Skip to content
CI

fixup #367

Sign in to view logs

fixup

fixup #367

Workflow file for this run

.github/workflows/test.yml at b9d4b9a
name: CI
on: [push, pull_request]
jobs:
ruby-versions:
uses: ruby/actions/.github/workflows/ruby_versions.yml@master
with:
engine: cruby-truffleruby
min_version: 2.7
test:
needs: ruby-versions
name: >-
${{ matrix.os }} ${{ matrix.ruby }}
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
# ubuntu-22.04 uses OpenSSL 3.0, ubuntu-20.04 uses OpenSSL 1.1.1
os: [ ubuntu-22.04, ubuntu-20.04, macos-latest, windows-latest ]
ruby: ${{ fromJson(needs.ruby-versions.outputs.versions) }}
exclude:
- { os: windows-latest, ruby: truffleruby }
- { os: windows-latest, ruby: truffleruby-head }
- { os: macos-latest, ruby: truffleruby }
- { os: ubuntu-20.04, ruby: truffleruby }
include:
- { os: windows-latest, ruby: ucrt }
- { os: windows-latest, ruby: mswin }
steps:
- name: repo checkout
uses: actions/checkout@v4
- name: load ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: ${{ matrix.ruby }}
bundler-cache: true # `bundle install` and cache
- name: set flags to check compiler warnings.
run: echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV
if: ${{ !matrix.skip-warnings }}
- name: compile
run: bundle exec rake compile
env:
MAKEFLAGS: V=1
- name: test
run: bundle exec rake test TESTOPTS="-v --no-show-detail-immediately"
timeout-minutes: 5
test-openssls:
name: ${{ matrix.openssl }} ${{ matrix.name-extra || '' }}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
openssl:
# https://openssl-library.org/source/
- openssl-1.0.2u # EOL
- openssl-1.1.0l # EOL
- openssl-1.1.1w # EOL
- openssl-3.0.14
- openssl-3.1.6
- openssl-3.2.2
- openssl-3.3.1
- openssl-head
# http://www.libressl.org/releases.html
- libressl-3.1.5 # EOL
- libressl-3.2.7 # EOL
- libressl-3.3.6 # EOL
- libressl-3.4.3 # EOL
- libressl-3.5.3 # EOL
- libressl-3.6.3 # EOL
- libressl-3.7.3 # EOL
- libressl-3.8.4
- libressl-3.9.2
append-configure: ['']
include:
- { openssl: openssl-head, append-configure: 'no-legacy', name-extra: 'no-legacy' }
steps:
- name: repo checkout
uses: actions/checkout@v4
- id: cache-openssl
uses: actions/cache@v4
with:
path: ~/openssl
key: openssl-${{ runner.os }}-${{ matrix.openssl }}-${{ matrix.append-configure || 'none' }}
if: matrix.openssl != 'openssl-head' && matrix.openssl != 'libressl-head'
- name: compile openssl
if: steps.cache-openssl.outputs.cache-hit != 'true'
run: |
# Enable Bash debugging option temporarily for debugging use.
set -x
mkdir -p tmp/build-openssl && cd tmp/build-openssl
case ${{ matrix.openssl }} in
openssl-1.*)
curl -L https://openssl.org/source/${{ matrix.openssl }}.tar.gz | \
tar xzf - --strip-components=1
# shared is required for 1.0.x.
./Configure --prefix=$HOME/openssl --libdir=lib \
shared linux-x86_64 ${{ matrix.append-configure }}
make depend
;;
openssl-*)
OPENSSL_COMMIT=${{ matrix.openssl == 'openssl-head' && 'master' || matrix.openssl }}
git clone -b $OPENSSL_COMMIT --depth 1 https://github.com/openssl/openssl.git .
echo "Git commit: $(git rev-parse HEAD)"
./config --prefix=$HOME/openssl --libdir=lib ${{ matrix.append-configure }}
;;
libressl-*)
curl -L https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/${{ matrix.openssl }}.tar.gz | \
tar xzf - --strip-components=1
./configure --prefix=$HOME/openssl
;;
*)
false
;;
esac
make -j4
make install_sw
- name: load ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.0'
bundler-cache: true
- name: set flags to check compiler warnings.
run: echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV
if: ${{ !matrix.skip-warnings }}
- name: compile
run: bundle exec rake compile -- --with-openssl-dir=$HOME/openssl
env:
MAKEFLAGS: V=1
- name: test
run: bundle exec rake test TESTOPTS="-v --no-show-detail-immediately"
timeout-minutes: 5
test-fips:
name: ${{ matrix.openssl }} with FIPS provider
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
openssl:
- openssl-3.0.14
- openssl-3.1.6
- openssl-3.2.2
- openssl-3.3.1
- openssl-head
steps:
- name: repo checkout
uses: actions/checkout@v4
- id: cache-openssl
uses: actions/cache@v4
with:
path: ~/openssl
key: openssl-${{ runner.os }}-${{ matrix.openssl }}-enable-fips
if: matrix.openssl != 'openssl-head'
- name: compile openssl
if: steps.cache-openssl.outputs.cache-hit != 'true'
run: |
set -x
mkdir -p tmp/build-openssl && cd tmp/build-openssl
OPENSSL_COMMIT=${{ matrix.openssl == 'openssl-head' && 'master' || matrix.openssl }}
git clone -b $OPENSSL_COMMIT --depth 1 https://github.com/openssl/openssl.git .
echo "Git commit: $(git rev-parse HEAD)"
./config --prefix=$HOME/openssl --libdir=lib enable-fips
make -j4
make install_sw
make install_fips
- name: load ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: '3.0'
bundler-cache: true
- name: set flags to check compiler warnings.
run: echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV
if: ${{ !matrix.skip-warnings }}
- name: compile
run: bundle exec rake compile -- --with-openssl-dir=$HOME/openssl
env:
MAKEFLAGS: V=1
- name: setup openssl config file path for fips
run: |
sed -e "s|OPENSSL_DIR|$HOME/openssl|" tool/openssl_fips.cnf.tmpl > tmp/openssl_fips.cnf
echo "OPENSSL_CONF=$(pwd)/tmp/openssl_fips.cnf" >> $GITHUB_ENV
# Run only the passing tests on the FIPS module as a temporary workaround.
# TODO Fix other tests, and run all the tests on FIPS module.
- name: test
run: bundle exec rake test_fips TESTOPTS="-v --no-show-detail-immediately"
timeout-minutes: 5