diff --git a/.circleci/config.yml b/.circleci/config.yml index 100dc9c0ba..a79abf1c8f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -52,11 +52,11 @@ commands: - run: command: | # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - WOLFSSL_VER=5.8.0 - echo "Installing wolfSSL $WOLFSSL_VER" - curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VER-stable.tar.gz - tar -xzf v$WOLFSSL_VER-stable.tar.gz - cd wolfssl-$WOLFSSL_VER-stable + WOLFSSL_VERSION=5.8.0 + echo "Installing wolfSSL $WOLFSSL_VERSION" + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VERSION-stable.tar.gz + tar -xzf v$WOLFSSL_VERSION-stable.tar.gz + cd wolfssl-$WOLFSSL_VERSION-stable ./autogen.sh ./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl make install @@ -66,11 +66,11 @@ commands: - run: command: | # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - WOLFSSH_VER=1.4.19 - echo "Installing wolfSSH $WOLFSSH_VER" - curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VER-stable.tar.gz - tar -xzf v$WOLFSSH_VER-stable.tar.gz - cd wolfssh-$WOLFSSH_VER-stable + WOLFSSH_VERSION=1.4.19 + echo "Installing wolfSSH $WOLFSSH_VERSION" + curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VERSION-stable.tar.gz + tar -xzf v$WOLFSSH_VERSION-stable.tar.gz + cd wolfssh-$WOLFSSH_VERSION-stable ./autogen.sh ./configure --disable-dependency-tracking --with-wolfssl=$HOME/wssl --prefix=$HOME/wssh --enable-scp --enable-sftp --disable-term --disable-examples make install diff --git a/.github/scripts/shellcheck-ci.sh b/.github/scripts/shellcheck-ci.sh new file mode 100755 index 0000000000..87e03b9d12 --- /dev/null +++ b/.github/scripts/shellcheck-ci.sh @@ -0,0 +1,30 @@ +#!/bin/sh +# Copyright (C) Viktor Szakats +# +# SPDX-License-Identifier: curl + +# Required: yq + +set -eu + +export SHELLCHECK_OPTS='--exclude=1090,1091,2086,2153 --enable=avoid-nullary-conditions,deprecate-which' + +# GHA +git ls-files '.github/workflows/*.yml' | while read -r f; do + echo "Verifying ${f}..." + { + echo '#!/usr/bin/env bash' + echo 'set -eu' + yq eval '.. | select(has("run") and (.run | type == "!!str")) | .run + "\ntrue\n"' "${f}" + } | sed -E 's|\$\{\{ .+ \}\}|GHA_EXPRESSION|g' | shellcheck - +done + +# Circle CI +git ls-files '.circleci/*.yml' | while read -r f; do + echo "Verifying ${f}..." + { + echo '#!/usr/bin/env bash' + echo 'set -eu' + yq eval '.. | select(has("command") and (.command | type == "!!str")) | .command + "\ntrue\n"' "${f}" + } | shellcheck - +done diff --git a/.github/scripts/shellcheck.sh b/.github/scripts/shellcheck.sh index b4a07c58c3..66590ec6c7 100755 --- a/.github/scripts/shellcheck.sh +++ b/.github/scripts/shellcheck.sh @@ -3,7 +3,6 @@ # # SPDX-License-Identifier: curl -shellcheck --version # shellcheck disable=SC2046 shellcheck --exclude=1091 \ --enable=avoid-nullary-conditions,deprecate-which \ diff --git a/.github/workflows/checkdocs.yml b/.github/workflows/checkdocs.yml index b97475e72c..39d5475768 100644 --- a/.github/workflows/checkdocs.yml +++ b/.github/workflows/checkdocs.yml @@ -53,7 +53,7 @@ jobs: # # config file help: https://github.com/amperser/proselint/ # - name: create proselint config # run: | - # cat < $HOME/.proselintrc.json + # cat < ~/.proselintrc.json # { # "checks": { # "typography.diacritical_marks": false, @@ -74,7 +74,7 @@ jobs: # # This is for CHECKSRC and files with aggressive exclamation mark needs # - name: create second proselint config # run: | - # cat < $HOME/.proselintrc.json + # cat < ~/.proselintrc.json # { # "checks": { # "typography.diacritical_marks": false, @@ -109,10 +109,12 @@ jobs: name: checkout - name: trim all *.md files in docs/ - run: .github/scripts/cleancmd.pl $(find docs -name "*.md") + run: | + # shellcheck disable=SC2046 + .github/scripts/cleancmd.pl $(find docs -name '*.md') - name: setup the custom wordlist - run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt + run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt - name: Check Spelling uses: rojopolis/spellcheck-github-actions@584b2ae95998967a53af7fbfb7f5b15352c38748 # v0 @@ -128,7 +130,9 @@ jobs: name: checkout - name: badwords - run: .github/scripts/badwords.pl < .github/scripts/badwords.txt `git ls-files '**.md'` docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 + run: | + # shellcheck disable=SC2046 + .github/scripts/badwords.pl < .github/scripts/badwords.txt $(git ls-files '**.md') docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 - name: verify-synopsis run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md diff --git a/.github/workflows/checksrc.yml b/.github/workflows/checksrc.yml index ae11a8bdda..6b01e9faa4 100644 --- a/.github/workflows/checksrc.yml +++ b/.github/workflows/checksrc.yml @@ -124,7 +124,9 @@ jobs: name: checkout - name: shellcheck - run: .github/scripts/shellcheck.sh + run: | + shellcheck --version + .github/scripts/shellcheck.sh - name: spacecheck run: .github/scripts/spacecheck.pl @@ -135,11 +137,12 @@ jobs: # we allow some extra in source code - name: badwords run: | + # shellcheck disable=SC2046 grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \ .github/scripts/badwords.pl $(git ls-files -- src lib include) - ghacheck: - name: GHA analysis + cicheck: + name: CI analysis runs-on: macos-latest timeout-minutes: 1 steps: @@ -148,7 +151,13 @@ jobs: persist-credentials: false name: checkout - - name: zizmor + - name: install prereqs + run: brew install shellcheck yq zizmor + + - name: zizmor GHA + run: zizmor --pedantic .github/workflows/*.yml + + - name: shellcheck run: | - brew install zizmor - zizmor --pedantic .github/workflows/*.yml + shellcheck --version + .github/scripts/shellcheck-ci.sh diff --git a/.github/workflows/configure-vs-cmake.yml b/.github/workflows/configure-vs-cmake.yml index 6f731c66e3..f4a518ccf6 100644 --- a/.github/workflows/configure-vs-cmake.yml +++ b/.github/workflows/configure-vs-cmake.yml @@ -59,8 +59,8 @@ jobs: - name: 'dump generated files' run: | for f in libcurl.pc curl-config; do - echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' - echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' + echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::' + echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::' done - name: 'compare generated curl_config.h files' @@ -77,11 +77,12 @@ jobs: steps: - name: 'install packages' run: | - while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew install libtool autoconf automake && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + # shellcheck disable=SC2181,SC2034 + while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'toolchain versions' run: | - echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -109,8 +110,8 @@ jobs: - name: 'dump generated files' run: | for f in libcurl.pc curl-config; do - echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' - echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' + echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::' + echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::' done - name: 'compare generated curl_config.h files' @@ -158,8 +159,8 @@ jobs: - name: 'dump generated files' run: | for f in libcurl.pc curl-config; do - echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' - echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' + echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::' + echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::' done - name: 'compare generated curl_config.h files' diff --git a/.github/workflows/curl-for-win.yml b/.github/workflows/curl-for-win.yml index b141fdfac6..c3d27a118e 100644 --- a/.github/workflows/curl-for-win.yml +++ b/.github/workflows/curl-for-win.yml @@ -56,7 +56,7 @@ jobs: git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . export CW_CONFIG='-main-werror-linux-a64-x64-gcc' - export CW_REVISION='${{ github.sha }}' + export CW_REVISION="${GITHUB_SHA}" DOCKER_IMAGE='debian:bookworm-slim' export CW_CCSUFFIX='-15' export CW_GCCSUFFIX='-12' @@ -84,7 +84,7 @@ jobs: git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . export CW_CONFIG='-main-werror-linux-musl-r64-x64' - export CW_REVISION='${{ github.sha }}' + export CW_REVISION="${GITHUB_SHA}" . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library @@ -112,7 +112,7 @@ jobs: git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . export CW_CONFIG='-main-werror-mac-x64' - export CW_REVISION='${{ github.sha }}' + export CW_REVISION="${GITHUB_SHA}" sh -c ./_ci-mac-homebrew.sh win-llvm: @@ -128,7 +128,7 @@ jobs: git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . export CW_CONFIG='-main-werror-win-x64' - export CW_REVISION='${{ github.sha }}' + export CW_REVISION="${GITHUB_SHA}" . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library @@ -153,7 +153,7 @@ jobs: git clone --depth 1 https://github.com/curl/curl-for-win mv curl-for-win/* . export CW_CONFIG='-main-werror-win-x86-gcc-libssh1-zlibng' - export CW_REVISION='${{ github.sha }}' + export CW_REVISION="${GITHUB_SHA}" . ./_versions.sh sudo podman image trust set --type reject default sudo podman image trust set --type accept docker.io/library diff --git a/.github/workflows/distcheck.yml b/.github/workflows/distcheck.yml index c851de0cd3..0ae92090c6 100644 --- a/.github/workflows/distcheck.yml +++ b/.github/workflows/distcheck.yml @@ -57,13 +57,13 @@ jobs: echo "::stop-commands::$(uuidgen)" tar xvf curl-99.98.97.tar.gz pushd curl-99.98.97 - ./configure --prefix=$HOME/temp --without-ssl --without-libpsl + ./configure --prefix="$HOME"/temp --without-ssl --without-libpsl make make test-ci make install popd # basic check of the installed files - bash scripts/installcheck.sh $HOME/temp + bash scripts/installcheck.sh "$HOME"/temp rm -rf curl-99.98.97 verify-out-of-tree-docs: @@ -105,7 +105,7 @@ jobs: pushd curl-99.98.97 mkdir build pushd build - ../configure --without-ssl --enable-debug "--prefix=${PWD}/pkg" --without-libpsl + ../configure --without-ssl --enable-debug --prefix="$PWD"/curl-install --without-libpsl make make test-ci make install @@ -174,8 +174,9 @@ jobs: shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }} env: CC: ${{ !contains(matrix.image, 'windows') && 'clang' || '' }} + MATRIX_IMAGE: '${{ matrix.image }}' TESTOPTS: ${{ contains(matrix.image, 'macos') && '-D_CURL_PREFILL=ON' || '' }} ${{ contains(matrix.image, 'windows') && '-DCMAKE_UNITY_BUILD_BATCH_SIZE=30' || '' }} - old-cmake-version: 3.11.4 + OLD_CMAKE_VERSION: 3.11.4 strategy: fail-fast: false matrix: @@ -194,26 +195,26 @@ jobs: - name: 'install prereqs' run: | - if [[ '${{ matrix.image }}' = *'windows'* ]]; then - cd "${HOME}" || exit 1 + if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then + cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ - --location 'https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-win64-x64.zip' --output bin.zip + --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-win64-x64.zip" --output bin.zip unzip -q bin.zip rm -f bin.zip - printf '%s' "${HOME}/cmake-${{ env.old-cmake-version }}-win64-x64/bin/cmake.exe" > "${HOME}/old-cmake-path.txt" - elif [[ '${{ matrix.image }}' = *'ubuntu'* ]]; then + printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-win64-x64/bin/cmake.exe > ~/old-cmake-path.txt + elif [[ "${MATRIX_IMAGE}" = *'ubuntu'* ]]; then sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libssl-dev - cd "${HOME}" || exit 1 + cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ - --location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Linux-x86_64.tar.gz | tar -xzf - - printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Linux-x86_64/bin/cmake" > "${HOME}/old-cmake-path.txt" + --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Linux-x86_64.tar.gz" | tar -xz + printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Linux-x86_64/bin/cmake > ~/old-cmake-path.txt else brew install libpsl openssl - cd "${HOME}" || exit 1 + cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ - --location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Darwin-x86_64.tar.gz | tar -xzf - - printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Darwin-x86_64/CMake.app/Contents/bin/cmake" > "${HOME}/old-cmake-path.txt" + --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Darwin-x86_64.tar.gz" | tar -xz + printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Darwin-x86_64/CMake.app/Contents/bin/cmake > ~/old-cmake-path.txt fi - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 @@ -229,26 +230,26 @@ jobs: - name: 'via add_subdirectory OpenSSL (old cmake)' run: | - export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")" - if [[ '${{ matrix.image }}' = *'macos'* ]]; then + export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)" + if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then export CFLAGS='-arch arm64' export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake fi - if [[ '${{ matrix.image }}' = *'windows'* ]]; then + if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then export TEST_CMAKE_GENERATOR='MSYS Makefiles' export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64' fi - ./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options} + ./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON - name: 'via find_package OpenSSL (old cmake)' run: | - export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")" - if [[ '${{ matrix.image }}' = *'macos'* ]]; then + export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)" + if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then export CFLAGS='-arch arm64' export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake fi - if [[ '${{ matrix.image }}' = *'windows'* ]]; then + if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then export TEST_CMAKE_GENERATOR='MSYS Makefiles' export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64' fi - ./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options} + ./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON diff --git a/.github/workflows/hacktoberfest-accepted.yml b/.github/workflows/hacktoberfest-accepted.yml index 6b07f0be02..e01338b222 100644 --- a/.github/workflows/hacktoberfest-accepted.yml +++ b/.github/workflows/hacktoberfest-accepted.yml @@ -40,8 +40,11 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Search relevant commit message lines starting with Closes/Merges + env: + GITHUB_EVENT_BEFORE: '${{ github.event.before }}' + GITHUB_EVENT_AFTER: '${{ github.event.after }}' run: | - git log --format=email '${{ github.event.before }}..${{ github.event.after }}' | \ + git log --format=email "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}" | \ grep -Ei '^Close[sd]? ' | sort | uniq | tee log if: steps.check.outputs.label == 'hacktoberfest' diff --git a/.github/workflows/http3-linux.yml b/.github/workflows/http3-linux.yml index b971c1bae9..3950579d60 100644 --- a/.github/workflows/http3-linux.yml +++ b/.github/workflows/http3-linux.yml @@ -40,21 +40,21 @@ env: MAKEFLAGS: -j 5 CURL_CI: github # handled in renovate.json - openssl-version: 3.5.0 + OPENSSL_VERSION: 3.5.0 # handled in renovate.json - quictls-version: 3.3.0 + QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com - gnutls-version: 3.8.9 + GNUTLS_VERSION: 3.8.9 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - wolfssl-version: 5.8.0 + WOLFSSL_VERSION: 5.8.0 # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com - nghttp3-version: 1.10.1 + NGHTTP3_VERSION: 1.10.1 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com - ngtcp2-version: 1.13.0 + NGTCP2_VERSION: 1.13.0 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com - nghttp2-version: 1.65.0 + NGHTTP2_VERSION: 1.65.0 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com - quiche-version: 0.23.5 + QUICHE_VERSION: 0.23.5 jobs: build-cache: @@ -68,7 +68,7 @@ jobs: cache-name: cache-openssl-http3 with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'cache quictls' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -77,7 +77,7 @@ jobs: cache-name: cache-quictls-no-deprecated with: path: ~/quictls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - name: 'cache gnutls' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -86,7 +86,7 @@ jobs: cache-name: cache-gnutls with: path: ~/gnutls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }} - name: 'cache wolfssl' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -95,7 +95,7 @@ jobs: cache-name: cache-wolfssl with: path: ~/wolfssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'cache nghttp3' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -104,7 +104,7 @@ jobs: cache-name: cache-nghttp3 with: path: ~/nghttp3/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }} - name: 'cache ngtcp2' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -113,7 +113,7 @@ jobs: cache-name: cache-ngtcp2 with: path: ~/ngtcp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'cache nghttp2' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 @@ -122,7 +122,7 @@ jobs: cache-name: cache-nghttp2 with: path: ~/nghttp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} - id: settings if: | @@ -149,37 +149,37 @@ jobs: libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ texinfo texlive texlive-extra-utils autopoint libev-dev \ apache2 apache2-dev libnghttp2-dev - echo 'CC=gcc-12' >> $GITHUB_ENV - echo 'CXX=g++-12' >> $GITHUB_ENV + echo 'CC=gcc-12' >> "$GITHUB_ENV" + echo 'CXX=g++-12' >> "$GITHUB_ENV" - name: 'build openssl' if: steps.cache-openssl-http3.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl + cd ~ + git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl cd openssl - ./config --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests + ./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests make make -j1 install_sw - name: 'build quictls' if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls + cd ~ + git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl quictls cd quictls - ./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests + ./config no-deprecated --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests make make -j1 install_sw - name: 'build gnutls' if: steps.cache-gnutls.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git + cd ~ + git clone --quiet --depth=1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls.git cd gnutls ./bootstrap - ./configure --disable-dependency-tracking --prefix=$PWD/build \ + ./configure --disable-dependency-tracking --prefix="$PWD"/build \ LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ --with-included-libtasn1 --with-included-unistring \ --disable-guile --disable-doc --disable-tests --disable-tools @@ -189,26 +189,24 @@ jobs: - name: 'build wolfssl' if: steps.cache-wolfssl.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git + cd ~ + git clone --quiet --depth=1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl.git cd wolfssl ./autogen.sh ./configure --disable-dependency-tracking --enable-all --enable-quic \ - --disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build + --disable-benchmark --disable-crypttests --disable-examples --prefix="$PWD"/build make make install - name: 'build nghttp3' if: steps.cache-nghttp3.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 + cd ~ + git clone --quiet --depth=1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3 cd nghttp3 git submodule update --init --depth=1 autoreconf -fi - ./configure --disable-dependency-tracking --prefix=$PWD/build \ - PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \ - --enable-lib-only + ./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only make make install @@ -216,30 +214,30 @@ jobs: if: steps.cache-ngtcp2.outputs.cache-hit != 'true' # building twice to get crypto libs for ossl and quictls installed run: | - cd $HOME - git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 + cd ~ + git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 cd ngtcp2 autoreconf -fi - ./configure --disable-dependency-tracking --prefix=$PWD/build \ - PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig" --enable-lib-only --with-quictls + ./configure --disable-dependency-tracking --prefix="$PWD"/build \ + PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig --enable-lib-only --with-quictls make install make clean - ./configure --disable-dependency-tracking --prefix=$PWD/build \ - PKG_CONFIG_PATH="$HOME/openssl/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig" \ + ./configure --disable-dependency-tracking --prefix="$PWD"/build \ + PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \ --enable-lib-only --with-openssl --with-gnutls --with-wolfssl make install - name: 'build nghttp2' if: steps.cache-nghttp2.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 + cd ~ + git clone --quiet --depth=1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2 cd nghttp2 git submodule update --init --depth=1 autoreconf -fi - ./configure --disable-dependency-tracking --prefix=$PWD/build \ - PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ - LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ + ./configure --disable-dependency-tracking --prefix="$PWD"/build \ + PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \ + LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib \ --enable-http3 make install @@ -249,83 +247,85 @@ jobs: - build-cache runs-on: 'ubuntu-latest' timeout-minutes: 45 + env: + MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} strategy: fail-fast: false matrix: build: - name: openssl - PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- - LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib" - --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" - --with-openssl=$HOME/openssl/build --enable-ssls-export + LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib + --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx + --with-openssl=/home/runner/openssl/build --enable-ssls-export --with-libuv - name: quictls - PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- - LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" - --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" - --with-openssl=$HOME/quictls/build --enable-ssls-export + LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib + --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx + --with-openssl=/home/runner/quictls/build --enable-ssls-export --with-libuv - name: gnutls - PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- - LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" - --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" - --with-gnutls=$HOME/gnutls/build --enable-ssls-export + LDFLAGS=-Wl,-rpath,/home/runner/gnutls/build/lib + --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx + --with-gnutls=/home/runner/gnutls/build --enable-ssls-export --with-libuv - name: wolfssl - PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig configure: >- - LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" - --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" - --with-wolfssl=$HOME/wolfssl/build + LDFLAGS=-Wl,-rpath,/home/runner/wolfssl/build/lib + --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx + --with-wolfssl=/home/runner/wolfssl/build --enable-ech --enable-ssls-export --with-libuv - name: wolfssl - PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig generate: >- -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON - -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" - -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx + -DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx -DUSE_ECH=ON -DCURL_USE_LIBUV=ON - name: openssl-quic - PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig' + PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig configure: >- - LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib" + LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib --enable-warnings --enable-werror --enable-debug --disable-ntlm - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" - --with-openssl=$HOME/openssl/build --with-openssl-quic - --with-nghttp3=$HOME/nghttp3/build + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx + --with-openssl=/home/runner/openssl/build --with-openssl-quic + --with-nghttp3=/home/runner/nghttp3/build --with-libuv - name: quiche configure: >- - LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release" - --with-openssl=$HOME/quiche/quiche/deps/boringssl/src + LDFLAGS=-Wl,-rpath,/home/runner/quiche/target/release + --with-openssl=/home/runner/quiche/quiche/deps/boringssl/src --enable-warnings --enable-werror --enable-debug - --with-quiche=$HOME/quiche/target/release - --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" + --with-quiche=/home/runner/quiche/target/release + --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx --with-ca-fallback --with-libuv - name: quiche - PKG_CONFIG_PATH: '$HOME/quiche/target/release' + PKG_CONFIG_PATH: /home/runner/quiche/target/release generate: >- - -DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON + -DOPENSSL_ROOT_DIR=/home/runner/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON -DUSE_QUICHE=ON - -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" - -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" + -DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx + -DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx -DCURL_CA_FALLBACK=ON -DCURL_USE_LIBUV=ON @@ -342,9 +342,9 @@ jobs: libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \ apache2 apache2-dev libnghttp2-dev vsftpd - python3 -m venv $HOME/venv - echo 'CC=gcc-12' >> $GITHUB_ENV - echo 'CXX=g++-12' >> $GITHUB_ENV + python3 -m venv ~/venv + echo 'CC=gcc-12' >> "$GITHUB_ENV" + echo 'CXX=g++-12' >> "$GITHUB_ENV" - name: 'cache openssl' if: matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' @@ -354,7 +354,7 @@ jobs: cache-name: cache-openssl-http3 with: path: ~/openssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} fail-on-cache-miss: true - name: 'cache quictls' @@ -364,7 +364,7 @@ jobs: cache-name: cache-quictls-no-deprecated with: path: ~/quictls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 fail-on-cache-miss: true - name: 'cache gnutls' @@ -375,7 +375,7 @@ jobs: cache-name: cache-gnutls with: path: ~/gnutls/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }} fail-on-cache-miss: true - name: 'cache wolfssl' @@ -386,7 +386,7 @@ jobs: cache-name: cache-wolfssl with: path: ~/wolfssl/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} fail-on-cache-miss: true - name: 'cache nghttp3' @@ -396,7 +396,7 @@ jobs: cache-name: cache-nghttp3 with: path: ~/nghttp3/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }} fail-on-cache-miss: true - name: 'cache ngtcp2' @@ -406,7 +406,7 @@ jobs: cache-name: cache-ngtcp2 with: path: ~/ngtcp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }} fail-on-cache-miss: true - name: 'cache nghttp2' @@ -416,7 +416,7 @@ jobs: cache-name: cache-nghttp2 with: path: ~/nghttp2/build - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }} fail-on-cache-miss: true - name: 'cache quiche' @@ -427,13 +427,13 @@ jobs: cache-name: cache-quiche with: path: ~/quiche - key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }} + key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICHE_VERSION }} - name: 'build quiche and boringssl' if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' run: | - cd $HOME - git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git + cd ~ + git clone --quiet --depth=1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche.git cd quiche #### Work-around https://github.com/curl/curl/issues/7927 ####### #### See https://github.com/alexcrichton/cmake-rs/issues/131 #### @@ -442,12 +442,13 @@ jobs: cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose ln -s libquiche.so target/release/libquiche.so.0 mkdir -v quiche/deps/boringssl/src/lib + # shellcheck disable=SC2046 ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ # include dir - # $HOME/quiche/quiche/deps/boringssl/src/include + # /home/runner/quiche/quiche/deps/boringssl/src/include # lib dir - # $HOME/quiche/quiche/deps/boringssl/src/lib + # /home/runner/quiche/quiche/deps/boringssl/src/lib - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -458,19 +459,21 @@ jobs: run: autoreconf -fi - name: 'configure' + env: + MATRIX_CONFIGURE: '${{ matrix.build.configure }}' + MATRIX_GENERATE: '${{ matrix.build.generate }}' + MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}' run: | - if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then - export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" - fi - if [ -n '${{ matrix.build.generate }}' ]; then + [ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}" + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake -B bld -G Ninja \ - -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ + -DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ - ${{ matrix.build.generate }} + ${MATRIX_GENERATE} else mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --disable-dependency-tracking \ - ${{ matrix.build.configure }} + ${MATRIX_CONFIGURE} fi - name: 'configure log' @@ -487,7 +490,7 @@ jobs: - name: 'build' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose else make -C bld V=1 @@ -498,7 +501,7 @@ jobs: - name: 'build tests' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target testdeps else make -C bld V=1 -C tests @@ -506,15 +509,15 @@ jobs: - name: 'install test prereqs' run: | - source $HOME/venv/bin/activate + source ~/venv/bin/activate python3 -m pip install -r tests/requirements.txt - name: 'run tests' env: TFLAGS: '${{ matrix.build.tflags }}' run: | - source $HOME/venv/bin/activate - if [ -n '${{ matrix.build.generate }}' ]; then + source ~/venv/bin/activate + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target test-ci else make -C bld V=1 test-ci @@ -522,7 +525,7 @@ jobs: - name: 'install pytest prereqs' run: | - source $HOME/venv/bin/activate + source ~/venv/bin/activate python3 -m pip install -r tests/http/requirements.txt - name: 'run pytest event based' @@ -531,8 +534,8 @@ jobs: PYTEST_ADDOPTS: '--color=yes' PYTEST_XDIST_AUTO_NUM_WORKERS: 4 run: | - source $HOME/venv/bin/activate - if [ -n '${{ matrix.build.generate }}' ]; then + source ~/venv/bin/activate + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-pytest-ci else make -C bld V=1 pytest-ci @@ -540,7 +543,7 @@ jobs: - name: 'build examples' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-examples else make -C bld V=1 examples diff --git a/.github/workflows/linux-old.yml b/.github/workflows/linux-old.yml index 6d7c6a8b39..bc33b4a0d4 100644 --- a/.github/workflows/linux-old.yml +++ b/.github/workflows/linux-old.yml @@ -130,7 +130,7 @@ jobs: cd bld-am ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --with-openssl --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \ - --prefix="$PWD"/../install-am + --prefix="$PWD"/../curl-install-am - name: 'autoconf curl_config.h' run: | diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml index 34460ba163..be94941bfa 100644 --- a/.github/workflows/linux.yml +++ b/.github/workflows/linux.yml @@ -40,25 +40,25 @@ env: CURL_CI: github CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' # unhandled - bearssl-version: 0.6 + BEARSSL_VERSION: 0.6 # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com - libressl-version: 4.1.0 + LIBRESSL_VERSION: 4.1.0 # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - wolfssl-version: 5.8.0 + WOLFSSL_VERSION: 5.8.0 # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?.+)-stable$ registryUrl=https://github.com - wolfssh-version: 1.4.19 + WOLFSSH_VERSION: 1.4.19 # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com - mbedtls-version: 3.6.3 + MBEDTLS_VERSION: 3.6.3 # renovate: datasource=github-tags depName=nibanks/msh3 versioning=semver registryUrl=https://github.com - msh3-version: 0.6.0 + MSH3_VERSION: 0.6.0 # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com - awslc-version: 1.52.0 + AWSLC_VERSION: 1.52.0 # handled in renovate.json - openssl-version: 3.5.0 + OPENSSL_VERSION: 3.5.0 # handled in renovate.json - quictls-version: 3.3.0 + QUICTLS_VERSION: 3.3.0 # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com - rustls-version: 0.15.0 + RUSTLS_VERSION: 0.15.0 jobs: linux: @@ -66,6 +66,11 @@ jobs: runs-on: ${{ matrix.build.image || 'ubuntu-latest' }} container: ${{ matrix.build.container }} timeout-minutes: 45 + env: + MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} + MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}' + MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}' + MATRIX_MAKE_PREFIX: '${{ matrix.build.make-prefix }}' strategy: fail-fast: false matrix: @@ -73,52 +78,52 @@ jobs: - name: bearssl install_packages: zlib1g-dev install_steps: bearssl pytest - configure: LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug + configure: LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug - name: bearssl clang install_packages: zlib1g-dev clang install_steps: bearssl - configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug + configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug - name: libressl heimdal install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev install_steps: libressl pytest - configure: LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --with-gssapi --enable-debug + configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug - name: libressl heimdal valgrind install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev valgrind install_steps: libressl - generate: -DOPENSSL_ROOT_DIR=$HOME/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON + generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON - name: libressl clang install_packages: zlib1g-dev clang install_steps: libressl - configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --enable-debug + configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --enable-debug - name: wolfssl-all install_packages: zlib1g-dev install_steps: wolfssl-all - configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-all/lib" --with-wolfssl=$HOME/wolfssl-all --enable-ech --enable-debug + configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-all/lib --with-wolfssl=/home/runner/wolfssl-all --enable-ech --enable-debug - name: wolfssl-opensslextra valgrind install_packages: zlib1g-dev valgrind install_steps: wolfssl-opensslextra wolfssh - configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --enable-ech --enable-debug + configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --enable-ech --enable-debug - name: mbedtls valgrind install_packages: libnghttp2-dev libldap-dev valgrind install_steps: mbedtls - configure: LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug + configure: LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug - name: mbedtls clang install_packages: libnghttp2-dev libldap-dev clang install_steps: mbedtls pytest - configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug + configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug - name: mbedtls install_packages: libnghttp2-dev install_steps: mbedtls - PKG_CONFIG_PATH: '$HOME/mbedtls/lib/pkgconfig' # Requires v3.6.0 or v2.28.8 + PKG_CONFIG_PATH: /home/runner/mbedtls/lib/pkgconfig # Requires v3.6.0 or v2.28.8 generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON - name: mbedtls-pkg @@ -133,23 +138,24 @@ jobs: - name: msh3 install_packages: zlib1g-dev install_steps: quictls msh3 - configure: LDFLAGS="-Wl,-rpath,$HOME/msh3/lib -Wl,-rpath,$HOME/quictls/lib" --with-msh3=$HOME/msh3 --with-openssl=$HOME/quictls --enable-debug + LDFLAGS: -Wl,-rpath,/home/runner/msh3/lib -Wl,-rpath,/home/runner/quictls/lib + configure: --with-msh3=/home/runner/msh3 --with-openssl=/home/runner/quictls --enable-debug - name: msh3 install_packages: zlib1g-dev install_steps: quictls msh3 skipall - PKG_CONFIG_PATH: '$HOME/msh3/lib/pkgconfig' # Broken as of v0.6.0 - generate: -DOPENSSL_ROOT_DIR=$HOME/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=$HOME/msh3/include -DMSH3_LIBRARY=$HOME/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON + PKG_CONFIG_PATH: /home/runner/msh3/lib/pkgconfig # Broken as of v0.6.0 + generate: -DOPENSSL_ROOT_DIR=/home/runner/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=/home/runner/msh3/include -DMSH3_LIBRARY=/home/runner/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON - name: awslc install_packages: zlib1g-dev install_steps: awslc pytest - configure: LDFLAGS="-Wl,-rpath,$HOME/awslc/lib" --with-openssl=$HOME/awslc --enable-ech + configure: LDFLAGS=-Wl,-rpath,/home/runner/awslc/lib --with-openssl=/home/runner/awslc --enable-ech - name: awslc install_packages: zlib1g-dev install_steps: awslc - generate: -DOPENSSL_ROOT_DIR=$HOME/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF + generate: -DOPENSSL_ROOT_DIR=/home/runner/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF - name: openssl default install_steps: pytest @@ -223,44 +229,39 @@ jobs: - name: clang-tidy install_packages: clang-tidy zlib1g-dev libssl-dev libkrb5-dev install_steps: skipall wolfssl-opensslextra wolfssh - configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export + configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export make-custom-target: tidy - name: scanbuild install_packages: clang-tools clang libssl-dev libssh2-1-dev install_steps: skipall configure: --with-openssl --enable-debug --with-libssh2 --disable-unity - configure-prefix: CC=clang scan-build + CC: clang + configure-prefix: scan-build make-prefix: scan-build --status-bugs - name: address-sanitizer install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 install_steps: pytest randcurl - configure: >- - CC=clang - CFLAGS="-fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g" - LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=undefined,integer" - LIBS="-ldl -lubsan" - --with-openssl --enable-debug + CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g + LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer + LIBS: -ldl -lubsan + configure: CC=clang --with-openssl --enable-debug - name: thread-sanitizer install_packages: zlib1g-dev clang libtsan2 install_steps: pytest openssl-tsan - configure: >- - CC=clang - CFLAGS="-fsanitize=thread -g" - LDFLAGS="-fsanitize=thread -Wl,-rpath,$HOME/openssl/lib" - --with-openssl=$HOME/openssl --enable-debug + CFLAGS: -fsanitize=thread -g + LDFLAGS: -fsanitize=thread -Wl,-rpath,/home/runner/openssl/lib + configure: CC=clang --with-openssl=/home/runner/openssl --enable-debug - name: memory-sanitizer install_packages: clang install_steps: randcurl - configure: >- - CC=clang - CFLAGS="-fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g" - LDFLAGS="-fsanitize=memory" - LIBS="-ldl" - --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug + CFLAGS: -fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g + LDFLAGS: -fsanitize=memory + LIBS: -ldl + configure: CC=clang --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug - name: event-based install_packages: libssh-dev @@ -305,18 +306,21 @@ jobs: steps: - name: 'install prereqs' if: matrix.build.container == null && !contains(matrix.build.name, 'i686') - # zizmor: ignore[template-injection] + env: + INSTALL_PACKAGES: >- + ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }} + ${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }} + run: | sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo apt-get -o Dpkg::Use-Pty=0 update sudo rm -f /var/lib/man-db/auto-update sudo apt-get -o Dpkg::Use-Pty=0 install \ libtool autoconf automake pkgconf \ - ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }} \ libpsl-dev libbrotli-dev libzstd-dev \ - ${{ matrix.build.install_packages }} \ - ${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }} - python3 -m venv $HOME/venv + ${INSTALL_PACKAGES} \ + ${MATRIX_INSTALL_PACKAGES} + python3 -m venv ~/venv - name: 'install prereqs' if: contains(matrix.build.name, 'i686') @@ -328,8 +332,8 @@ jobs: sudo apt-get -o Dpkg::Use-Pty=0 install \ libtool autoconf automake pkgconf stunnel4 \ libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \ - ${{ matrix.build.install_packages }} - python3 -m venv $HOME/venv + ${MATRIX_INSTALL_PACKAGES} + python3 -m venv ~/venv - name: 'install dependencies' if: startsWith(matrix.build.container, 'alpine') @@ -348,19 +352,18 @@ jobs: cache-name: cache-bearssl with: path: ~/bearssl - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.bearssl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.BEARSSL_VERSION }} - name: 'build bearssl' if: contains(matrix.build.install_steps, 'bearssl') && steps.cache-bearssl.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://bearssl.org/bearssl-${{ env.bearssl-version }}.tar.gz - tar -xzf bearssl-${{ env.bearssl-version }}.tar.gz - cd bearssl-${{ env.bearssl-version }} + "https://bearssl.org/bearssl-${BEARSSL_VERSION}.tar.gz" | tar -xz + cd "bearssl-${BEARSSL_VERSION}" make - mkdir -p $HOME/bearssl/lib $HOME/bearssl/include - cp inc/*.h $HOME/bearssl/include - cp build/libbearssl.* $HOME/bearssl/lib + mkdir -p ~/bearssl/lib ~/bearssl/include + cp inc/*.h ~/bearssl/include + cp build/libbearssl.* ~/bearssl/lib - name: 'cache libressl' if: contains(matrix.build.install_steps, 'libressl') @@ -370,16 +373,15 @@ jobs: cache-name: cache-libressl with: path: ~/libressl - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.libressl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }} - name: 'build libressl' if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz - tar -xzf libressl-${{ env.libressl-version }}.tar.gz - cd libressl-${{ env.libressl-version }} - ./configure --disable-dependency-tracking --prefix=$HOME/libressl + "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz + cd "libressl-${LIBRESSL_VERSION}" + ./configure --disable-dependency-tracking --prefix=/home/runner/libressl make install - name: 'cache wolfssl (all)' @@ -390,18 +392,17 @@ jobs: cache-name: cache-wolfssl-all with: path: ~/wolfssl-all - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'build wolfssl (all)' # does not support `OPENSSL_COEXIST` if: contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz - tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz - cd wolfssl-${{ env.wolfssl-version }}-stable + "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz + cd "wolfssl-${WOLFSSL_VERSION}-stable" ./autogen.sh ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \ - --disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-all + --disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-all make install - name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST` @@ -412,18 +413,17 @@ jobs: cache-name: cache-wolfssl-opensslextra with: path: ~/wolfssl-opensslextra - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }} - name: 'build wolfssl (opensslextra)' if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz - tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz - cd wolfssl-${{ env.wolfssl-version }}-stable + "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz + cd "wolfssl-${WOLFSSL_VERSION}-stable" ./autogen.sh ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-wolfssh --enable-ech --enable-opensslextra \ - --disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-opensslextra + --disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-opensslextra make install - name: 'cache wolfssh' @@ -434,18 +434,17 @@ jobs: cache-name: cache-wolfssh with: path: ~/wolfssh - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssh-version }}-${{ env.wolfssl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSH_VERSION }}-${{ env.WOLFSSL_VERSION }} - name: 'build wolfssh' if: contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/wolfSSL/wolfssh/archive/v${{ env.wolfssh-version }}-stable.tar.gz - tar -xzf v${{ env.wolfssh-version }}-stable.tar.gz - cd wolfssh-${{ env.wolfssh-version }}-stable + "https://github.com/wolfSSL/wolfssh/archive/v${WOLFSSH_VERSION}-stable.tar.gz" | tar -xz + cd "wolfssh-${WOLFSSH_VERSION}-stable" ./autogen.sh - ./configure --disable-dependency-tracking --with-wolfssl=$HOME/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \ - --disable-examples --prefix=$HOME/wolfssh + ./configure --disable-dependency-tracking --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \ + --disable-examples --prefix=/home/runner/wolfssh make install - name: 'cache mbedtls' @@ -456,18 +455,17 @@ jobs: cache-name: cache-mbedtls-threadsafe with: path: ~/mbedtls - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.mbedtls-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }} - name: 'build mbedtls' if: contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${{ env.mbedtls-version }}/mbedtls-${{ env.mbedtls-version }}.tar.bz2 - tar -xjf mbedtls-${{ env.mbedtls-version }}.tar.bz2 - cd mbedtls-${{ env.mbedtls-version }} + "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION}/mbedtls-${MBEDTLS_VERSION}.tar.bz2" | tar -xj + cd "mbedtls-${MBEDTLS_VERSION}" ./scripts/config.py set MBEDTLS_THREADING_C ./scripts/config.py set MBEDTLS_THREADING_PTHREAD - cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=$HOME/mbedtls \ + cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls \ -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF cmake --build . cmake --install . @@ -480,14 +478,14 @@ jobs: cache-name: cache-openssl-tsan with: path: ~/openssl - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.openssl-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }} - name: 'build openssl (thread sanitizer)' if: contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true' run: | - git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl + git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl cd openssl - CC="clang" CFLAGS="-fsanitize=thread" LDFLAGS="-fsanitize=thread" ./config --prefix=$HOME/openssl --libdir=lib no-makedepend no-apps no-docs no-tests + CC=clang CFLAGS='-fsanitize=thread' LDFLAGS='-fsanitize=thread' ./config --prefix=/home/runner/openssl --libdir=lib no-makedepend no-apps no-docs no-tests make make -j1 install_sw @@ -499,14 +497,14 @@ jobs: cache-name: cache-quictls with: path: ~/quictls - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1 - name: 'build quictls' if: contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true' run: | - git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl + git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl cd openssl - ./config --prefix=$HOME/quictls --libdir=lib no-makedepend no-apps no-docs no-tests + ./config --prefix=/home/runner/quictls --libdir=lib no-makedepend no-apps no-docs no-tests make make -j1 install_sw @@ -518,14 +516,14 @@ jobs: cache-name: cache-msh3 with: path: ~/msh3 - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.msh3-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MSH3_VERSION }} - name: 'build msh3' if: contains(matrix.build.install_steps, 'msh3') && steps.cache-msh3.outputs.cache-hit != 'true' run: | - git clone --quiet --depth=1 -b v${{ env.msh3-version }} --recursive https://github.com/nibanks/msh3 + git clone --quiet --depth=1 -b "v${MSH3_VERSION}" --recursive https://github.com/nibanks/msh3 cd msh3 - cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=$HOME/msh3 + cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=/home/runner/msh3 cmake --build . cmake --install . @@ -537,17 +535,16 @@ jobs: cache-name: cache-awslc with: path: ~/awslc - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.awslc-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }} - name: 'build awslc' if: contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true' run: | curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/awslabs/aws-lc/archive/refs/tags/v${{ env.awslc-version }}.tar.gz - tar -xzf v${{ env.awslc-version }}.tar.gz - mkdir aws-lc-${{ env.awslc-version }}-build - cd aws-lc-${{ env.awslc-version }}-build - cmake -G Ninja -DCMAKE_INSTALL_PREFIX=$HOME/awslc ../aws-lc-${{ env.awslc-version }} -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF + "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz + mkdir "aws-lc-${AWSLC_VERSION}-build" + cd "aws-lc-${AWSLC_VERSION}-build" + cmake -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc "../aws-lc-${AWSLC_VERSION}" -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF cmake --build . cmake --install . @@ -559,21 +556,21 @@ jobs: cache-name: cache-rustls with: path: ~/rustls - key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.rustls-version }} + key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.RUSTLS_VERSION }} - name: 'fetch rustls deb' if: contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true' run: | mkdir -p ~/rustls - curl -L https://github.com/rustls/rustls-ffi/releases/download/v${{ env.rustls-version }}/librustls_${{ env.rustls-version }}_amd64.deb.zip -o ~/rustls/librustls.zip + curl -LsSf --retry 6 --retry-connrefused --max-time 999 \ + "https://github.com/rustls/rustls-ffi/releases/download/v${RUSTLS_VERSION}/librustls_${RUSTLS_VERSION}_amd64.deb.zip" -o ~/rustls/librustls.zip unzip ~/rustls/librustls.zip -d ~/rustls rm ~/rustls/librustls.zip - name: 'build rustls' # Note: we don't check cache-hit here. If the cache is hit, we still need to dpkg install the deb. if: contains(matrix.build.install_steps, 'rustls') - run: | - sudo dpkg -i ~/rustls/librustls_${{ env.rustls-version }}_amd64.deb + run: sudo dpkg -i ~/rustls/"librustls_${RUSTLS_VERSION}_amd64.deb" - name: 'install Intel compilers' if: contains(matrix.build.install_steps, 'intel') @@ -582,7 +579,7 @@ jobs: sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main" sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic source /opt/intel/oneapi/setvars.sh - printenv >> $GITHUB_ENV + printenv >> "$GITHUB_ENV" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -593,23 +590,30 @@ jobs: run: autoreconf -fi - name: 'configure' + env: + CC: '${{ matrix.build.CC }}' + CFLAGS: '${{ matrix.build.CFLAGS }}' + LDFLAGS: '${{ matrix.build.LDFLAGS }}' + LIBS: '${{ matrix.build.LIBS }}' + MATRIX_CONFIGURE: '${{ matrix.build.configure }}' + MATRIX_CONFIGURE_PREFIX: '${{ matrix.build.configure-prefix }}' + MATRIX_GENERATE: '${{ matrix.build.generate }}' + MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}' run: | - [[ '${{ matrix.build.install_steps }}' = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev - if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then - export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" - fi - if [ -n '${{ matrix.build.generate }}' ]; then + [[ "${MATRIX_INSTALL_STEPS}" = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev + [ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}" + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake -B bld -G Ninja \ - -DCMAKE_INSTALL_PREFIX="$HOME/curl" \ - -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ + -DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ - ${{ matrix.build.generate }} + ${MATRIX_GENERATE} else mkdir bld && cd bld && \ - ${{ matrix.build.configure-prefix }} \ + ${MATRIX_CONFIGURE_PREFIX} \ ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --disable-dependency-tracking \ - ${{ matrix.build.configure }} + ${MATRIX_CONFIGURE} fi - name: 'configure log' @@ -625,23 +629,25 @@ jobs: run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true - name: 'build' + env: + MATRIX_MAKE_CUSTOM_TARGET: '${{ matrix.build.make-custom-target }}' run: | - if [ -n '${{ matrix.build.generate }}' ]; then - ${{ matrix.build.make-prefix }} cmake --build bld --verbose + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose else - ${{ matrix.build.make-prefix }} make -C bld V=1 ${{ matrix.build.make-custom-target }} + ${MATRIX_MAKE_PREFIX} make -C bld V=1 ${MATRIX_MAKE_CUSTOM_TARGET} fi - name: 'single-use function check' if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }} run: | git config --global --add safe.directory "*" - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then libcurla=bld/lib/libcurl.a else libcurla=bld/lib/.libs/libcurl.a fi - ./scripts/singleuse.pl --unit ${libcurla} + ./scripts/singleuse.pl --unit "${libcurla}" - name: 'check curl -V output' if: ${{ matrix.build.make-custom-target != 'tidy' }} @@ -654,7 +660,7 @@ jobs: - name: 'build tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') }} run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target testdeps else make -C bld V=1 -C tests @@ -663,37 +669,38 @@ jobs: - name: 'install test prereqs' if: ${{ !contains(matrix.build.install_steps, 'skipall') && matrix.build.container == null }} run: | - [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate python3 -m pip install -r tests/requirements.txt - name: 'run tests' if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }} - # zizmor: ignore[template-injection] + env: + TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + TFLAGS: '${{ matrix.build.tflags }}' run: | - export TFLAGS='${{ matrix.build.tflags }}' - if [ -z '${{ matrix.build.torture }}' ]; then - if [[ '${{ matrix.build.install_steps }}' = *'wolfssh'* ]]; then + if [ "${TEST_TARGET}" = 'test-ci' ]; then + if [[ "${MATRIX_INSTALL_STEPS}" = *'wolfssh'* ]]; then TFLAGS+=' ~SFTP' # curl: (79) wolfssh SFTP connect error -1051 / WS_MATCH_KEY_ALGO_E / cannot match key algo with peer fi - if [[ '${{ matrix.build.install_packages }}' = *'valgrind'* ]]; then + if [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then TFLAGS+=' -j6' fi - if [[ '${{ matrix.build.install_packages }}' = *'heimdal-dev'* ]]; then + if [[ "${MATRIX_INSTALL_PACKAGES}" = *'heimdal-dev'* ]]; then TFLAGS+=' ~2077 ~2078' # valgrind reporting memory leaks from Curl_auth_decode_spnego_message() -> gss_import_name() fi fi - [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate - if [ -n '${{ matrix.build.generate }}' ]; then - cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target "${TEST_TARGET}" else - make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + make -C bld V=1 "${TEST_TARGET}" fi - name: 'install pytest prereqs' if: contains(matrix.build.install_steps, 'pytest') run: | - [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate + [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate python3 -m pip install -r tests/http/requirements.txt - name: 'run pytest' @@ -702,8 +709,8 @@ jobs: PYTEST_ADDOPTS: '--color=yes' PYTEST_XDIST_AUTO_NUM_WORKERS: 4 run: | - [ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate - if [ -n '${{ matrix.build.generate }}' ]; then + [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-pytest-ci else make -C bld V=1 pytest-ci @@ -719,8 +726,8 @@ jobs: - name: 'build examples' if: ${{ matrix.build.make-custom-target != 'tidy' }} run: | - if [ -n '${{ matrix.build.generate }}' ]; then - ${{ matrix.build.make-prefix }} cmake --build bld --verbose --target curl-examples + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples else - ${{ matrix.build.make-prefix }} make -C bld V=1 examples + ${MATRIX_MAKE_PREFIX} make -C bld V=1 examples fi diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml index e5327820b3..98a1d5b785 100644 --- a/.github/workflows/macos.yml +++ b/.github/workflows/macos.yml @@ -58,8 +58,11 @@ jobs: timeout-minutes: 45 env: DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" - CC: ${{ matrix.compiler }} - CFLAGS: '' + CC: '${{ matrix.compiler }}' + MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} + MATRIX_COMPILER: '${{ matrix.compiler }}' + MATRIX_INSTALL: '${{ matrix.build.install }}' + MATRIX_MACOS_VERSION_MIN: '${{ matrix.build.macos-version-min }}' strategy: fail-fast: false matrix: @@ -78,15 +81,15 @@ jobs: configure: --enable-debug --without-ssl - name: '!ssl libssh2 AppleIDN' compiler: clang - configure: --enable-debug --with-libssh2=$(brew --prefix libssh2) --without-ssl --with-apple-idn + configure: --enable-debug --with-libssh2=/opt/homebrew/opt/libssh2 --without-ssl --with-apple-idn - name: 'OpenSSL libssh c-ares' compiler: clang install: libssh - configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --enable-ares + configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --enable-ares - name: 'OpenSSL libssh' compiler: llvm@15 install: libssh libnghttp3 - configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --with-openssl-quic + configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --with-openssl-quic - name: '!ssl c-ares' compiler: clang configure: --enable-debug --enable-ares --without-ssl @@ -104,68 +107,68 @@ jobs: macos-version-min: '10.15' # Catalina (2019) - name: 'SecureTransport libssh2' compiler: clang - configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2 macos-version-min: '10.8' - name: 'SecureTransport libssh2 10.12' compiler: clang - configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2 macos-version-min: '10.12' # for monotonic timers - name: 'SecureTransport libssh2' compiler: gcc-12 - configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) + configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2 macos-version-min: '10.8' - name: 'LibreSSL +examples' compiler: clang install: libressl install_steps: pytest - configure: --enable-debug --with-openssl=$(brew --prefix libressl) + configure: --enable-debug --with-openssl=/opt/homebrew/opt/libressl - name: 'OpenSSL' compiler: clang install_steps: pytest - configure: --enable-debug --with-openssl=$(brew --prefix openssl) + configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl - name: 'OpenSSL event-based' compiler: clang - configure: --enable-debug --with-openssl=$(brew --prefix openssl) + configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl tflags: --test-event - name: 'quictls libssh2 !ldap 10.15' compiler: clang install: quictls - configure: --enable-debug --disable-ldap --with-openssl=$(brew --prefix quictls) LDFLAGS="${LDFLAGS} -L$(brew --prefix quictls)/lib" + configure: --enable-debug --disable-ldap --with-openssl=/opt/homebrew/opt/quictls LDFLAGS=-L/opt/homebrew/opt/quictls/lib macos-version-min: '10.15' # cmake - name: 'OpenSSL gsasl rtmp AppleIDN' install: gsasl rtmpdump - generate: -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON - name: 'MultiSSL AppleIDN clang-tidy +examples' install: llvm brotli zstd gnutls nettle mbedtls gsasl rtmpdump fish - generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=$(brew --prefix llvm)/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON + generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON clang-tidy: true chkprefill: _chkprefill - name: 'quictls +static libssh +examples' install: quictls libssh - generate: -DOPENSSL_ROOT_DIR=$(brew --prefix quictls) -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/quictls -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON - name: 'SecureTransport debug' generate: -DCURL_USE_SECTRANSP=ON -DENABLE_DEBUG=ON macos-version-min: '10.8' - name: 'LibreSSL !ldap heimdal c-ares +examples' install: libressl heimdal - generate: -DOPENSSL_ROOT_DIR=$(brew --prefix libressl) -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix heimdal) -DCURL_DISABLE_LDAP=ON + generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DCURL_DISABLE_LDAP=ON - name: 'wolfSSL !ldap brotli zstd' install: brotli wolfssl zstd install_steps: pytest generate: -DCURL_USE_WOLFSSL=ON -DCURL_DISABLE_LDAP=ON -DUSE_ECH=ON - name: 'mbedTLS openldap brotli zstd' install: brotli mbedtls zstd openldap - generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR="$(brew --prefix openldap)/include" -DLDAP_LIBRARY="$(brew --prefix openldap)/lib/libldap.dylib" -DLDAP_LBER_LIBRARY="$(brew --prefix openldap)/lib/liblber.dylib" + generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib - name: 'GnuTLS !ldap krb5' install: gnutls nettle krb5 - generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix krb5) -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON + generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON - name: 'OpenSSL torture !FTP' - generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) + generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl tflags: -t --shallow=25 !FTP torture: true - name: 'OpenSSL torture FTP' - generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) + generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl tflags: -t --shallow=20 FTP torture: true exclude: @@ -187,33 +190,35 @@ jobs: # Run this command with retries because of spurious failures seen # while running the tests, for example # https://github.com/curl/curl/runs/4095721123?check_suite_focus=true - # zizmor: ignore[template-injection] + env: + INSTALL_PACKAGES: >- + ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} + ${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }} + ${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} + run: | - echo ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} \ - pkgconf libpsl libssh2 \ - ${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }} \ - ${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} \ - ${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile - while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + echo pkgconf libpsl libssh2 ${INSTALL_PACKAGES} ${MATRIX_INSTALL} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile + # shellcheck disable=SC2181,SC2034 + while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew bundle install --file /tmp/Brewfile; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'brew unlink openssl' if: ${{ contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }} run: | - if test -d $(brew --prefix)/include/openssl; then + if [ -d /opt/homebrew/include/openssl ]; then brew unlink openssl fi - name: 'toolchain versions' run: | - [[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" - [[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot - which "${CC}"; "${CC}" --version || true + [[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang" + [[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot + command -v "${CC}"; "${CC}" --version || true xcodebuild -version || true xcrun --sdk macosx --show-sdk-path 2>/dev/null || true xcrun --sdk macosx --show-sdk-version || true ls -l /Library/Developer/CommandLineTools/SDKs || true echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' - echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -224,31 +229,36 @@ jobs: run: autoreconf -fi - name: 'configure' + env: + MATRIX_CHKPREFILL: '${{ matrix.build.chkprefill }}' + MATRIX_CONFIGURE: '${{ matrix.build.configure }}' + MATRIX_GENERATE: '${{ matrix.build.generate }}' + MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}' run: | - if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then + if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for else sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" fi - if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then - CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then + CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang" CC+=" --sysroot=${sysroot}" CC+=" --target=$(uname -m)-apple-darwin" fi - if [ -n '${{ matrix.build.generate }}' ]; then - for _chkprefill in '' ${{ matrix.build.chkprefill }}; do + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + for _chkprefill in '' ${MATRIX_CHKPREFILL}; do options='' - [ -n '${{ matrix.build.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.build.macos-version-min }}' - [[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS + [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}" + [[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' cmake -B "bld${_chkprefill}" -G Ninja -D_CURL_PREFILL=ON \ - -DCMAKE_INSTALL_PREFIX="$HOME/curl" \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_OSX_SYSROOT="${sysroot}" \ -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ - ${{ matrix.build.generate }} ${options} + ${MATRIX_GENERATE} ${options} done if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' @@ -256,19 +266,19 @@ jobs: fi else export CFLAGS - if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then options+=" --target=$(uname -m)-apple-darwin" fi - if [ '${{ matrix.compiler }}' != 'clang' ]; then + if [ "${MATRIX_COMPILER}" != 'clang' ]; then options+=" --with-sysroot=${sysroot}" CFLAGS+=" --sysroot=${sysroot}" fi - [ -n '${{ matrix.build.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.build.macos-version-min }}' - [[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS + [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}" + [[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --disable-dependency-tracking \ - --with-libpsl=$(brew --prefix libpsl) \ - ${{ matrix.build.configure }} ${options} + --with-libpsl=/opt/homebrew/opt/libpsl \ + ${MATRIX_CONFIGURE} ${options} fi - name: 'configure log' @@ -285,7 +295,7 @@ jobs: - name: 'build' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose else make -C bld V=1 @@ -300,7 +310,7 @@ jobs: - name: 'build tests' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target testdeps else make -C bld V=1 -C tests @@ -309,28 +319,30 @@ jobs: - name: 'install test prereqs' if: ${{ !matrix.build.clang-tidy }} run: | - python3 -m venv $HOME/venv - source $HOME/venv/bin/activate + python3 -m venv ~/venv + source ~/venv/bin/activate python3 -m pip install -r tests/requirements.txt - name: 'run tests' if: ${{ !matrix.build.clang-tidy }} timeout-minutes: ${{ matrix.build.torture && 20 || 10 }} - # zizmor: ignore[template-injection] + env: + TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + TFLAGS: '${{ matrix.build.tflags }}' run: | - export TFLAGS='-j20 ${{ matrix.build.tflags }}' - source $HOME/venv/bin/activate - rm -f $HOME/.curlrc - if [ -n '${{ matrix.build.generate }}' ]; then - cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + TFLAGS="-j20 ${TFLAGS}" + source ~/venv/bin/activate + rm -f ~/.curlrc + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target "${TEST_TARGET}" else - make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} + make -C bld V=1 "${TEST_TARGET}" fi - name: 'install pytest prereqs' if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }} run: | - source $HOME/venv/bin/activate + source ~/venv/bin/activate python3 -m pip install -r tests/http/requirements.txt - name: 'run pytest' @@ -339,8 +351,8 @@ jobs: PYTEST_ADDOPTS: '--color=yes' PYTEST_XDIST_AUTO_NUM_WORKERS: 4 run: | - source $HOME/venv/bin/activate - if [ -n '${{ matrix.build.generate }}' ]; then + source ~/venv/bin/activate + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-pytest-ci else make -C bld V=1 pytest-ci @@ -349,7 +361,7 @@ jobs: - name: 'build examples' if: ${{ contains(matrix.build.name, '+examples') }} run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose --target curl-examples else make -C bld examples V=1 @@ -362,7 +374,12 @@ jobs: timeout-minutes: 10 env: DEVELOPER_DIR: "/Applications/Xcode${{ matrix.xcode && format('_{0}', matrix.xcode) || '' }}.app/Contents/Developer" - CC: ${{ matrix.compiler }} + CC: '${{ matrix.compiler }}' + MATRIX_BUILD: '${{ matrix.build }}' + MATRIX_COMPILER: '${{ matrix.compiler }}' + MATRIX_CONFIG: '${{ matrix.config }}' + MATRIX_IMAGE: '${{ matrix.image }}' + MATRIX_MACOS_VERSION_MIN: '${{ matrix.macos-version-min }}' strategy: fail-fast: false matrix: @@ -377,6 +394,7 @@ jobs: # Ventura (2022) Sonoma (2023) Sequoia (2024) # https://github.com/actions/runner-images/tree/main/images/macos # https://en.wikipedia.org/wiki/MacOS_version_history + # TODO when dropping macos-13: replace '$(brew --prefix ...' with /opt/homebrew image: [macos-13, macos-14, macos-15] # Can skip these to reduce jobs: # 15.1 has the same default macOS SDK as 15.2 and identical test results. @@ -417,14 +435,14 @@ jobs: - name: 'install autotools' if: ${{ matrix.build == 'autotools' }} run: | - echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile - while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + # shellcheck disable=SC2181,SC2034 + while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'toolchain versions' run: | - [[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" - [[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot - which "${CC}"; "${CC}" --version || true + [[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang" + [[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot + command -v "${CC}"; "${CC}" --version || true xcodebuild -version || true xcrun --sdk macosx --show-sdk-path 2>/dev/null || true xcrun --sdk macosx --show-sdk-version || true @@ -442,27 +460,27 @@ jobs: - name: 'configure / ${{ matrix.build }}' run: | - if [ '${{ matrix.compiler }}' = 'gcc-13' ] && [ '${{ matrix.image }}' = 'macos-15' ] ; then + if [ "${MATRIX_COMPILER}" = 'gcc-13' ] && [ "${MATRIX_IMAGE}" = 'macos-15' ] ; then # Ref: https://github.com/Homebrew/homebrew-core/issues/194778#issuecomment-2793243409 /opt/homebrew/opt/gcc@13/libexec/gcc/aarch64-apple-darwin24/13/install-tools/mkheaders fi - if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then + if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for else sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" fi - if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then - CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" + if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then + CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang" CC+=" --sysroot=${sysroot}" CC+=" --target=$(uname -m)-apple-darwin" fi - if [ '${{ matrix.build }}' = 'cmake' ]; then - [ '${{ matrix.config }}' = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON' - [ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON' - [ -n '${{ matrix.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.macos-version-min }}' + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + [ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON' + [ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON' + [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}" # would pick up nghttp2, libidn2, and libssh2 cmake -B bld -G Ninja -D_CURL_PREFILL=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ @@ -475,16 +493,16 @@ jobs: ${options} else export CFLAGS - if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then + if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then options+=" --target=$(uname -m)-apple-darwin" fi - if [ '${{ matrix.compiler }}' != 'clang' ]; then + if [ "${MATRIX_COMPILER}" != 'clang' ]; then options+=" --with-sysroot=${sysroot}" CFLAGS+=" --sysroot=${sysroot}" fi - [ '${{ matrix.config }}' = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)" - [ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' --with-secure-transport' - [ -n '${{ matrix.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.macos-version-min }}' + [ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)" + [ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' --with-secure-transport' + [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}" # would pick up nghttp2, libidn2, but libssh2 is disabled by default mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --disable-dependency-tracking \ @@ -505,7 +523,7 @@ jobs: - name: 'build / ${{ matrix.build }}' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose else make -C bld V=1 diff --git a/.github/workflows/non-native.yml b/.github/workflows/non-native.yml index 74adcbfebd..86ee16fa57 100644 --- a/.github/workflows/non-native.yml +++ b/.github/workflows/non-native.yml @@ -52,7 +52,10 @@ jobs: persist-credentials: false - name: 'cmake' uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 + env: + MATRIX_ARCH: '${{ matrix.arch }}' with: + environment_variables: MATRIX_ARCH operating_system: 'netbsd' version: '10.1' architecture: ${{ matrix.arch }} @@ -60,6 +63,7 @@ jobs: # https://pkgsrc.se/ time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket time cmake -B bld -G Ninja \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ @@ -69,8 +73,9 @@ jobs: echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' time cmake --build bld + time cmake --install bld bld/src/curl --disable --version - if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU time cmake --build bld --target testdeps export TFLAGS='-j8' time cmake --build bld --target test-ci @@ -92,7 +97,10 @@ jobs: persist-credentials: false - name: 'cmake' uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 + env: + MATRIX_ARCH: '${{ matrix.arch }}' with: + environment_variables: MATRIX_ARCH operating_system: 'openbsd' version: '7.7' architecture: ${{ matrix.arch }} @@ -101,6 +109,7 @@ jobs: # https://www.openbsd.org/faq/faq15.html time sudo pkg_add cmake ninja brotli openldap-client-- libssh2 libidn2 libpsl nghttp2 py3-six py3-impacket time cmake -B bld -G Ninja \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ @@ -109,8 +118,9 @@ jobs: echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' time cmake --build bld + time cmake --install bld bld/src/curl --disable --version - if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU + if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU time cmake --build bld --target testdeps export TFLAGS='-j8' time cmake --build bld --target test-ci @@ -135,84 +145,95 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: persist-credentials: false - - name: 'autotools' - if: ${{ matrix.build == 'autotools' }} + - name: '${{ matrix.build }}' uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 + env: + CC: '${{ matrix.compiler }}' + MATRIX_ARCH: '${{ matrix.arch }}' + MATRIX_BUILD: '${{ matrix.build }}' + MATRIX_DESC: '${{ matrix.desc }}' + MATRIX_OPTIONS: '${{ matrix.options }}' with: + environment_variables: CC MATRIX_ARCH MATRIX_BUILD MATRIX_DESC MATRIX_OPTIONS operating_system: 'freebsd' version: '14.2' architecture: ${{ matrix.arch }} run: | - export MAKEFLAGS=-j3 export CURL_CI=github + # https://ports.freebsd.org/ - time sudo pkg install -y autoconf automake libtool \ - pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket - time autoreconf -fi - export CC='${{ matrix.compiler }}' - if [ '${{ matrix.arch }}' != 'x86_64' ]; then - options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU - fi - mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ - --prefix="${HOME}"/install \ - --with-openssl \ - --with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \ - --disable-dependency-tracking \ - ${options} \ - ${{ matrix.options }} \ - || { tail -n 1000 config.log; false; } - echo '::group::curl_config.h (raw)'; cat lib/curl_config.h || true; echo '::endgroup::' - echo '::group::curl_config.h'; grep -F '#define' lib/curl_config.h | sort || true; echo '::endgroup::' - time make install - src/curl --disable --version - desc='${{ matrix.desc }}' - if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU - time make -C tests - if [ "${desc#*!runtests*}" = "${desc}" ]; then - time make test-ci V=1 TFLAGS='-j8' - fi - fi - if [ "${desc#*!examples*}" = "${desc}" ]; then - echo '::group::build examples' - time make examples - echo '::endgroup::' + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time sudo pkg install -y cmake-core ninja perl5 \ + pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + else + time sudo pkg install -y autoconf automake libtool \ + pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket + export MAKEFLAGS=-j3 + fi + + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time cmake -B bld -G Ninja \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ + -DCMAKE_C_COMPILER="${CC}" \ + -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ + -DCURL_WERROR=ON \ + -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ + -DCURL_USE_OPENSSL=ON \ + -DCURL_USE_GSSAPI=ON \ + ${MATRIX_OPTIONS} \ + || { cat bld/CMakeFiles/CMake*.yaml; false; } + else + time autoreconf -fi + if [ "${MATRIX_ARCH}" != 'x86_64' ]; then + options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU + fi + mkdir bld && cd bld + time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ + --prefix="$HOME"/curl-install \ + --with-openssl \ + --with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \ + --disable-dependency-tracking \ + ${options} \ + ${MATRIX_OPTIONS} \ + || { tail -n 1000 config.log; false; } + cd .. fi - - name: 'cmake' - if: ${{ matrix.build == 'cmake' }} - uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 - with: - operating_system: 'freebsd' - version: '14.1' - architecture: ${{ matrix.arch }} - run: | - # https://ports.freebsd.org/ - time sudo pkg install -y cmake-core ninja perl5 \ - pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket - time cmake -B bld -G Ninja \ - -DCMAKE_C_COMPILER='${{ matrix.compiler }}' \ - -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ - -DCURL_WERROR=ON \ - -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ - -DCURL_USE_OPENSSL=ON \ - -DCURL_USE_GSSAPI=ON \ - ${{ matrix.options }} \ - || { cat bld/CMakeFiles/CMake*.yaml; false; } echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' - time cmake --build bld + + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time cmake --build bld + time cmake --install bld + else + time make -C bld install + fi + bld/src/curl --disable --version - desc='${{ matrix.desc }}' - if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU - time cmake --build bld --target testdeps - if [ "${desc#*!runtests*}" = "${desc}" ]; then + + if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time cmake --build bld --target testdeps + else + time make -C bld -C tests + fi + if [ "${MATRIX_DESC#*!runtests*}" = "${MATRIX_DESC}" ]; then export TFLAGS='-j8' - time cmake --build bld --target test-ci + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time cmake --build bld --verbose --target test-ci + else + time make -C bld V=1 test-ci + fi fi fi - if [ "${desc#*!examples*}" = "${desc}" ]; then + + if [ "${MATRIX_DESC#*!examples*}" = "${MATRIX_DESC}" ]; then echo '::group::build examples' - time cmake --build bld --target curl-examples + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + time cmake --build bld --target curl-examples + else + time make -C bld examples + fi echo '::endgroup::' fi @@ -236,8 +257,9 @@ jobs: export MAKEFLAGS=-j3 export CURL_CI=github time autoreconf -fi - mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ - --prefix="${HOME}"/install \ + mkdir bld && cd bld + time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ + --prefix="$HOME"/curl-install \ --with-openssl \ --disable-dependency-tracking \ || { tail -n 1000 config.log; false; } @@ -259,24 +281,26 @@ jobs: MAKEFLAGS: -j 4 DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" CC: ${{ matrix.build.compiler || 'clang' }} + MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }} + MATRIX_OPTIONS: ${{ matrix.build.options }} # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com - libressl-version: 4.1.0 + LIBRESSL_VERSION: 4.1.0 strategy: fail-fast: false matrix: build: - name: 'libressl' install_steps: libressl - configure: --with-openssl="$HOME/libressl" --without-libpsl + configure: --with-openssl=/Users/runner/libressl --without-libpsl - name: 'libressl' install_steps: libressl # FIXME: Could not make OPENSSL_ROOT_DIR work. CMake seems to prepend sysroot to it. generate: >- -DCMAKE_BUILD_TYPE=Release -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 - -DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" - -DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" - -DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" + -DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include + -DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a + -DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a -DCURL_USE_LIBPSL=OFF - name: 'libressl' @@ -286,27 +310,27 @@ jobs: generate: >- -DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF -DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl - -DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" - -DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" - -DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" + -DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include + -DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a + -DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a -DCURL_USE_LIBPSL=OFF steps: - name: 'brew install' if: ${{ matrix.build.configure }} run: | - echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile - while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + # shellcheck disable=SC2181,SC2034 + while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'toolchain versions' run: | - which "${CC}"; "${CC}" --version || true + command -v "${CC}"; "${CC}" --version || true xcodebuild -version || true xcodebuild -sdk -version | grep '^Path:' || true xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true xcrun --sdk iphoneos --show-sdk-version || true echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' - echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' + echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::' - name: 'cache libressl' if: contains(matrix.build.install_steps, 'libressl') @@ -316,18 +340,18 @@ jobs: cache-name: cache-libressl with: path: ~/libressl - key: iOS-${{ env.cache-name }}-${{ env.libressl-version }} + key: iOS-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }} - name: 'build libressl' if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' run: | curl -LsSf --retry 6 --retry-connrefused --max-time 999 \ - https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz | tar -x - cd libressl-${{ env.libressl-version }} + "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -x + cd "libressl-${LIBRESSL_VERSION}" # FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0' cmake -B . -G Ninja \ -DHAVE_ENDIAN_H=0 \ - -DCMAKE_INSTALL_PREFIX="$HOME/libressl" \ + -DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \ -DCMAKE_SYSTEM_NAME=iOS \ -DCMAKE_SYSTEM_PROCESSOR=aarch64 \ -DBUILD_SHARED_LIBS=OFF \ @@ -345,22 +369,26 @@ jobs: run: autoreconf -fi - name: 'configure' + env: + MATRIX_CONFIGURE: '${{ matrix.build.configure }}' + MATRIX_GENERATE: '${{ matrix.build.generate }}' + MATRIX_GENERATOR: '${{ matrix.build.generator }}' run: | - if [ -n '${{ matrix.build.generate }}' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then # https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-ios-tvos-visionos-or-watchos - [ -n '${{ matrix.build.generator }}' ] && options='-G ${{ matrix.build.generator }}' + [ -n "${MATRIX_GENERATOR}" ] && options="-G ${MATRIX_GENERATOR}" cmake -B bld -G Ninja -D_CURL_PREFILL=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_SYSTEM_NAME=iOS \ -DUSE_APPLE_IDN=ON \ - ${{ matrix.build.generate }} ${options} + ${MATRIX_GENERATE} ${options} else mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ --disable-dependency-tracking \ CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \ --host=aarch64-apple-darwin \ --with-apple-idn \ - ${{ matrix.build.configure }} + ${MATRIX_CONFIGURE} fi - name: 'configure log' @@ -374,8 +402,8 @@ jobs: - name: 'build' run: | - if [ -n '${{ matrix.build.generate }}' ]; then - cmake --build bld ${{ matrix.build.options }} --parallel 4 --verbose + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --verbose else make -C bld V=1 fi @@ -385,16 +413,16 @@ jobs: - name: 'build tests' run: | - if [ -n '${{ matrix.build.generate }}' ]; then - cmake --build bld ${{ matrix.build.options }} --parallel 4 --target testdeps --verbose + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target testdeps --verbose else make -C bld V=1 -C tests fi - name: 'build examples' run: | - if [ -n '${{ matrix.build.generate }}' ]; then - cmake --build bld ${{ matrix.build.options }} --parallel 4 --target curl-examples --verbose + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target curl-examples --verbose else make -C bld examples V=1 fi @@ -405,6 +433,7 @@ jobs: timeout-minutes: 25 env: MAKEFLAGS: -j 5 + MATRIX_BUILD: '${{ matrix.build }}' strategy: matrix: include: @@ -431,23 +460,26 @@ jobs: run: autoreconf -fi - name: 'configure' + env: + MATRIX_OPTIONS: '${{ matrix.options }}' + MATRIX_PLATFORM: '${{ matrix.platform }}' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake + if [ "${MATRIX_BUILD}" = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake cmake -B bld -G Ninja \ -DANDROID_ABI=arm64-v8a \ - -DANDROID_PLATFORM='android-${{ matrix.platform }}' \ + -DANDROID_PLATFORM="android-${MATRIX_PLATFORM}" \ -DCMAKE_TOOLCHAIN_FILE="${ANDROID_NDK_HOME}/build/cmake/android.toolchain.cmake" -DCMAKE_WARN_DEPRECATED=OFF \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ - ${{ matrix.options }} + ${MATRIX_OPTIONS} else TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64" mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ - CC="$TOOLCHAIN/bin/aarch64-linux-android${{ matrix.platform }}-clang" \ + CC="$TOOLCHAIN/bin/aarch64-linux-android${MATRIX_PLATFORM}-clang" \ AR="$TOOLCHAIN/bin/llvm-ar" \ RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \ - --host=aarch64-linux-android${{ matrix.platform }} \ - ${{ matrix.options }} + --host="aarch64-linux-android${MATRIX_PLATFORM}" \ + ${MATRIX_OPTIONS} fi - name: 'configure log' @@ -461,7 +493,7 @@ jobs: - name: 'build' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --verbose else make -C bld V=1 @@ -472,7 +504,7 @@ jobs: - name: 'build tests' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target testdeps else make -C bld -C tests @@ -480,7 +512,7 @@ jobs: - name: 'build examples' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target curl-examples else make -C bld examples @@ -492,7 +524,8 @@ jobs: timeout-minutes: 5 env: MAKEFLAGS: -j 5 - toolchain-version: '3.4' + MATRIX_BUILD: '${{ matrix.build }}' + TOOLCHAIN_VERSION: '3.4' strategy: matrix: build: [autotools, cmake] @@ -508,15 +541,15 @@ jobs: id: cache-compiler with: path: ~/djgpp - key: ${{ runner.os }}-djgpp-${{ env.toolchain-version }}-amd64 + key: ${{ runner.os }}-djgpp-${{ env.TOOLCHAIN_VERSION }}-amd64 - name: 'install compiler (djgpp)' if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} run: | - cd "${HOME}" || exit 1 + cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \ - --location 'https://github.com/andrewwutw/build-djgpp/releases/download/v${{ env.toolchain-version }}/djgpp-linux64-gcc1220.tar.bz2' | tar -xj - cd djgpp || exit 1 + --location "https://github.com/andrewwutw/build-djgpp/releases/download/v${TOOLCHAIN_VERSION}/djgpp-linux64-gcc1220.tar.bz2" | tar -xj + cd djgpp for f in wat3211b.zip zlb13b.zip ssl102ub.zip; do curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ "https://www.delorie.com/pub/djgpp/current/v2tk/$f" --output bin.zip @@ -530,7 +563,7 @@ jobs: - name: 'configure' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake -B bld -G Ninja \ -DCMAKE_SYSTEM_NAME=DOS \ -DCMAKE_SYSTEM_PROCESSOR=x86 \ @@ -570,7 +603,7 @@ jobs: - name: 'build' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld else make -C bld @@ -582,7 +615,7 @@ jobs: - name: 'build tests' if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target testdeps else make -C bld -C tests @@ -591,7 +624,7 @@ jobs: - name: 'build examples' if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target curl-examples else make -C bld examples diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index f4b2ad50e4..ed6303db91 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -49,6 +49,7 @@ jobs: env: MAKEFLAGS: -j 5 SHELLOPTS: 'igncr' + MATRIX_BUILD: '${{ matrix.build }}' strategy: matrix: include: @@ -88,19 +89,22 @@ jobs: - name: 'configure' timeout-minutes: 5 + env: + MATRIX_CONFIG: '${{ matrix.config }}' run: | PATH=/usr/bin - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake -B bld -G Ninja -D_CURL_PREFILL=ON ${options} \ + -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ - ${{ matrix.config }} + ${MATRIX_CONFIG} else mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ - --prefix="${HOME}"/install \ + --prefix="$HOME"/curl-install \ --with-libssh2 \ --disable-dependency-tracking \ - ${{ matrix.config }} + ${MATRIX_CONFIG} fi - name: 'configure log' @@ -119,8 +123,9 @@ jobs: timeout-minutes: 10 run: | PATH=/usr/bin - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose + cmake --install bld --verbose else make -C bld V=1 install fi @@ -130,7 +135,7 @@ jobs: run: | PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then PATH="$PWD/bld/lib:$PATH" fi bld/src/curl.exe --disable --version @@ -140,8 +145,8 @@ jobs: timeout-minutes: 15 run: | PATH=/usr/bin - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld --target testdeps + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target testdeps else make -C bld V=1 -C tests fi @@ -149,15 +154,17 @@ jobs: - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 15 + env: + TFLAGS: '${{ matrix.tflags }}' run: | PATH=/usr/bin - export TFLAGS='-j8 ${{ matrix.tflags }}' + TFLAGS="-j8 ${TFLAGS}" if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" fi - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then PATH="$PWD/bld/lib:$PATH" - cmake --build bld --target test-ci + cmake --build bld --verbose --target test-ci else make -C bld V=1 test-ci fi @@ -167,8 +174,8 @@ jobs: timeout-minutes: 5 run: | PATH=/usr/bin - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld --target curl-examples + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target curl-examples else make -C bld V=1 examples fi @@ -182,6 +189,9 @@ jobs: shell: msys2 {0} env: MAKEFLAGS: -j 5 + MATRIX_BUILD: '${{ matrix.build }}' + MATRIX_SYS: '${{ matrix.sys }}' + MATRIX_TEST: '${{ matrix.test }}' strategy: matrix: include: @@ -250,32 +260,39 @@ jobs: - name: 'configure' timeout-minutes: 5 + env: + CFLAGS: '${{ matrix.cflags }}' + MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}' + MATRIX_CONFIG: '${{ matrix.config }}' + MATRIX_ENV: '${{ matrix.env }}' + MATRIX_TYPE: '${{ matrix.type }}' run: | - if [ '${{ matrix.test }}' = 'uwp' ]; then + if [ "${MATRIX_TEST}" = 'uwp' ]; then CPPFLAGS='-DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP' - if [[ '${{ matrix.env }}' != 'clang'* ]]; then + if [[ "${MATRIX_ENV}" != 'clang'* ]]; then specs="$(realpath gcc-specs-uwp)" gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp/' -e 's/-lmsvcrt/-lucrtapp/' > "${specs}" CFLAGS="-specs=${specs}" CFLAGS_CMAKE="-specs=$(cygpath -w "${specs}")" fi fi - if [ '${{ matrix.build }}' = 'cmake' ]; then - for _chkprefill in '' ${{ matrix.chkprefill }}; do - if [[ '${{ matrix.env }}' = 'clang'* ]]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + for _chkprefill in '' ${MATRIX_CHKPREFILL}; do + if [[ "${MATRIX_ENV}" = 'clang'* ]]; then options='-DCMAKE_C_COMPILER=clang' else options='-DCMAKE_C_COMPILER=gcc' fi - [ '${{ matrix.sys }}' = 'msys' ] && options+=' -D_CURL_PREFILL=ON' - [ '${{ matrix.test }}' = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' + [ "${MATRIX_SYS}" = 'msys' ] && options+=' -D_CURL_PREFILL=ON' + [ "${MATRIX_TEST}" = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' cmake -B "bld${_chkprefill}" -G Ninja ${options} \ - -DCMAKE_C_FLAGS="${{ matrix.cflags }} ${CFLAGS_CMAKE} ${CPPFLAGS}" \ - -DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ + -DCMAKE_INSTALL_PREFIX="${HOME}"/curl-install \ + -DCMAKE_C_FLAGS="${CFLAGS_CMAKE} ${CPPFLAGS}" \ + -DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ - ${{ matrix.config }} + ${MATRIX_CONFIG} done if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' @@ -284,10 +301,10 @@ jobs: else export CFLAGS CPPFLAGS mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ - --prefix="${HOME}"/install \ + --prefix="$HOME"/curl-install \ --with-libssh2 \ --disable-dependency-tracking \ - ${{ matrix.config }} + ${MATRIX_CONFIG} fi - name: 'configure log' @@ -298,12 +315,14 @@ jobs: run: | echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' grep -F '#define' bld/lib/curl_config.h | sort || true + cat bld/cmake_install.cmake || true - name: 'build' timeout-minutes: 10 run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose + cmake --install bld --verbose else make -C bld V=1 install fi @@ -311,7 +330,7 @@ jobs: - name: 'curl version' timeout-minutes: 1 run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then PATH="$PWD/bld/lib:$PATH" else PATH="$PWD/bld/lib/.libs:$PATH" @@ -319,7 +338,7 @@ jobs: mv bld/src/.libs/curl.exe bld/src/curl.exe fi find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; - if [ '${{ matrix.test }}' != 'uwp' ]; then # curl: error initializing curl library + if [ "${MATRIX_TEST}" != 'uwp' ]; then # curl: error initializing curl library bld/src/curl.exe --disable --version fi @@ -327,12 +346,12 @@ jobs: if: ${{ matrix.tflags != 'skipall' }} # Save time by skipping this for autotools timeout-minutes: 10 run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld --target testdeps + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target testdeps else make -C bld V=1 -C tests fi - if [ '${{ matrix.build }}' != 'cmake' ]; then + if [ "${MATRIX_BUILD}" != 'cmake' ]; then # avoid libtool's .exe wrappers mv bld/tests/http/clients/.libs/*.exe bld/tests/http/clients mv bld/tests/libtest/.libs/*.exe bld/tests/libtest @@ -360,11 +379,14 @@ jobs: - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 + env: + MATRIX_INSTALL: '${{ matrix.install }}' + TFLAGS: '${{ matrix.tflags }}' run: | - export TFLAGS='-j8 ${{ matrix.tflags }}' - if [ '${{ matrix.sys }}' != 'msys' ]; then + TFLAGS="-j8 ${TFLAGS}" + if [ "${MATRIX_SYS}" != 'msys' ]; then TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) - if [[ '${{ matrix.install }}' = *'libssh2-wincng'* ]]; then + if [[ "${MATRIX_INSTALL}" = *'libssh2-wincng'* ]]; then TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804 fi fi @@ -372,9 +394,9 @@ jobs: TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" fi PATH="$PATH:/c/Program Files (x86)/stunnel/bin" - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then PATH="$PWD/bld/lib:$PATH" - cmake --build bld --target test-ci + cmake --build bld --verbose --target test-ci else PATH="$PWD/bld/lib/.libs:$PATH" make -C bld V=1 test-ci @@ -384,8 +406,8 @@ jobs: if: ${{ matrix.build == 'cmake' || (matrix.tflags == 'skipall' || matrix.tflags == 'skiprun') }} # Save time by skipping this for autotools running tests timeout-minutes: 5 run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then - cmake --build bld --target curl-examples + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + cmake --build bld --verbose --target curl-examples else make -C bld V=1 examples fi @@ -399,6 +421,7 @@ jobs: shell: msys2 {0} env: MAKEFLAGS: -j 5 + MATRIX_DIR: '${{ matrix.dir }}' strategy: matrix: include: @@ -457,11 +480,13 @@ jobs: - name: 'install compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} timeout-minutes: 5 + env: + MATRIX_URL: '${{ matrix.url }}' run: | - cd /d || exit 1 + cd /d mkdir my-cache - cd my-cache || exit 1 - curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https '${{ matrix.url }}' + cd my-cache + curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https "${MATRIX_URL}" pwd 7z x -y pack.bin >/dev/null rm -r -f pack.bin @@ -475,18 +500,22 @@ jobs: - name: 'configure' timeout-minutes: 5 + env: + MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}' + MATRIX_CONFIG: '${{ matrix.config }}' + MATRIX_TYPE: '${{ matrix.type }}' run: | - PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" - for _chkprefill in '' ${{ matrix.chkprefill }}; do + PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" + for _chkprefill in '' ${MATRIX_CHKPREFILL}; do options='' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' cmake -B "bld${_chkprefill}" -G Ninja ${options} \ -DCMAKE_C_COMPILER=gcc \ - -DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ + -DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ -DUSE_LIBIDN2=OFF \ - ${{ matrix.config }} + ${MATRIX_CONFIG} done if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' @@ -505,7 +534,7 @@ jobs: - name: 'build' timeout-minutes: 5 run: | - PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" + PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" cmake --build bld - name: 'curl version' @@ -519,7 +548,7 @@ jobs: if: ${{ matrix.tflags != 'skipall' }} timeout-minutes: 10 run: | - PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" + PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" cmake --build bld --target testdeps - name: 'install test prereqs' @@ -542,9 +571,11 @@ jobs: - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 + env: + TFLAGS: '${{ matrix.tflags }}' run: | - PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" - export TFLAGS='-j8 ${{ matrix.tflags }}' + PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" + TFLAGS="-j8 ${TFLAGS}" TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" @@ -555,7 +586,7 @@ jobs: - name: 'build examples' timeout-minutes: 5 run: | - PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" + PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH" cmake --build bld --target curl-examples linux-cross-mingw-w64: @@ -565,6 +596,8 @@ jobs: env: MAKEFLAGS: -j 5 TRIPLET: 'x86_64-w64-mingw32' + MATRIX_BUILD: '${{ matrix.build }}' + MATRIX_COMPILER: '${{ matrix.compiler }}' strategy: fail-fast: false matrix: @@ -575,11 +608,11 @@ jobs: steps: - name: 'install packages' timeout-minutes: 5 - # zizmor: ignore[template-injection] + env: + INSTALL_PACKAGES: ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }} run: | sudo rm -f /var/lib/man-db/auto-update - sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 \ - ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }} + sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${INSTALL_PACKAGES} - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -591,8 +624,8 @@ jobs: - name: 'configure' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then - if [ '${{ matrix.compiler }}' = 'clang-tidy' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then + if [ "${MATRIX_COMPILER}" = 'clang-tidy' ]; then options+=' -DCURL_CLANG_TIDY=ON' options+=' -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON' options+=' -DCMAKE_C_COMPILER=clang' @@ -627,7 +660,7 @@ jobs: - name: 'build' run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld else make -C bld @@ -639,7 +672,7 @@ jobs: - name: 'build tests' if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }} # Save time by skipping this for autotools and clang-tidy run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target testdeps else make -C bld -C tests @@ -648,7 +681,7 @@ jobs: - name: 'build examples' if: ${{ matrix.compiler != 'clang-tidy' }} # Save time by skipping this for clang-tidy run: | - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target curl-examples else make -C bld examples @@ -660,7 +693,8 @@ jobs: timeout-minutes: 10 env: MAKEFLAGS: -j 4 - toolchain-version: '0.59.1' + TOOLCHAIN_VERSION: '0.59.1' + MATRIX_BUILD: '${{ matrix.build }}' strategy: matrix: build: [autotools, cmake] @@ -670,23 +704,23 @@ jobs: if: ${{ matrix.build == 'autotools' }} timeout-minutes: 5 run: | - echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile - while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done + # shellcheck disable=SC2181,SC2034 + while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done - name: 'cache compiler (mingw32ce)' uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 id: cache-compiler with: path: ~/opt/mingw32ce - key: ${{ runner.os }}-mingw32ce-${{ env.toolchain-version }}-amd64 + key: ${{ runner.os }}-mingw32ce-${{ env.TOOLCHAIN_VERSION }}-amd64 - name: 'install compiler (mingw32ce)' if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} timeout-minutes: 5 run: | - cd "${HOME}" || exit 1 + cd ~ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 --retry-connrefused --proto-redir =https \ - --location 'https://downloads.sourceforge.net/cegcc/cegcc/${{ env.toolchain-version }}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2' | tar -x + --location "https://downloads.sourceforge.net/cegcc/cegcc/${TOOLCHAIN_VERSION}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2" | tar -x ls -l - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 @@ -696,7 +730,7 @@ jobs: - name: 'configure' run: | PATH="$HOME/opt/mingw32ce/bin:$PATH" - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake -B bld -G Ninja \ -DCMAKE_SYSTEM_NAME=WindowsCE \ -DCMAKE_SYSTEM_VERSION=8.0 \ @@ -706,7 +740,7 @@ jobs: -DCMAKE_C_COMPILER=arm-mingw32ce-gcc \ -DCMAKE_RC_COMPILER=arm-mingw32ce-windres \ -DMINGW32CE_LIBRARY_DIR="$HOME/opt/mingw32ce/arm-mingw32ce/lib" \ - -DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \ + -DCMAKE_IGNORE_PREFIX_PATH=/opt/homebrew \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCURL_TEST_BUNDLES=ON \ -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=OFF \ -DCURL_WERROR=ON \ @@ -733,7 +767,7 @@ jobs: - name: 'build' run: | PATH="$HOME/opt/mingw32ce/bin:$PATH" - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld else make -C bld @@ -747,7 +781,7 @@ jobs: if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time run: | PATH="$HOME/opt/mingw32ce/bin:$PATH" - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target testdeps else make -C bld -C tests @@ -757,7 +791,7 @@ jobs: if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time run: | PATH="$HOME/opt/mingw32ce/bin:$PATH" - if [ '${{ matrix.build }}' = 'cmake' ]; then + if [ "${MATRIX_BUILD}" = 'cmake' ]; then cmake --build bld --target curl-examples else make -C bld examples @@ -771,7 +805,13 @@ jobs: run: shell: msys2 {0} env: - openssh_windows-version: 'v9.8.1.0p1-Preview' + MATRIX_ARCH: '${{ matrix.arch }}' + MATRIX_IMAGE: '${{ matrix.image }}' + MATRIX_INSTALL: '${{ matrix.install }}' + MATRIX_OPENSSH: '${{ matrix.openssh }}' + MATRIX_PLAT: '${{ matrix.plat }}' + MATRIX_TYPE: '${{ matrix.type }}' + OPENSSH_WINDOWS_VERSION: 'v9.8.1.0p1-Preview' VCPKG_DISABLE_METRICS: '1' strategy: matrix: @@ -831,7 +871,7 @@ jobs: - name: 'vcpkg build' timeout-minutes: 45 - run: vcpkg x-set-installed ${{ matrix.install }} '--triplet=${{ matrix.arch }}-${{ matrix.plat }}' + run: vcpkg x-set-installed ${MATRIX_INSTALL} --triplet="${MATRIX_ARCH}-${MATRIX_PLAT}" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: @@ -839,24 +879,27 @@ jobs: - name: 'configure' timeout-minutes: 5 + env: + MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}' + MATRIX_CONFIG: '${{ matrix.config }}' run: | - for _chkprefill in '' ${{ matrix.chkprefill }}; do + for _chkprefill in '' ${MATRIX_CHKPREFILL}; do options='' - if [ '${{ matrix.plat }}' = 'uwp' ]; then + if [ "${MATRIX_PLAT}" = 'uwp' ]; then options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' cflags='-DWINAPI_FAMILY=WINAPI_FAMILY_PC_APP' ldflags='-OPT:NOREF -OPT:NOICF -APPCONTAINER:NO' vsglobals=';AppxPackage=false;WindowsAppContainer=false' fi - [ '${{ matrix.arch }}' = 'arm64' ] && options+=' -A ARM64' - [ '${{ matrix.arch }}' = 'x64' ] && options+=' -A x64' - [ '${{ matrix.arch }}' = 'x86' ] && options+=' -A Win32' + [ "${MATRIX_ARCH}" = 'arm64' ] && options+=' -A ARM64' + [ "${MATRIX_ARCH}" = 'x64' ] && options+=' -A x64' + [ "${MATRIX_ARCH}" = 'x86' ] && options+=' -A Win32' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' cmake -B "bld${_chkprefill}" ${options} \ -DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \ -DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \ - -DVCPKG_TARGET_TRIPLET='${{ matrix.arch }}-${{ matrix.plat }}' \ - -DCMAKE_C_COMPILER_TARGET='${{ matrix.arch }}-${{ matrix.plat }}' \ + -DVCPKG_TARGET_TRIPLET="${MATRIX_ARCH}-${MATRIX_PLAT}" \ + -DCMAKE_C_COMPILER_TARGET="${MATRIX_ARCH}-${MATRIX_PLAT}" \ -DCMAKE_C_FLAGS="${cflags}" \ -DCMAKE_EXE_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ -DCMAKE_SHARED_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ @@ -864,7 +907,7 @@ jobs: -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCURL_WERROR=ON \ -DBUILD_SHARED_LIBS=OFF \ - ${{ matrix.config }} + ${MATRIX_CONFIG} done if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' @@ -882,43 +925,43 @@ jobs: - name: 'build' timeout-minutes: 5 - run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 + run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 - name: 'curl version' timeout-minutes: 1 run: | PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \; - if [ '${{ matrix.plat }}' != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll - PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH" - 'bld/src/${{ matrix.type }}/curl.exe' --disable --version + if [ "${MATRIX_PLAT}" != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll + PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH" + "bld/src/${MATRIX_TYPE}/curl.exe" --disable --version fi - name: 'build tests' if: ${{ matrix.tflags != 'skipall' }} timeout-minutes: 10 - run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target testdeps + run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target testdeps - name: 'install test prereqs' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 5 run: | - if [ '${{ matrix.openssh }}' = '' ]; then # MSYS2 openssh + if [ -z "${MATRIX_OPENSSH}" ]; then # MSYS2 openssh /usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh - elif [ '${{ matrix.openssh }}' = 'OpenSSH-Windows-builtin' ]; then + elif [ "${MATRIX_OPENSSH}" = 'OpenSSH-Windows-builtin' ]; then # https://learn.microsoft.com/windows-server/administration/openssh/openssh_install_firstuse - if [ '${{ matrix.image }}' != 'windows-2025' ]; then + if [ "${MATRIX_IMAGE}" != 'windows-2025' ]; then pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0' pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0' fi else # OpenSSH-Windows - cd /c || exit 1 # no D: drive on windows-11-arm runners + cd /c # no D: drive on windows-11-arm runners curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ - --location 'https://github.com/PowerShell/Win32-OpenSSH/releases/download/${{ env.openssh_windows-version }}/OpenSSH-Win64.zip' --output bin.zip + --location "https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_WINDOWS_VERSION}/OpenSSH-Win64.zip" --output bin.zip unzip bin.zip rm -f bin.zip fi /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true - if [ '${{ matrix.image }}' != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step + if [ "${MATRIX_IMAGE}" != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket fi @@ -935,26 +978,28 @@ jobs: - name: 'run tests' if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} timeout-minutes: 10 + env: + TFLAGS: '${{ matrix.tflags }}' run: | - export CURL_DIRSUFFIX='${{ matrix.type }}' - export TFLAGS='-j8 ${{ matrix.tflags }}' + export CURL_DIRSUFFIX="${MATRIX_TYPE}" + TFLAGS="-j8 ${TFLAGS}" TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) - if [[ '${{ matrix.install }}' = *'libssh2[core,zlib]'* ]]; then + if [[ "${MATRIX_INSTALL}" = *'libssh2[core,zlib]'* ]]; then TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804 fi - if [ -n '${{ matrix.openssh }}' ]; then # OpenSSH-Windows + if [ -n "${MATRIX_OPENSSH}" ]; then # OpenSSH-Windows TFLAGS+=' ~601 ~603 ~617 ~619 ~621 ~641 ~665 ~2004' # SCP - if [[ '${{ matrix.install }}' = *'libssh '* ]]; then + if [[ "${MATRIX_INSTALL}" = *'libssh '* ]]; then TFLAGS+=' ~614' # 'SFTP pre-quote chmod' SFTP, pre-quote, directory else TFLAGS+=' ~3022' # 'SCP correct sha256 host key' SCP, server sha256 key check fi PATH="/c/OpenSSH-Win64:$PATH" fi - PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH:/c/Program Files (x86)/stunnel/bin" - cmake --build bld --config '${{ matrix.type }}' --target test-ci + PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH:/c/Program Files (x86)/stunnel/bin" + cmake --build bld --config "${MATRIX_TYPE}" --target test-ci - name: 'build examples' timeout-minutes: 5 if: ${{ contains(matrix.name, '+examples') }} - run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target curl-examples + run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target curl-examples