When installing in standalone mode, don't modify system config #1610
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OpenLDAP Tests | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build_wolfprovider: | |
| uses: ./.github/workflows/build-wolfprovider.yml | |
| with: | |
| wolfssl_ref: ${{ matrix.wolfssl_ref }} | |
| openssl_ref: ${{ matrix.openssl_ref }} | |
| fips_ref: ${{ matrix.fips_ref }} | |
| replace_default: ${{ matrix.replace_default }} | |
| strategy: | |
| matrix: | |
| wolfssl_ref: [ 'v5.8.2-stable' ] | |
| openssl_ref: [ 'openssl-3.5.2' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| replace_default: [ true ] | |
| test_openldap: | |
| runs-on: ubuntu-22.04 | |
| needs: build_wolfprovider | |
| container: | |
| image: debian:bookworm | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| # This should be a safe limit for the tests to run. | |
| timeout-minutes: 20 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| openldap_ref: [ 'OPENLDAP_REL_ENG_2_6_7' ] | |
| wolfssl_ref: [ 'v5.8.2-stable' ] | |
| openssl_ref: [ 'openssl-3.5.2' ] | |
| fips_ref: [ 'FIPS', 'non-FIPS' ] | |
| force_fail: [ 'WOLFPROV_FORCE_FAIL=1', '' ] | |
| replace_default: [ true ] | |
| env: | |
| WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages | |
| OPENSSL_PACKAGES_PATH: /tmp/openssl-packages | |
| WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages | |
| steps: | |
| - name: Checkout wolfProvider | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 1 | |
| - name: Download packages from build job | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: debian-packages-${{ matrix.fips_ref }}${{ matrix.replace_default && '-replace-default' || '' }}-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }} | |
| path: /tmp | |
| - name: Install wolfSSL/OpenSSL/wolfprov packages | |
| run: | | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \ | |
| ${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb | |
| apt install --reinstall -y --allow-downgrades --allow-change-held-packages \ | |
| ${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb | |
| - name: Verify wolfProvider is properly installed | |
| run: | | |
| $GITHUB_WORKSPACE/scripts/verify-install.sh \ | |
| ${{ matrix.replace_default && '--replace-default' || '' }} \ | |
| ${{ matrix.fips_ref == 'FIPS' && '--fips' || '' }} | |
| - name: Install dependencies | |
| run: | | |
| export DEBIAN_FRONTEND=noninteractive | |
| apt-get update | |
| apt-get install -y git sudo build-essential autoconf automake \ | |
| libtool pkg-config libjansson-dev check ca-certificates dpkg-dev \ | |
| groff libsasl2-dev | |
| - name: Checkout openldap | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: openldap/openldap | |
| path: openldap | |
| ref: ${{ matrix.openldap_ref }} | |
| - name: Checkout OSP | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: wolfssl/osp | |
| path: osp | |
| fetch-depth: 1 | |
| - run: | | |
| cd openldap | |
| # Apply the wolfProvider patch | |
| patch -p1 < $GITHUB_WORKSPACE/osp/wolfProvider/openldap/openldap-${{ matrix.openldap_ref }}-debian-wolfprov.patch | |
| - name: Build and test OpenLDAP with wolfProvider | |
| working-directory: openldap | |
| shell: bash | |
| run: | | |
| set -o pipefail | |
| # Generate configure script | |
| rm -f aclocal.m4 | |
| autoreconf -ivf | |
| # Configure with OpenSSL | |
| ./configure --with-tls=openssl --disable-bdb --disable-hdb | |
| # Build OpenLDAP | |
| make -j depend | |
| make -j | |
| export ${{ matrix.force_fail }} | |
| if [ -n "${{ matrix.force_fail }}" ]; then | |
| set +e | |
| fi | |
| if [ "${{ matrix.force_fail }}" = "WOLFPROV_FORCE_FAIL=1" ]; then | |
| # Run with a 15 minute timeout for WPFF since it breaks on test 067 | |
| timeout 15m make -j check 2>&1 | tee openldap-test.log | |
| TEST_RESULT=${PIPESTATUS[0]} | |
| if [ $TEST_RESULT -eq 124 ]; then | |
| echo "make -j check timed out after 15 minutes with WOLFPROV_FORCE_FAIL=1" | |
| echo "Tests failed to complete as expected" | |
| TEST_RESULT=1 | |
| fi | |
| else | |
| make -j check 2>&1 | tee openldap-test.log | |
| TEST_RESULT=${PIPESTATUS[0]} | |
| fi | |
| $GITHUB_WORKSPACE/.github/scripts/check-workflow-result.sh $TEST_RESULT ${{ matrix.force_fail }} openldap |