kms: add support for MinKMS and remove some unused/broken code #59
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: FIPS Build Test | |
on: | |
pull_request: | |
branches: | |
- master | |
- next | |
# This ensures that previous jobs for the PR are canceled when the PR is | |
# updated. | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
jobs: | |
build: | |
name: Go BoringCrypto ${{ matrix.go-version }} on ${{ matrix.os }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: | |
go-version: [1.21.x] | |
os: [ubuntu-latest] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go-version }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Setup dockerfile for build test | |
run: | | |
GO_VERSION=$(go version | cut -d ' ' -f 3 | sed 's/go//') | |
echo Detected go version $GO_VERSION | |
cat > Dockerfile.fips.test <<EOF | |
FROM golang:${GO_VERSION} | |
COPY . /minio | |
WORKDIR /minio | |
ENV GOEXPERIMENT=boringcrypto | |
RUN make | |
EOF | |
- name: Build | |
uses: docker/build-push-action@v3 | |
with: | |
context: . | |
file: Dockerfile.fips.test | |
push: false | |
load: true | |
tags: minio/fips-test:latest | |
# This should fail if grep returns non-zero exit | |
- name: Test binary | |
run: | | |
docker run --rm minio/fips-test:latest ./minio --version | |
docker run --rm -i minio/fips-test:latest /bin/bash -c 'go tool nm ./minio | grep FIPS | grep -q FIPS' |