Interoperability tests #1416
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Interoperability tests | |
on: [push, repository_dispatch] | |
jobs: | |
build-rage: | |
name: Build rage | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create FiloSottile/age status | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / Build rage"}' | |
- uses: actions/checkout@v3 | |
- uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: 1.56.0 | |
override: true | |
- name: cargo build | |
run: cargo build --release --features unstable | |
working-directory: ./rage | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: rage | |
path: target/release/rage | |
- name: Update FiloSottile/age status with result | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / Build rage"}' | |
build-age: | |
name: Build age | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create FiloSottile/age status | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / Build age"}' | |
- name: Set up Go 1.17 | |
uses: actions/setup-go@v3 | |
with: | |
go-version: 1.17 | |
id: go | |
- name: Use specified FiloSottile/age commit | |
if: github.event.action == 'age-interop-request' | |
run: echo "AGE_REF=${{ github.event.client_payload.sha }}" >> $GITHUB_ENV | |
- name: Use FiloSottile/age current main | |
if: github.event.action != 'age-interop-request' | |
run: echo "AGE_REF=refs/heads/main" >> $GITHUB_ENV | |
- name: Check out FiloSottile/age | |
uses: actions/checkout@v3 | |
with: | |
repository: FiloSottile/age | |
ref: ${{ env.AGE_REF }} | |
path: go-age/age | |
- name: go build | |
run: | | |
cd $GITHUB_WORKSPACE/go-age/age | |
go build filippo.io/age/cmd/age | |
- uses: actions/upload-artifact@v3 | |
with: | |
name: age | |
path: go-age/age/age | |
- name: Update FiloSottile/age status with result | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / Build age"}' | |
test: | |
name: ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}] | |
runs-on: ubuntu-latest | |
needs: [build-rage, build-age] | |
strategy: | |
matrix: | |
alice: [rage, age] | |
bob: [rage, age] | |
recipient: [x25519, ssh-rsa, ssh-ed25519] | |
fail-fast: false | |
steps: | |
- name: Create FiloSottile/age status | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "pending", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "In progress", "context": "Interoperability tests / ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}]"}' | |
# Download the binaries to test | |
- uses: actions/download-artifact@v3 | |
with: | |
name: rage | |
- uses: actions/download-artifact@v3 | |
with: | |
name: age | |
- run: chmod +x rage | |
- run: chmod +x age | |
# Prepare the test environment | |
- name: Install dos2unix for simulating Windows files | |
run: sudo apt install dos2unix | |
- name: Write (very not private) age X25519 key | |
if: matrix.recipient == 'x25519' | |
run: echo "AGE-SECRET-KEY-1TRYTV7PQS5XPUYSTAQZCD7DQCWC7Q77YJD7UVFJRMW4J82Q6930QS70MRX" >key.txt | |
- name: Set the corresponding age x25519 recipient | |
if: matrix.recipient == 'x25519' | |
run: echo "AGE_PUBKEY=-r age1y8m84r6pwd4da5d45zzk03rlgv2xr7fn9px80suw3psrahul44ashl0usm" >> $GITHUB_ENV | |
- name: Generate an ssh-rsa key | |
if: matrix.recipient == 'ssh-rsa' | |
run: ssh-keygen -t rsa -N "" -f key.txt | |
- name: Generate an ssh-ed25519 key | |
if: matrix.recipient == 'ssh-ed25519' | |
run: ssh-keygen -t ed25519 -N "" -f key.txt | |
- name: Set the corresponding SSH recipient | |
if: matrix.recipient == 'ssh-rsa' || matrix.recipient == 'ssh-ed25519' | |
run: echo "AGE_PUBKEY=-R key.txt.pub" >> $GITHUB_ENV | |
- name: Store key.txt in case we need it | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_key.txt | |
path: key.txt | |
# Tests! | |
- name: Encrypt to file | |
run: echo "Test string" | ./${{ matrix.alice }} -o test.age $AGE_PUBKEY | |
- name: Decrypt from file | |
run: ./${{ matrix.bob }} -d -i key.txt test.age | grep -q "^Test string$" | |
- name: Store test.age | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test.age | |
path: test.age | |
- name: Generate a file to encrypt | |
run: echo "2 test 2 string" > test2.txt | |
- name: Encrypt to ASCII-armored file | |
run: ./${{ matrix.alice }} -a -o test2.age $AGE_PUBKEY test2.txt | |
- name: Decrypt from ASCII-armored file | |
run: ./${{ matrix.bob }} -d -i key.txt test2.age | grep -q "^2 test 2 string$" | |
- name: Store test2.age | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test2.age | |
path: test2.age | |
- name: Convert file to CRLF | |
run: unix2dos test2.age | |
- name: Decrypt from ASCII-armored CRLF file | |
run: ./${{ matrix.bob }} -d -i key.txt test2.age | grep -q "^2 test 2 string$" | |
- name: Store CRLF-ed test2.age | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test2.age | |
path: test2.age | |
- name: Pipes! | |
run: echo "Test string 3 - ASCII Drift" | ./${{ matrix.alice }} $AGE_PUBKEY | tee --output-error=warn test3.age | ./${{ matrix.bob }} -d -i key.txt | grep -q "^Test string 3 - ASCII Drift$" | |
- name: Store test3.age | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test3.age | |
path: test3.age | |
- name: Explicit stdout during encryption | |
run: ./${{ matrix.alice }} -a -o - $AGE_PUBKEY test2.txt >test4.age | |
- name: Explicit stdin during decryption | |
run: cat test4.age | ./${{ matrix.bob }} -d -i key.txt - | grep -q "^2 test 2 string$" | |
- name: Store test4.age | |
uses: actions/upload-artifact@v3 | |
if: failure() | |
with: | |
name: ${{ matrix.alice }}_${{ matrix.bob }}_${{ matrix.recipient }}_test4.age | |
path: test4.age | |
- name: Update FiloSottile/age status with result | |
if: always() && github.event.action == 'age-interop-request' | |
run: | | |
curl -X POST https://api.github.com/repos/FiloSottile/age/statuses/${{ github.event.client_payload.sha }} \ | |
-H 'Accept: application/vnd.github.everest-preview+json' \ | |
-H 'Authorization: token ${{ secrets.AGE_STATUS_ACCESS_TOKEN }}' \ | |
--data '{"state": "${{ job.status }}", "target_url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "description": "Finished", "context": "Interoperability tests / ${{ matrix.alice }} -> ${{ matrix.bob }} [${{ matrix.recipient }}]"}' |