |
49 | - name: make md-nits |
50 | run: | | |
51 | sudo gem install mdl | |
52 | make md-nits | |
8175476b | 53 | |
a350e3ef RL |
54 | # This checks that we use ANSI C language syntax and semantics. |
55 | # We are not as strict with libraries, but rather adapt to what's | |
56 | # expected to be available in a certain version of each platform. | |
57 | check-ansi: | |
58 | runs-on: ubuntu-latest | |
59 | steps: | |
60 | - uses: actions/checkout@v2 | |
61 | - name: config | |
d0364dcc | 62 | run: CPPFLAGS=-ansi ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump |
a350e3ef RL |
63 | - name: make |
64 | run: make -s -j4 | |
65 | ||
9524a308 MC |
66 | basic_gcc: |
67 | runs-on: ubuntu-latest | |
68 | steps: | |
69 | - uses: actions/checkout@v2 | |
70 | - name: config | |
ebe667b4 | 71 | run: CC=gcc ./config --banner=Configured enable-fips --strict-warnings && perl configdata.pm --dump |
9524a308 | 72 | - name: make |
ae290d8f | 73 | run: make -s -j4 |
9524a308 | 74 | - name: make test |
ae290d8f | 75 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
9524a308 MC |
76 | |
77 | basic_clang: | |
78 | runs-on: ubuntu-latest | |
79 | steps: | |
80 | - uses: actions/checkout@v2 | |
81 | - name: config | |
d0364dcc | 82 | run: CC=clang ./config --banner=Configured no-fips --strict-warnings && perl configdata.pm --dump |
9524a308 | 83 | - name: make |
ae290d8f | 84 | run: make -s -j4 |
9524a308 | 85 | - name: make test |
ae290d8f | 86 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
9524a308 MC |
87 | |
88 | minimal: | |
89 | runs-on: ubuntu-latest | |
90 | steps: | |
91 | - uses: actions/checkout@v2 | |
92 | - name: config | |
d0364dcc | 93 | run: ./config --banner=Configured --strict-warnings no-bulk no-pic no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump |
9524a308 | 94 | - name: make |
d0196ddc | 95 | run: make -j4 # verbose, so no -s here |
9524a308 | 96 | - name: make test |
ae290d8f | 97 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
9524a308 | 98 | |
e3577add RL |
99 | no-deprecated: |
100 | runs-on: ubuntu-latest | |
101 | steps: | |
102 | - uses: actions/checkout@v2 | |
103 | - name: config | |
d0364dcc | 104 | run: ./config --banner=Configured --strict-warnings no-deprecated enable-fips && perl configdata.pm --dump |
e3577add RL |
105 | - name: make |
106 | run: make -s -j4 | |
107 | - name: make test | |
108 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} | |
109 | ||
4a95b70d RL |
110 | no-shared: |
111 | strategy: | |
112 | matrix: | |
113 | os: [ ubuntu-latest, macos-latest ] | |
114 | runs-on: ${{matrix.os}} | |
115 | steps: | |
116 | - uses: actions/checkout@v2 | |
117 | - name: config | |
d0364dcc | 118 | run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump |
4a95b70d RL |
119 | - name: make |
120 | run: make -s -j4 | |
121 | - name: make test | |
122 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} | |
123 | ||
499f2ae9 P |
124 | non-caching: |
125 | runs-on: ubuntu-latest | |
126 | steps: | |
127 | - uses: actions/checkout@v2 | |
128 | - name: config | |
d0364dcc | 129 | run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump |
499f2ae9 P |
130 | - name: make |
131 | run: make -s -j4 | |
132 | - name: make test | |
e6f0c8d3 | 133 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 TESTS="-test_fuzz* -test_ssl_* -test_sslapi -test_evp -test_cmp_http -test_verify -test_cms -test_store -test_enc -[01][0-9]" |
499f2ae9 | 134 | |
a5a4dac9 | 135 | address_ub_sanitizer: |
9524a308 MC |
136 | runs-on: ubuntu-latest |
137 | steps: | |
138 | - uses: actions/checkout@v2 | |
139 | - name: config | |
3f7ad402 | 140 | run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION && perl configdata.pm --dump |
9524a308 | 141 | - name: make |
ae290d8f | 142 | run: make -s -j4 |
9524a308 | 143 | - name: make test |
ae290d8f | 144 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 |
9524a308 | 145 | |
a5a4dac9 P |
146 | memory_sanitizer: |
147 | runs-on: ubuntu-latest | |
148 | steps: | |
149 | - uses: actions/checkout@v2 | |
150 | - name: config | |
151 | # --debug -O1 is to produce a debug build that runs in a reasonable amount of time | |
152 | run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump | |
153 | - name: make | |
154 | run: make -s -j4 | |
155 | - name: make test | |
156 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 | |
157 | ||
f94a9169 MC |
158 | threads_sanitizer: |
159 | runs-on: ubuntu-latest | |
160 | steps: | |
161 | - uses: actions/checkout@v2 | |
162 | - name: config | |
d0364dcc | 163 | run: CC=clang ./config --banner=Configured no-fips --strict-warnings -fsanitize=thread && perl configdata.pm --dump |
f94a9169 MC |
164 | - name: make |
165 | run: make -s -j4 | |
166 | - name: make test | |
4f8e0272 | 167 | run: make V=1 TESTS="test_threads test_internal_provider test_provfetch test_provider test_pbe test_evp_kdf test_pkcs12 test_store test_evp" test HARNESS_JOBS=${HARNESS_JOBS:-4} |
f94a9169 | 168 | |
9524a308 MC |
169 | enable_non-default_options: |
170 | runs-on: ubuntu-latest | |
171 | steps: | |
172 | - uses: actions/checkout@v2 | |
c9eb4598 TM |
173 | - name: modprobe tls |
174 | run: sudo modprobe tls | |
9524a308 | 175 | - name: config |
c9eb4598 | 176 | run: ./config --banner=Configured --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd enable-ktls enable-fips && perl configdata.pm --dump |
9524a308 | 177 | - name: make |
ae290d8f | 178 | run: make -s -j4 |
9524a308 | 179 | - name: make test |
ae290d8f | 180 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
9524a308 | 181 | |
a5d8a2f8 DB |
182 | fips_and_ktls: |
183 | runs-on: ubuntu-latest | |
184 | steps: | |
185 | - uses: actions/checkout@v2 | |
186 | - name: modprobe tls | |
187 | run: sudo modprobe tls | |
188 | - name: config | |
189 | run: ./config --banner=Configured --strict-warnings enable-ktls enable-fips && perl configdata.pm --dump | |
190 | - name: make | |
191 | run: make -s -j4 | |
192 | - name: make test | |
193 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} | |
194 | ||
11c7874d P |
195 | no-legacy: |
196 | runs-on: ubuntu-latest | |
197 | steps: | |
198 | - uses: actions/checkout@v2 | |
199 | - name: config | |
d0364dcc | 200 | run: ./config --banner=Configured --strict-warnings no-legacy enable-fips && perl configdata.pm --dump |
11c7874d P |
201 | - name: make |
202 | run: make -s -j4 | |
203 | - name: make test | |
204 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} | |
205 | ||
a67c7010 | 206 | legacy: |
9524a308 MC |
207 | runs-on: ubuntu-latest |
208 | steps: | |
209 | - uses: actions/checkout@v2 | |
210 | - name: config | |
d0364dcc | 211 | run: ./config --banner=Configured -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-fips && perl configdata.pm --dump |
9524a308 | 212 | - name: make |
ae290d8f | 213 | run: make -s -j4 |
9524a308 | 214 | - name: make test |
ae290d8f | 215 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
9524a308 MC |
216 | |
217 | buildtest: | |
218 | runs-on: ubuntu-latest | |
219 | steps: | |
220 | - uses: actions/checkout@v2 | |
221 | - name: config | |
d0364dcc | 222 | run: ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump |
9524a308 | 223 | - name: make |
ae290d8f | 224 | run: make -s -j4 |
9524a308 | 225 | - name: make test |
ae290d8f | 226 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} |
4605b34d RL |
227 | |
228 | out-of-source-and-install: | |
9754665d SL |
229 | strategy: |
230 | matrix: | |
231 | os: [ubuntu-latest, macos-latest ] | |
232 | runs-on: ${{matrix.os}} | |
4605b34d RL |
233 | steps: |
234 | - uses: actions/checkout@v2 | |
235 | - name: extra preparations | |
236 | run: | | |
237 | mkdir ./build | |
238 | mkdir ./install | |
239 | - name: config | |
f096691b | 240 | run: ../config --banner=Configured enable-fips enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd) && perl configdata.pm --dump |
4605b34d RL |
241 | working-directory: ./build |
242 | - name: make | |
243 | run: make -s -j4 | |
244 | working-directory: ./build | |
245 | - name: make test | |
246 | run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} | |
247 | working-directory: ./build | |
248 | - name: make install | |
249 | run: make install | |
250 | working-directory: ./build | |
b414c811 | 251 | |
996d2693 TM |
252 | external-tests: |
253 | runs-on: ubuntu-latest | |
254 | steps: | |
255 | - uses: actions/checkout@v2 | |
256 | with: | |
257 | submodules: recursive | |
258 | - name: package installs | |
259 | run: | | |
260 | sudo apt-get update | |
dd62ec27 | 261 | sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy |
b414c811 TM |
262 | - name: install cpanm and Test2::V0 for gost_engine testing |
263 | uses: perl-actions/install-with-cpanm@v1 | |
264 | with: | |
265 | install: Test2::V0 | |
cd0aca53 TM |
266 | - name: setup hostname workaround |
267 | run: sudo hostname localhost | |
996d2693 | 268 | - name: config |
d0364dcc | 269 | run: ./config --banner=Configured --strict-warnings --debug no-afalgeng enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 enable-external-tests no-fips && perl configdata.pm --dump |
996d2693 TM |
270 | - name: make |
271 | run: make -s -j4 | |
a7a041c2 TM |
272 | - name: test external gost-engine |
273 | run: make test TESTS="test_external_gost_engine" | |
274 | - name: test external krb5 | |
275 | run: make test TESTS="test_external_krb5" | |
e66c4172 DB |
276 | - name: test external_tlsfuzzer |
277 | run: make test TESTS="test_external_tlsfuzzer" | |
a938f004 PK |
278 | |
279 | external-test-pyca: | |
280 | runs-on: ubuntu-latest | |
281 | strategy: | |
282 | matrix: | |
283 | RUST: | |
284 | - 1.51.0 | |
285 | PYTHON: | |
286 | - 3.9 | |
287 | steps: | |
288 | - uses: actions/checkout@v2 | |
289 | with: | |
290 | submodules: recursive | |
291 | - name: Configure OpenSSL | |
d0364dcc | 292 | run: ./config --banner=Configured --strict-warnings --debug enable-external-tests && perl configdata.pm --dump |
a938f004 PK |
293 | - name: make |
294 | run: make -s -j4 | |
295 | - name: Setup Python | |
296 | uses: actions/setup-python@v2.2.2 | |
297 | with: | |
298 | python-version: ${{ matrix.PYTHON }} | |
299 | - uses: actions-rs/toolchain@v1 | |
300 | with: | |
301 | profile: minimal | |
302 | toolchain: ${{ matrix.RUST }} | |
303 | override: true | |
304 | default: true | |
305 | - name: test external pyca | |
94471ccf | 306 | run: make test TESTS="test_external_pyca" VERBOSE=1 |