luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

GHA/http3-linux: fix cache rebuild conditions, switch to wolfSSL stable

Browse Source 
ngtcp2 depends on crypto backends. nghttp2 depends on ngtcp2 and nghttp3
(for nghttpx server used in pytests).

Before this patch, ngtcp2, nghttp2 weren't rebuilt when their
dependencies changes. This worked fine until wolfSSL bumped its
soversion and caused CI to fail because ngtcp2 was not rebuilt and was
still referring to the old soname that was no longer offered by the
wolfSSL package.

Make sure to rebuild ngtcp2/nghttp2 when any of their dependencies bump.
To avoid rebuilding everything on every wolfSSL commit, switch to use
wolfSSL stable versions.

Bug: https://github.com/curl/curl/pull/15882#issuecomment-2566821417
Closes #15885
This commit is contained in:
Viktor Szakats 2025-01-01 03:59:25 +01:00
parent d984209e59
commit 852692b24f
No known key found for this signature in database
GPG Key ID: B5ABD165E2AEF201
1 changed files with 10 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
.github/workflows/http3-linux.yml vendored
View File

@ -44,7 +44,8 @@ env:
quictls-version: 3.3.0 quictls-version: 3.3.0
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
gnutls-version: 3.8.8 gnutls-version: 3.8.8
wolfssl-version: master # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.7.6
# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
nghttp3-version: 1.7.0 nghttp3-version: 1.7.0
# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
@ -55,33 +56,7 @@ env:
quiche-version: 0.22.0 quiche-version: 0.22.0
jobs: jobs:
setup:
runs-on: ubuntu-latest
outputs:
wolfssl-version: ${{ steps.wolfssl-version.outputs.result }}
steps:
- id: wolfssl-version
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
with:
result-encoding: string
script: |
let version = '${{ env.wolfssl-version }}'
if (version != 'master') {
return version
}
let { data: commits } = await github.rest.repos.listCommits({
owner: 'wolfSSL',
repo: 'wolfssl',
})
return commits[0].sha
build-cache: build-cache:
needs:
- setup
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
@ -108,7 +83,6 @@ jobs:
id: cache-wolfssl id: cache-wolfssl
env: env:
cache-name: cache-wolfssl cache-name: cache-wolfssl
wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
with: with:
path: /home/runner/wolfssl/build path: /home/runner/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
@ -129,7 +103,7 @@ jobs:
cache-name: cache-ngtcp2 cache-name: cache-ngtcp2
with: with:
path: /home/runner/ngtcp2/build path: /home/runner/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
- name: cache nghttp2 - name: cache nghttp2
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
@ -138,7 +112,7 @@ jobs:
cache-name: cache-nghttp2 cache-name: cache-nghttp2
with: with:
path: /home/runner/nghttp2/build path: /home/runner/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
- id: settings - id: settings
if: | if: |
@ -191,16 +165,10 @@ jobs:
name: 'build gnutls' name: 'build gnutls'
- if: steps.cache-wolfssl.outputs.cache-hit != 'true' - if: steps.cache-wolfssl.outputs.cache-hit != 'true'
env:
wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
run: | run: |
cd $HOME cd $HOME
mkdir wolfssl git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git
cd wolfssl cd wolfssl
git init
git remote add origin https://github.com/wolfSSL/wolfssl.git
git fetch origin --depth=1 ${{ env.wolfssl-version }}
git checkout ${{ env.wolfssl-version }}
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --enable-all --enable-quic \ ./configure --disable-dependency-tracking --enable-all --enable-quic \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build --disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build
@ -215,7 +183,9 @@ jobs:
cd nghttp3 cd nghttp3
git submodule update --init --depth=1 git submodule update --init --depth=1
autoreconf -fi autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" --enable-lib-only ./configure --disable-dependency-tracking --prefix=$PWD/build \
PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \
--enable-lib-only
make make
make install make install
name: 'build nghttp3' name: 'build nghttp3'
@ -248,7 +218,6 @@ jobs:
linux: linux:
name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }} name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
needs: needs:
- setup
- build-cache - build-cache
runs-on: 'ubuntu-24.04' runs-on: 'ubuntu-24.04'
timeout-minutes: 45 timeout-minutes: 45
@ -359,7 +328,6 @@ jobs:
id: cache-wolfssl id: cache-wolfssl
env: env:
cache-name: cache-wolfssl cache-name: cache-wolfssl
wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
with: with:
path: /home/runner/wolfssl/build path: /home/runner/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
@ -382,7 +350,7 @@ jobs:
cache-name: cache-ngtcp2 cache-name: cache-ngtcp2
with: with:
path: /home/runner/ngtcp2/build path: /home/runner/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: cache nghttp2 - name: cache nghttp2
@ -392,7 +360,7 @@ jobs:
cache-name: cache-nghttp2 cache-name: cache-nghttp2
with: with:
path: /home/runner/nghttp2/build path: /home/runner/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: cache openssl - name: cache openssl