Fix TPS test failure #833
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build Tests | |
on: [push, pull_request] | |
jobs: | |
wait-for-build: | |
name: Waiting for build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Wait for build | |
uses: lewagon/[email protected] | |
with: | |
ref: ${{ github.ref }} | |
check-name: 'Building JSS' | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
wait-interval: 30 | |
if: github.event_name == 'push' | |
- name: Wait for build | |
uses: lewagon/[email protected] | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
check-name: 'Building JSS' | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
wait-interval: 30 | |
if: github.event_name == 'pull_request' | |
build-test: | |
name: Build Test | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
os: | |
- 'debian:testing' | |
- 'ubuntu:rolling' | |
container: ${{ matrix.os }} | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Set up Java | |
uses: actions/setup-java@v4 | |
with: | |
java-version: '17' | |
distribution: 'adopt' | |
- name: Install build dependencies | |
run: | | |
apt-get update | |
apt-get install -y \ | |
cmake zip unzip \ | |
g++ libnss3-dev libnss3-tools \ | |
openjdk-17-jdk libcommons-lang3-java libslf4j-java \ | |
junit5 libopentest4j-java maven | |
- name: Build JSS with CMake | |
run: ./build.sh | |
- name: Build JSS with Maven | |
run: mvn package | |
- name: Compare jss.jar | |
run: | | |
jar tvf ~/build/jss/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee cmake.out | |
jar tvf base/target/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| grep -v '^META-INF/maven/' \ | |
| tee maven.out | |
diff cmake.out maven.out | |
# TODO: Run examples | |
fedora-test: | |
name: Fedora Build Test | |
needs: wait-for-build | |
runs-on: ubuntu-latest | |
env: | |
SHARED: /tmp/workdir/pki | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Retrieve JSS images | |
uses: actions/cache@v4 | |
with: | |
key: jss-images-${{ github.sha }} | |
path: jss-images.tar | |
- name: Load JSS images | |
run: docker load --input jss-images.tar | |
- name: Set up JSS container | |
run: | | |
tests/bin/runner-init.sh \ | |
--image=jss-builder \ | |
--hostname=jss.example.com \ | |
jss | |
- name: Build JSS with CMake | |
run: | | |
docker exec jss ./build.sh | |
- name: Build JSS with Maven | |
run: | | |
docker exec jss mvn package | |
- name: Compare jss.jar | |
run: | | |
docker exec jss \ | |
jar tvf /root/build/jss/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee cmake.out | |
docker exec jss \ | |
jar tvf base/target/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| grep -v '^META-INF/maven/' \ | |
| tee maven.out | |
diff cmake.out maven.out | |
# TODO: Run examples | |
# Compare JNI symbols in the code and in the version script. | |
# If there are JNI symbols in the code but not in the version script -> fail. | |
symbol-test: | |
name: Symbol Test | |
runs-on: ubuntu-latest | |
env: | |
JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Get JNI symbols in the code | |
run: | | |
grep -iroh '^Java_org_mozilla[^(;]*' native/src/main/native/ | sort -u > /tmp/functions.txt | |
cat /tmp/functions.txt | |
- name: Get JNI symbols in the version script | |
run: | | |
grep -iroh '^Java_org_mozilla[^(;]*' lib/ | sort -u > /tmp/version.txt | |
cat /tmp/version.txt | |
- name: Compare JNI symbols | |
run: | | |
diff /tmp/functions.txt /tmp/version.txt || true | |
comm -23 --check-order /tmp/functions.txt /tmp/version.txt > /tmp/diff.txt | |
test ! -s /tmp/diff.txt | |
rpm-test: | |
name: RPM Test | |
needs: wait-for-build | |
runs-on: ubuntu-latest | |
env: | |
SHARED: /tmp/workdir/pki | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Retrieve JSS images | |
uses: actions/cache@v4 | |
with: | |
key: jss-images-${{ github.sha }} | |
path: jss-images.tar | |
- name: Load jss-images image | |
run: docker load --input jss-images.tar | |
- name: Set up JSS container | |
run: | | |
tests/bin/runner-init.sh \ | |
--image=jss-builder \ | |
--hostname=jss.example.com \ | |
jss | |
- name: Install RPMInspect | |
run: | | |
docker exec jss dnf copr enable -y copr.fedorainfracloud.org/dcantrell/rpminspect | |
docker exec jss dnf install -y rpminspect rpminspect-data-fedora | |
- name: Run RPMInspect on SRPM and RPMs | |
run: | | |
docker exec jss ./tests/bin/rpminspect.sh | |
- name: Install RPMs | |
run: | | |
docker exec jss bash -c "dnf localinstall -y build/RPMS/*.rpm" | |
- name: Build JSS with Maven | |
run: | | |
docker exec jss mvn -pl '!native,!symkey,!examples' package | |
- name: Compare jss.jar | |
run: | | |
docker exec jss jar tvf /usr/share/java/jss/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss.jar.rpm | |
docker exec jss jar tvf base/target/jss.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss.jar.maven | |
diff jss.jar.rpm jss.jar.maven | |
- name: Compare jss-tomcat.jar | |
run: | | |
docker exec jss jar tvf /usr/share/java/jss/jss-tomcat.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss-tomcat.jar.rpm | |
docker exec jss jar tvf tomcat/target/jss-tomcat.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss-tomcat.jar.maven | |
diff jss-tomcat.jar.rpm jss-tomcat.jar.maven | |
- name: Compare jss-tomcat-9.0.jar | |
run: | | |
docker exec jss jar tvf /usr/share/java/jss/jss-tomcat-9.0.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss-tomcat-9.0.jar.rpm | |
docker exec jss jar tvf tomcat-9.0/target/jss-tomcat-9.0.jar \ | |
| awk '{print $8;}' \ | |
| sort \ | |
| grep -v '/$' \ | |
| tee jss-tomcat-9.0.jar.maven | |
diff jss-tomcat-9.0.jar.rpm jss-tomcat-9.0.jar.maven | |
sandbox-test: | |
name: Sandbox Test | |
needs: wait-for-build | |
runs-on: ubuntu-latest | |
env: | |
SHARED: /tmp/workdir/jss | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
- name: Retrieve JSS images | |
uses: actions/cache@v4 | |
with: | |
key: jss-images-${{ github.sha }} | |
path: jss-images.tar | |
- name: Load jss-images image | |
run: docker load --input jss-images.tar | |
- name: Set up JSS container | |
run: | | |
tests/bin/runner-init.sh \ | |
--image=jss-builder \ | |
--hostname=jss.example.com \ | |
jss | |
- name: Install build dependencies | |
run: | | |
docker exec jss dnf builddep -y nspr nss | |
docker exec jss dnf install -y mercurial \ | |
python-unversioned-command \ | |
gyp \ | |
ninja-build | |
- name: Build NSPR and NSS | |
run: | | |
docker exec jss hg clone https://hg.mozilla.org/projects/nspr | |
docker exec jss hg clone https://hg.mozilla.org/projects/nss | |
docker exec -w /root/jss/nss jss \ | |
bash build.sh --enable-fips --enable-libpkix | |
- name: Build JSS | |
run: | | |
docker exec -w /root/jss/build jss cmake -DCMAKE_BUILD_TYPE=Debug .. | |
docker exec -w /root/jss/build jss make all | |
env: | |
SANDBOX: 1 | |
CFLAGS: -Wall -Wextra -Werror -Og -ggdb | |
- name: Run JSS tests | |
run: | | |
docker exec -w /root/jss/build jss ctest --output-on-failure |