Add testing against kryoptic in CI #548
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Address sanitizer | |
| on: | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| build: | |
| name: CI with Address Sanitizer | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| name: [fedora, debian] | |
| include: | |
| - name: fedora | |
| container: fedora:latest | |
| - name: debian | |
| container: debian:sid | |
| container: ${{ matrix.container }} | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v4 | |
| - name: Install Dependencies | |
| run: | | |
| if [ -f /etc/fedora-release ]; then | |
| dnf -y install git clang gcc pkgconf-pkg-config meson \ | |
| openssl-devel openssl diffutils expect \ | |
| softhsm opensc p11-kit-devel p11-kit-server gnutls-utils \ | |
| nss-softokn nss-tools nss-softokn-devel \ | |
| dnf-command\(debuginfo-install\) libasan | |
| dnf -y debuginfo-install openssl | |
| elif [ -f /etc/debian_version ]; then | |
| cat .github/sid.debug.list > /etc/apt/sources.list.d/debug.list | |
| apt-get -q update | |
| apt-get -yq install git gcc clang meson \ | |
| pkg-config libssl-dev openssl expect \ | |
| procps libnss3 libnss3-tools libnss3-dev softhsm2 opensc p11-kit \ | |
| libp11-kit-dev p11-kit-modules gnutls-bin \ | |
| openssl-dbgsym libssl3t64-dbgsym | |
| fi | |
| - name: Setup | |
| # The detection on debian works ok, but on Fedora, we get linker script, | |
| # that is not compabitlbe with LD_PRELOAD so we force the absolute path. | |
| run: | | |
| if [ -f /etc/fedora-release ]; then | |
| CC=gcc \ | |
| meson setup builddir -Db_sanitize=address -Dpreload_libasan=/usr/lib64/libasan.so.8.0.0 | |
| elif [ -f /etc/debian_version ]; then | |
| CC=gcc \ | |
| meson setup builddir -Db_sanitize=address -Dpreload_libasan=/usr/lib/x86_64-linux-gnu/libasan.so.8.0.0 | |
| fi | |
| - name: Build and Test | |
| run: | | |
| meson compile -C builddir | |
| meson test --num-processes 1 -C builddir | |
| - uses: actions/upload-artifact@v3 | |
| if: failure() | |
| with: | |
| name: Address sanitizer logs on ${{ matrix.name }} | |
| path: | | |
| builddir/meson-logs/ | |
| builddir/tests/*.log | |
| builddir/tests/tmp.${{ matrix.token }}/p11prov-debug.log | |
| builddir/tests/tmp.${{ matrix.token }}/testvars | |
| builddir/tests/tmp.${{ matrix.token }}/openssl.cnf | |