wolfSSL
diff --git a/‎.github/scripts/check-workflow-result.sh‎
Lines changed: 3 additions & 3 deletions b/‎.github/scripts/check-workflow-result.sh‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/bind9.yml‎
Lines changed: 21 additions & 29 deletions b/‎.github/workflows/bind9.yml‎
Lines changed: 21 additions & 29 deletions
diff --git a/‎.github/workflows/build-wolfprovider-nightly.yml‎
Lines changed: 57 additions & 0 deletions b/‎.github/workflows/build-wolfprovider-nightly.yml‎
Lines changed: 57 additions & 0 deletions
@@ -275,11 +275,11 @@ if [ "$WOLFPROV_FORCE_FAIL" = "WOLFPROV_FORCE_FAIL=1" ]; then
     elif [ "$TEST_SUITE" = "tcpdump" ]; then
         if [ -f "tcpdump-test.log" ]; then
             # Check for expected 7 failed tests (ESP/crypto segfaults)
-            if grep -q "7 tests failed" tcpdump-test.log; then
-                echo "PASS: tcpdump tests failed as expected with force fail enabled (7 tests failed)"
+            if grep -q "2 tests failed" tcpdump-test.log; then
+                echo "PASS: tcpdump tests failed as expected with force fail enabled (2 tests failed)"
                 exit 0
             else
-                echo "FAIL: tcpdump tests did not fail as expected (should have 7 failed tests)"
+                echo "FAIL: tcpdump tests did not fail as expected (should have 2 failed tests)"
                 exit 1
             fi
         else
 
@@ -3,7 +3,7 @@ name: Bind9 Tests
 # START OF COMMON SECTION
 on:
   push:
-    branches: [ 'master', 'main', 'release/**' ]
+    branches: [ 'master', 'main', 'build-wolfprov-debian-test', 'release/**' ]
   pull_request:
     branches: [ '*' ]
 
@@ -13,26 +13,12 @@ concurrency:
 # END OF COMMON SECTION
 
 jobs:
-  build_wolfprovider:
-    uses: ./.github/workflows/build-wolfprovider.yml
-    with:
-      wolfssl_ref: ${{ matrix.wolfssl_ref }}
-      openssl_ref: ${{ matrix.openssl_ref }}
-      replace_default: ${{ matrix.replace_default }}
-    strategy:
-      matrix:
-        wolfssl_ref: [ 'v5.8.2-stable' ]
-        openssl_ref: [ 'openssl-3.5.2' ]
-        replace_default: [ true ]
-        fips: [ false ]
-
   test_bind:
     runs-on: ubuntu-22.04
     container:
       image: debian:bookworm
       env:
         DEBIAN_FRONTEND: noninteractive
-    needs: build_wolfprovider
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
     strategy:
@@ -41,9 +27,9 @@ jobs:
         bind_ref: [ 'v9.18.28' ]
         wolfssl_ref: [ 'v5.8.2-stable' ]
         openssl_ref: [ 'openssl-3.5.2' ]
+        fips_ref: [ 'FIPS', 'non-FIPS' ]
         force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
         replace_default: [ true ]
-        fips: [ false ]
     env:
       WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages
       OPENSSL_PACKAGES_PATH: /tmp/openssl-packages
@@ -54,38 +40,44 @@ jobs:
         with:
           fetch-depth: 1
 
-      - name: Checking OpenSSL/wolfProvider packages in cache
-        uses: actions/cache/restore@v4
-        id: wolfprov-cache
+      - name: Download wolfProvider packages from nightly build
+        uses: dawidd6/action-download-artifact@v6
         with:
-          path: |
-            ${{ env.WOLFSSL_PACKAGES_PATH }}
-            ${{ env.OPENSSL_PACKAGES_PATH }}
-            ${{ env.WOLFPROV_PACKAGES_PATH }}
-          key: openssl-wolfprov-debian-packages-${{ github.sha }}${{ matrix.replace_default && '-replace-default' || '' }}
-          fail-on-cache-miss: true
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          workflow: build-wolfprovider-nightly.yml
+          branch: ${{ github.ref_name }}
+          name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}
+          path: /tmp/packages
+
+      - name: Setup package directories
+        run: |
+          mv /tmp/packages/wolfssl-packages ${{ env.WOLFSSL_PACKAGES_PATH }}
+          mv /tmp/packages/openssl-packages ${{ env.OPENSSL_PACKAGES_PATH }}
+          mv /tmp/packages/wolfprov-packages ${{ env.WOLFPROV_PACKAGES_PATH }}
 
       - name: Install wolfSSL/OpenSSL/wolfprov packages
         run: |
-          printf "Installing OpenSSL/wolfProvider packages:\n"
+          printf "Installing OpenSSL/wolfProvider packages (${{ matrix.fips_ref }}):\n"
           ls -la ${{ env.WOLFSSL_PACKAGES_PATH }}
           ls -la ${{ env.OPENSSL_PACKAGES_PATH }}
           ls -la ${{ env.WOLFPROV_PACKAGES_PATH }}
 
           apt install --reinstall -y \
-            ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb
+            ${{ env.WOLFSSL_PACKAGES_PATH }}/*.deb
 
           apt install --reinstall -y \
             ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \
             ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \
             ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb
 
           apt install --reinstall -y \
-            ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb
+            ${{ env.WOLFPROV_PACKAGES_PATH }}/*.deb
 
       - name: Verify wolfProvider is properly installed
         run: |
-          $GITHUB_WORKSPACE/scripts/verify-install.sh ${{ matrix.replace_default && '--replace-default' || '' }} ${{ matrix.fips && '--fips' || '' }}
+          $GITHUB_WORKSPACE/scripts/verify-install.sh \
+            ${{ matrix.replace_default && '--replace-default' || '' }} \
+            ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }}
 
       - name: Install bind9 test dependencies
         run: |
 
@@ -0,0 +1,57 @@
+name: Nightly Build wolfProvider
+
+on:
+  push:
+    branches: [ 'master', 'main', 'build-wolfprov-debian-test', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+  schedule:
+    # Jenkins: 2AM UTC nightly - Actual nightly build
+    # GitHub Actions: 3AM UTC nightly - Update build in github
+    - cron: "0 3 * * *"
+  workflow_dispatch:
+    inputs:
+      wolfssl_ref:
+        description: 'wolfSSL ref (tag/branch)'
+        required: false
+        default: 'v5.8.2-stable'
+        type: string
+      openssl_ref:
+        description: 'OpenSSL ref (tag/branch)'
+        required: false
+        default: 'openssl-3.5.2'
+        type: string
+      fips_ref:
+        description: 'Build type'
+        required: false
+        default: 'both'
+        type: choice
+        options:
+          - 'both'
+          - 'FIPS'
+          - 'non-FIPS'
+      replace_default:
+        description: 'Replace default provider'
+        required: false
+        default: true
+        type: boolean
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build_wolfprovider:
+    name: Build wolfProvider
+    uses: ./.github/workflows/build-wolfprovider.yml
+    strategy:
+      matrix:
+        # When manually triggered with 'both', or on schedule, build both FIPS and non-FIPS
+        # When manually triggered with specific type, only build that type
+        fips_ref: ${{ (github.event_name == 'schedule' || github.event.inputs.fips_ref == 'both' || github.event.inputs.fips_ref == '') && fromJSON('["FIPS", "non-FIPS"]') || fromJSON(format('["{0}"]', github.event.inputs.fips_ref)) }}
+    with:
+      wolfssl_ref: ${{ github.event.inputs.wolfssl_ref || 'v5.8.2-stable' }}
+      openssl_ref: ${{ github.event.inputs.openssl_ref || 'openssl-3.5.2' }}
+      fips_ref: ${{ matrix.fips_ref }}
+      replace_default: ${{ github.event.inputs.replace_default != 'false' }}
+    secrets: inherit