Improved CI workflow

olszomal · Dec 4, 2024 · 2546fd2 · 2546fd2
1 parent 2209d86
commit 2546fd2
Show file tree

Hide file tree

Showing 2 changed files with 142 additions and 74 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -9,39 +9,67 @@ env:
   version: 0.4.13_git
 
 jobs:
-  unix:
+  build:
     strategy:
       fail-fast: false
       matrix:
         include:
-          - os: 'ubuntu-22.04'
-          - os: 'ubuntu-20.04'
-          - os: 'macOS-latest'
+          - id: ubuntu-24.04
+            triplet: x64-linux
+            compiler: gcc
+            os: ubuntu-24.04
+            generator: Unix Makefiles
+          - id: ubuntu-22.04
+            triplet: x64-linux
+            compiler: gcc
+            os: ubuntu-22.04
+            generator: Unix Makefiles
+          - id: ubuntu-20.04
+            triplet: x64-linux
+            compiler: gcc
+            os: ubuntu-20.04
+            generator: Unix Makefiles
+          - id: macOS-3
             openssl: 'openssl@3'
-          - os: 'macOS-latest'
+            triplet: x64-osx
+            compiler: clang
+            os: macOS-latest
+            generator: Unix Makefiles
+          - id: macOS-1.1
             openssl: 'openssl@1.1'
+            triplet: x64-osx
+            compiler: clang
+            os: macOS-latest
+            generator: Unix Makefiles
 
     runs-on: ${{matrix.os}}
 
-    env:
-      PKG_CONFIG_PATH: /usr/local/opt/${{matrix.openssl}}/lib/pkgconfig
-
     steps:
     - uses: actions/checkout@v4
 
     - name: Install apt dependencies (Linux)
       if: runner.os == 'Linux'
-      run: sudo apt-get install -y libssl-dev opensc softhsm
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y libssl-dev opensc softhsm2
 
     - name: Install brew dependencies (macOS)
       if: runner.os == 'macOS'
       run: |
-        brew install libtool automake ${{matrix.openssl}} softhsm
-        brew install --cask opensc
-        echo "/usr/local/opt/${{matrix.openssl}}/bin" >> $GITHUB_PATH
+        brew install libtool automake opensc softhsm
+
+    - name: Set environment variables (macOS)
+      if: runner.os == 'macOS'
+      run: |
+        echo "/opt/homebrew/bin" >> $GITHUB_PATH
+        echo "/opt/homebrew/opt/${{matrix.openssl}}/bin" >> $GITHUB_PATH
+        echo "PKG_CONFIG_PATH=/opt/homebrew/opt/${{matrix.openssl}}/lib/pkgconfig" >> $GITHUB_ENV
 
     - name: System information
       run: |
+        which pkcs11-tool
+        which softhsm2-util
+        which openssl
         openssl version -a
         echo "PATH=$PATH"
 
@@ -58,9 +86,8 @@ jobs:
       timeout-minutes: 5
       run: make check
 
-    - name: Results of failed tests
-      if: failure()
-      run: cat tests/test-suite.log || true
+    - name: Results of tests
+      run: cat ${{github.workspace}}/tests/test-suite.log || true
 
   windows:
     strategy:

diff --git a/tests/common.sh b/tests/common.sh
@@ -28,22 +28,55 @@ echo "Output directory: ${outdir}"
 
 mkdir -p ${outdir}
 
-for i in /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib64/pkcs11 \
-		/usr/lib64/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/lib/softhsm /usr/lib; do
-	if [[ -f "$i/libsofthsm2.so" ]]; then
-		MODULE="$i/libsofthsm2.so"
-		break
-	else
-		if [[ -f "$i/libsofthsm.so" ]]; then
-			MODULE="$i/libsofthsm.so"
-			break
-		fi
-	fi
+#!/bin/bash
+
+# List of directories to search
+SOFTHSM_SEARCH_PATHS=(
+    "/usr/local"
+    "/opt/local"
+    "/usr/lib"
+    "/usr/lib64"
+    "/usr/lib/x86_64-linux-gnu"
+    "/opt/homebrew"
+    "/opt"
+)
+
+PKCS11_TOOL_SEARCH_PATHS=(
+    "/usr/bin"
+    "/usr/local/bin"
+    "/opt/homebrew/bin"
+)
+
+# Locate the SoftHSM library
+for PATH in "${SOFTHSM_SEARCH_PATHS[@]}"; do
+	echo "SoftHSM PATH=${PATH}"
+	MODULE=$(find ${PATH} -type f -name "libsofthsm2.so" 2>/dev/null)
+    if [[ -n "${MODULE}" ]]; then
+        break
+    fi
+done
+
+if [[ -n "${MODULE}" ]]; then
+    echo "SoftHSM library found: ${MODULE}"
+else
+    echo "Skipping test: SoftHSM library not found. Please install SoftHSM to proceed."
+    exit 77
+fi
+
+# Locate the pkcs11-tool
+for PATH in "${PKCS11_TOOL_SEARCH_PATHS[@]}"; do
+	echo "pkcs11-tool PATH=${PATH}"
+	PKCS11_TOOL=$(find ${PATH} -type f -name "pkcs11-tool" -perm /a+x 2>/dev/null)
+    if [[ -n "${PKCS11_TOOL}" ]]; then
+        break
+    fi
 done
 
-if [[ ! -x /usr/bin/pkcs11-tool && ! -x /usr/local/bin/pkcs11-tool ]]; then
-	echo "Skipping test: 'pkcs11-tool' not found. Please install the tool to proceed."
-	exit 77
+if [[ -n "${PKCS11_TOOL}" ]]; then
+    echo "pkcs11-tool found: ${PKCS11_TOOL}"
+else
+    echo "Skipping test: 'pkcs11-tool' not found. Please install the tool to proceed."
+    exit 77
 fi
 
 # Load openssl settings
@@ -58,14 +91,16 @@ export LD_LIBRARY_PATH=${TEMP_LD_LIBRARY_PATH}
 # Check for ldd command
 if command -v ldd >/dev/null 2>&1; then
 	LIBCRYPTO_VER=$(ldd "${MODULE}" | grep 'libcrypto' | awk '{print $1}')
+elif command -v otool >/dev/null 2>&1; then
+    LIBCRYPTO_VER=$(otool -L "${MODULE}" | grep 'libcrypto' | awk '{print $1}')
 else
-	echo "Warning: ldd command not found. Skipping library version detection."
+	echo "Warning: Neither ldd nor otool command found. Skipping library version detection."
 	LIBCRYPTO_VER="unknown"
 fi
 
 # Check OpenSSL version and library compatibility
-if [[ "$OPENSSL_VERSION" =~ ^0.* || "$OPENSSL_VERSION" =~ ^1\.0.* ]]; then
-	if [[ "$LIBCRYPTO_VER" == "libcrypto.so.3" ]]; then
+if [[ "${OPENSSL_VERSION}" =~ ^0.* || "${OPENSSL_VERSION}" =~ ^1\.0.* ]]; then
+	if [[ "${LIBCRYPTO_VER}" == "libcrypto.so.3" ]]; then
 		echo -n "Skipping test: Module '${MODULE}' built with '${LIBCRYPTO_VER}'"
 		echo "is incompatible with OpenSSL version '${OPENSSL_VERSION}'."
 		exit 77
@@ -97,47 +132,53 @@ PUK=1234
 ID=01020304
 
 # Initialize the SoftHSM DB
-init_db () {
-	if [[ -x "/usr/bin/softhsm" ]]; then
-		export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config"
-		SOFTHSM_TOOL="/usr/bin/softhsm"
-		SLOT="--slot 0"
-	fi
-
-	if [[ -x "/usr/local/bin/softhsm2-util" ]]; then
-		export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config"
-		SOFTHSM_TOOL="/usr/local/bin/softhsm2-util"
-		SLOT="--free "
-	fi
-
-	if [[ -x "/opt/local/bin/softhsm2-util" ]]; then
-		export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config"
-		SOFTHSM_TOOL="/opt/local/bin/softhsm2-util"
-		SLOT="--free "
-	fi
-
-	if [[ -x "/usr/bin/softhsm2-util" ]]; then
-		export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config"
-		SOFTHSM_TOOL="/usr/bin/softhsm2-util"
-		SLOT="--free "
-	fi
-
-	if [[ -z ${SOFTHSM_TOOL} ]]; then
-		echo "Could not find softhsm(2) tool"
-		exit 77
-	fi
-
-	if [[ -n ${SOFTHSM2_CONF} ]]; then
-		rm -rf $outdir/softhsm-testpkcs11.db
-		mkdir -p $outdir/softhsm-testpkcs11.db
-		echo "objectstore.backend = file" > "${SOFTHSM2_CONF}"
-		echo "directories.tokendir = $outdir/softhsm-testpkcs11.db" >> \
-			${SOFTHSM2_CONF}
-	else
-		rm -rf $outdir/softhsm-testpkcs11.db
-		echo "0:$outdir/softhsm-testpkcs11.db" > ${SOFTHSM_CONF}
-	fi
-	echo "SOFTHSM2_CONF=${SOFTHSM2_CONF}"
+init_db() {
+    # Define potential paths for SoftHSM tools
+    local SOFTHSM_TOOL_SEARCH_PATHS=(
+        "/usr/bin/softhsm"
+        "/usr/local/bin/softhsm2-util"
+        "/opt/local/bin/softhsm2-util"
+        "/usr/bin/softhsm2-util"
+        "/opt/homebrew/bin/softhsm2-util"
+    )
+
+    # Detect available SoftHSM tool and configure paths
+    for tool in "${SOFTHSM_TOOL_SEARCH_PATHS[@]}"; do
+        if [[ -x "$tool" ]]; then
+            SOFTHSM_TOOL="$tool"
+            if [[ "$tool" == *softhsm2-util ]]; then
+                export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config"
+                SLOT="--free"
+            else
+                export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config"
+                SLOT="--slot 0"
+            fi
+            break
+        fi
+    done
+
+    # Exit if no tool was found
+    if [[ -z "${SOFTHSM_TOOL}" ]]; then
+        echo "Error: No softhsm or softhsm2-util tool found in expected locations."
+        exit 77
+    fi
+
+    # Initialize SoftHSM configuration and database
+    local db_dir="$outdir/softhsm-testpkcs11.db"
+    rm -rf "$db_dir"
+    mkdir -p "$db_dir"
+
+    if [[ -n "${SOFTHSM2_CONF}" ]]; then
+        cat <<EOF > "${SOFTHSM2_CONF}"
+objectstore.backend = file
+directories.tokendir = $db_dir
+EOF
+    else
+        echo "0:$db_dir" > "${SOFTHSM_CONF}"
+    fi
+
+    echo "SoftHSM tool: ${SOFTHSM_TOOL}"
+    echo "Configuration: ${SOFTHSM2_CONF:-$SOFTHSM_CONF}"
 }
 
 # Initialize a token in the first available slot
@@ -226,7 +267,7 @@ import_objects () {
 			echo -n "* Importing the ${key_type} ${param} object id=${obj_id}"
 			echo -n " into the token ${token_label} ... "
 			pkcs11-tool --login --pin ${PIN} --module ${MODULE} \
-				--token-label "${token_label}"\
+				--token-label "${token_label}" \
 				--write-object "${srcdir}/${key_type}-${param}.der" \
 				--type ${param} \
 				--id ${obj_id} --label "${obj_label}" >/dev/null