Files
wolfssl/.github/workflows/se050-sim.yml
T
David Garske 7f80896033 CI optimizations
- Skip CI for draft PRs and redundant master-push re-runs; membrowse nightly.
- Add smoke test (8 configs, CFLAGS=-Werror, post-merge tree, fail-fast on conflicts).
- Add wait-for-smoke composite action for downstream CI gating.
- Add check-source-text + bash -n + shellcheck workflow (script in make dist).
- Cache apt-get update in install-apt-deps composite on cache hit.
2026-05-21 13:19:29 -07:00

71 lines
2.5 KiB
YAML

name: SE050 simulator test
# START OF COMMON SECTION
on:
push:
branches: [ 'release/**' ]
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches: [ '*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
# Build the SE050 software simulator (https://github.com/wolfSSL/simulators,
# SE050Sim/ subdirectory), build wolfSSL against its NXP Plug&Trust SDK +
# simulator bridge, and run the wolfCrypt SE050 test binary against the
# simulator TCP server.
#
# The simulator's own Dockerfile (Dockerfile.wolfcrypt) clones wolfSSL master.
# We patch it to COPY the PR checkout instead so CI reflects the PR's source.
env:
SIMULATORS_REF: 745893640e21a15b7df8c70567c522953aba2f2c
jobs:
se050_sim:
name: wolfCrypt against SE050 simulator
if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
runs-on: ubuntu-24.04
timeout-minutes: 30
steps:
- name: Checkout wolfSSL (PR source)
uses: actions/checkout@v4
with:
path: wolfssl-src
- name: Clone SE050 simulator
run: |
git clone https://github.com/wolfSSL/simulators simulators
cd simulators && git checkout "$SIMULATORS_REF"
- name: Stage PR wolfSSL into simulator build context
run: mv wolfssl-src simulators/SE050Sim/wolfssl
- name: Patch Dockerfile to use PR wolfSSL instead of upstream master
working-directory: simulators/SE050Sim
run: |
sed -i 's|^RUN git clone --depth 1 https://github.com/wolfSSL/wolfssl.git /app/wolfssl$|COPY wolfssl /app/wolfssl|' Dockerfile.wolfcrypt
# Fail fast if the pattern drifted upstream -- better a clear error
# than a CI run that silently tests master.
grep -q '^COPY wolfssl /app/wolfssl$' Dockerfile.wolfcrypt
! grep -q 'git clone .*wolfssl\.git' Dockerfile.wolfcrypt
- uses: docker/setup-buildx-action@v3
- name: Build wolfCrypt-SE050 test image
uses: docker/build-push-action@v5
with:
context: simulators/SE050Sim
file: simulators/SE050Sim/Dockerfile.wolfcrypt
push: false
load: true
tags: wolfssl-se050-sim:ci
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Run wolfCrypt tests against simulator
run: docker run --rm wolfssl-se050-sim:ci