Skip to content

Interoperability tests #1416

Interoperability tests

Interoperability tests #1416

Workflow file for this run

name: Interoperability tests
on: [push, repository_dispatch]
jobs:
build-rage:
name: Build rage
runs-on: ubuntu-latest
steps:
- name: Create FiloSottile/age status
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / Build rage"}'
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
toolchain: 1.56.0
override: true
- name: cargo build
run: cargo build --release --features unstable
working-directory: ./rage
- uses: actions/upload-artifact@v3
with:
name: rage
path: target/release/rage
- name: Update FiloSottile/age status with result
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / Build rage"}'
build-age:
name: Build age
runs-on: ubuntu-latest
steps:
- name: Create FiloSottile/age status
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / Build age"}'
- name: Set up Go 1.17
uses: actions/setup-go@v3
with:
go-version: 1.17
id: go
- name: Use specified FiloSottile/age commit
if: github.event.action == 'age-interop-request'
run: echo "AGE_REF=${{ github.event.client_payload.sha }}" >> $GITHUB_ENV
- name: Use FiloSottile/age current main
if: github.event.action != 'age-interop-request'
run: echo "AGE_REF=refs/heads/main" >> $GITHUB_ENV
- name: Check out FiloSottile/age
uses: actions/checkout@v3
with:
repository: FiloSottile/age
ref: ${{ env.AGE_REF }}
path: go-age/age
- name: go build
run: |
cd $GITHUB_WORKSPACE/go-age/age
go build filippo.io/age/cmd/age
- uses: actions/upload-artifact@v3
with:
name: age
path: go-age/age/age
- name: Update FiloSottile/age status with result
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / Build age"}'
test:
name: ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}]
runs-on: ubuntu-latest
needs: [build-rage, build-age]
strategy:
matrix:
alice: [rage, age]
bob: [rage, age]
recipient: [x25519, ssh-rsa, ssh-ed25519]
fail-fast: false
steps:
- name: Create FiloSottile/age status
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}]"}'
# Download the binaries to test
- uses: actions/download-artifact@v3
with:
name: rage
- uses: actions/download-artifact@v3
with:
name: age
- run: chmod +x rage
- run: chmod +x age
# Prepare the test environment
- name: Install dos2unix for simulating Windows files
run: sudo apt install dos2unix
- name: Write (very not private) age X25519 key
if: matrix.recipient == 'x25519'
run: echo "AGE-SECRET-KEY-1TRYTV7PQS5XPUYSTAQZCD7DQCWC7Q77YJD7UVFJRMW4J82Q6930QS70MRX" >key.txt
- name: Set the corresponding age x25519 recipient
if: matrix.recipient == 'x25519'
run: echo "AGE_PUBKEY=-r age1y8m84r6pwd4da5d45zzk03rlgv2xr7fn9px80suw3psrahul44ashl0usm" >> $GITHUB_ENV
- name: Generate an ssh-rsa key
if: matrix.recipient == 'ssh-rsa'
run: ssh-keygen -t rsa -N "" -f key.txt
- name: Generate an ssh-ed25519 key
if: matrix.recipient == 'ssh-ed25519'
run: ssh-keygen -t ed25519 -N "" -f key.txt
- name: Set the corresponding SSH recipient
if: matrix.recipient == 'ssh-rsa' || matrix.recipient == 'ssh-ed25519'
run: echo "AGE_PUBKEY=-R key.txt.pub" >> $GITHUB_ENV
- name: Store key.txt in case we need it
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_key.txt
path: key.txt
# Tests!
- name: Encrypt to file
run: echo "Test string" | ./${{ matrix.alice }} -o test.age $AGE_PUBKEY
- name: Decrypt from file
run: ./${{ matrix.bob }} -d -i key.txt test.age | grep -q "^Test string$"
- name: Store test.age
uses: actions/upload-artifact@v3
if: failure()
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test.age
path: test.age
- name: Generate a file to encrypt
run: echo "2 test 2 string" > test2.txt
- name: Encrypt to ASCII-armored file
run: ./${{ matrix.alice }} -a -o test2.age $AGE_PUBKEY test2.txt
- name: Decrypt from ASCII-armored file
run: ./${{ matrix.bob }} -d -i key.txt test2.age | grep -q "^2 test 2 string$"
- name: Store test2.age
uses: actions/upload-artifact@v3
if: failure()
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test2.age
path: test2.age
- name: Convert file to CRLF
run: unix2dos test2.age
- name: Decrypt from ASCII-armored CRLF file
run: ./${{ matrix.bob }} -d -i key.txt test2.age | grep -q "^2 test 2 string$"
- name: Store CRLF-ed test2.age
uses: actions/upload-artifact@v3
if: failure()
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test2.age
path: test2.age
- name: Pipes!
run: echo "Test string 3 - ASCII Drift" | ./${{ matrix.alice }} $AGE_PUBKEY | tee --output-error=warn test3.age | ./${{ matrix.bob }} -d -i key.txt | grep -q "^Test string 3 - ASCII Drift$"
- name: Store test3.age
uses: actions/upload-artifact@v3
if: failure()
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test3.age
path: test3.age
- name: Explicit stdout during encryption
run: ./${{ matrix.alice }} -a -o - $AGE_PUBKEY test2.txt >test4.age
- name: Explicit stdin during decryption
run: cat test4.age | ./${{ matrix.bob }} -d -i key.txt - | grep -q "^2 test 2 string$"
- name: Store test4.age
uses: actions/upload-artifact@v3
if: failure()
with:
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test4.age
path: test4.age
- name: Update FiloSottile/age status with result
if: always() && github.event.action == 'age-interop-request'
run: |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \
-H 'Accept: application/vnd.github.everest-preview+json' \
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}]"}'