git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-11 12:01:42 +08:00
Code Issues Actions 14 Packages Projects Releases Wiki Activity

CI: fix zizmor 1.9.0 warnings, shellcheck verify CI shell code, fix fallouts

Browse Source 
zizmor 1.9.0 effectively bans using GHA macros within shell script
snippets. Rework them to pass GHA macro values via envs and use those
envs in shell snippets. `${{ env.* }}` macros could be converted
to native env references after making their names shell-compatible.

Envs and shell commands can no longer be used in GHA macro values. Most
cases could be fixed by using literals. Passing quoted values with
spaces combined with other args also doesn't work anymore. This was
replaced by passing them separately.

Despite the initial complications, avoiding GHA macros in scripts does
seems to make the CI code reasonable cleaner. It also makes it possible
to analyze the scripts with shellcheck, finding subtle issues that went
unnoticed till now.

Also:
- un-ignore and fix three existing zizmor `template-injection` issues.
- add script to extract and shellcheck all shell code stored within GHA
  and Circle CI YAML files.
- add CI job to run this script.
- fix shellcheck issues discovered.
- fix minor differences between cmake and autotools FreeBSD jobs.
- merge cmake/autotools FreeBSD jobs to avoid developing unwanted
  differences again.
- fix/sync quote use across shell code.
- replace `$HOME` with `~` or literal where it made sense.
- replace most `brew --prefix` with literals.
- move all curl install tests to the `curl-install*` prefix.
- add missing curl install tests to cygwin/msys/mingw/*bsd.
- pipe to `tar` instead of storing downloads on disk.
- drop unnecessary `PKG_CONFIG_PATH` when building nghttp3.

Ref: https://github.com/curl/curl/actions/runs/15461461371/job/43523546041
Ref: https://github.com/zizmorcore/zizmor/releases/tag/v1.9.0

Follow-up to e522f47986 #17278

Closes #17537
This commit is contained in:
Viktor Szakats 2025-06-05 09:58:34 +02:00
parent ba407ee43d
commit 17a669426f
No known key found for this signature in database
GPG Key ID: B5ABD165E2AEF201
15 changed files with 753 additions and 600 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
.circleci/config.yml
View File

@ -52,11 +52,11 @@ commands:
- run:
command: |
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
WOLFSSL_VER=5.8.0
echo "Installing wolfSSL $WOLFSSL_VER"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VER-stable.tar.gz
tar -xzf v$WOLFSSL_VER-stable.tar.gz
cd wolfssl-$WOLFSSL_VER-stable
WOLFSSL_VERSION=5.8.0
echo "Installing wolfSSL $WOLFSSL_VERSION"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VERSION-stable.tar.gz
tar -xzf v$WOLFSSL_VERSION-stable.tar.gz
cd wolfssl-$WOLFSSL_VERSION-stable
./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl
make install
@ -66,11 +66,11 @@ commands:
- run:
command: |
# renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
WOLFSSH_VER=1.4.19
echo "Installing wolfSSH $WOLFSSH_VER"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VER-stable.tar.gz
tar -xzf v$WOLFSSH_VER-stable.tar.gz
cd wolfssh-$WOLFSSH_VER-stable
WOLFSSH_VERSION=1.4.19
echo "Installing wolfSSH $WOLFSSH_VERSION"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VERSION-stable.tar.gz
tar -xzf v$WOLFSSH_VERSION-stable.tar.gz
cd wolfssh-$WOLFSSH_VERSION-stable
./autogen.sh
./configure --disable-dependency-tracking --with-wolfssl=$HOME/wssl --prefix=$HOME/wssh --enable-scp --enable-sftp --disable-term --disable-examples
make install

30
.github/scripts/shellcheck-ci.sh vendored Executable file
View File

@ -0,0 +1,30 @@
#!/bin/sh
# Copyright (C) Viktor Szakats
#
# SPDX-License-Identifier: curl
# Required: yq
set -eu
export SHELLCHECK_OPTS='--exclude=1090,1091,2086,2153 --enable=avoid-nullary-conditions,deprecate-which'
# GHA
git ls-files '.github/workflows/*.yml' | while read -r f; do
echo "Verifying ${f}..."
{
echo '#!/usr/bin/env bash'
echo 'set -eu'
yq eval '.. | select(has("run") and (.run | type == "!!str")) | .run + "\ntrue\n"' "${f}"
} | sed -E 's|\$\{\{ .+ \}\}|GHA_EXPRESSION|g' | shellcheck -
done
# Circle CI
git ls-files '.circleci/*.yml' | while read -r f; do
echo "Verifying ${f}..."
{
echo '#!/usr/bin/env bash'
echo 'set -eu'
yq eval '.. | select(has("command") and (.command | type == "!!str")) | .command + "\ntrue\n"' "${f}"
} | shellcheck -
done

1
.github/scripts/shellcheck.sh vendored
View File

@ -3,7 +3,6 @@
#
# SPDX-License-Identifier: curl
shellcheck --version
# shellcheck disable=SC2046
shellcheck --exclude=1091 \
--enable=avoid-nullary-conditions,deprecate-which \

14
.github/workflows/checkdocs.yml vendored
View File

@ -53,7 +53,7 @@ jobs:
# # config file help: https://github.com/amperser/proselint/
# - name: create proselint config
# run: |
# cat <<JSON > $HOME/.proselintrc.json
# cat <<JSON > ~/.proselintrc.json
# {
# "checks": {
# "typography.diacritical_marks": false,
@ -74,7 +74,7 @@ jobs:
# # This is for CHECKSRC and files with aggressive exclamation mark needs
# - name: create second proselint config
# run: |
# cat <<JSON > $HOME/.proselintrc.json
# cat <<JSON > ~/.proselintrc.json
# {
# "checks": {
# "typography.diacritical_marks": false,
@ -109,10 +109,12 @@ jobs:
name: checkout
- name: trim all *.md files in docs/
run: .github/scripts/cleancmd.pl $(find docs -name "*.md")
run: |
# shellcheck disable=SC2046
.github/scripts/cleancmd.pl $(find docs -name '*.md')
- name: setup the custom wordlist
run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt
run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt
- name: Check Spelling
uses: rojopolis/spellcheck-github-actions@584b2ae95998967a53af7fbfb7f5b15352c38748 # v0
@ -128,7 +130,9 @@ jobs:
name: checkout
- name: badwords
run: .github/scripts/badwords.pl < .github/scripts/badwords.txt `git ls-files '**.md'` docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400
run: |
# shellcheck disable=SC2046
.github/scripts/badwords.pl < .github/scripts/badwords.txt $(git ls-files '**.md') docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400
- name: verify-synopsis
run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md

21
.github/workflows/checksrc.yml vendored
View File

@ -124,7 +124,9 @@ jobs:
name: checkout
- name: shellcheck
run: .github/scripts/shellcheck.sh
run: |
shellcheck --version
.github/scripts/shellcheck.sh
- name: spacecheck
run: .github/scripts/spacecheck.pl
@ -135,11 +137,12 @@ jobs:
# we allow some extra in source code
- name: badwords
run: |
# shellcheck disable=SC2046
grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \
.github/scripts/badwords.pl $(git ls-files -- src lib include)
ghacheck:
name: GHA analysis
cicheck:
name: CI analysis
runs-on: macos-latest
timeout-minutes: 1
steps:
@ -148,7 +151,13 @@ jobs:
persist-credentials: false
name: checkout
- name: zizmor
- name: install prereqs
run: brew install shellcheck yq zizmor
- name: zizmor GHA
run: zizmor --pedantic .github/workflows/*.yml
- name: shellcheck
run: |
brew install zizmor
zizmor --pedantic .github/workflows/*.yml
shellcheck --version
.github/scripts/shellcheck-ci.sh

17
.github/workflows/configure-vs-cmake.yml vendored
View File

@ -59,8 +59,8 @@ jobs:
- name: 'dump generated files'
run: |
for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done
- name: 'compare generated curl_config.h files'
@ -77,11 +77,12 @@ jobs:
steps:
- name: 'install packages'
run: |
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew install libtool autoconf automake && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
# shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions'
run: |
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -109,8 +110,8 @@ jobs:
- name: 'dump generated files'
run: |
for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done
- name: 'compare generated curl_config.h files'
@ -158,8 +159,8 @@ jobs:
- name: 'dump generated files'
run: |
for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::'
echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done
- name: 'compare generated curl_config.h files'

10
.github/workflows/curl-for-win.yml vendored
View File

@ -56,7 +56,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* .
export CW_CONFIG='-main-werror-linux-a64-x64-gcc'
export CW_REVISION='${{ github.sha }}'
export CW_REVISION="${GITHUB_SHA}"
DOCKER_IMAGE='debian:bookworm-slim'
export CW_CCSUFFIX='-15'
export CW_GCCSUFFIX='-12'
@ -84,7 +84,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* .
export CW_CONFIG='-main-werror-linux-musl-r64-x64'
export CW_REVISION='${{ github.sha }}'
export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh
sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library
@ -112,7 +112,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* .
export CW_CONFIG='-main-werror-mac-x64'
export CW_REVISION='${{ github.sha }}'
export CW_REVISION="${GITHUB_SHA}"
sh -c ./_ci-mac-homebrew.sh
win-llvm:
@ -128,7 +128,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* .
export CW_CONFIG='-main-werror-win-x64'
export CW_REVISION='${{ github.sha }}'
export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh
sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library
@ -153,7 +153,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* .
export CW_CONFIG='-main-werror-win-x86-gcc-libssh1-zlibng'
export CW_REVISION='${{ github.sha }}'
export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh
sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library

47
.github/workflows/distcheck.yml vendored
View File

@ -57,13 +57,13 @@ jobs:
echo "::stop-commands::$(uuidgen)"
tar xvf curl-99.98.97.tar.gz
pushd curl-99.98.97
./configure --prefix=$HOME/temp --without-ssl --without-libpsl
./configure --prefix="$HOME"/temp --without-ssl --without-libpsl
make
make test-ci
make install
popd
# basic check of the installed files
bash scripts/installcheck.sh $HOME/temp
bash scripts/installcheck.sh "$HOME"/temp
rm -rf curl-99.98.97
verify-out-of-tree-docs:
@ -105,7 +105,7 @@ jobs:
pushd curl-99.98.97
mkdir build
pushd build
../configure --without-ssl --enable-debug "--prefix=${PWD}/pkg" --without-libpsl
../configure --without-ssl --enable-debug --prefix="$PWD"/curl-install --without-libpsl
make
make test-ci
make install
@ -174,8 +174,9 @@ jobs:
shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }}
env:
CC: ${{ !contains(matrix.image, 'windows') && 'clang' || '' }}
MATRIX_IMAGE: '${{ matrix.image }}'
TESTOPTS: ${{ contains(matrix.image, 'macos') && '-D_CURL_PREFILL=ON' || '' }} ${{ contains(matrix.image, 'windows') && '-DCMAKE_UNITY_BUILD_BATCH_SIZE=30' || '' }}
old-cmake-version: 3.11.4
OLD_CMAKE_VERSION: 3.11.4
strategy:
fail-fast: false
matrix:
@ -194,26 +195,26 @@ jobs:
- name: 'install prereqs'
run: |
if [[ '${{ matrix.image }}' = *'windows'* ]]; then
cd "${HOME}" || exit 1
if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location 'https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-win64-x64.zip' --output bin.zip
--location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-win64-x64.zip" --output bin.zip
unzip -q bin.zip
rm -f bin.zip
printf '%s' "${HOME}/cmake-${{ env.old-cmake-version }}-win64-x64/bin/cmake.exe" > "${HOME}/old-cmake-path.txt"
elif [[ '${{ matrix.image }}' = *'ubuntu'* ]]; then
printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-win64-x64/bin/cmake.exe > ~/old-cmake-path.txt
elif [[ "${MATRIX_IMAGE}" = *'ubuntu'* ]]; then
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libssl-dev
cd "${HOME}" || exit 1
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Linux-x86_64.tar.gz | tar -xzf -
printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Linux-x86_64/bin/cmake" > "${HOME}/old-cmake-path.txt"
--location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Linux-x86_64.tar.gz" | tar -xz
printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Linux-x86_64/bin/cmake > ~/old-cmake-path.txt
else
brew install libpsl openssl
cd "${HOME}" || exit 1
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Darwin-x86_64.tar.gz | tar -xzf -
printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Darwin-x86_64/CMake.app/Contents/bin/cmake" > "${HOME}/old-cmake-path.txt"
--location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Darwin-x86_64.tar.gz" | tar -xz
printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Darwin-x86_64/CMake.app/Contents/bin/cmake > ~/old-cmake-path.txt
fi
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
@ -229,26 +230,26 @@ jobs:
- name: 'via add_subdirectory OpenSSL (old cmake)'
run: |
export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")"
if [[ '${{ matrix.image }}' = *'macos'* ]]; then
export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)"
if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then
export CFLAGS='-arch arm64'
export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake
fi
if [[ '${{ matrix.image }}' = *'windows'* ]]; then
if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
export TEST_CMAKE_GENERATOR='MSYS Makefiles'
export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64'
fi
./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options}
./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON
- name: 'via find_package OpenSSL (old cmake)'
run: |
export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")"
if [[ '${{ matrix.image }}' = *'macos'* ]]; then
export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)"
if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then
export CFLAGS='-arch arm64'
export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake
fi
if [[ '${{ matrix.image }}' = *'windows'* ]]; then
if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
export TEST_CMAKE_GENERATOR='MSYS Makefiles'
export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64'
fi
./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options}
./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON

5
.github/workflows/hacktoberfest-accepted.yml vendored
View File

@ -40,8 +40,11 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Search relevant commit message lines starting with Closes/Merges
env:
GITHUB_EVENT_BEFORE: '${{ github.event.before }}'
GITHUB_EVENT_AFTER: '${{ github.event.after }}'
run: |
git log --format=email '${{ github.event.before }}..${{ github.event.after }}' | \
git log --format=email "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}" | \
grep -Ei '^Close[sd]? ' | sort | uniq | tee log
if: steps.check.outputs.label == 'hacktoberfest'

227
.github/workflows/http3-linux.yml vendored
View File

@ -40,21 +40,21 @@ env:
MAKEFLAGS: -j 5
CURL_CI: github
# handled in renovate.json
openssl-version: 3.5.0
OPENSSL_VERSION: 3.5.0
# handled in renovate.json
quictls-version: 3.3.0
QUICTLS_VERSION: 3.3.0
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
gnutls-version: 3.8.9
GNUTLS_VERSION: 3.8.9
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.8.0
WOLFSSL_VERSION: 5.8.0
# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
nghttp3-version: 1.10.1
NGHTTP3_VERSION: 1.10.1
# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
ngtcp2-version: 1.13.0
NGTCP2_VERSION: 1.13.0
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
nghttp2-version: 1.65.0
NGHTTP2_VERSION: 1.65.0
# renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com
quiche-version: 0.23.5
QUICHE_VERSION: 0.23.5
jobs:
build-cache:
@ -68,7 +68,7 @@ jobs:
cache-name: cache-openssl-http3
with:
path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
- name: 'cache quictls'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -77,7 +77,7 @@ jobs:
cache-name: cache-quictls-no-deprecated
with:
path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
- name: 'cache gnutls'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -86,7 +86,7 @@ jobs:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
- name: 'cache wolfssl'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -95,7 +95,7 @@ jobs:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache nghttp3'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -104,7 +104,7 @@ jobs:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
- name: 'cache ngtcp2'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -113,7 +113,7 @@ jobs:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache nghttp2'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -122,7 +122,7 @@ jobs:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
- id: settings
if: |
@ -149,37 +149,37 @@ jobs:
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev \
apache2 apache2-dev libnghttp2-dev
echo 'CC=gcc-12' >> $GITHUB_ENV
echo 'CXX=g++-12' >> $GITHUB_ENV
echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'build openssl'
if: steps.cache-openssl-http3.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl
cd ~
git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
cd openssl
./config --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests
./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
- name: 'build quictls'
if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls
cd ~
git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl quictls
cd quictls
./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests
./config no-deprecated --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
- name: 'build gnutls'
if: steps.cache-gnutls.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git
cd ~
git clone --quiet --depth=1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls.git
cd gnutls
./bootstrap
./configure --disable-dependency-tracking --prefix=$PWD/build \
./configure --disable-dependency-tracking --prefix="$PWD"/build \
LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \
--with-included-libtasn1 --with-included-unistring \
--disable-guile --disable-doc --disable-tests --disable-tools
@ -189,26 +189,24 @@ jobs:
- name: 'build wolfssl'
if: steps.cache-wolfssl.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git
cd ~
git clone --quiet --depth=1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl.git
cd wolfssl
./autogen.sh
./configure --disable-dependency-tracking --enable-all --enable-quic \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build
--disable-benchmark --disable-crypttests --disable-examples --prefix="$PWD"/build
make
make install
- name: 'build nghttp3'
if: steps.cache-nghttp3.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3
cd ~
git clone --quiet --depth=1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3
cd nghttp3
git submodule update --init --depth=1
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \
--enable-lib-only
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only
make
make install
@ -216,30 +214,30 @@ jobs:
if: steps.cache-ngtcp2.outputs.cache-hit != 'true'
# building twice to get crypto libs for ossl and quictls installed
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2
cd ~
git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
cd ngtcp2
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig" --enable-lib-only --with-quictls
./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig --enable-lib-only --with-quictls
make install
make clean
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$HOME/openssl/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig" \
./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
--enable-lib-only --with-openssl --with-gnutls --with-wolfssl
make install
- name: 'build nghttp2'
if: steps.cache-nghttp2.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2
cd ~
git clone --quiet --depth=1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2
cd nghttp2
git submodule update --init --depth=1
autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \
./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \
LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib \
--enable-http3
make install
@ -249,83 +247,85 @@ jobs:
- build-cache
runs-on: 'ubuntu-latest'
timeout-minutes: 45
env:
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
strategy:
fail-fast: false
matrix:
build:
- name: openssl
PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-openssl=$HOME/openssl/build --enable-ssls-export
LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib
--with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=/home/runner/openssl/build --enable-ssls-export
--with-libuv
- name: quictls
PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-openssl=$HOME/quictls/build --enable-ssls-export
LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib
--with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=/home/runner/quictls/build --enable-ssls-export
--with-libuv
- name: gnutls
PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-gnutls=$HOME/gnutls/build --enable-ssls-export
LDFLAGS=-Wl,-rpath,/home/runner/gnutls/build/lib
--with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-gnutls=/home/runner/gnutls/build --enable-ssls-export
--with-libuv
- name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib"
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-wolfssl=$HOME/wolfssl/build
LDFLAGS=-Wl,-rpath,/home/runner/wolfssl/build/lib
--with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-wolfssl=/home/runner/wolfssl/build
--enable-ech --enable-ssls-export
--with-libuv
- name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
generate: >-
-DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DUSE_ECH=ON
-DCURL_USE_LIBUV=ON
- name: openssl-quic
PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig'
PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib"
LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib
--enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-openssl=$HOME/openssl/build --with-openssl-quic
--with-nghttp3=$HOME/nghttp3/build
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=/home/runner/openssl/build --with-openssl-quic
--with-nghttp3=/home/runner/nghttp3/build
--with-libuv
- name: quiche
configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release"
--with-openssl=$HOME/quiche/quiche/deps/boringssl/src
LDFLAGS=-Wl,-rpath,/home/runner/quiche/target/release
--with-openssl=/home/runner/quiche/quiche/deps/boringssl/src
--enable-warnings --enable-werror --enable-debug
--with-quiche=$HOME/quiche/target/release
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
--with-quiche=/home/runner/quiche/target/release
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-ca-fallback
--with-libuv
- name: quiche
PKG_CONFIG_PATH: '$HOME/quiche/target/release'
PKG_CONFIG_PATH: /home/runner/quiche/target/release
generate: >-
-DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON
-DOPENSSL_ROOT_DIR=/home/runner/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON
-DUSE_QUICHE=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
-DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DCURL_CA_FALLBACK=ON
-DCURL_USE_LIBUV=ON
@ -342,9 +342,9 @@ jobs:
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \
apache2 apache2-dev libnghttp2-dev vsftpd
python3 -m venv $HOME/venv
echo 'CC=gcc-12' >> $GITHUB_ENV
echo 'CXX=g++-12' >> $GITHUB_ENV
python3 -m venv ~/venv
echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'cache openssl'
if: matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic'
@ -354,7 +354,7 @@ jobs:
cache-name: cache-openssl-http3
with:
path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache quictls'
@ -364,7 +364,7 @@ jobs:
cache-name: cache-quictls-no-deprecated
with:
path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
fail-on-cache-miss: true
- name: 'cache gnutls'
@ -375,7 +375,7 @@ jobs:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
fail-on-cache-miss: true
- name: 'cache wolfssl'
@ -386,7 +386,7 @@ jobs:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nghttp3'
@ -396,7 +396,7 @@ jobs:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true
- name: 'cache ngtcp2'
@ -406,7 +406,7 @@ jobs:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nghttp2'
@ -416,7 +416,7 @@ jobs:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true
- name: 'cache quiche'
@ -427,13 +427,13 @@ jobs:
cache-name: cache-quiche
with:
path: ~/quiche
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICHE_VERSION }}
- name: 'build quiche and boringssl'
if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true'
run: |
cd $HOME
git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git
cd ~
git clone --quiet --depth=1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche.git
cd quiche
#### Work-around https://github.com/curl/curl/issues/7927 #######
#### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
@ -442,12 +442,13 @@ jobs:
cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
ln -s libquiche.so target/release/libquiche.so.0
mkdir -v quiche/deps/boringssl/src/lib
# shellcheck disable=SC2046
ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
# include dir
# $HOME/quiche/quiche/deps/boringssl/src/include
# /home/runner/quiche/quiche/deps/boringssl/src/include
# lib dir
# $HOME/quiche/quiche/deps/boringssl/src/lib
# /home/runner/quiche/quiche/deps/boringssl/src/lib
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -458,19 +459,21 @@ jobs:
run: autoreconf -fi
- name: 'configure'
env:
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
run: |
if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then
export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}"
fi
if [ -n '${{ matrix.build.generate }}' ]; then
[ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \
-DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \
-DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
${{ matrix.build.generate }}
${MATRIX_GENERATE}
else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \
${{ matrix.build.configure }}
${MATRIX_CONFIGURE}
fi
- name: 'configure log'
@ -487,7 +490,7 @@ jobs:
- name: 'build'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
else
make -C bld V=1
@ -498,7 +501,7 @@ jobs:
- name: 'build tests'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
@ -506,15 +509,15 @@ jobs:
- name: 'install test prereqs'
run: |
source $HOME/venv/bin/activate
source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt
- name: 'run tests'
env:
TFLAGS: '${{ matrix.build.tflags }}'
run: |
source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target test-ci
else
make -C bld V=1 test-ci
@ -522,7 +525,7 @@ jobs:
- name: 'install pytest prereqs'
run: |
source $HOME/venv/bin/activate
source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest event based'
@ -531,8 +534,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: |
source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci
else
make -C bld V=1 pytest-ci
@ -540,7 +543,7 @@ jobs:
- name: 'build examples'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples
else
make -C bld V=1 examples

2
.github/workflows/linux-old.yml vendored
View File

@ -130,7 +130,7 @@ jobs:
cd bld-am
../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--with-openssl --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \
--prefix="$PWD"/../install-am
--prefix="$PWD"/../curl-install-am
- name: 'autoconf curl_config.h'
run: |

281
.github/workflows/linux.yml vendored
View File

@ -40,25 +40,25 @@ env:
CURL_CI: github
CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized'
# unhandled
bearssl-version: 0.6
BEARSSL_VERSION: 0.6
# renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com
libressl-version: 4.1.0
LIBRESSL_VERSION: 4.1.0
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.8.0
WOLFSSL_VERSION: 5.8.0
# renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssh-version: 1.4.19
WOLFSSH_VERSION: 1.4.19
# renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com
mbedtls-version: 3.6.3
MBEDTLS_VERSION: 3.6.3
# renovate: datasource=github-tags depName=nibanks/msh3 versioning=semver registryUrl=https://github.com
msh3-version: 0.6.0
MSH3_VERSION: 0.6.0
# renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
awslc-version: 1.52.0
AWSLC_VERSION: 1.52.0
# handled in renovate.json
openssl-version: 3.5.0
OPENSSL_VERSION: 3.5.0
# handled in renovate.json
quictls-version: 3.3.0
QUICTLS_VERSION: 3.3.0
# renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com
rustls-version: 0.15.0
RUSTLS_VERSION: 0.15.0
jobs:
linux:
@ -66,6 +66,11 @@ jobs:
runs-on: ${{ matrix.build.image || 'ubuntu-latest' }}
container: ${{ matrix.build.container }}
timeout-minutes: 45
env:
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}'
MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}'
MATRIX_MAKE_PREFIX: '${{ matrix.build.make-prefix }}'
strategy:
fail-fast: false
matrix:
@ -73,52 +78,52 @@ jobs:
- name: bearssl
install_packages: zlib1g-dev
install_steps: bearssl pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug
configure: LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug
- name: bearssl clang
install_packages: zlib1g-dev clang
install_steps: bearssl
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug
configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug
- name: libressl heimdal
install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev
install_steps: libressl pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --with-gssapi --enable-debug
configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug
- name: libressl heimdal valgrind
install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev valgrind
install_steps: libressl
generate: -DOPENSSL_ROOT_DIR=$HOME/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
- name: libressl clang
install_packages: zlib1g-dev clang
install_steps: libressl
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --enable-debug
configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --enable-debug
- name: wolfssl-all
install_packages: zlib1g-dev
install_steps: wolfssl-all
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-all/lib" --with-wolfssl=$HOME/wolfssl-all --enable-ech --enable-debug
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-all/lib --with-wolfssl=/home/runner/wolfssl-all --enable-ech --enable-debug
- name: wolfssl-opensslextra valgrind
install_packages: zlib1g-dev valgrind
install_steps: wolfssl-opensslextra wolfssh
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --enable-ech --enable-debug
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --enable-ech --enable-debug
- name: mbedtls valgrind
install_packages: libnghttp2-dev libldap-dev valgrind
install_steps: mbedtls
configure: LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug
configure: LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug
- name: mbedtls clang
install_packages: libnghttp2-dev libldap-dev clang
install_steps: mbedtls pytest
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug
configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug
- name: mbedtls
install_packages: libnghttp2-dev
install_steps: mbedtls
PKG_CONFIG_PATH: '$HOME/mbedtls/lib/pkgconfig' # Requires v3.6.0 or v2.28.8
PKG_CONFIG_PATH: /home/runner/mbedtls/lib/pkgconfig # Requires v3.6.0 or v2.28.8
generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON
- name: mbedtls-pkg
@ -133,23 +138,24 @@ jobs:
- name: msh3
install_packages: zlib1g-dev
install_steps: quictls msh3
configure: LDFLAGS="-Wl,-rpath,$HOME/msh3/lib -Wl,-rpath,$HOME/quictls/lib" --with-msh3=$HOME/msh3 --with-openssl=$HOME/quictls --enable-debug
LDFLAGS: -Wl,-rpath,/home/runner/msh3/lib -Wl,-rpath,/home/runner/quictls/lib
configure: --with-msh3=/home/runner/msh3 --with-openssl=/home/runner/quictls --enable-debug
- name: msh3
install_packages: zlib1g-dev
install_steps: quictls msh3 skipall
PKG_CONFIG_PATH: '$HOME/msh3/lib/pkgconfig' # Broken as of v0.6.0
generate: -DOPENSSL_ROOT_DIR=$HOME/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=$HOME/msh3/include -DMSH3_LIBRARY=$HOME/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON
PKG_CONFIG_PATH: /home/runner/msh3/lib/pkgconfig # Broken as of v0.6.0
generate: -DOPENSSL_ROOT_DIR=/home/runner/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=/home/runner/msh3/include -DMSH3_LIBRARY=/home/runner/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON
- name: awslc
install_packages: zlib1g-dev
install_steps: awslc pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/awslc/lib" --with-openssl=$HOME/awslc --enable-ech
configure: LDFLAGS=-Wl,-rpath,/home/runner/awslc/lib --with-openssl=/home/runner/awslc --enable-ech
- name: awslc
install_packages: zlib1g-dev
install_steps: awslc
generate: -DOPENSSL_ROOT_DIR=$HOME/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF
generate: -DOPENSSL_ROOT_DIR=/home/runner/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF
- name: openssl default
install_steps: pytest
@ -223,44 +229,39 @@ jobs:
- name: clang-tidy
install_packages: clang-tidy zlib1g-dev libssl-dev libkrb5-dev
install_steps: skipall wolfssl-opensslextra wolfssh
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export
make-custom-target: tidy
- name: scanbuild
install_packages: clang-tools clang libssl-dev libssh2-1-dev
install_steps: skipall
configure: --with-openssl --enable-debug --with-libssh2 --disable-unity
configure-prefix: CC=clang scan-build
CC: clang
configure-prefix: scan-build
make-prefix: scan-build --status-bugs
- name: address-sanitizer
install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2
install_steps: pytest randcurl
configure: >-
CC=clang
CFLAGS="-fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g"
LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=undefined,integer"
LIBS="-ldl -lubsan"
--with-openssl --enable-debug
CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer
LIBS: -ldl -lubsan
configure: CC=clang --with-openssl --enable-debug
- name: thread-sanitizer
install_packages: zlib1g-dev clang libtsan2
install_steps: pytest openssl-tsan
configure: >-
CC=clang
CFLAGS="-fsanitize=thread -g"
LDFLAGS="-fsanitize=thread -Wl,-rpath,$HOME/openssl/lib"
--with-openssl=$HOME/openssl --enable-debug
CFLAGS: -fsanitize=thread -g
LDFLAGS: -fsanitize=thread -Wl,-rpath,/home/runner/openssl/lib
configure: CC=clang --with-openssl=/home/runner/openssl --enable-debug
- name: memory-sanitizer
install_packages: clang
install_steps: randcurl
configure: >-
CC=clang
CFLAGS="-fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g"
LDFLAGS="-fsanitize=memory"
LIBS="-ldl"
--without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug
CFLAGS: -fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g
LDFLAGS: -fsanitize=memory
LIBS: -ldl
configure: CC=clang --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug
- name: event-based
install_packages: libssh-dev
@ -305,18 +306,21 @@ jobs:
steps:
- name: 'install prereqs'
if: matrix.build.container == null && !contains(matrix.build.name, 'i686')
# zizmor: ignore[template-injection]
env:
INSTALL_PACKAGES: >-
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }}
${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }}
run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf \
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }} \
libpsl-dev libbrotli-dev libzstd-dev \
${{ matrix.build.install_packages }} \
${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }}
python3 -m venv $HOME/venv
${INSTALL_PACKAGES} \
${MATRIX_INSTALL_PACKAGES}
python3 -m venv ~/venv
- name: 'install prereqs'
if: contains(matrix.build.name, 'i686')
@ -328,8 +332,8 @@ jobs:
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf stunnel4 \
libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \
${{ matrix.build.install_packages }}
python3 -m venv $HOME/venv
${MATRIX_INSTALL_PACKAGES}
python3 -m venv ~/venv
- name: 'install dependencies'
if: startsWith(matrix.build.container, 'alpine')
@ -348,19 +352,18 @@ jobs:
cache-name: cache-bearssl
with:
path: ~/bearssl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.bearssl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.BEARSSL_VERSION }}
- name: 'build bearssl'
if: contains(matrix.build.install_steps, 'bearssl') && steps.cache-bearssl.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://bearssl.org/bearssl-${{ env.bearssl-version }}.tar.gz
tar -xzf bearssl-${{ env.bearssl-version }}.tar.gz
cd bearssl-${{ env.bearssl-version }}
"https://bearssl.org/bearssl-${BEARSSL_VERSION}.tar.gz" | tar -xz
cd "bearssl-${BEARSSL_VERSION}"
make
mkdir -p $HOME/bearssl/lib $HOME/bearssl/include
cp inc/*.h $HOME/bearssl/include
cp build/libbearssl.* $HOME/bearssl/lib
mkdir -p ~/bearssl/lib ~/bearssl/include
cp inc/*.h ~/bearssl/include
cp build/libbearssl.* ~/bearssl/lib
- name: 'cache libressl'
if: contains(matrix.build.install_steps, 'libressl')
@ -370,16 +373,15 @@ jobs:
cache-name: cache-libressl
with:
path: ~/libressl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.libressl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'build libressl'
if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz
tar -xzf libressl-${{ env.libressl-version }}.tar.gz
cd libressl-${{ env.libressl-version }}
./configure --disable-dependency-tracking --prefix=$HOME/libressl
"https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz
cd "libressl-${LIBRESSL_VERSION}"
./configure --disable-dependency-tracking --prefix=/home/runner/libressl
make install
- name: 'cache wolfssl (all)'
@ -390,18 +392,17 @@ jobs:
cache-name: cache-wolfssl-all
with:
path: ~/wolfssl-all
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssl (all)' # does not support `OPENSSL_COEXIST`
if: contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz
tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz
cd wolfssl-${{ env.wolfssl-version }}-stable
"https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
cd "wolfssl-${WOLFSSL_VERSION}-stable"
./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-all
--disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-all
make install
- name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST`
@ -412,18 +413,17 @@ jobs:
cache-name: cache-wolfssl-opensslextra
with:
path: ~/wolfssl-opensslextra
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssl (opensslextra)'
if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz
tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz
cd wolfssl-${{ env.wolfssl-version }}-stable
"https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
cd "wolfssl-${WOLFSSL_VERSION}-stable"
./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-wolfssh --enable-ech --enable-opensslextra \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-opensslextra
--disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-opensslextra
make install
- name: 'cache wolfssh'
@ -434,18 +434,17 @@ jobs:
cache-name: cache-wolfssh
with:
path: ~/wolfssh
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssh-version }}-${{ env.wolfssl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSH_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssh'
if: contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssh/archive/v${{ env.wolfssh-version }}-stable.tar.gz
tar -xzf v${{ env.wolfssh-version }}-stable.tar.gz
cd wolfssh-${{ env.wolfssh-version }}-stable
"https://github.com/wolfSSL/wolfssh/archive/v${WOLFSSH_VERSION}-stable.tar.gz" | tar -xz
cd "wolfssh-${WOLFSSH_VERSION}-stable"
./autogen.sh
./configure --disable-dependency-tracking --with-wolfssl=$HOME/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \
--disable-examples --prefix=$HOME/wolfssh
./configure --disable-dependency-tracking --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \
--disable-examples --prefix=/home/runner/wolfssh
make install
- name: 'cache mbedtls'
@ -456,18 +455,17 @@ jobs:
cache-name: cache-mbedtls-threadsafe
with:
path: ~/mbedtls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.mbedtls-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }}
- name: 'build mbedtls'
if: contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${{ env.mbedtls-version }}/mbedtls-${{ env.mbedtls-version }}.tar.bz2
tar -xjf mbedtls-${{ env.mbedtls-version }}.tar.bz2
cd mbedtls-${{ env.mbedtls-version }}
"https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION}/mbedtls-${MBEDTLS_VERSION}.tar.bz2" | tar -xj
cd "mbedtls-${MBEDTLS_VERSION}"
./scripts/config.py set MBEDTLS_THREADING_C
./scripts/config.py set MBEDTLS_THREADING_PTHREAD
cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=$HOME/mbedtls \
cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls \
-DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF
cmake --build .
cmake --install .
@ -480,14 +478,14 @@ jobs:
cache-name: cache-openssl-tsan
with:
path: ~/openssl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.openssl-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
- name: 'build openssl (thread sanitizer)'
if: contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true'
run: |
git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl
git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
cd openssl
CC="clang" CFLAGS="-fsanitize=thread" LDFLAGS="-fsanitize=thread" ./config --prefix=$HOME/openssl --libdir=lib no-makedepend no-apps no-docs no-tests
CC=clang CFLAGS='-fsanitize=thread' LDFLAGS='-fsanitize=thread' ./config --prefix=/home/runner/openssl --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
@ -499,14 +497,14 @@ jobs:
cache-name: cache-quictls
with:
path: ~/quictls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
- name: 'build quictls'
if: contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true'
run: |
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl
git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl
cd openssl
./config --prefix=$HOME/quictls --libdir=lib no-makedepend no-apps no-docs no-tests
./config --prefix=/home/runner/quictls --libdir=lib no-makedepend no-apps no-docs no-tests
make
make -j1 install_sw
@ -518,14 +516,14 @@ jobs:
cache-name: cache-msh3
with:
path: ~/msh3
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.msh3-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MSH3_VERSION }}
- name: 'build msh3'
if: contains(matrix.build.install_steps, 'msh3') && steps.cache-msh3.outputs.cache-hit != 'true'
run: |
git clone --quiet --depth=1 -b v${{ env.msh3-version }} --recursive https://github.com/nibanks/msh3
git clone --quiet --depth=1 -b "v${MSH3_VERSION}" --recursive https://github.com/nibanks/msh3
cd msh3
cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=$HOME/msh3
cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=/home/runner/msh3
cmake --build .
cmake --install .
@ -537,17 +535,16 @@ jobs:
cache-name: cache-awslc
with:
path: ~/awslc
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.awslc-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
- name: 'build awslc'
if: contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true'
run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/awslabs/aws-lc/archive/refs/tags/v${{ env.awslc-version }}.tar.gz
tar -xzf v${{ env.awslc-version }}.tar.gz
mkdir aws-lc-${{ env.awslc-version }}-build
cd aws-lc-${{ env.awslc-version }}-build
cmake -G Ninja -DCMAKE_INSTALL_PREFIX=$HOME/awslc ../aws-lc-${{ env.awslc-version }} -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF
"https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz
mkdir "aws-lc-${AWSLC_VERSION}-build"
cd "aws-lc-${AWSLC_VERSION}-build"
cmake -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc "../aws-lc-${AWSLC_VERSION}" -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF
cmake --build .
cmake --install .
@ -559,21 +556,21 @@ jobs:
cache-name: cache-rustls
with:
path: ~/rustls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.rustls-version }}
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.RUSTLS_VERSION }}
- name: 'fetch rustls deb'
if: contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true'
run: |
mkdir -p ~/rustls
curl -L https://github.com/rustls/rustls-ffi/releases/download/v${{ env.rustls-version }}/librustls_${{ env.rustls-version }}_amd64.deb.zip -o ~/rustls/librustls.zip
curl -LsSf --retry 6 --retry-connrefused --max-time 999 \
"https://github.com/rustls/rustls-ffi/releases/download/v${RUSTLS_VERSION}/librustls_${RUSTLS_VERSION}_amd64.deb.zip" -o ~/rustls/librustls.zip
unzip ~/rustls/librustls.zip -d ~/rustls
rm ~/rustls/librustls.zip
- name: 'build rustls'
# Note: we don't check cache-hit here. If the cache is hit, we still need to dpkg install the deb.
if: contains(matrix.build.install_steps, 'rustls')
run: |
sudo dpkg -i ~/rustls/librustls_${{ env.rustls-version }}_amd64.deb
run: sudo dpkg -i ~/rustls/"librustls_${RUSTLS_VERSION}_amd64.deb"
- name: 'install Intel compilers'
if: contains(matrix.build.install_steps, 'intel')
@ -582,7 +579,7 @@ jobs:
sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main"
sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic
source /opt/intel/oneapi/setvars.sh
printenv >> $GITHUB_ENV
printenv >> "$GITHUB_ENV"
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -593,23 +590,30 @@ jobs:
run: autoreconf -fi
- name: 'configure'
env:
CC: '${{ matrix.build.CC }}'
CFLAGS: '${{ matrix.build.CFLAGS }}'
LDFLAGS: '${{ matrix.build.LDFLAGS }}'
LIBS: '${{ matrix.build.LIBS }}'
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_CONFIGURE_PREFIX: '${{ matrix.build.configure-prefix }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
run: |
[[ '${{ matrix.build.install_steps }}' = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev
if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then
export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}"
fi
if [ -n '${{ matrix.build.generate }}' ]; then
[[ "${MATRIX_INSTALL_STEPS}" = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev
[ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME/curl" \
-DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
${{ matrix.build.generate }}
${MATRIX_GENERATE}
else
mkdir bld && cd bld && \
${{ matrix.build.configure-prefix }} \
${MATRIX_CONFIGURE_PREFIX} \
../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \
${{ matrix.build.configure }}
${MATRIX_CONFIGURE}
fi
- name: 'configure log'
@ -625,23 +629,25 @@ jobs:
run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true
- name: 'build'
env:
MATRIX_MAKE_CUSTOM_TARGET: '${{ matrix.build.make-custom-target }}'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
${{ matrix.build.make-prefix }} cmake --build bld --verbose
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
${MATRIX_MAKE_PREFIX} cmake --build bld --verbose
else
${{ matrix.build.make-prefix }} make -C bld V=1 ${{ matrix.build.make-custom-target }}
${MATRIX_MAKE_PREFIX} make -C bld V=1 ${MATRIX_MAKE_CUSTOM_TARGET}
fi
- name: 'single-use function check'
if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }}
run: |
git config --global --add safe.directory "*"
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
libcurla=bld/lib/libcurl.a
else
libcurla=bld/lib/.libs/libcurl.a
fi
./scripts/singleuse.pl --unit ${libcurla}
./scripts/singleuse.pl --unit "${libcurla}"
- name: 'check curl -V output'
if: ${{ matrix.build.make-custom-target != 'tidy' }}
@ -654,7 +660,7 @@ jobs:
- name: 'build tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') }}
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
@ -663,37 +669,38 @@ jobs:
- name: 'install test prereqs'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && matrix.build.container == null }}
run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate
[ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt
- name: 'run tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }}
# zizmor: ignore[template-injection]
env:
TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
TFLAGS: '${{ matrix.build.tflags }}'
run: |
export TFLAGS='${{ matrix.build.tflags }}'
if [ -z '${{ matrix.build.torture }}' ]; then
if [[ '${{ matrix.build.install_steps }}' = *'wolfssh'* ]]; then
if [ "${TEST_TARGET}" = 'test-ci' ]; then
if [[ "${MATRIX_INSTALL_STEPS}" = *'wolfssh'* ]]; then
TFLAGS+=' ~SFTP' # curl: (79) wolfssh SFTP connect error -1051 / WS_MATCH_KEY_ALGO_E / cannot match key algo with peer
fi
if [[ '${{ matrix.build.install_packages }}' = *'valgrind'* ]]; then
if [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then
TFLAGS+=' -j6'
fi
if [[ '${{ matrix.build.install_packages }}' = *'heimdal-dev'* ]]; then
if [[ "${MATRIX_INSTALL_PACKAGES}" = *'heimdal-dev'* ]]; then
TFLAGS+=' ~2077 ~2078' # valgrind reporting memory leaks from Curl_auth_decode_spnego_message() -> gss_import_name()
fi
fi
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
[ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target "${TEST_TARGET}"
else
make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
make -C bld V=1 "${TEST_TARGET}"
fi
- name: 'install pytest prereqs'
if: contains(matrix.build.install_steps, 'pytest')
run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate
[ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest'
@ -702,8 +709,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
[ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci
else
make -C bld V=1 pytest-ci
@ -719,8 +726,8 @@ jobs:
- name: 'build examples'
if: ${{ matrix.build.make-custom-target != 'tidy' }}
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
${{ matrix.build.make-prefix }} cmake --build bld --verbose --target curl-examples
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples
else
${{ matrix.build.make-prefix }} make -C bld V=1 examples
${MATRIX_MAKE_PREFIX} make -C bld V=1 examples
fi

182
.github/workflows/macos.yml vendored
View File

@ -58,8 +58,11 @@ jobs:
timeout-minutes: 45
env:
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.compiler }}
CFLAGS: ''
CC: '${{ matrix.compiler }}'
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_COMPILER: '${{ matrix.compiler }}'
MATRIX_INSTALL: '${{ matrix.build.install }}'
MATRIX_MACOS_VERSION_MIN: '${{ matrix.build.macos-version-min }}'
strategy:
fail-fast: false
matrix:
@ -78,15 +81,15 @@ jobs:
configure: --enable-debug --without-ssl
- name: '!ssl libssh2 AppleIDN'
compiler: clang
configure: --enable-debug --with-libssh2=$(brew --prefix libssh2) --without-ssl --with-apple-idn
configure: --enable-debug --with-libssh2=/opt/homebrew/opt/libssh2 --without-ssl --with-apple-idn
- name: 'OpenSSL libssh c-ares'
compiler: clang
install: libssh
configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --enable-ares
configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --enable-ares
- name: 'OpenSSL libssh'
compiler: llvm@15
install: libssh libnghttp3
configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --with-openssl-quic
configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --with-openssl-quic
- name: '!ssl c-ares'
compiler: clang
configure: --enable-debug --enable-ares --without-ssl
@ -104,68 +107,68 @@ jobs:
macos-version-min: '10.15' # Catalina (2019)
- name: 'SecureTransport libssh2'
compiler: clang
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2)
configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.8'
- name: 'SecureTransport libssh2 10.12'
compiler: clang
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2)
configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.12' # for monotonic timers
- name: 'SecureTransport libssh2'
compiler: gcc-12
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2)
configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.8'
- name: 'LibreSSL +examples'
compiler: clang
install: libressl
install_steps: pytest
configure: --enable-debug --with-openssl=$(brew --prefix libressl)
configure: --enable-debug --with-openssl=/opt/homebrew/opt/libressl
- name: 'OpenSSL'
compiler: clang
install_steps: pytest
configure: --enable-debug --with-openssl=$(brew --prefix openssl)
configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl
- name: 'OpenSSL event-based'
compiler: clang
configure: --enable-debug --with-openssl=$(brew --prefix openssl)
configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl
tflags: --test-event
- name: 'quictls libssh2 !ldap 10.15'
compiler: clang
install: quictls
configure: --enable-debug --disable-ldap --with-openssl=$(brew --prefix quictls) LDFLAGS="${LDFLAGS} -L$(brew --prefix quictls)/lib"
configure: --enable-debug --disable-ldap --with-openssl=/opt/homebrew/opt/quictls LDFLAGS=-L/opt/homebrew/opt/quictls/lib
macos-version-min: '10.15'
# cmake
- name: 'OpenSSL gsasl rtmp AppleIDN'
install: gsasl rtmpdump
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON
generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON
- name: 'MultiSSL AppleIDN clang-tidy +examples'
install: llvm brotli zstd gnutls nettle mbedtls gsasl rtmpdump fish
generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=$(brew --prefix llvm)/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON
generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON
clang-tidy: true
chkprefill: _chkprefill
- name: 'quictls +static libssh +examples'
install: quictls libssh
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix quictls) -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON
generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/quictls -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON
- name: 'SecureTransport debug'
generate: -DCURL_USE_SECTRANSP=ON -DENABLE_DEBUG=ON
macos-version-min: '10.8'
- name: 'LibreSSL !ldap heimdal c-ares +examples'
install: libressl heimdal
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix libressl) -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix heimdal) -DCURL_DISABLE_LDAP=ON
generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DCURL_DISABLE_LDAP=ON
- name: 'wolfSSL !ldap brotli zstd'
install: brotli wolfssl zstd
install_steps: pytest
generate: -DCURL_USE_WOLFSSL=ON -DCURL_DISABLE_LDAP=ON -DUSE_ECH=ON
- name: 'mbedTLS openldap brotli zstd'
install: brotli mbedtls zstd openldap
generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR="$(brew --prefix openldap)/include" -DLDAP_LIBRARY="$(brew --prefix openldap)/lib/libldap.dylib" -DLDAP_LBER_LIBRARY="$(brew --prefix openldap)/lib/liblber.dylib"
generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib
- name: 'GnuTLS !ldap krb5'
install: gnutls nettle krb5
generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix krb5) -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON
generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON
- name: 'OpenSSL torture !FTP'
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl)
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl
tflags: -t --shallow=25 !FTP
torture: true
- name: 'OpenSSL torture FTP'
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl)
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl
tflags: -t --shallow=20 FTP
torture: true
exclude:
@ -187,33 +190,35 @@ jobs:
# Run this command with retries because of spurious failures seen
# while running the tests, for example
# https://github.com/curl/curl/runs/4095721123?check_suite_focus=true
# zizmor: ignore[template-injection]
env:
INSTALL_PACKAGES: >-
${{ matrix.build.generate && 'ninja' || 'automake libtool' }}
${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }}
${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }}
run: |
echo ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} \
pkgconf libpsl libssh2 \
${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }} \
${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} \
${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
echo pkgconf libpsl libssh2 ${INSTALL_PACKAGES} ${MATRIX_INSTALL} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
# shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew bundle install --file /tmp/Brewfile; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'brew unlink openssl'
if: ${{ contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }}
run: |
if test -d $(brew --prefix)/include/openssl; then
if [ -d /opt/homebrew/include/openssl ]; then
brew unlink openssl
fi
- name: 'toolchain versions'
run: |
[[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang"
[[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot
which "${CC}"; "${CC}" --version || true
[[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
[[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot
command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true
xcrun --sdk macosx --show-sdk-path 2>/dev/null || true
xcrun --sdk macosx --show-sdk-version || true
ls -l /Library/Developer/CommandLineTools/SDKs || true
echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -224,31 +229,36 @@ jobs:
run: autoreconf -fi
- name: 'configure'
env:
MATRIX_CHKPREFILL: '${{ matrix.build.chkprefill }}'
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}'
run: |
if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then
if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then
sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for
else
sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)"
fi
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then
CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang"
if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
CC+=" --sysroot=${sysroot}"
CC+=" --target=$(uname -m)-apple-darwin"
fi
if [ -n '${{ matrix.build.generate }}' ]; then
for _chkprefill in '' ${{ matrix.build.chkprefill }}; do
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options=''
[ -n '${{ matrix.build.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.build.macos-version-min }}'
[[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS
[ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}"
[[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_INSTALL_PREFIX="$HOME/curl" \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
-DCMAKE_OSX_SYSROOT="${sysroot}" \
-DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \
${{ matrix.build.generate }} ${options}
${MATRIX_GENERATE} ${options}
done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -256,19 +266,19 @@ jobs:
fi
else
export CFLAGS
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then
if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
options+=" --target=$(uname -m)-apple-darwin"
fi
if [ '${{ matrix.compiler }}' != 'clang' ]; then
if [ "${MATRIX_COMPILER}" != 'clang' ]; then
options+=" --with-sysroot=${sysroot}"
CFLAGS+=" --sysroot=${sysroot}"
fi
[ -n '${{ matrix.build.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.build.macos-version-min }}'
[[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS
[ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}"
[[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \
--with-libpsl=$(brew --prefix libpsl) \
${{ matrix.build.configure }} ${options}
--with-libpsl=/opt/homebrew/opt/libpsl \
${MATRIX_CONFIGURE} ${options}
fi
- name: 'configure log'
@ -285,7 +295,7 @@ jobs:
- name: 'build'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
else
make -C bld V=1
@ -300,7 +310,7 @@ jobs:
- name: 'build tests'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
@ -309,28 +319,30 @@ jobs:
- name: 'install test prereqs'
if: ${{ !matrix.build.clang-tidy }}
run: |
python3 -m venv $HOME/venv
source $HOME/venv/bin/activate
python3 -m venv ~/venv
source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt
- name: 'run tests'
if: ${{ !matrix.build.clang-tidy }}
timeout-minutes: ${{ matrix.build.torture && 20 || 10 }}
# zizmor: ignore[template-injection]
env:
TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
TFLAGS: '${{ matrix.build.tflags }}'
run: |
export TFLAGS='-j20 ${{ matrix.build.tflags }}'
source $HOME/venv/bin/activate
rm -f $HOME/.curlrc
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
TFLAGS="-j20 ${TFLAGS}"
source ~/venv/bin/activate
rm -f ~/.curlrc
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target "${TEST_TARGET}"
else
make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
make -C bld V=1 "${TEST_TARGET}"
fi
- name: 'install pytest prereqs'
if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }}
run: |
source $HOME/venv/bin/activate
source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest'
@ -339,8 +351,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: |
source $HOME/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci
else
make -C bld V=1 pytest-ci
@ -349,7 +361,7 @@ jobs:
- name: 'build examples'
if: ${{ contains(matrix.build.name, '+examples') }}
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples
else
make -C bld examples V=1
@ -362,7 +374,12 @@ jobs:
timeout-minutes: 10
env:
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.xcode && format('_{0}', matrix.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.compiler }}
CC: '${{ matrix.compiler }}'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_COMPILER: '${{ matrix.compiler }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_IMAGE: '${{ matrix.image }}'
MATRIX_MACOS_VERSION_MIN: '${{ matrix.macos-version-min }}'
strategy:
fail-fast: false
matrix:
@ -377,6 +394,7 @@ jobs:
# Ventura (2022) Sonoma (2023) Sequoia (2024)
# https://github.com/actions/runner-images/tree/main/images/macos
# https://en.wikipedia.org/wiki/MacOS_version_history
# TODO when dropping macos-13: replace '$(brew --prefix ...' with /opt/homebrew
image: [macos-13, macos-14, macos-15]
# Can skip these to reduce jobs:
# 15.1 has the same default macOS SDK as 15.2 and identical test results.
@ -417,14 +435,14 @@ jobs:
- name: 'install autotools'
if: ${{ matrix.build == 'autotools' }}
run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
# shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions'
run: |
[[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang"
[[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot
which "${CC}"; "${CC}" --version || true
[[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
[[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot
command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true
xcrun --sdk macosx --show-sdk-path 2>/dev/null || true
xcrun --sdk macosx --show-sdk-version || true
@ -442,27 +460,27 @@ jobs:
- name: 'configure / ${{ matrix.build }}'
run: |
if [ '${{ matrix.compiler }}' = 'gcc-13' ] && [ '${{ matrix.image }}' = 'macos-15' ] ; then
if [ "${MATRIX_COMPILER}" = 'gcc-13' ] && [ "${MATRIX_IMAGE}" = 'macos-15' ] ; then
# Ref: https://github.com/Homebrew/homebrew-core/issues/194778#issuecomment-2793243409
/opt/homebrew/opt/gcc@13/libexec/gcc/aarch64-apple-darwin24/13/install-tools/mkheaders
fi
if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then
if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then
sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for
else
sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)"
fi
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then
CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang"
if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
CC+=" --sysroot=${sysroot}"
CC+=" --target=$(uname -m)-apple-darwin"
fi
if [ '${{ matrix.build }}' = 'cmake' ]; then
[ '${{ matrix.config }}' = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON'
[ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON'
[ -n '${{ matrix.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.macos-version-min }}'
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
[ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON'
[ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON'
[ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}"
# would pick up nghttp2, libidn2, and libssh2
cmake -B bld -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
@ -475,16 +493,16 @@ jobs:
${options}
else
export CFLAGS
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then
if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
options+=" --target=$(uname -m)-apple-darwin"
fi
if [ '${{ matrix.compiler }}' != 'clang' ]; then
if [ "${MATRIX_COMPILER}" != 'clang' ]; then
options+=" --with-sysroot=${sysroot}"
CFLAGS+=" --sysroot=${sysroot}"
fi
[ '${{ matrix.config }}' = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)"
[ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' --with-secure-transport'
[ -n '${{ matrix.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.macos-version-min }}'
[ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)"
[ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' --with-secure-transport'
[ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}"
# would pick up nghttp2, libidn2, but libssh2 is disabled by default
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \
@ -505,7 +523,7 @@ jobs:
- name: 'build / ${{ matrix.build }}'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
else
make -C bld V=1

251
.github/workflows/non-native.yml vendored
View File

@ -52,7 +52,10 @@ jobs:
persist-credentials: false
- name: 'cmake'
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
MATRIX_ARCH: '${{ matrix.arch }}'
with:
environment_variables: MATRIX_ARCH
operating_system: 'netbsd'
version: '10.1'
architecture: ${{ matrix.arch }}
@ -60,6 +63,7 @@ jobs:
# https://pkgsrc.se/
time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket
time cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
@ -69,8 +73,9 @@ jobs:
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld
time cmake --install bld
bld/src/curl --disable --version
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU
if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps
export TFLAGS='-j8'
time cmake --build bld --target test-ci
@ -92,7 +97,10 @@ jobs:
persist-credentials: false
- name: 'cmake'
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
MATRIX_ARCH: '${{ matrix.arch }}'
with:
environment_variables: MATRIX_ARCH
operating_system: 'openbsd'
version: '7.7'
architecture: ${{ matrix.arch }}
@ -101,6 +109,7 @@ jobs:
# https://www.openbsd.org/faq/faq15.html
time sudo pkg_add cmake ninja brotli openldap-client-- libssh2 libidn2 libpsl nghttp2 py3-six py3-impacket
time cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
@ -109,8 +118,9 @@ jobs:
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld
time cmake --install bld
bld/src/curl --disable --version
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU
if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps
export TFLAGS='-j8'
time cmake --build bld --target test-ci
@ -135,84 +145,95 @@ jobs:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
persist-credentials: false
- name: 'autotools'
if: ${{ matrix.build == 'autotools' }}
- name: '${{ matrix.build }}'
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
CC: '${{ matrix.compiler }}'
MATRIX_ARCH: '${{ matrix.arch }}'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_DESC: '${{ matrix.desc }}'
MATRIX_OPTIONS: '${{ matrix.options }}'
with:
environment_variables: CC MATRIX_ARCH MATRIX_BUILD MATRIX_DESC MATRIX_OPTIONS
operating_system: 'freebsd'
version: '14.2'
architecture: ${{ matrix.arch }}
run: |
export MAKEFLAGS=-j3
export CURL_CI=github
# https://ports.freebsd.org/
time sudo pkg install -y autoconf automake libtool \
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
time autoreconf -fi
export CC='${{ matrix.compiler }}'
if [ '${{ matrix.arch }}' != 'x86_64' ]; then
options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU
fi
mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
--prefix="${HOME}"/install \
--with-openssl \
--with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \
--disable-dependency-tracking \
${options} \
${{ matrix.options }} \
|| { tail -n 1000 config.log; false; }
echo '::group::curl_config.h (raw)'; cat lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' lib/curl_config.h | sort || true; echo '::endgroup::'
time make install
src/curl --disable --version
desc='${{ matrix.desc }}'
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU
time make -C tests
if [ "${desc#*!runtests*}" = "${desc}" ]; then
time make test-ci V=1 TFLAGS='-j8'
fi
fi
if [ "${desc#*!examples*}" = "${desc}" ]; then
echo '::group::build examples'
time make examples
echo '::endgroup::'
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time sudo pkg install -y cmake-core ninja perl5 \
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
else
time sudo pkg install -y autoconf automake libtool \
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
export MAKEFLAGS=-j3
fi
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_C_COMPILER="${CC}" \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
-DCURL_USE_OPENSSL=ON \
-DCURL_USE_GSSAPI=ON \
${MATRIX_OPTIONS} \
|| { cat bld/CMakeFiles/CMake*.yaml; false; }
else
time autoreconf -fi
if [ "${MATRIX_ARCH}" != 'x86_64' ]; then
options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU
fi
mkdir bld && cd bld
time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
--prefix="$HOME"/curl-install \
--with-openssl \
--with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \
--disable-dependency-tracking \
${options} \
${MATRIX_OPTIONS} \
|| { tail -n 1000 config.log; false; }
cd ..
fi
- name: 'cmake'
if: ${{ matrix.build == 'cmake' }}
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
with:
operating_system: 'freebsd'
version: '14.1'
architecture: ${{ matrix.arch }}
run: |
# https://ports.freebsd.org/
time sudo pkg install -y cmake-core ninja perl5 \
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
time cmake -B bld -G Ninja \
-DCMAKE_C_COMPILER='${{ matrix.compiler }}' \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
-DCURL_USE_OPENSSL=ON \
-DCURL_USE_GSSAPI=ON \
${{ matrix.options }} \
|| { cat bld/CMakeFiles/CMake*.yaml; false; }
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld
time cmake --install bld
else
time make -C bld install
fi
bld/src/curl --disable --version
desc='${{ matrix.desc }}'
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps
if [ "${desc#*!runtests*}" = "${desc}" ]; then
if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld --target testdeps
else
time make -C bld -C tests
fi
if [ "${MATRIX_DESC#*!runtests*}" = "${MATRIX_DESC}" ]; then
export TFLAGS='-j8'
time cmake --build bld --target test-ci
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld --verbose --target test-ci
else
time make -C bld V=1 test-ci
fi
fi
fi
if [ "${desc#*!examples*}" = "${desc}" ]; then
if [ "${MATRIX_DESC#*!examples*}" = "${MATRIX_DESC}" ]; then
echo '::group::build examples'
time cmake --build bld --target curl-examples
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld --target curl-examples
else
time make -C bld examples
fi
echo '::endgroup::'
fi
@ -236,8 +257,9 @@ jobs:
export MAKEFLAGS=-j3
export CURL_CI=github
time autoreconf -fi
mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
--prefix="${HOME}"/install \
mkdir bld && cd bld
time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
--prefix="$HOME"/curl-install \
--with-openssl \
--disable-dependency-tracking \
|| { tail -n 1000 config.log; false; }
@ -259,24 +281,26 @@ jobs:
MAKEFLAGS: -j 4
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.build.compiler || 'clang' }}
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_OPTIONS: ${{ matrix.build.options }}
# renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com
libressl-version: 4.1.0
LIBRESSL_VERSION: 4.1.0
strategy:
fail-fast: false
matrix:
build:
- name: 'libressl'
install_steps: libressl
configure: --with-openssl="$HOME/libressl" --without-libpsl
configure: --with-openssl=/Users/runner/libressl --without-libpsl
- name: 'libressl'
install_steps: libressl
# FIXME: Could not make OPENSSL_ROOT_DIR work. CMake seems to prepend sysroot to it.
generate: >-
-DCMAKE_BUILD_TYPE=Release -DCMAKE_UNITY_BUILD_BATCH_SIZE=50
-DOPENSSL_INCLUDE_DIR="$HOME/libressl/include"
-DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a"
-DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a"
-DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include
-DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a
-DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a
-DCURL_USE_LIBPSL=OFF
- name: 'libressl'
@ -286,27 +310,27 @@ jobs:
generate: >-
-DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF
-DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl
-DOPENSSL_INCLUDE_DIR="$HOME/libressl/include"
-DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a"
-DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a"
-DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include
-DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a
-DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a
-DCURL_USE_LIBPSL=OFF
steps:
- name: 'brew install'
if: ${{ matrix.build.configure }}
run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
# shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions'
run: |
which "${CC}"; "${CC}" --version || true
command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true
xcodebuild -sdk -version | grep '^Path:' || true
xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true
xcrun --sdk iphoneos --show-sdk-version || true
echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- name: 'cache libressl'
if: contains(matrix.build.install_steps, 'libressl')
@ -316,18 +340,18 @@ jobs:
cache-name: cache-libressl
with:
path: ~/libressl
key: iOS-${{ env.cache-name }}-${{ env.libressl-version }}
key: iOS-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'build libressl'
if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true'
run: |
curl -LsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz | tar -x
cd libressl-${{ env.libressl-version }}
"https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -x
cd "libressl-${LIBRESSL_VERSION}"
# FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0'
cmake -B . -G Ninja \
-DHAVE_ENDIAN_H=0 \
-DCMAKE_INSTALL_PREFIX="$HOME/libressl" \
-DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \
-DCMAKE_SYSTEM_NAME=iOS \
-DCMAKE_SYSTEM_PROCESSOR=aarch64 \
-DBUILD_SHARED_LIBS=OFF \
@ -345,22 +369,26 @@ jobs:
run: autoreconf -fi
- name: 'configure'
env:
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_GENERATOR: '${{ matrix.build.generator }}'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
# https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-ios-tvos-visionos-or-watchos
[ -n '${{ matrix.build.generator }}' ] && options='-G ${{ matrix.build.generator }}'
[ -n "${MATRIX_GENERATOR}" ] && options="-G ${MATRIX_GENERATOR}"
cmake -B bld -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
-DCMAKE_SYSTEM_NAME=iOS \
-DUSE_APPLE_IDN=ON \
${{ matrix.build.generate }} ${options}
${MATRIX_GENERATE} ${options}
else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \
CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \
--host=aarch64-apple-darwin \
--with-apple-idn \
${{ matrix.build.configure }}
${MATRIX_CONFIGURE}
fi
- name: 'configure log'
@ -374,8 +402,8 @@ jobs:
- name: 'build'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --verbose
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --verbose
else
make -C bld V=1
fi
@ -385,16 +413,16 @@ jobs:
- name: 'build tests'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --target testdeps --verbose
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target testdeps --verbose
else
make -C bld V=1 -C tests
fi
- name: 'build examples'
run: |
if [ -n '${{ matrix.build.generate }}' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --target curl-examples --verbose
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target curl-examples --verbose
else
make -C bld examples V=1
fi
@ -405,6 +433,7 @@ jobs:
timeout-minutes: 25
env:
MAKEFLAGS: -j 5
MATRIX_BUILD: '${{ matrix.build }}'
strategy:
matrix:
include:
@ -431,23 +460,26 @@ jobs:
run: autoreconf -fi
- name: 'configure'
env:
MATRIX_OPTIONS: '${{ matrix.options }}'
MATRIX_PLATFORM: '${{ matrix.platform }}'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake
if [ "${MATRIX_BUILD}" = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake
cmake -B bld -G Ninja \
-DANDROID_ABI=arm64-v8a \
-DANDROID_PLATFORM='android-${{ matrix.platform }}' \
-DANDROID_PLATFORM="android-${MATRIX_PLATFORM}" \
-DCMAKE_TOOLCHAIN_FILE="${ANDROID_NDK_HOME}/build/cmake/android.toolchain.cmake" -DCMAKE_WARN_DEPRECATED=OFF \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
${{ matrix.options }}
${MATRIX_OPTIONS}
else
TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64"
mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
CC="$TOOLCHAIN/bin/aarch64-linux-android${{ matrix.platform }}-clang" \
CC="$TOOLCHAIN/bin/aarch64-linux-android${MATRIX_PLATFORM}-clang" \
AR="$TOOLCHAIN/bin/llvm-ar" \
RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \
--host=aarch64-linux-android${{ matrix.platform }} \
${{ matrix.options }}
--host="aarch64-linux-android${MATRIX_PLATFORM}" \
${MATRIX_OPTIONS}
fi
- name: 'configure log'
@ -461,7 +493,7 @@ jobs:
- name: 'build'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
else
make -C bld V=1
@ -472,7 +504,7 @@ jobs:
- name: 'build tests'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps
else
make -C bld -C tests
@ -480,7 +512,7 @@ jobs:
- name: 'build examples'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples
else
make -C bld examples
@ -492,7 +524,8 @@ jobs:
timeout-minutes: 5
env:
MAKEFLAGS: -j 5
toolchain-version: '3.4'
MATRIX_BUILD: '${{ matrix.build }}'
TOOLCHAIN_VERSION: '3.4'
strategy:
matrix:
build: [autotools, cmake]
@ -508,15 +541,15 @@ jobs:
id: cache-compiler
with:
path: ~/djgpp
key: ${{ runner.os }}-djgpp-${{ env.toolchain-version }}-amd64
key: ${{ runner.os }}-djgpp-${{ env.TOOLCHAIN_VERSION }}-amd64
- name: 'install compiler (djgpp)'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
run: |
cd "${HOME}" || exit 1
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \
--location 'https://github.com/andrewwutw/build-djgpp/releases/download/v${{ env.toolchain-version }}/djgpp-linux64-gcc1220.tar.bz2' | tar -xj
cd djgpp || exit 1
--location "https://github.com/andrewwutw/build-djgpp/releases/download/v${TOOLCHAIN_VERSION}/djgpp-linux64-gcc1220.tar.bz2" | tar -xj
cd djgpp
for f in wat3211b.zip zlb13b.zip ssl102ub.zip; do
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \
"https://www.delorie.com/pub/djgpp/current/v2tk/$f" --output bin.zip
@ -530,7 +563,7 @@ jobs:
- name: 'configure'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \
-DCMAKE_SYSTEM_NAME=DOS \
-DCMAKE_SYSTEM_PROCESSOR=x86 \
@ -570,7 +603,7 @@ jobs:
- name: 'build'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld
else
make -C bld
@ -582,7 +615,7 @@ jobs:
- name: 'build tests'
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps
else
make -C bld -C tests
@ -591,7 +624,7 @@ jobs:
- name: 'build examples'
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples
else
make -C bld examples

245
.github/workflows/windows.yml vendored
View File

@ -49,6 +49,7 @@ jobs:
env:
MAKEFLAGS: -j 5
SHELLOPTS: 'igncr'
MATRIX_BUILD: '${{ matrix.build }}'
strategy:
matrix:
include:
@ -88,19 +89,22 @@ jobs:
- name: 'configure'
timeout-minutes: 5
env:
MATRIX_CONFIG: '${{ matrix.config }}'
run: |
PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja -D_CURL_PREFILL=ON ${options} \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
${{ matrix.config }}
${MATRIX_CONFIG}
else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--prefix="${HOME}"/install \
--prefix="$HOME"/curl-install \
--with-libssh2 \
--disable-dependency-tracking \
${{ matrix.config }}
${MATRIX_CONFIG}
fi
- name: 'configure log'
@ -119,8 +123,9 @@ jobs:
timeout-minutes: 10
run: |
PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
cmake --install bld --verbose
else
make -C bld V=1 install
fi
@ -130,7 +135,7 @@ jobs:
run: |
PATH=/usr/bin
find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH"
fi
bld/src/curl.exe --disable --version
@ -140,8 +145,8 @@ jobs:
timeout-minutes: 15
run: |
PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld --target testdeps
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
fi
@ -149,15 +154,17 @@ jobs:
- name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 15
env:
TFLAGS: '${{ matrix.tflags }}'
run: |
PATH=/usr/bin
export TFLAGS='-j8 ${{ matrix.tflags }}'
TFLAGS="-j8 ${TFLAGS}"
if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
fi
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH"
cmake --build bld --target test-ci
cmake --build bld --verbose --target test-ci
else
make -C bld V=1 test-ci
fi
@ -167,8 +174,8 @@ jobs:
timeout-minutes: 5
run: |
PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld --target curl-examples
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples
else
make -C bld V=1 examples
fi
@ -182,6 +189,9 @@ jobs:
shell: msys2 {0}
env:
MAKEFLAGS: -j 5
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_SYS: '${{ matrix.sys }}'
MATRIX_TEST: '${{ matrix.test }}'
strategy:
matrix:
include:
@ -250,32 +260,39 @@ jobs:
- name: 'configure'
timeout-minutes: 5
env:
CFLAGS: '${{ matrix.cflags }}'
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_ENV: '${{ matrix.env }}'
MATRIX_TYPE: '${{ matrix.type }}'
run: |
if [ '${{ matrix.test }}' = 'uwp' ]; then
if [ "${MATRIX_TEST}" = 'uwp' ]; then
CPPFLAGS='-DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP'
if [[ '${{ matrix.env }}' != 'clang'* ]]; then
if [[ "${MATRIX_ENV}" != 'clang'* ]]; then
specs="$(realpath gcc-specs-uwp)"
gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp/' -e 's/-lmsvcrt/-lucrtapp/' > "${specs}"
CFLAGS="-specs=${specs}"
CFLAGS_CMAKE="-specs=$(cygpath -w "${specs}")"
fi
fi
if [ '${{ matrix.build }}' = 'cmake' ]; then
for _chkprefill in '' ${{ matrix.chkprefill }}; do
if [[ '${{ matrix.env }}' = 'clang'* ]]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
if [[ "${MATRIX_ENV}" = 'clang'* ]]; then
options='-DCMAKE_C_COMPILER=clang'
else
options='-DCMAKE_C_COMPILER=gcc'
fi
[ '${{ matrix.sys }}' = 'msys' ] && options+=' -D_CURL_PREFILL=ON'
[ '${{ matrix.test }}' = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0'
[ "${MATRIX_SYS}" = 'msys' ] && options+=' -D_CURL_PREFILL=ON'
[ "${MATRIX_TEST}" = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0'
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja ${options} \
-DCMAKE_C_FLAGS="${{ matrix.cflags }} ${CFLAGS_CMAKE} ${CPPFLAGS}" \
-DCMAKE_BUILD_TYPE='${{ matrix.type }}' \
-DCMAKE_INSTALL_PREFIX="${HOME}"/curl-install \
-DCMAKE_C_FLAGS="${CFLAGS_CMAKE} ${CPPFLAGS}" \
-DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
${{ matrix.config }}
${MATRIX_CONFIG}
done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -284,10 +301,10 @@ jobs:
else
export CFLAGS CPPFLAGS
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--prefix="${HOME}"/install \
--prefix="$HOME"/curl-install \
--with-libssh2 \
--disable-dependency-tracking \
${{ matrix.config }}
${MATRIX_CONFIG}
fi
- name: 'configure log'
@ -298,12 +315,14 @@ jobs:
run: |
echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
grep -F '#define' bld/lib/curl_config.h | sort || true
cat bld/cmake_install.cmake || true
- name: 'build'
timeout-minutes: 10
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
cmake --install bld --verbose
else
make -C bld V=1 install
fi
@ -311,7 +330,7 @@ jobs:
- name: 'curl version'
timeout-minutes: 1
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH"
else
PATH="$PWD/bld/lib/.libs:$PATH"
@ -319,7 +338,7 @@ jobs:
mv bld/src/.libs/curl.exe bld/src/curl.exe
fi
find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
if [ '${{ matrix.test }}' != 'uwp' ]; then # curl: error initializing curl library
if [ "${MATRIX_TEST}" != 'uwp' ]; then # curl: error initializing curl library
bld/src/curl.exe --disable --version
fi
@ -327,12 +346,12 @@ jobs:
if: ${{ matrix.tflags != 'skipall' }} # Save time by skipping this for autotools
timeout-minutes: 10
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld --target testdeps
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
fi
if [ '${{ matrix.build }}' != 'cmake' ]; then
if [ "${MATRIX_BUILD}" != 'cmake' ]; then
# avoid libtool's .exe wrappers
mv bld/tests/http/clients/.libs/*.exe bld/tests/http/clients
mv bld/tests/libtest/.libs/*.exe bld/tests/libtest
@ -360,11 +379,14 @@ jobs:
- name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10
env:
MATRIX_INSTALL: '${{ matrix.install }}'
TFLAGS: '${{ matrix.tflags }}'
run: |
export TFLAGS='-j8 ${{ matrix.tflags }}'
if [ '${{ matrix.sys }}' != 'msys' ]; then
TFLAGS="-j8 ${TFLAGS}"
if [ "${MATRIX_SYS}" != 'msys' ]; then
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [[ '${{ matrix.install }}' = *'libssh2-wincng'* ]]; then
if [[ "${MATRIX_INSTALL}" = *'libssh2-wincng'* ]]; then
TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804
fi
fi
@ -372,9 +394,9 @@ jobs:
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
fi
PATH="$PATH:/c/Program Files (x86)/stunnel/bin"
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH"
cmake --build bld --target test-ci
cmake --build bld --verbose --target test-ci
else
PATH="$PWD/bld/lib/.libs:$PATH"
make -C bld V=1 test-ci
@ -384,8 +406,8 @@ jobs:
if: ${{ matrix.build == 'cmake' || (matrix.tflags == 'skipall' || matrix.tflags == 'skiprun') }} # Save time by skipping this for autotools running tests
timeout-minutes: 5
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
cmake --build bld --target curl-examples
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples
else
make -C bld V=1 examples
fi
@ -399,6 +421,7 @@ jobs:
shell: msys2 {0}
env:
MAKEFLAGS: -j 5
MATRIX_DIR: '${{ matrix.dir }}'
strategy:
matrix:
include:
@ -457,11 +480,13 @@ jobs:
- name: 'install compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
timeout-minutes: 5
env:
MATRIX_URL: '${{ matrix.url }}'
run: |
cd /d || exit 1
cd /d
mkdir my-cache
cd my-cache || exit 1
curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https '${{ matrix.url }}'
cd my-cache
curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https "${MATRIX_URL}"
pwd
7z x -y pack.bin >/dev/null
rm -r -f pack.bin
@ -475,18 +500,22 @@ jobs:
- name: 'configure'
timeout-minutes: 5
env:
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_TYPE: '${{ matrix.type }}'
run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH"
for _chkprefill in '' ${{ matrix.chkprefill }}; do
PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options=''
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja ${options} \
-DCMAKE_C_COMPILER=gcc \
-DCMAKE_BUILD_TYPE='${{ matrix.type }}' \
-DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DUSE_LIBIDN2=OFF \
${{ matrix.config }}
${MATRIX_CONFIG}
done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -505,7 +534,7 @@ jobs:
- name: 'build'
timeout-minutes: 5
run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH"
PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld
- name: 'curl version'
@ -519,7 +548,7 @@ jobs:
if: ${{ matrix.tflags != 'skipall' }}
timeout-minutes: 10
run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH"
PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld --target testdeps
- name: 'install test prereqs'
@ -542,9 +571,11 @@ jobs:
- name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10
env:
TFLAGS: '${{ matrix.tflags }}'
run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH"
export TFLAGS='-j8 ${{ matrix.tflags }}'
PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
TFLAGS="-j8 ${TFLAGS}"
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
@ -555,7 +586,7 @@ jobs:
- name: 'build examples'
timeout-minutes: 5
run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH"
PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld --target curl-examples
linux-cross-mingw-w64:
@ -565,6 +596,8 @@ jobs:
env:
MAKEFLAGS: -j 5
TRIPLET: 'x86_64-w64-mingw32'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_COMPILER: '${{ matrix.compiler }}'
strategy:
fail-fast: false
matrix:
@ -575,11 +608,11 @@ jobs:
steps:
- name: 'install packages'
timeout-minutes: 5
# zizmor: ignore[template-injection]
env:
INSTALL_PACKAGES: ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }}
run: |
sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 \
${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }}
sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${INSTALL_PACKAGES}
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -591,8 +624,8 @@ jobs:
- name: 'configure'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ '${{ matrix.compiler }}' = 'clang-tidy' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
if [ "${MATRIX_COMPILER}" = 'clang-tidy' ]; then
options+=' -DCURL_CLANG_TIDY=ON'
options+=' -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON'
options+=' -DCMAKE_C_COMPILER=clang'
@ -627,7 +660,7 @@ jobs:
- name: 'build'
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld
else
make -C bld
@ -639,7 +672,7 @@ jobs:
- name: 'build tests'
if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }} # Save time by skipping this for autotools and clang-tidy
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps
else
make -C bld -C tests
@ -648,7 +681,7 @@ jobs:
- name: 'build examples'
if: ${{ matrix.compiler != 'clang-tidy' }} # Save time by skipping this for clang-tidy
run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples
else
make -C bld examples
@ -660,7 +693,8 @@ jobs:
timeout-minutes: 10
env:
MAKEFLAGS: -j 4
toolchain-version: '0.59.1'
TOOLCHAIN_VERSION: '0.59.1'
MATRIX_BUILD: '${{ matrix.build }}'
strategy:
matrix:
build: [autotools, cmake]
@ -670,23 +704,23 @@ jobs:
if: ${{ matrix.build == 'autotools' }}
timeout-minutes: 5
run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
# shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'cache compiler (mingw32ce)'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
id: cache-compiler
with:
path: ~/opt/mingw32ce
key: ${{ runner.os }}-mingw32ce-${{ env.toolchain-version }}-amd64
key: ${{ runner.os }}-mingw32ce-${{ env.TOOLCHAIN_VERSION }}-amd64
- name: 'install compiler (mingw32ce)'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
timeout-minutes: 5
run: |
cd "${HOME}" || exit 1
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 --retry-connrefused --proto-redir =https \
--location 'https://downloads.sourceforge.net/cegcc/cegcc/${{ env.toolchain-version }}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2' | tar -x
--location "https://downloads.sourceforge.net/cegcc/cegcc/${TOOLCHAIN_VERSION}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2" | tar -x
ls -l
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
@ -696,7 +730,7 @@ jobs:
- name: 'configure'
run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \
-DCMAKE_SYSTEM_NAME=WindowsCE \
-DCMAKE_SYSTEM_VERSION=8.0 \
@ -706,7 +740,7 @@ jobs:
-DCMAKE_C_COMPILER=arm-mingw32ce-gcc \
-DCMAKE_RC_COMPILER=arm-mingw32ce-windres \
-DMINGW32CE_LIBRARY_DIR="$HOME/opt/mingw32ce/arm-mingw32ce/lib" \
-DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \
-DCMAKE_IGNORE_PREFIX_PATH=/opt/homebrew \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCURL_TEST_BUNDLES=ON \
-DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=OFF \
-DCURL_WERROR=ON \
@ -733,7 +767,7 @@ jobs:
- name: 'build'
run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld
else
make -C bld
@ -747,7 +781,7 @@ jobs:
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps
else
make -C bld -C tests
@ -757,7 +791,7 @@ jobs:
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples
else
make -C bld examples
@ -771,7 +805,13 @@ jobs:
run:
shell: msys2 {0}
env:
openssh_windows-version: 'v9.8.1.0p1-Preview'
MATRIX_ARCH: '${{ matrix.arch }}'
MATRIX_IMAGE: '${{ matrix.image }}'
MATRIX_INSTALL: '${{ matrix.install }}'
MATRIX_OPENSSH: '${{ matrix.openssh }}'
MATRIX_PLAT: '${{ matrix.plat }}'
MATRIX_TYPE: '${{ matrix.type }}'
OPENSSH_WINDOWS_VERSION: 'v9.8.1.0p1-Preview'
VCPKG_DISABLE_METRICS: '1'
strategy:
matrix:
@ -831,7 +871,7 @@ jobs:
- name: 'vcpkg build'
timeout-minutes: 45
run: vcpkg x-set-installed ${{ matrix.install }} '--triplet=${{ matrix.arch }}-${{ matrix.plat }}'
run: vcpkg x-set-installed ${MATRIX_INSTALL} --triplet="${MATRIX_ARCH}-${MATRIX_PLAT}"
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
@ -839,24 +879,27 @@ jobs:
- name: 'configure'
timeout-minutes: 5
env:
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
run: |
for _chkprefill in '' ${{ matrix.chkprefill }}; do
for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options=''
if [ '${{ matrix.plat }}' = 'uwp' ]; then
if [ "${MATRIX_PLAT}" = 'uwp' ]; then
options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0'
cflags='-DWINAPI_FAMILY=WINAPI_FAMILY_PC_APP'
ldflags='-OPT:NOREF -OPT:NOICF -APPCONTAINER:NO'
vsglobals=';AppxPackage=false;WindowsAppContainer=false'
fi
[ '${{ matrix.arch }}' = 'arm64' ] && options+=' -A ARM64'
[ '${{ matrix.arch }}' = 'x64' ] && options+=' -A x64'
[ '${{ matrix.arch }}' = 'x86' ] && options+=' -A Win32'
[ "${MATRIX_ARCH}" = 'arm64' ] && options+=' -A ARM64'
[ "${MATRIX_ARCH}" = 'x64' ] && options+=' -A x64'
[ "${MATRIX_ARCH}" = 'x86' ] && options+=' -A Win32'
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" ${options} \
-DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \
-DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \
-DVCPKG_TARGET_TRIPLET='${{ matrix.arch }}-${{ matrix.plat }}' \
-DCMAKE_C_COMPILER_TARGET='${{ matrix.arch }}-${{ matrix.plat }}' \
-DVCPKG_TARGET_TRIPLET="${MATRIX_ARCH}-${MATRIX_PLAT}" \
-DCMAKE_C_COMPILER_TARGET="${MATRIX_ARCH}-${MATRIX_PLAT}" \
-DCMAKE_C_FLAGS="${cflags}" \
-DCMAKE_EXE_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \
-DCMAKE_SHARED_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \
@ -864,7 +907,7 @@ jobs:
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DBUILD_SHARED_LIBS=OFF \
${{ matrix.config }}
${MATRIX_CONFIG}
done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -882,43 +925,43 @@ jobs:
- name: 'build'
timeout-minutes: 5
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5
run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5
- name: 'curl version'
timeout-minutes: 1
run: |
PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \;
if [ '${{ matrix.plat }}' != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll
PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH"
'bld/src/${{ matrix.type }}/curl.exe' --disable --version
if [ "${MATRIX_PLAT}" != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll
PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH"
"bld/src/${MATRIX_TYPE}/curl.exe" --disable --version
fi
- name: 'build tests'
if: ${{ matrix.tflags != 'skipall' }}
timeout-minutes: 10
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target testdeps
run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target testdeps
- name: 'install test prereqs'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 5
run: |
if [ '${{ matrix.openssh }}' = '' ]; then # MSYS2 openssh
if [ -z "${MATRIX_OPENSSH}" ]; then # MSYS2 openssh
/usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh
elif [ '${{ matrix.openssh }}' = 'OpenSSH-Windows-builtin' ]; then
elif [ "${MATRIX_OPENSSH}" = 'OpenSSH-Windows-builtin' ]; then
# https://learn.microsoft.com/windows-server/administration/openssh/openssh_install_firstuse
if [ '${{ matrix.image }}' != 'windows-2025' ]; then
if [ "${MATRIX_IMAGE}" != 'windows-2025' ]; then
pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0'
pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0'
fi
else # OpenSSH-Windows
cd /c || exit 1 # no D: drive on windows-11-arm runners
cd /c # no D: drive on windows-11-arm runners
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \
--location 'https://github.com/PowerShell/Win32-OpenSSH/releases/download/${{ env.openssh_windows-version }}/OpenSSH-Win64.zip' --output bin.zip
--location "https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_WINDOWS_VERSION}/OpenSSH-Win64.zip" --output bin.zip
unzip bin.zip
rm -f bin.zip
fi
/c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true
if [ '${{ matrix.image }}' != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step
if [ "${MATRIX_IMAGE}" != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step
python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket
fi
@ -935,26 +978,28 @@ jobs:
- name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10
env:
TFLAGS: '${{ matrix.tflags }}'
run: |
export CURL_DIRSUFFIX='${{ matrix.type }}'
export TFLAGS='-j8 ${{ matrix.tflags }}'
export CURL_DIRSUFFIX="${MATRIX_TYPE}"
TFLAGS="-j8 ${TFLAGS}"
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [[ '${{ matrix.install }}' = *'libssh2[core,zlib]'* ]]; then
if [[ "${MATRIX_INSTALL}" = *'libssh2[core,zlib]'* ]]; then
TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804
fi
if [ -n '${{ matrix.openssh }}' ]; then # OpenSSH-Windows
if [ -n "${MATRIX_OPENSSH}" ]; then # OpenSSH-Windows
TFLAGS+=' ~601 ~603 ~617 ~619 ~621 ~641 ~665 ~2004' # SCP
if [[ '${{ matrix.install }}' = *'libssh '* ]]; then
if [[ "${MATRIX_INSTALL}" = *'libssh '* ]]; then
TFLAGS+=' ~614' # 'SFTP pre-quote chmod' SFTP, pre-quote, directory
else
TFLAGS+=' ~3022' # 'SCP correct sha256 host key' SCP, server sha256 key check
fi
PATH="/c/OpenSSH-Win64:$PATH"
fi
PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH:/c/Program Files (x86)/stunnel/bin"
cmake --build bld --config '${{ matrix.type }}' --target test-ci
PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH:/c/Program Files (x86)/stunnel/bin"
cmake --build bld --config "${MATRIX_TYPE}" --target test-ci
- name: 'build examples'
timeout-minutes: 5
if: ${{ contains(matrix.name, '+examples') }}
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target curl-examples
run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target curl-examples