V3.2.x Add handling for Subject Alternative Name (SAN) URIs #8256
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI DEB | |
on: | |
push: | |
branches-ignore: | |
- coverity_scan | |
pull_request: | |
env: | |
DEBIAN_FRONTEND: noninteractive | |
CC: gcc | |
jobs: | |
deb-build: | |
strategy: | |
matrix: | |
env: | |
- { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" } | |
- { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" } | |
- { NAME: "ubuntu-24.04", OS: "ubuntu:24.04" } | |
- { NAME: "debian-10", OS: "debian:buster" } | |
- { NAME: "debian-11", OS: "debian:bullseye" } | |
- { NAME: "debian-12", OS: "debian:bookworm" } | |
- { NAME: "debian-sid", OS: "debian:sid" } | |
fail-fast: false | |
runs-on: ubuntu-latest | |
container: | |
image: ${{ matrix.env.OS }} | |
env: | |
HOSTAPD_BUILD_DIR: /tmp/eapol_test.ci | |
HOSTAPD_GIT_TAG: hostap_2_8 | |
name: "DEB build" | |
steps: | |
- name: Package manager performance and stability improvements | |
run: | | |
if [ -f "/etc/apt/sources.list" ]; then | |
sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list | |
sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list | |
fi | |
echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80-retries | |
echo 'force-unsafe-io' > /etc/dpkg/dpkg.cfg.d/02speedup | |
echo 'man-db man-db/auto-update boolean false' | debconf-set-selections | |
apt-get update | |
- name: Install recent git | |
run: | | |
apt-get install -y --no-install-recommends git-core ca-certificates | |
- uses: actions/checkout@v4 | |
with: | |
path: freeradius | |
- name: Prepare filesystem | |
run: | | |
pwd | |
ls -la | |
mkdir debs | |
ls -la | |
- name: Install build dependencies | |
run: | | |
apt-get install -y --no-install-recommends build-essential devscripts quilt equivs procps fakeroot | |
debian/rules debian/control | |
mk-build-deps -irt"apt-get -y" debian/control | |
working-directory: freeradius | |
- name: Show versions | |
run: | | |
$CC --version | |
make --version | |
krb5-config --all || : | |
openssl version | |
- name: Build DEBs | |
run: | | |
make deb | |
working-directory: freeradius | |
- name: Collect DEBs | |
run: | | |
mv *.deb debs/ | |
- name: Restore eapol_test build directory from cache | |
uses: actions/cache@v4 | |
id: hostapd-cache | |
with: | |
path: ${{ env.HOSTAPD_BUILD_DIR }} | |
key: hostapd-${{ matrix.env.NAME }}-${{ env.HOSTAPD_GIT_TAG }}-v1 | |
# Debian sid defaults to gcc12 which fails to build eapol_test | |
- name: Install GCC 11 for eapol_test build | |
run: | | |
apt-get install -y --no-install-recommends gcc-11 | |
update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-11 60 && update-alternatives --set gcc /usr/bin/gcc-11 | |
if: ${{ matrix.env.OS == 'debian:sid' }} | |
- name: Build eapol_test | |
run: | | |
apt-get install -y libnl-3-dev libnl-genl-3-dev | |
scripts/ci/eapol_test-build.sh | |
mv scripts/ci/eapol_test/eapol_test ../debs | |
working-directory: freeradius | |
- name: Store DEBs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: debs-${{ matrix.env.NAME }} | |
path: debs | |
# | |
# If the CI has failed and the branch is ci-debug then start a tmate | |
# session. SSH rendezvous point is emited continuously in the job output. | |
# | |
- name: "Debug: Package dependancies for tmate" | |
run: | | |
apt-get install -y --no-install-recommends xz-utils | |
if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} | |
- name: "Debug: Start tmate" | |
uses: mxschmitt/action-tmate@v3 | |
with: | |
limit-access-to-actor: true | |
sudo: false | |
if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} | |
deb-test: | |
needs: | |
- deb-build | |
strategy: | |
matrix: | |
env: | |
- { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" } | |
- { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" } | |
- { NAME: "ubuntu-24.04", OS: "ubuntu:24.04" } | |
- { NAME: "debian-10", OS: "debian:buster" } | |
- { NAME: "debian-11", OS: "debian:bullseye" } | |
- { NAME: "debian-12", OS: "debian:bookworm" } | |
- { NAME: "debian-sid", OS: "debian:sid" } | |
fail-fast: false | |
runs-on: ubuntu-latest | |
container: | |
image: ${{ matrix.env.OS }} | |
name: "DEB install test" | |
steps: | |
- name: Load DEBs | |
uses: actions/download-artifact@v4 | |
with: | |
name: debs-${{ matrix.env.NAME }} | |
- name: Package manager performance improvements | |
run: | | |
if [ -f "/etc/apt/sources.list" ]; then | |
sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list | |
sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list | |
fi | |
echo force-unsafe-io > /etc/dpkg/dpkg.cfg.d/02speedup | |
echo 'man-db man-db/auto-update boolean false' | debconf-set-selections | |
apt-get update | |
# For pkill and strings | |
- name: Install procps and binutils | |
run: | | |
apt-get update | |
apt-get install -y --no-install-recommends procps binutils | |
- name: Install DEBs | |
run: | | |
find . -maxdepth 1 -name '*.deb' | xargs apt-get install -y --no-install-recommends | |
- name: Config test | |
run: | | |
freeradius -XxC | |
# | |
# We now perform some post-install tests that depend on the availability | |
# of the source tree | |
# | |
- name: Install pre-built eapol_test | |
run: | | |
apt-get install -y libssl1.? libdbus-1-? libnl-3-200 libnl-genl-3-200 | |
mv eapol_test /usr/local/bin | |
chmod +x /usr/local/bin/eapol_test | |
- uses: actions/checkout@v4 | |
with: | |
path: freeradius | |
- name: Run the post-install test target | |
run: | | |
echo "top_builddir := $(pwd)" > Make.inc | |
make -C src/tests/ OPENSSL_LIBS=1 EAPOL_TEST_BIN="$(which eapol_test)" $(pwd)/build/tests/eapol_test/eapol_test.mk | |
make -f scripts/ci/package-test.mk package-test | |
working-directory: freeradius | |
- name: Upload radius logs on failure | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: radius-logs-${{ matrix.env.NAME }}.tgz | |
path: | | |
/var/log/freeradius | |
freeradius/build/tests/eapol_test | |
# | |
# See above comments for tmate | |
# | |
- name: "Debug: Package dependancies for tmate" | |
run: | | |
apt-get install -y --no-install-recommends xz-utils | |
if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} | |
- name: "Debug: Start tmate" | |
uses: mxschmitt/action-tmate@v3 | |
with: | |
limit-access-to-actor: true | |
sudo: false | |
if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} |