git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-12 12:21:42 +08:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity
030d6aeaf3
curl-curl/.github/workflows/http3-linux.yml
Viktor Szakats 04d90b5deb
configure: add option to trace pkg-config detection details 
To aid debugging cases when dependency detection acts unexpectedly.
Sprung from spending days trying to figure out behavior of ngtcp2 crypto
modules and their dependencies.

You can enable by setting env `CURL_TRACE_PKG_CONFIG` to a non-empty
value. When enabled, details are logged for both successful and
unsuccessful detections. Logging of unsuccessful ones is automatically
enabled when `CURL_CI` env is set, which is the case for all CI jobs.

It works by asking for `--debug` output and grepping for lines that seem
useful for this purpose. Output is different for classic pkg-config and
pkgconf, and may depending on tool version. Also append `--print-errors`
output if any.

Examples (with pkgconf):

Fail, before:
```
checking for libngtcp2_crypto_boringssl options with pkg-config... no
configure: error: --with-ngtcp2 was specified but could not find ngtcp2_crypto_boringssl pkg-config file.
```

Fail, after:
```
checking for libngtcp2_crypto_boringssl options with pkg-config... no
configure: pkg-config --exists libngtcp2_crypto_boringssl trace:
---- begin
trying path: /home/runner/nghttp3/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/ngtcp2-boringssl/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/nghttp3/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/ngtcp2-boringssl/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/nghttp3/build/lib/pkgconfig for openssl
trying path: /home/runner/ngtcp2-boringssl/build/lib/pkgconfig for openssl
trying path: /home/runner/nghttp2/build/lib/pkgconfig for openssl
==== error:
Package openssl was not found in the pkg-config search path.
Perhaps you should add the directory containing `openssl.pc'
to the PKG_CONFIG_PATH environment variable
Package 'openssl', required by 'libngtcp2_crypto_boringssl', not found
---- end
configure: error: --with-ngtcp2 was specified but could not find ngtcp2_crypto_boringssl pkg-config file.
```

Success, after:
```
checking for libngtcp2_crypto_boringssl options with pkg-config... found
configure: pkg-config --exists libngtcp2_crypto_boringssl trace:
---- begin
trying path: /home/runner/awslc/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/nghttp3/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/nghttp2/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/ngtcp2/build/lib/pkgconfig for libngtcp2_crypto_boringssl
trying path: /home/runner/awslc/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/nghttp3/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/nghttp2/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/ngtcp2/build/lib/pkgconfig for libngtcp2
trying path: /home/runner/awslc/build/lib/pkgconfig for openssl
trying path: /home/runner/awslc/build/lib/pkgconfig for libssl
trying path: /home/runner/awslc/build/lib/pkgconfig for libcrypto
---- end
```

More examples:
https://github.com/curl/curl/pull/20926#issuecomment-4064259935

If there is an externally enablable, built-in feature like this in
classic pkg-config or pkgconf, I could not find it.

Also:
- GHA/http3-linux: set `CURL_TRACE_PKG_CONFIG` to log detection details.
  H3 builds are prone to hard-to-debug dependency issues.

Ref: #20920
Follow-up to 3c64ffaff4 #18415 #18188
Follow-up to 99500660af #18028 #18022

Cherry-picked from #20926

Closes #20931
2026-03-16 11:31:01 +01:00

746 lines
33 KiB
YAML
Raw Blame History

# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
#
# SPDX-License-Identifier: curl
name: 'Linux HTTP/3'
'on':
push:
branches:
- master
- '*/ci'
paths-ignore:
- '**/*.md'
- '.circleci/**'
- 'appveyor.*'
- 'Dockerfile'
- 'projects/**'
pull_request:
branches:
- master
paths-ignore:
- '**/*.md'
- '.circleci/**'
- 'appveyor.*'
- 'Dockerfile'
- 'projects/**'
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: {}
env:
MAKEFLAGS: -j 5
CURL_CI: github
CURL_TEST_MIN: 1600
# handled in renovate.json
OPENSSL_VERSION: 3.6.1
# renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
LIBRESSL_VERSION: 4.2.1
# renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
AWSLC_VERSION: 1.69.0
# renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
BORINGSSL_VERSION: 0.20260211.0
# renovate: datasource=github-tags depName=gnutls/nettle versioning=semver registryUrl=https://github.com
NETTLE_VERSION: 3.10.2
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver extractVersion=^nettle_?(?<version>.+)_release_.+$ registryUrl=https://github.com
GNUTLS_VERSION: 3.8.11
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
WOLFSSL_VERSION: 5.8.4
# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
NGHTTP3_VERSION: 1.15.0
# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
NGTCP2_VERSION: 1.21.0
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
NGHTTP2_VERSION: 1.68.0
# renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com
QUICHE_VERSION: 0.24.7
jobs:
build-cache:
name: 'Build caches'
runs-on: ubuntu-latest
steps:
- name: 'cache openssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-openssl-http3-no-deprecated
env:
cache-name: cache-openssl-http3-no-deprecated
with:
path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
- name: 'cache libressl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-libressl
env:
cache-name: cache-libressl
with:
path: ~/libressl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'cache awslc'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-awslc
env:
cache-name: cache-awslc
with:
path: ~/awslc/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
- name: 'cache boringssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-boringssl
env:
cache-name: cache-boringssl
with:
path: ~/boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
- name: 'cache nettle'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nettle
env:
cache-name: cache-nettle
with:
path: ~/nettle/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }}
- name: 'cache gnutls'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-gnutls
env:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }}
- name: 'cache wolfssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-wolfssl
env:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache nghttp3'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nghttp3
env:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
- name: 'cache ngtcp2'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-ngtcp2
env:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache ngtcp2 boringssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-ngtcp2-boringssl
env:
cache-name: cache-ngtcp2-boringssl
with:
path: ~/ngtcp2-boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }}
- name: 'cache nghttp2'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nghttp2
env:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
- id: settings
if: >-
${{ steps.cache-openssl-http3-no-deprecated.outputs.cache-hit != 'true' ||
steps.cache-libressl.outputs.cache-hit != 'true' ||
steps.cache-awslc.outputs.cache-hit != 'true' ||
steps.cache-boringssl.outputs.cache-hit != 'true' ||
steps.cache-nettle.outputs.cache-hit != 'true' ||
steps.cache-gnutls.outputs.cache-hit != 'true' ||
steps.cache-wolfssl.outputs.cache-hit != 'true' ||
steps.cache-nghttp3.outputs.cache-hit != 'true' ||
steps.cache-ngtcp2.outputs.cache-hit != 'true' ||
steps.cache-ngtcp2-boringssl.outputs.cache-hit != 'true' ||
steps.cache-nghttp2.outputs.cache-hit != 'true' }}
run: echo 'needs-build=true' >> "$GITHUB_OUTPUT"
- name: 'install build prereqs'
if: ${{ steps.settings.outputs.needs-build == 'true' }}
run: |
sudo rm -f /etc/apt/sources.list.d/{azure-cli.sources,microsoft-prod.list,ondrej-ubuntu-php-noble.sources}
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf \
libbrotli-dev libzstd-dev zlib1g-dev \
libev-dev \
libc-ares-dev \
libp11-kit-dev autopoint bison gperf gtk-doc-tools libtasn1-bin # for GnuTLS
echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'build openssl'
if: ${{ steps.cache-openssl-http3-no-deprecated.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
cd openssl
./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests no-deprecated
make
make -j1 install_sw
- name: 'build libressl'
if: ${{ steps.cache-libressl.outputs.cache-hit != 'true' }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
--location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" --output pkg.bin
sha256sum pkg.bin && tar -xzf pkg.bin && rm -f pkg.bin
cd "libressl-${LIBRESSL_VERSION}"
cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl/build
cmake --build .
cmake --install .
- name: 'build awslc'
if: ${{ steps.cache-awslc.outputs.cache-hit != 'true' }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
--location "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" --output pkg.bin
sha256sum pkg.bin && tar -xzf pkg.bin && rm -f pkg.bin
cd "aws-lc-${AWSLC_VERSION}"
cmake -B . -G Ninja -DBUILD_SHARED_LIBS=ON -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/awslc/build
cmake --build .
cmake --install .
- name: 'build boringssl'
if: ${{ steps.cache-boringssl.outputs.cache-hit != 'true' }}
run: |
mkdir boringssl-src
cd boringssl-src
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
"https://boringssl.googlesource.com/boringssl/+archive/${BORINGSSL_VERSION}.tar.gz" --output pkg.bin
sha256sum pkg.bin && tar -xzf pkg.bin && rm -f pkg.bin
cmake -B . -G Ninja -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/boringssl/build
cmake --build .
cmake --install .
- name: 'build nettle'
if: ${{ steps.cache-nettle.outputs.cache-hit != 'true' }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
--location "https://ftpmirror.gnu.org/nettle/nettle-${NETTLE_VERSION}.tar.gz" --output pkg.bin
sha256sum pkg.bin && tar -xzf pkg.bin && rm -f pkg.bin
cd "nettle-${NETTLE_VERSION}"
./configure --disable-dependency-tracking --prefix=/home/runner/nettle/build \
--disable-silent-rules --disable-static --disable-openssl --disable-documentation
make install
- name: 'build gnutls'
if: ${{ steps.cache-gnutls.outputs.cache-hit != 'true' }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
"https://www.gnupg.org/ftp/gcrypt/gnutls/v${GNUTLS_VERSION%.*}/gnutls-${GNUTLS_VERSION}.tar.xz" --output pkg.bin
sha256sum pkg.bin && tar -xJf pkg.bin && rm -f pkg.bin
cd "gnutls-${GNUTLS_VERSION}"
# required: libp11-kit-dev libev-dev autopoint bison gperf gtk-doc-tools libtasn1-bin
./configure --disable-dependency-tracking --prefix=/home/runner/gnutls/build \
PKG_CONFIG_PATH=/home/runner/nettle/build/lib64/pkgconfig \
LDFLAGS=-Wl,-rpath,/home/runner/nettle/build/lib64 \
--with-included-libtasn1 --with-included-unistring \
--disable-guile --disable-doc --disable-tests --disable-tools
make install
- name: 'build wolfssl'
if: ${{ steps.cache-wolfssl.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl
cd wolfssl
./autogen.sh
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-all --enable-quic \
--disable-benchmark --disable-crypttests --disable-examples
make
make install
- name: 'build nghttp3'
if: ${{ steps.cache-nghttp3.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3
cd nghttp3
git submodule update --init --depth 1
autoreconf -fi
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only
make
make install
- name: 'build ngtcp2'
if: ${{ steps.cache-ngtcp2.outputs.cache-hit != 'true' }}
# building twice to get crypto libs for ossl, libressl and awslc installed
run: |
cd ~
git clone --quiet --depth 1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
cd ngtcp2
autoreconf -fi
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only \
PKG_CONFIG_PATH=/home/runner/libressl/build/lib/pkgconfig \
--with-openssl
make install
make clean
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only \
PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
--with-openssl --with-gnutls --with-wolfssl --with-boringssl \
BORINGSSL_LIBS='-L/home/runner/awslc/build/lib -lssl -lcrypto' \
BORINGSSL_CFLAGS='-I/home/runner/awslc/build/include'
make install
- name: 'build ngtcp2 boringssl'
if: ${{ steps.cache-ngtcp2-boringssl.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 ngtcp2-boringssl
cd ngtcp2-boringssl
autoreconf -fi
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only \
--with-openssl=no --with-boringssl \
BORINGSSL_LIBS='-L/home/runner/boringssl/build/lib -lssl -lcrypto' \
BORINGSSL_CFLAGS='-I/home/runner/boringssl/build/include'
make install
- name: 'build nghttp2'
if: ${{ steps.cache-nghttp2.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2
cd nghttp2
git submodule update --init --depth 1
autoreconf -fi
# required (for nghttpx application): libc-ares-dev libev-dev zlib1g-dev
# optional (for nghttpx application): libbrotli-dev
./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-app --enable-http3 \
PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \
LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib \
--with-libbrotlienc --with-libbrotlidec
make install
linux:
name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
needs: build-cache
runs-on: ubuntu-latest
timeout-minutes: 10
env:
CURL_TRACE_PKG_CONFIG: '1'
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}'
strategy:
fail-fast: false
matrix:
build:
- name: 'openssl'
PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
tflags: '--min=1640'
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib
--with-openssl=/home/runner/openssl/build --with-ngtcp2 --enable-ssls-export
- name: 'openssl'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/openssl/build -DUSE_NGTCP2=ON
-DCURL_DISABLE_LDAP=ON
-DCMAKE_UNITY_BUILD=ON
- name: 'libressl'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/libressl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/libressl/build/lib
--with-openssl=/home/runner/libressl/build --with-ngtcp2 --enable-ssls-export
--enable-unity
- name: 'libressl'
PKG_CONFIG_PATH: /home/runner/libressl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
tflags: '--min=1790'
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/libressl/build -DUSE_NGTCP2=ON
- name: 'awslc'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/awslc/build/lib
--with-openssl=/home/runner/awslc/build --with-ngtcp2 --enable-ssls-export
- name: 'awslc'
PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
tflags: '--min=1790'
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/awslc/build -DUSE_NGTCP2=ON -DBUILD_SHARED_LIBS=OFF
-DCMAKE_UNITY_BUILD=ON -DCURL_DROP_UNUSED=ON
- name: 'boringssl'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/boringssl/build/lib
--with-openssl=/home/runner/boringssl/build --with-ngtcp2 --enable-ssls-export
- name: 'boringssl'
PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
tflags: '--min=1790'
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/boringssl/build -DUSE_NGTCP2=ON -DBUILD_SHARED_LIBS=OFF
-DCMAKE_UNITY_BUILD=ON
- name: 'gnutls'
install_packages: libp11-kit-dev libssh-dev
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib -Wl,-rpath,/home/runner/nettle/build/lib64 -Wl,-rpath,/home/runner/ngtcp2/build/lib
configure: >-
--with-gnutls=/home/runner/gnutls/build --with-ngtcp2 --with-libssh --enable-ssls-export
- name: 'gnutls'
install_packages: libp11-kit-dev libssh-dev
PKG_CONFIG_PATH: /home/runner/nettle/build/lib64/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
LDFLAGS: -Wl,-rpath,/home/runner/gnutls/build/lib
tflags: '--min=1840'
generate: >-
-DCURL_USE_GNUTLS=ON -DUSE_NGTCP2=ON -DCURL_USE_LIBSSH=ON
-DCMAKE_UNITY_BUILD=ON
- name: 'wolfssl'
install_packages: libssh2-1-dev
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/wolfssl/build/lib
--with-wolfssl=/home/runner/wolfssl/build --with-ngtcp2 --enable-ech --with-libssh2 --enable-ssls-export
--enable-unity
- name: 'wolfssl'
install_packages: libssh2-1-dev
PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
tflags: '--min=1840'
generate: >-
-DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON
-DUSE_ECH=ON
- name: 'quiche'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/quiche/target/release
--with-openssl=/home/runner/quiche/quiche/deps/boringssl/src
--with-quiche=/home/runner/quiche/target/release
--with-ca-fallback
--enable-unity
- name: 'quiche'
PKG_CONFIG_PATH: /home/runner/nghttp2/build/lib/pkgconfig:/home/runner/quiche/target/release
tflags: '--min=1790'
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/quiche/quiche/deps/boringssl/src
-DUSE_QUICHE=ON
-DCURL_CA_FALLBACK=ON
steps:
- name: 'install prereqs'
env:
INSTALL_PACKAGES: >-
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4 ' || '' }}
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server libev-dev' || '' }}
run: |
sudo rm -f /etc/apt/sources.list.d/{azure-cli.sources,microsoft-prod.list,ondrej-ubuntu-php-noble.sources}
sudo apt-get -o Dpkg::Use-Pty=0 update
sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf \
libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libidn2-0-dev libldap-dev libuv1-dev valgrind \
${INSTALL_PACKAGES} \
${MATRIX_INSTALL_PACKAGES}
echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'cache openssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-openssl-http3-no-deprecated
env:
cache-name: cache-openssl-http3-no-deprecated
with:
path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache libressl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-libressl
env:
cache-name: cache-libressl
with:
path: ~/libressl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache awslc'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-awslc
env:
cache-name: cache-awslc
with:
path: ~/awslc/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
fail-on-cache-miss: true
- name: 'cache boringssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-boringssl
env:
cache-name: cache-boringssl
with:
path: ~/boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nettle'
if: ${{ matrix.build.name == 'gnutls' }}
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nettle
env:
cache-name: cache-nettle
with:
path: ~/nettle/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NETTLE_VERSION }}
fail-on-cache-miss: true
- name: 'cache gnutls'
if: ${{ matrix.build.name == 'gnutls' }}
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-gnutls
env:
cache-name: cache-gnutls
with:
path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}-${{ env.NETTLE_VERSION }}
fail-on-cache-miss: true
- name: 'cache wolfssl'
if: ${{ matrix.build.name == 'wolfssl' }}
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-wolfssl
env:
cache-name: cache-wolfssl
with:
path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nghttp3'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nghttp3
env:
cache-name: cache-nghttp3
with:
path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true
- name: 'cache ngtcp2'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-ngtcp2
env:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.NETTLE_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache ngtcp2 boringssl'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-ngtcp2-boringssl
env:
cache-name: cache-ngtcp2-boringssl
with:
path: ~/ngtcp2-boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nghttp2'
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-nghttp2
env:
cache-name: cache-nghttp2
with:
path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true
- name: 'cache quiche'
if: ${{ matrix.build.name == 'quiche' }}
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
id: cache-quiche
env:
cache-name: cache-quiche
with:
path: ~/quiche
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICHE_VERSION }}
- name: 'build quiche and boringssl'
if: ${{ matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth 1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche
cd quiche
#### Work-around https://github.com/curl/curl/issues/7927 #######
#### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml
cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
ln -s libquiche.so target/release/libquiche.so.0
mkdir -v quiche/deps/boringssl/src/lib
find target/release \( -name libcrypto.a -o -name libssl.a \) -exec ln -vnf -- '{}' quiche/deps/boringssl/src/lib \;
# include dir
# /home/runner/quiche/quiche/deps/boringssl/src/include
# lib dir
# /home/runner/quiche/quiche/deps/boringssl/src/lib
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: 'autoreconf'
if: ${{ matrix.build.configure }}
run: autoreconf -fi
- name: 'configure'
env:
LDFLAGS: '${{ matrix.build.LDFLAGS }}'
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
run: |
[ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
[[ "${MATRIX_GENERATE}" = *'boringssl'* ]] && options=" -DBORINGSSL_VERSION=${BORINGSSL_VERSION}"
cmake -B bld -G Ninja \
-DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
-DCURL_WERROR=ON -DENABLE_DEBUG=ON \
-DCURL_USE_LIBUV=ON \
-DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx \
-DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx \
${MATRIX_GENERATE} ${options}
else
[[ "${MATRIX_CONFIGURE}" = *'boringssl'* ]] && export CPPFLAGS="-DCURL_BORINGSSL_VERSION=\\\"${BORINGSSL_VERSION}\\\""
mkdir bld && cd bld && ../configure --enable-warnings --enable-werror --enable-debug --disable-static \
--disable-dependency-tracking --enable-option-checking=fatal \
--with-libuv \
--with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx \
${MATRIX_CONFIGURE}
fi
- name: 'configure log'
if: ${{ !cancelled() }}
run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true
- name: 'curl_config.h'
run: |
echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
grep -F '#define' bld/lib/curl_config.h | sort || true
- name: 'test configs'
run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true
- name: 'build'
run: |
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose
else
make -C bld V=1
fi
- name: 'curl -V'
run: |
find . -type f \( -name curl -o -name '*.so.*' -o -name '*.a' \) -print0 | xargs -0 file --
find . -type f \( -name curl -o -name '*.so.*' -o -name '*.a' \) -print0 | xargs -0 stat -c '%10s bytes: %n' --
bld/src/curl --disable -V
- name: 'build tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') }}
run: |
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps
else
make -C bld V=1 -C tests
fi
- name: 'install test prereqs'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
run: |
python3 -m venv ~/venv
if bld/src/curl --disable -V 2>/dev/null | grep smb; then
~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt
fi
- name: 'run tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
env:
TFLAGS: '${{ matrix.build.tflags }}'
run: |
TFLAGS+=' -n'
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target test-ci
else
make -C bld V=1 test-ci
fi
- name: 'run tests (valgrind)'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
run: |
export TFLAGS='-j6 --min=4 HTTP/3'
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target test-ci
else
make -C bld V=1 test-ci
fi
- name: 'install pytest prereqs'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
run: |
[ -d ~/venv ] || python3 -m venv ~/venv
~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt
- name: 'run pytest (event based)'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
env:
CURL_TEST_EVENT: 1
PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: |
source ~/venv/bin/activate
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci
else
make -C bld V=1 pytest-ci
fi
Reference in New Issue View Git Blame Copy Permalink