update ci/cd pipeline

2026-01-10 23:27:56 -05:00 · 2024-12-18 13:56:10 +01:00
parent 307b468489
commit ea6163d5bf
4 changed files with 37 additions and 18 deletions
--- a/.github/workflows/action.yml
+++ b/.github/workflows/action.yml
@@ -4,6 +4,7 @@ on:
    branches:
      - dev
      - main
+      - openpassportv2
    paths:
      - 'circuits/**'
      - 'common/**'
@@ -11,6 +12,7 @@ on:
    branches:
      - dev
      - main
+      - openpassportv2
    paths:
      - 'circuits/**'
      - 'common/**'
@@ -59,6 +61,8 @@ jobs:

      - name: Run Tests (Circuits)
        working-directory: ./circuits
+        env:
+          FULL_TEST_SUITE: ${{ github.ref == 'refs/heads/main' || github.ref == 'refs/heads/openpassportv2' }}
        run: yarn test

      - name: Run Tests (Common)
--- a/circuits/tests/dsc.test.ts
+++ b/circuits/tests/dsc.test.ts
@@ -14,12 +14,19 @@ import { max_cert_bytes } from '../../common/src/constants/constants';
 import { getCircuitName } from '../../common/src/utils/certificates/handleCertificate';

 const sigAlgs = [
+  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' },
+];
+
+const fullSigAlgs = [
  { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '4096' },
  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' },
  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' },
 ];

-sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
+// Use environment variable to determine which test suite to run
+const testSuite = process.env.FULL_TEST_SUITE === 'true' ? fullSigAlgs : sigAlgs;
+
+testSuite.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
  describe(`DSC chain certificate - ${hashFunction.toUpperCase()} ${sigAlg.toUpperCase()}`, function () {
    this.timeout(0); // Disable timeout
    let circuit;
--- a/circuits/tests/prove.test.ts
+++ b/circuits/tests/prove.test.ts
@@ -12,20 +12,28 @@ import { SMT } from '@openpassport/zk-kit-smt';
 import namejson from '../../common/ofacdata/outputs/nameSMT.json';

 const sigAlgs = [
-  { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' },
-  // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '2048' },
-  // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '2048' },
-  // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
-  // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' },
-  // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '4096' },
-  // { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' },
-  // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' },
-  // { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
-  // { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' },
-  // { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' },
+  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
+  { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
 ];

-sigAlgs.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
+const fullSigAlgs = [
+  { sigAlg: 'rsa', hashFunction: 'sha1', domainParameter: '65537', keyLength: '2048' },
+  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '2048' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '2048' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '65537', keyLength: '4096' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '4096' },
+  { sigAlg: 'rsapss', hashFunction: 'sha256', domainParameter: '3', keyLength: '3072' },
+  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '3', keyLength: '2048' },
+  { sigAlg: 'rsa', hashFunction: 'sha256', domainParameter: '65537', keyLength: '3072' },
+  { sigAlg: 'ecdsa', hashFunction: 'sha256', domainParameter: 'secp256r1', keyLength: '256' },
+  { sigAlg: 'ecdsa', hashFunction: 'sha1', domainParameter: 'secp256r1', keyLength: '256' },
+];
+
+const testSuite = process.env.FULL_TEST_SUITE === 'true' ? fullSigAlgs : sigAlgs;
+
+testSuite.forEach(({ sigAlg, hashFunction, domainParameter, keyLength }) => {
  describe(`Prove - ${hashFunction.toUpperCase()} ${sigAlg.toUpperCase()} ${domainParameter} ${keyLength}`, function () {
    this.timeout(0);
    let circuit: any;
--- a/circuits/tests/utils/rsaPkcs1v1_5.test.ts
+++ b/circuits/tests/utils/rsaPkcs1v1_5.test.ts
@@ -6,13 +6,13 @@ import { SignatureAlgorithm } from '../../../common/src/utils/types';

 describe('VerifyRsaPkcs1v1_5 Circuit Test', function () {
  this.timeout(0);
-
+  /** Some tests are disabled to avoid overloading the CI/CD pipeline - the commented rsa verifications will however be tested in prove.test.ts and dsc.test.ts **/
  const rsaAlgorithms: SignatureAlgorithm[] = [
-    'rsa_sha1_65537_2048',
-    'rsa_sha256_65537_2048',
+    // 'rsa_sha1_65537_2048',
+    // 'rsa_sha256_65537_2048',
    'rsa_sha256_3_2048',
-    'rsa_sha256_65537_3072',
-    'rsa_sha256_65537_4096',
+    // 'rsa_sha256_65537_3072',
+    // 'rsa_sha256_65537_4096',
    'rsa_sha512_65537_4096',
  ];