-
Notifications
You must be signed in to change notification settings - Fork 115
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
1 parent
32ed1f6
commit 41c106d
Showing
10 changed files
with
243 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
name: Integration tests | ||
on: | ||
push: | ||
branches: [ '*' ] | ||
pull_request: | ||
branches: [ '*' ] | ||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref_name }} | ||
cancel-in-progress: true | ||
env: | ||
CC: gcc | ||
jobs: | ||
openldap: | ||
if: github.repository_owner == 'aws' | ||
runs-on: ubuntu-latest | ||
name: OpenLDAP | ||
steps: | ||
- name: Install OS Dependencies | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get -y --no-install-recommends install cmake gcc ninja-build golang make | ||
- uses: actions/checkout@v3 | ||
- name: Build AWS-LC, build openldap, run tests | ||
run: | | ||
./tests/ci/run_openldap_integration.sh master OPENLDAP_REL_ENG_2_5 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 changes: 20 additions & 0 deletions
20
tests/ci/openldap_patch/OPENLDAP_REL_ENG_2_5/print-libcrypto-info.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- ./servers/slapd/main.c 2024-01-29 18:53:15.000000000 +0000 | ||
+++ ./servers/slapd/main.c 2024-01-29 18:22:49.300948791 +0000 | ||
@@ -43,6 +43,8 @@ | ||
#include "slapi/slapi.h" | ||
#endif | ||
|
||
+#include <openssl/crypto.h> | ||
+ | ||
#ifdef LDAP_SIGCHLD | ||
static RETSIGTYPE wait4child( int sig ); | ||
#endif | ||
@@ -764,6 +766,8 @@ | ||
|
||
if ( version ) { | ||
fprintf( stderr, "%s\n", Versionstr ); | ||
+ fprintf( stderr, "COMPILE OPENSSL VERSION: %s\n", OPENSSL_VERSION_TEXT); | ||
+ fprintf( stderr, "RUNTIME OPENSSL VERSION: %s\n", OpenSSL_version(OPENSSL_VERSION)); | ||
if ( version > 2 ) { | ||
if ( slap_oinfo[0].ov_type ) { | ||
fprintf( stderr, "Included static overlays:\n"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
--- ./servers/slapd/main.c 2024-01-29 18:53:15.000000000 +0000 | ||
+++ ./servers/slapd/main.c 2024-01-29 18:22:49.300948791 +0000 | ||
@@ -43,6 +43,8 @@ | ||
#include "slapi/slapi.h" | ||
#endif | ||
|
||
+#include <openssl/crypto.h> | ||
+ | ||
#ifdef LDAP_SIGCHLD | ||
static RETSIGTYPE wait4child( int sig ); | ||
#endif | ||
@@ -764,6 +766,8 @@ | ||
|
||
if ( version ) { | ||
fprintf( stderr, "%s\n", Versionstr ); | ||
+ fprintf( stderr, "COMPILE OPENSSL VERSION: %s\n", OPENSSL_VERSION_TEXT); | ||
+ fprintf( stderr, "RUNTIME OPENSSL VERSION: %s\n", OpenSSL_version(OPENSSL_VERSION)); | ||
if ( version > 2 ) { | ||
if ( slap_oinfo[0].ov_type ) { | ||
fprintf( stderr, "Included static overlays:\n"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
#!/usr/bin/env bash | ||
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. | ||
# SPDX-License-Identifier: Apache-2.0 OR ISC | ||
|
||
set -exu | ||
|
||
source tests/ci/common_posix_setup.sh | ||
|
||
set -exuo pipefail | ||
|
||
# Set up environment. | ||
|
||
# SYS_ROOT | ||
# - SRC_ROOT(aws-lc) | ||
# - SCRATCH_FOLDER | ||
# - OPENLDAP_SRC_FOLDER | ||
# - main | ||
# ... | ||
# - OPENLDAP_PATCH_FOLDER | ||
# - main | ||
# ... | ||
# - AWS_LC_BUILD_FOLDER | ||
# - AWS_LC_INSTALL_FOLDER | ||
|
||
# Assumes script is executed from the root of aws-lc directory | ||
SCRATCH_FOLDER="${SRC_ROOT}/OPENLDAP_BUILD_ROOT" | ||
OPENLDAP_SRC_FOLDER="${SCRATCH_FOLDER}/openldap-src" | ||
OPENLDAP_PATCH_FOLDER="${SRC_ROOT}/tests/ci/openldap_patch" | ||
AWS_LC_BUILD_FOLDER="${SCRATCH_FOLDER}/aws-lc-build" | ||
AWS_LC_INSTALL_FOLDER="${SCRATCH_FOLDER}/aws-lc-install" | ||
|
||
AWS_LC_DIR=$(pwd) | ||
function aws_lc_build() { | ||
${CMAKE_COMMAND} ${AWS_LC_DIR} -GNinja "-B${AWS_LC_BUILD_FOLDER}" "-DCMAKE_INSTALL_PREFIX=${AWS_LC_INSTALL_FOLDER}" | ||
ninja -C ${AWS_LC_BUILD_FOLDER} install | ||
ls -R ${AWS_LC_INSTALL_FOLDER} | ||
rm -rf ${AWS_LC_BUILD_FOLDER}/* | ||
} | ||
|
||
function openldap_build() { | ||
local branch=${1} | ||
pushd ${branch} | ||
# Modify CFLAGS and LDFLAGS so compiler and linker can find AWS-LC's artifacts | ||
export STRICT_C_COMPILER="gcc" | ||
export CPPFLAGS="-I$AWS_LC_INSTALL_FOLDER/include" | ||
export LDFLAGS="$AWS_LC_INSTALL_FOLDER/lib/libcrypto.a $AWS_LC_INSTALL_FOLDER/lib/libssl.a" | ||
export LDFLAGS="$LDFLAGS -L$AWS_LC_INSTALL_FOLDER/lib" | ||
./configure \ | ||
--prefix=$AWS_LC_INSTALL_FOLDER \ | ||
--enable-debug \ | ||
--enable-static \ | ||
--enable-slapd \ | ||
--disable-syslog \ | ||
--with-tls \ | ||
--without-systemd | ||
make -j ${NUM_CPU_THREADS} | ||
# assert that neither libcrypto nor libssl are linked dynamically | ||
ldd ./servers/slapd/slapd | grep libcrypto || true | wc -l | xargs test 0 -eq | ||
ldd ./servers/slapd/slapd | grep libssl || true | wc -l | xargs test 0 -eq | ||
# assert that patched slapd binary is compiled against and linked to AWS-LC | ||
# for some reason, -V exits non-zero so use "true" to guard against pipefail | ||
( ./servers/slapd/slapd -V || true ) |& grep AWS-LC | wc -l | xargs test 2 -eq | ||
popd | ||
} | ||
|
||
function openldap_run_tests() { | ||
local branch=${1} | ||
pushd ${branch} | ||
make -j ${NUM_CPU_THREADS} test | ||
popd | ||
} | ||
|
||
function openldap_patch() { | ||
local branch=${1} | ||
local src_dir="${OPENLDAP_SRC_FOLDER}/${branch}" | ||
local patch_dir="${OPENLDAP_PATCH_FOLDER}/${branch}" | ||
if [[ ! $(find -L ${patch_dir} -type f -name '*.patch') ]]; then | ||
echo "No patch for ${branch}!" | ||
exit 1 | ||
fi | ||
git clone https://github.com/openldap/openldap.git ${src_dir} \ | ||
--depth 1 \ | ||
--branch ${branch} | ||
for patchfile in $(find -L ${patch_dir} -type f -name '*.patch'); do | ||
echo "Apply patch ${patchfile}..." | ||
cat ${patchfile} \ | ||
| patch -p1 --quiet -d ${src_dir} | ||
done | ||
} | ||
|
||
if [[ "$#" -eq "0" ]]; then | ||
echo "No openldap branches provided for testing" | ||
exit 1 | ||
fi | ||
|
||
mkdir -p ${SCRATCH_FOLDER} | ||
rm -rf ${SCRATCH_FOLDER}/* | ||
cd ${SCRATCH_FOLDER} | ||
|
||
mkdir -p ${AWS_LC_BUILD_FOLDER} ${AWS_LC_INSTALL_FOLDER} | ||
|
||
aws_lc_build ${SRC_ROOT} ${AWS_LC_BUILD_FOLDER} ${AWS_LC_INSTALL_FOLDER} \ | ||
-DBUILD_TESTING=OFF \ | ||
-DBUILD_SHARED_LIBS=0 | ||
|
||
# Some systems install under "lib64" instead of "lib" | ||
ln -s ${AWS_LC_INSTALL_FOLDER}/lib64 ${AWS_LC_INSTALL_FOLDER}/lib | ||
|
||
mkdir -p ${OPENLDAP_SRC_FOLDER} | ||
pushd ${OPENLDAP_SRC_FOLDER} | ||
|
||
# NOTE: As we add more versions to support, we may want to parallelize here | ||
for branch in "$@"; do | ||
openldap_patch ${branch} | ||
openldap_build ${branch} | ||
openldap_run_tests ${branch} | ||
done | ||
|
||
popd |