-
Notifications
You must be signed in to change notification settings - Fork 84
92 lines (91 loc) · 4.98 KB
/
build.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
name: Go
on:
pull_request:
paths-ignore:
- '**/README.md'
jobs:
build-linux:
strategy:
matrix:
go-version: [ '1.20.x', '1.21.x' ]
goos: [linux]
testuser: [ssh3-testuser]
testpasswd: [ssh3-testpasswd]
testuserhome: [/home/ssh3-testuser]
archparams: [{goarch: amd64, cc: gcc}] #,{goarch: arm64, cc: aarch64-linux-gnu-gcc}]
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
# Right now, compilation for linux-arm64 is disable as it is a pain.
# ARM actions might come soon on GitHub anyway
# - name: Add ARM repos to sources.list
# run: |
# echo "deb [arch=arm64] http://ports.ubuntu.com/ jammy main multiverse universe" | sudo tee -a /etc/apt/sources.list
# echo "deb [arch=arm64] http://ports.ubuntu.com/ jammy-security main multiverse universe" | sudo tee -a /etc/apt/sources.list
# echo "deb [arch=arm64] http://ports.ubuntu.com/ jammy-backports main multiverse universe" | sudo tee -a /etc/apt/sources.list
# echo "deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates main multiverse universe" | sudo tee -a /etc/apt/sources.list
# - name: Add ARM architecture and update
# run: sudo dpkg --add-architecture arm64 && sudo apt-get -y update || true
# - name: Install toolchain for compiling ARM
# run: sudo apt-get -y install gcc-aarch64-linux-gnu
# - name: Install lcrypt for arm64
# run: sudo apt-get -y install libc6:arm64 libcrypt-dev:arm64
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: '${{matrix.go-version}}'
- name: Install Go dependencies
run: go get ./...
- name: Build Client
run: env CC=${{matrix.archparams.cc}} CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.archparams.goarch}} go build -v cli/client/main.go
- name: Build Server
run: env CC=${{matrix.archparams.cc}} CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.archparams.goarch}} go build -v cli/server/main.go
- name: Add test user
run: sudo useradd -m ${{matrix.testuser}} && echo "${{matrix.testuser}}:${{matrix.testpasswd}}" | sudo chpasswd
- name: Create .ssh3 directory
run: sudo su ${{matrix.testuser}} -c 'mkdir ${{matrix.testuserhome}}/.ssh ${{matrix.testuserhome}}/.ssh3'
- name: Put test public key in testuser's authorized_identities
env:
TESTUSER_PUBKEY_BASE64: ${{ secrets.TESTUSER_PUBKEY_BASE64 }}
run: echo $TESTUSER_PUBKEY_BASE64 | base64 --decode | sudo cp /dev/stdin ${{matrix.testuserhome}}/.ssh3/authorized_identities
- name: Generate test private key
env:
TESTUSER_PRIVKEY_BASE64: ${{ secrets.TESTUSER_PRIVKEY_BASE64 }}
run: echo $TESTUSER_PRIVKEY_BASE64 | base64 --decode | sudo cp /dev/stdin /privkey
- name: Generate attacker's private key
env:
ATTACKER_PRIVKEY_BASE64: ${{ secrets.ATTACKER_PRIVKEY_BASE64 }}
run: echo $ATTACKER_PRIVKEY_BASE64 | base64 --decode | sudo cp /dev/stdin /attacker-privkey
- name: Generate server's cert private key
env:
TESTSERVER_CERT_PRIVKEY_BASE64: ${{ secrets.TESTSERVER_CERT_PRIVKEY_BASE64 }}
run: echo $TESTSERVER_CERT_PRIVKEY_BASE64 | base64 --decode | sudo cp /dev/stdin /cert_priv.key
- name: Generate server's cert
env:
TESTSERVER_CERT_BASE64: ${{ secrets.TESTSERVER_CERT_BASE64 }}
run: echo $TESTSERVER_CERT_BASE64 | base64 --decode | sudo cp /dev/stdin /cert.pem
- name: Classical unit tests
run: env CC=${{matrix.archparams.cc}} CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.archparams.goarch}} go run github.com/onsi/ginkgo/v2/ginkgo -r
- name: Integration tests
run: sudo env CERT_PEM=/cert.pem CERT_PRIV_KEY=/cert_priv.key ATTACKER_PRIVKEY=/attacker-privkey TESTUSER_PRIVKEY=/privkey TESTUSER_USERNAME=${{matrix.testuser}} CC=${{matrix.archparams.cc}} CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.archparams.goarch}} SSH3_INTEGRATION_TESTS_WITH_SERVER_ENABLED=1 go run github.com/onsi/ginkgo/v2/ginkgo ./integration_tests
build-macos:
strategy:
matrix:
go-version: [ '1.20.x', '1.21.x' ]
goos: [darwin]
goarch: [amd64,arm64]
runs-on: macos-latest
steps:
- uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: '${{matrix.go-version}}'
- name: Install dependencies
run: go get ./...
# No Build Server on MacOS right now as the server currently does no build on MacOS
- name: Build Client
run: env CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.goarch}} go build -v cli/client/main.go
- name: Classical unit tests
if: ${{ matrix.goarch == 'amd64' }} # only actually run the test suite with the architecture of the host
run: env CGO_ENABLED=1 GOOS=${{matrix.goos}} GOARCH=${{matrix.goarch}} go run github.com/onsi/ginkgo/v2/ginkgo