Skip to content

Commit

Permalink
ci.yml: Trigger docker image creation only on workflow_dispatch
Browse files Browse the repository at this point in the history 
 * Simplify the docker creation process to avoid having to push a
   new commit with changes to the codebase.
 * Now it will only be necessary to trigger the CI workflow manually
   with the input 'parsec-service-test-all'.

Signed-off-by: Tomás González <[email protected]>
  • Loading branch information
@tgonzalezorlandoarm
tgonzalezorlandoarm committed Nov 14, 2023
1 parent a37539a commit 3ba79a5
Showing 1 changed file with 74 additions and 38 deletions.
112 changes: 74 additions & 38 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -1,19 +1,19 @@
name: Continuous Integration

on: [push, pull_request, workflow_dispatch]

env:
# TEST_ALL_DOCKER_IMAGE: 'parsec-service-test-all'
TEST_ALL_DOCKER_IMAGE: 'ghcr.io/parallaxsecond/parsec-service-test-all'
on:
push:
pull_request:
workflow_dispatch:
inputs:
trigger_docker:
description: "'parsec-service-test-all' if docker build should be triggered"
required: false
default: ""

jobs:
build-and-export-test-all-docker:
runs-on: ubuntu-latest
# If TEST_ALL_DOCKER_IMAGE is 'parsec-service-test-all' or any local image,
# the following condition must evaluate true to execute this job
# Else it must evaluate false to NOT execute this job
# Unfortunately, env.TEST_ALL_DOCKER_IMAGE cannot be used here as the `env` context is not recognized at this level.
if: ${{ false }} # env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all'
if: ${{ github.event.inputs.trigger_docker == 'parsec-service-test-all' }}
steps:
- uses: actions/checkout@v3
- name: Build the docker container
Expand All @@ -33,14 +33,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh all
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh all

build-all-providers:
name: Cargo check all-providers (current Rust stable & old compiler)
Expand All @@ -49,14 +53,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh cargo-check
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh cargo-check

mbed-crypto-provider:
name: Integration tests using Mbed Crypto provider
Expand All @@ -65,14 +73,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh mbed-crypto
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh mbed-crypto

pkcs11-provider:
name: Integration tests using PKCS 11 provider
Expand All @@ -81,14 +93,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh pkcs11 --no-stress-test
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh pkcs11 --no-stress-test

tpm-provider:
name: Integration tests using TPM provider
Expand All @@ -97,14 +113,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh tpm
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh tpm

trusted-service-provider:
name: Integration tests using Crypto Trusted Service provider
Expand All @@ -113,14 +133,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh trusted-service
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh trusted-service

cryptoauthlib-provider:
name: Integration tests using CryptoAuthentication Library provider
Expand All @@ -129,14 +153,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh cryptoauthlib --no-stress-test
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh cryptoauthlib --no-stress-test

fuzz-test-checker:
name: Check that the fuzz testing framework is still working
Expand All @@ -145,19 +173,23 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
# Not running stress tests because rust-cryptoauthlib test-interface does not support required calls
- name: Run the fuzz test script From Container
# When running the container built on the CI
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
run: CONTAINER_TAG=parsec-service-test-all ./fuzz.sh test
- name: Run the fuzz test script
if: ${{ env.TEST_ALL_DOCKER_IMAGE != 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value != 'parsec-service-test-all' }}
run: ./fuzz.sh test

on-disk-kim:
Expand All @@ -167,14 +199,18 @@ jobs:
needs: [build-and-export-test-all-docker]
steps:
- uses: actions/checkout@v2
- name: Set TEST_ALL_DOCKER_IMAGE
run: |
TEST_ALL_DOCKER_IMAGE=${{ github.event.inputs.trigger_docker }}
echo "::set-output name=value::${TEST_ALL_DOCKER_IMAGE:-"ghcr.io/parallaxsecond/parsec-service-test-all"}"
- name: Load Docker
uses: ./.github/actions/load_docker
if: ${{ env.TEST_ALL_DOCKER_IMAGE == 'parsec-service-test-all' }}
if: ${{ steps.name.outputs.value == 'parsec-service-test-all' }}
with:
image-name: "${{ env.TEST_ALL_DOCKER_IMAGE }}"
image-name: "${{ steps.name.outputs.value }}"
image-path: "/tmp"
- name: Run the container to execute the test script
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ env.TEST_ALL_DOCKER_IMAGE }} /tmp/parsec/ci.sh on-disk-kim
run: docker run -v $(pwd):/tmp/parsec -w /tmp/parsec -t ${{ steps.name.outputs.value }} /tmp/parsec/ci.sh on-disk-kim

cross-compilation:
# Currently only the Mbed Crypto, PKCS 11, and TPM providers are tested as the other ones need to cross-compile other libraries.
Expand Down

0 comments on commit 3ba79a5

Please sign in to comment.