Skip to content

Commit e7bfb30

Browse files
simo5simo5
committed
Use separate OpenSSL sources for fips and static
Modify the GitHub Actions build workflow to check out different OpenSSL sources depending on the linking type. FIPS builds now use a specific fork and branch (`simo5/openssl@kryoptic_ossl35`) required for the FIPS provider. Static builds are updated to use the official OpenSSL repository's master branch. Previously, both build types used the same FIPS-specific branch. Signed-off-by: Simo Sorce <simo@redhat.com>
1 parent 51103ad commit e7bfb30

File tree

1 file changed

+21
-4
lines changed

1 file changed

+21
-4
lines changed

.github/workflows/build.yml

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,8 @@ on:
88
branches: ["main"]
99

1010
env:
11-
OPENSSL_BRANCH: kryoptic_ossl35
11+
OPENSSL_FIPS_BRANCH: kryoptic_ossl35
12+
OPENSSL_STATIC_BRANCH: master
1213

1314
jobs:
1415
build:
@@ -69,14 +70,30 @@ jobs:
6970
- name: Checkout Repository
7071
uses: actions/checkout@v4
7172

72-
- name: Setup OpenSSL
73-
if: ${{ matrix.linking == 'fips' || matrix.linking == 'static' }}
73+
- name: Setup OpenSSL (fips)
74+
if: ${{ matrix.linking == 'fips' }}
7475
id: ossl-setup
7576
run: |
7677
git config --global --add safe.directory /__w/kryoptic
7778
cd ..
7879
git clone https://github.com/simo5/openssl.git \
79-
--single-branch --branch $OPENSSL_BRANCH openssl
80+
--single-branch --branch $OPENSSL_FIPS_BRANCH openssl
81+
cd openssl
82+
echo "KRYOPTIC_OPENSSL_SOURCES=$PWD" >> "$GITHUB_ENV"
83+
OS=${{ runner.os }}
84+
if [ "${{ matrix.name }}" = "i686" ]; then
85+
OS="${OS}-i686"
86+
fi
87+
echo "cacheid=${OS}-ossl-$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT"
88+
89+
- name: Setup OpenSSL (static)
90+
if: ${{ matrix.linking == 'static' }}
91+
id: ossl-setup
92+
run: |
93+
git config --global --add safe.directory /__w/kryoptic
94+
cd ..
95+
git clone https://github.com/openssl/openssl.git \
96+
--single-branch --branch $OPENSSL_STATIC_BRANCH openssl
8097
cd openssl
8198
echo "KRYOPTIC_OPENSSL_SOURCES=$PWD" >> "$GITHUB_ENV"
8299
OS=${{ runner.os }}

0 commit comments

Comments
 (0)