diff --git a/.github/workflows/unix.yml b/.github/workflows/unix.yml index 8a7a2c6ec..841f0d7f2 100644 --- a/.github/workflows/unix.yml +++ b/.github/workflows/unix.yml @@ -12,90 +12,6 @@ env: LIBJADE_ALG_LIST: "KEM_kyber_512;KEM_kyber_768" jobs: - - stylecheck: - name: Check code formatting - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Ensure code conventions are upheld - run: python3 -m pytest --verbose tests/test_code_conventions.py - - name: Check that doxygen can parse the documentation - run: mkdir build && ./scripts/run_doxygen.sh $(which doxygen) ./docs/.Doxyfile ./build - - name: Validate CBOM - run: scripts/validate_cbom.sh - - upstreamcheck: - name: Check upstream code is properly integrated - strategy: - fail-fast: false - matrix: - copy-mode: - - copy - - libjade - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - runs-on: ubuntu-latest - steps: - - name: Setup nix - uses: cachix/install-nix-action@v26 - - name: Setup jasmin-compiler - run: | - nix-channel --add https://nixos.org/channels/nixos-23.11 nixpkgs && \ - nix-channel --update && nix-env -iA nixpkgs.jasmin-compiler - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Verify copy_from_upstream state after "${{ matrix.copy-mode}}" - run: | - git config --global user.name "ciuser" && \ - git config --global user.email "ci@openquantumsafe.org" && \ - export LIBOQS_DIR=`pwd` && \ - git config --global --add safe.directory $LIBOQS_DIR && \ - cd scripts/copy_from_upstream && \ - ! pip3 install --require-hashes -r requirements.txt 2>&1 | grep -i ERROR && \ - python3 copy_from_upstream.py ${{ matrix.copy-mode }} && \ - ! git status | grep modified - - buildcheck: - name: Check that code passes a basic build before starting heavier tests - needs: [ stylecheck, upstreamcheck ] - strategy: - matrix: - runner: - - ubuntu-latest - #- oqs-arm64 - distro: - #- focal - - jammy - - latest - runs-on: ${{ matrix.runner }} - container: openquantumsafe/ci-ubuntu-${{ matrix.distro }}:latest - env: - KEM_NAME: kyber_768 - SIG_NAME: dilithium_3 - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Configure - run: | - mkdir build && \ - cd build && \ - cmake .. --warn-uninitialized \ - -GNinja \ - -DOQS_MINIMAL_BUILD="KEM_$KEM_NAME;SIG_$SIG_NAME" \ - > config.log 2>&1 && \ - cat config.log && \ - cmake -LA -N .. && \ - ! (grep "uninitialized variable" config.log) - - name: Build code - run: ninja - working-directory: build - - name: Build documentation - run: ninja gen_docs - working-directory: build - if: matrix.runner == 'ubuntu-latest' - linux: needs: buildcheck strategy: @@ -107,11 +23,21 @@ jobs: container: openquantumsafe/ci-ubuntu-latest:latest CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-clang + runner: ubuntu-latest + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DCMAKE_C_COMPILER=clang + PYTEST_ARGS: --ignore=tests/test_kat_all.py - name: noble-hazardous runner: ubuntu-latest container: openquantumsafe/ci-ubuntu-latest:latest CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-hazardous-clang + runner: ubuntu-latest + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DCMAKE_C_COMPILER=clang + PYTEST_ARGS: --ignore=tests/test_kat_all.py - name: noble-nodistbuild runner: ubuntu-latest container: openquantumsafe/ci-ubuntu-latest:latest @@ -122,76 +48,41 @@ jobs: container: openquantumsafe/ci-ubuntu-latest:latest CMAKE_ARGS: -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic PYTEST_ARGS: --ignore=tests/test_kat_all.py - - name: arm64 - runner: oqs-arm64 - container: openquantumsafe/ci-ubuntu-focal-arm64:latest - PYTEST_ARGS: --maxprocesses=10 --ignore=tests/test_kat_all.py - CMAKE_ARGS: -DOQS_ENABLE_SIG_STFL_LMS=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON - - name: alpine - runner: ubuntu-latest - container: openquantumsafe/ci-alpine-amd64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - - name: alpine-no-stfl-key-sig-gen - runner: ubuntu-latest - container: openquantumsafe/ci-alpine-amd64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - - name: alpine-openssl-all - runner: ubuntu-latest - container: openquantumsafe/ci-alpine-amd64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - - name: alpine-noopenssl - runner: ubuntu-latest - container: openquantumsafe/ci-alpine-amd64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_USE_OPENSSL=OFF -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - - name: focal-nistr4-openssl - runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=NIST_R4 - PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: focal-nistonramp-openssl + - name: noble-noopenssl runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=NIST_SIG_ONRAMP - PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: focal-noopenssl - runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DCMAKE_C_COMPILER=gcc-8 -DOQS_USE_OPENSSL=OFF - PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: focal-shared-noopenssl + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_USE_OPENSSL=OFF + PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-openssl-sha3 runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DCMAKE_C_COMPILER=gcc-7 -DOQS_DIST_BUILD=OFF -DOQS_USE_OPENSSL=OFF -DBUILD_SHARED_LIBS=ON - PYTEST_ARGS: --ignore=tests/test_namespace.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: focal-clang15 + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_USE_OPENSSL_SHA3=ON + PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-shared runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DCMAKE_C_COMPILER=clang-15 + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON PYTEST_ARGS: --ignore=tests/test_kat_all.py - - name: jammy-std-openssl3 + - name: noble-shared-noopenssl runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-jammy:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD -DBUILD_SHARED_LIBS=ON - PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: jammy-std-openssl3-dlopen + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DBUILD_SHARED_LIBS=ON -DOQS_USE_OPENSSL=OFF + PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-libjade runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-jammy:latest - CMAKE_ARGS: -DOQS_STRICT_WARNINGS=ON -DOQS_ALGS_ENABLED=STD -DBUILD_SHARED_LIBS=ON -DOQS_DLOPEN_OPENSSL=ON - PYTEST_ARGS: --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - name: address-sanitizer + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_LIBJADE_BUILD=ON -DOQS_MINIMAL_BUILD=$LIBJADE_ALG_LIST + PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-libjade-nodistbuild runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --maxprocesses=10 - - name: address-sanitizer-no-stfl-key-sig-gen + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_LIBJADE_BUILD=ON -DOQS_MINIMAL_BUILD=$LIBJADE_ALG_LIST -DOQS_DIST_BUILD=OFF + PYTEST_ARGS: --ignore=tests/test_kat_all.py + - name: noble-libjade-generic runner: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - CMAKE_ARGS: -DCMAKE_C_COMPILER=clang-9 -DCMAKE_BUILD_TYPE=Debug -DUSE_SANITIZER=Address -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_distbuild.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py --maxprocesses=10 + container: openquantumsafe/ci-ubuntu-latest:latest + CMAKE_ARGS: -DOQS_LIBJADE_BUILD=ON -DOQS_MINIMAL_BUILD=$LIBJADE_ALG_LIST -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic + PYTEST_ARGS: --ignore=tests/test_kat_all.py runs-on: ${{ matrix.runner }} container: image: ${{ matrix.container }} @@ -199,7 +90,7 @@ jobs: - name: Checkout code uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - name: Configure - run: mkdir build && cd build && cmake -GNinja ${{ matrix.CMAKE_ARGS }} .. && cmake -LA -N .. + run: mkdir build && cd build && cmake -GNinja -DOQS_STRICT_WARNINGS=ON ${{ matrix.CMAKE_ARGS }} .. && cmake -LA -N .. - name: Build run: ninja working-directory: build @@ -220,180 +111,3 @@ jobs: if: matrix.name == 'jammy-std-openssl3' run: 'tests/dump_alg_info | grep -zoP "ML-DSA-44:\n isnull: false" && tests/dump_alg_info | grep -zoP "ML-DSA-44-ipd:\n isnull: true" && tests/dump_alg_info | grep -zoP "ML-KEM-512:\n isnull: false" && tests/dump_alg_info | grep -zoP "ML-KEM-512-ipd:\n isnull: true"' working-directory: build - - linux_arm_emulated: - needs: buildcheck - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - include: - - name: armhf - ARCH: armhf - CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - - name: armhf-no-stfl-key-sig-gen - ARCH: armhf - CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=OFF -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - PYTEST_ARGS: --ignore=tests/test_alg_info.py --ignore=tests/test_kat_all.py - # no longer supporting armel - # - name: armel - # ARCH: armel - # CMAKE_ARGS: -DOQS_ENABLE_SIG_SPHINCS=OFF -DOQS_USE_OPENSSL=OFF -DOQS_DIST_BUILD=OFF -DOQS_OPT_TARGET=generic - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Install the emulation handlers - run: docker run --rm --privileged multiarch/qemu-user-static:register --reset - - name: Build in an x86_64 container - run: | - docker run --rm \ - -v `pwd`:`pwd` \ - -w `pwd` \ - openquantumsafe/ci-debian-buster-amd64:latest /bin/bash \ - -c "mkdir build && \ - (cd build && \ - cmake .. -GNinja ${{ matrix.CMAKE_ARGS }} \ - -DCMAKE_TOOLCHAIN_FILE=../.CMake/toolchain_${{ matrix.ARCH }}.cmake && \ - cmake -LA -N .. && \ - ninja)" - - name: Run the tests in an ${{ matrix.ARCH }} container - timeout-minutes: 60 - run: | - docker run --rm -e SKIP_TESTS=style,mem_kem,mem_sig \ - -v `pwd`:`pwd` \ - -w `pwd` \ - openquantumsafe/ci-debian-buster-${{ matrix.ARCH }}:latest /bin/bash \ - -c "mkdir -p tmp && \ - python3 -m pytest --verbose \ - --numprocesses=auto \ - --ignore=tests/test_code_conventions.py ${{ matrix.PYTEST_ARGS }}" - - linux_cross_compile: - needs: buildcheck - runs-on: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - strategy: - fail-fast: false - matrix: - include: - - name: windows-binaries - CMAKE_ARGS: -DCMAKE_TOOLCHAIN_FILE=../.CMake/toolchain_windows-amd64.cmake - - name: windows-dll - CMAKE_ARGS: -DCMAKE_TOOLCHAIN_FILE=../.CMake/toolchain_windows-amd64.cmake -DBUILD_SHARED_LIBS=ON - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Configure - run: mkdir build && cd build && cmake -GNinja ${{ matrix.CMAKE_ARGS }} .. && cmake -LA -N .. - - name: Build - run: ninja - working-directory: build - - macos: - needs: buildcheck - strategy: - fail-fast: false - matrix: - os: - # macos-14 runs on aarch64; the others run on x64 - - macos-12 - - macos-13 - - macos-14 - CMAKE_ARGS: - - -DOQS_HAZARDOUS_EXPERIMENTAL_ENABLE_SIG_STFL_KEY_SIG_GEN=ON -DOQS_ENABLE_SIG_STFL_XMSS=ON -DOQS_ENABLE_SIG_STFL_LMS=ON - - -DCMAKE_C_COMPILER=gcc-13 - - -DOQS_USE_OPENSSL=OFF - - -DBUILD_SHARED_LIBS=ON -DOQS_DIST_BUILD=OFF - libjade-build: - - -DOQS_LIBJADE_BUILD=OFF - # Restrict -DOQS_LIBJADE_BUILD=ON build to algs provided by - # libjade to minimise repeated tests - - -DOQS_LIBJADE_BUILD=ON -DOQS_MINIMAL_BUILD=$LIBJADE_ALG_LIST - exclude: - # macos-14 runs on aarch64, libjade targets x86 - # Skip testing libjade on macos-14 - - os: macos-14 - libjade-build: -DOQS_LIBJADE_BUILD=ON -DOQS_MINIMAL_BUILD=$LIBJADE_ALG_LIST - runs-on: ${{ matrix.os }} - steps: - - name: Install Python - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5 - with: - python-version: '3.12' - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Install dependencies - run: env HOMEBREW_NO_AUTO_UPDATE=1 brew install ninja && pip3 install --require-hashes --break-system-packages -r .github/workflows/requirements.txt - - name: Patch GCC - run: env HOMEBREW_NO_AUTO_UPDATE=1 brew uninstall --ignore-dependencies gcc@13 && wget https://raw.githubusercontent.com/Homebrew/homebrew-core/eb6dd225d093b66054e18e07d56509cf670793b1/Formula/g/gcc%4013.rb && env HOMEBREW_NO_AUTO_UPDATE=1 brew install --ignore-dependencies --formula gcc@13.rb - - name: Get system information - run: sysctl -a | grep machdep.cpu - - name: Configure - run: mkdir -p build && cd build && source ~/.bashrc && cmake -GNinja -DOQS_STRICT_WARNINGS=ON ${{ matrix.CMAKE_ARGS }} ${{ matrix.libjade-build }} .. && cmake -LA -N .. - - name: Build - run: ninja - working-directory: build - - name: Run tests - run: mkdir -p tmp && python3 -m pytest --verbose --ignore=tests/test_code_conventions.py --ignore=tests/test_kat_all.py - timeout-minutes: 60 - - linux_openssl330-dev: - needs: buildcheck - runs-on: ubuntu-latest - container: - image: openquantumsafe/ci-ubuntu-jammy:latest - steps: - - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - - name: Retrieve OpenSSL330 from cache - id: cache-openssl330 - uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # pin@v3 - with: - path: .localopenssl330 - key: ${{ runner.os }}-openssl330 - - name: Checkout the OpenSSL v3.3.0 commit - if: steps.cache-openssl330.outputs.cache-hit != 'true' - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4 - with: - repository: 'openssl/openssl' - ref: 'openssl-3.3.0-beta1' - path: openssl - - name: Prepare the OpenSSL build directory - if: steps.cache-openssl330.outputs.cache-hit != 'true' - run: mkdir .localopenssl330 - working-directory: openssl - - name: Build openssl3 if not cached - if: steps.cache-openssl330.outputs.cache-hit != 'true' - run: | - ./config --prefix=`pwd`/../.localopenssl330 && make -j 4 && make install_sw install_ssldirs - working-directory: openssl - - name: Save OpenSSL - id: cache-openssl-save - if: steps.cache-openssl330.outputs.cache-hit != 'true' - uses: actions/cache/save@e12d46a63a90f2fae62d114769bbf2a179198b5c # pin@v3 - with: - path: | - .localopenssl330 - key: ${{ runner.os }}-openssl330 - - name: Configure - run: mkdir build && cd build && cmake -GNinja -DOQS_STRICT_WARNINGS=ON -DOPENSSL_ROOT_DIR=../.localopenssl330 -DOQS_USE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON -DOQS_USE_AES_OPENSSL=ON -DOQS_USE_SHA2_OPENSSL=ON -DOQS_USE_SHA3_OPENSSL=ON .. && cmake -LA -N .. - - name: Build - run: ninja - working-directory: build - - name: Run tests - timeout-minutes: 60 - run: mkdir -p tmp && python3 -m pytest --verbose --ignore=tests/test_code_conventions.py --ignore=tests/test_leaks.py --ignore=tests/test_kat_all.py - - scan_build: - needs: buildcheck - runs-on: ubuntu-latest - container: openquantumsafe/ci-ubuntu-focal-x86_64:latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Configure - run: mkdir build && cd build && scan-build-15 cmake -GNinja .. - - name: Build - run: scan-build-15 --status-bugs ninja - working-directory: build