bump tested ssl libraries #529
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: JWT CI | |
| on: | |
| push: | |
| branches: [master] | |
| pull_request: | |
| branches: [master] | |
| jobs: | |
| coverage: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: lukka/get-cmake@latest | |
| - uses: ./.github/actions/install/gtest | |
| - uses: ./.github/actions/install/danielaparker-jsoncons | |
| - uses: ./.github/actions/install/boost-json | |
| - uses: ./.github/actions/install/open-source-parsers-jsoncpp | |
| - name: configure | |
| run: | | |
| mkdir build | |
| cd build | |
| cmake .. -DJWT_BUILD_EXAMPLES=OFF -DJWT_BUILD_TESTS=ON -DJWT_ENABLE_COVERAGE=ON -DCMAKE_BUILD_TYPE=Debug | |
| - name: run | |
| working-directory: build | |
| run: make jwt-cpp-test coverage | |
| - uses: coverallsapp/github-action@v2 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| file: build/coverage.info | |
| format: lcov | |
| fuzzing: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: lukka/get-cmake@latest | |
| - uses: ./.github/actions/install/gtest | |
| - name: configure | |
| run: | | |
| mkdir build | |
| cd build | |
| cmake .. -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ -DJWT_ENABLE_FUZZING=ON | |
| - name: run | |
| run: | | |
| cmake --build build/ --target jwt-cpp-fuzz-BaseEncodeFuzz-run | |
| cmake --build build/ --target jwt-cpp-fuzz-BaseDecodeFuzz-run | |
| cmake --build build/ --target jwt-cpp-fuzz-TokenDecodeFuzz-run | |
| asan: # Based on https://gist.github.com/jlblancoc/44be9d4d466f0a973b1f3808a8e56782 | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| openssl: | |
| - { tag: "openssl-3.3.0", name: "3.3.0" } | |
| - { tag: "OpenSSL_1_1_1w", name: "1.1.1w" } | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: lukka/get-cmake@latest | |
| - uses: ./.github/actions/install/gtest | |
| - uses: ./.github/actions/install/openssl | |
| with: | |
| version: ${{ matrix.openssl.tag }} | |
| - name: configure | |
| run: | | |
| mkdir build | |
| cd build | |
| cmake .. -DJWT_BUILD_TESTS=ON -DCMAKE_CXX_FLAGS="-fsanitize=address -fsanitize=leak -g" \ | |
| -DCMAKE_C_FLAGS="-fsanitize=address -fsanitize=leak -g" \ | |
| -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address -fsanitize=leak" \ | |
| -DCMAKE_MODULE_LINKER_FLAGS="-fsanitize=address -fsanitize=leak" | |
| - name: run | |
| working-directory: build | |
| run: | | |
| make | |
| export ASAN_OPTIONS=check_initialization_order=true:detect_stack_use_after_return=true:fast_unwind_on_malloc=0 | |
| ./example/rsa-create | |
| ./example/rsa-verify | |
| ./example/jwks-verify | |
| ./tests/jwt-cpp-test | |
| ubsan: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: lukka/get-cmake@latest | |
| - uses: ./.github/actions/install/gtest | |
| - name: configure | |
| run: | | |
| mkdir build | |
| cd build | |
| cmake .. -DJWT_BUILD_TESTS=ON -DCMAKE_CXX_STANDARD=20 \ | |
| -DCMAKE_CXX_FLAGS="-fsanitize=undefined -fsanitize=return -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize-recover=all -g" \ | |
| -DCMAKE_C_FLAGS="-fsanitize=undefined -fsanitize=return -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize-recover=all -g" \ | |
| -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=undefined -fsanitize=return -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize-recover=all" \ | |
| -DCMAKE_MODULE_LINKER_FLAGS="-fsanitize=undefined -fsanitize=return -fsanitize=float-divide-by-zero -fsanitize=float-cast-overflow -fno-sanitize-recover=all" | |
| - name: run | |
| working-directory: build | |
| run: | | |
| make | |
| export UBSAN_OPTIONS=print_stacktrace=1 | |
| ./example/rsa-create | |
| ./example/rsa-verify | |
| ./tests/jwt-cpp-test |