Add open wrt test (#5985)

* First test * Don't forget to run autogen.sh! * Add tools needed by automake * Try additional platforms * Add in qemu for other platforms * No real support for arm containers * Fix indentation * Simplify container build with a testing script * Simpler names for actions * No need to distribute OpenWRT test files * Better list to put ignore files onto * Create an 'ignore_files' list after all * Add in some documentation of how OpenWRT tests work * Fix up naming of OpenWrt Co-authored-by: Andras Fekete <andras@wolfssl.com>
2023-01-20 19:59:36 -05:00
parent 6206ad320c
commit b9a544920d
7 changed files with 92 additions and 2 deletions
--- a/.github/workflows/docker-Espressif.yml
+++ b/.github/workflows/docker-Espressif.yml
@@ -1,4 +1,4 @@
-name: Test Espressif examples on various official Docker containers
+name: Espressif examples tests
 concurrency:
  group: ${{ github.head_ref || github.run_id }}
 #  cancel-in-progress: true
--- a/.github/workflows/docker-OpenWrt.yml
+++ b/.github/workflows/docker-OpenWrt.yml
@@ -0,0 +1,33 @@
+# This workflow tests out new libraries with existing OpenWrt builds to check
+# there aren't any compatibility issues. Take a look at Docker/OpenWrt/README.md
+name: OpenWrt test
+concurrency:
+    group: ${{ github.ref }}
+
+on:
+    push:
+        branches: [ 'master', 'main', 'release/**' ]
+    pull_request:
+        branches: [ '*' ]
+
+jobs:
+    compile_container:
+        name: Build OpenWrt test container
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v3
+            - uses: docker/setup-qemu-action@v2
+            - uses: docker/setup-buildx-action@v2
+            -
+              name: Build but dont push
+              uses: docker/build-push-action@v3
+              with:
+                  context: .
+                  platforms: linux/amd64
+                  file: Docker/OpenWrt/Dockerfile
+                  push: false
+                  tags: openwrt-test:latest
+#                  cache-from: type=registry,ref=openwrt-test:latest
+#                  cache-to: type=inline
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max
--- a/Docker/OpenWrt/Dockerfile
+++ b/Docker/OpenWrt/Dockerfile
@@ -0,0 +1,18 @@
+# This Dockerfile is used in conjunction with the docker-OpenWrt.yml GitHub Action.
+FROM alpine:latest AS builder
+
+RUN apk add argp-standalone asciidoc bash bc binutils bzip2 cdrkit coreutils \
+  diffutils elfutils-dev findutils flex musl-fts-dev g++ gawk gcc gettext git \
+  grep intltool libxslt linux-headers make musl-libintl musl-obstack-dev \
+  ncurses-dev openssl-dev patch perl python3-dev rsync tar \
+  unzip util-linux wget zlib-dev autoconf automake libtool
+COPY . /workspace
+RUN cd /workspace && ./autogen.sh && ./configure --enable-all && make
+
+FROM openwrt/rootfs:x86-64-22.03.0
+
+RUN mkdir -p /var/lock # Fix for parent container
+RUN rm -f /usr/lib/libwolfssl* # make sure to eliminate existing wolfSSL library
+COPY --from=builder /workspace/src/.libs/libwolfssl.so.35.3.0 /usr/lib/libwolfssl.so.5.4.0.ee39414e
+COPY Docker/OpenWrt/runTests.sh /tmp/.
+RUN /tmp/runTests.sh
--- a/Docker/OpenWrt/README.md
+++ b/Docker/OpenWrt/README.md
@@ -0,0 +1,11 @@
+This container is really only useful in conjunction with the GitHub Workflow
+found in .github/workflows/docker-OpenWrt.yml. The idea is that we will
+compile a new libwolfssl that gets placed in official OpenWrt containers to
+run some tests ensuring the library is still compatible with existing
+binaries.
+
+To run the build locally, you can run (in your wolfSSL root directory):
+docker build -t openwrt -f Docker/OpenWrt/Dockerfile .
+
+This should build the entire container and run some sample tests. The resulting
+container then can be used to evaluate OpenWrt with the latest wolfSSL library.
--- a/Docker/OpenWrt/runTests.sh
+++ b/Docker/OpenWrt/runTests.sh
@@ -0,0 +1,23 @@
+#/bin/sh
+
+function runCMD() { # usage: runCMD "<command>" "<retVal>"
+    eval $1 &>/dev/null
+    RETVAL=$?
+    if [ "$RETVAL" != "$2" ]; then
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
+        eval $1
+        exit 1
+    fi
+}
+
+# Successful tests
+runCMD "ldd /lib/libustream-ssl.so" 0
+runCMD "opkg update" 0
+runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+# Negative tests
+runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+
+echo "All tests passed."
--- a/Docker/include.am
+++ b/Docker/include.am
@@ -4,4 +4,8 @@

 EXTRA_DIST+= Docker/Dockerfile
 EXTRA_DIST+= Docker/run.sh
-EXTRA_DIST+= Docker/README.md
+EXTRA_DIST+= Docker/README.md
+
+ignore_files+=Docker/OpenWRT/Dockerfile
+ignore_files+=Docker/OpenWRT/runTests.sh
+ignore_files+=Docker/OpenWRT/README.md
--- a/Makefile.am
+++ b/Makefile.am
@@ -21,6 +21,7 @@ dist_noinst_SCRIPTS =
 noinst_SCRIPTS =
 check_SCRIPTS =
 noinst_DATA =
+ignore_files =
 SUBDIRS_OPT =
 DIST_SUBDIRS_OPT =