Skip to content

opt-in rustls-ffi FIPS support, Linux CI coverage #210

opt-in rustls-ffi FIPS support, Linux CI coverage

opt-in rustls-ffi FIPS support, Linux CI coverage #210

Workflow file for this run

name: pkg-config
permissions:
contents: read
on:
push:
pull_request:
merge_group:
schedule:
- cron: '15 12 * * 3'
jobs:
build:
name: Build+test
runs-on: ${{ matrix.os }}
env:
PREFIX: /tmp/librustls
strategy:
matrix:
cc: [ clang, gcc ]
os: [ ubuntu-latest, macos-latest ]
crypto: [ aws-lc-rs, ring ]
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Show pkg-config version
run: pkg-config --version
- name: Install cargo-c (Ubuntu)
if: matrix.os == 'ubuntu-latest'
env:
LINK: https://github.com/lu-zero/cargo-c/releases/latest/download
CARGO_C_FILE: cargo-c-x86_64-unknown-linux-musl.tar.gz
run: |
curl -L $LINK/$CARGO_C_FILE | tar xz -C ~/.cargo/bin
- name: Install cargo-c (macOS)
if: matrix.os == 'macos-latest'
env:
LINK: https://github.com/lu-zero/cargo-c/releases/latest/download
CARGO_C_FILE: cargo-c-macos.zip
run: |
curl -L $LINK/$CARGO_C_FILE -o cargo-c-macos.zip
unzip cargo-c-macos.zip -d ~/.cargo/bin
- name: Install the library
# NOTE: We set --libdir explicitly to avoid per-system/distro path components
# that will complicate setting PKG_CONFIG_PATH/LD_LIBRARY_PATH.
run: >
CARGOFLAGS=--libdir=lib
make --file=Makefile.pkg-config PREFIX=${PREFIX} CRYPTO_PROVIDER=${{ matrix.crypto }} install
- name: Build the client/server examples
run: PKG_CONFIG_PATH=$PREFIX/lib/pkgconfig make --file=Makefile.pkg-config PROFILE=debug CRYPTO_PROVIDER=${{ matrix.crypto }}
- name: Verify client is dynamically linked (Ubuntu)
if: matrix.os == 'ubuntu-latest'
run: LD_LIBRARY_PATH=$PREFIX/lib ldd target/client | grep "rustls"
- name: Verify server is dynamically linked (Ubuntu)
if: matrix.os == 'ubuntu-latest'
run: LD_LIBRARY_PATH=$PREFIX/lib ldd target/server | grep "rustls"
- name: Verify client is dynamically linked (macOS)
if: matrix.os == 'macos-latest'
run: LD_LIBRARY_PATH=$PREFIX/lib otool -L target/client | grep "rustls"
- name: Verify server is dynamically linked (macOS)
if: matrix.os == 'macos-latest'
run: LD_LIBRARY_PATH=$PREFIX/lib otool -L target/server | grep "rustls"
- name: Run the integration tests
run: LD_LIBRARY_PATH=$PREFIX/lib make --file=Makefile.pkg-config PROFILE=debug CRYPTO_PROVIDER=${{ matrix.crypto }} integration