Test debian bookworm for IGEL osp's

.github/scripts/check-workflow-result.sh

@@ -293,6 +293,23 @@ if [ "$WOLFPROV_FORCE_FAIL" = "WOLFPROV_FORCE_FAIL=1" ]; then
             echo "Error: $IPERF_TEST_LOG not found"
             exit 1
         fi
+    # ----- BIND9 -----
+    elif [ "$TEST_SUITE" = "bind9" ]; then
+        if [ -f "bind9-test.log" ]; then
+            # Check for expected error count (12 errors) and non-zero exit code
+            if grep -q "ERROR: 12" bind9-test.log && [ $TEST_RESULT -ne 0 ]; then
+                echo "PASS: BIND9 tests failed as expected with force fail enabled (12 errors)"
+                exit 0
+            else
+                echo "FAIL: BIND9 tests did not fail as expected with force fail enabled"
+                echo "  Expected: 12 errors and non-zero exit code"
+                echo "  Got: $(grep 'ERROR:' bind9-test.log | tail -1) and exit code $TEST_RESULT"
+                exit 1
+            fi
+        else
+            echo "Error: bind9-test.log not found"
+            exit 1
+        fi
     else
         if [ $TEST_RESULT -eq 0 ]; then
             echo "$TEST_SUITE tests unexpectedly succeeded with force fail enabled"

.github/workflows/bind9.yml

@@ -18,13 +18,19 @@ jobs:
     with:
       wolfssl_ref: ${{ matrix.wolfssl_ref }}
       openssl_ref: ${{ matrix.openssl_ref }}
+      replace_default: ${{ matrix.replace_default || false }}
     strategy:
       matrix:
         wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
         openssl_ref: [ 'openssl-3.5.0' ]
+        replace_default: [ false, true ]
 
   test_bind:
     runs-on: ubuntu-22.04
+    container:
+      image: debian:bookworm
+      env:
+        DEBIAN_FRONTEND: noninteractive
     needs: build_wolfprovider
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
@@ -34,8 +40,14 @@ jobs:
         bind_ref: [ 'v9.18.28' ]
         wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
         openssl_ref: [ 'openssl-3.5.0' ]
+        replace_default: [ false, true ]
         force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
     steps:
+      - name: Install sudo
+        run: |
+          apt-get update
+          apt-get install -y sudo
+
       - name: Checkout wolfProvider
         uses: actions/checkout@v4
         with:
@@ -51,8 +63,9 @@ jobs:
             openssl-install/lib64
             openssl-install/include
             openssl-install/bin
+            ${{ matrix.replace_default && 'libdefault-stub-install' || '' }}
 
-          key: wolfprov-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-${{ github.sha }}
+          key: wolfprov${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-${{ github.sha }}
           fail-on-cache-miss: true
 
       - name: Install bind9 test dependencies
@@ -62,7 +75,7 @@ jobs:
           sudo apt install -y build-essential automake libtool gnutls-bin \
           pkg-config make libidn2-dev libuv1-dev libnghttp2-dev libcap-dev \
           libjemalloc-dev zlib1g-dev libxml2-dev libjson-c-dev libcmocka-dev \
-          python3-pytest python3-dnspython python3-hypothesis
+          python3-pytest python3-dnspython python3-hypothesis net-tools iproute2
           sudo PERL_MM_USE_DEFAULT=1 cpan -i Net::DNS
 
       - name: Checkout bind9
@@ -85,6 +98,7 @@ jobs:
 
       - name: Build and test bind9 with wolfProvider
         working-directory: bind9
+        shell: bash
         run: |
           # Set up the environment for wolfProvider
           source $GITHUB_WORKSPACE/scripts/env-setup

.github/workflows/build-wolfprovider.yml

@@ -9,6 +9,11 @@ on:
       openssl_ref:
         required: true
         type: string
+      replace_default:
+        required: false
+        type: boolean
+        default: false
+        description: "Build with --replace-default flag"
     outputs:
       cache_key:
         description: "Cache key for the build artifacts"
@@ -20,7 +25,7 @@ jobs:
     runs-on: ubuntu-22.04
     timeout-minutes: 20
     outputs:
-      cache_key: wolfprov-${{ inputs.wolfssl_ref }}-${{ inputs.openssl_ref }}-${{ github.sha }}
+      cache_key: wolfprov${{ inputs.replace_default && '-replace-default' || '' }}-${{ inputs.wolfssl_ref }}-${{ inputs.openssl_ref }}-${{ github.sha }}
     steps:
       - name: Checkout wolfProvider
         uses: actions/checkout@v4
@@ -52,7 +57,8 @@ jobs:
         with:
           path: |
             openssl-install
-          key: ossl-depends-${{ steps.openssl-ref.outputs.ref }}
+            ${{ inputs.replace_default && 'libdefault-stub-install' || '' }}
+          key: ossl${{ inputs.replace_default && '-replace-default' || '' }}-depends-${{ steps.openssl-ref.outputs.ref }}
           lookup-only: false
 
       # Look for a cached version of WolfSSL
@@ -67,7 +73,12 @@ jobs:
 
       - name: Build wolfProvider
         run: |
-          OPENSSL_TAG=${{ inputs.openssl_ref }} WOLFSSL_TAG=${{ inputs.wolfssl_ref }} ./scripts/build-wolfprovider.sh
+          # Clean if there's a build mode mismatch
+          if ! OPENSSL_TAG=${{ inputs.openssl_ref }} WOLFSSL_TAG=${{ inputs.wolfssl_ref }} ./scripts/build-wolfprovider.sh ${{ inputs.replace_default && '--replace-default' || '' }}; then
+            echo "Build failed, attempting distclean and rebuild..."
+            ./scripts/build-wolfprovider.sh --distclean
+            OPENSSL_TAG=${{ inputs.openssl_ref }} WOLFSSL_TAG=${{ inputs.wolfssl_ref }} ./scripts/build-wolfprovider.sh ${{ inputs.replace_default && '--replace-default' || '' }}
+          fi
 
       # Save the wolfProvider outputs for use by the parent jobs.
       # Note that we don't try to restore since it will likely always 
@@ -81,7 +92,8 @@ jobs:
             openssl-install/lib64
             openssl-install/include
             openssl-install/bin
-          key: wolfprov-${{ inputs.wolfssl_ref }}-${{ inputs.openssl_ref }}-${{ github.sha }}
+            ${{ inputs.replace_default && 'libdefault-stub-install' || '' }}
+          key: wolfprov${{ inputs.replace_default && '-replace-default' || '' }}-${{ inputs.wolfssl_ref }}-${{ inputs.openssl_ref }}-${{ github.sha }}
 
       # If openssl cache miss, save it to the cache
       - name: Save OpenSSL into cache
@@ -90,7 +102,8 @@ jobs:
         with: 
           path: |
             openssl-install
-          key: ossl-depends-${{ steps.openssl-ref.outputs.ref }}
+            ${{ inputs.replace_default && 'libdefault-stub-install' || '' }}
+          key: ossl${{ inputs.replace_default && '-replace-default' || '' }}-depends-${{ steps.openssl-ref.outputs.ref }}
 
       - name: Save WolfSSL into cache
         if: steps.wolfssl-cache.outputs.cache-hit != 'true'

.github/workflows/cjose.yml

@@ -18,23 +18,41 @@ jobs:
     with:
       wolfssl_ref: ${{ matrix.wolfssl_ref }}
       openssl_ref: ${{ matrix.openssl_ref }}
+      replace_default: ${{ matrix.replace_default || false }}
     strategy:
       matrix:
         wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
         openssl_ref: [ 'openssl-3.5.0' ]
+        replace_default: [ false, true ]
+        exclude:
+          - wolfssl_ref: 'master'
+            replace_default: true
 
   test_cjose:
     runs-on: ubuntu-22.04
+    container: ${{ matrix.replace_default && 'debian:bookworm' || null }}
+    env:
+      DEBIAN_FRONTEND: ${{ matrix.replace_default && 'noninteractive' || '' }}
     needs: build_wolfprovider
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
     strategy:
       matrix:
-        cjose_ref: [ 'master', 'v0.6.2.1' ]
+        cjose_ref: [ 'v0.6.2.1' ]
         wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
         openssl_ref: [ 'openssl-3.5.0' ]
         force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ]
+        replace_default: [ false, true ]
+        exclude:
+          - wolfssl_ref: 'master'
+            replace_default: true
     steps:
+      - name: Install dependencies (Docker only)
+        if: ${{ matrix.replace_default }}
+        run: |
+          apt-get update
+          apt-get install -y sudo curl jq
+
       - name: Checkout wolfProvider
         uses: actions/checkout@v4
         with:
@@ -50,13 +68,19 @@ jobs:
             openssl-install/lib64
             openssl-install/include
             openssl-install/bin
+            ${{ matrix.replace_default && 'libdefault-stub-install' || '' }}
 
-          key: wolfprov-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-${{ github.sha }}
+          key: wolfprov${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-${{ github.sha }}
+          restore-keys: |
+            wolfprov${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-
           fail-on-cache-miss: true
 
       - name: Install cjose dependencies
         run: |
-          sudo apt-get install -y libjansson-dev check
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          sudo apt-get install -y build-essential autoconf automake libtool \
+              pkg-config gcc make libjansson-dev check
 
       - name: Download cjose
         uses: actions/checkout@v4
@@ -68,18 +92,27 @@ jobs:
 
       - name: Build cjose
         working-directory: cjose
+        shell: bash
         run: |
+          # Set up the environment for wolfProvider
+          source $GITHUB_WORKSPACE/scripts/env-setup
+
+          # Set additional environment variables for OpenSSL
+          export OPENSSL_INSTALL=$GITHUB_WORKSPACE/openssl-install
+          export LDFLAGS="-L${OPENSSL_INSTALL}/lib64 -L${OPENSSL_INSTALL}/lib"
+          export CPPFLAGS="-I${OPENSSL_INSTALL}/include"
+          export PKG_CONFIG_PATH="${OPENSSL_INSTALL}/lib64/pkgconfig:${OPENSSL_INSTALL}/lib/pkgconfig:${PKG_CONFIG_PATH}"
+
           # Configure with OpenSSL
-          ./configure CFLAGS="-Wno-error=deprecated-declarations" --with-openssl=$GITHUB_WORKSPACE/openssl-install
+          ./configure CFLAGS="-Wno-error=deprecated-declarations" --with-openssl=$OPENSSL_INSTALL
 
           # Build cjose
           make
 
       - name: Run cjose tests
         working-directory: cjose
+        shell: bash
         run: |
-          # Set up the environment for wolfProvider
-          source $GITHUB_WORKSPACE/scripts/env-setup
           export ${{ matrix.force_fail }}
 
           # Run tests

.github/workflows/cmdline.yml

@@ -51,7 +51,7 @@ jobs:
       # If not yet built this version, build it now
       - name: Build wolfProvider
         # Only run the test for a cache miss. On hit, we've already run the test.
-        if: steps.wolfprov-cache-restore.cache-hit != 'true'
+        if: steps.wolfprov-cache.outputs.cache-hit != 'true'
         run: |
           ${{ matrix.debug }} OPENSSL_TAG=${{ matrix.openssl_ref }} WOLFSSL_TAG=${{ matrix.wolfssl_ref }} ./scripts/build-wolfprovider.sh
 

.github/workflows/curl.yml

@@ -25,6 +25,10 @@ jobs:
 
   test_curl:
     runs-on: ubuntu-22.04
+    container:
+      image: debian:bookworm
+      env:
+        DEBIAN_FRONTEND: noninteractive
     needs: build_wolfprovider
     # This should be a safe limit for the tests to run.
     timeout-minutes: 20
@@ -38,6 +42,11 @@ jobs:
           - curl_ref: 'master'
             force_fail: 'WOLFPROV_FORCE_FAIL=1'
     steps:
+      - name: Install sudo
+        run: |
+          apt-get update
+          apt-get install -y sudo
+
       - name: Checkout wolfProvider
         uses: actions/checkout@v4
         with:
@@ -59,16 +68,28 @@ jobs:
 
       - name: Install dependencies
         run: |
+          export DEBIAN_FRONTEND=noninteractive
           sudo apt-get update
-          sudo apt-get install nghttp2 libpsl5 libpsl-dev python3-impacket
+          sudo apt-get install -y build-essential autoconf automake libtool \
+              pkg-config nghttp2 libpsl5 libpsl-dev python3-impacket 
+
+      - name: Set up environment for curl build
+        run: |
+          # Set up the environment for wolfProvider
+          source $GITHUB_WORKSPACE/scripts/env-setup
+          echo "OPENSSL_INSTALL=$OPENSSL_INSTALL" >> $GITHUB_ENV
+          echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH" >> $GITHUB_ENV
+          echo "PKG_CONFIG_PATH=$PKG_CONFIG_PATH" >> $GITHUB_ENV
+          echo "CPPFLAGS=$CPPFLAGS" >> $GITHUB_ENV
+          echo "LDFLAGS=$LDFLAGS" >> $GITHUB_ENV
 
       - name: Build curl
         uses: wolfSSL/actions-build-autotools-project@v1
         with:
           repository: curl/curl
           path: curl
           ref: ${{ matrix.curl_ref }}
-          configure: --with-openssl
+          configure: --with-openssl=$OPENSSL_INSTALL
           check: false
 
       - name: Generate certificates for curl master force-fail tests

.github/workflows/grpc.yml

@@ -25,6 +25,10 @@ jobs:
 
   test_grpc:
     runs-on: ubuntu-22.04
+    container:
+      image: debian:bookworm
+      env:
+        DEBIAN_FRONTEND: noninteractive
     needs: build_wolfprovider
     # This should be a safe limit for the tests to run.
     timeout-minutes: 30
@@ -42,6 +46,11 @@ jobs:
         wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
         openssl_ref: [ 'openssl-3.5.0' ]
     steps:
+      - name: Install sudo
+        run: |
+          apt-get update
+          apt-get install -y sudo
+
       - name: Checkout wolfProvider
         uses: actions/checkout@v4
         with:
@@ -68,8 +77,10 @@ jobs:
 
       - name: Install prerequisites
         run: |
+          export DEBIAN_FRONTEND=noninteractive
           sudo apt-get update
-          sudo apt-get install -y build-essential autoconf libtool pkg-config clang libc++-dev
+          sudo apt-get install -y build-essential autoconf libtool pkg-config \
+            clang libc++-dev iproute2 net-tools
 
       - name: Setup cmake version
         uses: jwlawson/actions-setup-cmake@v2