.github/workflows/tests.yml

95 lines · yaml

name: tests
 
 
on:
  pull_request:
  push:
    branches: [main]
 
permissions:
  contents: read
 
env:
  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
 
jobs:
  python:
    runs-on: ubuntu-latest
    timeout-minutes: 20
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: '3.11'
          cache: pip
          cache-dependency-path: requirements.txt
      - name: Install Python dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt pytest
      - name: Install tkinter (cli.gui imports it at module top)
        run: sudo apt-get update && sudo apt-get install -y python3-tk
      - name: Try install liboqs (optional, for PQ suite)
        run: pip install liboqs-python || echo "::notice::liboqs-python unavailable; test_pq will skip"
      - name: Run main()-style test scripts
        run: |
          rc=0
          for t in test_e2e test_e2e_v2 test_rekor_unit test_policy_unit test_tlog_unit \
                   test_registry_unit test_registry_conformance test_rekor_backcompat \
                   test_text_format_unit test_l3_policy_unit test_siem_unit \
                   test_gui_hardening_unit; do
            echo "::group::tests/$t.py"
            if python "tests/$t.py"; then echo "[OK] $t"; else echo "::error::tests/$t.py failed"; rc=1; fi
            echo "::endgroup::"
          done
          exit $rc
      - name: Run PQ tests (skipped cleanly if liboqs absent)
        run: |
          if python -c "import oqs" 2>/dev/null; then
            python tests/test_pq.py
          else
            echo "::notice::liboqs not installed; skipping test_pq (optional PQ suite)"
          fi
      - name: Run pytest-collectable tests
        run: pytest tests/ -v
 
  rust:
    runs-on: ubuntu-latest
    timeout-minutes: 25
    defaults:
      run:
        working-directory: oversight-rust
    steps:
      - uses: actions/checkout@v4
      - uses: dtolnay/rust-toolchain@stable
      - uses: Swatinem/rust-cache@v2
        with:
          workspaces: oversight-rust
      - name: cargo test --workspace --release
        run: cargo test --workspace --release
 
  conformance:
    runs-on: ubuntu-latest
    timeout-minutes: 25
    needs: [python, rust]
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-python@v5
        with:
          python-version: '3.11'
          cache: pip
          cache-dependency-path: requirements.txt
      - uses: dtolnay/rust-toolchain@stable
      - uses: Swatinem/rust-cache@v2
        with:
          workspaces: oversight-rust
      - name: Install Python dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt
      - name: Cross-language conformance (CLASSIC seal/open)
        working-directory: oversight-rust
        run: bash tests/conformance_cross_lang.sh
      - name: Cross-language conformance (Rekor DSSE/PAE)
        working-directory: oversight-rust
        run: bash tests/conformance_rekor.sh

1	name: tests
2
3
4	on:
5	pull_request:
6	push:
7	branches: [main]
8
9	permissions:
10	contents: read
11
12	env:
13	FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
14
15	jobs:
16	python:
17	runs-on: ubuntu-latest
18	timeout-minutes: 20
19	steps:
20	- uses: actions/checkout@v4
21	- uses: actions/setup-python@v5
22	with:
23	python-version: '3.11'
24	cache: pip
25	cache-dependency-path: requirements.txt
26	- name: Install Python dependencies
27	run: \|
28	python -m pip install --upgrade pip
29	pip install -r requirements.txt pytest
30	- name: Install tkinter (cli.gui imports it at module top)
31	run: sudo apt-get update && sudo apt-get install -y python3-tk
32	- name: Try install liboqs (optional, for PQ suite)
33	run: pip install liboqs-python \|\| echo "::notice::liboqs-python unavailable; test_pq will skip"
34	- name: Run main()-style test scripts
35	run: \|
36	rc=0
37	for t in test_e2e test_e2e_v2 test_rekor_unit test_policy_unit test_tlog_unit \
38	test_registry_unit test_registry_conformance test_rekor_backcompat \
39	test_text_format_unit test_l3_policy_unit test_siem_unit \
40	test_gui_hardening_unit; do
41	echo "::group::tests/$t.py"
42	if python "tests/$t.py"; then echo "[OK] $t"; else echo "::error::tests/$t.py failed"; rc=1; fi
43	echo "::endgroup::"
44	done
45	exit $rc
46	- name: Run PQ tests (skipped cleanly if liboqs absent)
47	run: \|
48	if python -c "import oqs" 2>/dev/null; then
49	python tests/test_pq.py
50	else
51	echo "::notice::liboqs not installed; skipping test_pq (optional PQ suite)"
52	fi
53	- name: Run pytest-collectable tests
54	run: pytest tests/ -v
55
56	rust:
57	runs-on: ubuntu-latest
58	timeout-minutes: 25
59	defaults:
60	run:
61	working-directory: oversight-rust
62	steps:
63	- uses: actions/checkout@v4
64	- uses: dtolnay/rust-toolchain@stable
65	- uses: Swatinem/rust-cache@v2
66	with:
67	workspaces: oversight-rust
68	- name: cargo test --workspace --release
69	run: cargo test --workspace --release
70
71	conformance:
72	runs-on: ubuntu-latest
73	timeout-minutes: 25
74	needs: [python, rust]
75	steps:
76	- uses: actions/checkout@v4
77	- uses: actions/setup-python@v5
78	with:
79	python-version: '3.11'
80	cache: pip
81	cache-dependency-path: requirements.txt
82	- uses: dtolnay/rust-toolchain@stable
83	- uses: Swatinem/rust-cache@v2
84	with:
85	workspaces: oversight-rust
86	- name: Install Python dependencies
87	run: \|
88	python -m pip install --upgrade pip
89	pip install -r requirements.txt
90	- name: Cross-language conformance (CLASSIC seal/open)
91	working-directory: oversight-rust
92	run: bash tests/conformance_cross_lang.sh
93	- name: Cross-language conformance (Rekor DSSE/PAE)
94	working-directory: oversight-rust
95	run: bash tests/conformance_rekor.sh