-
Notifications
You must be signed in to change notification settings - Fork 145
238 lines (232 loc) · 8.74 KB
/
test-rust.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
name: RustThemis
on:
pull_request:
paths:
- '.github/workflows/test-rust.yaml'
- 'docs/examples/rust/**'
- 'src/soter/**'
- 'src/themis/**'
- 'src/wrappers/themis/rust/**'
- 'tests/rust/**'
- 'Cargo.toml'
- '**/*.mk'
- 'Makefile'
- '!**/README*'
push:
branches:
- master
- stable
- release/*
schedule:
- cron: '20 6 * * 1' # every Monday at 6:20 UTC
env:
WITH_FATAL_WARNINGS: yes
jobs:
unit-tests:
name: Unit tests
runs-on: ubuntu-20.04
strategy:
matrix:
rust: [stable, '1.60']
fail-fast: false
steps:
- name: Install system dependencies
run: |
sudo sh -c 'echo "DEBIAN_FRONTEND=noninteractive" >> /etc/environment'
sudo apt update
sudo apt install --yes gcc make libssl-dev pkg-config clang
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: ${{ matrix.rust }}
default: true
profile: minimal
components: rustfmt, clippy
- name: Check out code
uses: actions/checkout@v2
- name: Install Themis Core
run: |
make
sudo make install
# Cargo pulls in quite a few stuff from the Internet and Rust always
# (slowly) recompiles dependencies, so make heavy use of caching
- name: Cache Cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-registry-
- name: Cache Cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-index-
- name: Cache Cargo build
uses: actions/cache@v1
with:
path: target
key: ${{ runner.os }}-cargo-build-target-unit-tests-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-build-target-unit-tests-
${{ runner.os }}-cargo-build-target-
- name: Run test suite
run: make test_rust
examples:
name: Code examples
runs-on: ubuntu-20.04
strategy:
matrix:
rust: [stable, '1.60']
fail-fast: false
steps:
- name: Install system dependencies
run: |
sudo sh -c 'echo "DEBIAN_FRONTEND=noninteractive" >> /etc/environment'
sudo apt update
sudo apt install --yes gcc make libssl-dev pkg-config clang
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: ${{ matrix.rust }}
profile: minimal
default: true
- name: Check out code
uses: actions/checkout@v2
- name: Install Themis Core
run: |
make
sudo make install
# Cargo pulls in quite a few stuff from the Internet and Rust always
# (slowly) recompiles dependencies, so make heavy use of caching
- name: Cache Cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-registry-
- name: Cache Cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-index-
- name: Cache Cargo build
uses: actions/cache@v1
with:
path: target
key: ${{ runner.os }}-cargo-build-target-examples-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-build-target-examples-
${{ runner.os }}-cargo-build-target-
- name: Build examples
run: cargo build --examples
- name: Test examples (Secure Cell)
if: always()
run: |
cargo run --example secure_cell
- name: Test examples (Secure Message)
if: always()
run: |
cargo run --example keygen
cargo run --example secure_message_server &
server_pid=$!
(sleep 1; echo "hello from client 1"; sleep 1; echo "message from client 1"; sleep 1) | cargo run --example secure_message_client_encrypt | tee client-1.txt &
(sleep 1; echo "hello from client 2"; sleep 1; echo "message from client 2"; sleep 1) | cargo run --example secure_message_client_encrypt | tee client-2.txt &
sleep 4
# First messages may be skipped
grep -q "message from client 1" client-1.txt
grep -q "message from client 2" client-1.txt
grep -q "message from client 1" client-2.txt
grep -q "message from client 2" client-2.txt
(sleep 1; echo "hello from client 1"; sleep 1; echo "message from client 1"; sleep 1) | cargo run --example secure_message_client_verify | tee client-1.txt &
(sleep 1; echo "hello from client 2"; sleep 1; echo "message from client 2"; sleep 1) | cargo run --example secure_message_client_verify | tee client-2.txt &
sleep 4
# First messages may be skipped
grep -q "message from client 1" client-1.txt
grep -q "message from client 2" client-1.txt
grep -q "message from client 1" client-2.txt
grep -q "message from client 2" client-2.txt
kill -SIGTERM $server_pid
- name: Test examples (Secure Session)
if: always()
run: |
cargo run --example secure_session_echo_server &
sleep 1
echo "long enough message to avoid triggering an issue" | cargo run --example secure_session_echo_client | tee client.txt
kill -SIGTERM $!
test "$(cat client.txt)" = "long enough message to avoid triggering an issue"
- name: Test examples (Secure Comparator)
if: always()
run: |
echo "secret" | cargo run --example secure_compare -- server | tee server.txt &
sleep 1
echo "secret" | cargo run --example secure_compare -- client | tee client.txt
sleep 1
test "$(cat server.txt)" = "[+] match OK"
test "$(cat client.txt)" = "[+] match OK"
echo "alpha" | cargo run --example secure_compare -- server | tee server.txt &
sleep 1
echo "bravo" | cargo run --example secure_compare -- client | tee client.txt
sleep 1
test "$(cat server.txt)" = "[-] no match"
test "$(cat client.txt)" = "[-] no match"
bindgen:
name: libthemis-sys bindings
runs-on: ubuntu-20.04
steps:
- name: Install system dependencies
run: |
sudo sh -c 'echo "DEBIAN_FRONTEND=noninteractive" >> /etc/environment'
sudo apt update
sudo apt install --yes libssl-dev llvm
- name: Install stable Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
profile: minimal
components: rustfmt
# Cargo pulls in quite a few stuff from the Internet and Rust always
# (slowly) recompiles dependencies, so make heavy use of caching
- name: Cache Cargo registry
uses: actions/cache@v1
with:
path: ~/.cargo/registry
key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-registry-
- name: Cache Cargo index
uses: actions/cache@v1
with:
path: ~/.cargo/git
key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.toml') }}
restore-keys: ${{ runner.os }}-cargo-index-
- name: Cache Cargo build
uses: actions/cache@v1
with:
path: target
key: ${{ runner.os }}-cargo-build-target-unit-tests-${{ hashFiles('**/Cargo.toml') }}
restore-keys: |
${{ runner.os }}-cargo-build-target-unit-tests-
${{ runner.os }}-cargo-build-target-
- name: Install Bindgen
run: cargo install bindgen-cli --version 0.66.1 --force
- name: Check out code
uses: actions/checkout@v2
- name: Check bindgen.sh output
run: |
cd src/wrappers/themis/rust/libthemis-sys
mv src/lib.rs src/lib.rs.old
./bindgen.sh
mv src/lib.rs src/lib.rs.new
if ! diff -u src/lib.rs.old src/lib.rs.new
then
echo
echo "Something has changed in exported definitions (see above)."
echo "You may need to do"
echo
echo " cd src/wrappers/themis/rust/libthemis-sys"
echo " ./bindgen.sh"
echo
echo "to refresh src/lib.rs content."
exit 1
fi