Fix to send record_overflow alert #1473
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ATECC608 simulator test | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'release/**' ] | |
| pull_request: | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| branches: [ '*' ] | |
| # Weekend cron and manual workflow_dispatch refresh the shared ghcr build | |
| # cache that PR runs read (cache-to below is gated to those two events). | |
| schedule: | |
| - cron: '0 6 * * 6' | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| permissions: | |
| contents: read | |
| packages: write | |
| # Build the ATECC608 software simulator (https://github.com/wolfSSL/simulators, | |
| # ATECC608Sim/ subdirectory), build wolfSSL against cryptoauthlib + the | |
| # simulator's TCP HAL, and run the wolfCrypt ATECC608 test binary against the | |
| # simulator. | |
| # | |
| # The simulator's own Dockerfile.wolfcrypt clones a pinned wolfSSL release. | |
| # We patch it to COPY the PR checkout instead so CI reflects the PR's source. | |
| # We also strip the inline test.c patch RUN block and the older atmel.c config | |
| # copy hotfix: both now live upstream in this tree, so re-applying them would | |
| # fail with "patch target not found". The atmel_set_slot_allocator visibility | |
| # patch remains because the simulator harness still depends on that exported | |
| # symbol. | |
| env: | |
| SIMULATORS_REF: 773fe70 | |
| jobs: | |
| atecc608_sim: | |
| name: wolfCrypt against ATECC608 simulator | |
| if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }} | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout wolfSSL (PR source) | |
| uses: actions/checkout@v5 | |
| with: | |
| path: wolfssl-src | |
| - name: Clone ATECC608 simulator | |
| run: | | |
| git clone https://github.com/wolfSSL/simulators simulators | |
| cd simulators && git checkout "$SIMULATORS_REF" | |
| - name: Stage PR wolfSSL into simulator build context | |
| run: mv wolfssl-src simulators/ATECC608Sim/wolfssl | |
| - name: Patch Dockerfile to use PR wolfSSL and drop redundant source patches | |
| working-directory: simulators/ATECC608Sim | |
| run: | | |
| # Replace the (multi-line) `RUN git clone ... wolfssl.git /app/wolfssl` | |
| # with a COPY of the PR checkout so CI tests the PR's source. | |
| sed -i '/^RUN git clone --branch v5\.9\.1-stable/,/wolfssl\.git \/app\/wolfssl$/c\ | |
| COPY wolfssl /app/wolfssl' Dockerfile.wolfcrypt | |
| # Fail fast if the pattern drifted upstream -- better a clear error | |
| # than a CI run that silently tests a stale release. | |
| grep -q '^ *COPY wolfssl /app/wolfssl$' Dockerfile.wolfcrypt | |
| ! grep -q 'git clone .*wolfssl\.git' Dockerfile.wolfcrypt | |
| sed -i "/^# wolfSSL's wolfCrypt_ATECC_SetConfig only copies I2C-specific fields from$/,/^ grep -q 'XMEMCPY(&cfg_ateccx08a_i2c_pi, cfg' \\/app\\/wolfssl\\/wolfcrypt\\/src\\/port\\/atmel\\/atmel\\.c$/d" Dockerfile.wolfcrypt | |
| ! grep -q "cfg_ateccx08a_i2c_pi" Dockerfile.wolfcrypt | |
| # Strip the inline test.c patch RUN block -- those guard fixes now | |
| # live upstream in this tree. | |
| sed -i "/^RUN python3 - <<'PY'$/,/^PY$/d" Dockerfile.wolfcrypt | |
| ! grep -q "RUN python3 - <<'PY'" Dockerfile.wolfcrypt | |
| # The simulator Dockerfile predates the new configure contract where | |
| # --with-cryptoauthlib must be paired with --enable-microchip=<dev>. | |
| sed -i 's/--with-cryptoauthlib=\/usr \\/--enable-microchip=608 \\\n --with-cryptoauthlib=\/usr \\/' Dockerfile.wolfcrypt | |
| grep -q -- '--enable-microchip=608' Dockerfile.wolfcrypt | |
| - uses: docker/setup-buildx-action@v4 | |
| - name: Log in to ghcr (cache refresh on cron/manual dispatch) | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
| run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin | |
| - name: Build wolfCrypt-ATECC608 test image | |
| uses: docker/build-push-action@v7 | |
| with: | |
| context: simulators/ATECC608Sim | |
| file: simulators/ATECC608Sim/Dockerfile.wolfcrypt | |
| push: false | |
| load: true | |
| tags: wolfssl-atecc608-sim:ci | |
| cache-from: type=registry,ref=ghcr.io/wolfssl/wolfssl-sim-cache:atecc608 | |
| cache-to: ${{ (github.event_name == 'schedule' || github.event_name == 'workflow_dispatch') && 'type=registry,ref=ghcr.io/wolfssl/wolfssl-sim-cache:atecc608,mode=max' || '' }} | |
| - name: Run wolfCrypt tests against simulator | |
| run: docker run --rm wolfssl-atecc608-sim:ci |