1 # Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
3 # Licensed under the Apache License 2.0 (the "License"). You may not use
4 # this file except in compliance with the License. You can obtain a copy
5 # in the file LICENSE in the source distribution or at
6 # https://www.openssl.org/source/license.html
10 on: [pull_request, push]
12 # for some reason, this does not work:
15 # HARNESS_JOBS: "${HARNESS_JOBS:-4}"
17 # for some reason, this does not work:
23 runs-on: ubuntu-latest
25 - name: install unifdef
28 sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install unifdef
29 - uses: actions/checkout@v2
33 run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump
34 - name: make build_generated
35 run: make -s build_generated
39 run: git diff --exit-code
42 runs-on: ubuntu-latest
44 - uses: actions/checkout@v2
46 run: ./config --banner=Configured --strict-warnings enable-fips && perl configdata.pm --dump
47 - name: make build_generated
48 run: make -s build_generated
56 # This checks that we use ANSI C language syntax and semantics.
57 # We are not as strict with libraries, but rather adapt to what's
58 # expected to be available in a certain version of each platform.
60 runs-on: ubuntu-latest
62 - uses: actions/checkout@v2
64 run: CPPFLAGS=-ansi ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
69 runs-on: ubuntu-latest
71 - uses: actions/checkout@v2
73 run: sudo locale-gen tr_TR.UTF-8
75 run: CC=gcc ./config --banner=Configured enable-fips --strict-warnings && perl configdata.pm --dump
79 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
82 runs-on: ubuntu-latest
84 - uses: actions/checkout@v2
86 run: CC=clang ./config --banner=Configured no-fips --strict-warnings && perl configdata.pm --dump
90 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
93 runs-on: ubuntu-latest
95 - uses: actions/checkout@v2
97 run: ./config --banner=Configured --strict-warnings no-bulk no-pic no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
99 run: make -j4 # verbose, so no -s here
101 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
104 runs-on: ubuntu-latest
106 - uses: actions/checkout@v2
108 run: ./config --banner=Configured --strict-warnings no-deprecated enable-fips && perl configdata.pm --dump
112 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
117 os: [ ubuntu-latest, macos-latest ]
118 runs-on: ${{matrix.os}}
120 - uses: actions/checkout@v2
122 run: ./config --banner=Configured --strict-warnings no-shared no-fips && perl configdata.pm --dump
126 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
129 runs-on: ubuntu-latest
131 - uses: actions/checkout@v2
133 run: ./config --banner=Configured --debug enable-asan enable-ubsan no-cached-fetch no-fips no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump
137 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 TESTS="-test_fuzz* -test_ssl_* -test_sslapi -test_evp -test_cmp_http -test_verify -test_cms -test_store -test_enc -[01][0-9]"
139 address_ub_sanitizer:
140 runs-on: ubuntu-latest
142 - uses: actions/checkout@v2
144 run: ./config --banner=Configured --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION && perl configdata.pm --dump
148 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0
151 runs-on: ubuntu-latest
153 - uses: actions/checkout@v2
155 # --debug -O1 is to produce a debug build that runs in a reasonable amount of time
156 run: CC=clang ./config --banner=Configured --debug -O1 -fsanitize=memory -DOSSL_SANITIZE_MEMORY -fno-optimize-sibling-calls enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-fips && perl configdata.pm --dump
160 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0
163 runs-on: ubuntu-latest
165 - uses: actions/checkout@v2
167 run: CC=clang ./config --banner=Configured no-fips --strict-warnings -fsanitize=thread && perl configdata.pm --dump
171 run: make V=1 TESTS="test_threads test_internal_provider test_provfetch test_provider test_pbe test_evp_kdf test_pkcs12 test_store test_evp" test HARNESS_JOBS=${HARNESS_JOBS:-4}
173 enable_non-default_options:
174 runs-on: ubuntu-latest
176 - uses: actions/checkout@v2
178 run: sudo modprobe tls
180 run: ./config --banner=Configured --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd enable-ktls enable-fips && perl configdata.pm --dump
184 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
187 runs-on: ubuntu-latest
189 - uses: actions/checkout@v2
191 run: sudo modprobe tls
193 run: ./config --banner=Configured --strict-warnings enable-ktls enable-fips && perl configdata.pm --dump
197 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
200 runs-on: ubuntu-latest
202 - uses: actions/checkout@v2
204 run: ./config --banner=Configured --strict-warnings no-legacy enable-fips && perl configdata.pm --dump
208 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
211 runs-on: ubuntu-latest
213 - uses: actions/checkout@v2
215 run: ./config --banner=Configured -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 no-fips && perl configdata.pm --dump
219 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
224 os: [ ubuntu-latest, macos-latest ]
225 runs-on: ${{matrix.os}}
227 - uses: actions/checkout@v2
229 run: CC=gcc ./config --banner=Configured enable-tfo --strict-warnings && perl configdata.pm --dump
233 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
236 runs-on: ubuntu-latest
238 - uses: actions/checkout@v2
240 run: ./config --banner=Configured no-asm no-makedepend enable-buildtest-c++ enable-fips --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
244 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
246 out-of-source-and-install:
249 os: [ubuntu-latest, macos-latest ]
250 runs-on: ${{matrix.os}}
252 - uses: actions/checkout@v2
253 - name: extra preparations
258 run: ../config --banner=Configured enable-fips enable-acvp-tests --strict-warnings --prefix=$(cd ../install; pwd) && perl configdata.pm --dump
259 working-directory: ./build
262 working-directory: ./build
264 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
265 working-directory: ./build
268 working-directory: ./build
271 runs-on: ubuntu-latest
273 - uses: actions/checkout@v2
275 submodules: recursive
276 - name: package installs
279 sudo apt-get -yq install bison gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcsh python3-virtualenv virtualenv python3-kdcproxy
280 - name: install cpanm and Test2::V0 for gost_engine testing
281 uses: perl-actions/install-with-cpanm@v1
284 - name: setup hostname workaround
285 run: sudo hostname localhost
287 run: ./config --banner=Configured --strict-warnings --debug no-afalgeng enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 enable-external-tests no-fips && perl configdata.pm --dump
290 - name: test external gost-engine
291 run: make test TESTS="test_external_gost_engine"
292 - name: test external krb5
293 run: make test TESTS="test_external_krb5"
294 - name: test external_tlsfuzzer
295 run: make test TESTS="test_external_tlsfuzzer"
296 - name: test external oqs-provider
297 run: make test TESTS="test_external_oqsprovider"
300 runs-on: ubuntu-latest
308 - uses: actions/checkout@v2
310 submodules: recursive
311 - name: Configure OpenSSL
312 run: ./config --banner=Configured --strict-warnings --debug enable-external-tests && perl configdata.pm --dump
316 uses: actions/setup-python@v2.2.2
318 python-version: ${{ matrix.PYTHON }}
319 - uses: actions-rs/toolchain@v1
322 toolchain: ${{ matrix.RUST }}
325 - name: test external pyca
326 run: make test TESTS="test_external_pyca" VERBOSE=1
projects / openssl.git / blob