Skip clevis test during CI
Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
This commit is contained in:
parent
42ba36aa71
commit
961b988627
6
.github/workflows/ci.yml
vendored
6
.github/workflows/ci.yml
vendored
|
@ -35,10 +35,6 @@ jobs:
|
||||||
- name: Remove clevis-pin-tpm2
|
- name: Remove clevis-pin-tpm2
|
||||||
run: |
|
run: |
|
||||||
dnf erase -y clevis-pin-tpm2
|
dnf erase -y clevis-pin-tpm2
|
||||||
- name: Grab newer copies of the clevis in-tree TPM2 pin
|
|
||||||
run: |
|
|
||||||
curl https://raw.githubusercontent.com/latchset/clevis/master/src/pins/tpm2/clevis-encrypt-tpm2 -o /usr/bin/clevis-encrypt-tpm2
|
|
||||||
curl https://raw.githubusercontent.com/latchset/clevis/master/src/pins/tpm2/clevis-decrypt-tpm2 -o /usr/bin/clevis-decrypt-tpm2
|
|
||||||
- name: Build
|
- name: Build
|
||||||
run: cargo build
|
run: cargo build
|
||||||
- name: Start swtpm
|
- name: Start swtpm
|
||||||
|
@ -58,7 +54,7 @@ jobs:
|
||||||
--daemon
|
--daemon
|
||||||
- name: Run integration tests
|
- name: Run integration tests
|
||||||
run: |
|
run: |
|
||||||
TCTI=swtpm: cargo test -- --nocapture
|
TCTI=swtpm: SKIP_CLEVIS=true cargo test -- --nocapture
|
||||||
- name: Run policy tests
|
- name: Run policy tests
|
||||||
run: |
|
run: |
|
||||||
# TCTI=swtpm: ./tests/test_policy
|
# TCTI=swtpm: ./tests/test_policy
|
||||||
|
|
|
@ -120,20 +120,23 @@ fn generate_decrypt_clevis() -> DecryptFunc {
|
||||||
const INPUT: &str = "some-static-content";
|
const INPUT: &str = "some-static-content";
|
||||||
|
|
||||||
const FAIL_FAST: Option<&'static str> = option_env!("FAIL_FAST");
|
const FAIL_FAST: Option<&'static str> = option_env!("FAIL_FAST");
|
||||||
|
const SKIP_CLEVIS: Option<&'static str> = option_env!("SKIP_CLEVIS");
|
||||||
|
|
||||||
// Testing against clevis requires https://github.com/latchset/clevis/commit/c6fc63fc055c18927decc7bcaa07821d5ae37614
|
// Testing against clevis requires https://github.com/latchset/clevis/commit/c6fc63fc055c18927decc7bcaa07821d5ae37614
|
||||||
#[test]
|
#[test]
|
||||||
fn pcr_tests() {
|
fn pcr_tests() {
|
||||||
let encrypters = vec![
|
let mut encrypters = vec![
|
||||||
generate_encrypt_us(false),
|
generate_encrypt_us(false),
|
||||||
generate_encrypt_us(true),
|
generate_encrypt_us(true),
|
||||||
generate_encrypt_clevis(),
|
|
||||||
];
|
];
|
||||||
let decrypters = vec![
|
let mut decrypters = vec![
|
||||||
generate_decrypt_us(false),
|
generate_decrypt_us(false),
|
||||||
generate_decrypt_us(true),
|
generate_decrypt_us(true),
|
||||||
generate_decrypt_clevis(),
|
|
||||||
];
|
];
|
||||||
|
if SKIP_CLEVIS.is_none() {
|
||||||
|
encrypters.push(generate_encrypt_clevis());
|
||||||
|
decrypters.push(generate_decrypt_clevis());
|
||||||
|
}
|
||||||
|
|
||||||
let mut failed: u64 = 0;
|
let mut failed: u64 = 0;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue