From 1766a691520820eb58d6f3c5826e09774f074b9e Mon Sep 17 00:00:00 2001 From: Juliusz Sosinowicz Date: Tue, 28 Mar 2023 16:46:53 +0200 Subject: [PATCH] actions: Build wolfSSL in seperate job --- .github/workflows/hostap.yml | 66 ++++++++++++++++++++++++++++------- .github/workflows/openvpn.yml | 55 ++++++++++++++++++----------- .github/workflows/stunnel.yml | 33 ++++++++++++++---- 3 files changed, 114 insertions(+), 40 deletions(-) diff --git a/.github/workflows/hostap.yml b/.github/workflows/hostap.yml index 7fb6d27c5..d03aa5cf3 100644 --- a/.github/workflows/hostap.yml +++ b/.github/workflows/hostap.yml @@ -4,6 +4,46 @@ on: workflow_call: jobs: + build_wolfssl: + strategy: + matrix: + include: + - build_id: build1 + wolf_extra_config: --disable-tls13 + - build_id: build2 + wolf_extra_config: --enable-brainpool --enable-wpas-dpp + name: Build wolfSSL + # Just to keep it the same as the testing target + runs-on: ubuntu-20.04 + steps: + # No way to view the full strategy in the browser (really weird) + - name: Print strategy + run: | + cat <> $GITHUB_ENV + + - name: Build wolfSSL + uses: wolfSSL/actions-build-autotools-project@v1 + with: + path: wolfssl + configure: >- + --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA + ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }} + install: true + + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: ${{ matrix.build_id }} + path: build-dir + retention-days: 1 + # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop. hostap_test: strategy: @@ -23,13 +63,13 @@ jobs: hostap_cherry_pick: 698c05da2bd3233b005d45873caa852bc29b32c5, remove_teap: true, # TLS 1.3 does not work for this version - wolf_extra_config: --disable-tls13, + build_id: build1, }, # Test the dpp patch { hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, - wolf_extra_config: --enable-brainpool --enable-wpas-dpp + build_id: build2 }, ] # parallelize the tests to be able to run all tests within 10 minutes @@ -44,11 +84,12 @@ jobs: config: { hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb, osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446, - wolf_extra_config: --enable-brainpool --enable-wpas-dpp + build_id: build2 } name: hwsim test # For openssl 1.1 runs-on: ubuntu-20.04 + needs: build_wolfssl steps: # No way to view the full strategy in the browser (really weird) - name: Print strategy @@ -57,6 +98,11 @@ jobs: ${{ toJSON(matrix) }} EOF + - name: Checkout wolfSSL + uses: actions/checkout@v3 + with: + path: wolfssl + - name: Install dependencies run: | # Don't prompt for anything @@ -75,19 +121,15 @@ jobs: lsmod | grep mac80211 - if: ${{ runner.debug }} - name: Enable wolfSSL and hostap debug logging + name: Enable hostap debug logging run: | - echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV echo "hostap_debug_flags=-d" >> $GITHUB_ENV - - name: Build wolfSSL - uses: wolfSSL/actions-build-autotools-project@v1 + - name: Download lib + uses: actions/download-artifact@v3 with: - path: wolfssl - configure: >- - --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA - ${{ env.wolf_debug_flags }} ${{ matrix.config.wolf_extra_config }} - install: true + name: ${{ matrix.config.build_id }} + path: build-dir - name: Setup d-bus working-directory: wolfssl/.github/workflows/hostap-files diff --git a/.github/workflows/openvpn.yml b/.github/workflows/openvpn.yml index f0d907b7d..38faa2481 100644 --- a/.github/workflows/openvpn.yml +++ b/.github/workflows/openvpn.yml @@ -4,13 +4,9 @@ on: workflow_call: jobs: - openvpn_check: - strategy: - fail-fast: false - matrix: - # List of refs to test - ref: [ master, release/2.6, v2.6.0 ] - name: ${{ matrix.ref }} + build_wolfssl: + name: Build wolfSSL + # Just to keep it the same as the testing target runs-on: ubuntu-latest steps: - name: Build wolfSSL @@ -20,6 +16,29 @@ jobs: configure: --enable-openvpn install: true + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: wolf-install + path: build-dir + retention-days: 1 + + openvpn_check: + strategy: + fail-fast: false + matrix: + # List of refs to test + ref: [ master, release/2.6, v2.6.0 ] + name: ${{ matrix.ref }} + runs-on: ubuntu-latest + needs: build_wolfssl + steps: + - name: Download lib + uses: actions/download-artifact@v3 + with: + name: wolf-install + path: build-dir + - name: Install dependencies run: | sudo apt-get update @@ -29,6 +48,10 @@ jobs: - if: ${{ matrix.ref != 'master' }} name: Build and test openvpn with fsanitize + run: | + echo 'extra_c_flags=CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"' >> $GITHUB_ENV + + - name: Build and test openvpn uses: wolfSSL/actions-build-autotools-project@v1 with: repository: OpenVPN/openvpn @@ -38,19 +61,9 @@ jobs: --with-crypto-library=wolfssl WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" - CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2" - check: true - - - if: ${{ matrix.ref == 'master' }} - name: Build and test openvpn without fsanitize - uses: wolfSSL/actions-build-autotools-project@v1 - with: - repository: OpenVPN/openvpn - ref: ${{ matrix.ref }} - path: openvpn - configure: >- - --with-crypto-library=wolfssl - WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl" - WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl" + ${{ env.extra_c_flags }} check: true + - name: Confirm OpenVPN built with wolfSSL + working-directory: ./openvpn + run: ldd src/openvpn/openvpn | grep wolfssl diff --git a/.github/workflows/stunnel.yml b/.github/workflows/stunnel.yml index f782a8f2c..3ab4f7270 100644 --- a/.github/workflows/stunnel.yml +++ b/.github/workflows/stunnel.yml @@ -4,13 +4,9 @@ on: workflow_call: jobs: - stunnel_check: - strategy: - fail-fast: false - matrix: - # List of releases to test - ref: [ 5.67 ] - name: ${{ matrix.ref }} + build_wolfssl: + name: Build wolfSSL + # Just to keep it the same as the testing target runs-on: ubuntu-latest steps: - name: Build wolfSSL @@ -19,6 +15,29 @@ jobs: path: wolfssl configure: --enable-stunnel install: true + + - name: Upload built lib + uses: actions/upload-artifact@v3 + with: + name: wolf-install + path: build-dir + retention-days: 1 + + stunnel_check: + strategy: + fail-fast: false + matrix: + # List of releases to test + ref: [ 5.67 ] + name: ${{ matrix.ref }} + runs-on: ubuntu-latest + needs: build_wolfssl + steps: + - name: Download lib + uses: actions/download-artifact@v3 + with: + name: wolf-install + path: build-dir - name: Checkout OSP uses: actions/checkout@v3