Merge pull request #81 from gasbytes/gnutls-wolfssl-fips-ready #441
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Libjcat Build and Test | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'master', 'main', 'release/**' ] | |
| pull_request: | |
| branches: [ '*' ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| libjcat_build_test: | |
| name: Libjcat Build Test | |
| timeout-minutes: 20 | |
| strategy: | |
| matrix: | |
| os: [ ubuntu-latest ] | |
| libjcat_ref: [ '0.2.3', '0.2.0' ] | |
| fail-fast: false | |
| runs-on: ${{ matrix.os }} | |
| container: | |
| image: debian:bookworm | |
| steps: | |
| - name: Checkout gnutls-wolfssl repository | |
| uses: actions/checkout@v4 | |
| - name: Ensure make available (Ubuntu only) | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| apt-get update | |
| apt-get install -y build-essential | |
| - name: Install GnuTLS dependencies (Ubuntu only) | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| apt-get install -y gnulib autopoint gperf gtk-doc-tools nettle-dev clang \ | |
| libtasn1-bin libtasn1-6-dev libunistring-dev libp11-kit-dev libunbound-dev \ | |
| sudo wget git | |
| - name: Install libjcat dependencies (Ubuntu only) | |
| if: matrix.os == 'ubuntu-latest' | |
| run: | | |
| sudo apt-get install -y gnutls-bin gobject-introspection gtk-doc-tools \ | |
| libgirepository1.0-dev libglib2.0-dev libglib2.0-dev-bin libgnutls28-dev \ | |
| libgpgme11-dev libjson-glib-dev pkg-config shared-mime-info valac \ | |
| ninja-build python3-venv meson | |
| # ───────────── cache the wolfssl/gnutls tool-chain ───────────── | |
| - name: Restore cached gnutls-wolfssl | |
| id: cache-gnutls | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| /opt/gnutls | |
| /opt/wolfssl | |
| /opt/wolfssl-gnutls-wrapper | |
| key: gnutls-wolfssl-${{ runner.os }}-${{ hashFiles('setup.sh', 'wolfssl-gnutls-wrapper/**', 'wolfssl/**', 'gnutls/**') }} | |
| restore-keys: | | |
| gnutls-wolfssl-${{ runner.os }}- | |
| - name: Build GnuTLS with wolfSSL provider using setup.sh script | |
| if: steps.cache-gnutls.outputs.cache-hit != 'true' | |
| run: | | |
| GNUTLS_INSTALL=/opt/gnutls WOLFSSL_INSTALL=/opt/wolfssl ./setup.sh | |
| - name: Check setup.sh output directories | |
| run: | | |
| test -d /opt/wolfssl || exit 1 | |
| test -d /opt/gnutls || exit 1 | |
| test -d /opt/wolfssl-gnutls-wrapper/lib || exit 1 | |
| - name: Checkout libjcat at ${{ matrix.libjcat_ref }} | |
| run: | | |
| git clone https://github.com/hughsie/libjcat.git | |
| cd libjcat | |
| if [ "${{ matrix.libjcat_ref }}" != "master" ]; then | |
| git checkout ${{ matrix.libjcat_ref }} | |
| fi | |
| - name: Configure and build libjcat | |
| working-directory: libjcat | |
| run: | | |
| mkdir -p ~/.venvs | |
| python3 -m venv ~/.venvs/meson-056 | |
| . ~/.venvs/meson-056/bin/activate | |
| pip install 'meson==0.56.0' | |
| export PKG_CONFIG_PATH=/opt/gnutls/lib/pkgconfig:$PKG_CONFIG_PATH | |
| export CPPFLAGS="-I/opt/gnutls/include $CPPFLAGS" | |
| export LDFLAGS="-L/opt/gnutls/lib -Wl,-rpath,/opt/gnutls/lib $LDFLAGS" | |
| meson setup _build-custom -Db_coverage=false | |
| meson compile -C _build-custom | |
| - name: Test libjcat Build | |
| working-directory: libjcat | |
| run: | | |
| . ~/.venvs/meson-056/bin/activate | |
| export WGW_LOGGING=1 | |
| meson test -C _build-custom --verbose |