From 99bcb7fac9ea10c09a02199599283bf23a582b23 Mon Sep 17 00:00:00 2001
From: Christopher McArthur <prince.chrismc@gmail.com>
Date: Thu, 11 Jan 2024 16:24:00 -0500
Subject: [PATCH] devcontainers fix, test and add wolfssl

refactored installer to have a script that could be reused
---
 .devcontainer/Dockerfile                   |  4 +++-
 .devcontainer/wolfssl/Dockerfile           | 25 ++++++++++++++++++++++
 .devcontainer/wolfssl/devcontainer.json    |  0
 .github/actions/install/wolfssl/action.yml | 12 ++---------
 .github/actions/install/wolfssl/install.sh | 25 ++++++++++++++++++++++
 .github/workflows/jwt.yml                  |  7 ++++++
 6 files changed, 62 insertions(+), 11 deletions(-)
 create mode 100644 .devcontainer/wolfssl/Dockerfile
 create mode 100644 .devcontainer/wolfssl/devcontainer.json
 create mode 100755 .github/actions/install/wolfssl/install.sh

diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index d8634d94c..dcc3ec1ba 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -2,7 +2,6 @@ FROM ubuntu:22.04
 
 RUN export DEBIAN_FRONTEND=noninteractive \
     && apt-get update && apt-get -y install \
-    clang++ \
     clang-format \
     clang-tidy \
     cmake \
@@ -14,4 +13,7 @@ RUN export DEBIAN_FRONTEND=noninteractive \
     libgtest-dev \
     && rm -rf /var/lib/apt/lists/*
 
+ENV CMAKE_C_FLAGS="-DOPENSSL_NO_DEPRECATED=1"
+ENV CMAKE_CXX_FLAGS="-DOPENSSL_NO_DEPRECATED=1" 
+ENV CMAKE_C_CLANG_TIDY="clang-tidy;-fix"
 ENV CMAKE_CXX_CLANG_TIDY="clang-tidy;-fix"
diff --git a/.devcontainer/wolfssl/Dockerfile b/.devcontainer/wolfssl/Dockerfile
new file mode 100644
index 000000000..64eb243b7
--- /dev/null
+++ b/.devcontainer/wolfssl/Dockerfile
@@ -0,0 +1,25 @@
+FROM ubuntu:22.04
+
+RUN export DEBIAN_FRONTEND=noninteractive \
+    && apt-get update && apt-get -y install \
+    autoconf \
+    build-essential \
+    clang-format \
+    clang-tidy \
+    cmake \
+    doxygen \
+    graphviz \
+    git \
+    g++ \
+    libgtest-dev \
+    libtool \
+    wget \
+    && rm -rf /var/lib/apt/lists/*
+
+# https://www.warp.dev/terminus/dockerfile-run-sh
+COPY ./.github/actions/install/wolfssl/install.sh /wolfssl/install.sh
+RUN /wolfssl/install.sh
+
+ENV JWT_SSL_LIBRARY="wolfSSL"
+ENV CMAKE_C_CLANG_TIDY="clang-tidy;-fix"
+ENV CMAKE_CXX_CLANG_TIDY="clang-tidy;-fix"
diff --git a/.devcontainer/wolfssl/devcontainer.json b/.devcontainer/wolfssl/devcontainer.json
new file mode 100644
index 000000000..e69de29bb
diff --git a/.github/actions/install/wolfssl/action.yml b/.github/actions/install/wolfssl/action.yml
index bced14743..64dd7ce99 100644
--- a/.github/actions/install/wolfssl/action.yml
+++ b/.github/actions/install/wolfssl/action.yml
@@ -9,14 +9,6 @@ runs:
   using: composite
   steps:
     - run: |
-        cd /tmp
-        wget -O wolfssl.tar.gz https://github.com/wolfSSL/wolfssl/archive/${{ inputs.version }}.tar.gz
-        tar -zxf /tmp/wolfssl.tar.gz
-        cd wolfssl-*
-        autoreconf -fiv
-        ./configure --enable-opensslall --enable-opensslextra --disable-examples --disable-crypttests --enable-harden --enable-all --enable-all-crypto
-        make
-        sudo make install
-      shell: bash
-    - run: sudo rm -rf /usr/include/openssl
+        ./.github/actions/install/wolfssl/install.sh
+        sudo rm -rf /usr/include/openssl
       shell: bash
diff --git a/.github/actions/install/wolfssl/install.sh b/.github/actions/install/wolfssl/install.sh
new file mode 100755
index 000000000..4bd33cb5e
--- /dev/null
+++ b/.github/actions/install/wolfssl/install.sh
@@ -0,0 +1,25 @@
+#! /bin/sh
+set -e # Exit on error
+DEFAULT_VERSION="v5.3.0-stable"
+VERSION="${1:-$DEFAULT_VERSION}"
+
+cd /tmp
+wget -O wolfssl.tar.gz https://github.com/wolfSSL/wolfssl/archive/$VERSION.tar.gz
+tar -zxf wolfssl.tar.gz
+cd wolfssl-*
+autoreconf -fiv
+./configure --prefix=/usr/local --enable-opensslall --enable-opensslextra --disable-examples --disable-crypttests --enable-harden --enable-all --enable-all-crypto
+make
+
+# Depending if we run in on a GitHub Actions or from within a Docker image we have different permissions
+if [[ $EUID > 0 ]]; then
+    # If we are not root then we need to sudo
+    sudo make install
+else
+    # Default docker image does not have users setup so we are only root and can not sudo
+    make install
+fi
+
+cd /tmp
+rm wolfssl.tar.gz
+rm -rf wolfssl-*
diff --git a/.github/workflows/jwt.yml b/.github/workflows/jwt.yml
index 4fed6581f..d232a9d26 100644
--- a/.github/workflows/jwt.yml
+++ b/.github/workflows/jwt.yml
@@ -91,3 +91,10 @@ jobs:
           cmake --build --preset ci-ubsan --target rsa-verify-run
           cmake --build --preset ci-ubsan --target jwks-verify-run
           cmake --build --preset ci-ubsan --target jwt-cpp-test-run
+
+  devcontainers:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - run: docker build -t default -f .devcontainer/Dockerfile
+      - run: docker build -t wolfssl -f .devcontainer/wolfssl/Dockerfile