FHS nuance fix for conflicts when GNUTLS_INSTALL=/usr #24
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: xmlsec test | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| build_gnutls: | |
| name: Build wolfSSL, GnuTLS and provider | |
| timeout-minutes: 20 | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-24.04 ] | |
| xmlsec_ref: [ 'master', '1.3.4', '1.3.9' ] | |
| fail-fast: false | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y build-essential gnulib autopoint gperf gtk-doc-tools nettle-dev clang \ | |
| libtasn1-bin libtasn1-6-dev libunistring-dev libp11-kit-dev libunbound-dev \ | |
| wget git flex autoconf-archive libhttp-daemon-perl ninja-build automake \ | |
| autoconf libtool libtool-bin gcc \ | |
| libxml2 libxml2-dev libxslt1.1 libxslt1-dev \ | |
| help2man man2html gtk-doc-tools \ | |
| libltdl7 libltdl-dev | |
| - name: Restore cached gnutls-wolfssl | |
| id: cache-gnutls | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/cache/gnutls | |
| ~/cache/wolfssl | |
| ~/cache/wolfssl-gnutls-wrapper | |
| ~/cache/nettle | |
| key: gnutls-wolfssl-3.8.11-${{ runner.os }}-${{ hashFiles('setup.sh', 'wolfssl-gnutls-wrapper/**', 'wolfssl/**', 'gnutls/**') }} | |
| restore-keys: | | |
| gnutls-wolfssl-3.8.11-${{ runner.os }}- | |
| - name: Copy cache to /opt | |
| if: steps.cache-gnutls.outputs.cache-hit == 'true' | |
| run: | | |
| sudo mkdir -p /opt | |
| sudo cp -a ~/cache/gnutls /opt/ | |
| sudo cp -a ~/cache/wolfssl /opt/ | |
| sudo cp -a ~/cache/wolfssl-gnutls-wrapper /opt/ | |
| if [ -d ~/cache/nettle ]; then | |
| sudo cp -a ~/cache/nettle /opt/ | |
| fi | |
| echo "Cache restored successfully" | |
| - name: Setup nettle environment | |
| run: | | |
| # Set up environment for nettle 3.10 in /opt/nettle | |
| echo "PKG_CONFIG_PATH=/opt/nettle/lib64/pkgconfig:/opt/nettle/lib/pkgconfig:$PKG_CONFIG_PATH" >> $GITHUB_ENV | |
| echo "LD_LIBRARY_PATH=/opt/nettle/lib64:/opt/nettle/lib:$LD_LIBRARY_PATH" >> $GITHUB_ENV | |
| - name: Build GnuTLS with wolfSSL provider using setup.sh script | |
| if: steps.cache-gnutls.outputs.cache-hit != 'true' | |
| run: | | |
| echo "Cache miss - running setup.sh..." | |
| GNUTLS_INSTALL=/opt/gnutls WOLFSSL_INSTALL=/opt/wolfssl NETTLE_INSTALL=/opt/nettle ./setup.sh 3.8.11 | |
| # Save to cache location | |
| mkdir -p ~/cache | |
| sudo cp -a /opt/gnutls ~/cache/ | |
| sudo cp -a /opt/wolfssl ~/cache/ | |
| sudo cp -a /opt/wolfssl-gnutls-wrapper ~/cache/ | |
| if [ -d /opt/nettle ]; then | |
| sudo cp -a /opt/nettle ~/cache/ | |
| fi | |
| sudo chown -R $(id -u):$(id -g) ~/cache | |
| - name: Check setup.sh output directories | |
| run: | | |
| echo "Check for wolfSSL installation..." | |
| ls -la /opt/wolfssl || { echo "/opt/wolfssl not found"; exit 1; } | |
| echo "Check for GnuTLS installation..." | |
| ls -la /opt/gnutls || { echo "/opt/gnutls not found"; exit 1; } | |
| echo "Check for wrapper installation..." | |
| ls -la /opt/wolfssl-gnutls-wrapper/lib || { echo "/opt/wolfssl-gnutls-wrapper/lib not found"; exit 1; } | |
| echo "Check for nettle installation..." | |
| ls -la /opt/nettle || { echo "/opt/nettle not found"; exit 1; } | |
| - name: Verify GnuTLS version | |
| run: | | |
| export LD_LIBRARY_PATH=/opt/nettle/lib64:/opt/nettle/lib:/opt/gnutls/lib:/opt/wolfssl/lib:$LD_LIBRARY_PATH | |
| GNUTLS_VERSION=$(/opt/gnutls/bin/gnutls-cli --version 2>&1 | grep -oP 'gnutls-cli \K[0-9]+\.[0-9]+\.[0-9]+') | |
| echo "Detected GnuTLS version: $GNUTLS_VERSION" | |
| if [ "$GNUTLS_VERSION" != "3.8.11" ]; then | |
| echo "ERROR: Expected GnuTLS 3.8.11 but got $GNUTLS_VERSION" | |
| exit 1 | |
| fi | |
| echo "GnuTLS version verified: 3.8.11" | |
| - name: Clone xmlsec | |
| run: | | |
| git clone https://github.com/lsh123/xmlsec.git | |
| - name: Setup and build xmlsec | |
| working-directory: xmlsec | |
| run: | | |
| if [[ "${{ matrix.xmlsec_ref }}" != "master" ]]; then | |
| git checkout ${{ matrix.xmlsec_ref }} | |
| fi | |
| export PKG_CONFIG_PATH=/opt/nettle/lib64/pkgconfig:/opt/nettle/lib/pkgconfig:/opt/gnutls/lib/pkgconfig:$PKG_CONFIG_PATH | |
| export LD_LIBRARY_PATH=/opt/nettle/lib64:/opt/nettle/lib:/opt/gnutls/lib:$LD_LIBRARY_PATH | |
| ./autogen.sh | |
| ./configure --with-gnutls=/opt/gnutls \ | |
| --disable-dsa \ | |
| --enable-sha1 \ | |
| --enable-sha224 \ | |
| --enable-sha256 \ | |
| --enable-sha384 \ | |
| --enable-sha512 \ | |
| --enable-sha3 \ | |
| --enable-ripemd160 \ | |
| --enable-hmac \ | |
| --enable-rsa \ | |
| --enable-ec \ | |
| --enable-x509 \ | |
| --enable-aes \ | |
| --disable-des \ | |
| --enable-dh \ | |
| --enable-pbkdf2 \ | |
| --enable-concatkdf \ | |
| --enable-xmldsig \ | |
| --enable-xmlenc \ | |
| --enable-pedantic \ | |
| --enable-debugging | |
| make -j9 | |
| - name: Test xmlsec | |
| working-directory: xmlsec | |
| run: | | |
| export PKG_CONFIG_PATH=/opt/nettle/lib64/pkgconfig:/opt/nettle/lib/pkgconfig:/opt/gnutls/lib/pkgconfig:$PKG_CONFIG_PATH | |
| export LD_LIBRARY_PATH=/opt/nettle/lib64:/opt/nettle/lib:/opt/gnutls/lib:$LD_LIBRARY_PATH | |
| make check | |
| find /tmp -name "*.log" | xargs grep wgw |