Static code analysis fixes #500
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: wolfPKCS11 Storage Format Upgrade Test | |
| on: | |
| pull_request: | |
| branches: [ '*' ] | |
| env: | |
| WOLFSSL_VERSION: v5.8.4-stable | |
| jobs: | |
| storage-upgrade-test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| base-ref: | |
| - name: master | |
| ref: master | |
| branch-dir: master-branch | |
| # v1.3.0 disk storage is too broken to run | |
| # - name: v1.3.0 | |
| # ref: v1.3.0-stable | |
| # branch-dir: v1.3.0-stable-branch | |
| steps: | |
| # Checkout the PR branch | |
| - name: Checkout PR branch | |
| uses: actions/checkout@v4 | |
| with: | |
| path: pr-branch | |
| submodules: true | |
| # Checkout base branch/tag separately | |
| - name: Checkout ${{ matrix.base-ref.name }} branch | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ matrix.base-ref.ref }} | |
| path: ${{ matrix.base-ref.branch-dir }} | |
| submodules: true | |
| - name: Cache wolfSSL | |
| id: cache-wolfssl | |
| uses: actions/cache@v4 | |
| with: | |
| path: wolfssl | |
| key: wolfssl-${{ env.WOLFSSL_VERSION }} | |
| # Setup wolfssl (required dependency) | |
| - name: Checkout wolfssl | |
| if: steps.cache-wolfssl.outputs.cache-hit != 'true' | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: wolfssl/wolfssl | |
| path: wolfssl | |
| ref: ${{ env.WOLFSSL_VERSION }} | |
| - name: Build wolfssl | |
| if: steps.cache-wolfssl.outputs.cache-hit != 'true' | |
| working-directory: ./wolfssl | |
| run: | | |
| ./autogen.sh | |
| ./configure --enable-aescfb --enable-rsapss --enable-keygen --enable-pwdbased --enable-scrypt \ | |
| C_EXTRA_FLAGS="-DWOLFSSL_PUBLIC_MP -DWC_RSA_DIRECT" | |
| make | |
| - name: Install wolfssl | |
| working-directory: ./wolfssl | |
| run: | | |
| sudo make install | |
| sudo ldconfig | |
| # Phase 1: Build and test base branch/tag | |
| - name: Modify pkcs11test.c for storage generation | |
| working-directory: ./${{ matrix.base-ref.branch-dir }} | |
| run: | | |
| echo "=== Modifying pkcs11test.c for storage generation ===" | |
| # Check if WOLFPKCS11_NO_STORE is used and change it to use token path | |
| if grep -q 'XSETENV("WOLFPKCS11_NO_STORE"' tests/pkcs11test.c; then | |
| echo "Found WOLFPKCS11_NO_STORE, changing to WOLFPKCS11_TOKEN_PATH" | |
| sed -i 's/XSETENV("WOLFPKCS11_NO_STORE", "1", 1);/XSETENV("WOLFPKCS11_TOKEN_PATH", ".\/store\/pkcs11test", 1);/' tests/pkcs11test.c | |
| else | |
| echo "WOLFPKCS11_NO_STORE not found, assuming WOLFPKCS11_TOKEN_PATH is already set" | |
| fi | |
| echo "=== pkcs11test.c modification completed ===" | |
| - name: Build wolfPKCS11 ${{ matrix.base-ref.name }} | |
| working-directory: ./${{ matrix.base-ref.branch-dir }} | |
| run: | | |
| echo "=== Building wolfPKCS11 ${{ matrix.base-ref.name }} branch ===" | |
| ./autogen.sh | |
| ./configure | |
| make | |
| - name: Run tests on ${{ matrix.base-ref.name }} to generate storage files | |
| working-directory: ./${{ matrix.base-ref.branch-dir }} | |
| run: | | |
| echo "=== Running tests on ${{ matrix.base-ref.name }} branch ===" | |
| ./tests/pkcs11test | |
| echo "=== ${{ matrix.base-ref.name }} branch test completed ===" | |
| # Phase 2: Build PR branch and copy storage files from base | |
| - name: Build wolfPKCS11 PR branch | |
| working-directory: ./pr-branch | |
| run: | | |
| echo "=== Building wolfPKCS11 PR branch ===" | |
| ./autogen.sh | |
| ./configure | |
| make | |
| - name: Copy storage files from ${{ matrix.base-ref.name }} to PR | |
| run: | | |
| echo "=== Copying storage files from ${{ matrix.base-ref.name }} to PR branch ===" | |
| # Create directories if they don't exist | |
| mkdir -p pr-branch/store | |
| # Copy store files | |
| if [ -d "${{ matrix.base-ref.branch-dir }}/store" ]; then | |
| cp -rv ${{ matrix.base-ref.branch-dir }}/store/* pr-branch/store/ 2>/dev/null || echo "No files in ${{ matrix.base-ref.branch-dir }}/store/" | |
| fi | |
| echo "=== Storage file copy completed ===" | |
| - name: Test storage format compatibility (${{ matrix.base-ref.name }} → PR) | |
| working-directory: ./pr-branch | |
| run: | | |
| echo "=== Testing storage format compatibility with PR branch ===" | |
| echo "This tests that the PR can read storage files created by ${{ matrix.base-ref.name }} branch" | |
| # List the copied files for verification | |
| echo "Files in store directory:" | |
| ls -la store/* 2>/dev/null || echo "No wp* files in store/" | |
| # Run the tests with the copied storage files | |
| ./tests/pkcs11test | |
| echo "=== Storage format upgrade test (${{ matrix.base-ref.name }} → PR) completed successfully ===" | |
| # Upload artifacts for debugging if needed | |
| - name: Upload storage test artifacts | |
| if: failure() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: storage-upgrade-test-artifacts-${{ matrix.base-ref.name }} | |
| path: | | |
| pr-branch/test-suite.log | |
| ${{ matrix.base-ref.branch-dir }}/store/* | |
| ${{ matrix.base-ref.branch-dir }}/test-suite.log | |
| retention-days: 5 | |
| # Capture logs on failure | |
| - name: Upload failure logs | |
| if: failure() || cancelled() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: storage-upgrade-test-failure-logs-${{ matrix.base-ref.name }} | |
| path: | | |
| pr-branch/test-suite.log | |
| pr-branch/config.log | |
| ${{ matrix.base-ref.branch-dir }}/test-suite.log | |
| ${{ matrix.base-ref.branch-dir }}/config.log | |
| retention-days: 5 |