Add cmd-test arguments #791
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Debian Package Test | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| fips_ref: ${{ matrix.fips_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true, false ] | |
| libwolfprov-replace-default: | |
| name: libwolfprov ${{ matrix.replace_default && 'replace-default' || 'standalone' }} ${{ matrix.fips_ref }} | |
| runs-on: ubuntu-22.04 | |
| needs: build_wolfprovider | |
| # Run inside Debian Bookworm to match packaging environment | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 20 | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.4-stable' ] | |
| openssl_ref: [ 'openssl-3.5.4' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true, false ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| env: | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| WOLFPROV_CONF_FILE: /etc/ssl/openssl.cnf.d/wolfprovider.conf | |
| steps: | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Download packages from build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }} | |
| path: /tmp | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| - name: Verify wolfProvider is properly installed | |
| run: | | |
| $GITHUB_WORKSPACE/scripts/verify-install.sh \ | |
| ${{ matrix.replace_default && '--replace-default' || '' }} \ | |
| ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }} | |
| - name: Test OpenSSL provider functionality | |
| shell: bash | |
| run: | | |
| # Run the do-cmd-test.sh script to execute interoperability tests | |
| echo "Running OpenSSL provider interoperability tests..." | |
| OPENSSL_BIN=$(eval which openssl) ${{ matrix.force_fail }} ${{ matrix.fips_ref == 'FIPS' && 'WOLFSSL_ISFIPS=1' || '' }} ./scripts/cmd_test/do-cmd-tests.sh | |
| echo "PASS: All provider interoperability tests successful" | |
| - name: Uninstall package and verify cleanup | |
| run: | | |
| # Uninstall the package | |
| apt-get remove -y libwolfprov | |
| if openssl list -providers | grep -q "wolfSSL Provider"; then | |
| echo "wolfprovider is still listed as an OpenSSL provider" | |
| exit 1 | |
| fi | |
| # Purge the package to remove all files | |
| apt-get remove --purge -y libwolfprov | |
| # Verify the package is removed | |
| if dpkg -l | grep -q libwolfprov; then | |
| echo "Package still installed after removal" | |
| dpkg -l | grep libwolfprov | |
| exit 1 | |
| else | |
| echo "Package successfully removed" | |
| fi | |
| # Check if the config file is removed | |
| if [ -f $WOLFPROV_CONF_FILE ]; then | |
| echo "wolfprovider.conf still exists after package removal" | |
| ls -la $(dirname $WOLFPROV_CONF_FILE) | |
| exit 1 | |
| else | |
| echo "wolfprovider.conf successfully removed" | |
| fi | |
| # Check if the library files are removed | |
| WOLFPROV_OBJS=$(find /usr/lib -name "libwolfprov.so*") | |
| if [ -n "$WOLFPROV_OBJS" ]; then | |
| echo "libwolfprov.so still exists after package removal" | |
| echo "$WOLFPROV_OBJS" | |
| exit 1 | |
| else | |
| echo "libwolfprov.so successfully removed" | |
| fi | |
| echo "Package uninstallation and cleanup verification successful" |