-
Notifications
You must be signed in to change notification settings - Fork 1
142 lines (124 loc) · 3.7 KB
/
lockdown-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: Lockdown Tests
on: [push]
jobs:
test:
name: Tests
runs-on: ${{ matrix.os }}
strategy:
matrix:
os:
- "ubuntu-latest"
- "ubuntu-16.04"
- "windows-latest"
- "macos-latest"
steps:
- name: Set up Go 1.13
uses: actions/setup-go@v1
with:
go-version: 1.13
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v1
- name: Get Lockdown Deps
run: |
go get -v -t -d ./...
- name: Ensure the code is formatted
shell: bash
env:
CURR_OS: ${{ matrix.os }}
run: |
if [ "$CURR_OS" = "windows-latest" ]; then
echo "skipping this step, as windows uses different line endings"
exit 0
fi
unformatted="$(go fmt ./...)"
if [ ! "$unformatted" = "" ]; then
echo "the following files were not fmted:"
printf "$unformatted"
echo ""
exit 1
fi
echo "code is properly formatted"
- name: Install Lockdown
run: |
go build -o ./test_build_lockdown -tags notty ./
go build -o ./test_build_lddev ./lddev
- name: Run Lockdown unit tests/benchmarks/coverage
run: |
go test -v -bench . -benchmem -benchtime 10s -cover ./...
- name: Generate random file
env:
CURR_OS: ${{ matrix.os }}
shell: bash
run: |
randfile="./randfile_$CURR_OS"
hashfile="./hashfile_$CURR_OS"
./test_build_lddev -randfile 1024 "$randfile"
./test_build_lddev -hash "$hashfile" "$randfile"
./test_build_lockdown -e -password testpassword "$randfile"
- name: Upload encrypted file
uses: actions/upload-artifact@v1
with:
name: cross_decrypt_files
path: randfile_${{ matrix.os }}.lkd
- name: Upload hash file
uses: actions/upload-artifact@v1
with:
name: cross_decrypt_files
path: hashfile_${{ matrix.os }}
cross_decrypt:
name: Test cross os decryption
needs: test
runs-on: ${{ matrix.os }}
strategy:
matrix:
os:
- "ubuntu-latest"
- "ubuntu-16.04"
- "windows-latest"
- "macos-latest"
steps:
- name: Set up Go 1.13
uses: actions/setup-go@v1
with:
go-version: 1.13
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v1
- name: Get Lockdown Deps
run: |
go get -v -t -d ./...
- name: Install Lockdown
run: |
go build -o ./test_build_lockdown -tags notty ./
go build -o ./test_build_lddev ./lddev
#download encrypted files
- name: Download encrypted files
uses: actions/download-artifact@v1
with:
name: cross_decrypt_files
#test decryption matches hash
- name: Decrypt cross encrypted files
shell: bash
run: |
OSES=()
OSES+=('ubuntu-latest')
OSES+=('ubuntu-16.04')
OSES+=('windows-latest')
OSES+=('macos-latest')
for os in ${OSES[@]}; do
randfile="./cross_decrypt_files/randfile_$os"
encrandfile="$randfile.lkd"
hashfile="./cross_decrypt_files/hashfile_$os"
./test_build_lockdown -d -password testpassword "$encrandfile"
if [ ! $? -eq 0 ]; then
echo "failed to decrypt $encrandfile"
exit 1
fi
echo "succesfully decrypted $encrandfile"
if [ ! "$(./test_build_lddev -hashcompare $hashfile $randfile)" = "match" ]; then
echo "hash comparison failed for $os - $randfile"
exit 1
fi
echo "hashes match: SHA256($randfile) == $hashfile"
done