[FIPS 2025 CHERRYPICK] Add SSL_use_cert_and_key for per-connection cert/key setting (#3114) #10180
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Cross Build & Test | |
| on: | |
| push: | |
| branches: ["*"] | |
| pull_request: | |
| branches: ["*"] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| ppc64-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: PPC64 Build/Test | |
| run: tests/ci/run_cross_tests.sh ppc64 powerpc64-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release" "-DCMAKE_BUILD_TYPE=Release -DFIPS=1 -DBUILD_SHARED_LIBS=1" | |
| ppc32-non-fips-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: PPC32 Build/Test | |
| run: tests/ci/run_cross_tests.sh ppc powerpc-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release" | |
| ppc32-fips-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: PPC32 Build/Test | |
| run: tests/ci/run_cross_tests.sh ppc powerpc-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release -DFIPS=1 -DBUILD_SHARED_LIBS=1" | |
| ppc64le-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: PPC64LE Build/Test | |
| run: tests/ci/run_cross_tests.sh ppc64le powerpc64le-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release" "-DCMAKE_BUILD_TYPE=Release -DFIPS=1 -DBUILD_SHARED_LIBS=1" | |
| riscv64-non-fips-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: RISC-V 64 Build/Test | |
| # The flag below is set to avoid the following error with GCC 11.4.0: | |
| # | |
| # /home/runner/work/aws-lc/aws-lc/crypto/pem/pem_lib.c:705:11: error: 'strncmp' of strings of length 1 and 9 and bound of 9 evaluates to nonzero [-Werror=string-compare] | |
| # 705 | if (strncmp(buf, "-----END ", 9) == 0) { | |
| # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| env: | |
| CFLAGS: "-Wno-string-compare" | |
| run: tests/ci/run_cross_tests.sh riscv riscv64-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release" | |
| armv6-non-fips-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: armv6 Build/Test | |
| run: tests/ci/run_cross_tests.sh armv6 armv6-unknown-linux-gnueabi "-DCMAKE_BUILD_TYPE=Release" | |
| loongarch64-non-fips-build-test: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: loongarch64 Build/Test | |
| run: tests/ci/run_cross_tests.sh loongarch64 loongarch64-unknown-linux-gnu "-DCMAKE_BUILD_TYPE=Release" | |
| s390x-non-fips-build-test: | |
| if: github.repository_owner == 'aws' | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install qemu | |
| run: | | |
| sudo apt-get update -o Acquire::Languages=none -o Acquire::Translation=none | |
| sudo apt-get -y install qemu-user qemu-user-binfmt | |
| - uses: actions/checkout@v4 | |
| - name: s390x Build/Test | |
| # The flag below is set to avoid the following error with GCC 11.4.0: | |
| # | |
| # /home/runner/work/aws-lc/aws-lc/crypto/pem/pem_lib.c:705:11: error: 'strncmp' of strings of length 1 and 9 and bound of 9 evaluates to nonzero [-Werror=string-compare] | |
| # 705 | if (strncmp(buf, "-----END ", 9) == 0) { | |
| # | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
| env: | |
| CFLAGS: "-Wno-string-compare" | |
| run: tests/ci/run_cross_tests.sh s390x s390x-ibm-linux-gnu "-DCMAKE_BUILD_TYPE=Release" | |
| ios-aarch64: | |
| if: github.repository_owner == 'aws' | |
| name: iOS aarch64 cross-platform build | |
| runs-on: macos-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - uses: actions/setup-go@v4 | |
| with: | |
| go-version: ">=1.18" | |
| - run: | | |
| brew install llvm bash | |
| - name: Setup Xcode | |
| run: | | |
| echo "Setting up Xcode environment..." | |
| sudo xcodebuild -license accept || echo "License acceptance failed, continuing..." | |
| xcodebuild -runFirstLaunch || echo "First launch setup failed, continuing..." | |
| echo "Available Xcode versions:" | |
| xcodebuild -version | |
| echo "Available iOS simulator runtimes:" | |
| xcrun simctl list runtimes | grep -i ios || echo "No iOS runtimes found via simctl" | |
| - name: iOS Simulator Runner | |
| timeout-minutes: 45 | |
| run: /opt/homebrew/bin/bash tests/ci/run_ios_sim_tests.sh |