Migrate some tests to Github Actions
This ads also retention json files with results from p11test to make sure we are not introducing regressions for existing cards.
This commit is contained in:
parent
1b329093f7
commit
e683c531f6
|
@ -0,0 +1,38 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig;
|
||||
|
||||
if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then
|
||||
PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
|
||||
if [ "$GITHUB_BASE_REF" == "master" ]; then
|
||||
./bootstrap.ci -s "-pr$PR_NUMBER"
|
||||
else
|
||||
./bootstrap.ci -s "$GITHUB_BASE_REF-pr$PR_NUMBER"
|
||||
fi
|
||||
else
|
||||
BRANCH=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }')
|
||||
if [ "$BRANCH" == "master" ]; then
|
||||
./bootstrap
|
||||
else
|
||||
./bootstrap.ci -s "$BRANCH"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$RUNNER_OS" == "macOS" ]; then
|
||||
./MacOSX/build
|
||||
exit $?
|
||||
fi
|
||||
|
||||
# normal procedure
|
||||
./configure --disable-dependency-tracking
|
||||
|
||||
make -j 2
|
||||
|
||||
make check
|
||||
|
||||
# this is broken in old ubuntu
|
||||
if [ "$1" == "dist" ]; then
|
||||
make distcheck
|
||||
fi
|
||||
|
||||
sudo make install
|
|
@ -6,7 +6,7 @@ BUILDPATH=${PWD}
|
|||
BRANCH="`git log --max-count=1 --date=short --abbrev=8 --pretty=format:"%cd_%h"`"
|
||||
|
||||
git clone --single-branch https://${GH_TOKEN}@github.com/OpenSC/Nightly.git > /dev/null 2>&1
|
||||
cd Nightly
|
||||
pushd Nightly
|
||||
git checkout -b "${BRANCH}"
|
||||
|
||||
for file in ${BUILDPATH}/win32/Output/OpenSC*.exe ${BUILDPATH}/opensc*.tar.gz ${BUILDPATH}/OpenSC*.dmg ${BUILDPATH}/OpenSC*.msi ${BUILDPATH}/OpenSC*.zip
|
||||
|
@ -33,3 +33,4 @@ do
|
|||
git pull --rebase origin --strategy-option ours "${BRANCH}"
|
||||
i=$(( $i + 1 ))
|
||||
done
|
||||
popd
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check clang-tidy softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git"
|
||||
if [ "$1" == "cac" ]; then
|
||||
DEPS="$DEPS libglib2.0-dev libnss3-dev gnutls-bin libusb-dev libudev-dev flex libnss3-tools"
|
||||
elif [ "$1" == "oseid" ]; then
|
||||
DEPS="$DEPS socat gawk xxd"
|
||||
elif [ "$1" == "piv"]; then
|
||||
DEPS="$DEPS ant cmake"
|
||||
elif [ "$1" == "mingw" ]; then
|
||||
DEPS="$DEPS wine binutils-mingw-w64-i686 binutils-mingw-w64-x86-64 gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 mingw-w64"
|
||||
fi
|
||||
|
||||
# make sure we do not get prompts
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y build-essential $DEPS
|
|
@ -0,0 +1,32 @@
|
|||
#!/bin/bash
|
||||
|
||||
brew install automake
|
||||
|
||||
# gengetopt
|
||||
curl https://ftp.gnu.org/gnu/gengetopt/gengetopt-2.23.tar.xz -L --output gengetopt-2.23.tar.xz
|
||||
tar xfj gengetopt-2.23.tar.xz
|
||||
pushd gengetopt-2.23
|
||||
./configure && make
|
||||
sudo make install
|
||||
popd
|
||||
|
||||
# help2man
|
||||
curl https://ftp.gnu.org/gnu/help2man/help2man-1.47.16.tar.xz -L --output help2man-1.47.16.tar.xz
|
||||
tar xjf help2man-1.47.16.tar.xz
|
||||
pushd help2man-1.47.16
|
||||
./configure && make
|
||||
sudo make install
|
||||
popd
|
||||
|
||||
# openSCToken
|
||||
export PATH="/usr/local/opt/ccache/libexec:$PATH"
|
||||
git clone https://github.com/frankmorgner/OpenSCToken.git
|
||||
sudo rm -rf /Library/Developer/CommandLineTools;
|
||||
|
||||
# TODO make the encrypted key working in github
|
||||
if [ "$GITHUB_EVENT_NAME" == "pull_request" -a -n "$encrypted_3b9f0b9d36d1_key" ]; then
|
||||
openssl aes-256-cbc -K $encrypted_3b9f0b9d36d1_key -iv $encrypted_3b9f0b9d36d1_iv -in .github/secrets.tar.enc -out .github/secrets.tar -d;
|
||||
.github/add_signing_key.sh;
|
||||
else
|
||||
unset CODE_SIGN_IDENTITY INSTALLER_SIGN_IDENTITY;
|
||||
fi
|
|
@ -0,0 +1,52 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
# VSmartcard
|
||||
if [ ! -d "vsmartcard" ]; then
|
||||
git clone https://github.com/frankmorgner/vsmartcard.git
|
||||
fi
|
||||
pushd vsmartcard/virtualsmartcard
|
||||
autoreconf -vis && ./configure && make -j2 && sudo make install
|
||||
popd
|
||||
|
||||
# libcacard
|
||||
if [ ! -d "libcacard" ]; then
|
||||
git clone https://gitlab.freedesktop.org/spice/libcacard.git
|
||||
fi
|
||||
pushd libcacard
|
||||
./autogen.sh --prefix=/usr && make -j2 && sudo make install
|
||||
popd
|
||||
|
||||
# virt_cacard
|
||||
if [ ! -d "virt_cacard" ]; then
|
||||
git clone https://github.com/Jakuje/virt_cacard.git
|
||||
fi
|
||||
pushd virt_cacard
|
||||
./autogen.sh && ./configure && make
|
||||
popd
|
||||
|
||||
sudo /etc/init.d/pcscd restart
|
||||
|
||||
pushd src/tests/p11test/
|
||||
./p11test -s 0 -p 12345678 -i -o virt_cacard.json &
|
||||
sleep 5
|
||||
popd
|
||||
|
||||
# virt_cacard startup
|
||||
pushd virt_cacard
|
||||
./setup-softhsm2.sh
|
||||
export SOFTHSM2_CONF=$PWD/softhsm2.conf
|
||||
./virt_cacard &
|
||||
wait $(ps aux | grep '[p]11test'| awk '{print $2}')
|
||||
kill -9 $(ps aux | grep '[v]irt_cacard'| awk '{print $2}')
|
||||
popd
|
||||
|
||||
# cleanup -- this would break later uses of pcscd
|
||||
pushd vsmartcard/virtualsmartcard
|
||||
sudo make uninstall
|
||||
popd
|
||||
|
||||
diff -u3 src/tests/p11test/virt_cacard{_ref,}.json
|
|
@ -0,0 +1,51 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
# install the opensc
|
||||
sudo make install
|
||||
export LD_LIBRARY_PATH=/usr/local/lib
|
||||
|
||||
if [ ! -d oseid ]; then
|
||||
git clone https://github.com/popovec/oseid
|
||||
fi
|
||||
pushd oseid/src/
|
||||
make -f Makefile.console
|
||||
if [ ! -d tmp ]; then
|
||||
mkdir tmp
|
||||
fi
|
||||
socat -d -d pty,link=tmp/OsEIDsim.socket,raw,echo=0 "exec:build/console/console ...,pty,raw,echo=0" &
|
||||
PID=$!
|
||||
sleep 1
|
||||
echo "# OsEIDsim" > tmp/reader.conf
|
||||
echo 'FRIENDLYNAME "OsEIDsim"' >> tmp/reader.conf
|
||||
echo "DEVICENAME $PWD/tmp/OsEIDsim.socket" >> tmp/reader.conf
|
||||
echo "LIBPATH $PWD/build/console/libOsEIDsim.so.0.0.1" >> tmp/reader.conf
|
||||
echo "CHANNELID 1" >> tmp/reader.conf
|
||||
sudo mv tmp/reader.conf /etc/reader.conf.d/reader.conf
|
||||
cat /etc/reader.conf.d/reader.conf
|
||||
popd
|
||||
|
||||
sudo /etc/init.d/pcscd restart
|
||||
|
||||
pushd oseid/tools
|
||||
echo | ./OsEID-tool INIT
|
||||
./OsEID-tool RSA-CREATE-KEYS
|
||||
./OsEID-tool RSA-UPLOAD-KEYS
|
||||
./OsEID-tool RSA-DECRYPT-TEST
|
||||
./OsEID-tool RSA-SIGN-PKCS11-TEST
|
||||
./OsEID-tool EC-CREATE-KEYS
|
||||
./OsEID-tool EC-UPLOAD-KEYS
|
||||
./OsEID-tool EC-SIGN-TEST
|
||||
./OsEID-tool EC-SIGN-PKCS11-TEST
|
||||
./OsEID-tool EC-ECDH-TEST
|
||||
popd
|
||||
|
||||
# this does not work as we have random key IDs in here
|
||||
#pushd src/tests/p11test/
|
||||
#./p11test -s 0 -p 11111111 -o oseid.json || true
|
||||
#diff -u3 oseid_ref.json oseid.json
|
||||
#popd
|
||||
|
||||
# cleanup -- this would break later uses of pcscd
|
||||
kill -9 $PID
|
||||
rm oseid/src/card_mem
|
||||
sudo rm /etc/reader.conf.d/reader.conf
|
|
@ -0,0 +1,82 @@
|
|||
name: Linux
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- '**.c'
|
||||
- '**.h'
|
||||
push:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-linux.sh
|
||||
- run: .github/build.sh dist
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
|
||||
build-ubuntu-18:
|
||||
runs-on: ubuntu-18.04
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-linux.sh
|
||||
- run: .github/build.sh
|
||||
|
||||
# test-piv:
|
||||
# runs-on: ubuntu-latest
|
||||
# needs: [build]
|
||||
# steps:
|
||||
# - uses: actions/checkout@v2
|
||||
# - uses: actions/cache@v2
|
||||
# id: cache-build
|
||||
# with:
|
||||
# path: ./*
|
||||
# key: ${{ runner.os }}-${{ github.sha }}
|
||||
# - run: .github/setup-linux.sh piv
|
||||
# - run: .github/test-piv.sh
|
||||
|
||||
test-cac:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh cac
|
||||
- run: .github/test-cac.sh
|
||||
|
||||
test-oseid:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
- run: .github/setup-linux.sh oseid
|
||||
- run: .github/test-oseid.sh
|
||||
|
||||
push-artifacts:
|
||||
runs-on: ubuntu-latest
|
||||
needs: [test-cac, test-oseid]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/cache@v2
|
||||
id: cache-build
|
||||
with:
|
||||
path: ./*
|
||||
key: ${{ runner.os }}-${{ github.sha }}
|
||||
- run: git config --global user.email "builds@github.com"
|
||||
- run: git config --global user.name "Github Actions";
|
||||
- run: cd out && .github/push_artifacts.sh "Github Actions ${GITHUB_REF}"
|
||||
if: ${{ github.event_name != 'pull_request' && github.repository == 'OpenSC/OpenSC' }}
|
|
@ -0,0 +1,39 @@
|
|||
name: OSX
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- '**.c'
|
||||
- '**.h'
|
||||
push:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: macos-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- run: .github/setup-macos.sh
|
||||
- run: .github/build.sh
|
||||
- name: Cache build artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
with:
|
||||
name: opensc-build-macos
|
||||
path:
|
||||
OpenSC*.dmg
|
||||
|
||||
push-artifacts:
|
||||
runs-on: macos-latest
|
||||
needs: [build]
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Pull build artifacts
|
||||
uses: actions/download-artifact@v2
|
||||
with:
|
||||
name: opensc-build-macos
|
||||
- run: git config --global user.email "builds@github.com"
|
||||
- run: git config --global user.name "Github Actions";
|
||||
- run: echo .github/push_artifacts.sh "Github Actions ${GITHUB_REF}"
|
||||
if: ${{ github.event_name != 'pull_request' && github.repository == 'OpenSC/OpenSC' }}
|
||||
# TODO this fails probably because the key is not loaded in keychain before with
|
||||
# security: SecKeychainDelete: The specified keychain could not be found.
|
||||
# - run: .github/remove_signing_key.sh; rm -f .github/secrets.tar
|
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue