Skip to content

Generate quantum resistant keypairs ahead of connecting #9172

Generate quantum resistant keypairs ahead of connecting

Generate quantum resistant keypairs ahead of connecting #9172

Workflow file for this run

---
name: Daemon+CLI - Build and test
on:
pull_request:
paths:
- '**'
- '!**/**.md'
- '!.github/workflows/**'
- '.github/workflows/daemon.yml'
- '!.github/CODEOWNERS'
- '!android/**'
- '!audits/**'
- '!build.sh'
- '!ci/**'
- 'ci/check-rust.sh'
- '!clippy.toml'
- '!deny.toml'
- '!docs/**'
- '!graphics/**'
- '!desktop/**'
- '!ios/**'
- '!scripts/**'
- '!.*ignore'
- '!prepare-release.sh'
- '!rustfmt.toml'
- '!.yamllint'
- '!**/osv-scanner.toml'
workflow_dispatch:
inputs:
override_container_image:
description: Override container image
type: string
required: false
permissions: {}
jobs:
prepare-linux:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Use custom container image if specified
if: ${{ github.event.inputs.override_container_image != '' }}
run: echo "inner_container_image=${{ github.event.inputs.override_container_image }}"
>> $GITHUB_ENV
- name: Use default container image and resolve digest
if: ${{ github.event.inputs.override_container_image == '' }}
run: |
echo "inner_container_image=$(cat ./building/linux-container-image.txt)" >> $GITHUB_ENV
outputs:
container_image: ${{ env.inner_container_image }}
build-linux:
needs: prepare-linux
runs-on: ubuntu-latest
container:
image: ${{ needs.prepare-linux.outputs.container_image }}
strategy:
matrix:
rust: [stable, beta, nightly]
continue-on-error: true
steps:
# Fix for HOME path overridden by GH runners when building in containers, see:
# https://github.com/actions/runner/issues/863
- name: Fix HOME path
run: echo "HOME=/root" >> $GITHUB_ENV
- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout submodules
run: |
git config --global --add safe.directory '*'
git submodule update --init --depth=1 dist-assets/binaries
git submodule update --init --recursive --depth=1 wireguard-go-rs
# The container image already has rustup and Rust, but only the stable toolchain
- name: Install Rust toolchain
run: rustup default ${{ matrix.rust }}
- name: Build and test crates
run: ./ci/check-rust.sh
build-macos:
runs-on: macos-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout wireguard-go submodule
run: |
git config --global --add safe.directory '*'
git submodule update --init --recursive --depth=1 wireguard-go-rs
- name: Install Protoc
uses: arduino/setup-protoc@v3
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Install Rust
uses: actions-rs/[email protected]
with:
toolchain: stable
default: true
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: 1.21.3
- name: Build and test crates
run: ./ci/check-rust.sh
build-windows:
strategy:
matrix:
config:
- os: windows-latest
arch: x64
- os: [self-hosted, ARM64, Windows]
arch: arm64
runs-on: ${{ matrix.config.os }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Checkout submodules
run: git submodule update --init --depth=1
- name: Install Protoc
# NOTE: ARM runner already has protoc
if: ${{ matrix.config.arch != 'arm64' }}
uses: arduino/setup-protoc@v3
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Calculate Windows libraries cache hash
id: windows-modules-hash
shell: bash
run: |
hash="$(git grep --recurse-submodules --cached -l '' -- './windows/' \
| grep -v '\.exe$\|\.md$' \
| xargs sha1sum \
| sha1sum \
| cut -d" " -f1)"
echo "hash=$hash" >> "$GITHUB_OUTPUT"
- name: Cache Windows libraries
uses: actions/cache@v2
id: cache-windows-modules
with:
path: |
./windows/*/bin/${{ matrix.config.arch }}-*/*.dll
./windows/*/bin/${{ matrix.config.arch }}-*/*.lib
!./windows/*/bin/${{ matrix.config.arch }}-*/libcommon.lib
!./windows/*/bin/${{ matrix.config.arch }}-*/libshared.lib
!./windows/*/bin/${{ matrix.config.arch }}-*/libwfp.lib
key: windows-modules-${{ steps.windows-modules-hash.outputs.hash }}
# The x64 toolchain is needed to build talpid-openvpn-plugin
# TODO: Remove once fixed
- name: Install Rust x64 target
if: ${{ matrix.config.arch == 'arm64' }}
uses: actions-rs/[email protected]
with:
toolchain: stable
target: x86_64-pc-windows-msvc
- name: Install Rust
uses: actions-rs/[email protected]
with:
toolchain: stable
target: i686-pc-windows-msvc
default: true
- name: Install msbuild
uses: microsoft/[email protected]
with:
vs-version: 16
- name: Build Windows modules
if: steps.cache-windows-modules.outputs.cache-hit != 'true'
shell: bash
run: ./build-windows-modules.sh
- name: Build and test crates
shell: bash
env:
# On Windows, the checkout is on the D drive, which is very small.
# Moving the target directory to the C drive ensures that the runner
# doesn't run out of space on the D drive.
CARGO_TARGET_DIR: "C:/cargo-target"
run: ./ci/check-rust.sh