Restructure authentication policies. #2802
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
# permit manual invocation of the workflow via the GitHub Actions web UI | |
workflow_dispatch: | |
# run the tests for any direct push to main | |
push: | |
branches: ['main'] | |
paths-ignore: | |
- '.dockerignore' | |
- '.github/workflow/e2e.yml' | |
- '.github/workflow/pkg.yml' | |
- '.github/workflow/e2e test cache rebuild.yml' | |
- 'Changelog.md' | |
- 'Dockerfile' | |
- 'doc/**' | |
- 'docker/**' | |
- 'LICENSE' | |
- 'README.md' | |
- 'tests/e2e/**' | |
# run the tests on creation or update of any pull request | |
pull_request: | |
paths-ignore: | |
- '.dockerignore' | |
- '.github/workflow/e2e.yml' | |
- '.github/workflow/pkg.yml' | |
- '.github/workflow/e2e test cache rebuild.yml' | |
- 'Changelog.md' | |
- 'Dockerfile' | |
- 'doc/**' | |
- 'docker/**' | |
- 'LICENSE' | |
- 'README.md' | |
- 'tests/e2e/**' | |
jobs: | |
build: | |
name: build | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
os: [ubuntu-latest] | |
# Test against the oldest supported version. | |
# Test against beta Rust to get early warning of any problems that might occur with the upcoming Rust release. | |
# Order: oldest Rust to newest Rust. | |
rust: [1.74.0, stable, beta] | |
# Test with no features, default features ("") and all except UI tests. | |
# Order: fewest features to most features. | |
args: ["--no-default-features", "", "--features all"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Rust | |
uses: hecrj/setup-rust-action@v1 | |
with: | |
rust-version: ${{ matrix.rust }} | |
- if: matrix.rust == 'stable' && matrix.args == '--features all' | |
run: cargo clippy ${{ matrix.args }} -- -D warnings | |
- run: cargo build ${{ matrix.args }} --locked | |
- run: cargo test ${{ matrix.args }} -- --test-threads=1 2>&1 | |
pykmip-test: | |
name: pykmip-test | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
rust: [1.74.0, stable, beta] | |
features: ["hsm", "hsm,hsm-tests-kmip"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Install Rust | |
uses: hecrj/setup-rust-action@v2 | |
with: | |
rust-version: ${{ matrix.rust }} | |
- uses: actions/setup-python@v4 | |
with: | |
# Pin to Python 3.11 because 3.12 removes the ssl.wrap_socket() | |
# function which PyKMIP uses. | |
python-version: '3.11' | |
- name: Install PyKMIP | |
run: | | |
pip install pykmip --constraint test-resources/pykmip/constraints.txt | |
- name: Compile the tests | |
run: | | |
cargo build --tests --no-default-features --features ${{ matrix.features }} | |
- name: Run the tests against the PyKMIP server | |
run: | | |
cd test-resources/pykmip | |
python run-server.py & | |
sleep 5s | |
openssl s_client -connect 127.0.0.1:5696 || true | |
cd - | |
cargo test --no-default-features --features ${{ matrix.features }} -- --test-threads=1 2>&1 | |
- name: Dump the PyKMIP log | |
if: always() | |
working-directory: test-resources/pykmip | |
run: | | |
ls -la | |
cat server.log | |
softhsm2-test: | |
name: softhsm2-test | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
rust: [1.74.0, stable, beta] | |
features: ["hsm,hsm-tests-pkcs11"] | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
- name: Install Rust | |
uses: hecrj/setup-rust-action@v2 | |
with: | |
rust-version: ${{ matrix.rust }} | |
- name: Install SoftHSM2 | |
run: | | |
sudo apt update | |
sudo apt install -y softhsm2 | |
sudo usermod -aG softhsm $(whoami) | |
sg softhsm -c "softhsm2-util --init-token --slot 0 --label \"My token 1\" --pin 1234 --so-pin 1234" | |
- name: Compile the tests | |
run: | | |
cargo build --tests --no-default-features --features ${{ matrix.features }} | |
- name: Run the tests against SoftHSM2 | |
run: | | |
sg softhsm -c "cargo test --no-default-features --features ${{ matrix.features }} -- --test-threads=1 2>&1" | |
- name: Dump the SoftHSM2 log | |
if: always() | |
run: | | |
cat /var/log/syslog |