pkcs11-tests.yml

name: PKCS11 Tests

on: [push, pull_request]

jobs:
  build:
    name: Waiting for build
    runs-on: ubuntu-latest
    steps:
      - name: Wait for build
        uses: lewagon/wait-on-check-action@v1.3.4
        with:
          ref: ${{ github.ref }}
          check-name: 'Building JSS'
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          wait-interval: 30
        if: github.event_name == 'push'

      - name: Wait for build
        uses: lewagon/wait-on-check-action@v1.3.4
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          check-name: 'Building JSS'
          repo-token: ${{ secrets.GITHUB_TOKEN }}
          wait-interval: 30
        if: github.event_name == 'pull_request'

  pkcs11-constants-test:
    name: Testing PKCS11 Constants
    needs: build
    runs-on: ubuntu-latest
    env:
      SHARED: /tmp/workdir/jss
    steps:
      - name: Clone repository
        uses: actions/checkout@v4

      - name: Retrieve JSS images
        uses: actions/cache@v4
        with:
          key: jss-images-${{ github.sha }}
          path: jss-images.tar

      - name: Load JSS images
        run: docker load --input jss-images.tar

      - name: Set up JSS container
        run: |
          tests/bin/runner-init.sh \
              --image=jss-builder \
              --hostname=jss.example.com \
              jss

      - name: Check PKCS11 constants
        run: |
          # generate new PKCS11Constants.java from NSS header files
          docker exec jss $SHARED/tools/build_pkcs11_constants.py \
              --pkcs11t /usr/include/nss3/pkcs11t.h \
              --pkcs11n /usr/include/nss3/pkcs11n.h \
              -o PKCS11Constants.java \
              --verbose

          # compare existing PKCS11Constants.java with the new one
          docker exec jss diff \
              $SHARED/base/src/main/java/org/mozilla/jss/pkcs11/PKCS11Constants.java \
              PKCS11Constants.java