Skip to content

addition of v6 and PQC 23/06 #519

addition of v6 and PQC 23/06

addition of v6 and PQC 23/06 #519

Workflow file for this run

name: debian
on:
push:
branches:
- main
- 'release/**'
paths-ignore:
- '/*.sh'
- '/.*'
- '/_*'
- 'Brewfile'
- 'docs/**'
- '**.adoc'
- '**.md'
- '**.nix'
- 'flake.lock'
- '.github/workflows/*.yml'
- '!.github/workflows/debian.yml'
pull_request:
paths-ignore:
- '/*.sh'
- '/.*'
- '/_*'
- 'Brewfile'
- 'docs/**'
- '**.adoc'
- '**.md'
- '**.nix'
- 'flake.lock'
concurrency:
group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}'
cancel-in-progress: true
env:
CORES: 2
LANG: C.UTF-8
LC_ALL: C.UTF-8
LC_LANG: C.UTF-8
CMAKE_VER: '3.20.6-2'
BUILD_MODE: normal
GPG_VERSION: stable
SUDO: ""
USE_STATIC_DEPENDENCIES: yes
RNP_LOG_CONSOLE: 1
jobs:
tests:
name: ${{ matrix.image.container }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; GnuPG stable]
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, 'skip ci')"
timeout-minutes: 120
strategy:
fail-fast: false
matrix:
image:
- { container: 'i386/debian:11', cpu: 'i386', arch: 'ia32', backend: 'botan' }
- { container: 'i386/debian:11', cpu: 'i386', arch: 'ia32', backend: 'openssl' }
- { container: 'amd64/debian:11', cpu: 'x86_64', arch: 'x64', backend: 'botan' }
- { container: 'amd64/debian:11', cpu: 'x86_64', arch: 'x64', backend: 'openssl' }
- { container: 'i386/debian:10', cpu: 'i386', arch: 'ia32', backend: 'botan' }
env:
- { CC: 'gcc', CXX: 'g++' }
- { CC: 'clang', CXX: 'clang++' }
container: ${{ matrix.image.container }}
env: ${{ matrix.env }}
steps:
- name: Install prerequisites
run: |
apt update
apt -y install git sudo wget
- name: Setup environment
shell: bash
# rnpuser is only needed for rnpkeys_generatekey_verifykeyHomeDirNoPermission test
run: |
set -x
echo IMAGE=${{ matrix.image.container }} >> $GITHUB_ENV
echo CPU=${{ matrix.image.cpu }} >> $GITHUB_ENV
echo CRYPTO_BACKEND=${{ matrix.image.backend }} >> $GITHUB_ENV
echo "SUDO=sudo" >> $GITHUB_ENV
useradd rnpuser
printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser
printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf
- name: Checkout on x86_x64
if: env.CPU == 'x86_64'
uses: actions/checkout@v3
with:
submodules: true
- name: Checkout on i386
if: env.CPU == 'i386'
uses: actions/checkout@v1
with:
submodules: true
- name: Install cmake
run: |
wget -nv https://github.com/xpack-dev-tools/cmake-xpack/releases/download/v${{ env.CMAKE_VER }}/xpack-cmake-${{ env.CMAKE_VER }}-linux-${{ matrix.image.arch }}.tar.gz
tar -zxf xpack-cmake-${{ env.CMAKE_VER }}-linux-${{ matrix.image.arch }}.tar.gz --directory /usr/local --strip-components=1 --skip-old-files
- name: Setup noncacheable dependencies
shell: bash
run: |
. ci/gha/setup-env.inc.sh
ci/install_noncacheable_dependencies.sh
- name: Cache
id: cache
uses: actions/cache@v3
if: env.CPU == 'x86_64'
with:
path: ${{github.workspace}}/${{ env.CACHE_DIR }}
key: ${{ matrix.image.container }}-${{ matrix.env.CC }}-${{ matrix.image.backend }}-${{ hashFiles('ci/**') }}-${{ hashFiles('.github/workflows/debian.yml') }}
- name: Setup cacheable dependencies
if: steps.cache.outputs.cache-hit != 'true'
shell: bash
run: |
set -euxo pipefail
ci/install_cacheable_dependencies.sh
- name: Build and Test
shell: bash
run: |
set -x
chown -R rnpuser:rnpuser $PWD
exec su rnpuser -c ci/run.sh
- name: Package
run: |
set -x
cd ${LOCAL_BUILDS}/rnp-build
cpack -G DEB -D CPACK_DEBIAN_PACKAGE_SHLIBDEPS_PRIVATE_DIRS="${BOTAN_INSTALL}/lib;${JSONC_INSTALL}/lib;${GPG_INSTALL}/lib"