python · WillChilds-Klein · Jul 14, 2025 · Jul 14, 2025 · Jul 14, 2025 · Jul 14, 2025
@@ -260,84 +260,28 @@ jobs:
       free-threading: ${{ matrix.free-threading }}
       os: ${{ matrix.os }}
 
-  build-ubuntu-ssltests-openssl:
-    name: 'Ubuntu SSL tests with OpenSSL'
+  build-ubuntu-ssltests:
+    name: 'Ubuntu SSL tests'
     runs-on: ${{ matrix.os }}
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-24.04
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-24.04
     timeout-minutes: 60
     needs: build-context
     if: needs.build-context.outputs.run-tests == 'true'
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-24.04]
-        openssl_ver: [3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.1]
+        include:
+          - { os: ubuntu-24.04, ssl: openssl, ssl_ver: 3.0.16 }
+          - { os: ubuntu-24.04, ssl: openssl, ssl_ver: 3.1.8 }
+          - { os: ubuntu-24.04, ssl: openssl, ssl_ver: 3.2.4 }
+          - { os: ubuntu-24.04, ssl: openssl, ssl_ver: 3.3.3 }
+          - { os: ubuntu-24.04, ssl: openssl, ssl_ver: 3.4.1 }
+          - { os: ubuntu-24.04, ssl: awslc,  ssl_ver: 1.55.0 }
         # See Tools/ssl/make_ssl_data.py for notes on adding a new version
     env:
-      OPENSSL_VER: ${{ matrix.openssl_ver }}
-      MULTISSL_DIR: ${{ github.workspace }}/multissl
-      OPENSSL_DIR: ${{ github.workspace }}/multissl/openssl/${{ matrix.openssl_ver }}
-      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/openssl/${{ matrix.openssl_ver }}/lib
-    steps:
-    - uses: actions/checkout@v4
-      with:
-        persist-credentials: false
-    - name: Runner image version
-      run: echo "IMAGE_OS_VERSION=${ImageOS}-${ImageVersion}" >> "$GITHUB_ENV"
-    - name: Restore config.cache
-      uses: actions/cache@v4
-      with:
-        path: config.cache
-        key: ${{ github.job }}-${{ env.IMAGE_OS_VERSION }}-${{ needs.build-context.outputs.config-hash }}
-    - name: Register gcc problem matcher
-      run: echo "::add-matcher::.github/problem-matchers/gcc.json"
-    - name: Install dependencies
-      run: sudo ./.github/workflows/posix-deps-apt.sh
-    - name: Configure OpenSSL env vars
-      run: |
-        echo "MULTISSL_DIR=${GITHUB_WORKSPACE}/multissl" >> "$GITHUB_ENV"
-        echo "OPENSSL_DIR=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}" >> "$GITHUB_ENV"
-        echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/openssl/${OPENSSL_VER}/lib" >> "$GITHUB_ENV"
-    - name: 'Restore OpenSSL build'
-      id: cache-openssl
-      uses: actions/cache@v4
-      with:
-        path: ./multissl/openssl/${{ env.OPENSSL_VER }}
-        key: ${{ matrix.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
-    - name: Install OpenSSL
-      if: steps.cache-openssl.outputs.cache-hit != 'true'
-      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
-    - name: Add ccache to PATH
-      run: |
-        echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
-    - name: Configure ccache action
-      uses: hendrikmuhs/[email protected]
-      with:
-        save: false
-    - name: Configure CPython
-      run: ./configure CFLAGS="-fdiagnostics-format=json" --config-cache --enable-slower-safety --with-pydebug --with-openssl="$OPENSSL_DIR"
-    - name: Build CPython
-      run: make -j4
-    - name: Display build info
-      run: make pythoninfo
-    - name: SSL tests
-      run: ./python Lib/test/ssltests.py
-
-  build-ubuntu-ssltests-awslc:
-    name: 'Ubuntu SSL tests with AWS-LC'
-    runs-on: ${{ matrix.os }}
-    timeout-minutes: 60
-    needs: build-context
-    if: needs.build-context.outputs.run-tests == 'true'
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [ubuntu-24.04]
-        awslc_ver: [1.55.0]
-    env:
-      AWSLC_VER: ${{ matrix.awslc_ver}}
+      SSL_VER: ${{ matrix.ssl_ver }}
       MULTISSL_DIR: ${{ github.workspace }}/multissl
-      OPENSSL_DIR: ${{ github.workspace }}/multissl/aws-lc/${{ matrix.awslc_ver }}
-      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/aws-lc/${{ matrix.awslc_ver }}/lib
+      SSL_DIR: ${{ github.workspace }}/multissl/${{ matrix.ssl }}/${{ matrix.ssl_ver }}
+      LD_LIBRARY_PATH: ${{ github.workspace }}/multissl/${{ matrix.ssl }}/${{ matrix.ssl_ver }}/lib
     steps:
     - uses: actions/checkout@v4
       with:
@@ -356,22 +300,18 @@ jobs:
     - name: Configure SSL lib env vars
       run: |
         echo "MULTISSL_DIR=${GITHUB_WORKSPACE}/multissl" >> "$GITHUB_ENV"
-        echo "OPENSSL_DIR=${GITHUB_WORKSPACE}/multissl/aws-lc/${AWSLC_VER}" >> "$GITHUB_ENV"
-        echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/aws-lc/${AWSLC_VER}/lib" >> "$GITHUB_ENV"
-    - name: 'Restore AWS-LC build'
-      id: cache-aws-lc
+        echo "SSL_DIR=${GITHUB_WORKSPACE}/multissl/${{ matrix.ssl }}/${SSL_VER}" >> "$GITHUB_ENV"
+        echo "LD_LIBRARY_PATH=${GITHUB_WORKSPACE}/multissl/${{ matrix.ssl }}/${SSL_VER}/lib" >> "$GITHUB_ENV"
+    - name: 'Restore SSL build'
+      id: cache-ssl
       uses: actions/cache@v4
       with:
-        path: ./multissl/aws-lc/${{ matrix.awslc_ver }}
-        key: ${{ matrix.os }}-multissl-aws-lc-${{ matrix.awslc_ver }}
-    - name: Install AWS-LC
-      if: steps.cache-aws-lc.outputs.cache-hit != 'true'
+        path: ./multissl/${{ env.SSL }}/${{ env.SSL_VER }}
+        key: ${{ matrix.os }}-multissl-${{ env.SSL }}-${{ env.SSL_VER }}
+    - name: Install SSL
+      if: steps.cache-ssl.outputs.cache-hit != 'true'
       run: |
-        python3 Tools/ssl/multissltests.py \
-          --steps=library \
-          --base-directory "$MULTISSL_DIR" \
-          --awslc ${{ matrix.awslc_ver }} \
-          --system Linux
+        python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --system Linux --ssl ${{ matrix.ssl }} --ssl-versions ${{ matrix.ssl_ver }}
     - name: Add ccache to PATH
       run: |
         echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
@@ -381,18 +321,18 @@ jobs:
         save: false
     - name: Configure CPython
       run: |
-        ./configure CFLAGS="-fdiagnostics-format=json" \
-          --config-cache \
-          --enable-slower-safety \
-          --with-pydebug \
-          --with-openssl="$OPENSSL_DIR" \
-          --with-builtin-hashlib-hashes=blake2 \
-          --with-ssl-default-suites=openssl
+        CMD=(./configure CFLAGS="-fdiagnostics-format=json" --config-cache --enable-slower-safety --with-pydebug --with-openssl="$SSL_DIR")
+        if [ "${{ matrix.ssl }}" = "openssl" ]; then
+          "${CMD[@]}"
+        else
+          "${CMD[@]}" --with-builtin-hashlib-hashes=blake2 --with-ssl-default-suites=openssl
+        fi
     - name: Build CPython
-      run: make -j
+      run: make -j4
     - name: Display build info
       run: make pythoninfo
     - name: Verify python is linked to AWS-LC
+      if: matrix.ssl == 'aws-lc'
       run: ./python -c 'import ssl; print(ssl.OPENSSL_VERSION)' | grep AWS-LC
     - name: SSL tests
       run: ./python Lib/test/ssltests.py
@@ -435,7 +375,7 @@ jobs:
         key: ${{ runner.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
     - name: Install OpenSSL
       if: steps.cache-openssl.outputs.cache-hit != 'true'
-      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
+      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --ssl 'openssl' --ssl-versions "$OPENSSL_VER" --system Linux
     - name: Add ccache to PATH
       run: |
         echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
@@ -567,7 +507,7 @@ jobs:
         key: ${{ matrix.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
     - name: Install OpenSSL
       if: steps.cache-openssl.outputs.cache-hit != 'true'
-      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
+      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --ssl 'openssl' --ssl-versions "$OPENSSL_VER" --system Linux
     - name: Add ccache to PATH
       run: |
         echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"
@@ -703,8 +643,7 @@ jobs:
     - build-windows-msi
     - build-macos
     - build-ubuntu
-    - build-ubuntu-ssltests-awslc
-    - build-ubuntu-ssltests-openssl
+    - build-ubuntu-ssltests
     - build-wasi
     - test-hypothesis
     - build-asan
@@ -719,8 +658,7 @@ jobs:
       with:
         allowed-failures: >-
           build-windows-msi,
-          build-ubuntu-ssltests-awslc,
-          build-ubuntu-ssltests-openssl,
+          build-ubuntu-ssltests,
           test-hypothesis,
           cifuzz,
         allowed-skips: >-
@@ -738,8 +676,7 @@ jobs:
             check-generated-files,
             build-macos,
             build-ubuntu,
-            build-ubuntu-ssltests-awslc,
-            build-ubuntu-ssltests-openssl,
+            build-ubuntu-ssltests,
             build-wasi,
             test-hypothesis,
             build-asan,

@@ -60,7 +60,7 @@ jobs:
         key: ${{ inputs.os }}-multissl-openssl-${{ env.OPENSSL_VER }}
     - name: Install OpenSSL
       if: steps.cache-openssl.outputs.cache-hit != 'true'
-      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --openssl "$OPENSSL_VER" --system Linux
+      run: python3 Tools/ssl/multissltests.py --steps=library --base-directory "$MULTISSL_DIR" --ssl openssl --ssl-versions "$OPENSSL_VER" --system Linux
     - name: Add ccache to PATH
       run: |
         echo "PATH=/usr/lib/ccache:$PATH" >> "$GITHUB_ENV"