Require HS256, HS384, or HS512 for EAB #75
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| jobs: | |
| certbot-linux: | |
| name: Run Certbot tests on Linux | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Setup /etc/hosts | |
| run: | | |
| echo "127.0.0.1 example.letsencrypt.org" | sudo tee -a /etc/hosts | |
| echo "127.0.0.1 elpmaxe.letsencrypt.org" | sudo tee -a /etc/hosts | |
| # https://github.com/marketplace/actions/checkout | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| # https://github.com/marketplace/actions/setup-go-environment | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install packages | |
| run: sudo apt-get install snapd python3-acme python3-josepy | |
| - name: Setup snap | |
| run: sudo snap install core && sudo snap refresh core | |
| - name: Install certbot | |
| run: sudo snap install --classic certbot && sudo ln -s /snap/bin/certbot /usr/bin/certbot | |
| - name: go install commands | |
| run: go install -v -race ./cmd/... | |
| - name: launch pebble | |
| run: GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble & | |
| # Perform a test issuance with chisel2.py | |
| - name: chisel | |
| run: REQUESTS_CA_BUNDLE=./test/certs/pebble.minica.pem python ./test/chisel2.py example.letsencrypt.org elpmaxe.letsencrypt.org | |
| eggsampler-linux: | |
| name: Run eggsampler/acme tests on Linux | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: go install commands | |
| run: go install -v -race ./cmd/... | |
| - name: launch pebble | |
| run: GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble -dnsserver localhost:8053 & | |
| - name: launch challtestsrv for integration tests | |
| run: pebble-challtestsrv & | |
| - name: run eggsampler/acme tests | |
| env: | |
| PEBBLE_PATH: ${{ github.workspace }} | |
| run: | | |
| git clone https://github.com/eggsampler/acme.git /tmp/eggsampler-acme | |
| cd /tmp/eggsampler-acme && make test | |
| lego-eab-linux: | |
| name: Test lego with EAB | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: go.mod | |
| - name: Install lego cli | |
| run: go install github.com/go-acme/lego/v4/cmd/lego@latest | |
| - name: go install commands | |
| run: go install -v ./cmd/... | |
| - name: launch pebble | |
| run: | | |
| GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 PEBBLE_VA_ALWAYS_VALID=1 \ | |
| pebble \ | |
| -dnsserver localhost:8053 \ | |
| -config test/config/pebble-config-external-account-bindings.json \ | |
| & | |
| - run: | | |
| LEGO_CA_CERTIFICATES=./test/certs/pebble.minica.pem \ | |
| lego --accept-tos \ | |
| --server=https://localhost:14000/dir \ | |
| --email="pebble-test@example.letsencrypt.org" \ | |
| --domains=example.letsencrypt.org \ | |
| --eab \ | |
| --kid kid-1 \ | |
| --hmac=zWNDZM6eQGHWpSRTPal5eIUYFTu7EajVIoguysqZ9wG44nMEtx3MUAsUDkMTQ12W \ | |
| --http --http.port=5002 \ | |
| run | |
| go-linux: | |
| name: Run Go tests on Linux | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out code | |
| uses: actions/checkout@v4 | |
| # Run project unit tests (with the race detector enabled and atomic coverage profile collection) | |
| - name: unittests | |
| run: go test -v -race -covermode=atomic -coverprofile=profile.cov ./... | |
| # Upload collected coverage profile to goveralls | |
| - uses: shogo82148/actions-goveralls@v1 | |
| with: | |
| path-to-profile: profile.cov |