Run tests against kryoptic main #2

Workflow file for this run

.github/workflows/kryoptic.yml at f17e54f

	---
	name: Test kryoptic

	on: [push, pull_request, workflow_dispatch]

	env:
	KRYOPTIC_REVISION: main

	jobs:
	tests-kryoptic:
	name: Run tests against Kryoptic
	runs-on: ubuntu-22.04
	container: quay.io/fedora/fedora:latest
	steps:
	#################
	### DNF cache ###
	#################
	- name: Get Date for DNF cache entry
	id: get-date
	run: \|
	echo "date=$(/bin/date -u "+%Y%V")" >> $GITHUB_OUTPUT
	shell: bash

	- name: Restore DNF cache
	uses: actions/cache/restore@v4
	id: cache-dnf
	with:
	path: "/var/cache/libdnf5"
	key: fedora-dnf-${{ steps.get-date.outputs.date }}

	- name: Install Dependencies
	run: \|
	dnf -y install git cargo clang-devel openssl-devel sqlite-devel

	- name: DNF cache
	if: ${{ steps.cache-dnf.outputs.cache-hit != 'true' }}
	uses: actions/cache/save@v4
	with:
	path: "/var/cache/libdnf5"
	key: fedora-dnf-${{ steps.get-date.outputs.date }}

	######################
	### kryoptic build ###
	######################
	- name: Setup kryoptic
	run: \|
	cd ..
	git clone https://github.com/latchset/kryoptic.git \
	--depth 1 --single-branch --revision "$KRYOPTIC_REVISION" kryoptic

	- name: Generate lock file
	run: \|
	cd ../kryoptic &&
	cargo generate-lockfile

	- name: Cache Rust dependencies
	uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	../kryoptic/target/
	key: fedora-cargo-${{ hashFiles('**/Cargo.lock') }}

	- name: Build kryoptic
	run: \|
	FEATURES="standard,pqc,nssdb"

	cd ../kryoptic &&
	cargo build -vv --features "$FEATURES"

	- name: Checkout rust-cryptoki
	uses: actions/checkout@v4

	#################
	### the tests ###
	#################
	- name: Run test script
	env:
	KRYOPTIC_CONF: /tmp/kryoptic.sql
	TEST_PKCS11_MODULE: /__w/rust-cryptoki/kryoptic/target/debug/libkryoptic_pkcs11.so
	RUST_BACKTRACE: 1
	run: cargo build --all-features && cargo test

	tests-kryoptic-fips:
	name: Run tests against Kryoptic FIPS module
	runs-on: ubuntu-22.04
	container: quay.io/fedora/fedora:latest
	steps:
	#################
	### DNF cache ###
	#################
	- name: Get Date for DNF cache entry
	id: get-date
	run: \|
	echo "date=$(/bin/date -u "+%Y%V")" >> $GITHUB_OUTPUT
	shell: bash

	- name: Restore DNF cache
	uses: actions/cache/restore@v4
	id: cache-dnf
	with:
	path: "/var/cache/libdnf5"
	key: fedora-dnf-fips-${{ steps.get-date.outputs.date }}

	- name: Install Dependencies
	run: \|
	dnf -y install git cargo clang-devel openssl-devel sqlite-devel \
	'perl(FindBin)' 'perl(lib)' 'perl(File::Compare)' \
	'perl(File::Copy)' 'perl(bigint)' 'perl(Time::HiRes)' \
	'perl(IPC::Cmd)' 'perl(Pod::Html)' 'perl(Digest::SHA)' \
	'perl(Module::Load::Conditional)' 'perl(File::Temp)' \
	'perl(Test::Harness)' 'perl(Test::More)' 'perl(Math::BigInt)' \
	'perl(Time::Piece)' zlib-devel sed

	- name: DNF cache
	if: ${{ steps.cache-dnf.outputs.cache-hit != 'true' }}
	uses: actions/cache/save@v4
	with:
	path: "/var/cache/libdnf5"
	key: fedora-dnf-fips-${{ steps.get-date.outputs.date }}

	#####################
	### OpenSSL build ###
	#####################
	- name: Setup OpenSSL 3.5
	id: ossl-setup
	run: \|
	OPENSSL_BRANCH="openssl-3.5"

	cd ..
	git clone https://github.com/openssl/openssl.git \
	--single-branch --branch $OPENSSL_BRANCH openssl
	cd openssl
	echo "KRYOPTIC_OPENSSL_SOURCES=$PWD" >> "$GITHUB_ENV"
	echo "cacheid=${{ runner.os }}-ossl-$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"

	- name: Restore OpenSSL build if cached
	uses: actions/cache/restore@v4
	id: cache
	with:
	path: ${{ env.KRYOPTIC_OPENSSL_SOURCES }}
	key: ${{ steps.ossl-setup.outputs.cacheid }}

	- name: Build OpenSSL
	if: ${{ steps.cache.outputs.cache-hit != 'true' }}
	run: \|
	pushd ${{ env.KRYOPTIC_OPENSSL_SOURCES }}
	./Configure
	make

	- name: Cache OpenSSL 3.5 build
	if: ${{ steps.cache.outputs.cache-hit != 'true' }}
	uses: actions/cache/save@v4
	with:
	path: ${{ env.KRYOPTIC_OPENSSL_SOURCES }}
	key: ${{ steps.ossl-setup.outputs.cacheid }}

	######################
	### kryoptic build ###
	######################
	- name: Setup kryoptic
	run: \|
	cd ..
	git clone https://github.com/latchset/kryoptic.git \
	--depth 1 --single-branch --revision "$KRYOPTIC_REVISION" kryoptic

	- name: Generate lock file
	run: \|
	cd ../kryoptic &&
	cargo generate-lockfile

	- name: Cache Rust dependencies
	uses: actions/cache@v4
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	../kryoptic/target/
	key: fedora-cargo-${{ hashFiles('**/Cargo.lock') }}

	- name: Build kryoptic
	run: \|
	FEATURES="fips,pqc,dummy-integrity"
	OPTS="--no-default-features"

	cd ../kryoptic &&
	cargo build -vv $OPTS --features "$FEATURES"

	- uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: Build logs OpenSSL version 3.5
	path: \|
	target/debug/build/*/output

	- name: Checkout rust-cryptoki
	uses: actions/checkout@v4

	#################
	### the tests ###
	#################
	- name: Run test script
	env:
	KRYOPTIC_CONF: /tmp/kryoptic.sql
	TEST_PKCS11_MODULE: /__w/rust-cryptoki/kryoptic/target/debug/libkryoptic_pkcs11.so
	OUT_DIR: /__w/rust-cryptoki/kryoptic/target/debug/deps/
	RUST_BACKTRACE: 1
	run: cargo build --all-features && cargo test

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Run tests against kryoptic main #2

Workflow file

Run tests against kryoptic main #2

Uh oh!

Jobs

Run details

Workflow file for this run