The pkcs11 tests bring a lot of dependencies that are outside of our control
(openssl, engine_pkcs11, pkcs11_provider, p11-kit, softhsm, ...) and that might
always not handle the memory well.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
We used to have this in the old ctest. The code should be ready for this as we
already skip tracing openssh sshd (ca4fb9c6) and have workaround for openssl
issues (55252e4d), but it took me some time to figure out the secret command to
run tests under valgrind with cmake.
This adds also convenient custom target to run the memcheck manually.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
The choco server is somtimes ratelimited. Avoid running into issues
and use cmake already installed on the runner.
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The engine API in OpenSSL 3.0 is deprecated so we are in the progress of working
on a PKCS#11 provider for OpenSSL. This commit introduces a conditional build
with the pkcs11-provider support (instead of engines) with all the changes
required for the provider to work with existing code and tests.
The CI modification is only temporary before we will have the real package in
Fedora or somewhere to use.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
Solving issue #110. The original work is at !231
Some changes were needed because the newly added features in master through time
Signed-off-by: Mohammad Shehar Yaar Tausif <sheharyaar48@gmail.com>
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
This adds the priv_wrapper options to skip the OpenSSH server sandbox, which
prevented in the past writing any debug information or coverage files causing
SIGSYS/crashes.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Norbert Pocs <npocs@redhat.com>
The c7s uses not longer supported openssl version which will make
the CI fail when we remove the supported of the old openssl versions.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Let's check tests in fips mode with an up to date system too as we already
found some issues running the tests there.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Rawhide has openssl 3.0 support which can test the new changes.
Signed-off-by: Norbert Pocs <npocs@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
We need a new one. Disable till set up and registered
Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
The introduction of stages in gitlab-ci had quite a unfortune side
effect that is described in the documentation [1]. The whole artifacts
path (in our case obj/) is passed from one stage to another by default,
which is causing very odd behavior as the previous results are only
partially overwritten by the new cmake command and can even lead to
execution of tests that are not supposed to run in particular job.
[1] https://docs.gitlab.com/ee/ci/yaml/#dependencies
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
