Merge pull request #115 from sehlen-bsi/release/3.1.1 #108
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| workflow_dispatch: | |
| push: | |
| paths: | |
| - .github/** | |
| - docs/testreport/** | |
| - config/botan.env | |
| permissions: | |
| contents: read | |
| # implicitly all other scopes not listed become none | |
| jobs: | |
| utility: | |
| name: "Utility" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - jobname: Documentation | |
| target: pdf_docs | |
| artifacts: | | |
| build/build/docs/handbook/botan.pdf | |
| build/build/docs/doxygen/ | |
| host_os: ubuntu-latest | |
| - jobname: Coverage Report | |
| target: coverage | |
| artifacts: build/lcov-out/ | |
| host_os: ubuntu-latest | |
| runs-on: ${{ matrix.host_os }} | |
| steps: | |
| - name: Fetch Audit Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./source | |
| - name: Setup Environment Configuration | |
| uses: ./source/.github/actions/setup-environment | |
| with: | |
| env_file: ./source/config/botan.env | |
| - name: Fetch Botan Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./botan | |
| repository: ${{ env.BOTAN_REPO }} | |
| fetch-depth: 0 | |
| ref: ${{ env.BOTAN_REF }} | |
| - name: Setup Build Agent | |
| uses: ./source/.github/actions/setup-build-agent | |
| with: | |
| target: ${{ matrix.target }} | |
| cache-key: bsi-${{ matrix.host_os }}-${{ matrix.target }} | |
| - name: Build and Test Botan | |
| # TODO: Disabled tests is temporary fix for https://github.com/randombit/botan/pull/3632 | |
| run: >- | |
| python3 ./source/.github/scripts/ci_build.py | |
| --root-dir=${{ github.workspace }}/botan --build-dir=${{ github.workspace }}/build | |
| --disabled-tests=tls_extensions_key_share_client_hello | |
| ${{ matrix.target }} | |
| - name: Archive Artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ${{ matrix.jobname }} | |
| path: ${{ matrix.artifacts }} | |
| if: ${{ matrix.artifacts != '' }} | |
| bsi_tests: | |
| name: "BSI Build Policy Tests" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| # basic configuration combinations should run on all target platforms | |
| target: [ static, shared ] | |
| platform: [ | |
| { host_os: windows-2022, compiler: msvc, make_tool: jom }, | |
| { host_os: ubuntu-latest, compiler: gcc, make_tool: make }, | |
| { host_os: ubuntu-latest, compiler: clang, make_tool: make }, | |
| { host_os: macos-13, compiler: clang, make_tool: make } | |
| ] | |
| runs-on: ${{ matrix.platform.host_os }} | |
| steps: | |
| - name: Fetch Audit Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./source | |
| - name: Setup Environment Configuration | |
| uses: ./source/.github/actions/setup-environment | |
| with: | |
| env_file: ./source/config/botan.env | |
| - name: Fetch Botan Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./botan | |
| repository: ${{ env.BOTAN_REPO }} | |
| fetch-depth: 0 | |
| ref: ${{ env.BOTAN_REF }} | |
| - name: Apply Patch to Botan | |
| run: git -C botan apply ${{ github.workspace }}/source/docs/testreport/test_properties.patch | |
| - name: Setup Build Agent | |
| uses: ./source/.github/actions/setup-build-agent | |
| with: | |
| target: ${{ matrix.target }} | |
| cache-key: bsi-${{ matrix.platform.host_os }}-${{ matrix.platform.compiler }}-${{ matrix.target }} | |
| - name: Build and Test Botan | |
| # TODO: Disabled tests is temporary fix for https://github.com/randombit/botan/pull/3632 | |
| run: >- | |
| python3 ./source/.github/scripts/ci_build.py | |
| --root-dir=${{ github.workspace }}/botan --build-dir=${{ github.workspace }}/build | |
| --cc='${{ matrix.platform.compiler }}' --make-tool='${{ matrix.platform.make_tool }}' | |
| --disabled-tests=tls_extensions_key_share_client_hello | |
| --test-results-dir=junit_reports | |
| ${{ matrix.target }} | |
| - name: Store JUnit Report | |
| uses: actions/upload-artifact@v3 | |
| if: always() | |
| with: | |
| name: junit | |
| path: junit_reports/*.xml | |
| if-no-files-found: error | |
| test_report: | |
| name: "Generate Test Report" | |
| needs: bsi_tests | |
| if: always() | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fetch Audit Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./source | |
| - name: Setup Environment Configuration | |
| uses: ./source/.github/actions/setup-environment | |
| with: | |
| env_file: ./source/config/botan.env | |
| - name: Fetch Botan Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./botan | |
| repository: ${{ env.BOTAN_REPO }} | |
| fetch-depth: 0 | |
| ref: ${{ env.BOTAN_REF }} | |
| - name: Botan Git SHA | |
| id: vars | |
| run: echo "botan_sha=$(git -C botan rev-parse HEAD)" >> $GITHUB_OUTPUT | |
| - name: Setup Build Agent | |
| uses: ./source/.github/actions/setup-build-agent | |
| with: | |
| target: test-report | |
| - name: Fetch JUnit Reports | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: junit | |
| path: junit_reports | |
| - name: Generate Test Report | |
| run: >- | |
| python3 ./source/docs/testreport/bsi_test_report.py | |
| --preamble ./source/docs/testreport/testreport_preamble.rst | |
| --git-refname ${{ env.BOTAN_REF }} | |
| --git-refsha ${{ steps.vars.outputs.botan_sha }} | |
| --botan-version ${{ env.BOTAN_VERSION }} | |
| --format=pdf | |
| junit_reports test-report.pdf | |
| - name: Store Test Report | |
| uses: actions/upload-artifact@v3 | |
| if: always() | |
| with: | |
| name: Test Report | |
| path: test-report.pdf | |
| if-no-files-found: error | |
| source_archive: | |
| name: "Source Archive" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fetch Audit Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./source | |
| - name: Setup Environment Configuration | |
| uses: ./source/.github/actions/setup-environment | |
| with: | |
| env_file: ./source/config/botan.env | |
| - name: Fetch Botan Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| path: ./botan | |
| repository: ${{ env.BOTAN_REPO }} | |
| fetch-depth: 0 | |
| ref: ${{ env.BOTAN_REF }} | |
| - name: Generate Archive | |
| run: python3 ${{ github.workspace }}/source/.github/scripts/tarball.py --output-dir build --source-dir botan | |
| - name: Archive Artifacts | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: Botan ${{ env.BOTAN_VERSION }} Source Archive | |
| path: build/*.zip |