wolfProvider/.github/workflows/cjose.yml at 13d014e00b1b285a6c0e8c4138ba707fbf3a6e47 · wolfSSL/wolfProvider · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: cjose Tests

# START OF COMMON SECTION
on:
  push:
    branches: [ 'master', 'main', 'release/**' ]
  pull_request:
    branches: [ '*' ]

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
# END OF COMMON SECTION

jobs:
  build_wolfprovider:
    uses: ./.github/workflows/build-wolfprovider.yml
    with:
      wolfssl_ref: ${{ matrix.wolfssl_ref }}
      openssl_ref: ${{ matrix.openssl_ref }}
    strategy:
      matrix:
        # Test 5.8.2 since our .deb is based on that version
        wolfssl_ref: [ 'v5.8.2-stable' ]
        openssl_ref: [ 'openssl-3.5.0' ]

  test_cjose:
    runs-on: ubuntu-22.04
    needs: build_wolfprovider
    # This should be a safe limit for the tests to run.
    timeout-minutes: 20
    container:
      image: debian:bookworm
      env:
        DEBIAN_FRONTEND: noninteractive
    strategy:
      matrix:
        # Dont test osp master since it might be unstable
        cjose_ref: [ 'v0.6.2.1' ]
        wolfssl_ref: [ 'v5.8.2-stable' ]
        openssl_ref: [ 'openssl-3.5.0' ]
        force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ]
    steps:
      - name: Set up environment
        run: |
          apt-get update
          apt-get install -y git sudo build-essential autoconf automake \
            libtool pkg-config libjansson-dev check ca-certificates dpkg-dev

      - name: Checkout wolfProvider
        uses: actions/checkout@v4
        with:
          fetch-depth: 1

      - name: Download wolfSSL packages
        uses: actions/download-artifact@v4
        with:
          name: wolfssl-debian-packages-${{ github.sha }}
          path: /tmp/wolfssl-artifacts

      - name: Download OpenSSL/wolfProvider packages
        uses: actions/download-artifact@v4
        with:
          name: openssl-wolfprov-debian-packages-${{ github.sha }}
          path: /tmp/openssl-wolfprov-artifacts

      - name: Install wolfSSL/OpenSSL/wolfprov packages
        run: |
          set -e
          echo "WolfSSL artifacts:"
          ls -la /tmp/wolfssl-artifacts || true
          echo "OpenSSL/wolfProvider artifacts:"
          ls -la /tmp/openssl-wolfprov-artifacts || true

          # Install wolfSSL first
          wolfssl_debs=$(ls -1 /tmp/wolfssl-artifacts/*.deb 2>/dev/null || true)
          if [ -n "$wolfssl_debs" ]; then
            echo "Installing wolfSSL packages: $wolfssl_debs"
            apt install -y $wolfssl_debs
          fi

          # Install OpenSSL packages (runtime + development headers)
          openssl_debs=$(ls -1 /tmp/openssl-wolfprov-artifacts/*openssl*.deb 2>/dev/null || true)
          libssl3_debs=$(ls -1 /tmp/openssl-wolfprov-artifacts/*libssl3*.deb 2>/dev/null || true)
          libssl_dev_debs=$(ls -1 /tmp/openssl-wolfprov-artifacts/*libssl-dev*.deb 2>/dev/null || true)

          if [ -n "$openssl_debs$libssl3_debs$libssl_dev_debs" ]; then
            echo "Installing OpenSSL packages: $openssl_debs $libssl3_debs $libssl_dev_debs"
            apt install -y $openssl_debs $libssl3_debs $libssl_dev_debs
          fi

          # Install wolfProvider main package only (no dev/debug needed for testing)
          wolfprov_main=$(ls -1 /tmp/openssl-wolfprov-artifacts/libwolfprov_[0-9]*.deb 2>/dev/null | head -n1 || true)

          if [ -z "$wolfprov_main" ]; then
            echo "ERROR: libwolfprov main package not found in artifacts"
            ls -la /tmp/openssl-wolfprov-artifacts
            exit 1
          fi

          echo "Installing wolfProvider main package: $wolfprov_main"
          apt install -y "$wolfprov_main"

      - name: Download cjose
        uses: actions/checkout@v4
        with:
          repository: OpenIDC/cjose
          ref: ${{ matrix.cjose_ref }}
          path: cjose
          fetch-depth: 1

      - name: Build cjose
        working-directory: cjose
        run: |
          openssl list -providers
          # Configure with system OpenSSL (installed via .deb packages)
          ./configure CFLAGS="-Wno-error=deprecated-declarations"

          # Build cjose
          make

      - name: Run cjose tests
        working-directory: cjose
        run: |
          # Set up the environment for wolfProvider
          echo "before env-setup"
          openssl list -providers
          source $GITHUB_WORKSPACE/scripts/env-setup
          echo "after env-setup"
          openssl list -providers
          export ${{ matrix.force_fail }}

          # Run tests
          make test || true

          # Capture result
          TEST_RESULT=$(tail -1 ./test/check_cjose.log | grep PASS; echo $?)
          $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} cjose