When installing in standalone mode, don't modify system config #1575
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: gRPC Tests | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| fips_ref: ${{ matrix.fips_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.2-stable' ] | |
| openssl_ref: [ 'openssl-3.5.2' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true ] | |
| test_grpc: | |
| runs-on: ubuntu-22.04 | |
| needs: build_wolfprovider | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - grpc_ref: v1.60.0 # TODO: Add master | |
| tests: >- | |
| bad_ssl_alpn_test bad_ssl_cert_test client_ssl_test | |
| crl_ssl_transport_security_test server_ssl_test | |
| ssl_transport_security_test ssl_transport_security_utils_test | |
| test_core_security_ssl_credentials_test test_cpp_end2end_ssl_credentials_test | |
| h2_ssl_cert_test h2_ssl_session_reuse_test | |
| wolfssl_ref: [ 'v5.8.2-stable' ] | |
| openssl_ref: [ 'openssl-3.5.2' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| replace_default: [ true ] | |
| env: | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| steps: | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Download packages from build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }} | |
| path: /tmp | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| - name: Verify wolfProvider is properly installed | |
| run: | | |
| $GITHUB_WORKSPACE/scripts/verify-install.sh \ | |
| ${{ matrix.replace_default && '--replace-default' || '' }} \ | |
| ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }} | |
| - name: Install prerequisites | |
| run: | | |
| apt-get update | |
| apt-get install -y build-essential autoconf libtool pkg-config clang \ | |
| libc++-dev iproute2 net-tools git python3-six | |
| - name: Confirm IPv4 and IPv6 support | |
| run: | | |
| ip addr list lo | grep 'inet ' | |
| ip addr list lo | grep 'inet6 ' | |
| - name: Setup cmake version | |
| uses: jwlawson/actions-setup-cmake@v2 | |
| with: | |
| cmake-version: '3.25.x' | |
| - name: Checkout grpc | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: grpc/grpc | |
| path: grpc | |
| ref: ${{ matrix.grpc_ref }} | |
| - name: Checkout OSP | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: wolfssl/osp | |
| path: osp | |
| fetch-depth: 1 | |
| - run: | | |
| cd grpc | |
| # Apply the wolfProvider patch | |
| patch -p1 < $GITHUB_WORKSPACE/osp/wolfProvider/grpc/grpc-FIPS-${{ matrix.grpc_ref }}-wolfprov.patch | |
| - name: Build grpc with wolfProvider | |
| working-directory: ./grpc | |
| run: | | |
| # Initialize submodules | |
| git submodule update --init | |
| # Build | |
| mkdir -p cmake/build | |
| cd cmake/build | |
| # Configure with OpenSSL and wolfProvider | |
| cmake -DgRPC_BUILD_TESTS=ON -DgRPC_SSL_PROVIDER=package ../.. | |
| # Build the tests | |
| make -j $(nproc) ${{ matrix.tests }} | |
| - name: Run grpc tests with wolfProvider | |
| working-directory: ./grpc | |
| run: | | |
| # Start the port server | |
| ./tools/run_tests/start_port_server.py | |
| export ${{ matrix.force_fail }} | |
| set +e | |
| # Run the tests | |
| all_passed=1 | |
| for t in ${{ matrix.tests }} ; do | |
| echo "===================================" | |
| echo "Running test: $t" | |
| echo "Force fail: ${{ matrix.force_fail }}" | |
| echo "===================================" | |
| ./cmake/build/$t | |
| exit_code=$? | |
| if [ $exit_code -ne 0 ]; then | |
| echo "Test $t FAILED with exit code $exit_code" | |
| echo "Force fail: ${{ matrix.force_fail }}" | |
| all_passed=0 | |
| fi | |
| done | |
| set -e | |
| if [ $all_passed -eq 1 ]; then | |
| echo "ALL TESTS PASSED" | |
| TEST_RESULT=0 | |
| else | |
| echo "SOME TESTS FAILED" | |
| TEST_RESULT=1 | |
| fi | |
| # Check results | |
| $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} grpc |