mirror of
https://github.com/curl/curl.git
synced 2026-04-13 12:41:42 +08:00
2cbcde90e7
To make CI turnaround time shorter, by cutting the longest running jobs.
After this patch all jobs should finish around 10-11 minutes. Down from
15-16 minutes before this patch.
Suggested-by: Stefan Eissing
The fuzzing workflow is now the slowest (with a 7-minute startup time
needed to build deps from source on each run), followed by macOS
and Windows torture tests (both split in two now). Without fuzzing, it's
under 10 minutes.
Notes:
- an extra cost with job-pairs is installing prereqs,
configuring/building curl and tests twice. GitHub doesn't support
making a matrix job a prereq for another workflow that may fix this:
https://github.com/orgs/community/discussions/42335
This overhead is significant on Windows: 11m20 -> 9m20 + 8m40
- job-pairs are annoying to maintain and keep in sync.
- splitting tests into halves is a manual process and needs to be
revisited from time to time. Possibly something to automate with
a runtests option, e.g. with `1 of 50%` and `2 of 50%`?
Also:
- split torture tests in two equal pieces, replacing the `FTP` + `!FTP`
split used earlier.
Related perf improvements from today:
- make scan-build 2x fast:
ff958fc4b2 #20159
- drop build-only Testi386 fuzz workflow (from curl), saving 9m per run:
0106023c1f
https://github.com/curl/curl-fuzzer/pull/236
Closes #20153
876 lines
44 KiB
YAML
876 lines
44 KiB
YAML
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
|
|
name: 'Linux'
|
|
|
|
'on':
|
|
push:
|
|
branches:
|
|
- master
|
|
- '*/ci'
|
|
paths-ignore:
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'Dockerfile'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'Dockerfile'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
|
|
cancel-in-progress: true
|
|
|
|
permissions: {}
|
|
|
|
env:
|
|
MAKEFLAGS: -j 5
|
|
CURL_CI: github
|
|
CURL_TEST_MIN: 1600
|
|
CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.bzero,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.ArrayBound,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized'
|
|
# renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
|
|
LIBRESSL_VERSION: 4.2.1
|
|
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
|
|
WOLFSSL_VERSION: 5.8.4
|
|
# renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com
|
|
MBEDTLS_VERSION: 4.0.0
|
|
# renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver:^3.0.0 registryUrl=https://github.com
|
|
MBEDTLS_VERSION_PREV: 3.6.4
|
|
# renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
|
|
AWSLC_VERSION: 1.65.1
|
|
# renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
|
|
BORINGSSL_VERSION: 0.20251124.0
|
|
# handled in renovate.json
|
|
OPENSSL_VERSION: 3.6.0
|
|
# renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com
|
|
RUSTLS_VERSION: 0.15.0
|
|
# handled in renovate.json
|
|
OPENLDAP_VERSION: 2.6.10
|
|
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
|
|
NGHTTP2_VERSION: 1.68.0
|
|
# renovate: datasource=github-releases depName=pizlonator/fil-c versioning=semver-coerced registryUrl=https://github.com
|
|
FIL_C_VERSION: 0.677
|
|
|
|
jobs:
|
|
linux:
|
|
name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
|
|
runs-on: ${{ matrix.build.image || 'ubuntu-latest' }}
|
|
container: ${{ matrix.build.container }}
|
|
timeout-minutes: 25
|
|
env:
|
|
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
|
|
MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}'
|
|
MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}'
|
|
MATRIX_MAKE_PREFIX: '${{ matrix.build.make-prefix }}'
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
build:
|
|
- name: 'libressl krb5'
|
|
install_packages: libidn2-dev libnghttp2-dev libldap-dev libkrb5-dev
|
|
install_steps: libressl pytest codeset-test
|
|
configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug
|
|
|
|
- name: 'libressl krb5 valgrind 1'
|
|
install_packages: libnghttp2-dev libldap-dev libkrb5-dev valgrind
|
|
install_steps: libressl
|
|
tflags: '--min=870 1 to 950'
|
|
generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
|
|
|
|
- name: 'libressl krb5 valgrind 2'
|
|
install_packages: libnghttp2-dev libldap-dev libkrb5-dev valgrind
|
|
install_steps: libressl
|
|
tflags: '--min=900 951 to 9999'
|
|
generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
|
|
|
|
- name: 'libressl clang'
|
|
install_packages: clang
|
|
install_steps: libressl
|
|
configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --enable-debug
|
|
|
|
- name: 'wolfssl-all'
|
|
install_steps: wolfssl-all
|
|
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-all/lib --with-wolfssl=/home/runner/wolfssl-all --enable-ech --enable-debug
|
|
|
|
- name: 'wolfssl-opensslextra valgrind 1'
|
|
install_packages: valgrind
|
|
install_steps: wolfssl-opensslextra
|
|
tflags: '--min=780 1 to 950'
|
|
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-ech --enable-debug
|
|
|
|
- name: 'wolfssl-opensslextra valgrind 2'
|
|
install_packages: valgrind
|
|
install_steps: wolfssl-opensslextra
|
|
tflags: '--min=800 951 to 9999'
|
|
configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-ech --enable-debug
|
|
|
|
- name: 'mbedtls gss valgrind 1'
|
|
install_packages: libnghttp2-dev libidn2-dev libldap-dev libgss-dev valgrind
|
|
install_steps: mbedtls
|
|
tflags: '--min=830 1 to 950'
|
|
generate: >-
|
|
-DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON
|
|
-DMBEDTLS_INCLUDE_DIR=/home/runner/mbedtls/include
|
|
-DMBEDTLS_LIBRARY=/home/runner/mbedtls/lib/libmbedtls.a
|
|
-DMBEDX509_LIBRARY=/home/runner/mbedtls/lib/libmbedx509.a
|
|
-DMBEDCRYPTO_LIBRARY=/home/runner/mbedtls/lib/libmbedcrypto.a
|
|
-DCURL_USE_GSSAPI=ON
|
|
|
|
- name: 'mbedtls gss valgrind 2'
|
|
install_packages: libnghttp2-dev libidn2-dev libldap-dev libgss-dev valgrind
|
|
install_steps: mbedtls
|
|
tflags: '--min=800 951 to 9999'
|
|
generate: >-
|
|
-DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON
|
|
-DMBEDTLS_INCLUDE_DIR=/home/runner/mbedtls/include
|
|
-DMBEDTLS_LIBRARY=/home/runner/mbedtls/lib/libmbedtls.a
|
|
-DMBEDX509_LIBRARY=/home/runner/mbedtls/lib/libmbedx509.a
|
|
-DMBEDCRYPTO_LIBRARY=/home/runner/mbedtls/lib/libmbedcrypto.a
|
|
-DCURL_USE_GSSAPI=ON
|
|
|
|
- name: 'mbedtls clang'
|
|
install_packages: libssh-dev libnghttp2-dev libldap-dev clang
|
|
install_steps: mbedtls pytest
|
|
configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --with-libssh --enable-debug --with-fish-functions-dir --with-zsh-functions-dir
|
|
|
|
- name: 'mbedtls-prev'
|
|
install_packages: libssh2-1-dev libnghttp2-dev libuv1-dev
|
|
install_steps: mbedtls-prev pytest
|
|
PKG_CONFIG_PATH: /home/runner/mbedtls-prev/lib/pkgconfig # Requires v3.6.0
|
|
generate: -DCURL_USE_MBEDTLS=ON -DCURL_USE_LIBUV=ON -DENABLE_DEBUG=ON
|
|
|
|
- name: 'mbedtls-pkg MultiSSL !pc'
|
|
install_packages: libnghttp2-dev libmbedtls-dev
|
|
install_steps: mbedtls skipall
|
|
generate: >-
|
|
-DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON -DCURL_DEFAULT_SSL_BACKEND=mbedtls
|
|
-DMBEDTLS_INCLUDE_DIR=/home/runner/mbedtls/include
|
|
-DMBEDTLS_LIBRARY=/home/runner/mbedtls/lib/libmbedtls.a
|
|
-DMBEDX509_LIBRARY=/home/runner/mbedtls/lib/libmbedx509.a
|
|
-DMBEDCRYPTO_LIBRARY=/home/runner/mbedtls/lib/libmbedcrypto.a
|
|
-DCURL_USE_PKGCONFIG=OFF -DCURL_USE_OPENSSL=ON
|
|
-DBUILD_LIBCURL_DOCS=OFF -DBUILD_MISC_DOCS=OFF -DENABLE_CURL_MANUAL=OFF
|
|
-DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON
|
|
|
|
- name: 'awslc'
|
|
install_steps: awslc pytest
|
|
configure: LDFLAGS=-Wl,-rpath,/home/runner/awslc/lib --with-openssl=/home/runner/awslc --enable-ech
|
|
|
|
- name: 'awslc'
|
|
install_packages: libidn2-dev
|
|
install_steps: awslc
|
|
generate: -DOPENSSL_ROOT_DIR=/home/runner/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF
|
|
|
|
- name: 'boringssl'
|
|
install_steps: boringssl pytest
|
|
generate: -DOPENSSL_ROOT_DIR=/home/runner/boringssl -DUSE_ECH=ON
|
|
|
|
- name: 'openssl default'
|
|
install_steps: pytest
|
|
configure: --with-openssl --enable-debug --disable-unity
|
|
|
|
- name: 'openssl libssh2 sync-resolver valgrind 1'
|
|
install_packages: libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev valgrind
|
|
tflags: '--min=920 1 to 950'
|
|
generate: -DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF
|
|
|
|
- name: 'openssl libssh2 sync-resolver valgrind 2'
|
|
install_packages: libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev valgrind
|
|
tflags: '--min=910 951 to 9999'
|
|
generate: -DENABLE_DEBUG=ON -DENABLE_THREADED_RESOLVER=OFF
|
|
|
|
- name: 'openssl'
|
|
install_packages: libssh-dev
|
|
install_steps: pytest
|
|
configure: CFLAGS=-std=gnu89 --with-openssl --with-libssh --enable-debug
|
|
|
|
- name: 'openssl arm'
|
|
install_steps: pytest
|
|
configure: CFLAGS=-std=gnu89 --with-openssl --enable-debug --disable-verbose
|
|
image: 'ubuntu-24.04-arm'
|
|
|
|
- name: 'openssl -O3 libssh valgrind 1'
|
|
install_packages: libssh-dev valgrind
|
|
CFLAGS: -O3
|
|
tflags: '--min=920 1 to 950'
|
|
generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50
|
|
|
|
- name: 'openssl -O3 libssh valgrind 2'
|
|
install_packages: libssh-dev valgrind
|
|
CFLAGS: -O3
|
|
tflags: '--min=890 951 to 9999'
|
|
generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50
|
|
|
|
- name: 'openssl clang krb5 openldap static'
|
|
install_steps: openldap-static
|
|
install_packages: libidn2-dev libkrb5-dev clang libssl-dev
|
|
configure: CC=clang --disable-shared --with-openssl --with-gssapi --enable-debug --disable-docs --disable-manual --with-ldap=/home/runner/openldap-static --with-ldap-lib=ldap --with-lber-lib=lber
|
|
|
|
- name: 'openssl clang krb5 LTO'
|
|
install_packages: libssh2-1-dev libkrb5-dev clang
|
|
install_steps: skiprun pytest
|
|
CC: clang
|
|
generate: -DCURL_USE_OPENSSL=ON -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LTO=ON
|
|
|
|
- name: 'openssl !ipv6 !--libcurl !--digest-auth'
|
|
configure: --with-openssl --disable-ipv6 --enable-debug --disable-unity --disable-libcurl-option --disable-digest-auth
|
|
|
|
- name: 'openssl https-only'
|
|
tflags: '--min=1150'
|
|
configure: >-
|
|
--with-openssl --enable-debug --disable-unity
|
|
--disable-dict --disable-gopher --disable-ldap --disable-telnet
|
|
--disable-imap --disable-pop3 --disable-smtp
|
|
--without-librtmp --disable-rtsp
|
|
--without-libssh2 --without-libssh
|
|
--disable-tftp --disable-ftp --disable-file --disable-smb
|
|
|
|
- name: 'openssl torture 1'
|
|
install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev
|
|
tflags: '-t --shallow=25 --min=920 1 to 950'
|
|
torture: true
|
|
generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON
|
|
|
|
- name: 'openssl torture 2'
|
|
install_packages: libnghttp2-dev libssh2-1-dev libc-ares-dev
|
|
tflags: '-t --shallow=20 --min=900 951 to 9999'
|
|
torture: true
|
|
generate: -DCURL_USE_OPENSSL=ON -DENABLE_DEBUG=ON -DENABLE_ARES=ON
|
|
|
|
- name: 'openssl i686'
|
|
install_packages: gcc-14-i686-linux-gnu libssl-dev:i386 librtmp-dev:i386 libssh2-1-dev:i386 libidn2-dev:i386 libc-ares-dev:i386 zlib1g-dev:i386
|
|
configure: >-
|
|
PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig
|
|
CC=i686-linux-gnu-gcc-14
|
|
CPPFLAGS=-I/usr/include/i386-linux-gnu
|
|
LDFLAGS=-L/usr/lib/i386-linux-gnu
|
|
--host=i686-linux-gnu
|
|
--with-openssl --with-librtmp --with-libssh2 --with-libidn2 --enable-ares --enable-debug
|
|
|
|
- name: '!ssl !http !smtp !imap'
|
|
tflags: '--min=475'
|
|
configure: --without-ssl --enable-debug --disable-http --disable-smtp --disable-imap --disable-unity
|
|
|
|
- name: 'libressl Fil-C'
|
|
install_steps: filc libressl-filc nghttp2-filc pytest
|
|
tflags: '!776' # adds 1-9 minutes to the test run step, and fails consistently
|
|
CC: /home/runner/filc/build/bin/filcc
|
|
PKG_CONFIG_PATH: /home/runner/nghttp2/lib/pkgconfig
|
|
generate: >-
|
|
-DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF -DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON
|
|
-DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_LIBPSL=OFF
|
|
-DCURL_ZLIB=OFF -DCURL_BROTLI=OFF -DCURL_ZSTD=OFF
|
|
-DCURL_DISABLE_LDAP=ON -DUSE_LIBIDN2=OFF -DCURL_USE_LIBSSH2=OFF
|
|
|
|
- name: 'clang-tidy'
|
|
install_packages: clang-tidy libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libkrb5-dev librtmp-dev libgnutls28-dev
|
|
install_steps: skipall mbedtls rustls wolfssl-opensslextra
|
|
install_steps_brew: gsasl
|
|
make-custom-target: tidy
|
|
PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig
|
|
LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib
|
|
configure: >-
|
|
--with-wolfssl=/home/runner/wolfssl-opensslextra --with-openssl --with-rustls --with-mbedtls=/home/runner/mbedtls --with-gnutls --with-libgsasl
|
|
--with-librtmp --with-libssh2 --with-libidn2
|
|
--enable-ech --with-gssapi --enable-ssls-export --disable-typecheck
|
|
|
|
- name: 'scan-build'
|
|
install_packages: clang-tools clang libssl-dev libidn2-dev libssh2-1-dev libnghttp2-dev libldap-dev libgss-dev librtmp-dev libgnutls28-dev
|
|
install_steps: skipall mbedtls rustls wolfssl-opensslextra
|
|
install_steps_brew: gsasl
|
|
CC: clang
|
|
configure-prefix: scan-build
|
|
make-prefix: scan-build --status-bugs
|
|
LDFLAGS: -Wl,-rpath,/home/runner/wolfssl-opensslextra/lib -Wl,-rpath,/home/runner/mbedtls/lib -Wl,-rpath,/home/runner/rustls/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/gsasl/lib
|
|
PKG_CONFIG_PATH: /home/runner/wolfssl-opensslextra/lib/pkgconfig:/home/runner/mbedtls/lib/pkgconfig:/home/runner/rustls/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/gsasl/lib/pkgconfig
|
|
generate: >-
|
|
-DCURL_USE_OPENSSL=ON -DCURL_USE_WOLFSSL=ON -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON
|
|
-DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON
|
|
-DUSE_ECH=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON
|
|
-DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON
|
|
|
|
- name: 'scan-build H3 c-ares !examples'
|
|
install_packages: clang-tools clang libidn2-dev libssh-dev libnghttp2-dev
|
|
install_steps: skipall
|
|
install_steps_brew: openssl libngtcp2 libnghttp3 c-ares
|
|
CC: clang
|
|
configure-prefix: scan-build
|
|
make-prefix: scan-build --status-bugs
|
|
LDFLAGS: -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/openssl/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libngtcp2/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib
|
|
PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig
|
|
generate: >-
|
|
-DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/home/linuxbrew/.linuxbrew/opt/openssl -DUSE_NGTCP2=ON
|
|
-DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON -DUSE_HTTPSRR=ON -DENABLE_ARES=ON
|
|
-DCMAKE_UNITY_BUILD=OFF -DCURL_DISABLE_TYPECHECK=ON
|
|
-DCURL_DISABLE_VERBOSE_STRINGS=ON
|
|
|
|
- name: 'address-sanitizer'
|
|
install_packages: clang libssl-dev libssh-dev libidn2-dev libnghttp2-dev libubsan1 libasan8 libtsan2
|
|
install_steps: pytest randcurl
|
|
CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
|
|
LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan
|
|
CC: clang
|
|
generate: -DENABLE_DEBUG=ON -DCURL_USE_LIBSSH=ON
|
|
|
|
- name: 'address-sanitizer H3 c-ares'
|
|
install_packages: clang libubsan1 libasan8 libtsan2
|
|
install_steps: pytest
|
|
install_steps_brew: openssl libssh2 libngtcp2 libnghttp3 c-ares
|
|
CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
|
|
LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer -ldl -lubsan -Wl,-rpath,/home/linuxbrew/.linuxbrew/opt/c-ares/lib
|
|
PKG_CONFIG_PATH: /home/linuxbrew/.linuxbrew/opt/libssh2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libngtcp2/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/libnghttp3/lib/pkgconfig:/home/linuxbrew/.linuxbrew/opt/c-ares/lib/pkgconfig
|
|
CC: clang
|
|
generate: -DENABLE_DEBUG=ON -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/home/linuxbrew/.linuxbrew/opt/openssl -DUSE_NGTCP2=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON
|
|
|
|
- name: 'thread-sanitizer'
|
|
install_packages: clang libtsan2
|
|
install_steps: pytest openssl-tsan
|
|
CFLAGS: -fsanitize=thread -g
|
|
LDFLAGS: -fsanitize=thread
|
|
CC: clang
|
|
generate: -DOPENSSL_ROOT_DIR=/home/runner/openssl -DENABLE_DEBUG=ON -DENABLE_CURLDEBUG=OFF
|
|
|
|
- name: 'memory-sanitizer'
|
|
install_packages: clang
|
|
install_steps: randcurl
|
|
CFLAGS: -fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g
|
|
LDFLAGS: -fsanitize=memory
|
|
LIBS: -ldl
|
|
configure: CC=clang --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug
|
|
tflags: '--min=1480'
|
|
|
|
- name: 'event-based'
|
|
install_packages: libssh-dev
|
|
configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
|
|
tflags: '-n --test-event --min=1350'
|
|
|
|
- name: 'duphandle'
|
|
install_packages: libssh-dev
|
|
configure: --enable-debug --disable-shared --disable-threaded-resolver --with-libssh --with-openssl
|
|
tflags: '-n --test-duphandle'
|
|
|
|
- name: 'rustls valgrind 1'
|
|
install_packages: libnghttp2-dev libldap-dev valgrind
|
|
install_steps: rust rustls
|
|
tflags: '--min=780 1 to 950'
|
|
generate: -DCURL_USE_RUSTLS=ON -DUSE_ECH=ON -DENABLE_DEBUG=ON
|
|
|
|
- name: 'rustls valgrind 2'
|
|
install_packages: libnghttp2-dev libldap-dev valgrind
|
|
install_steps: rust rustls
|
|
tflags: '--min=820 951 to 9999'
|
|
generate: -DCURL_USE_RUSTLS=ON -DUSE_ECH=ON -DENABLE_DEBUG=ON
|
|
|
|
- name: 'rustls'
|
|
install_packages: libnghttp2-dev libldap-dev
|
|
install_steps: rust rustls skiprun pytest
|
|
configure: --with-rustls --enable-ech --enable-debug
|
|
|
|
- name: 'IntelC openssl'
|
|
install_packages: libssl-dev
|
|
install_steps: intel
|
|
configure: CC=icc --enable-debug --with-openssl
|
|
|
|
- name: 'Slackware !ssl gssapi gcc'
|
|
# Flags used to build the curl Slackware package, except OpenSSL 1.1.0:
|
|
# https://ftpmirror.infania.net/slackware/slackware64-current/source/n/curl/curl.SlackBuild
|
|
configure: --enable-debug --without-ssl --with-libssh2 --with-gssapi --enable-ares --enable-static=no --without-ca-bundle --with-ca-path=/etc/ssl/certs
|
|
# Docker Hub image that `container-job` executes in
|
|
container: 'andy5995/slackware-build-essential:15.0'
|
|
|
|
- name: 'Alpine MUSL https-rr'
|
|
configure: --enable-debug --with-ssl --with-libssh2 --with-libidn2 --with-gssapi --enable-ldap --with-libpsl --enable-httpsrr --enable-ares --enable-threaded-resolver
|
|
container: 'alpine:3.20'
|
|
|
|
- name: 'Alpine MUSL https-rr c-ares'
|
|
configure: --enable-debug --with-ssl --with-libssh2 --with-libidn2 --with-gssapi --enable-ldap --with-libpsl --enable-httpsrr --enable-ares --disable-threaded-resolver
|
|
container: 'alpine:3.20'
|
|
|
|
steps:
|
|
- name: 'install prereqs'
|
|
if: ${{ matrix.build.container == null && !contains(matrix.build.name, 'i686') }}
|
|
env:
|
|
INSTALL_PACKAGES_BREW: '${{ matrix.build.install_steps_brew }}'
|
|
INSTALL_PACKAGES: >-
|
|
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }}
|
|
${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd dante-server' || '' }}
|
|
|
|
run: |
|
|
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
|
|
sudo apt-get -o Dpkg::Use-Pty=0 update
|
|
sudo rm -f /var/lib/man-db/auto-update
|
|
sudo apt-get -o Dpkg::Use-Pty=0 install \
|
|
libtool autoconf automake pkgconf \
|
|
libpsl-dev zlib1g-dev libbrotli-dev libzstd-dev \
|
|
${INSTALL_PACKAGES} \
|
|
${MATRIX_INSTALL_PACKAGES}
|
|
if [ -n "${INSTALL_PACKAGES_BREW}" ]; then
|
|
HOMEBREW_NO_AUTO_UPDATE=1 /home/linuxbrew/.linuxbrew/bin/brew install ${INSTALL_PACKAGES_BREW}
|
|
fi
|
|
|
|
- name: 'install prereqs (i686)'
|
|
if: ${{ contains(matrix.build.name, 'i686') }}
|
|
run: |
|
|
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
|
|
sudo dpkg --add-architecture i386
|
|
sudo apt-get -o Dpkg::Use-Pty=0 update
|
|
sudo rm -f /var/lib/man-db/auto-update
|
|
sudo apt-get -o Dpkg::Use-Pty=0 install \
|
|
libtool autoconf automake pkgconf stunnel4 \
|
|
libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \
|
|
${MATRIX_INSTALL_PACKAGES}
|
|
|
|
- name: 'install prereqs (alpine)'
|
|
if: ${{ startsWith(matrix.build.container, 'alpine') }}
|
|
run: |
|
|
apk add --no-cache build-base autoconf automake libtool perl openssl-dev \
|
|
libssh2-dev zlib-dev brotli-dev zstd-dev libidn2-dev openldap-dev \
|
|
krb5-dev libpsl-dev c-ares-dev \
|
|
py3-impacket py3-asn1 py3-six py3-pycryptodomex \
|
|
perl-time-hires openssh stunnel sudo git openssl
|
|
|
|
- name: 'install Fil-C'
|
|
if: ${{ contains(matrix.build.install_steps, 'filc') }}
|
|
run: |
|
|
cd /home/runner
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/pizlonator/fil-c/releases/download/v${FIL_C_VERSION}/filc-${FIL_C_VERSION}-linux-x86_64.tar.xz" | tar -xJ
|
|
mv "filc-${FIL_C_VERSION}-linux-x86_64" filc
|
|
cd filc
|
|
./setup.sh
|
|
|
|
- name: 'cache libressl'
|
|
if: ${{ contains(matrix.build.install_steps, 'libressl') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-libressl
|
|
env:
|
|
cache-name: cache-libressl
|
|
with:
|
|
path: ~/libressl
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
|
|
|
|
- name: 'build libressl'
|
|
if: ${{ contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz
|
|
cd "libressl-${LIBRESSL_VERSION}"
|
|
cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache libressl (filc)'
|
|
if: ${{ contains(matrix.build.install_steps, 'libressl-filc') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-libressl-filc
|
|
env:
|
|
cache-name: cache-libressl-filc
|
|
with:
|
|
path: ~/libressl
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}-${{ env.FIL_C_VERSION }}
|
|
|
|
- name: 'build libressl (filc)'
|
|
if: ${{ contains(matrix.build.install_steps, 'libressl-filc') && steps.cache-libressl-filc.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz
|
|
cd "libressl-${LIBRESSL_VERSION}"
|
|
cmake -B . -G Ninja -DLIBRESSL_APPS=OFF -DLIBRESSL_TESTS=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/libressl \
|
|
-DCMAKE_C_COMPILER=/home/runner/filc/build/bin/filcc -DENABLE_ASM=OFF
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache nghttp2 (filc)'
|
|
if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-nghttp2-filc
|
|
env:
|
|
cache-name: cache-nghttp2-filc
|
|
with:
|
|
path: ~/nghttp2
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.FIL_C_VERSION }}
|
|
|
|
- name: 'build nghttp2 (filc)'
|
|
if: ${{ contains(matrix.build.install_steps, 'nghttp2-filc') && steps.cache-nghttp2-filc.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/nghttp2/nghttp2/releases/download/v${NGHTTP2_VERSION}/nghttp2-${NGHTTP2_VERSION}.tar.xz" | tar -xJ
|
|
cd "nghttp2-${NGHTTP2_VERSION}"
|
|
cmake -B . -G Ninja -DENABLE_LIB_ONLY=ON -DBUILD_TESTING=OFF -DENABLE_DOC=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/nghttp2 \
|
|
-DBUILD_STATIC_LIBS=ON -DBUILD_SHARED_LIBS=OFF \
|
|
-DCMAKE_C_COMPILER=/home/runner/filc/build/bin/filcc
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache wolfssl (all)'
|
|
if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-wolfssl-all
|
|
env:
|
|
cache-name: cache-wolfssl-all
|
|
with:
|
|
path: ~/wolfssl-all
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
|
|
|
|
- name: 'build wolfssl (all)' # does not support `OPENSSL_COEXIST`
|
|
if: ${{ contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
|
|
cd "wolfssl-${WOLFSSL_VERSION}-stable"
|
|
./autogen.sh
|
|
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \
|
|
--disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-all
|
|
make install
|
|
|
|
- name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST`
|
|
if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-wolfssl-opensslextra
|
|
env:
|
|
cache-name: cache-wolfssl-opensslextra
|
|
with:
|
|
path: ~/wolfssl-opensslextra
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
|
|
|
|
- name: 'build wolfssl (opensslextra)'
|
|
if: ${{ contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
|
|
cd "wolfssl-${WOLFSSL_VERSION}-stable"
|
|
./autogen.sh
|
|
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-ech --enable-opensslextra \
|
|
--disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-opensslextra
|
|
make install
|
|
|
|
- name: 'cache mbedtls'
|
|
if: ${{ contains(matrix.build.install_steps, 'mbedtls') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-mbedtls-threadsafe
|
|
env:
|
|
cache-name: cache-mbedtls-threadsafe
|
|
with:
|
|
path: ~/mbedtls
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }}
|
|
|
|
- name: 'build mbedtls'
|
|
if: ${{ contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls-threadsafe.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION}/mbedtls-${MBEDTLS_VERSION}.tar.bz2" | tar -xj
|
|
cd "mbedtls-${MBEDTLS_VERSION}"
|
|
./scripts/config.py set MBEDTLS_THREADING_C
|
|
./scripts/config.py set MBEDTLS_THREADING_PTHREAD
|
|
cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls \
|
|
-DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache mbedtls (prev)'
|
|
if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-mbedtls-threadsafe-prev
|
|
env:
|
|
cache-name: cache-mbedtls-threadsafe-prev
|
|
with:
|
|
path: ~/mbedtls-prev
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }}
|
|
|
|
- name: 'build mbedtls (prev)'
|
|
if: ${{ contains(matrix.build.install_steps, 'mbedtls-prev') && steps.cache-mbedtls-threadsafe-prev.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION_PREV}/mbedtls-${MBEDTLS_VERSION_PREV}.tar.bz2" | tar -xj
|
|
cd "mbedtls-${MBEDTLS_VERSION_PREV}"
|
|
./scripts/config.py set MBEDTLS_THREADING_C
|
|
./scripts/config.py set MBEDTLS_THREADING_PTHREAD
|
|
cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls-prev \
|
|
-DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache openldap (static)'
|
|
if: ${{ contains(matrix.build.install_steps, 'openldap-static') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-openldap-static
|
|
env:
|
|
cache-name: cache-openldap-static
|
|
with:
|
|
path: ~/openldap-static
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.OPENLDAP_VERSION }}
|
|
|
|
- name: 'build openldap (static)'
|
|
if: ${{ contains(matrix.build.install_steps, 'openldap-static') && steps.cache-openldap-static.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://www.openldap.org/software/download/OpenLDAP/openldap-release/openldap-${OPENLDAP_VERSION}.tgz" | tar -xz
|
|
cd "openldap-${OPENLDAP_VERSION}"
|
|
./configure --enable-static --disable-shared --disable-slapd --prefix=/home/runner/openldap-static
|
|
make install
|
|
|
|
- name: 'cache openssl (thread sanitizer)'
|
|
if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-openssl-tsan
|
|
env:
|
|
cache-name: cache-openssl-tsan
|
|
with:
|
|
path: ~/openssl
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
|
|
|
|
- name: 'build openssl (thread sanitizer)'
|
|
if: ${{ contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
git clone --quiet --depth 1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
|
|
cd openssl
|
|
CC=clang CFLAGS='-fsanitize=thread' LDFLAGS='-fsanitize=thread' ./config --prefix=/home/runner/openssl --libdir=lib no-makedepend no-apps no-docs no-tests
|
|
make
|
|
make -j1 install_sw
|
|
|
|
- name: 'cache awslc'
|
|
if: ${{ contains(matrix.build.install_steps, 'awslc') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-awslc
|
|
env:
|
|
cache-name: cache-awslc
|
|
with:
|
|
path: ~/awslc
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
|
|
|
|
- name: 'build awslc'
|
|
if: ${{ contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz
|
|
cd "aws-lc-${AWSLC_VERSION}"
|
|
cmake -B . -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache boringssl'
|
|
if: ${{ contains(matrix.build.install_steps, 'boringssl') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-boringssl
|
|
env:
|
|
cache-name: cache-boringssl
|
|
with:
|
|
path: ~/boringssl
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
|
|
|
|
- name: 'build boringssl'
|
|
if: ${{ contains(matrix.build.install_steps, 'boringssl') && steps.cache-boringssl.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
mkdir boringssl-src
|
|
cd boringssl-src
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
"https://boringssl.googlesource.com/boringssl/+archive/${BORINGSSL_VERSION}.tar.gz" | tar -xz
|
|
cmake -B . -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/boringssl -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=ON
|
|
cmake --build .
|
|
cmake --install .
|
|
|
|
- name: 'cache rustls'
|
|
if: ${{ contains(matrix.build.install_steps, 'rustls') }}
|
|
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
|
|
id: cache-rustls
|
|
env:
|
|
cache-name: cache-rustls
|
|
with:
|
|
path: ~/rustls
|
|
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.RUSTLS_VERSION }}
|
|
|
|
- name: 'fetch rustls deb'
|
|
if: ${{ contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
mkdir -p ~/rustls
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--location "https://github.com/rustls/rustls-ffi/releases/download/v${RUSTLS_VERSION}/librustls_${RUSTLS_VERSION}_amd64.deb.zip" --output ~/rustls/librustls.zip
|
|
unzip ~/rustls/librustls.zip -d ~/rustls
|
|
rm ~/rustls/librustls.zip
|
|
|
|
- name: 'build rustls'
|
|
# Note: we do not check cache-hit here. If the cache is hit, we need to dpkg install the deb.
|
|
if: ${{ contains(matrix.build.install_steps, 'rustls') }}
|
|
run: sudo dpkg -i ~/rustls/"librustls_${RUSTLS_VERSION}_amd64.deb"
|
|
|
|
- name: 'install Intel compilers'
|
|
if: ${{ contains(matrix.build.install_steps, 'intel') }}
|
|
run: |
|
|
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
|
|
--compressed https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS.PUB | \
|
|
sudo tee /etc/apt/trusted.gpg.d/intel-sw.asc >/dev/null
|
|
sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main"
|
|
sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic
|
|
source /opt/intel/oneapi/setvars.sh
|
|
printenv >> "$GITHUB_ENV"
|
|
|
|
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'autoreconf'
|
|
if: ${{ matrix.build.configure }}
|
|
run: autoreconf -fi
|
|
|
|
- name: 'configure'
|
|
env:
|
|
CC: '${{ matrix.build.CC }}'
|
|
CFLAGS: '${{ matrix.build.CFLAGS }}'
|
|
LDFLAGS: '${{ matrix.build.LDFLAGS }}'
|
|
LIBS: '${{ matrix.build.LIBS }}'
|
|
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
|
|
MATRIX_CONFIGURE_PREFIX: '${{ matrix.build.configure-prefix }}'
|
|
MATRIX_GENERATE: '${{ matrix.build.generate }}'
|
|
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
|
|
run: |
|
|
[[ "${MATRIX_INSTALL_STEPS}" = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev
|
|
[ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
${MATRIX_CONFIGURE_PREFIX} \
|
|
cmake -B bld -G Ninja \
|
|
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
|
|
-DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
|
|
-DCMAKE_UNITY_BUILD=ON -DCURL_WERROR=ON \
|
|
${MATRIX_GENERATE}
|
|
else
|
|
mkdir bld && cd bld && \
|
|
${MATRIX_CONFIGURE_PREFIX} \
|
|
../configure --prefix="$HOME"/curl-install --enable-unity --enable-warnings --enable-werror \
|
|
--disable-dependency-tracking --enable-option-checking=fatal \
|
|
${MATRIX_CONFIGURE}
|
|
fi
|
|
|
|
- name: 'configure log'
|
|
if: ${{ !cancelled() }}
|
|
run: cat bld/config.log bld/CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true
|
|
|
|
- name: 'curl_config.h'
|
|
run: |
|
|
echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
|
|
grep -F '#define' bld/lib/curl_config.h | sort || true
|
|
|
|
- name: 'test configs'
|
|
run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true
|
|
|
|
- name: 'build'
|
|
env:
|
|
MATRIX_MAKE_CUSTOM_TARGET: '${{ matrix.build.make-custom-target }}'
|
|
run: |
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
${MATRIX_MAKE_PREFIX} cmake --build bld --verbose
|
|
else
|
|
${MATRIX_MAKE_PREFIX} make -C bld V=1 ${MATRIX_MAKE_CUSTOM_TARGET}
|
|
fi
|
|
|
|
- name: 'single-use function check'
|
|
if: ${{ (contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF')) && !contains(matrix.build.install_steps, 'filc') }}
|
|
run: |
|
|
git config --global --add safe.directory "*"
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
libcurla=bld/lib/libcurl.a
|
|
else
|
|
libcurla=bld/lib/.libs/libcurl.a
|
|
fi
|
|
./scripts/singleuse.pl --unit "${libcurla}"
|
|
|
|
- name: 'curl -V'
|
|
if: ${{ matrix.build.make-custom-target != 'tidy' }}
|
|
run: bld/src/curl --disable -V
|
|
|
|
- name: 'curl install'
|
|
run: |
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
cmake --install bld --strip
|
|
else
|
|
make -C bld V=1 install
|
|
fi
|
|
|
|
- name: 'build tests'
|
|
if: ${{ !contains(matrix.build.install_steps, 'skipall') }}
|
|
run: |
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
cmake --build bld --verbose --target testdeps
|
|
else
|
|
make -C bld V=1 -C tests
|
|
fi
|
|
|
|
- name: 'install test prereqs'
|
|
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && matrix.build.container == null }}
|
|
run: |
|
|
python3 -m venv ~/venv
|
|
~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/requirements.txt
|
|
|
|
- name: 'run tests'
|
|
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
|
|
timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 20 || 10 }}
|
|
env:
|
|
TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
|
|
TFLAGS: '${{ matrix.build.tflags }}'
|
|
run: |
|
|
if [ "${TEST_TARGET}" = 'test-ci' ] && [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then
|
|
TFLAGS+=' -j6'
|
|
TFLAGS+=' !776' # skip long-running flaky test
|
|
if [[ "${MATRIX_INSTALL_PACKAGES}" = *'libgss-dev'* ]]; then
|
|
TFLAGS+=' ~2077 ~2078' # memory leaks from Curl_auth_decode_spnego_message() -> gss_init_sec_context()
|
|
fi
|
|
elif [ "${TEST_TARGET}" != 'test-ci' ]; then
|
|
TFLAGS+=' --buildinfo' # only test-ci sets this by default, set it manually for test-torture
|
|
fi
|
|
[ -f ~/venv/bin/activate ] && source ~/venv/bin/activate
|
|
if [[ "${MATRIX_INSTALL_STEPS}" = *'codeset-test'* ]]; then
|
|
locale || true
|
|
export LC_ALL=C
|
|
export LC_CTYPE=C
|
|
export LC_NUMERIC=fr_FR.UTF-8
|
|
fi
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
cmake --build bld --verbose --target "${TEST_TARGET}"
|
|
else
|
|
make -C bld V=1 "${TEST_TARGET}"
|
|
fi
|
|
|
|
- name: 'install pytest prereqs'
|
|
if: ${{ contains(matrix.build.install_steps, 'pytest') }}
|
|
run: |
|
|
[ -d ~/venv ] || python3 -m venv ~/venv
|
|
~/venv/bin/pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary -r tests/http/requirements.txt
|
|
|
|
- name: 'run pytest'
|
|
if: ${{ contains(matrix.build.install_steps, 'pytest') }}
|
|
env:
|
|
PYTEST_ADDOPTS: '--color=yes'
|
|
PYTEST_XDIST_AUTO_NUM_WORKERS: 4
|
|
run: |
|
|
[ -f ~/venv/bin/activate ] && source ~/venv/bin/activate
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
cmake --build bld --verbose --target curl-pytest-ci
|
|
else
|
|
make -C bld V=1 pytest-ci
|
|
fi
|
|
|
|
- name: 'randcurl'
|
|
if: ${{ contains(matrix.build.install_steps, 'randcurl') }}
|
|
run: |
|
|
mkdir run
|
|
cd run
|
|
../.github/scripts/randcurl.pl 60 ../bld/src/curl
|
|
|
|
- name: 'build examples'
|
|
if: ${{ !contains(matrix.build.install_packages, 'valgrind') && matrix.build.make-custom-target != 'tidy' && !contains(matrix.build.name, '!examples') }}
|
|
run: |
|
|
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
|
|
${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples-build
|
|
else
|
|
${MATRIX_MAKE_PREFIX} make -C bld V=1 examples
|
|
fi
|