-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fedora has some fairly nice interoperability tests that we can leverage to build a PR and test it against gnutls and nss libraries. This commit adds the interop-tests.yml ci job to do that work, and run the interop tests from beaker. Fixes #20685 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from #22726) (cherry picked from commit 337eb99)
- Loading branch information
Showing
1 changed file
with
50 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
# Notes: | ||
# /__w/openssl is the path that github bind-mounts into the container so the ci | ||
# filesystem for this job can be reached. Please note that any changes made to | ||
# this job involving file system paths should be made prefixed with, or relative | ||
# to that directory | ||
name: Interoperability tests with GnuTLS and NSS | ||
on: | ||
schedule: | ||
- cron: '0 6 * * *' | ||
jobs: | ||
test: | ||
runs-on: ubuntu-22.04 | ||
container: | ||
image: docker.io/fedora:39 | ||
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 | ||
timeout-minutes: 90 | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
COMPONENT: [gnutls, nss] | ||
env: | ||
COMPONENT: ${{ matrix.COMPONENT }} | ||
steps: | ||
- uses: actions/checkout@v4 | ||
- name : Install needed tools | ||
run: | | ||
dnf -y install perl gcc rpmdevtools dnf-utils make tmt-all beakerlib \ | ||
fips-mode-setup crypto-policies-scripts | ||
- name: install interop tests | ||
run: | | ||
cd /__w/openssl/openssl | ||
git clone --branch=openssl --depth=1 https://gitlab.com/redhat-crypto/tests/interop.git | ||
- name: build openssl as an rpm | ||
run: | | ||
mkdir -p /build/SPECS && cd /build && echo -e "%_topdir /build\n%_lto_cflags %{nil}" >~/.rpmmacros && rpmdev-setuptree | ||
cd /build && cp /__w/openssl/openssl/interop/openssl.spec SPECS/ && \ | ||
cd SPECS/ && source /__w/openssl/openssl/VERSION.dat && \ | ||
sed -i "s/^Version: .*\$/Version: $MAJOR.$MINOR.$PATCH/" openssl.spec && \ | ||
sed -i 's/^Release: .*$/Release: dev/' openssl.spec | ||
yum-builddep -y /build/SPECS/openssl.spec # just for sure nothing is missing | ||
mkdir -p /build/SOURCES | ||
tar --transform "s/^__w\/openssl\/openssl/openssl-$MAJOR.$MINOR.$PATCH/" -czf /build/SOURCES/openssl-$MAJOR.$MINOR.$PATCH.tar.gz /__w/openssl/openssl/ | ||
rpmbuild -bb /build/SPECS/openssl.spec | ||
dnf install -y /build/RPMS/x86_64/openssl-* | ||
- name: Run interop tests | ||
run: | | ||
cd interop | ||
tmt run -av plans -n interop tests -f "tag: interop-openssl & tag: interop-$COMPONENT" provision -h local execute -h tmt --interactive | ||
openssl version | ||
echo "Finished - important to prevent unwanted output truncating" |