Skip to content

Add TLS keylog support #447

Add TLS keylog support

Add TLS keylog support #447

Workflow file for this run

name: libnetconf2 CI
on:
push:
branches:
- master
- devel
pull_request:
branches:
- master
- devel
env:
DEFAULT_PACKAGES: libcmocka-dev zlib1g-dev libssh-dev libssl-dev libpam0g-dev libcurl4-openssl-dev
jobs:
git-branch:
name: Get git branch
runs-on: ubuntu-latest
outputs:
branch-name: ${{ steps.get-git-branch.outputs.branch-name }}
steps:
- id: get-git-branch
run: |
if ${{ github.event_name == 'push' }}
then export GIT_BRANCH=`echo ${{ github.ref }} | cut -d'/' -f 3`
else
export GIT_BRANCH=${{ github.base_ref }}
fi
echo "branch-name=$GIT_BRANCH" >> $GITHUB_OUTPUT
build:
name: ${{ matrix.config.name }}
runs-on: ${{ matrix.config.os }}
needs: git-branch
strategy:
fail-fast: false
matrix:
config:
- {
name: "Release, gcc, OpenSSL",
os: "ubuntu-22.04",
build-type: "Release",
dep-build-type: "Release",
cc: "gcc",
options: "-DENABLE_TESTS=ON -DENABLE_DNSSEC=ON",
tls-lib: "OpenSSL",
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "Release, gcc, MbedTLS",
os: "ubuntu-22.04",
build-type: "Release",
dep-build-type: "Release",
cc: "gcc",
options: "-DENABLE_TESTS=ON -DENABLE_DNSSEC=ON",
tls-lib: "MbedTLS",
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "Release, clang",
os: "ubuntu-22.04",
build-type: "Release",
dep-build-type: "Release",
cc: "clang",
options: "-DENABLE_TESTS=ON -DENABLE_DNSSEC=ON",
tls-lib: "OpenSSL",
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "Debug, gcc, OpenSSL",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "gcc",
options: "-DENABLE_DNSSEC=ON",
tls-lib: "OpenSSL",
packages: "valgrind",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "Debug, gcc, MbedTLS",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "gcc",
options: "-DENABLE_DNSSEC=ON",
tls-lib: "MbedTLS",
packages: "valgrind",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "Debug, clang",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "clang",
options: "-DENABLE_DNSSEC=ON",
tls-lib: "OpenSSL",
# no valgrind because it does not support DWARF5 yet generated by clang 14
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "No SSH nor TLS",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "gcc",
options: "-DENABLE_SSH_TLS=OFF",
tls-lib: "",
packages: "valgrind",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "ASAN and UBSAN, OpenSSL",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "clang",
options: "-DCMAKE_C_FLAGS=-fsanitize=address,undefined -DENABLE_VALGRIND_TESTS=OFF",
tls-lib: "OpenSSL",
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "ASAN and UBSAN, MbedTLS",
os: "ubuntu-22.04",
build-type: "Debug",
dep-build-type: "Release",
cc: "clang",
options: "-DCMAKE_C_FLAGS=-fsanitize=address,undefined -DENABLE_VALGRIND_TESTS=OFF",
tls-lib: "MbedTLS",
packages: "",
snaps: "",
make-prepend: "",
make-target: ""
}
- {
name: "ABI Check",
os: "ubuntu-22.04",
build-type: "ABICheck",
dep-build-type: "Debug",
cc: "gcc",
options: "",
tls-lib: "OpenSSL",
packages: "abi-dumper abi-compliance-checker snap",
snaps: "core universal-ctags",
make-prepend: "",
make-target: "abi-check"
}
- {
name: "DEB Package",
os: "ubuntu-22.04",
build-type: "Release",
dep-build-type: "Release",
cc: "gcc",
options: "",
tls-lib: "OpenSSL",
packages: "cmake debhelper valgrind python3-pip",
snaps: "",
make-prepend: "",
make-target: ""
}
steps:
- uses: actions/checkout@main
with:
fetch-depth: 100
- name: Deps-packages
shell: bash
run: |
sudo apt-get update
sudo apt-get install $DEFAULT_PACKAGES ${{ matrix.config.packages }}
if ${{ matrix.config.snaps != '' }}
then sudo snap refresh; sudo snap install ${{ matrix.config.snaps }}
fi
if ${{ matrix.config.name == 'DEB Package' }}; then
pip install apkg
apkg system-setup
fi
- name: Deps-uncrustify
shell: bash
working-directory: ${{ github.workspace }}
run: |
git clone --branch uncrustify-0.77.1 https://github.com/uncrustify/uncrustify
cd uncrustify
mkdir build
cd build
CC=${{ matrix.config.cc }} cmake ..
make
sudo make install
if: ${{ matrix.config.name == 'Debug, gcc, OpenSSL' || matrix.config.name == 'Debug, gcc, MbedTLS' }}
- name: Deps-libyang
shell: bash
run: |
git clone -b ${{ needs.git-branch.outputs.branch-name }} https://github.com/CESNET/libyang.git
cd libyang
if ${{ matrix.config.name == 'DEB Package' }}; then
apkg build
apkg install
else
mkdir build
cd build
CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.dep-build-type }} -DENABLE_TESTS=OFF ..
make -j2
sudo make install
fi
- name: Build-and-install-package
shell: bash
working-directory: ${{ github.workspace }}
run: |
apkg build
apkg install
if: ${{ matrix.config.name == 'DEB Package' }}
- name: Deps-libval
shell: bash
run: |
git clone https://github.com/DNSSEC-Tools/DNSSEC-Tools.git dnssec-tools
cd dnssec-tools/dnssec-tools/validator
./configure
make -j2
sudo make install
if: ${{ matrix.config.name != 'DEB Package' }}
- name: Deps-MbedTLS
shell: bash
run: |
git clone -b mbedtls-3.5.2 https://github.com/Mbed-TLS/mbedtls.git
cd mbedtls
mkdir build
cd build
CC=${{ matrix.config.cc }} cmake -DUSE_SHARED_MBEDTLS_LIBRARY=On -DENABLE_TESTING=Off ..
make -j2
sudo make install
if: ${{ matrix.config.tls-lib == 'MbedTLS' }}
- name: Configure
shell: bash
working-directory: ${{ github.workspace }}
run: |
mkdir build
cd build
CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} ..
if: ${{ matrix.config.name != 'DEB Package' }}
- name: Build
shell: bash
working-directory: ${{ github.workspace }}/build
run: |
export LC_ALL=C.UTF-8
export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH
${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }}
if: ${{ matrix.config.name != 'DEB Package' }}
- name: Test
shell: bash
working-directory: ${{ github.workspace }}/build
run: |
export LSAN_OPTIONS=suppressions=${{ github.workspace }}/tests/library_lsan.supp
ctest -j4 --output-on-failure
if: ${{ matrix.config.name != 'DEB Package' }}