Skip to content

Commit b8e52ca

Browse files
padelsbachpadelsbach
committed
Update common build
1 parent 92bcce9 commit b8e52ca

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

47 files changed

+1321
-573
lines changed

.github/workflows/bind9.yml

Lines changed: 40 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,8 @@ name: Bind9 Tests
44
on:
55
push:
66
branches: [ 'master', 'main', 'release/**' ]
7-
#pull_request:
8-
#branches: [ '*' ]
7+
pull_request:
8+
branches: [ '*' ]
99

1010
concurrency:
1111
group: ${{ github.workflow }}-${{ github.ref }}
@@ -18,13 +18,19 @@ jobs:
1818
with:
1919
wolfssl_ref: ${{ matrix.wolfssl_ref }}
2020
openssl_ref: ${{ matrix.openssl_ref }}
21+
replace_default: ${{ matrix.replace_default }}
2122
strategy:
2223
matrix:
2324
wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
2425
openssl_ref: [ 'openssl-3.5.0' ]
26+
replace_default: [ true ]
2527

2628
test_bind:
2729
runs-on: ubuntu-22.04
30+
container:
31+
image: debian:bookworm
32+
env:
33+
DEBIAN_FRONTEND: noninteractive
2834
needs: build_wolfprovider
2935
# This should be a safe limit for the tests to run.
3036
timeout-minutes: 20
@@ -34,36 +40,55 @@ jobs:
3440
bind_ref: [ 'v9.18.28' ]
3541
wolfssl_ref: [ 'master', 'v5.8.0-stable' ]
3642
openssl_ref: [ 'openssl-3.5.0' ]
43+
replace_default: [ true ]
3744
force_fail: ['WOLFPROV_FORCE_FAIL=1', '']
45+
env:
46+
WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages
47+
OPENSSL_PACKAGES_PATH: /tmp/openssl-packages
48+
WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages
3849
steps:
3950
- name: Checkout wolfProvider
4051
uses: actions/checkout@v4
4152
with:
4253
fetch-depth: 1
4354

44-
- name: Retrieving wolfSSL/wolfProvider from cache
55+
- name: Checking OpenSSL/wolfProvider packages in cache
4556
uses: actions/cache/restore@v4
4657
id: wolfprov-cache
4758
with:
4859
path: |
49-
wolfssl-install
50-
wolfprov-install
51-
openssl-install/lib64
52-
openssl-install/include
53-
openssl-install/bin
54-
55-
key: wolfprov-${{ matrix.wolfssl_ref }}-${{ matrix.openssl_ref }}-${{ github.sha }}
60+
${{ env.WOLFSSL_PACKAGES_PATH }}
61+
${{ env.OPENSSL_PACKAGES_PATH }}
62+
${{ env.WOLFPROV_PACKAGES_PATH }}
63+
key: openssl-wolfprov-debian-packages-${{ github.sha }}${{ matrix.replace_default && '-replace-default' || '' }}
5664
fail-on-cache-miss: true
5765

66+
- name: Install wolfSSL/OpenSSL/wolfprov packages
67+
run: |
68+
printf "Installing OpenSSL/wolfProvider packages:\n"
69+
ls -la ${{ env.WOLFSSL_PACKAGES_PATH }}
70+
ls -la ${{ env.OPENSSL_PACKAGES_PATH }}
71+
ls -la ${{ env.WOLFPROV_PACKAGES_PATH }}
72+
73+
apt install --reinstall -y \
74+
${{ env.WOLFSSL_PACKAGES_PATH }}/libwolfssl_*.deb
75+
76+
apt install --reinstall -y \
77+
${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \
78+
${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \
79+
${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb
80+
81+
apt install --reinstall -y \
82+
${{ env.WOLFPROV_PACKAGES_PATH }}/libwolfprov_*.deb
83+
5884
- name: Install bind9 test dependencies
5985
run: |
60-
export DEBIAN_FRONTEND=noninteractive
61-
sudo apt-get update
62-
sudo apt install -y build-essential automake libtool gnutls-bin \
86+
apt-get update
87+
apt install -y build-essential automake libtool gnutls-bin \
6388
pkg-config make libidn2-dev libuv1-dev libnghttp2-dev libcap-dev \
6489
libjemalloc-dev zlib1g-dev libxml2-dev libjson-c-dev libcmocka-dev \
6590
python3-pytest python3-dnspython python3-hypothesis
66-
sudo PERL_MM_USE_DEFAULT=1 cpan -i Net::DNS
91+
PERL_MM_USE_DEFAULT=1 cpan -i Net::DNS
6792
6893
- name: Checkout bind9
6994
uses: actions/checkout@v4
@@ -86,14 +111,11 @@ jobs:
86111
- name: Build and test bind9 with wolfProvider
87112
working-directory: bind9
88113
run: |
89-
# Set up the environment for wolfProvider
90-
source $GITHUB_WORKSPACE/scripts/env-setup
91-
92114
autoreconf -ivf
93115
./configure
94116
make clean
95117
make -j$(nproc)
96-
sudo ./bin/tests/system/ifconfig.sh up
118+
./bin/tests/system/ifconfig.sh up
97119
98120
export ${{ matrix.force_fail }}
99121
make -j$(nproc) check 2>&1 | tee bind9-test.log

.github/workflows/build-wolfprovider.yml

Lines changed: 152 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -9,10 +9,10 @@ on:
99
openssl_ref:
1010
required: true
1111
type: string
12-
outputs:
13-
cache_key:
14-
description: "Cache key for the build artifacts"
15-
value: ${{ jobs.build_wolfprovider_common.outputs.cache_key }}
12+
replace_default:
13+
required: false
14+
type: boolean
15+
default: false
1616

1717
jobs:
1818
build_wolfprovider_common:
@@ -24,14 +24,18 @@ jobs:
2424
env:
2525
DEBIAN_FRONTEND: noninteractive
2626
timeout-minutes: 20
27-
outputs:
28-
cache_key: wolfprov-${{ inputs.wolfssl_ref }}-${{ inputs.openssl_ref }}-${{ github.sha }}
27+
env:
28+
WOLFSSL_PACKAGES_PATH: /tmp/wolfssl-packages
29+
OPENSSL_PACKAGES_PATH: /tmp/openssl-packages
30+
WOLFPROV_PACKAGES_PATH: /tmp/wolfprov-packages
2931
steps:
30-
- name: Set up environment
32+
# Install git prior to cloning to ensure we have the full repo
33+
# TODO: create a docker with these pre-installed
34+
- name: Install common dependencies
3135
run: |
32-
apt-get update
33-
apt-get install -y \
36+
apt-get update && apt-get install -y --no-install-recommends \
3437
build-essential \
38+
ccache \
3539
devscripts \
3640
debhelper \
3741
dh-autoreconf \
@@ -50,75 +54,166 @@ jobs:
5054
expect \
5155
xxd
5256
53-
- name: Ensure the working directory safe
57+
# Experimental: use ccache
58+
- name: Setup ccache
59+
uses: hendrikmuhs/ccache-action@v1.2
60+
id: cc
61+
with:
62+
create-symlink: true
63+
64+
- name: Setup ccache environment variables
5465
run: |
55-
git config --global --add safe.directory "$GITHUB_WORKSPACE"
66+
echo CC=ccache\ gcc >> "$GITHUB_ENV"
67+
echo CXX=ccache\ g++ >> "$GITHUB_ENV"
68+
echo CCACHE_BASEDIR=${GITHUB_WORKSPACE} >> "$GITHUB_ENV"
69+
echo CCACHE_NOHASHDIR=true >> "$GITHUB_ENV"
70+
echo CCACHE_COMPILERCHECK=content >> "$GITHUB_ENV"
71+
echo "CCACHE_DIR=${XDG_CACHE_HOME:-$HOME/.cache}/ccache" >> "$GITHUB_ENV"
72+
mkdir -p "${XDG_CACHE_HOME:-$HOME/.cache}/ccache"
73+
74+
- name: Sanity check ccache routing
75+
run: |
76+
set -x
77+
which -a gcc || true
78+
gcc --version | head -1
79+
ccache --zero-stats
80+
printf 'int main(){return 0;}\n' > t.c
81+
$CC -c t.c
82+
ccache -s
5683
5784
- name: Checkout wolfProvider
5885
uses: actions/checkout@v4
5986
with:
6087
fetch-depth: 1
88+
fetch-tags: true
6189

62-
- name: Fetch tags (for Debian versioning)
90+
# Avoid "detected dubious ownership" warning
91+
- name: Ensure the working directory safe
6392
run: |
64-
git fetch --tags --force --prune
93+
git config --global --add safe.directory "$GITHUB_WORKSPACE"
94+
95+
# When running on a fork the upstream tags are not present, so fetch them explicitly
96+
- name: Fetch tags from upstream(for Debian versioning)
97+
run: |
98+
git remote add upstream https://github.com/wolfSSL/wolfProvider.git || true
99+
git fetch upstream --tags --no-recurse-submodules
100+
101+
# Check for cached wolfSSL packages
102+
- name: Checking wolfSSL packages in cache
103+
uses: actions/cache@v4
104+
continue-on-error: true
105+
id: wolfssl-cache
106+
with:
107+
path: |
108+
${{ env.WOLFSSL_PACKAGES_PATH }}
109+
key: wolfssl-debian-packages-${{ inputs.wolfssl_ref }}
110+
lookup-only: false
65111

66-
- name: Install wolfSSL Debian packages from repo tarball
112+
# TODO: build wolfSSL from repo instead of using tarball, and cache it
113+
# Note: we are ignoring inputs.wolfssl_ref
114+
- name: Unpack wolfSSL packages
115+
if: steps.wolfssl-cache.outputs.cache-hit != 'true'
67116
run: |
68-
mkdir -p "/tmp/wolfssl-pkg"
69-
chmod +x $GITHUB_WORKSPACE/debian/install-wolfssl.sh
70117
$GITHUB_WORKSPACE/debian/install-wolfssl.sh \
71118
$GITHUB_WORKSPACE/.github/packages/debian-wolfssl.tar.gz \
72-
"/tmp/wolfssl-pkg"
119+
${{ env.WOLFSSL_PACKAGES_PATH }}
120+
mv ${{ env.WOLFSSL_PACKAGES_PATH }}/debian-packages/* ${{ env.WOLFSSL_PACKAGES_PATH }}
73121
74-
# Stage wolfSSL debs into artifacts directory
75-
mkdir -p "/tmp/wolfprov-packages"
76-
echo "Moving wolfssl files to artifacts directory..."
77-
78-
find /tmp/wolfssl-pkg -name "*wolfssl*" -type f -name "*.deb" -exec cp {} /tmp/wolfprov-packages/ \;
79-
find /tmp/wolfssl-pkg -name "*wolfssl*" -type f -name "*.dsc" -exec cp {} /tmp/wolfprov-packages/ \;
80-
find /tmp/wolfssl-pkg -name "*wolfssl*" -type f -name "*.tar.gz" -exec cp {} /tmp/wolfprov-packages/ \;
81-
find /tmp/wolfssl-pkg -name "*wolfssl*" -type f -name "*.orig.tar.gz" -exec cp {} /tmp/wolfprov-packages/ \;
122+
- name: Install wolfSSL packages from cache
123+
run: |
124+
printf "Installing wolfSSL packages:\n"
125+
ls -la ${{ env.WOLFSSL_PACKAGES_PATH }}
126+
apt install --reinstall -y ${{ env.WOLFSSL_PACKAGES_PATH }}/*wolfssl*.deb
127+
128+
# Check for cached OpenSSL packages
129+
- name: Checking OpenSSL packages in cache
130+
uses: actions/cache@v4
131+
id: openssl-cache
132+
continue-on-error: true
133+
with:
134+
path: |
135+
${{ env.OPENSSL_PACKAGES_PATH }}
136+
key: openssl-debian-packages-${{ inputs.openssl_ref }}${{ inputs.replace_default && '-replace-default' || '' }}
137+
lookup-only: false
82138

83-
- name: Build Debian packages (wolfProvider + OpenSSL)
139+
# Install OpenSSL packages from cache if available
140+
- name: Install OpenSSL packages from cache
141+
if: steps.openssl-cache.outputs.cache-hit == 'true'
84142
run: |
85-
yes Y | ./scripts/build-wolfprovider.sh --debian
143+
printf "Installing OpenSSL packages from cache:\n"
144+
ls -la ${{ env.OPENSSL_PACKAGES_PATH }}
145+
apt install --reinstall -y \
146+
${{ env.OPENSSL_PACKAGES_PATH }}/openssl_*.deb \
147+
${{ env.OPENSSL_PACKAGES_PATH }}/libssl3_*.deb \
148+
${{ env.OPENSSL_PACKAGES_PATH }}/libssl-dev_*.deb
86149
87-
echo "Generated packages in parent dir:"
88-
ls -la ../ || true
89-
ls -la ../*.deb ../*.dsc ../*.tar.gz 2>/dev/null || true
150+
- name: Build wolfProvider
151+
run: |
152+
WOLFSSL_TAG=${{ inputs.wolfssl_ref }} OPENSSL_TAG=${{ inputs.openssl_ref }} \
153+
yes "Y" | $GITHUB_WORKSPACE/scripts/build-wolfprovider.sh --debian \
154+
${{ inputs.replace_default && '--replace-default' || '' }}
90155
91-
- name: Collect package artifacts
156+
- name: Setup packages directory
92157
run: |
93-
mkdir -p "/tmp/wolfprov-packages"
94-
mv ../*.deb /tmp/wolfprov-packages/ 2>/dev/null || true
95-
mv ../*.dsc /tmp/wolfprov-packages/ 2>/dev/null || true
96-
mv ../*.tar.gz /tmp/wolfprov-packages/ 2>/dev/null || true
97-
echo "Artifacts to upload:"
98-
ls -la /tmp/wolfprov-packages || true
99-
100-
- name: Upload wolfSSL packages
101-
uses: actions/upload-artifact@v4
158+
printf "Listing parent directory:\n"
159+
ls -la $GITHUB_WORKSPACE/../
160+
161+
printf "Creating packages directory: ${{ env.WOLFPROV_PACKAGES_PATH }}\n"
162+
mkdir -p ${{ env.WOLFPROV_PACKAGES_PATH }}
163+
mkdir -p ${{ env.WOLFSSL_PACKAGES_PATH }}
164+
mkdir -p ${{ env.OPENSSL_PACKAGES_PATH }}
165+
cp $GITHUB_WORKSPACE/../*.deb ${{ env.WOLFSSL_PACKAGES_PATH }}
166+
cp $GITHUB_WORKSPACE/../*.dsc ${{ env.WOLFSSL_PACKAGES_PATH }}
167+
cp $GITHUB_WORKSPACE/../*.tar.gz ${{ env.WOLFSSL_PACKAGES_PATH }}
168+
cp $GITHUB_WORKSPACE/../*.deb ${{ env.OPENSSL_PACKAGES_PATH }}
169+
cp $GITHUB_WORKSPACE/../*.dsc ${{ env.OPENSSL_PACKAGES_PATH }}
170+
cp $GITHUB_WORKSPACE/../*.tar.gz ${{ env.OPENSSL_PACKAGES_PATH }}
171+
cp $GITHUB_WORKSPACE/../*.deb ${{ env.WOLFPROV_PACKAGES_PATH }}
172+
cp $GITHUB_WORKSPACE/../*.dsc ${{ env.WOLFPROV_PACKAGES_PATH }}
173+
cp $GITHUB_WORKSPACE/../*.tar.gz ${{ env.WOLFPROV_PACKAGES_PATH }}
174+
175+
printf "Listing packages directory:\n"
176+
ls -la ${{ env.WOLFPROV_PACKAGES_PATH }}
177+
ls -la ${{ env.WOLFSSL_PACKAGES_PATH }}
178+
ls -la ${{ env.OPENSSL_PACKAGES_PATH }}
179+
180+
- name: Save to cache
181+
uses: actions/cache/save@v4
182+
continue-on-error: true
102183
with:
103-
name: wolfssl-debian-packages-${{ github.sha }}
104184
path: |
105-
/tmp/wolfprov-packages/*wolfssl*.deb
106-
retention-days: 7
185+
${{ env.WOLFSSL_PACKAGES_PATH }}
186+
${{ env.OPENSSL_PACKAGES_PATH }}
187+
${{ env.WOLFPROV_PACKAGES_PATH }}
188+
key: openssl-wolfprov-debian-packages-${{ github.sha }}${{ inputs.replace_default && '-replace-default' || '' }}
107189

108-
- name: Upload OpenSSL/wolfProvider packages
190+
# Save all packages in a single artifact for consumers
191+
# TODO: support debug builds
192+
- name: Upload wolfProvider artifacts
109193
uses: actions/upload-artifact@v4
194+
continue-on-error: true
110195
with:
111-
name: openssl-wolfprov-debian-packages-${{ github.sha }}
196+
name: openssl-wolfprov-debian-packages-${{ github.sha }}${{ inputs.replace_default && '-replace-default' || '' }}
112197
path: |
113-
/tmp/wolfprov-packages/*openssl*.deb
114-
/tmp/wolfprov-packages/*libssl3*.deb
115-
/tmp/wolfprov-packages/*libssl-dev*.deb
116-
/tmp/wolfprov-packages/*libwolfprov*.deb
117-
retention-days: 7
118-
119-
- name: Print errors
120-
if: ${{ failure() }}
121-
run: |
122-
if [ -f test-suite.log ] ; then
123-
cat test-suite.log
124-
fi
198+
${{ env.WOLFSSL_PACKAGES_PATH }}/*.deb
199+
${{ env.WOLFSSL_PACKAGES_PATH }}/*.dsc
200+
${{ env.WOLFSSL_PACKAGES_PATH }}/*.tar.gz
201+
${{ env.OPENSSL_PACKAGES_PATH }}/*.deb
202+
${{ env.OPENSSL_PACKAGES_PATH }}/*.dsc
203+
${{ env.OPENSSL_PACKAGES_PATH }}/*.tar.gz
204+
${{ env.WOLFPROV_PACKAGES_PATH }}/*.deb
205+
${{ env.WOLFPROV_PACKAGES_PATH }}/*.dsc
206+
${{ env.WOLFPROV_PACKAGES_PATH }}/*.tar.gz
207+
retention-days: 1
208+
209+
# TODO: upload wolfSSL artifacts, after building
210+
# - name: Upload wolfSSL artifacts
211+
# uses: actions/upload-artifact@v4
212+
# with:
213+
# name: wolfssl-debian-packages-${{ inputs.wolfssl_ref }}
214+
# path: |
215+
# ${{ env.WOLFPROV_PACKAGES_PATH }}/*wolfssl*.deb
216+
# ${{ env.WOLFPROV_PACKAGES_PATH }}/*wolfssl*.dsc
217+
# ${{ env.WOLFPROV_PACKAGES_PATH }}/*wolfssl*.tar.gz
218+
# retention-days: 1
219+

0 commit comments

Comments
 (0)