Use a single tool for setting up the token #1249
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Build | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| build: | |
| name: CI with software token | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| name: [fedora, debian, centos, ubuntu] | |
| compiler: [gcc, clang] | |
| token: [softokn, softhsm] | |
| include: | |
| - name: fedora | |
| container: fedora:latest | |
| - name: debian | |
| container: debian:sid | |
| - name: centos | |
| container: quay.io/centos/centos:stream9 | |
| - name: ubuntu | |
| container: ubuntu:latest | |
| container: ${{ matrix.container }} | |
| steps: | |
| - name: Install Dependencies | |
| run: | | |
| if [ "${{ matrix.name }}" = centos ]; then | |
| dnf_opts="--enablerepo=crb" | |
| fi | |
| if [ -f /etc/redhat-release ]; then | |
| dnf -y install $dnf_opts \ | |
| git ${{ matrix.compiler }} meson \ | |
| pkgconf-pkg-config openssl-devel openssl \ | |
| diffutils expect valgrind | |
| if [ "${{ matrix.token }}" = "softokn" ]; then | |
| dnf -y install nss-softokn nss-tools nss-softokn-devel | |
| elif [ "${{ matrix.token }}" = "softhsm" ]; then | |
| dnf -y install softhsm opensc p11-kit-devel p11-kit-server \ | |
| gnutls-utils | |
| fi | |
| elif [ -f /etc/debian_version ]; then | |
| apt-get -q update | |
| apt-get -yq install git ${{ matrix.compiler }} meson \ | |
| pkg-config libssl-dev openssl expect \ | |
| valgrind procps | |
| if [ "${{ matrix.token }}" = "softokn" ]; then | |
| apt-get -yq install libnss3 libnss3-tools libnss3-dev | |
| elif [ "${{ matrix.token }}" = "softhsm" ]; then | |
| apt-get -yq install softhsm2 opensc p11-kit libp11-kit-dev \ | |
| p11-kit-modules gnutls-bin | |
| fi | |
| fi | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Setup | |
| run: | | |
| CC=${{ matrix.compiler }} meson setup builddir | |
| - name: Build and Test | |
| run: | | |
| meson compile -C builddir | |
| meson test --num-processes 1 -C builddir | |
| - uses: actions/upload-artifact@v3 | |
| if: failure() | |
| with: | |
| name: Test logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }} | |
| path: | | |
| builddir/meson-logs/ | |
| builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log | |
| builddir/tests/tmp.${{ matrix.token }}/testvars | |
| builddir/tests/tmp.${{ matrix.token }}/openssl.cnf | |
| - name: Run tests with valgrind | |
| run: | | |
| if [ "${{ matrix.compiler }}" = "gcc" ]; then | |
| meson test --num-processes 1 -C builddir --setup=valgrind | |
| fi | |
| - uses: actions/upload-artifact@v3 | |
| if: failure() | |
| with: | |
| name: Test valgrind logs ${{ matrix.name }}, ${{ matrix.compiler }}, ${{ matrix.token }} | |
| path: | | |
| builddir/meson-logs/ | |
| builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log | |
| builddir/tests/tmp.${{ matrix.token }}/testvars | |
| builddir/tests/tmp.${{ matrix.token }}/openssl.cnf | |
| build-macos: | |
| name: CI with software token | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [macos-14] | |
| token: [softokn, softhsm] | |
| steps: | |
| - name: Install Dependencies | |
| run: | | |
| brew update | |
| brew install \ | |
| meson \ | |
| openssl@3 \ | |
| pkg-config | |
| if [ "${{ matrix.token }}" = "softokn" ]; then | |
| brew install nss | |
| elif [ "${{ matrix.token }}" = "softhsm" ]; then | |
| brew install \ | |
| opensc \ | |
| p11-kit \ | |
| softhsm | |
| fi | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Setup | |
| run: | | |
| export PKG_CONFIG_PATH=$(brew --prefix openssl@3)/lib/pkgconfig | |
| export PATH=$(brew --prefix openssl@3)/bin:$PATH | |
| CC=clang meson setup builddir | |
| - name: Build and Test | |
| run: | | |
| export PATH=$(brew --prefix openssl@3)/bin:$PATH | |
| meson compile -j$(sysctl -n hw.ncpu || echo 2) -C builddir | |
| meson test --num-processes 1 -C builddir | |
| - uses: actions/upload-artifact@v3 | |
| if: failure() | |
| with: | |
| name: Test logs on macOS-12 with ${{ matrix.token }} | |
| path: | | |
| builddir/meson-logs/* | |
| builddir/tests/*.log | |
| builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log | |
| builddir/tests/tmp.${{ matrix.token }}/testvars | |
| builddir/tests/tmp.${{ matrix.token }}/openssl.cnf | |