You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Any change introduced to liboqs could have an adverse impact on the downstream projects. This issue is to discuss whether we should add CI to liboqs to automatically check this (doesn't) happen -- and to discuss which downstream projects to use for that purpose.
Worked examples:
liboqs adds a library dependency. The PR CI could trigger a run to build and test (main branch of) oqsprovider on the liboqs PR branch/with this new dependency. If it passes, all is good.
liboqs adds new algorithms/changes KATs. The PR CI could trigger a run to build and test a designated "prerelease" branch of oqsprovider: If it passes, all is good, the liboqs PR can merge and the downstream "prerelease" branch can be moved into a PR (that is guaranteed to pass): This would automate to quite some degree the currently manually executed "need to have downstream PRs ready if changing KATs (or other possibly breaking changes) in liboqs" "dance".
So the proposed logic for this new CI would be as such:
Iterate through all designated "important" downstream projects
If project has a "prerelease" branch use that, otherwise use "main" branch...
... to build-and-test with the current liboqs PR branch
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Open Quantum Safe
-
Any change introduced to
liboqscould have an adverse impact on the downstream projects. This issue is to discuss whether we should add CI toliboqsto automatically check this (doesn't) happen -- and to discuss which downstream projects to use for that purpose.Worked examples:
liboqsadds a library dependency. The PR CI could trigger a run to build and test (main branch of)oqsprovideron theliboqsPR branch/with this new dependency. If it passes, all is good.liboqsadds new algorithms/changes KATs. The PR CI could trigger a run to build and test a designated "prerelease" branch ofoqsprovider: If it passes, all is good, theliboqsPR can merge and the downstream "prerelease" branch can be moved into a PR (that is guaranteed to pass): This would automate to quite some degree the currently manually executed "need to have downstream PRs ready if changing KATs (or other possibly breaking changes) in liboqs" "dance".So the proposed logic for this new CI would be as such:
liboqsPR branchDesirable? Doable? Feedback welcome!
Beta Was this translation helpful? Give feedback.
All reactions