|
| 1 | +name: Patched JNI CI |
| 2 | + |
| 3 | +# This workflow attempts to build and test the wolfSSL JNI library with all |
| 4 | +# available wolfSSL PR patches applied, eg WOLFSSL_PR*_PATCH_APPLIED defines. |
| 5 | +# It currently only supports a single PR patch at a time, using the highest PR |
| 6 | +# number found in the defines. |
| 7 | + |
| 8 | +on: |
| 9 | + push: |
| 10 | + branches: [ 'master', 'main', 'release/**' ] |
| 11 | + pull_request: |
| 12 | + branches: [ 'master' ] |
| 13 | + |
| 14 | +jobs: |
| 15 | + resolve_wolfssl_ref: |
| 16 | + runs-on: ubuntu-latest |
| 17 | + outputs: |
| 18 | + should_run: ${{ steps.resolve.outputs.should_run }} |
| 19 | + wolfssl_repo: ${{ steps.resolve.outputs.wolfssl_repo }} |
| 20 | + wolfssl_ref: ${{ steps.resolve.outputs.wolfssl_ref }} |
| 21 | + pr_number: ${{ steps.resolve.outputs.pr_number }} |
| 22 | + steps: |
| 23 | + - uses: actions/checkout@v4 |
| 24 | + |
| 25 | + - name: Resolve wolfSSL ref from patch defines |
| 26 | + id: resolve |
| 27 | + run: | |
| 28 | + set -euo pipefail |
| 29 | +
|
| 30 | + # Find WOLFSSL_PR*_PATCH_APPLIED defines in wolfssl source. |
| 31 | + defines="$(./scripts/find-wolfssl-pr-patch-defines.sh)" |
| 32 | + if [ -z "$defines" ]; then |
| 33 | + echo "::warning::No WOLFSSL_PR*_PATCH_APPLIED defines found; skipping patched CI." |
| 34 | + echo "should_run=false" >> "$GITHUB_OUTPUT" |
| 35 | + exit 0 |
| 36 | + fi |
| 37 | + echo "Found patch defines:" |
| 38 | + printf "%s\n" "$defines" |
| 39 | +
|
| 40 | + # Find the highest PR number from the defines. |
| 41 | + pr_number="$(printf "%s\n" "$defines" | sed -E 's/^WOLFSSL_PR([0-9]+)_PATCH_APPLIED$/\1/' | sort -n | tail -1)" |
| 42 | + if [ -z "$pr_number" ]; then |
| 43 | + echo "::warning::Failed to derive PR number from patch defines; skipping patched CI." |
| 44 | + echo "should_run=false" >> "$GITHUB_OUTPUT" |
| 45 | + exit 0 |
| 46 | + fi |
| 47 | + echo "Highest PR number from defines: $pr_number" |
| 48 | +
|
| 49 | + # Check PR status via GitHub API. |
| 50 | + pr_json="$(curl -fsSL "https://api.github.com/repos/wolfSSL/wolfssl/pulls/$pr_number" || true)" |
| 51 | + if [ -z "$pr_json" ]; then |
| 52 | + echo "::warning::Unable to fetch PR #$pr_number from GitHub API; skipping patched CI." |
| 53 | + echo "should_run=false" >> "$GITHUB_OUTPUT" |
| 54 | + exit 0 |
| 55 | + fi |
| 56 | + echo "Fetched PR #$pr_number info from GitHub API." |
| 57 | +
|
| 58 | + state="$(printf "%s" "$pr_json" | jq -r '.state // empty')" |
| 59 | + merged_at="$(printf "%s" "$pr_json" | jq -r '.merged_at // empty')" |
| 60 | + head_repo="$(printf "%s" "$pr_json" | jq -r '.head.repo.full_name // empty')" |
| 61 | + head_ref="$(printf "%s" "$pr_json" | jq -r '.head.ref // empty')" |
| 62 | +
|
| 63 | + if [ -n "$merged_at" ]; then |
| 64 | + echo "PR #$pr_number is merged; using wolfSSL master branch." |
| 65 | + echo "should_run=true" >> "$GITHUB_OUTPUT" |
| 66 | + echo "wolfssl_repo=wolfSSL/wolfssl" >> "$GITHUB_OUTPUT" |
| 67 | + echo "wolfssl_ref=master" >> "$GITHUB_OUTPUT" |
| 68 | + echo "pr_number=$pr_number" >> "$GITHUB_OUTPUT" |
| 69 | + exit 0 |
| 70 | + fi |
| 71 | +
|
| 72 | + if [ "$state" = "open" ] && [ -n "$head_repo" ] && [ -n "$head_ref" ]; then |
| 73 | + echo "should_run=true" >> "$GITHUB_OUTPUT" |
| 74 | + echo "wolfssl_repo=$head_repo" >> "$GITHUB_OUTPUT" |
| 75 | + echo "wolfssl_ref=$head_ref" >> "$GITHUB_OUTPUT" |
| 76 | + echo "pr_number=$pr_number" >> "$GITHUB_OUTPUT" |
| 77 | + echo "PR #$pr_number is open; using branch $head_ref from repo $head_repo." |
| 78 | + exit 0 |
| 79 | + fi |
| 80 | +
|
| 81 | + echo "::warning::PR #$pr_number is not merged or has no accessible branch; skipping patched CI." |
| 82 | + echo "should_run=false" >> "$GITHUB_OUTPUT" |
| 83 | +
|
| 84 | + patched_jni_build: |
| 85 | + needs: resolve_wolfssl_ref |
| 86 | + if: needs.resolve_wolfssl_ref.outputs.should_run == 'true' |
| 87 | + runs-on: ubuntu-latest |
| 88 | + steps: |
| 89 | + - uses: actions/checkout@v4 |
| 90 | + |
| 91 | + - name: Cache JUnit dependencies |
| 92 | + uses: actions/cache@v4 |
| 93 | + id: cache-junit |
| 94 | + with: |
| 95 | + path: junit |
| 96 | + key: junit-jars-v1 |
| 97 | + |
| 98 | + - name: Download junit-4.13.2.jar |
| 99 | + if: steps.cache-junit.outputs.cache-hit != 'true' |
| 100 | + run: curl -fsSL -o "$GITHUB_WORKSPACE/junit/junit-4.13.2.jar" https://repo1.maven.org/maven2/junit/junit/4.13.2/junit-4.13.2.jar |
| 101 | + - name: Download hamcrest-all-1.3.jar |
| 102 | + if: steps.cache-junit.outputs.cache-hit != 'true' |
| 103 | + run: curl -fsSL -o "$GITHUB_WORKSPACE/junit/hamcrest-all-1.3.jar" https://repo1.maven.org/maven2/org/hamcrest/hamcrest-all/1.3/hamcrest-all-1.3.jar |
| 104 | + |
| 105 | + - name: Build native wolfSSL |
| 106 | + uses: wolfSSL/actions-build-autotools-project@v1 |
| 107 | + with: |
| 108 | + repository: ${{ needs.resolve_wolfssl_ref.outputs.wolfssl_repo }} |
| 109 | + ref: ${{ needs.resolve_wolfssl_ref.outputs.wolfssl_ref }} |
| 110 | + path: wolfssl |
| 111 | + configure: --enable-jni |
| 112 | + check: false |
| 113 | + install: true |
| 114 | + |
| 115 | + - name: Setup java |
| 116 | + uses: actions/setup-java@v4 |
| 117 | + with: |
| 118 | + distribution: zulu |
| 119 | + java-version: '21' |
| 120 | + |
| 121 | + - name: Set JUNIT_HOME |
| 122 | + run: | |
| 123 | + echo "JUNIT_HOME=$GITHUB_WORKSPACE/junit" >> "$GITHUB_ENV" |
| 124 | +
|
| 125 | + - name: Set LD_LIBRARY_PATH |
| 126 | + run: | |
| 127 | + echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib" >> "$GITHUB_ENV" |
| 128 | +
|
| 129 | + - name: Build and test JNI library with all patches |
| 130 | + run: make all-patched PREFIX=$GITHUB_WORKSPACE/build-dir |
| 131 | + |
| 132 | + - name: Show logs on failure |
| 133 | + if: failure() || cancelled() |
| 134 | + run: | |
| 135 | + cat build/reports/*.txt |
0 commit comments