Skip to content

Regression test for CryptHandle unlocking with both keyring and Clevis enabled #4275

Regression test for CryptHandle unlocking with both keyring and Clevis enabled

Regression test for CryptHandle unlocking with both keyring and Clevis enabled #4275

Workflow file for this run

---
name: stratisd CI
# yamllint disable-line rule:truthy
on:
push:
branches:
- master
paths-ignore:
- 'CHANGES.txt'
- '**/README.md'
- 'README_tests.md'
- 'tests/**'
- '.packit.yaml'
- 'plans/**'
- 'test/**'
pull_request:
branches:
- master
paths-ignore:
- 'CHANGES.txt'
- '**/README.md'
- 'README_tests.md'
- 'tests/**'
- '.packit.yaml'
- 'plans/**'
- 'test/**'
workflow_dispatch:
# cancel the in-progress workflow when PR is refreshed.
# yamllint disable rule:line-length
concurrency:
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }}
cancel-in-progress: true
jobs:
checks:
strategy:
matrix:
include:
- task: make -f Makefile fmt-ci
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN
components: rustfmt
- task: make -f Makefile check-typos
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN
components: cargo
runs-on: ubuntu-22.04
container:
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT
options: --privileged -v /dev:/dev
steps:
- uses: actions/checkout@v3
- name: Install dependencies for Fedora
run: >
dnf install -y
clang
curl
cryptsetup-devel
dbus-devel
device-mapper-devel
libblkid-devel
make
ncurses
systemd-devel
- uses: dtolnay/rust-toolchain@master
with:
components: ${{ matrix.components }}
toolchain: ${{ matrix.toolchain }}
- uses: baptiste0928/cargo-install@v2
with:
crate: typos-cli
- name: Test ${{ matrix.task }} on ${{ matrix.toolchain }} toolchain
run: ${{ matrix.task }}
# TESTS WITH TANG
checks_with_tang:
strategy:
matrix:
include:
# MANDATORY CHECKS USING CURRENT DEVELOPMENT COMPILER
- task: >-
TANG_URL=tang
RUST_LOG=stratisd=debug
make -f Makefile test-clevis-loop
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN
components: cargo
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT
runs-on: ubuntu-22.04
container:
image: ${{ matrix.image }}
options: --privileged -v /dev:/dev -v /run/udev:/run/udev --ipc=host
services:
tang:
# yamllint disable rule:line-length
image: ghcr.io/stratis-storage/stratisd/tang:38 # CURRENT DEVELOPMENT ENVIRONMENT
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
options: --privileged -p 80:80
steps:
- uses: actions/checkout@v3
- name: Install dependencies for Fedora
# cracklib-dicts: https://github.com/stratis-storage/project/issues/581
run: >
dnf install -y
clang
cryptsetup-devel
clevis
clevis-luks
cracklib-dicts
curl
dbus-devel
device-mapper-devel
device-mapper-persistent-data
libblkid-devel
make
ncurses
sudo
systemd-devel
systemd-udev
xfsprogs
- uses: dtolnay/rust-toolchain@master
with:
components: ${{ matrix.components }}
toolchain: ${{ matrix.toolchain }}
- name: Test ${{ matrix.task }} on ${{ matrix.toolchain }} toolchain
run: ${{ matrix.task }}
stratis-cli-checks:
runs-on: ubuntu-22.04
container:
image: fedora:34 # LOWEST DEVELOPMENT ENVIRONMENT
options: --privileged --userns=host --ipc=host -v /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro -v /usr/share/dbus-1:/usr/share/dbus-1
steps:
- uses: actions/checkout@v3
- name: Install dependencies
run: >
dnf install -y
asciidoc
clang
cryptsetup-devel
dbus-daemon
dbus-tools
dbus-devel
device-mapper-devel
libblkid-devel
git
glibc-static
make
ncurses
python3-coverage
python3-dbus-client-gen
python3-dbus-python-client-gen
python3-justbytes
python3-dateutil
python3-packaging
python3-psutil
python3-wcwidth
systemd-devel
- uses: dtolnay/rust-toolchain@master
with:
components: cargo
toolchain: 1.71.1 # LOWEST SUPPORTED RUST TOOLCHAIN
- name: Build stratisd
run: PROFILEDIR=debug make -f Makefile build-all
- name: Install stratisd
run: PROFILEDIR=debug make -f Makefile install
- name: Workaround for dbus inotify
run: cp stratisd.conf /usr/share/dbus-1/system.d
- name: Check out stratis-cli
run: git clone https://github.com/stratis-storage/stratis-cli.git
- name: Run stratis-cli tests
run: >
RUST_LOG=stratisd=debug
STRATISD=/usr/libexec/stratisd
PYTHONPATH=./src
make dbus-tests
working-directory: ./stratis-cli
stratis-min-cli-checks:
runs-on: ubuntu-22.04
container:
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT
options: --privileged --userns=host --ipc=host -v /dev:/dev -v /run/udev:/run/udev -v /usr/lib/udev:/usr/lib/udev -v /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro -v /usr/share/dbus-1:/usr/share/dbus-1
steps:
- uses: actions/checkout@v3
- name: Install dependencies
run: >
dnf install -y
asciidoc
clang
cryptsetup-devel
dbus-daemon
dbus-tools
dbus-devel
device-mapper-devel
device-mapper-persistent-data
libblkid-devel
git
glibc-static
make
ncurses
python3-coverage
python3-dbus-client-gen
python3-dbus-python-client-gen
python3-justbytes
python3-dateutil
python3-packaging
python3-psutil
python3-wcwidth
systemd-devel
xfsprogs
- uses: dtolnay/rust-toolchain@master
with:
components: cargo
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN
- name: Run stratisd-min cli tests
run: make test-stratisd-min
- name: Run stratis-min cli tests
run: make test-stratis-min
shell-checks:
runs-on: ubuntu-22.04
container:
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT
steps:
- uses: actions/checkout@v3
- name: Install dependencies
run: >
dnf install -y
make
ncurses
shfmt
- name: Run shell check
run: make -f Makefile fmt-shell-ci
python-based-tests:
runs-on: ubuntu-22.04
container:
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT
options: --privileged -v /dev:/dev
steps:
- uses: actions/checkout@v3
- name: Install dependencies for Fedora
run: >
dnf install -y
asciidoc
clang
cryptsetup-devel
curl
dbus-devel
dbus-tools
device-mapper-devel
device-mapper-persistent-data
glibc-static
libblkid-devel
make
ncurses
python3-justbytes
systemd-devel
systemd-udev
xfsprogs
- uses: dtolnay/rust-toolchain@master
with:
components: cargo
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN
- name: Build stratisd
run: PROFILEDIR=debug make -f Makefile build-all
- name: Install stratisd
run: PROFILEDIR=debug make -f Makefile install
- name: Check basic behavior of test_predict
run: >
STRATIS_PREDICT_USAGE=/usr/bin/stratis-predict-usage
PYTHONPATH=./src
make filesystem-predict-tests
working-directory: ./tests/client-dbus
tests-with-testing-repo:
strategy:
matrix:
include:
- rev: HEAD
args: --log-level=debug stratisd_cert --verify-devices --monitor-dbus --highest-revision-number=7
- rev: v3.5.2
args: stratisd_cert --verify-devices
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- name: Run apt-get update
run: sudo apt-get -q update
- name: Install dependencies
run: >
DEBIAN_FRONTEND=noninteractive
sudo apt-get install -y
asciidoc
clang
curl
libblkid-dev
libcryptsetup-dev
libdbus-1-dev
libdevmapper-dev
libsystemd-dev
libudev-dev
make
thin-provisioning-tools
udev
xfsprogs
- name: Install Python dependencies
run: >
sudo python -m pip install
dbus-python
dbus-python-client-gen
psutil
- uses: dtolnay/rust-toolchain@master
with:
components: cargo
toolchain: 1.71.1 # LOWEST SUPPORTED RUST TOOLCHAIN
- name: Build stratisd
run: PROFILEDIR=debug make -f Makefile build-all
- name: Install stratisd
run: sudo make PROFILEDIR=debug -f Makefile install
- name: Workaround for dbus inotify
run: sudo cp stratisd.conf /usr/share/dbus-1/system.d
- name: Reload udev
run: sudo udevadm control --reload
- name: Clone testing repo
run: git clone https://github.com/stratis-storage/testing.git
- name: Checkout revision ${{ matrix.rev }}
run: git checkout -b new-branch ${{ matrix.rev }}
working-directory: ./testing
- name: Run stratisd_cert.py
run: >
sudo
RUST_LOG=stratisd=debug
python3 test_harness.py
${{ matrix.args }}
working-directory: ./testing