fips-checksums.yml 2.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. # Copyright 2021-2023 The OpenSSL Project Authors. All Rights Reserved.
  2. #
  3. # Licensed under the Apache License 2.0 (the "License"). You may not use
  4. # this file except in compliance with the License. You can obtain a copy
  5. # in the file LICENSE in the source distribution or at
  6. # https://www.openssl.org/source/license.html
  7. name: FIPS Checksums
  8. on: [pull_request]
  9. permissions:
  10. contents: read
  11. jobs:
  12. compute-checksums:
  13. runs-on: ubuntu-latest
  14. steps:
  15. - name: install unifdef
  16. run: |
  17. sudo apt-get update
  18. sudo apt-get -yq --no-install-suggests --no-install-recommends --force-yes install unifdef
  19. - name: create build dirs
  20. run: |
  21. mkdir ./build-pristine
  22. mkdir ./source-pristine
  23. mkdir ./build
  24. mkdir ./source
  25. mkdir ./artifact
  26. - uses: actions/checkout@v4
  27. with:
  28. repository: ${{ github.event.pull_request.base.repo.full_name }}
  29. ref: ${{ github.event.pull_request.base.ref }}
  30. path: source-pristine
  31. - name: config pristine
  32. run: ../source-pristine/config enable-fips
  33. working-directory: ./build-pristine
  34. - name: config pristine dump
  35. run: ./configdata.pm --dump
  36. working-directory: ./build-pristine
  37. - name: make build_generated pristine
  38. run: make -s build_generated
  39. working-directory: ./build-pristine
  40. - name: make fips-checksums pristine
  41. run: make fips-checksums
  42. working-directory: ./build-pristine
  43. - uses: actions/checkout@v4
  44. with:
  45. path: source
  46. - name: config
  47. run: ../source/config enable-fips
  48. working-directory: ./build
  49. - name: config dump
  50. run: ./configdata.pm --dump
  51. working-directory: ./build
  52. - name: make build_generated
  53. run: make -s build_generated
  54. working-directory: ./build
  55. - name: make fips-checksums
  56. run: make fips-checksums
  57. working-directory: ./build
  58. - name: update checksums
  59. run: |
  60. cp -a build-pristine/providers/fips.module.sources.new source/providers/fips.module.sources
  61. cp -a build-pristine/providers/fips-sources.checksums.new source/providers/fips-sources.checksums
  62. cp -a build-pristine/providers/fips.checksum.new source/providers/fips.checksum
  63. - name: make diff-fips-checksums
  64. run: make diff-fips-checksums && touch ../artifact/fips_unchanged || ( touch ../artifact/fips_changed ; echo FIPS CHANGED )
  65. working-directory: ./build
  66. - name: save PR number
  67. run: echo ${{ github.event.number }} > ./artifact/pr_num
  68. - name: save artifact
  69. uses: actions/upload-artifact@v3
  70. with:
  71. name: fips_checksum
  72. path: artifact/