Optimize FIPS CAST startup tests #1826

Workflow file for this run

	name: SSSD Tests

	# START OF COMMON SECTION
	on:
	push:
	branches: [ 'master', 'main', 'release/**' ]
	pull_request:
	branches: [ '*' ]

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true
	# END OF COMMON SECTION

	jobs:
	test_sssd:
	runs-on: ubuntu-22.04
	timeout-minutes: 20
	container:
	image: quay.io/sssd/ci-client-devel:ubuntu-latest
	env:
	LD_LIBRARY_PATH: /usr/local/lib:/github/home/wolfssl-install/lib:/github/home/openssl-install/lib64
	strategy:
	fail-fast: false
	matrix:
	sssd_ref: [ 'master', '2.9.1' ]
	wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
	openssl_ref: [ 'openssl-3.5.0' ]
	force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
	exclude:
	- sssd_ref: 'master'
	force_fail: 'WOLFPROV_FORCE_FAIL=1'
	steps:
	- name: Checkout wolfProvider
	uses: actions/checkout@v4
	with:
	fetch-depth: 1

	- name: Build wolfProvider
	run: \|
	OPENSSL_TAG=${{ matrix.openssl_ref }} WOLFSSL_TAG=${{ matrix.wolfssl_ref }} ./scripts/build-wolfprovider.sh

	- name: Install dependencies
	run: \|
	# Don't prompt for anything
	export DEBIAN_FRONTEND=noninteractive
	apt-get update
	apt-get install -y build-essential autoconf libldb-dev \
	libldb2 python3-ldb bc libcap-dev libutf8proc-dev

	- name: Setup env
	run: \|
	ln -s samba-4.0/ldb.h /usr/include/ldb.h
	ln -s samba-4.0/ldb_errors.h /usr/include/ldb_errors.h
	ln -s samba-4.0/ldb_handlers.h /usr/include/ldb_handlers.h
	ln -s samba-4.0/ldb_module.h /usr/include/ldb_module.h
	ln -s samba-4.0/ldb_version.h /usr/include/ldb_version.h

	- name: Checkout OSP
	uses: actions/checkout@v4
	with:
	repository: wolfssl/osp
	path: osp
	fetch-depth: 1

	- name: Build and test sssd with wolfProvider
	run: \|
	# Clone SSSD
	git clone https://github.com/SSSD/sssd.git
	cd sssd
	git checkout ${{ matrix.sssd_ref }}

	# Apply patch for testing
	patch -p1 < $GITHUB_WORKSPACE/osp/wolfProvider/sssd/sssd-${{ matrix.sssd_ref }}-wolfprov.patch

	# Configure and build SSSD with wolfProvider
	autoreconf -ivf
	./configure --without-samba --disable-cifs-idmap-plugin \
	--without-nfsv4-idmapd-plugin --with-oidc-child=no
	make -j

	- name: Run tests
	working-directory: sssd
	shell: bash
	run: \|
	# Set environment variables
	export LD_LIBRARY_PATH=$GITHUB_WORKSPACE/wolfssl-install/lib:$GITHUB_WORKSPACE/openssl-install/lib64
	export OPENSSL_CONF=$GITHUB_WORKSPACE/provider.conf
	export OPENSSL_MODULES=$GITHUB_WORKSPACE/wolfprov-install/lib
	export ${{ matrix.force_fail }}

	echo "Checking OpenSSL providers:"
	$GITHUB_WORKSPACE/openssl-install/bin/openssl list -providers \| tee provider-list.log
	grep -q libwolfprov provider-list.log \|\| (echo "ERROR: libwolfprov not found in OpenSSL providers" && exit 1)

	# If force fail is enabled dont exit with error
	if [ "${{ matrix.force_fail }}" == "WOLFPROV_FORCE_FAIL=1" ]; then
	set +e
	fi

	# Run tests and save result
	make check 2>&1 \| tee sssd-test.log
	TEST_RESULT=${PIPESTATUS[0]}
	$GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} sssd

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Optimize FIPS CAST startup tests #1826

Workflow file

Optimize FIPS CAST startup tests #1826

Uh oh!

Workflow file for this run