Add changelog entry #108

Workflow file for this run

.github/workflows/openjdk-integration.yml at 88777f6

	---
	name: OpenJDK Integration Tests

	# Run OpenJDK tests listed in testdata/openjdk/openjdk-jtreg-tests.txt.

	env:
	OPENSSL_BRANCH: kryoptic_ossl35
	jtreg_version: 7.5.2+1
	openjdk_feature: 21

	on:
	workflow_dispatch:
	pull_request:
	branches: ["main"]
	push:
	branches: ["main"]

	jobs:
	test-openjdk-integration:
	name: OpenJDK Integration Tests
	runs-on: ubuntu-22.04
	container: fedora:latest
	steps:
	- name: Install Dependencies
	run: \|
	dnf --assumeyes --disable-repo=fedora-cisco-openh264 \
	install git cargo clang-devel openssl-devel zlib-devel sed \
	sqlite-devel openssl opensc unzip wget \
	java-${{ env.openjdk_feature }}-openjdk-devel \
	'perl(FindBin)' 'perl(lib)' 'perl(File::Compare)' \
	'perl(File::Copy)' 'perl(bigint)' 'perl(Time::HiRes)' \
	'perl(IPC::Cmd)' 'perl(Pod::Html)' 'perl(Digest::SHA)' \
	'perl(Module::Load::Conditional)' 'perl(File::Temp)' \
	'perl(Test::Harness)' 'perl(Test::More)' 'perl(Math::BigInt)'

	# Kryoptic build steps; try to keep in sync with relevant build.yml steps.
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Setup OpenSSL
	id: ossl-setup
	run: \|
	git config --global --add safe.directory /__w/kryoptic
	cd ..
	git clone https://github.com/simo5/openssl.git \
	--single-branch --branch $OPENSSL_BRANCH openssl
	cd openssl
	echo "KRYOPTIC_OPENSSL_SOURCES=$PWD" >> "$GITHUB_ENV"
	echo "cacheid=${{ runner.os }}-ossl-$(git rev-parse HEAD)" \
	>> "$GITHUB_OUTPUT"

	- name: Restore OpenSSL build
	uses: actions/cache/restore@v4
	id: cache
	with:
	path: ${{ env.KRYOPTIC_OPENSSL_SOURCES }}
	key: ${{ steps.ossl-setup.outputs.cacheid }}

	- name: Restore Rust dependencies
	uses: actions/cache/restore@v4
	with:
	path: \|
	~/.cargo/bin/
	~/.cargo/registry/index/
	~/.cargo/registry/cache/
	~/.cargo/git/db/
	target/
	key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}

	- name: Generate lock file
	run: cargo generate-lockfile

	- name: Build Kryoptic
	run: make fips && ./misc/hmacify.sh target/debug/libkryoptic_pkcs11.so

	# OpenJDK steps.
	- name: Get container OpenJDK version
	id: get-openjdk-version
	run: \|
	. /usr/lib/jvm/java-${{ env.openjdk_feature }}-openjdk/release && \
	echo version=$JAVA_RUNTIME_VERSION >> $GITHUB_OUTPUT

	- name: Clone and check out OpenJDK test cases
	run: \|
	mkdir -p testdata/openjdk/deps
	cd testdata/openjdk/deps
	# Clone depth 10 for "git describe".
	git clone --depth 10 \
	--branch \
	kryoptic-jdk-${{ env.openjdk_feature }} \
	https://github.com/fitzsim/jdk${{ env.openjdk_feature }}u-dev
	cd ../../..

	- name: Compare container OpenJDK and test versions
	run: \|
	CONTAINER_VERSION="${{ steps.get-openjdk-version.outputs.version }}"
	cd testdata/openjdk/deps/jdk${{ env.openjdk_feature }}u-dev
	OPENJDK_SOURCE_VERSION=$(git tag --contains $(git describe --abbrev=0) \
	\| head --lines 1 \| sed 's/^jdk-//')
	echo OpenJDK test cases are based on "${OPENJDK_SOURCE_VERSION}"
	cd ../../../..
	if test "${CONTAINER_VERSION}" != "${OPENJDK_SOURCE_VERSION}"
	then
	echo Warning: container/tests version mismatch:
	echo "container: ${CONTAINER_VERSION}"
	echo "source: ${OPENJDK_SOURCE_VERSION}"
	BRANCH=kryoptic-jdk-${{ env.openjdk_feature }}
	echo Please rebase "${BRANCH}" branch on jdk-${CONTAINER_VERSION}
	fi

	# Get pkcs11-provider for kryoptic.nss-init.sh used by jtreg-kryoptic.sh.
	- name: Get pkcs11-provider
	id: get-pkcs11-provider
	run: \|
	mkdir -p testdata/openjdk/deps
	cd testdata/openjdk/deps
	git clone https://github.com/latchset/pkcs11-provider.git
	cd ../../..

	# JTReg archive.
	- name: Restore JTReg binary from cache
	uses: actions/cache/restore@v4
	id: restore-jtreg-binary
	with:
	path: jtreg-${{ env.jtreg_version }}.zip
	key: ${{ runner.os }}-jtreg-${{ env.jtreg_version }}

	- if: ${{ steps.restore-jtreg-binary.outputs.cache-hit != 'true' }}
	name: Download JTReg binary
	id: download-jtreg-binary
	run: \|
	wget --no-verbose \
	https://builds.shipilev.net/jtreg/jtreg-${{ env.jtreg_version }}.zip

	- if: ${{ steps.restore-jtreg-binary.outputs.cache-hit != 'true' }}
	name: Cache JTReg binary
	uses: actions/cache/save@v4
	with:
	path: jtreg-${{ env.jtreg_version }}.zip
	key: ${{ runner.os }}-jtreg-${{ env.jtreg_version }}

	# Extract JTReg.
	- name: Extract JTReg binary
	id: extract-jtreg-binary
	run: \|
	mkdir -p testdata/openjdk/deps
	cd testdata/openjdk/deps
	unzip ../../../jtreg-${{ env.jtreg_version }}.zip
	chmod +x jtreg/bin/jtreg
	cd ../../..

	# Run test suite.
	- name: Run OpenJDK JTReg test cases
	id: run-openjdk-jtreg-test-cases
	run: \|
	testdata/openjdk/jtreg-kryoptic.sh check-jtreg

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add changelog entry #108

Workflow file

Add changelog entry #108

Uh oh!

Jobs

Run details

Workflow file for this run