mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 00:00:49 +02:00
3dd04c818c
With the cache save restricted to master, a cold-cache PR or release run can no longer restore in the test job what the build job just built (the per-PR cache scope is gone), so mbedtls/nss were compiled twice. Upload the build as an artifact on a cache miss and download it in the test job instead of recompiling, matching the handoff hostap-vm already uses. master still restores from the shared cache, so it never uses the artifact.
133 lines
3.9 KiB
YAML
133 lines
3.9 KiB
YAML
name: nss interop Tests
|
|
|
|
### TODO uncomment stuff
|
|
|
|
# START OF COMMON SECTION
|
|
on:
|
|
push:
|
|
branches: [ 'release/**' ]
|
|
pull_request:
|
|
types: [opened, synchronize, reopened, ready_for_review]
|
|
branches: [ '*' ]
|
|
# Daily run on master reseeds the shared cache (see save steps below).
|
|
schedule:
|
|
- cron: '40 4 * * *'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
# END OF COMMON SECTION
|
|
|
|
env:
|
|
NSS_REF: NSS_3_107_RTM
|
|
|
|
jobs:
|
|
build_nss:
|
|
name: Build nss
|
|
if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
|
|
runs-on: ubuntu-24.04
|
|
# This should be a safe limit for the tests to run.
|
|
timeout-minutes: 30
|
|
steps:
|
|
- name: Checkout wolfSSL CI actions
|
|
uses: actions/checkout@v5
|
|
with:
|
|
sparse-checkout: .github/actions
|
|
fetch-depth: 1
|
|
|
|
- name: Checking if we have nss in cache
|
|
uses: actions/cache/restore@v5
|
|
id: cache
|
|
with:
|
|
path: dist
|
|
key: nss-${{ env.NSS_REF }}
|
|
lookup-only: true
|
|
|
|
- name: Install dependencies
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
uses: ./.github/actions/install-apt-deps
|
|
with:
|
|
packages: gyp ninja-build
|
|
ghcr-debs-tag: ubuntu-24.04-full
|
|
|
|
- name: Checkout nss
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
uses: actions/checkout@v5
|
|
with:
|
|
repository: nss-dev/nss
|
|
ref: ${{ env.NSS_REF }}
|
|
path: nss
|
|
fetch-depth: 1
|
|
|
|
- name: Compile nss
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
run: |
|
|
hg clone https://hg.mozilla.org/projects/nspr
|
|
cd nss
|
|
./build.sh
|
|
|
|
# Only master (the daily schedule) saves, so all PRs share one entry.
|
|
- name: Save nss cache
|
|
if: github.ref == 'refs/heads/master' && steps.cache.outputs.cache-hit != 'true'
|
|
uses: actions/cache/save@v5
|
|
with:
|
|
path: dist
|
|
key: nss-${{ env.NSS_REF }}
|
|
|
|
# On a cache miss, hand the freshly built dist/ to nss_test via an
|
|
# artifact so nss is not compiled a second time in the same run.
|
|
- name: tar nss dist
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
run: tar -zcf nss-dist.tgz dist
|
|
|
|
- name: Upload nss build
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: nss-build
|
|
path: nss-dist.tgz
|
|
retention-days: 1
|
|
|
|
nss_test:
|
|
name: Test interop with nss
|
|
if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
|
|
runs-on: ubuntu-24.04
|
|
needs: build_nss
|
|
timeout-minutes: 30
|
|
steps:
|
|
# Restore only: the build_nss job (master/schedule) owns the save.
|
|
- name: Checking if we have nss in cache
|
|
uses: actions/cache/restore@v5
|
|
id: cache
|
|
with:
|
|
path: dist
|
|
key: nss-${{ env.NSS_REF }}
|
|
|
|
# On a cache miss, reuse the build_nss artifact instead of recompiling.
|
|
# master restores from the cache above instead.
|
|
- name: Download nss build (fallback on cache miss)
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
uses: actions/download-artifact@v7
|
|
with:
|
|
name: nss-build
|
|
|
|
- name: untar nss dist (fallback on cache miss)
|
|
if: steps.cache.outputs.cache-hit != 'true'
|
|
run: tar -xf nss-dist.tgz
|
|
|
|
- name: Build wolfSSL
|
|
uses: wolfSSL/actions-build-autotools-project@v1
|
|
with:
|
|
path: wolfssl
|
|
configure: --enable-dtls --enable-dtls13
|
|
install: false
|
|
check: false
|
|
|
|
- name: Test interop
|
|
run: bash wolfssl/.github/workflows/nss.sh
|
|
|
|
- name: print server logs
|
|
if: ${{ failure() }}
|
|
run: |
|
|
cat /tmp/server.log
|