Interoperability tests with GnuTLS and NSS #346
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Notes: | |
# /__w/openssl is the path that github bind-mounts into the container so the ci | |
# filesystem for this job can be reached. Please note that any changes made to | |
# this job involving file system paths should be made prefixed with, or relative | |
# to that directory | |
name: Interoperability tests with GnuTLS and NSS | |
on: | |
schedule: | |
- cron: '55 02 * * *' | |
workflow_dispatch: | |
jobs: | |
test: | |
runs-on: ubuntu-22.04 | |
container: | |
image: docker.io/fedora:40 | |
options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 | |
timeout-minutes: 90 | |
strategy: | |
fail-fast: false | |
matrix: | |
COMPONENT: [gnutls, nss] | |
env: | |
COMPONENT: ${{ matrix.COMPONENT }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Display environment | |
run: export | |
- name : Install needed tools | |
run: | | |
dnf -y install perl gcc rpmdevtools dnf-utils make tmt-all beakerlib \ | |
fips-mode-setup crypto-policies-scripts | |
- name: install interop tests | |
run: | | |
cd ${GITHUB_WORKSPACE} | |
git clone --branch=openssl-v0.1 --depth=1 https://gitlab.com/redhat-crypto/tests/interop.git | |
- name: build openssl as an rpm | |
run: | | |
mkdir -p /build/SPECS && cd /build && echo -e "%_topdir /build\n%_lto_cflags %{nil}" >~/.rpmmacros && rpmdev-setuptree | |
cd /build && cp ${GITHUB_WORKSPACE}/interop/openssl/openssl.spec SPECS/ && \ | |
cd SPECS/ && source ${GITHUB_WORKSPACE}/VERSION.dat && \ | |
sed -i "s/^Version: .*\$/Version: $MAJOR.$MINOR.$PATCH/" openssl.spec && \ | |
sed -i 's/^Release: .*$/Release: dev/' openssl.spec | |
yum-builddep -y /build/SPECS/openssl.spec # just for sure nothing is missing | |
mkdir -p /build/SOURCES | |
tar --transform "s/^__w\/openssl\/openssl/openssl-$MAJOR.$MINOR.$PATCH/" -czf /build/SOURCES/openssl-$MAJOR.$MINOR.$PATCH.tar.gz /__w/openssl/openssl/ | |
rpmbuild -bb /build/SPECS/openssl.spec | |
dnf install -y /build/RPMS/x86_64/openssl-* | |
cp ${GITHUB_WORKSPACE}/interop/openssl/openssl.cnf /etc/pki/tls/openssl.cnf | |
- name: Run interop tests | |
run: | | |
cd interop | |
tmt run -av plans -n interop tests -f "tag: interop-openssl & tag: interop-$COMPONENT" provision -h local --feeling-safe execute -h tmt --interactive | |
openssl version | |
echo "Finished - important to prevent unwanted output truncating" |