Merge pull request #140 from IETF-Hackathon/jwl/nist-acvts-verifier #227
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Artifact validation | ||
on: | ||
push: | ||
branches: [ '*' ] | ||
# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. | ||
# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. | ||
concurrency: | ||
group: "pages" | ||
cancel-in-progress: false | ||
jobs: | ||
oqs_validation: | ||
runs-on: ubuntu-latest | ||
container: openquantumsafe/oqs-ossl3 | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: Test artifacts with OQS | ||
run: ./src/test_certs_r3_with_oqs.sh | ||
- name: Save artifacts | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: Compatibility_oqs_csv | ||
path: ./output/ | ||
acvts_validation: | ||
runs-on: ubuntu-latest | ||
# Is this an appropriate dotnet image? | ||
container: mcr.microsoft.com/dotnet/sdk:net6.0/runtime | ||
path: /opt/pqc-certificates | ||
- name: Checkout acvts code | ||
uses: actions/checkout@v4 | ||
with: | ||
repository: josephlukefahr/ACVP-Server | ||
ref: jwl/versions-in-some-packages | ||
path: /opt/ACVP-Server | ||
- run: apt update && apt install zip unzip | ||
- run: mkdir /opt/output | ||
- run: /bin/bash /opt/pqc-certificates/src/test_certs_r3_with_acvts.sh /opt/pqc-certificates | ||
- name: Save artifacts | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: Compatibility_acvts_csv | ||
path: /opt/output/ | ||
path: ./pqc-certificates | ||
- name: Checkout ACVP code | ||
uses: actions/checkout@v4 | ||
with: | ||
# I would rather clone the official repo usnistgov/ACVP-Server | ||
# and then have any supporting code here in this pqc-certificates repo. | ||
repository: josephlukefahr/ACVP-Server | ||
path: ./ACVP-Server | ||
- run: apt update && apt install zip unzip | ||
- run: mkdir ./output | ||
- run: /bin/bash ./pqc-certificates/providers/nist-acvts-test/setup_acvts_env.sh ./AVCP-Server | ||
- run: /bin/bash ./pqc-certificates/src/test_certs_r3_with_acvp.sh ./pqc-certificates ./ACVP-Server | ||
- name: Save artifacts | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: Compatibility_acvp_csv | ||
path: ./output/ | ||
build_results_html: | ||
runs-on: ubuntu-latest | ||
container: ubuntu:latest | ||
needs: [oqs_validation, acvts_validation] | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
- name: Install packages | ||
run: | | ||
apt-get update && \ | ||
apt-get install -y pandoc lsb-release | ||
- name: Install Python | ||
uses: actions/setup-python@v5 | ||
with: | ||
python-version: '3.x' | ||
- name: Install python requirements | ||
run: python -m pip install -r src/requirements.txt | ||
- name: Get OQS results from previous job | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: Compatibility_oqs_csv | ||
path: output/ | ||
- name: Get acvts results from previous job | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: Compatibility_acvts_csv | ||
path: output/ | ||
- name: Build compat matrix | ||
run: ./src/rebuild_results_certs_r3.sh | ||
- name: Copy output files | ||
run: mv ./docs/pqc_hackathon_results_certs_r3.html ./docs/pqc_hackathon_results_certs_r3_automated_tests.html ./docs/pqc_hackathon_results_cms_v1.html ./output/certs/*.log ./docs/gh-pages | ||
- name: Archive Compatibility Matrix For Download | ||
uses: actions/upload-pages-artifact@v3 | ||
with: | ||
path: ./docs/gh-pages | ||
publish_to_gh_pages: | ||
needs: build_results_html | ||
if: github.ref == 'refs/heads/master' | ||
permissions: | ||
contents: read | ||
pages: write | ||
id-token: write | ||
environment: | ||
name: github-pages | ||
url: ${{ steps.deployment.outputs.page_url }} | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Update git pages with new compatibiliy matrix | ||
id: deployment | ||
uses: actions/deploy-pages@v4 |