Add Yocto wolfProvider Ptests #1009
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: systemd Tests | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: ['master', 'main', 'release/**'] | |
| pull_request: | |
| branches: ['*'] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| fips_ref: ${{ matrix.fips_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true ] | |
| test_systemd: | |
| runs-on: ubuntu-22.04 | |
| needs: build_wolfprovider | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 20 | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| systemd_ref: [ 'v254' ] | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| replace_default: [ true ] | |
| steps: | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Download packages from build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }} | |
| path: /tmp | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| - name: Verify wolfProvider is properly installed | |
| run: | | |
| $GITHUB_WORKSPACE/scripts/verify-install.sh \ | |
| ${{ matrix.replace_default && '--replace-default' || '' }} \ | |
| ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }} | |
| - name: Install dependencies | |
| run: | | |
| export DEBIAN_FRONTEND=noninteractive | |
| apt-get update | |
| apt-get install -y build-essential meson ninja-build \ | |
| libmount-dev gperf python3-pytest python3-jinja2 python3-pip \ | |
| libuv1-dev libnghttp2-dev libcap-dev uuid-dev libdevmapper-dev \ | |
| libpopt-dev libjson-c-dev libargon2-dev libblkid-dev asciidoctor \ | |
| pkgconf zlib1g-dev libgcrypt20-dev libgpg-error-dev libgnutls28-dev \ | |
| libp11-kit-dev libfido2-dev libtss2-dev libdw-dev libbz2-dev \ | |
| liblzma-dev liblz4-dev libzstd-dev libxkbcommon-dev libglib2.0-dev \ | |
| libdbus-1-dev python3-setuptools python3-wheel git | |
| - name: Checkout systemd | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: systemd/systemd | |
| path: systemd | |
| fetch-depth: 1 | |
| ref: ${{ matrix.systemd_ref }} | |
| - name: Build systemd | |
| working-directory: systemd | |
| run: | | |
| meson setup -Dnobody-group=nogroup build | |
| ninja -C build | |
| - name: Run systemd tests | |
| working-directory: systemd | |
| shell: bash | |
| run: | | |
| set +e | |
| # The following test cases link directly to libcrypto. | |
| TEST_CASES="fuzz-dns-packet fuzz-etc-hosts fuzz-resource-record \ | |
| resolvectl systemd-resolved test-cryptolib \ | |
| test-dns-packet test-dnssec test-resolve-tables \ | |
| test-resolved-etc-hosts test-resolved-packet \ | |
| test-resolved-stream" | |
| export ${{ matrix.force_fail }} | |
| meson test -C build $TEST_CASES | |
| TEST_RESULT=$? | |
| if [ $TEST_RESULT -ne 0 ]; then | |
| cat build/meson-logs/testlog.txt | |
| fi | |
| $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} systemd |