Update CI workflows to use Debian packages only #557
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: tpm2-tss Tests | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'master', 'v5.8.0-stable' ] | |
| openssl_ref: [ 'openssl-3.5.0' ] | |
| replace_default: [ true ] | |
| test_tpm2_tss: | |
| runs-on: ubuntu-22.04 | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| needs: build_wolfprovider | |
| timeout-minutes: 30 | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'master', 'v5.8.0-stable' ] | |
| openssl_ref: [ 'openssl-3.5.0' ] | |
| tpm2_tss_ref: [ 'master', '4.1.3'] | |
| replace_default: [ true ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| exclude: | |
| - tpm2_tss_ref: 'master' | |
| force_fail: 'WOLFPROV_FORCE_FAIL=1' | |
| env: | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| steps: | |
| - name: Install test dependencies | |
| run: | | |
| apt-get update | |
| apt-get install -y pkg-config libcunit1-dev autoconf-archive \ | |
| gettext libcmocka-dev build-essential autoconf automake libtool \ | |
| libjson-c-dev libcurl4-openssl-dev acl libusb-1.0-0-dev | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Checking OpenSSL/wolfProvider packages in cache | |
| uses: actions/cache/restore@v4 | |
| id: wolfprov-cache | |
| with: | |
| path: | | |
| ${{ env.WOLFSSL_PACKAGES_PATH }} | |
| ${{ env.OPENSSL_PACKAGES_PATH }} | |
| ${{ env.WOLFPROV_PACKAGES_PATH }} | |
| key: openssl-wolfprov-debian-packages-${{ github.sha }}${{ matrix.replace_default && '-replace-default' || '' }} | |
| fail-on-cache-miss: true | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| printf "Installing OpenSSL/wolfProvider packages:\n" | |
| ls -la ${{ env.WOLFSSL_PACKAGES_PATH }} | |
| ls -la ${{ env.OPENSSL_PACKAGES_PATH }} | |
| ls -la ${{ env.WOLFPROV_PACKAGES_PATH }} | |
| apt install --reinstall -y \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| # ensure libssl-dev is not installed | |
| - name: Ensure libssl-dev is not installed | |
| run: | | |
| if dpkg -l | grep -q libssl-dev; then | |
| echo "libssl-dev is installed, removing it to avoid conflicts" | |
| apt-get remove -y libssl-dev | |
| else | |
| echo "libssl-dev is not installed, no action needed" | |
| fi | |
| - name: Checkout tpm2-tss | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: tpm2-software/tpm2-tss | |
| path: tpm2_tss_repo | |
| ref: ${{ matrix.tpm2_tss_ref }} | |
| fetch-depth: 1 | |
| # Apply patch to fix missing stdint.h includes in test files | |
| # TODO: use patch from OSP repo | |
| - name: Apply patch for test source files | |
| working-directory: tpm2_tss_repo | |
| if: ${{ matrix.tpm2_tss_ref }} == '4.1.3' | |
| run: | | |
| perl -pi -e 's|(#include <cmocka\.h>)|#include <stdint.h>\n$1|' ./test/unit/*.c | |
| - name: Build and install tpm2-tss | |
| working-directory: tpm2_tss_repo | |
| run: | | |
| ./bootstrap | |
| ./configure --prefix=$PWD/tpm2-tss-install --with-crypto=ossl \ | |
| --enable-unit --includedir=$GITHUB_WORKSPACE/openssl-install/include | |
| make -j$(nproc) | |
| make install | |
| - name: Run tpm2-tss tests | |
| working-directory: tpm2_tss_repo | |
| run: | | |
| export ${{ matrix.force_fail }} | |
| make check 2>&1 || true | |
| if $(grep -q "FAIL: test/unit" test-suite.log); then | |
| TEST_RESULT=1 | |
| echo "Expected zero failures" | |
| else | |
| TEST_RESULT=0 | |
| fi | |
| $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} tpm2-tss |