name: Run Securesystemslib tests on: push: branches: - main pull_request: workflow_dispatch: permissions: {} jobs: build: strategy: fail-fast: false # Run tests on each OS/Python combination matrix: python-version: ["3.8", "3.9", "3.10", "3.11"] os: [ubuntu-latest, macos-latest, windows-latest] toxenv: [py] include: - python-version: "3.11" os: ubuntu-latest toxenv: purepy311 - python-version: "3.11" os: ubuntu-latest toxenv: py311-no-gpg - python-version: "3.11" os: ubuntu-latest toxenv: py311-test-gpg-fails - python-version: "3.11" os: ubuntu-latest toxenv: lint runs-on: ${{ matrix.os }} steps: - name: Checkout securesystemslib uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 with: python-version: ${{ matrix.python-version }} cache: "pip" cache-dependency-path: "requirements*.txt" - name: Install dependencies run: | python -m pip install --upgrade pip pip install --upgrade tox - name: Install system dependencies shell: bash run: | # NOTE: HSM tests are skipped silently, if PYKCS11LIB is unset. if [ "$RUNNER_OS" == "Linux" ]; then sudo apt-get install -y softhsm2 echo "PYKCS11LIB=/usr/lib/softhsm/libsofthsm2.so" >> $GITHUB_ENV elif [ "$RUNNER_OS" == "macOS" ]; then brew install softhsm echo "PYKCS11LIB=$(brew --prefix softhsm)/lib/softhsm/libsofthsm2.so" >> $GITHUB_ENV elif [ "$RUNNER_OS" == "Windows" ]; then echo "Skipping HSM tests on Windows" # see https://github.com/secure-systems-lab/securesystemslib/issues/520 else echo "$RUNNER_OS not supported" exit 1 fi - name: Run tox run: tox -e ${{ matrix.toxenv }}