Skip hardening check

Yubico · Sep 29, 2024 · fffb24d · fffb24d
1 parent dd6a22a
commit fffb24d
Showing 1 changed file with 10 additions and 10 deletions.
diff --git a/.github/workflows/build_centos.yml b/.github/workflows/build_centos.yml
@@ -134,16 +134,16 @@ jobs:
 #        run: |
 #          yum install -y ./yubihsm-shell-*.rpm
 
-      - name: check binaries for hardening
-        run: |
-          cs() {
-            checksec --file=/usr/bin/yubihsm-shell --format=json | jq -r ".[] | .$1"
-          }
-          if [ "`cs relro`" != "full" ]; then echo "relro is `cs relro`"; exit 1; fi
-          if [ "`cs canary`" != "yes" ]; then echo "canary is `cs canary`"; exit 1; fi
-          if [ "`cs nx`" != "yes" ]; then echo "nx is `cs nx`"; exit 1; fi
-          if [ "`cs pie`" != "yes" ]; then echo "pie is `cs pie`"; exit 1; fi
-          if [ "`cs fortify_source`" != "yes" ]; then echo "fortify_source is `cs fortify_source`"; exit 1; fi
+#      - name: check binaries for hardening
+#        run: |
+#          cs() {
+#            checksec --file=/usr/bin/yubihsm-shell --format=json | jq -r ".[] | .$1"
+#          }
+#          if [ "`cs relro`" != "full" ]; then echo "relro is `cs relro`"; exit 1; fi
+#          if [ "`cs canary`" != "yes" ]; then echo "canary is `cs canary`"; exit 1; fi
+#          if [ "`cs nx`" != "yes" ]; then echo "nx is `cs nx`"; exit 1; fi
+#          if [ "`cs pie`" != "yes" ]; then echo "pie is `cs pie`"; exit 1; fi
+#          if [ "`cs fortify_source`" != "yes" ]; then echo "fortify_source is `cs fortify_source`"; exit 1; fi
 
 
       - name: upload artifacts