openvpn.yml 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
  1. name: OpenVPN Tests
  2. # START OF COMMON SECTION
  3. on:
  4. push:
  5. branches: [ 'master', 'main', 'release/**' ]
  6. pull_request:
  7. branches: [ '*' ]
  8. concurrency:
  9. group: ${{ github.workflow }}-${{ github.ref }}
  10. cancel-in-progress: true
  11. # END OF COMMON SECTION
  12. jobs:
  13. build_wolfssl:
  14. name: Build wolfSSL
  15. if: github.repository_owner == 'wolfssl'
  16. # Just to keep it the same as the testing target
  17. runs-on: ubuntu-22.04
  18. # This should be a safe limit for the tests to run.
  19. timeout-minutes: 4
  20. steps:
  21. - name: Build wolfSSL
  22. uses: wolfSSL/actions-build-autotools-project@v1
  23. with:
  24. path: wolfssl
  25. configure: --enable-openvpn
  26. install: true
  27. - name: tar build-dir
  28. run: tar -zcf build-dir.tgz build-dir
  29. - name: Upload built lib
  30. uses: actions/upload-artifact@v4
  31. with:
  32. name: wolf-install-openvpn
  33. path: build-dir.tgz
  34. retention-days: 5
  35. openvpn_check:
  36. strategy:
  37. fail-fast: false
  38. matrix:
  39. # List of refs to test
  40. ref: [ release/2.6, master ]
  41. name: ${{ matrix.ref }}
  42. if: github.repository_owner == 'wolfssl'
  43. runs-on: ubuntu-22.04
  44. # This should be a safe limit for the tests to run.
  45. timeout-minutes: 10
  46. needs: build_wolfssl
  47. steps:
  48. - name: Download lib
  49. uses: actions/download-artifact@v4
  50. with:
  51. name: wolf-install-openvpn
  52. - name: untar build-dir
  53. run: tar -xf build-dir.tgz
  54. - name: Install dependencies
  55. run: |
  56. sudo apt-get update
  57. sudo apt-get install liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev \
  58. linux-libc-dev man2html libcmocka-dev python3-docutils \
  59. libtool automake autoconf libnl-genl-3-dev libnl-genl-3-200
  60. - name: workaround high-entropy ASLR
  61. # not needed after either an update to llvm or runner is done
  62. run: sudo sysctl vm.mmap_rnd_bits=28
  63. - if: ${{ matrix.ref != 'master' }}
  64. name: Build and test openvpn with fsanitize
  65. run: |
  66. echo 'extra_c_flags=CC="gcc -fsanitize=address" CFLAGS="-fno-omit-frame-pointer -O2"' >> $GITHUB_ENV
  67. - name: Build and test openvpn
  68. uses: wolfSSL/actions-build-autotools-project@v1
  69. with:
  70. repository: OpenVPN/openvpn
  71. ref: ${{ matrix.ref }}
  72. path: openvpn
  73. configure: >-
  74. --with-crypto-library=wolfssl
  75. WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
  76. WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
  77. ${{ env.extra_c_flags }}
  78. check: true
  79. - name: Confirm OpenVPN built with wolfSSL
  80. working-directory: ./openvpn
  81. run: ldd src/openvpn/openvpn | grep wolfssl