Introduce sm-cipher workflow tests to wolfssl #9193
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,194 @@ | ||
| name: SM Cipher Test (1 of 2) | ||
| # | ||
| # Test fetches wolfssl-examples/Arduino and uses local, latest github master branch wolfssl | ||
|
Contributor
There was a problem hiding this comment. Fix comment... Arduino is not part of this test.
Contributor
There was a problem hiding this comment. Same issue with other sm-cipher.yml. https://github.com/wolfSSL/wolfsm/blob/master/.github/workflows/sm-cipher.yml#L3C33-L3C40 |
||
| # | ||
| # These 4 workflows across 3 repos are interdependent for the current $REPO_OWNER: | ||
| # | ||
| # THIS sm-cipher CI Build 1: https://github.com/$REPO_OWNER/wolfssl # /.github/workflows/sm-cipher.yml | ||
| # - Builds SM-enabled library from local clone of wolfssl master branch | ||
| # - Fetches examples from https://github.com/$REPO_OWNER/wolfsm | ||
| # | ||
| # sm-cipher CI Build 2: https://github.com/$REPO_OWNER/wolfsm # /.github/workflows/sm-cipher.yml | ||
| # - Builds SM-enabled library from fresh clone of wolfssl master branch here | ||
| # | ||
| # ** NOTE TO MAINTAINERS ** | ||
| # | ||
| # Consider using winmerge or similar tool to keep the 2 sm-cipher.yml files in relative sync. | ||
| # Although there are some specific differences, most of the contents are otherwise identical. | ||
| # | ||
|
|
||
| # START OF COMMON SECTION | ||
| on: | ||
| push: | ||
| branches: [ '**', 'master', 'main', 'release/**' ] | ||
| paths: | ||
| - '.github/workflows/sm-cipher.yml' | ||
| - './**' | ||
| pull_request: | ||
| # Run after merge on protected branches | ||
| branches: [ "main", "master", "release/**" ] | ||
| paths: | ||
| - '.github/workflows/sm-cipher.yml' | ||
| - './**' | ||
| workflow_dispatch: | ||
|
|
||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| # END OF COMMON SECTION | ||
|
|
||
| jobs: | ||
| build: | ||
| if: github.repository_owner == 'wolfssl' | ||
| runs-on: ubuntu-latest | ||
| env: | ||
| REPO_OWNER: ${{ github.repository_owner }} | ||
| steps: | ||
| - name: Checkout Repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set job environment variables | ||
| run: | | ||
| # Script to assign some common environment variables after everything is installed | ||
|
|
||
| ICON_OK=$(printf "\xE2\x9C\x85") | ||
| ICON_FAIL=$(printf "\xE2\x9D\x8C") | ||
|
|
||
| # Show predefined summary: | ||
|
|
||
| # For the wolfssl repo, the GITHUB_WORKSPACE is the directory of wolfssl | ||
| echo "GITHUB_WORKSPACE = $GITHUB_WORKSPACE" | ||
|
|
||
| # Show assigned build:env values (e.g. "wolfssl", "gojimmpi" or other owners): | ||
| echo "REPO_OWNER = $REPO_OWNER" | ||
|
|
||
| # Update environment variables, not available here in this step yet | ||
| echo "GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")" >> "$GITHUB_ENV" | ||
| echo "WOLFSM_ROOT=$(realpath "$GITHUB_WORKSPACE/../wolfsm")" >> "$GITHUB_ENV" | ||
| echo "WOLFSSL_ROOT=$(realpath "$GITHUB_WORKSPACE/../wolfssl")" >> "$GITHUB_ENV" | ||
|
|
||
| echo "GITHUB_ENV=$GITHUB_ENV" | ||
|
|
||
| git status | ||
|
|
||
| echo "contents..." | ||
| # typically "/home/runner/work/wolfssl/wolfssl" contains wolfssl source | ||
| pwd | ||
| ls | ||
| # ** END ** Set job environment variables | ||
|
|
||
| - name: Get wolfsm | ||
| run: | | ||
| # We are in wolfssl repo, fetch SM code from the wolfsm repo | ||
|
|
||
| # Show our custom values: | ||
| echo "GITHUB_WORK = $GITHUB_WORK" | ||
|
|
||
| # WOLFSM_ROOT is the repo root for wolfsm clone | ||
| echo "WOLFSM_ROOT = $WOLFSM_ROOT" | ||
|
|
||
| echo "Start pwd:" | ||
| pwd | ||
| # we're typically in $GITHUB_WORKSPACE=/home/runner/work/wolfssl/wolfssl | ||
| # goto /home/runner/work to fetch wolfsm | ||
|
|
||
| echo "Current pwd for wolfsm clone fetch: $(pwd)" | ||
| GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..") | ||
| echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" | ||
|
|
||
|
|
||
| pushd ../ | ||
| echo "Updated pwd for wolfsm clone fetch: $(pwd)" | ||
|
|
||
| echo "clone --depth 1 https://github.com/$REPO_OWNER/wolfsm.git wolfsm" | ||
|
|
||
| git clone --depth 1 https://github.com/$REPO_OWNER/wolfsm.git wolfsm | ||
|
|
||
| cd ./wolfsm | ||
| echo "Contents of this path for wolfsm = $(pwd)" | ||
| ls | ||
| popd | ||
|
|
||
| # ** END ** Get wolfsm | ||
|
|
||
| - name: Install wolfsm | ||
| run: | | ||
| # Run the local install.sh install script to install wolfsm code | ||
|
|
||
| echo "Current pwd for wolfsm clone fetch: $(pwd)" | ||
| GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..") | ||
| echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" | ||
|
|
||
| # Typically /home/runner/work | ||
| echo "GITHUB_WORK=$GITHUB_WORK" | ||
| pwd | ||
| echo "pushd $WOLFSM_ROOT" | ||
| pushd "$WOLFSM_ROOT" | ||
| pwd | ||
| ls | ||
|
|
||
| echo "wolfssl check" | ||
| ls ../wolfssl | ||
|
|
||
| echo "Call wolfsm/install.sh to install wolfsm code into $WOLFSSL_ROOT" | ||
| ./install.sh "$WOLFSSL_ROOT" | ||
| popd | ||
|
|
||
| echo "contents..." | ||
| pwd | ||
| ls | ||
|
|
||
| # ** END ** Install wolfsm | ||
|
|
||
| - name: Compile wolfssl | ||
| run: | | ||
| # Compile fresh wolfSSL with wolfsm code | ||
|
|
||
| # We're already in $WOLFSSL_ROOT | ||
| echo "Current directory: $PWD" | ||
|
|
||
| ./autogen.sh | ||
| ./configure --enable-sm3 --enable-sm4-ecb --enable-sm4-cbc --enable-sm4-ctr --enable-sm4-gcm --enable-sm4-ccm --enable-sm2 | ||
| make | ||
|
|
||
| # ** END ** Compile wolfssl | ||
|
|
||
| - name: make check | ||
| run: | | ||
| # make check | ||
|
|
||
| # We're already in $WOLFSSL_ROOT | ||
| echo "Current directory: $PWD" | ||
|
|
||
| make check | ||
|
|
||
| # ** END ** make check | ||
|
|
||
| - name: Unit test | ||
| run: | | ||
| # Run unit.test ./tests/test-sm2.conf | ||
|
|
||
| # We're already in $WOLFSSL_ROOT | ||
| echo "Current directory: $PWD" | ||
|
|
||
| echo "looking for test-sm2.conf" | ||
| ls ./tests/test-sm2.conf | ||
|
|
||
| echo "Run unit test: ./tests/unit.test ./tests/test-sm2.conf" | ||
| ./tests/unit.test ./tests/test-sm2.conf | ||
|
|
||
| # ** END ** Unit test | ||
|
|
||
| - name: Run SM benchmark | ||
| shell: bash | ||
| run: | | ||
| # Run benchmark from cloned wolfssl directory | ||
|
|
||
| # We're already in $WOLFSSL_ROOT | ||
| echo "Current directory: $PWD" | ||
|
|
||
| set -euo pipefail | ||
|
|
||
| ./wolfcrypt/benchmark/benchmark | ||
|
|
||
| # ** END ** un SM benchmark | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do we need a sm-cipher test in wolfSSL and also in wolfSM? Why duplicated? I recommend only having the one in wolfsm and adding rules to run automatically on schedule. https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows#schedule