diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index b6b25ae2..384b7ea0 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -8,7 +8,7 @@ on: branches: ["main"] jobs: - test: + test-libssh-httpd: runs-on: ubuntu-22.04 strategy: fail-fast: false @@ -19,16 +19,113 @@ jobs: env: PKCS11_MODULE: /usr/lib64/ossl-modules/pkcs11.so steps: - - name: Checkout Repository - uses: actions/checkout@v4 + - name: Get Date for DNF cache entry + id: get-date + run: | + echo "date=$(/bin/date -u "+%Y%V")" >> $GITHUB_OUTPUT + shell: bash + + - name: DNF cache + uses: actions/cache@v4 + with: + path: | + /var/cache/dnf + key: ${{ runner.os }}-dnf-${{ steps.get-date.outputs.date }} + - name: Install Build Requirements run: dnf -y install gcc git meson openssl-devel + + - name: Checkout Repository + uses: actions/checkout@v4 + - name: Setup, Build and Install pkcs11-provider run: | meson setup -Dlibdir=/usr/lib64 builddir meson compile -C builddir meson install -C builddir - - name: Test + + - name: Test ${{ matrix.test }} with softhsm + run: | + pushd tests/integration && bash -e ${{ matrix.test }}.sh + + test-bind: + name: bind + runs-on: ubuntu-22.04 + container: fedora:rawhide + steps: + - name: Get Date for DNF cache entry + id: get-date + run: | + echo "date=$(/bin/date -u "+%Y%V")" >> $GITHUB_OUTPUT + shell: bash + + - name: DNF cache + uses: actions/cache@v4 + with: + path: | + /var/cache/dnf + key: ${{ runner.os }}-dnf-${{ steps.get-date.outputs.date }} + + - name: Install Dependencies + run: | + dnf -y install clang git meson cargo expect \ + pkgconf-pkg-config openssl-devel openssl opensc \ + p11-kit-devel p11-kit-server gnutls-utils \ + gcc g++ perl-interpreter zlib-devel sqlite-devel \ + httpd bind9-next softhsm \ + 'perl(Module::Load::Conditional)' 'perl(File::Temp)' \ + 'perl(IPC::Cmd)' 'perl(FindBin)' 'perl(lib)' \ + 'perl(File::Compare)' 'perl(File::Copy)' + + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Get Kryoptic + id: kryoptic_setup + run: | + git clone https://github.com/latchset/kryoptic.git + cd kryoptic + git submodule update --init + echo "KRYOPTIC=${PWD}" >> "$GITHUB_OUTPUT" + + - name: OpenSSL build cache + uses: actions/cache@v4 + id: cache + with: + path: | + kryoptic/openssl/ + key: ${{ runner.os }}-ossl-${{ hashFiles('kryoptic/.git/modules/openssl/HEAD') }} + + - name: Generate lock file + run: | + cd kryoptic + cargo generate-lockfile + + - name: Cache Rust dependencies + uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + kryoptic/target/ + key: ${{ runner.os }}-cargo-${{ hashFiles('kryoptic/**/Cargo.lock') }} + + - name: Build Kryoptic + run: | + cd kryoptic + cargo build + + - name: Setup, Build and Install pkcs11-provider + run: | + meson setup -Dlibdir=/usr/lib64 builddir + meson compile -C builddir + meson install -C builddir + + - name: Test bind with kryoptic + env: + PKCS11_MODULE: /usr/lib64/ossl-modules/pkcs11.so + KRYOPTIC: ${{ steps.kryoptic_setup.outputs.KRYOPTIC }} run: | - pushd tests/integration - bash -e ${{ matrix.test }}.sh + pushd tests/integration && bash -e bind.sh kryoptic ; popd