config.yml
version: 2.1
# CircleCI doesn't handle large file sets properly for local builds
# https://github.com/CircleCI-Public/circleci-cli/issues/281#issuecomment-472808051
localCheckout: &localCheckout
run: |-
git config --global --add safe.directory /tmp/_circleci_local_build_repo
PROJECT_PATH=$(cd ${CIRCLE_WORKING_DIRECTORY}; pwd)
mkdir -p ${PROJECT_PATH}
cd /tmp/_circleci_local_build_repo
git ls-files -z | xargs -0 -s 2090860 tar -c | tar -x -C ${PROJECT_PATH}
cp -a /tmp/_circleci_local_build_repo/.git ${PROJECT_PATH}
jobs:
ubuntu:
description: A template for running OQS-OpenSSL tests on x64 Ubuntu Docker VMs
parameters:
IMAGE:
description: "docker image to use."
type: string
CMAKE_ARGS:
description: "Arguments to pass to CMake."
type: string
OPENSSL_PREINSTALL:
description: "OpenSSL version preinstalled."
type: string
docker:
- image: << parameters.IMAGE >>
steps:
- setup_remote_docker
- checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally
- run:
name: Clone and build liboqs (<< parameters.CMAKE_ARGS >>)
command: |
git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git &&
cd liboqs && mkdir _build && cd _build &&
cmake -GNinja << parameters.CMAKE_ARGS >> -DCMAKE_INSTALL_PREFIX=$(pwd)/../../.local .. && ninja install &&
cd .. && cd .. && pwd
- when:
condition:
not:
equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ]
steps:
- run:
name: Clone and build OpenSSL(3)
command: |
git clone --branch master git://git.openssl.org/openssl.git openssl &&
cd openssl && ./config --prefix=$(echo $(pwd)/../.local) && make -j 18 && make install_sw && cd ..
- run:
name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >> with QSC encoding support)
command: |
mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
- when:
condition:
equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ]
steps:
- run:
name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >> with QSC encoding support)
command: |
mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DUSE_ENCODING_LIB=ON -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja && cd ..
- run:
name: Run tests
command: |
./scripts/runtests.sh -V
- run:
name: Run tests (with encodings, positive and negative test)
command: |
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
cat log
fi
- run:
name: Build OQS-OpenSSL provider (<< parameters.CMAKE_ARGS >>) with NOPUBKEY_IN_PRIVKEY and QSC encoding support
command: |
rm -rf _build && mkdir _build && cd _build && cmake -GNinja << parameters.CMAKE_ARGS >> -DNOPUBKEY_IN_PRIVKEY=ON -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$(pwd)/../.local -DCMAKE_PREFIX_PATH=$(pwd)/../.local .. && ninja
- run:
name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON)
command: |
./scripts/runtests.sh -V
- run:
name: Run tests (-DNOPUBKEY_IN_PRIVKEY=ON, with encodings, positive and negative test)
command: |
./scripts/runtests_encodings.sh -V
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
cat log
fi
macOS:
description: A template for running tests on macOS
parameters:
CMAKE_ARGS:
description: "Arguments to pass to CMake."
type: string
OPENSSL_PREINSTALL:
description: "OpenSSL version preinstalled."
type: string
macos:
xcode: "13.2.1"
steps:
- checkout # change this from "checkout" to "*localCheckout" when running CircleCI locally
- run:
name: Install dependencies
command: env HOMEBREW_NO_AUTO_UPDATE=1 brew install cmake ninja << parameters.OPENSSL_PREINSTALL >>
- run:
name: Get system information
command: sysctl -a | grep machdep.cpu && cc --version
- run:
name: Clone and build liboqs
command: |
git clone --depth 1 --branch main https://github.com/open-quantum-safe/liboqs.git &&
export LIBOQS_INSTALLPATH=$(pwd)/.local && cd liboqs && mkdir _build && cd _build &&
cmake -GNinja -DCMAKE_INSTALL_PREFIX=$LIBOQS_INSTALLPATH << parameters.CMAKE_ARGS >> .. && ninja install &&
cd .. && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$LIBOQS_INSTALLPATH/lib" >> "$BASH_ENV"
- when:
condition:
not:
equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ]
steps:
- run:
name: Clone and build OpenSSL(3) master
command: |
git clone --branch master git://git.openssl.org/openssl.git openssl &&
cd openssl && ./config --prefix=$(echo $(pwd)/../.local) && make -j 18 && make install_sw && cd ..
- run:
name: Build OQS-OpenSSL provider
command: |
export OPENSSL_INSTALL=$(pwd)/.local && mkdir _build && cd _build && cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local << parameters.CMAKE_ARGS >> .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV"
- when:
condition:
equal: [ openssl@3, << parameters.OPENSSL_PREINSTALL >> ]
steps:
- run:
name: Build OQS-OpenSSL provider
command: |
export OPENSSL_INSTALL=`brew config | grep HOMEBREW_PREFIX | sed -e "s/HOMEBREW_PREFIX: //g"`/opt/openssl@3 && mkdir _build && cd _build && liboqs_DIR=`pwd`/../.local cmake -GNinja -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL .. && ninja && echo "export OPENSSL_INSTALL=$OPENSSL_INSTALL" >> "$BASH_ENV" && cd .. && echo "export DYLD_LIBRARY_PATH=$DYLD_LIBRARY_PATH:$OPENSSL_INSTALL/lib" >> "$BASH_ENV"
- run:
name: Run tests
command: |
./scripts/runtests.sh -V
- run:
name: Build OQS-OpenSSL provider with QSC encoding support
command: |
rm -rf _build && mkdir _build && cd _build && cmake -GNinja -DUSE_ENCODING_LIB=ON -DOPENSSL_ROOT_DIR=$OPENSSL_INSTALL -DCMAKE_PREFIX_PATH=$(pwd)/../.local << parameters.CMAKE_ARGS >> .. && ninja
- run:
name: Run tests
command: |
./scripts/runtests.sh -V
- run:
name: Run tests (with encodings)
command: |
./scripts/runtests_encodings.sh -V > log
if [ grep "Skipping testing of buggy OpenSSL" -eq 1 ]; then
cat log
! OQS_ENCODING_DILITHIUM2=foo OQS_ENCODING_DILITHIUM2_ALGNAME=bar ./scripts/runtests.sh -V
else
cat log
fi
workflows:
version: 2.1
build:
jobs:
- ubuntu:
name: ubuntu-focal
context: openquantumsafe
IMAGE: openquantumsafe/ci-ubuntu-focal-x86_64:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
OPENSSL_PREINSTALL: openssl@1
- ubuntu:
name: ubuntu-jammy
context: openquantumsafe
IMAGE: openquantumsafe/ci-ubuntu-jammy:latest
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD
OPENSSL_PREINSTALL: openssl@3
- macOS:
name: macOS-noopenssl
CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF
OPENSSL_PREINSTALL: openssl
- macOS:
name: macOS-shared
CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF -DOQS_ENABLE_KEM_CLASSIC_MCELIECE=OFF
OPENSSL_PREINSTALL: openssl@3
