Add open wrt test (#5985)

* First test

* Don't forget to run autogen.sh!

* Add tools needed by automake

* Try additional platforms

* Add in qemu for other platforms

* No real support for arm containers

* Fix indentation

* Simplify container build with a testing script

* Simpler names for actions

* No need to distribute OpenWRT test files

* Better list to put ignore files onto

* Create an 'ignore_files' list after all

* Add in some documentation of how OpenWRT tests work

* Fix up naming of OpenWrt

Co-authored-by: Andras Fekete <andras@wolfssl.com>

.github/workflows/docker-Espressif.yml

@@ -1,4 +1,4 @@
-name: Test Espressif examples on various official Docker containers
+name: Espressif examples tests
 concurrency:
   group: ${{ github.head_ref || github.run_id }}
 #  cancel-in-progress: true

.github/workflows/docker-OpenWrt.yml

@@ -0,0 +1,33 @@
+# This workflow tests out new libraries with existing OpenWrt builds to check
+# there aren't any compatibility issues. Take a look at Docker/OpenWrt/README.md
+name: OpenWrt test
+concurrency:
+    group: ${{ github.ref }}
+
+on:
+    push:
+        branches: [ 'master', 'main', 'release/**' ]
+    pull_request:
+        branches: [ '*' ]
+
+jobs:
+    compile_container:
+        name: Build OpenWrt test container
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v3
+            - uses: docker/setup-qemu-action@v2
+            - uses: docker/setup-buildx-action@v2
+            -
+              name: Build but dont push
+              uses: docker/build-push-action@v3
+              with:
+                  context: .
+                  platforms: linux/amd64
+                  file: Docker/OpenWrt/Dockerfile
+                  push: false
+                  tags: openwrt-test:latest
+#                  cache-from: type=registry,ref=openwrt-test:latest
+#                  cache-to: type=inline
+                  cache-from: type=gha
+                  cache-to: type=gha,mode=max

Docker/OpenWrt/Dockerfile

@@ -0,0 +1,18 @@
+# This Dockerfile is used in conjunction with the docker-OpenWrt.yml GitHub Action.
+FROM alpine:latest AS builder
+
+RUN apk add argp-standalone asciidoc bash bc binutils bzip2 cdrkit coreutils \
+  diffutils elfutils-dev findutils flex musl-fts-dev g++ gawk gcc gettext git \
+  grep intltool libxslt linux-headers make musl-libintl musl-obstack-dev \
+  ncurses-dev openssl-dev patch perl python3-dev rsync tar \
+  unzip util-linux wget zlib-dev autoconf automake libtool
+COPY . /workspace
+RUN cd /workspace && ./autogen.sh && ./configure --enable-all && make
+
+FROM openwrt/rootfs:x86-64-22.03.0
+
+RUN mkdir -p /var/lock # Fix for parent container
+RUN rm -f /usr/lib/libwolfssl* # make sure to eliminate existing wolfSSL library
+COPY --from=builder /workspace/src/.libs/libwolfssl.so.35.3.0 /usr/lib/libwolfssl.so.5.4.0.ee39414e
+COPY Docker/OpenWrt/runTests.sh /tmp/.
+RUN /tmp/runTests.sh

Docker/OpenWrt/README.md

@@ -0,0 +1,11 @@
+This container is really only useful in conjunction with the GitHub Workflow
+found in .github/workflows/docker-OpenWrt.yml. The idea is that we will
+compile a new libwolfssl that gets placed in official OpenWrt containers to
+run some tests ensuring the library is still compatible with existing
+binaries.
+
+To run the build locally, you can run (in your wolfSSL root directory):
+docker build -t openwrt -f Docker/OpenWrt/Dockerfile .
+
+This should build the entire container and run some sample tests. The resulting
+container then can be used to evaluate OpenWrt with the latest wolfSSL library.

Docker/OpenWrt/runTests.sh

@@ -0,0 +1,23 @@
+#/bin/sh
+
+function runCMD() { # usage: runCMD "<command>" "<retVal>"
+    eval $1 &>/dev/null
+    RETVAL=$?
+    if [ "$RETVAL" != "$2" ]; then
+        echo "Command ($1) returned ${RETVAL}, but expected $2. Rerunning with output to terminal:"
+        eval $1
+        exit 1
+    fi
+}
+
+# Successful tests
+runCMD "ldd /lib/libustream-ssl.so" 0
+runCMD "opkg update" 0
+runCMD "uclient-fetch -O /dev/null 'https://letsencrypt.org'" 0
+# Negative tests
+runCMD "uclient-fetch --ca-certificate=/dev/null -O /dev/null 'https://letsencrypt.org'" 5
+runCMD "uclient-fetch -O /dev/null 'https://self-signed.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://untrusted-root.badssl.com/'" 5
+runCMD "uclient-fetch -O /dev/null 'https://expired.badssl.com/'" 5
+
+echo "All tests passed."

Docker/include.am

@@ -4,4 +4,8 @@
 
 EXTRA_DIST+= Docker/Dockerfile
 EXTRA_DIST+= Docker/run.sh
-EXTRA_DIST+= Docker/README.md
+EXTRA_DIST+= Docker/README.md
+
+ignore_files+=Docker/OpenWRT/Dockerfile
+ignore_files+=Docker/OpenWRT/runTests.sh
+ignore_files+=Docker/OpenWRT/README.md

Makefile.am

@@ -21,6 +21,7 @@ dist_noinst_SCRIPTS =
 noinst_SCRIPTS =
 check_SCRIPTS =
 noinst_DATA =
+ignore_files =
 SUBDIRS_OPT =
 DIST_SUBDIRS_OPT =