-
Notifications
You must be signed in to change notification settings - Fork 29
149 lines (131 loc) · 4.92 KB
/
openldap.yml
File metadata and controls
149 lines (131 loc) · 4.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
name: OpenLDAP Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'master', 'main', 'release/**' ]
pull_request:
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
build_wolfprovider:
uses: ./.github/workflows/build-wolfprovider.yml
with:
wolfssl_ref: ${{ matrix.wolfssl_ref }}
openssl_ref: ${{ matrix.openssl_ref }}
replace_default: ${{ matrix.replace_default }}
strategy:
matrix:
wolfssl_ref: [ 'v5.8.2-stable' ]
openssl_ref: [ 'openssl-3.5.2' ]
replace_default: [ true ]
test_openldap:
runs-on: ubuntu-22.04
container:
image: debian:bookworm
env:
DEBIAN_FRONTEND: noninteractive
needs: build_wolfprovider
# This should be a safe limit for the tests to run.
timeout-minutes: 20
strategy:
fail-fast: false
matrix:
openldap_ref: [ 'OPENLDAP_REL_ENG_2_6_7' ]
wolfssl_ref: [ 'v5.8.2-stable' ]
openssl_ref: [ 'openssl-3.5.2' ]
force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ]
replace_default: [ true ]
env:
WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages
OPENSSL_PACKAGES_PATH: /tmp/openssl-packages
WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages
steps:
- name: Checkout wolfProvider
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Checking OpenSSL/wolfProvider packages in cache
uses: actions/cache/restore@v4
id: wolfprov-cache
with:
path: |
${{ env.WOLFSSL_PACKAGES_PATH }}
${{ env.OPENSSL_PACKAGES_PATH }}
${{ env.WOLFPROV_PACKAGES_PATH }}
key: openssl-wolfprov-debian-packages-${{ github.sha }}${{ matrix.replace_default && '-replace-default' || '' }}
fail-on-cache-miss: true
- name: Install wolfSSL/OpenSSL/wolfprov packages
run: |
printf "Installing OpenSSL/wolfProvider packages:\n"
ls -la ${{ env.WOLFSSL_PACKAGES_PATH }}
ls -la ${{ env.OPENSSL_PACKAGES_PATH }}
ls -la ${{ env.WOLFPROV_PACKAGES_PATH }}
apt install --reinstall -y \
${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb
apt install --reinstall -y \
${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \
${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \
${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb
apt install --reinstall -y \
${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb
- name: Install dependencies
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install -y git sudo build-essential autoconf automake \
libtool pkg-config libjansson-dev check ca-certificates dpkg-dev \
groff libsasl2-dev
- name: Checkout openldap
uses: actions/checkout@v4
with:
repository: openldap/openldap
path: openldap
ref: ${{ matrix.openldap_ref }}
- name: Checkout OSP
uses: actions/checkout@v4
with:
repository: wolfssl/osp
path: osp
fetch-depth: 1
- run: |
cd openldap
# Apply the wolfProvider patch
patch -p1 < $GITHUB_WORKSPACE/osp/wolfProvider/openldap/openldap-${{ matrix.openldap_ref }}-debian-wolfprov.patch
- name: Build and test OpenLDAP with wolfProvider
working-directory: openldap
shell: bash
run: |
set -o pipefail
# wolfProvider is already loaded as the default provider
echo "Current OpenSSL providers:"
openssl list -providers
openssl list -providers | grep -q "wolfSSL Provider" || (echo "ERROR: libwolfprov not found in OpenSSL providers" && exit 1)
# Generate configure script
rm -f aclocal.m4
autoreconf -ivf
# Configure with OpenSSL
./configure --with-tls=openssl --disable-bdb --disable-hdb
# Build OpenLDAP
make -j depend
make -j
export ${{ matrix.force_fail }}
if [ -n "${{ matrix.force_fail }}" ]; then
set +e
fi
if [ "${{ matrix.force_fail }}" = "WOLFPROV_FORCE_FAIL=1" ]; then
# Run with a 15 minute timeout for WPFF since it breaks on test 067
timeout 15m make -j check 2>&1 | tee openldap-test.log
TEST_RESULT=${PIPESTATUS[0]}
if [ $TEST_RESULT -eq 124 ]; then
echo "make -j check timed out after 15 minutes with WOLFPROV_FORCE_FAIL=1"
echo "Tests failed to complete as expected"
TEST_RESULT=1
fi
else
make -j check 2>&1 | tee openldap-test.log
TEST_RESULT=${PIPESTATUS[0]}
fi
$GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} openldap