romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:41:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

CI: fix zizmor 1.9.0 warnings, shellcheck verify CI shell code, fix fallouts

Browse source 
zizmor 1.9.0 effectively bans using GHA macros within shell script
snippets. Rework them to pass GHA macro values via envs and use those
envs in shell snippets. `${{ env.* }}` macros could be converted
to native env references after making their names shell-compatible.

Envs and shell commands can no longer be used in GHA macro values. Most
cases could be fixed by using literals. Passing quoted values with
spaces combined with other args also doesn't work anymore. This was
replaced by passing them separately.

Despite the initial complications, avoiding GHA macros in scripts does
seems to make the CI code reasonable cleaner. It also makes it possible
to analyze the scripts with shellcheck, finding subtle issues that went
unnoticed till now.

Also:
- un-ignore and fix three existing zizmor `template-injection` issues.
- add script to extract and shellcheck all shell code stored within GHA
  and Circle CI YAML files.
- add CI job to run this script.
- fix shellcheck issues discovered.
- fix minor differences between cmake and autotools FreeBSD jobs.
- merge cmake/autotools FreeBSD jobs to avoid developing unwanted
  differences again.
- fix/sync quote use across shell code.
- replace `$HOME` with `~` or literal where it made sense.
- replace most `brew --prefix` with literals.
- move all curl install tests to the `curl-install*` prefix.
- add missing curl install tests to cygwin/msys/mingw/*bsd.
- pipe to `tar` instead of storing downloads on disk.
- drop unnecessary `PKG_CONFIG_PATH` when building nghttp3.

Ref: https://github.com/curl/curl/actions/runs/15461461371/job/43523546041
Ref: https://github.com/zizmorcore/zizmor/releases/tag/v1.9.0

Follow-up to e522f47986 #17278

Closes #17537
This commit is contained in:
Viktor Szakats 2025-06-05 09:58:34 +02:00
parent ba407ee43d
commit 17a669426f
No known key found for this signature in database
GPG key ID: B5ABD165E2AEF201
15 changed files with 753 additions and 600 deletions
Download patch file Download diff file Expand all files Collapse all files

20
.circleci/config.yml
View file

@ -52,11 +52,11 @@ commands:
- run: - run:
command: | command: |
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
WOLFSSL_VER=5.8.0 WOLFSSL_VERSION=5.8.0
echo "Installing wolfSSL $WOLFSSL_VER" echo "Installing wolfSSL $WOLFSSL_VERSION"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VER-stable.tar.gz curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssl/archive/v$WOLFSSL_VERSION-stable.tar.gz
tar -xzf v$WOLFSSL_VER-stable.tar.gz tar -xzf v$WOLFSSL_VERSION-stable.tar.gz
cd wolfssl-$WOLFSSL_VER-stable cd wolfssl-$WOLFSSL_VERSION-stable
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl ./configure --disable-dependency-tracking --enable-tls13 --enable-all --enable-harden --prefix=$HOME/wssl
make install make install
@ -66,11 +66,11 @@ commands:
- run: - run:
command: | command: |
# renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
WOLFSSH_VER=1.4.19 WOLFSSH_VERSION=1.4.19
echo "Installing wolfSSH $WOLFSSH_VER" echo "Installing wolfSSH $WOLFSSH_VERSION"
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VER-stable.tar.gz curl -LOsSf --retry 6 --retry-connrefused --max-time 999 https://github.com/wolfSSL/wolfssh/archive/v$WOLFSSH_VERSION-stable.tar.gz
tar -xzf v$WOLFSSH_VER-stable.tar.gz tar -xzf v$WOLFSSH_VERSION-stable.tar.gz
cd wolfssh-$WOLFSSH_VER-stable cd wolfssh-$WOLFSSH_VERSION-stable
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --with-wolfssl=$HOME/wssl --prefix=$HOME/wssh --enable-scp --enable-sftp --disable-term --disable-examples ./configure --disable-dependency-tracking --with-wolfssl=$HOME/wssl --prefix=$HOME/wssh --enable-scp --enable-sftp --disable-term --disable-examples
make install make install

30
.github/scripts/shellcheck-ci.sh vendored Executable file
View file

@ -0,0 +1,30 @@
#!/bin/sh
# Copyright (C) Viktor Szakats
#
# SPDX-License-Identifier: curl
# Required: yq
set -eu
export SHELLCHECK_OPTS='--exclude=1090,1091,2086,2153 --enable=avoid-nullary-conditions,deprecate-which'
# GHA
git ls-files '.github/workflows/*.yml' | while read -r f; do
echo "Verifying ${f}..."
{
echo '#!/usr/bin/env bash'
echo 'set -eu'
yq eval '.. | select(has("run") and (.run | type == "!!str")) | .run + "\ntrue\n"' "${f}"
} | sed -E 's|\$\{\{ .+ \}\}|GHA_EXPRESSION|g' | shellcheck -
done
# Circle CI
git ls-files '.circleci/*.yml' | while read -r f; do
echo "Verifying ${f}..."
{
echo '#!/usr/bin/env bash'
echo 'set -eu'
yq eval '.. | select(has("command") and (.command | type == "!!str")) | .command + "\ntrue\n"' "${f}"
} | shellcheck -
done

1
.github/scripts/shellcheck.sh vendored
View file

@ -3,7 +3,6 @@
# #
# SPDX-License-Identifier: curl # SPDX-License-Identifier: curl
shellcheck --version
# shellcheck disable=SC2046 # shellcheck disable=SC2046
shellcheck --exclude=1091 \ shellcheck --exclude=1091 \
--enable=avoid-nullary-conditions,deprecate-which \ --enable=avoid-nullary-conditions,deprecate-which \

14
.github/workflows/checkdocs.yml vendored
View file

@ -53,7 +53,7 @@ jobs:
# # config file help: https://github.com/amperser/proselint/ # # config file help: https://github.com/amperser/proselint/
# - name: create proselint config # - name: create proselint config
# run: | # run: |
# cat <<JSON > $HOME/.proselintrc.json # cat <<JSON > ~/.proselintrc.json
# { # {
# "checks": { # "checks": {
# "typography.diacritical_marks": false, # "typography.diacritical_marks": false,
@ -74,7 +74,7 @@ jobs:
# # This is for CHECKSRC and files with aggressive exclamation mark needs # # This is for CHECKSRC and files with aggressive exclamation mark needs
# - name: create second proselint config # - name: create second proselint config
# run: | # run: |
# cat <<JSON > $HOME/.proselintrc.json # cat <<JSON > ~/.proselintrc.json
# { # {
# "checks": { # "checks": {
# "typography.diacritical_marks": false, # "typography.diacritical_marks": false,
@ -109,10 +109,12 @@ jobs:
name: checkout name: checkout
- name: trim all *.md files in docs/ - name: trim all *.md files in docs/
run: .github/scripts/cleancmd.pl $(find docs -name "*.md") run: |
# shellcheck disable=SC2046
.github/scripts/cleancmd.pl $(find docs -name '*.md')
- name: setup the custom wordlist - name: setup the custom wordlist
run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt run: grep -v '^#' .github/scripts/spellcheck.words > wordlist.txt
- name: Check Spelling - name: Check Spelling
uses: rojopolis/spellcheck-github-actions@584b2ae95998967a53af7fbfb7f5b15352c38748 # v0 uses: rojopolis/spellcheck-github-actions@584b2ae95998967a53af7fbfb7f5b15352c38748 # v0
@ -128,7 +130,9 @@ jobs:
name: checkout name: checkout
- name: badwords - name: badwords
run: .github/scripts/badwords.pl < .github/scripts/badwords.txt `git ls-files '**.md'` docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400 run: |
# shellcheck disable=SC2046
.github/scripts/badwords.pl < .github/scripts/badwords.txt $(git ls-files '**.md') docs/TODO docs/KNOWN_BUGS packages/OS400/README.OS400
- name: verify-synopsis - name: verify-synopsis
run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md run: .github/scripts/verify-synopsis.pl docs/libcurl/curl*.md

21
.github/workflows/checksrc.yml vendored
View file

@ -124,7 +124,9 @@ jobs:
name: checkout name: checkout
- name: shellcheck - name: shellcheck
run: .github/scripts/shellcheck.sh run: |
shellcheck --version
.github/scripts/shellcheck.sh
- name: spacecheck - name: spacecheck
run: .github/scripts/spacecheck.pl run: .github/scripts/spacecheck.pl
@ -135,11 +137,12 @@ jobs:
# we allow some extra in source code # we allow some extra in source code
- name: badwords - name: badwords
run: | run: |
# shellcheck disable=SC2046
grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \ grep -Ev '(\\bwill| url | dir )' .github/scripts/badwords.txt | \
.github/scripts/badwords.pl $(git ls-files -- src lib include) .github/scripts/badwords.pl $(git ls-files -- src lib include)
ghacheck: cicheck:
name: GHA analysis name: CI analysis
runs-on: macos-latest runs-on: macos-latest
timeout-minutes: 1 timeout-minutes: 1
steps: steps:
@ -148,7 +151,13 @@ jobs:
persist-credentials: false persist-credentials: false
name: checkout name: checkout
- name: zizmor - name: install prereqs
run: brew install shellcheck yq zizmor
- name: zizmor GHA
run: zizmor --pedantic .github/workflows/*.yml
- name: shellcheck
run: | run: |
brew install zizmor shellcheck --version
zizmor --pedantic .github/workflows/*.yml .github/scripts/shellcheck-ci.sh

17
.github/workflows/configure-vs-cmake.yml vendored
View file

@ -59,8 +59,8 @@ jobs:
- name: 'dump generated files' - name: 'dump generated files'
run: | run: |
for f in libcurl.pc curl-config; do for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done done
- name: 'compare generated curl_config.h files' - name: 'compare generated curl_config.h files'
@ -77,11 +77,12 @@ jobs:
steps: steps:
- name: 'install packages' - name: 'install packages'
run: | run: |
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew install libtool autoconf automake && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done # shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions' - name: 'toolchain versions'
run: | run: |
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -109,8 +110,8 @@ jobs:
- name: 'dump generated files' - name: 'dump generated files'
run: | run: |
for f in libcurl.pc curl-config; do for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done done
- name: 'compare generated curl_config.h files' - name: 'compare generated curl_config.h files'
@ -158,8 +159,8 @@ jobs:
- name: 'dump generated files' - name: 'dump generated files'
run: | run: |
for f in libcurl.pc curl-config; do for f in libcurl.pc curl-config; do
echo "::group::AM ${f}"; cat bld-am/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::AM ${f}"; grep -v '^#' bld-am/"${f}" || true; echo '::endgroup::'
echo "::group::CM ${f}"; cat bld-cm/"${f}" | grep -v '^#' || true; echo '::endgroup::' echo "::group::CM ${f}"; grep -v '^#' bld-cm/"${f}" || true; echo '::endgroup::'
done done
- name: 'compare generated curl_config.h files' - name: 'compare generated curl_config.h files'

10
.github/workflows/curl-for-win.yml vendored
View file

@ -56,7 +56,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* . mv curl-for-win/* .
export CW_CONFIG='-main-werror-linux-a64-x64-gcc' export CW_CONFIG='-main-werror-linux-a64-x64-gcc'
export CW_REVISION='${{ github.sha }}' export CW_REVISION="${GITHUB_SHA}"
DOCKER_IMAGE='debian:bookworm-slim' DOCKER_IMAGE='debian:bookworm-slim'
export CW_CCSUFFIX='-15' export CW_CCSUFFIX='-15'
export CW_GCCSUFFIX='-12' export CW_GCCSUFFIX='-12'
@ -84,7 +84,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* . mv curl-for-win/* .
export CW_CONFIG='-main-werror-linux-musl-r64-x64' export CW_CONFIG='-main-werror-linux-musl-r64-x64'
export CW_REVISION='${{ github.sha }}' export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh . ./_versions.sh
sudo podman image trust set --type reject default sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library sudo podman image trust set --type accept docker.io/library
@ -112,7 +112,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* . mv curl-for-win/* .
export CW_CONFIG='-main-werror-mac-x64' export CW_CONFIG='-main-werror-mac-x64'
export CW_REVISION='${{ github.sha }}' export CW_REVISION="${GITHUB_SHA}"
sh -c ./_ci-mac-homebrew.sh sh -c ./_ci-mac-homebrew.sh
win-llvm: win-llvm:
@ -128,7 +128,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* . mv curl-for-win/* .
export CW_CONFIG='-main-werror-win-x64' export CW_CONFIG='-main-werror-win-x64'
export CW_REVISION='${{ github.sha }}' export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh . ./_versions.sh
sudo podman image trust set --type reject default sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library sudo podman image trust set --type accept docker.io/library
@ -153,7 +153,7 @@ jobs:
git clone --depth 1 https://github.com/curl/curl-for-win git clone --depth 1 https://github.com/curl/curl-for-win
mv curl-for-win/* . mv curl-for-win/* .
export CW_CONFIG='-main-werror-win-x86-gcc-libssh1-zlibng' export CW_CONFIG='-main-werror-win-x86-gcc-libssh1-zlibng'
export CW_REVISION='${{ github.sha }}' export CW_REVISION="${GITHUB_SHA}"
. ./_versions.sh . ./_versions.sh
sudo podman image trust set --type reject default sudo podman image trust set --type reject default
sudo podman image trust set --type accept docker.io/library sudo podman image trust set --type accept docker.io/library

47
.github/workflows/distcheck.yml vendored
View file

@ -57,13 +57,13 @@ jobs:
echo "::stop-commands::$(uuidgen)" echo "::stop-commands::$(uuidgen)"
tar xvf curl-99.98.97.tar.gz tar xvf curl-99.98.97.tar.gz
pushd curl-99.98.97 pushd curl-99.98.97
./configure --prefix=$HOME/temp --without-ssl --without-libpsl ./configure --prefix="$HOME"/temp --without-ssl --without-libpsl
make make
make test-ci make test-ci
make install make install
popd popd
# basic check of the installed files # basic check of the installed files
bash scripts/installcheck.sh $HOME/temp bash scripts/installcheck.sh "$HOME"/temp
rm -rf curl-99.98.97 rm -rf curl-99.98.97
verify-out-of-tree-docs: verify-out-of-tree-docs:
@ -105,7 +105,7 @@ jobs:
pushd curl-99.98.97 pushd curl-99.98.97
mkdir build mkdir build
pushd build pushd build
../configure --without-ssl --enable-debug "--prefix=${PWD}/pkg" --without-libpsl ../configure --without-ssl --enable-debug --prefix="$PWD"/curl-install --without-libpsl
make make
make test-ci make test-ci
make install make install
@ -174,8 +174,9 @@ jobs:
shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }} shell: ${{ contains(matrix.image, 'windows') && 'msys2 {0}' || 'bash' }}
env: env:
CC: ${{ !contains(matrix.image, 'windows') && 'clang' || '' }} CC: ${{ !contains(matrix.image, 'windows') && 'clang' || '' }}
MATRIX_IMAGE: '${{ matrix.image }}'
TESTOPTS: ${{ contains(matrix.image, 'macos') && '-D_CURL_PREFILL=ON' || '' }} ${{ contains(matrix.image, 'windows') && '-DCMAKE_UNITY_BUILD_BATCH_SIZE=30' || '' }} TESTOPTS: ${{ contains(matrix.image, 'macos') && '-D_CURL_PREFILL=ON' || '' }} ${{ contains(matrix.image, 'windows') && '-DCMAKE_UNITY_BUILD_BATCH_SIZE=30' || '' }}
old-cmake-version: 3.11.4 OLD_CMAKE_VERSION: 3.11.4
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -194,26 +195,26 @@ jobs:
- name: 'install prereqs' - name: 'install prereqs'
run: | run: |
if [[ '${{ matrix.image }}' = *'windows'* ]]; then if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
cd "${HOME}" || exit 1 cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location 'https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-win64-x64.zip' --output bin.zip --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-win64-x64.zip" --output bin.zip
unzip -q bin.zip unzip -q bin.zip
rm -f bin.zip rm -f bin.zip
printf '%s' "${HOME}/cmake-${{ env.old-cmake-version }}-win64-x64/bin/cmake.exe" > "${HOME}/old-cmake-path.txt" printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-win64-x64/bin/cmake.exe > ~/old-cmake-path.txt
elif [[ '${{ matrix.image }}' = *'ubuntu'* ]]; then elif [[ "${MATRIX_IMAGE}" = *'ubuntu'* ]]; then
sudo rm -f /var/lib/man-db/auto-update sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libssl-dev sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libssl-dev
cd "${HOME}" || exit 1 cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Linux-x86_64.tar.gz | tar -xzf - --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Linux-x86_64.tar.gz" | tar -xz
printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Linux-x86_64/bin/cmake" > "${HOME}/old-cmake-path.txt" printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Linux-x86_64/bin/cmake > ~/old-cmake-path.txt
else else
brew install libpsl openssl brew install libpsl openssl
cd "${HOME}" || exit 1 cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 --retry-connrefused \
--location https://github.com/Kitware/CMake/releases/download/v${{ env.old-cmake-version }}/cmake-${{ env.old-cmake-version }}-Darwin-x86_64.tar.gz | tar -xzf - --location "https://github.com/Kitware/CMake/releases/download/v${OLD_CMAKE_VERSION}/cmake-${OLD_CMAKE_VERSION}-Darwin-x86_64.tar.gz" | tar -xz
printf '%s' "$PWD/cmake-${{ env.old-cmake-version }}-Darwin-x86_64/CMake.app/Contents/bin/cmake" > "${HOME}/old-cmake-path.txt" printf '%s' ~/cmake-"${OLD_CMAKE_VERSION}"-Darwin-x86_64/CMake.app/Contents/bin/cmake > ~/old-cmake-path.txt
fi fi
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
@ -229,26 +230,26 @@ jobs:
- name: 'via add_subdirectory OpenSSL (old cmake)' - name: 'via add_subdirectory OpenSSL (old cmake)'
run: | run: |
export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")" export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)"
if [[ '${{ matrix.image }}' = *'macos'* ]]; then if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then
export CFLAGS='-arch arm64' export CFLAGS='-arch arm64'
export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake
fi fi
if [[ '${{ matrix.image }}' = *'windows'* ]]; then if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
export TEST_CMAKE_GENERATOR='MSYS Makefiles' export TEST_CMAKE_GENERATOR='MSYS Makefiles'
export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64' export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64'
fi fi
./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options} ./tests/cmake/test.sh add_subdirectory ${TESTOPTS} -DCURL_USE_OPENSSL=ON
- name: 'via find_package OpenSSL (old cmake)' - name: 'via find_package OpenSSL (old cmake)'
run: | run: |
export TEST_CMAKE_CONSUMER="$(cat "${HOME}/old-cmake-path.txt")" export TEST_CMAKE_CONSUMER; TEST_CMAKE_CONSUMER="$(cat ~/old-cmake-path.txt)"
if [[ '${{ matrix.image }}' = *'macos'* ]]; then if [[ "${MATRIX_IMAGE}" = *'macos'* ]]; then
export CFLAGS='-arch arm64' export CFLAGS='-arch arm64'
export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake export TEST_CMAKE_FLAGS='-DCURL_USE_LIBPSL=OFF' # auto-detection does not work with old-cmake
fi fi
if [[ '${{ matrix.image }}' = *'windows'* ]]; then if [[ "${MATRIX_IMAGE}" = *'windows'* ]]; then
export TEST_CMAKE_GENERATOR='MSYS Makefiles' export TEST_CMAKE_GENERATOR='MSYS Makefiles'
export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64' export TEST_CMAKE_FLAGS='-DCMAKE_C_COMPILER=x86_64-w64-mingw32-gcc -DOPENSSL_ROOT_DIR=C:/msys64/mingw64'
fi fi
./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON ${options} ./tests/cmake/test.sh find_package ${TESTOPTS} -DCURL_USE_OPENSSL=ON

5
.github/workflows/hacktoberfest-accepted.yml vendored
View file

@ -40,8 +40,11 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Search relevant commit message lines starting with Closes/Merges - name: Search relevant commit message lines starting with Closes/Merges
env:
GITHUB_EVENT_BEFORE: '${{ github.event.before }}'
GITHUB_EVENT_AFTER: '${{ github.event.after }}'
run: | run: |
git log --format=email '${{ github.event.before }}..${{ github.event.after }}' | \ git log --format=email "${GITHUB_EVENT_BEFORE}..${GITHUB_EVENT_AFTER}" | \
grep -Ei '^Close[sd]? ' | sort | uniq | tee log grep -Ei '^Close[sd]? ' | sort | uniq | tee log
if: steps.check.outputs.label == 'hacktoberfest' if: steps.check.outputs.label == 'hacktoberfest'

227
.github/workflows/http3-linux.yml vendored
View file

@ -40,21 +40,21 @@ env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
CURL_CI: github CURL_CI: github
# handled in renovate.json # handled in renovate.json
openssl-version: 3.5.0 OPENSSL_VERSION: 3.5.0
# handled in renovate.json # handled in renovate.json
quictls-version: 3.3.0 QUICTLS_VERSION: 3.3.0
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
gnutls-version: 3.8.9 GNUTLS_VERSION: 3.8.9
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.8.0 WOLFSSL_VERSION: 5.8.0
# renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
nghttp3-version: 1.10.1 NGHTTP3_VERSION: 1.10.1
# renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
ngtcp2-version: 1.13.0 NGTCP2_VERSION: 1.13.0
# renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
nghttp2-version: 1.65.0 NGHTTP2_VERSION: 1.65.0
# renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com
quiche-version: 0.23.5 QUICHE_VERSION: 0.23.5
jobs: jobs:
build-cache: build-cache:
@ -68,7 +68,7 @@ jobs:
cache-name: cache-openssl-http3 cache-name: cache-openssl-http3
with: with:
path: ~/openssl/build path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
- name: 'cache quictls' - name: 'cache quictls'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -77,7 +77,7 @@ jobs:
cache-name: cache-quictls-no-deprecated cache-name: cache-quictls-no-deprecated
with: with:
path: ~/quictls/build path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
- name: 'cache gnutls' - name: 'cache gnutls'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -86,7 +86,7 @@ jobs:
cache-name: cache-gnutls cache-name: cache-gnutls
with: with:
path: ~/gnutls/build path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
- name: 'cache wolfssl' - name: 'cache wolfssl'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -95,7 +95,7 @@ jobs:
cache-name: cache-wolfssl cache-name: cache-wolfssl
with: with:
path: ~/wolfssl/build path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache nghttp3' - name: 'cache nghttp3'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -104,7 +104,7 @@ jobs:
cache-name: cache-nghttp3 cache-name: cache-nghttp3
with: with:
path: ~/nghttp3/build path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
- name: 'cache ngtcp2' - name: 'cache ngtcp2'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -113,7 +113,7 @@ jobs:
cache-name: cache-ngtcp2 cache-name: cache-ngtcp2
with: with:
path: ~/ngtcp2/build path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache nghttp2' - name: 'cache nghttp2'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
@ -122,7 +122,7 @@ jobs:
cache-name: cache-nghttp2 cache-name: cache-nghttp2
with: with:
path: ~/nghttp2/build path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
- id: settings - id: settings
if: | if: |
@ -149,37 +149,37 @@ jobs:
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev \ texinfo texlive texlive-extra-utils autopoint libev-dev \
apache2 apache2-dev libnghttp2-dev apache2 apache2-dev libnghttp2-dev
echo 'CC=gcc-12' >> $GITHUB_ENV echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> $GITHUB_ENV echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'build openssl' - name: 'build openssl'
if: steps.cache-openssl-http3.outputs.cache-hit != 'true' if: steps.cache-openssl-http3.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
cd openssl cd openssl
./config --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests ./config --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests
make make
make -j1 install_sw make -j1 install_sw
- name: 'build quictls' - name: 'build quictls'
if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl quictls
cd quictls cd quictls
./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests ./config no-deprecated --prefix="$PWD"/build --libdir=lib no-makedepend no-apps no-docs no-tests
make make
make -j1 install_sw make -j1 install_sw
- name: 'build gnutls' - name: 'build gnutls'
if: steps.cache-gnutls.outputs.cache-hit != 'true' if: steps.cache-gnutls.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git git clone --quiet --depth=1 -b "${GNUTLS_VERSION}" https://github.com/gnutls/gnutls.git
cd gnutls cd gnutls
./bootstrap ./bootstrap
./configure --disable-dependency-tracking --prefix=$PWD/build \ ./configure --disable-dependency-tracking --prefix="$PWD"/build \
LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \
--with-included-libtasn1 --with-included-unistring \ --with-included-libtasn1 --with-included-unistring \
--disable-guile --disable-doc --disable-tests --disable-tools --disable-guile --disable-doc --disable-tests --disable-tools
@ -189,26 +189,24 @@ jobs:
- name: 'build wolfssl' - name: 'build wolfssl'
if: steps.cache-wolfssl.outputs.cache-hit != 'true' if: steps.cache-wolfssl.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b v${{ env.wolfssl-version }}-stable https://github.com/wolfSSL/wolfssl.git git clone --quiet --depth=1 -b "v${WOLFSSL_VERSION}-stable" https://github.com/wolfSSL/wolfssl.git
cd wolfssl cd wolfssl
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --enable-all --enable-quic \ ./configure --disable-dependency-tracking --enable-all --enable-quic \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build --disable-benchmark --disable-crypttests --disable-examples --prefix="$PWD"/build
make make
make install make install
- name: 'build nghttp3' - name: 'build nghttp3'
if: steps.cache-nghttp3.outputs.cache-hit != 'true' if: steps.cache-nghttp3.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 git clone --quiet --depth=1 -b "v${NGHTTP3_VERSION}" https://github.com/ngtcp2/nghttp3
cd nghttp3 cd nghttp3
git submodule update --init --depth=1 git submodule update --init --depth=1
autoreconf -fi autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \ ./configure --disable-dependency-tracking --prefix="$PWD"/build --enable-lib-only
PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" \
--enable-lib-only
make make
make install make install
@ -216,30 +214,30 @@ jobs:
if: steps.cache-ngtcp2.outputs.cache-hit != 'true' if: steps.cache-ngtcp2.outputs.cache-hit != 'true'
# building twice to get crypto libs for ossl and quictls installed # building twice to get crypto libs for ossl and quictls installed
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
cd ngtcp2 cd ngtcp2
autoreconf -fi autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \ ./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig" --enable-lib-only --with-quictls PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig --enable-lib-only --with-quictls
make install make install
make clean make clean
./configure --disable-dependency-tracking --prefix=$PWD/build \ ./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH="$HOME/openssl/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig" \ PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
--enable-lib-only --with-openssl --with-gnutls --with-wolfssl --enable-lib-only --with-openssl --with-gnutls --with-wolfssl
make install make install
- name: 'build nghttp2' - name: 'build nghttp2'
if: steps.cache-nghttp2.outputs.cache-hit != 'true' if: steps.cache-nghttp2.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 git clone --quiet --depth=1 -b "v${NGHTTP2_VERSION}" https://github.com/nghttp2/nghttp2
cd nghttp2 cd nghttp2
git submodule update --init --depth=1 git submodule update --init --depth=1
autoreconf -fi autoreconf -fi
./configure --disable-dependency-tracking --prefix=$PWD/build \ ./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ PKG_CONFIG_PATH=/home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig \
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib \
--enable-http3 --enable-http3
make install make install
@ -249,83 +247,85 @@ jobs:
- build-cache - build-cache
runs-on: 'ubuntu-latest' runs-on: 'ubuntu-latest'
timeout-minutes: 45 timeout-minutes: 45
env:
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
build: build:
- name: openssl - name: openssl
PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib" LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=$HOME/openssl/build --enable-ssls-export --with-openssl=/home/runner/openssl/build --enable-ssls-export
--with-libuv --with-libuv
- name: quictls - name: quictls
PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" LDFLAGS=-Wl,-rpath,/home/runner/quictls/build/lib
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=$HOME/quictls/build --enable-ssls-export --with-openssl=/home/runner/quictls/build --enable-ssls-export
--with-libuv --with-libuv
- name: gnutls - name: gnutls
PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/gnutls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" LDFLAGS=-Wl,-rpath,/home/runner/gnutls/build/lib
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-gnutls=$HOME/gnutls/build --enable-ssls-export --with-gnutls=/home/runner/gnutls/build --enable-ssls-export
--with-libuv --with-libuv
- name: wolfssl - name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" LDFLAGS=-Wl,-rpath,/home/runner/wolfssl/build/lib
--with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --with-ngtcp2=/home/runner/ngtcp2/build --enable-warnings --enable-werror --enable-debug
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-wolfssl=$HOME/wolfssl/build --with-wolfssl=/home/runner/wolfssl/build
--enable-ech --enable-ssls-export --enable-ech --enable-ssls-export
--with-libuv --with-libuv
- name: wolfssl - name: wolfssl
PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/wolfssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
generate: >- generate: >-
-DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DUSE_ECH=ON -DUSE_ECH=ON
-DCURL_USE_LIBUV=ON -DCURL_USE_LIBUV=ON
- name: openssl-quic - name: openssl-quic
PKG_CONFIG_PATH: '$HOME/openssl/build/lib/pkgconfig' PKG_CONFIG_PATH: /home/runner/openssl/build/lib/pkgconfig
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib" LDFLAGS=-Wl,-rpath,/home/runner/openssl/build/lib
--enable-warnings --enable-werror --enable-debug --disable-ntlm --enable-warnings --enable-werror --enable-debug --disable-ntlm
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-openssl=$HOME/openssl/build --with-openssl-quic --with-openssl=/home/runner/openssl/build --with-openssl-quic
--with-nghttp3=$HOME/nghttp3/build --with-nghttp3=/home/runner/nghttp3/build
--with-libuv --with-libuv
- name: quiche - name: quiche
configure: >- configure: >-
LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release" LDFLAGS=-Wl,-rpath,/home/runner/quiche/target/release
--with-openssl=$HOME/quiche/quiche/deps/boringssl/src --with-openssl=/home/runner/quiche/quiche/deps/boringssl/src
--enable-warnings --enable-werror --enable-debug --enable-warnings --enable-werror --enable-debug
--with-quiche=$HOME/quiche/target/release --with-quiche=/home/runner/quiche/target/release
--with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" --with-test-nghttpx=/home/runner/nghttp2/build/bin/nghttpx
--with-ca-fallback --with-ca-fallback
--with-libuv --with-libuv
- name: quiche - name: quiche
PKG_CONFIG_PATH: '$HOME/quiche/target/release' PKG_CONFIG_PATH: /home/runner/quiche/target/release
generate: >- generate: >-
-DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON -DOPENSSL_ROOT_DIR=/home/runner/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON
-DUSE_QUICHE=ON -DUSE_QUICHE=ON
-DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DTEST_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx" -DHTTPD_NGHTTPX=/home/runner/nghttp2/build/bin/nghttpx
-DCURL_CA_FALLBACK=ON -DCURL_CA_FALLBACK=ON
-DCURL_USE_LIBUV=ON -DCURL_USE_LIBUV=ON
@ -342,9 +342,9 @@ jobs:
libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \ texinfo texlive texlive-extra-utils autopoint libev-dev libuv1-dev \
apache2 apache2-dev libnghttp2-dev vsftpd apache2 apache2-dev libnghttp2-dev vsftpd
python3 -m venv $HOME/venv python3 -m venv ~/venv
echo 'CC=gcc-12' >> $GITHUB_ENV echo 'CC=gcc-12' >> "$GITHUB_ENV"
echo 'CXX=g++-12' >> $GITHUB_ENV echo 'CXX=g++-12' >> "$GITHUB_ENV"
- name: 'cache openssl' - name: 'cache openssl'
if: matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic' if: matrix.build.name == 'openssl' || matrix.build.name == 'openssl-quic'
@ -354,7 +354,7 @@ jobs:
cache-name: cache-openssl-http3 cache-name: cache-openssl-http3
with: with:
path: ~/openssl/build path: ~/openssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache quictls' - name: 'cache quictls'
@ -364,7 +364,7 @@ jobs:
cache-name: cache-quictls-no-deprecated cache-name: cache-quictls-no-deprecated
with: with:
path: ~/quictls/build path: ~/quictls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache gnutls' - name: 'cache gnutls'
@ -375,7 +375,7 @@ jobs:
cache-name: cache-gnutls cache-name: cache-gnutls
with: with:
path: ~/gnutls/build path: ~/gnutls/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.GNUTLS_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache wolfssl' - name: 'cache wolfssl'
@ -386,7 +386,7 @@ jobs:
cache-name: cache-wolfssl cache-name: cache-wolfssl
with: with:
path: ~/wolfssl/build path: ~/wolfssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache nghttp3' - name: 'cache nghttp3'
@ -396,7 +396,7 @@ jobs:
cache-name: cache-nghttp3 cache-name: cache-nghttp3
with: with:
path: ~/nghttp3/build path: ~/nghttp3/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache ngtcp2' - name: 'cache ngtcp2'
@ -406,7 +406,7 @@ jobs:
cache-name: cache-ngtcp2 cache-name: cache-ngtcp2
with: with:
path: ~/ngtcp2/build path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}-${{ env.openssl-version }}-${{ env.quictls-version }}-${{ env.gnutls-version }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache nghttp2' - name: 'cache nghttp2'
@ -416,7 +416,7 @@ jobs:
cache-name: cache-nghttp2 cache-name: cache-nghttp2
with: with:
path: ~/nghttp2/build path: ~/nghttp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}-${{ env.quictls-version }}-${{ env.ngtcp2-version }}-${{ env.nghttp3-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGHTTP2_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.NGTCP2_VERSION }}-${{ env.NGHTTP3_VERSION }}
fail-on-cache-miss: true fail-on-cache-miss: true
- name: 'cache quiche' - name: 'cache quiche'
@ -427,13 +427,13 @@ jobs:
cache-name: cache-quiche cache-name: cache-quiche
with: with:
path: ~/quiche path: ~/quiche
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }} key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.QUICHE_VERSION }}
- name: 'build quiche and boringssl' - name: 'build quiche and boringssl'
if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true'
run: | run: |
cd $HOME cd ~
git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git git clone --quiet --depth=1 -b "${QUICHE_VERSION}" --recursive https://github.com/cloudflare/quiche.git
cd quiche cd quiche
#### Work-around https://github.com/curl/curl/issues/7927 ####### #### Work-around https://github.com/curl/curl/issues/7927 #######
#### See https://github.com/alexcrichton/cmake-rs/issues/131 #### #### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
@ -442,12 +442,13 @@ jobs:
cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
ln -s libquiche.so target/release/libquiche.so.0 ln -s libquiche.so target/release/libquiche.so.0
mkdir -v quiche/deps/boringssl/src/lib mkdir -v quiche/deps/boringssl/src/lib
# shellcheck disable=SC2046
ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
# include dir # include dir
# $HOME/quiche/quiche/deps/boringssl/src/include # /home/runner/quiche/quiche/deps/boringssl/src/include
# lib dir # lib dir
# $HOME/quiche/quiche/deps/boringssl/src/lib # /home/runner/quiche/quiche/deps/boringssl/src/lib
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -458,19 +459,21 @@ jobs:
run: autoreconf -fi run: autoreconf -fi
- name: 'configure' - name: 'configure'
env:
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
run: | run: |
if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then [ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" if [ "${MATRIX_BUILD}" = 'cmake' ]; then
fi
if [ -n '${{ matrix.build.generate }}' ]; then
cmake -B bld -G Ninja \ cmake -B bld -G Ninja \
-DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ -DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
${{ matrix.build.generate }} ${MATRIX_GENERATE}
else else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \ --disable-dependency-tracking \
${{ matrix.build.configure }} ${MATRIX_CONFIGURE}
fi fi
- name: 'configure log' - name: 'configure log'
@ -487,7 +490,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose cmake --build bld --verbose
else else
make -C bld V=1 make -C bld V=1
@ -498,7 +501,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps cmake --build bld --verbose --target testdeps
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
@ -506,15 +509,15 @@ jobs:
- name: 'install test prereqs' - name: 'install test prereqs'
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt python3 -m pip install -r tests/requirements.txt
- name: 'run tests' - name: 'run tests'
env: env:
TFLAGS: '${{ matrix.build.tflags }}' TFLAGS: '${{ matrix.build.tflags }}'
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target test-ci cmake --build bld --verbose --target test-ci
else else
make -C bld V=1 test-ci make -C bld V=1 test-ci
@ -522,7 +525,7 @@ jobs:
- name: 'install pytest prereqs' - name: 'install pytest prereqs'
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest event based' - name: 'run pytest event based'
@ -531,8 +534,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes' PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4 PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci cmake --build bld --verbose --target curl-pytest-ci
else else
make -C bld V=1 pytest-ci make -C bld V=1 pytest-ci
@ -540,7 +543,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples cmake --build bld --verbose --target curl-examples
else else
make -C bld V=1 examples make -C bld V=1 examples

2
.github/workflows/linux-old.yml vendored
View file

@ -130,7 +130,7 @@ jobs:
cd bld-am cd bld-am
../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--with-openssl --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \ --with-openssl --enable-ares --with-libssh2 --with-zstd --with-gssapi --with-librtmp \
--prefix="$PWD"/../install-am --prefix="$PWD"/../curl-install-am
- name: 'autoconf curl_config.h' - name: 'autoconf curl_config.h'
run: | run: |

281
.github/workflows/linux.yml vendored
View file

@ -40,25 +40,25 @@ env:
CURL_CI: github CURL_CI: github
CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized' CURL_CLANG_TIDYFLAGS: '-checks=-clang-analyzer-security.insecureAPI.strcpy,-clang-analyzer-optin.performance.Padding,-clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling,-clang-analyzer-valist.Uninitialized'
# unhandled # unhandled
bearssl-version: 0.6 BEARSSL_VERSION: 0.6
# renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com
libressl-version: 4.1.0 LIBRESSL_VERSION: 4.1.0
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com # renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssl-version: 5.8.0 WOLFSSL_VERSION: 5.8.0
# renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com # renovate: datasource=github-tags depName=wolfSSL/wolfssh versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
wolfssh-version: 1.4.19 WOLFSSH_VERSION: 1.4.19
# renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=Mbed-TLS/mbedtls versioning=semver registryUrl=https://github.com
mbedtls-version: 3.6.3 MBEDTLS_VERSION: 3.6.3
# renovate: datasource=github-tags depName=nibanks/msh3 versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=nibanks/msh3 versioning=semver registryUrl=https://github.com
msh3-version: 0.6.0 MSH3_VERSION: 0.6.0
# renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
awslc-version: 1.52.0 AWSLC_VERSION: 1.52.0
# handled in renovate.json # handled in renovate.json
openssl-version: 3.5.0 OPENSSL_VERSION: 3.5.0
# handled in renovate.json # handled in renovate.json
quictls-version: 3.3.0 QUICTLS_VERSION: 3.3.0
# renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=rustls/rustls-ffi versioning=semver registryUrl=https://github.com
rustls-version: 0.15.0 RUSTLS_VERSION: 0.15.0
jobs: jobs:
linux: linux:
@ -66,6 +66,11 @@ jobs:
runs-on: ${{ matrix.build.image || 'ubuntu-latest' }} runs-on: ${{ matrix.build.image || 'ubuntu-latest' }}
container: ${{ matrix.build.container }} container: ${{ matrix.build.container }}
timeout-minutes: 45 timeout-minutes: 45
env:
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_INSTALL_PACKAGES: '${{ matrix.build.install_packages }}'
MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}'
MATRIX_MAKE_PREFIX: '${{ matrix.build.make-prefix }}'
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -73,52 +78,52 @@ jobs:
- name: bearssl - name: bearssl
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: bearssl pytest install_steps: bearssl pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug configure: LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug
- name: bearssl clang - name: bearssl clang
install_packages: zlib1g-dev clang install_packages: zlib1g-dev clang
install_steps: bearssl install_steps: bearssl
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/bearssl/lib" --with-bearssl=$HOME/bearssl --enable-debug configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/bearssl/lib --with-bearssl=/home/runner/bearssl --enable-debug
- name: libressl heimdal - name: libressl heimdal
install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev
install_steps: libressl pytest install_steps: libressl pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --with-gssapi --enable-debug configure: LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --with-gssapi --enable-debug
- name: libressl heimdal valgrind - name: libressl heimdal valgrind
install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev valgrind install_packages: zlib1g-dev libnghttp2-dev libldap-dev heimdal-dev valgrind
install_steps: libressl install_steps: libressl
generate: -DOPENSSL_ROOT_DIR=$HOME/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON generate: -DOPENSSL_ROOT_DIR=/home/runner/libressl -DCURL_USE_GSSAPI=ON -DENABLE_DEBUG=ON -DCURL_LIBCURL_VERSIONED_SYMBOLS=ON
- name: libressl clang - name: libressl clang
install_packages: zlib1g-dev clang install_packages: zlib1g-dev clang
install_steps: libressl install_steps: libressl
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/libressl/lib" --with-openssl=$HOME/libressl --enable-debug configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/libressl/lib --with-openssl=/home/runner/libressl --enable-debug
- name: wolfssl-all - name: wolfssl-all
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: wolfssl-all install_steps: wolfssl-all
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-all/lib" --with-wolfssl=$HOME/wolfssl-all --enable-ech --enable-debug configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-all/lib --with-wolfssl=/home/runner/wolfssl-all --enable-ech --enable-debug
- name: wolfssl-opensslextra valgrind - name: wolfssl-opensslextra valgrind
install_packages: zlib1g-dev valgrind install_packages: zlib1g-dev valgrind
install_steps: wolfssl-opensslextra wolfssh install_steps: wolfssl-opensslextra wolfssh
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --enable-ech --enable-debug configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --enable-ech --enable-debug
- name: mbedtls valgrind - name: mbedtls valgrind
install_packages: libnghttp2-dev libldap-dev valgrind install_packages: libnghttp2-dev libldap-dev valgrind
install_steps: mbedtls install_steps: mbedtls
configure: LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug configure: LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug
- name: mbedtls clang - name: mbedtls clang
install_packages: libnghttp2-dev libldap-dev clang install_packages: libnghttp2-dev libldap-dev clang
install_steps: mbedtls pytest install_steps: mbedtls pytest
configure: CC=clang LDFLAGS="-Wl,-rpath,$HOME/mbedtls/lib" --with-mbedtls=$HOME/mbedtls --enable-debug configure: CC=clang LDFLAGS=-Wl,-rpath,/home/runner/mbedtls/lib --with-mbedtls=/home/runner/mbedtls --enable-debug
- name: mbedtls - name: mbedtls
install_packages: libnghttp2-dev install_packages: libnghttp2-dev
install_steps: mbedtls install_steps: mbedtls
PKG_CONFIG_PATH: '$HOME/mbedtls/lib/pkgconfig' # Requires v3.6.0 or v2.28.8 PKG_CONFIG_PATH: /home/runner/mbedtls/lib/pkgconfig # Requires v3.6.0 or v2.28.8
generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON generate: -DCURL_USE_MBEDTLS=ON -DENABLE_DEBUG=ON
- name: mbedtls-pkg - name: mbedtls-pkg
@ -133,23 +138,24 @@ jobs:
- name: msh3 - name: msh3
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: quictls msh3 install_steps: quictls msh3
configure: LDFLAGS="-Wl,-rpath,$HOME/msh3/lib -Wl,-rpath,$HOME/quictls/lib" --with-msh3=$HOME/msh3 --with-openssl=$HOME/quictls --enable-debug LDFLAGS: -Wl,-rpath,/home/runner/msh3/lib -Wl,-rpath,/home/runner/quictls/lib
configure: --with-msh3=/home/runner/msh3 --with-openssl=/home/runner/quictls --enable-debug
- name: msh3 - name: msh3
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: quictls msh3 skipall install_steps: quictls msh3 skipall
PKG_CONFIG_PATH: '$HOME/msh3/lib/pkgconfig' # Broken as of v0.6.0 PKG_CONFIG_PATH: /home/runner/msh3/lib/pkgconfig # Broken as of v0.6.0
generate: -DOPENSSL_ROOT_DIR=$HOME/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=$HOME/msh3/include -DMSH3_LIBRARY=$HOME/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON generate: -DOPENSSL_ROOT_DIR=/home/runner/quictls -DUSE_MSH3=ON -DMSH3_INCLUDE_DIR=/home/runner/msh3/include -DMSH3_LIBRARY=/home/runner/msh3/lib/libmsh3.so -DENABLE_DEBUG=ON
- name: awslc - name: awslc
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: awslc pytest install_steps: awslc pytest
configure: LDFLAGS="-Wl,-rpath,$HOME/awslc/lib" --with-openssl=$HOME/awslc --enable-ech configure: LDFLAGS=-Wl,-rpath,/home/runner/awslc/lib --with-openssl=/home/runner/awslc --enable-ech
- name: awslc - name: awslc
install_packages: zlib1g-dev install_packages: zlib1g-dev
install_steps: awslc install_steps: awslc
generate: -DOPENSSL_ROOT_DIR=$HOME/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF generate: -DOPENSSL_ROOT_DIR=/home/runner/awslc -DUSE_ECH=ON -DCMAKE_UNITY_BUILD=OFF
- name: openssl default - name: openssl default
install_steps: pytest install_steps: pytest
@ -223,44 +229,39 @@ jobs:
- name: clang-tidy - name: clang-tidy
install_packages: clang-tidy zlib1g-dev libssl-dev libkrb5-dev install_packages: clang-tidy zlib1g-dev libssl-dev libkrb5-dev
install_steps: skipall wolfssl-opensslextra wolfssh install_steps: skipall wolfssl-opensslextra wolfssh
configure: LDFLAGS="-Wl,-rpath,$HOME/wolfssl-opensslextra/lib" --with-wolfssl=$HOME/wolfssl-opensslextra --with-wolfssh=$HOME/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export configure: LDFLAGS=-Wl,-rpath,/home/runner/wolfssl-opensslextra/lib --with-wolfssl=/home/runner/wolfssl-opensslextra --with-wolfssh=/home/runner/wolfssh --with-openssl --enable-ech --with-gssapi --enable-ssls-export
make-custom-target: tidy make-custom-target: tidy
- name: scanbuild - name: scanbuild
install_packages: clang-tools clang libssl-dev libssh2-1-dev install_packages: clang-tools clang libssl-dev libssh2-1-dev
install_steps: skipall install_steps: skipall
configure: --with-openssl --enable-debug --with-libssh2 --disable-unity configure: --with-openssl --enable-debug --with-libssh2 --disable-unity
configure-prefix: CC=clang scan-build CC: clang
configure-prefix: scan-build
make-prefix: scan-build --status-bugs make-prefix: scan-build --status-bugs
- name: address-sanitizer - name: address-sanitizer
install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2 install_packages: zlib1g-dev libssh2-1-dev clang libssl-dev libubsan1 libasan8 libtsan2
install_steps: pytest randcurl install_steps: pytest randcurl
configure: >- CFLAGS: -fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g
CC=clang LDFLAGS: -fsanitize=address,undefined -fno-sanitize-recover=undefined,integer
CFLAGS="-fsanitize=address,undefined,signed-integer-overflow -fno-sanitize-recover=undefined,integer -Wformat -Werror=format-security -Werror=array-bounds -g" LIBS: -ldl -lubsan
LDFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=undefined,integer" configure: CC=clang --with-openssl --enable-debug
LIBS="-ldl -lubsan"
--with-openssl --enable-debug
- name: thread-sanitizer - name: thread-sanitizer
install_packages: zlib1g-dev clang libtsan2 install_packages: zlib1g-dev clang libtsan2
install_steps: pytest openssl-tsan install_steps: pytest openssl-tsan
configure: >- CFLAGS: -fsanitize=thread -g
CC=clang LDFLAGS: -fsanitize=thread -Wl,-rpath,/home/runner/openssl/lib
CFLAGS="-fsanitize=thread -g" configure: CC=clang --with-openssl=/home/runner/openssl --enable-debug
LDFLAGS="-fsanitize=thread -Wl,-rpath,$HOME/openssl/lib"
--with-openssl=$HOME/openssl --enable-debug
- name: memory-sanitizer - name: memory-sanitizer
install_packages: clang install_packages: clang
install_steps: randcurl install_steps: randcurl
configure: >- CFLAGS: -fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g
CC=clang LDFLAGS: -fsanitize=memory
CFLAGS="-fsanitize=memory -Wformat -Werror=format-security -Werror=array-bounds -g" LIBS: -ldl
LDFLAGS="-fsanitize=memory" configure: CC=clang --without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug
LIBS="-ldl"
--without-ssl --without-zlib --without-brotli --without-zstd --without-libpsl --without-nghttp2 --enable-debug
- name: event-based - name: event-based
install_packages: libssh-dev install_packages: libssh-dev
@ -305,18 +306,21 @@ jobs:
steps: steps:
- name: 'install prereqs' - name: 'install prereqs'
if: matrix.build.container == null && !contains(matrix.build.name, 'i686') if: matrix.build.container == null && !contains(matrix.build.name, 'i686')
# zizmor: ignore[template-injection] env:
INSTALL_PACKAGES: >-
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }}
${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }}
run: | run: |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
sudo apt-get -o Dpkg::Use-Pty=0 update sudo apt-get -o Dpkg::Use-Pty=0 update
sudo rm -f /var/lib/man-db/auto-update sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install \ sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf \ libtool autoconf automake pkgconf \
${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') && 'stunnel4' || '' }} \
libpsl-dev libbrotli-dev libzstd-dev \ libpsl-dev libbrotli-dev libzstd-dev \
${{ matrix.build.install_packages }} \ ${INSTALL_PACKAGES} \
${{ contains(matrix.build.install_steps, 'pytest') && 'apache2 apache2-dev libnghttp2-dev vsftpd' || '' }} ${MATRIX_INSTALL_PACKAGES}
python3 -m venv $HOME/venv python3 -m venv ~/venv
- name: 'install prereqs' - name: 'install prereqs'
if: contains(matrix.build.name, 'i686') if: contains(matrix.build.name, 'i686')
@ -328,8 +332,8 @@ jobs:
sudo apt-get -o Dpkg::Use-Pty=0 install \ sudo apt-get -o Dpkg::Use-Pty=0 install \
libtool autoconf automake pkgconf stunnel4 \ libtool autoconf automake pkgconf stunnel4 \
libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \ libpsl-dev:i386 libbrotli-dev:i386 libzstd-dev:i386 \
${{ matrix.build.install_packages }} ${MATRIX_INSTALL_PACKAGES}
python3 -m venv $HOME/venv python3 -m venv ~/venv
- name: 'install dependencies' - name: 'install dependencies'
if: startsWith(matrix.build.container, 'alpine') if: startsWith(matrix.build.container, 'alpine')
@ -348,19 +352,18 @@ jobs:
cache-name: cache-bearssl cache-name: cache-bearssl
with: with:
path: ~/bearssl path: ~/bearssl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.bearssl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.BEARSSL_VERSION }}
- name: 'build bearssl' - name: 'build bearssl'
if: contains(matrix.build.install_steps, 'bearssl') && steps.cache-bearssl.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'bearssl') && steps.cache-bearssl.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://bearssl.org/bearssl-${{ env.bearssl-version }}.tar.gz "https://bearssl.org/bearssl-${BEARSSL_VERSION}.tar.gz" | tar -xz
tar -xzf bearssl-${{ env.bearssl-version }}.tar.gz cd "bearssl-${BEARSSL_VERSION}"
cd bearssl-${{ env.bearssl-version }}
make make
mkdir -p $HOME/bearssl/lib $HOME/bearssl/include mkdir -p ~/bearssl/lib ~/bearssl/include
cp inc/*.h $HOME/bearssl/include cp inc/*.h ~/bearssl/include
cp build/libbearssl.* $HOME/bearssl/lib cp build/libbearssl.* ~/bearssl/lib
- name: 'cache libressl' - name: 'cache libressl'
if: contains(matrix.build.install_steps, 'libressl') if: contains(matrix.build.install_steps, 'libressl')
@ -370,16 +373,15 @@ jobs:
cache-name: cache-libressl cache-name: cache-libressl
with: with:
path: ~/libressl path: ~/libressl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.libressl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'build libressl' - name: 'build libressl'
if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -xz
tar -xzf libressl-${{ env.libressl-version }}.tar.gz cd "libressl-${LIBRESSL_VERSION}"
cd libressl-${{ env.libressl-version }} ./configure --disable-dependency-tracking --prefix=/home/runner/libressl
./configure --disable-dependency-tracking --prefix=$HOME/libressl
make install make install
- name: 'cache wolfssl (all)' - name: 'cache wolfssl (all)'
@ -390,18 +392,17 @@ jobs:
cache-name: cache-wolfssl-all cache-name: cache-wolfssl-all
with: with:
path: ~/wolfssl-all path: ~/wolfssl-all
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssl (all)' # does not support `OPENSSL_COEXIST` - name: 'build wolfssl (all)' # does not support `OPENSSL_COEXIST`
if: contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'wolfssl-all') && steps.cache-wolfssl-all.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz cd "wolfssl-${WOLFSSL_VERSION}-stable"
cd wolfssl-${{ env.wolfssl-version }}-stable
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \ ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-all \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-all --disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-all
make install make install
- name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST` - name: 'cache wolfssl (opensslextra)' # does support `OPENSSL_COEXIST`
@ -412,18 +413,17 @@ jobs:
cache-name: cache-wolfssl-opensslextra cache-name: cache-wolfssl-opensslextra
with: with:
path: ~/wolfssl-opensslextra path: ~/wolfssl-opensslextra
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssl (opensslextra)' - name: 'build wolfssl (opensslextra)'
if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'wolfssl-opensslextra') && steps.cache-wolfssl-opensslextra.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssl/archive/v${{ env.wolfssl-version }}-stable.tar.gz "https://github.com/wolfSSL/wolfssl/archive/v${WOLFSSL_VERSION}-stable.tar.gz" | tar -xz
tar -xzf v${{ env.wolfssl-version }}-stable.tar.gz cd "wolfssl-${WOLFSSL_VERSION}-stable"
cd wolfssl-${{ env.wolfssl-version }}-stable
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-wolfssh --enable-ech --enable-opensslextra \ ./configure --disable-dependency-tracking --enable-tls13 --enable-harden --enable-wolfssh --enable-ech --enable-opensslextra \
--disable-benchmark --disable-crypttests --disable-examples --prefix=$HOME/wolfssl-opensslextra --disable-benchmark --disable-crypttests --disable-examples --prefix=/home/runner/wolfssl-opensslextra
make install make install
- name: 'cache wolfssh' - name: 'cache wolfssh'
@ -434,18 +434,17 @@ jobs:
cache-name: cache-wolfssh cache-name: cache-wolfssh
with: with:
path: ~/wolfssh path: ~/wolfssh
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.wolfssh-version }}-${{ env.wolfssl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.WOLFSSH_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'build wolfssh' - name: 'build wolfssh'
if: contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'wolfssh') && steps.cache-wolfssh.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/wolfSSL/wolfssh/archive/v${{ env.wolfssh-version }}-stable.tar.gz "https://github.com/wolfSSL/wolfssh/archive/v${WOLFSSH_VERSION}-stable.tar.gz" | tar -xz
tar -xzf v${{ env.wolfssh-version }}-stable.tar.gz cd "wolfssh-${WOLFSSH_VERSION}-stable"
cd wolfssh-${{ env.wolfssh-version }}-stable
./autogen.sh ./autogen.sh
./configure --disable-dependency-tracking --with-wolfssl=$HOME/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \ ./configure --disable-dependency-tracking --with-wolfssl=/home/runner/wolfssl-opensslextra --enable-scp --enable-sftp --disable-term \
--disable-examples --prefix=$HOME/wolfssh --disable-examples --prefix=/home/runner/wolfssh
make install make install
- name: 'cache mbedtls' - name: 'cache mbedtls'
@ -456,18 +455,17 @@ jobs:
cache-name: cache-mbedtls-threadsafe cache-name: cache-mbedtls-threadsafe
with: with:
path: ~/mbedtls path: ~/mbedtls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.mbedtls-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MBEDTLS_VERSION }}
- name: 'build mbedtls' - name: 'build mbedtls'
if: contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'mbedtls') && steps.cache-mbedtls.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${{ env.mbedtls-version }}/mbedtls-${{ env.mbedtls-version }}.tar.bz2 "https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-${MBEDTLS_VERSION}/mbedtls-${MBEDTLS_VERSION}.tar.bz2" | tar -xj
tar -xjf mbedtls-${{ env.mbedtls-version }}.tar.bz2 cd "mbedtls-${MBEDTLS_VERSION}"
cd mbedtls-${{ env.mbedtls-version }}
./scripts/config.py set MBEDTLS_THREADING_C ./scripts/config.py set MBEDTLS_THREADING_C
./scripts/config.py set MBEDTLS_THREADING_PTHREAD ./scripts/config.py set MBEDTLS_THREADING_PTHREAD
cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=$HOME/mbedtls \ cmake -B . -G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DCMAKE_INSTALL_PREFIX=/home/runner/mbedtls \
-DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF
cmake --build . cmake --build .
cmake --install . cmake --install .
@ -480,14 +478,14 @@ jobs:
cache-name: cache-openssl-tsan cache-name: cache-openssl-tsan
with: with:
path: ~/openssl path: ~/openssl
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.openssl-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.OPENSSL_VERSION }}
- name: 'build openssl (thread sanitizer)' - name: 'build openssl (thread sanitizer)'
if: contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'openssl-tsan') && steps.cache-openssl-tsan.outputs.cache-hit != 'true'
run: | run: |
git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl git clone --quiet --depth=1 -b "openssl-${OPENSSL_VERSION}" https://github.com/openssl/openssl
cd openssl cd openssl
CC="clang" CFLAGS="-fsanitize=thread" LDFLAGS="-fsanitize=thread" ./config --prefix=$HOME/openssl --libdir=lib no-makedepend no-apps no-docs no-tests CC=clang CFLAGS='-fsanitize=thread' LDFLAGS='-fsanitize=thread' ./config --prefix=/home/runner/openssl --libdir=lib no-makedepend no-apps no-docs no-tests
make make
make -j1 install_sw make -j1 install_sw
@ -499,14 +497,14 @@ jobs:
cache-name: cache-quictls cache-name: cache-quictls
with: with:
path: ~/quictls path: ~/quictls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1 key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.QUICTLS_VERSION }}-quic1
- name: 'build quictls' - name: 'build quictls'
if: contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'quictls') && steps.cache-quictls.outputs.cache-hit != 'true'
run: | run: |
git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl git clone --quiet --depth=1 -b "openssl-${QUICTLS_VERSION}-quic1" https://github.com/quictls/openssl
cd openssl cd openssl
./config --prefix=$HOME/quictls --libdir=lib no-makedepend no-apps no-docs no-tests ./config --prefix=/home/runner/quictls --libdir=lib no-makedepend no-apps no-docs no-tests
make make
make -j1 install_sw make -j1 install_sw
@ -518,14 +516,14 @@ jobs:
cache-name: cache-msh3 cache-name: cache-msh3
with: with:
path: ~/msh3 path: ~/msh3
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.msh3-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.MSH3_VERSION }}
- name: 'build msh3' - name: 'build msh3'
if: contains(matrix.build.install_steps, 'msh3') && steps.cache-msh3.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'msh3') && steps.cache-msh3.outputs.cache-hit != 'true'
run: | run: |
git clone --quiet --depth=1 -b v${{ env.msh3-version }} --recursive https://github.com/nibanks/msh3 git clone --quiet --depth=1 -b "v${MSH3_VERSION}" --recursive https://github.com/nibanks/msh3
cd msh3 cd msh3
cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=$HOME/msh3 cmake -B . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=/home/runner/msh3
cmake --build . cmake --build .
cmake --install . cmake --install .
@ -537,17 +535,16 @@ jobs:
cache-name: cache-awslc cache-name: cache-awslc
with: with:
path: ~/awslc path: ~/awslc
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.awslc-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
- name: 'build awslc' - name: 'build awslc'
if: contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'awslc') && steps.cache-awslc.outputs.cache-hit != 'true'
run: | run: |
curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LOsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/awslabs/aws-lc/archive/refs/tags/v${{ env.awslc-version }}.tar.gz "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz
tar -xzf v${{ env.awslc-version }}.tar.gz mkdir "aws-lc-${AWSLC_VERSION}-build"
mkdir aws-lc-${{ env.awslc-version }}-build cd "aws-lc-${AWSLC_VERSION}-build"
cd aws-lc-${{ env.awslc-version }}-build cmake -G Ninja -DCMAKE_INSTALL_PREFIX=/home/runner/awslc "../aws-lc-${AWSLC_VERSION}" -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF
cmake -G Ninja -DCMAKE_INSTALL_PREFIX=$HOME/awslc ../aws-lc-${{ env.awslc-version }} -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF
cmake --build . cmake --build .
cmake --install . cmake --install .
@ -559,21 +556,21 @@ jobs:
cache-name: cache-rustls cache-name: cache-rustls
with: with:
path: ~/rustls path: ~/rustls
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.rustls-version }} key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ env.RUSTLS_VERSION }}
- name: 'fetch rustls deb' - name: 'fetch rustls deb'
if: contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'rustls') && steps.cache-rustls.outputs.cache-hit != 'true'
run: | run: |
mkdir -p ~/rustls mkdir -p ~/rustls
curl -L https://github.com/rustls/rustls-ffi/releases/download/v${{ env.rustls-version }}/librustls_${{ env.rustls-version }}_amd64.deb.zip -o ~/rustls/librustls.zip curl -LsSf --retry 6 --retry-connrefused --max-time 999 \
"https://github.com/rustls/rustls-ffi/releases/download/v${RUSTLS_VERSION}/librustls_${RUSTLS_VERSION}_amd64.deb.zip" -o ~/rustls/librustls.zip
unzip ~/rustls/librustls.zip -d ~/rustls unzip ~/rustls/librustls.zip -d ~/rustls
rm ~/rustls/librustls.zip rm ~/rustls/librustls.zip
- name: 'build rustls' - name: 'build rustls'
# Note: we don't check cache-hit here. If the cache is hit, we still need to dpkg install the deb. # Note: we don't check cache-hit here. If the cache is hit, we still need to dpkg install the deb.
if: contains(matrix.build.install_steps, 'rustls') if: contains(matrix.build.install_steps, 'rustls')
run: | run: sudo dpkg -i ~/rustls/"librustls_${RUSTLS_VERSION}_amd64.deb"
sudo dpkg -i ~/rustls/librustls_${{ env.rustls-version }}_amd64.deb
- name: 'install Intel compilers' - name: 'install Intel compilers'
if: contains(matrix.build.install_steps, 'intel') if: contains(matrix.build.install_steps, 'intel')
@ -582,7 +579,7 @@ jobs:
sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main" sudo add-apt-repository "deb https://apt.repos.intel.com/oneapi all main"
sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic sudo apt-get -o Dpkg::Use-Pty=0 install intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic
source /opt/intel/oneapi/setvars.sh source /opt/intel/oneapi/setvars.sh
printenv >> $GITHUB_ENV printenv >> "$GITHUB_ENV"
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -593,23 +590,30 @@ jobs:
run: autoreconf -fi run: autoreconf -fi
- name: 'configure' - name: 'configure'
env:
CC: '${{ matrix.build.CC }}'
CFLAGS: '${{ matrix.build.CFLAGS }}'
LDFLAGS: '${{ matrix.build.LDFLAGS }}'
LIBS: '${{ matrix.build.LIBS }}'
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_CONFIGURE_PREFIX: '${{ matrix.build.configure-prefix }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_PKG_CONFIG_PATH: '${{ matrix.build.PKG_CONFIG_PATH }}'
run: | run: |
[[ '${{ matrix.build.install_steps }}' = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev [[ "${MATRIX_INSTALL_STEPS}" = *'awslc'* ]] && sudo apt-get -o Dpkg::Use-Pty=0 purge libssl-dev
if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then [ -n "${MATRIX_PKG_CONFIG_PATH}" ] && export PKG_CONFIG_PATH="${MATRIX_PKG_CONFIG_PATH}"
export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}" if [ "${MATRIX_BUILD}" = 'cmake' ]; then
fi
if [ -n '${{ matrix.build.generate }}' ]; then
cmake -B bld -G Ninja \ cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME/curl" \ -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \ -DCMAKE_C_COMPILER_TARGET="$(uname -m)-pc-linux-gnu" -DBUILD_STATIC_LIBS=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
${{ matrix.build.generate }} ${MATRIX_GENERATE}
else else
mkdir bld && cd bld && \ mkdir bld && cd bld && \
${{ matrix.build.configure-prefix }} \ ${MATRIX_CONFIGURE_PREFIX} \
../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \ --disable-dependency-tracking \
${{ matrix.build.configure }} ${MATRIX_CONFIGURE}
fi fi
- name: 'configure log' - name: 'configure log'
@ -625,23 +629,25 @@ jobs:
run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true run: grep -H -v '^#' bld/tests/config bld/tests/http/config.ini || true
- name: 'build' - name: 'build'
env:
MATRIX_MAKE_CUSTOM_TARGET: '${{ matrix.build.make-custom-target }}'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
${{ matrix.build.make-prefix }} cmake --build bld --verbose ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose
else else
${{ matrix.build.make-prefix }} make -C bld V=1 ${{ matrix.build.make-custom-target }} ${MATRIX_MAKE_PREFIX} make -C bld V=1 ${MATRIX_MAKE_CUSTOM_TARGET}
fi fi
- name: 'single-use function check' - name: 'single-use function check'
if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }} if: ${{ contains(matrix.build.configure, '--disable-unity') || contains(matrix.build.generate, '-DCMAKE_UNITY_BUILD=OFF') }}
run: | run: |
git config --global --add safe.directory "*" git config --global --add safe.directory "*"
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
libcurla=bld/lib/libcurl.a libcurla=bld/lib/libcurl.a
else else
libcurla=bld/lib/.libs/libcurl.a libcurla=bld/lib/.libs/libcurl.a
fi fi
./scripts/singleuse.pl --unit ${libcurla} ./scripts/singleuse.pl --unit "${libcurla}"
- name: 'check curl -V output' - name: 'check curl -V output'
if: ${{ matrix.build.make-custom-target != 'tidy' }} if: ${{ matrix.build.make-custom-target != 'tidy' }}
@ -654,7 +660,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') }} if: ${{ !contains(matrix.build.install_steps, 'skipall') }}
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps cmake --build bld --verbose --target testdeps
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
@ -663,37 +669,38 @@ jobs:
- name: 'install test prereqs' - name: 'install test prereqs'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && matrix.build.container == null }} if: ${{ !contains(matrix.build.install_steps, 'skipall') && matrix.build.container == null }}
run: | run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt python3 -m pip install -r tests/requirements.txt
- name: 'run tests' - name: 'run tests'
if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }} if: ${{ !contains(matrix.build.install_steps, 'skipall') && !contains(matrix.build.install_steps, 'skiprun') }}
timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }} timeout-minutes: ${{ contains(matrix.build.install_packages, 'valgrind') && 30 || 15 }}
# zizmor: ignore[template-injection] env:
TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
TFLAGS: '${{ matrix.build.tflags }}'
run: | run: |
export TFLAGS='${{ matrix.build.tflags }}' if [ "${TEST_TARGET}" = 'test-ci' ]; then
if [ -z '${{ matrix.build.torture }}' ]; then if [[ "${MATRIX_INSTALL_STEPS}" = *'wolfssh'* ]]; then
if [[ '${{ matrix.build.install_steps }}' = *'wolfssh'* ]]; then
TFLAGS+=' ~SFTP' # curl: (79) wolfssh SFTP connect error -1051 / WS_MATCH_KEY_ALGO_E / cannot match key algo with peer TFLAGS+=' ~SFTP' # curl: (79) wolfssh SFTP connect error -1051 / WS_MATCH_KEY_ALGO_E / cannot match key algo with peer
fi fi
if [[ '${{ matrix.build.install_packages }}' = *'valgrind'* ]]; then if [[ "${MATRIX_INSTALL_PACKAGES}" = *'valgrind'* ]]; then
TFLAGS+=' -j6' TFLAGS+=' -j6'
fi fi
if [[ '${{ matrix.build.install_packages }}' = *'heimdal-dev'* ]]; then if [[ "${MATRIX_INSTALL_PACKAGES}" = *'heimdal-dev'* ]]; then
TFLAGS+=' ~2077 ~2078' # valgrind reporting memory leaks from Curl_auth_decode_spnego_message() -> gss_import_name() TFLAGS+=' ~2077 ~2078' # valgrind reporting memory leaks from Curl_auth_decode_spnego_message() -> gss_import_name()
fi fi
fi fi
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} cmake --build bld --verbose --target "${TEST_TARGET}"
else else
make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} make -C bld V=1 "${TEST_TARGET}"
fi fi
- name: 'install pytest prereqs' - name: 'install pytest prereqs'
if: contains(matrix.build.install_steps, 'pytest') if: contains(matrix.build.install_steps, 'pytest')
run: | run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest' - name: 'run pytest'
@ -702,8 +709,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes' PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4 PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: | run: |
[ -x "$HOME/venv/bin/activate" ] && source $HOME/venv/bin/activate [ -x ~/venv/bin/activate ] && source ~/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci cmake --build bld --verbose --target curl-pytest-ci
else else
make -C bld V=1 pytest-ci make -C bld V=1 pytest-ci
@ -719,8 +726,8 @@ jobs:
- name: 'build examples' - name: 'build examples'
if: ${{ matrix.build.make-custom-target != 'tidy' }} if: ${{ matrix.build.make-custom-target != 'tidy' }}
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
${{ matrix.build.make-prefix }} cmake --build bld --verbose --target curl-examples ${MATRIX_MAKE_PREFIX} cmake --build bld --verbose --target curl-examples
else else
${{ matrix.build.make-prefix }} make -C bld V=1 examples ${MATRIX_MAKE_PREFIX} make -C bld V=1 examples
fi fi

182
.github/workflows/macos.yml vendored
View file

@ -58,8 +58,11 @@ jobs:
timeout-minutes: 45 timeout-minutes: 45
env: env:
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.compiler }} CC: '${{ matrix.compiler }}'
CFLAGS: '' MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_COMPILER: '${{ matrix.compiler }}'
MATRIX_INSTALL: '${{ matrix.build.install }}'
MATRIX_MACOS_VERSION_MIN: '${{ matrix.build.macos-version-min }}'
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -78,15 +81,15 @@ jobs:
configure: --enable-debug --without-ssl configure: --enable-debug --without-ssl
- name: '!ssl libssh2 AppleIDN' - name: '!ssl libssh2 AppleIDN'
compiler: clang compiler: clang
configure: --enable-debug --with-libssh2=$(brew --prefix libssh2) --without-ssl --with-apple-idn configure: --enable-debug --with-libssh2=/opt/homebrew/opt/libssh2 --without-ssl --with-apple-idn
- name: 'OpenSSL libssh c-ares' - name: 'OpenSSL libssh c-ares'
compiler: clang compiler: clang
install: libssh install: libssh
configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --enable-ares configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --enable-ares
- name: 'OpenSSL libssh' - name: 'OpenSSL libssh'
compiler: llvm@15 compiler: llvm@15
install: libssh libnghttp3 install: libssh libnghttp3
configure: --enable-debug --with-libssh --with-openssl=$(brew --prefix openssl) --with-openssl-quic configure: --enable-debug --with-libssh --with-openssl=/opt/homebrew/opt/openssl --with-openssl-quic
- name: '!ssl c-ares' - name: '!ssl c-ares'
compiler: clang compiler: clang
configure: --enable-debug --enable-ares --without-ssl configure: --enable-debug --enable-ares --without-ssl
@ -104,68 +107,68 @@ jobs:
macos-version-min: '10.15' # Catalina (2019) macos-version-min: '10.15' # Catalina (2019)
- name: 'SecureTransport libssh2' - name: 'SecureTransport libssh2'
compiler: clang compiler: clang
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.8' macos-version-min: '10.8'
- name: 'SecureTransport libssh2 10.12' - name: 'SecureTransport libssh2 10.12'
compiler: clang compiler: clang
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.12' # for monotonic timers macos-version-min: '10.12' # for monotonic timers
- name: 'SecureTransport libssh2' - name: 'SecureTransport libssh2'
compiler: gcc-12 compiler: gcc-12
configure: --enable-debug --with-secure-transport --with-libssh2=$(brew --prefix libssh2) configure: --enable-debug --with-secure-transport --with-libssh2=/opt/homebrew/opt/libssh2
macos-version-min: '10.8' macos-version-min: '10.8'
- name: 'LibreSSL +examples' - name: 'LibreSSL +examples'
compiler: clang compiler: clang
install: libressl install: libressl
install_steps: pytest install_steps: pytest
configure: --enable-debug --with-openssl=$(brew --prefix libressl) configure: --enable-debug --with-openssl=/opt/homebrew/opt/libressl
- name: 'OpenSSL' - name: 'OpenSSL'
compiler: clang compiler: clang
install_steps: pytest install_steps: pytest
configure: --enable-debug --with-openssl=$(brew --prefix openssl) configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl
- name: 'OpenSSL event-based' - name: 'OpenSSL event-based'
compiler: clang compiler: clang
configure: --enable-debug --with-openssl=$(brew --prefix openssl) configure: --enable-debug --with-openssl=/opt/homebrew/opt/openssl
tflags: --test-event tflags: --test-event
- name: 'quictls libssh2 !ldap 10.15' - name: 'quictls libssh2 !ldap 10.15'
compiler: clang compiler: clang
install: quictls install: quictls
configure: --enable-debug --disable-ldap --with-openssl=$(brew --prefix quictls) LDFLAGS="${LDFLAGS} -L$(brew --prefix quictls)/lib" configure: --enable-debug --disable-ldap --with-openssl=/opt/homebrew/opt/quictls LDFLAGS=-L/opt/homebrew/opt/quictls/lib
macos-version-min: '10.15' macos-version-min: '10.15'
# cmake # cmake
- name: 'OpenSSL gsasl rtmp AppleIDN' - name: 'OpenSSL gsasl rtmp AppleIDN'
install: gsasl rtmpdump install: gsasl rtmpdump
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON
- name: 'MultiSSL AppleIDN clang-tidy +examples' - name: 'MultiSSL AppleIDN clang-tidy +examples'
install: llvm brotli zstd gnutls nettle mbedtls gsasl rtmpdump fish install: llvm brotli zstd gnutls nettle mbedtls gsasl rtmpdump fish
generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=$(brew --prefix llvm)/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON generate: -DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl -DCURL_DEFAULT_SSL_BACKEND=openssl -DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DENABLE_ARES=ON -DCURL_USE_GSASL=ON -DUSE_LIBRTMP=ON -DUSE_APPLE_IDN=ON -DUSE_SSLS_EXPORT=ON -DCURL_CLANG_TIDY=ON -DCLANG_TIDY=/opt/homebrew/opt/llvm/bin/clang-tidy -DCURL_COMPLETION_FISH=ON -DCURL_COMPLETION_ZSH=ON
clang-tidy: true clang-tidy: true
chkprefill: _chkprefill chkprefill: _chkprefill
- name: 'quictls +static libssh +examples' - name: 'quictls +static libssh +examples'
install: quictls libssh install: quictls libssh
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix quictls) -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/quictls -DBUILD_STATIC_LIBS=ON -DCURL_USE_LIBSSH2=OFF -DCURL_USE_LIBSSH=ON
- name: 'SecureTransport debug' - name: 'SecureTransport debug'
generate: -DCURL_USE_SECTRANSP=ON -DENABLE_DEBUG=ON generate: -DCURL_USE_SECTRANSP=ON -DENABLE_DEBUG=ON
macos-version-min: '10.8' macos-version-min: '10.8'
- name: 'LibreSSL !ldap heimdal c-ares +examples' - name: 'LibreSSL !ldap heimdal c-ares +examples'
install: libressl heimdal install: libressl heimdal
generate: -DOPENSSL_ROOT_DIR=$(brew --prefix libressl) -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix heimdal) -DCURL_DISABLE_LDAP=ON generate: -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/libressl -DENABLE_ARES=ON -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/heimdal -DCURL_DISABLE_LDAP=ON
- name: 'wolfSSL !ldap brotli zstd' - name: 'wolfSSL !ldap brotli zstd'
install: brotli wolfssl zstd install: brotli wolfssl zstd
install_steps: pytest install_steps: pytest
generate: -DCURL_USE_WOLFSSL=ON -DCURL_DISABLE_LDAP=ON -DUSE_ECH=ON generate: -DCURL_USE_WOLFSSL=ON -DCURL_DISABLE_LDAP=ON -DUSE_ECH=ON
- name: 'mbedTLS openldap brotli zstd' - name: 'mbedTLS openldap brotli zstd'
install: brotli mbedtls zstd openldap install: brotli mbedtls zstd openldap
generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR="$(brew --prefix openldap)/include" -DLDAP_LIBRARY="$(brew --prefix openldap)/lib/libldap.dylib" -DLDAP_LBER_LIBRARY="$(brew --prefix openldap)/lib/liblber.dylib" generate: -DCURL_USE_MBEDTLS=ON -DLDAP_INCLUDE_DIR=/opt/homebrew/opt/openldap/include -DLDAP_LIBRARY=/opt/homebrew/opt/openldap/lib/libldap.dylib -DLDAP_LBER_LIBRARY=/opt/homebrew/opt/openldap/lib/liblber.dylib
- name: 'GnuTLS !ldap krb5' - name: 'GnuTLS !ldap krb5'
install: gnutls nettle krb5 install: gnutls nettle krb5
generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=$(brew --prefix krb5) -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON generate: -DCURL_USE_GNUTLS=ON -DCURL_USE_OPENSSL=OFF -DCURL_USE_GSSAPI=ON -DGSS_ROOT_DIR=/opt/homebrew/opt/krb5 -DCURL_DISABLE_LDAP=ON -DUSE_SSLS_EXPORT=ON
- name: 'OpenSSL torture !FTP' - name: 'OpenSSL torture !FTP'
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl
tflags: -t --shallow=25 !FTP tflags: -t --shallow=25 !FTP
torture: true torture: true
- name: 'OpenSSL torture FTP' - name: 'OpenSSL torture FTP'
generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=$(brew --prefix openssl) generate: -DENABLE_DEBUG=ON -DBUILD_SHARED_LIBS=OFF -DENABLE_THREADED_RESOLVER=OFF -DOPENSSL_ROOT_DIR=/opt/homebrew/opt/openssl
tflags: -t --shallow=20 FTP tflags: -t --shallow=20 FTP
torture: true torture: true
exclude: exclude:
@ -187,33 +190,35 @@ jobs:
# Run this command with retries because of spurious failures seen # Run this command with retries because of spurious failures seen
# while running the tests, for example # while running the tests, for example
# https://github.com/curl/curl/runs/4095721123?check_suite_focus=true # https://github.com/curl/curl/runs/4095721123?check_suite_focus=true
# zizmor: ignore[template-injection] env:
INSTALL_PACKAGES: >-
${{ matrix.build.generate && 'ninja' || 'automake libtool' }}
${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }}
${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }}
run: | run: |
echo ${{ matrix.build.generate && 'ninja' || 'automake libtool' }} \ echo pkgconf libpsl libssh2 ${INSTALL_PACKAGES} ${MATRIX_INSTALL} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
pkgconf libpsl libssh2 \ # shellcheck disable=SC2181,SC2034
${{ !matrix.build.clang-tidy && 'nghttp2 stunnel' || '' }} \ while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew bundle install --file /tmp/Brewfile; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
${{ contains(matrix.build.install_steps, 'pytest') && 'caddy httpd vsftpd' || '' }} \
${{ matrix.build.install }} | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done
- name: 'brew unlink openssl' - name: 'brew unlink openssl'
if: ${{ contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }} if: ${{ contains(matrix.build.install, 'libressl') || contains(matrix.build.install, 'quictls') }}
run: | run: |
if test -d $(brew --prefix)/include/openssl; then if [ -d /opt/homebrew/include/openssl ]; then
brew unlink openssl brew unlink openssl
fi fi
- name: 'toolchain versions' - name: 'toolchain versions'
run: | run: |
[[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" [[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
[[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot [[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot
which "${CC}"; "${CC}" --version || true command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true xcodebuild -version || true
xcrun --sdk macosx --show-sdk-path 2>/dev/null || true xcrun --sdk macosx --show-sdk-path 2>/dev/null || true
xcrun --sdk macosx --show-sdk-version || true xcrun --sdk macosx --show-sdk-version || true
ls -l /Library/Developer/CommandLineTools/SDKs || true ls -l /Library/Developer/CommandLineTools/SDKs || true
echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -224,31 +229,36 @@ jobs:
run: autoreconf -fi run: autoreconf -fi
- name: 'configure' - name: 'configure'
env:
MATRIX_CHKPREFILL: '${{ matrix.build.chkprefill }}'
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_INSTALL_STEPS: '${{ matrix.build.install_steps }}'
run: | run: |
if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then
sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for
else else
sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)"
fi fi
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
CC+=" --sysroot=${sysroot}" CC+=" --sysroot=${sysroot}"
CC+=" --target=$(uname -m)-apple-darwin" CC+=" --target=$(uname -m)-apple-darwin"
fi fi
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
for _chkprefill in '' ${{ matrix.build.chkprefill }}; do for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options='' options=''
[ -n '${{ matrix.build.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.build.macos-version-min }}' [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}"
[[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS [[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' -DVSFTPD=NO' # Skip ~20 tests that stretch run time by 7x on macOS
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja -D_CURL_PREFILL=ON \ cmake -B "bld${_chkprefill}" -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_INSTALL_PREFIX="$HOME/curl" \ -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
-DCMAKE_OSX_SYSROOT="${sysroot}" \ -DCMAKE_OSX_SYSROOT="${sysroot}" \
-DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \ -DCMAKE_C_COMPILER_TARGET="$(uname -m | sed 's/arm64/aarch64/')-apple-darwin$(uname -r)" \
${{ matrix.build.generate }} ${options} ${MATRIX_GENERATE} ${options}
done done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -256,19 +266,19 @@ jobs:
fi fi
else else
export CFLAGS export CFLAGS
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
options+=" --target=$(uname -m)-apple-darwin" options+=" --target=$(uname -m)-apple-darwin"
fi fi
if [ '${{ matrix.compiler }}' != 'clang' ]; then if [ "${MATRIX_COMPILER}" != 'clang' ]; then
options+=" --with-sysroot=${sysroot}" options+=" --with-sysroot=${sysroot}"
CFLAGS+=" --sysroot=${sysroot}" CFLAGS+=" --sysroot=${sysroot}"
fi fi
[ -n '${{ matrix.build.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.build.macos-version-min }}' [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}"
[[ '${{ matrix.build.install_steps }}' = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS [[ "${MATRIX_INSTALL_STEPS}" = *'pytest'* ]] && options+=' --with-test-vsftpd=no' # Skip ~20 tests that stretch run time by 7x on macOS
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \ --disable-dependency-tracking \
--with-libpsl=$(brew --prefix libpsl) \ --with-libpsl=/opt/homebrew/opt/libpsl \
${{ matrix.build.configure }} ${options} ${MATRIX_CONFIGURE} ${options}
fi fi
- name: 'configure log' - name: 'configure log'
@ -285,7 +295,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose cmake --build bld --verbose
else else
make -C bld V=1 make -C bld V=1
@ -300,7 +310,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target testdeps cmake --build bld --verbose --target testdeps
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
@ -309,28 +319,30 @@ jobs:
- name: 'install test prereqs' - name: 'install test prereqs'
if: ${{ !matrix.build.clang-tidy }} if: ${{ !matrix.build.clang-tidy }}
run: | run: |
python3 -m venv $HOME/venv python3 -m venv ~/venv
source $HOME/venv/bin/activate source ~/venv/bin/activate
python3 -m pip install -r tests/requirements.txt python3 -m pip install -r tests/requirements.txt
- name: 'run tests' - name: 'run tests'
if: ${{ !matrix.build.clang-tidy }} if: ${{ !matrix.build.clang-tidy }}
timeout-minutes: ${{ matrix.build.torture && 20 || 10 }} timeout-minutes: ${{ matrix.build.torture && 20 || 10 }}
# zizmor: ignore[template-injection] env:
TEST_TARGET: ${{ matrix.build.torture && 'test-torture' || 'test-ci' }}
TFLAGS: '${{ matrix.build.tflags }}'
run: | run: |
export TFLAGS='-j20 ${{ matrix.build.tflags }}' TFLAGS="-j20 ${TFLAGS}"
source $HOME/venv/bin/activate source ~/venv/bin/activate
rm -f $HOME/.curlrc rm -f ~/.curlrc
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} cmake --build bld --verbose --target "${TEST_TARGET}"
else else
make -C bld V=1 ${{ matrix.build.torture && 'test-torture' || 'test-ci' }} make -C bld V=1 "${TEST_TARGET}"
fi fi
- name: 'install pytest prereqs' - name: 'install pytest prereqs'
if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }} if: ${{ !matrix.build.clang-tidy && contains(matrix.build.install_steps, 'pytest') }}
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
python3 -m pip install -r tests/http/requirements.txt python3 -m pip install -r tests/http/requirements.txt
- name: 'run pytest' - name: 'run pytest'
@ -339,8 +351,8 @@ jobs:
PYTEST_ADDOPTS: '--color=yes' PYTEST_ADDOPTS: '--color=yes'
PYTEST_XDIST_AUTO_NUM_WORKERS: 4 PYTEST_XDIST_AUTO_NUM_WORKERS: 4
run: | run: |
source $HOME/venv/bin/activate source ~/venv/bin/activate
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-pytest-ci cmake --build bld --verbose --target curl-pytest-ci
else else
make -C bld V=1 pytest-ci make -C bld V=1 pytest-ci
@ -349,7 +361,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
if: ${{ contains(matrix.build.name, '+examples') }} if: ${{ contains(matrix.build.name, '+examples') }}
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose --target curl-examples cmake --build bld --verbose --target curl-examples
else else
make -C bld examples V=1 make -C bld examples V=1
@ -362,7 +374,12 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
env: env:
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.xcode && format('_{0}', matrix.xcode) || '' }}.app/Contents/Developer" DEVELOPER_DIR: "/Applications/Xcode${{ matrix.xcode && format('_{0}', matrix.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.compiler }} CC: '${{ matrix.compiler }}'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_COMPILER: '${{ matrix.compiler }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_IMAGE: '${{ matrix.image }}'
MATRIX_MACOS_VERSION_MIN: '${{ matrix.macos-version-min }}'
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -377,6 +394,7 @@ jobs:
# Ventura (2022) Sonoma (2023) Sequoia (2024) # Ventura (2022) Sonoma (2023) Sequoia (2024)
# https://github.com/actions/runner-images/tree/main/images/macos # https://github.com/actions/runner-images/tree/main/images/macos
# https://en.wikipedia.org/wiki/MacOS_version_history # https://en.wikipedia.org/wiki/MacOS_version_history
# TODO when dropping macos-13: replace '$(brew --prefix ...' with /opt/homebrew
image: [macos-13, macos-14, macos-15] image: [macos-13, macos-14, macos-15]
# Can skip these to reduce jobs: # Can skip these to reduce jobs:
# 15.1 has the same default macOS SDK as 15.2 and identical test results. # 15.1 has the same default macOS SDK as 15.2 and identical test results.
@ -417,14 +435,14 @@ jobs:
- name: 'install autotools' - name: 'install autotools'
if: ${{ matrix.build == 'autotools' }} if: ${{ matrix.build == 'autotools' }}
run: | run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile # shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions' - name: 'toolchain versions'
run: | run: |
[[ '${{ matrix.compiler }}' = 'llvm'* ]] && CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" [[ "${MATRIX_COMPILER}" = 'llvm'* ]] && CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
[[ '${{ matrix.compiler }}' = 'gcc'* ]] && "${CC}" --print-sysroot [[ "${MATRIX_COMPILER}" = 'gcc'* ]] && "${CC}" --print-sysroot
which "${CC}"; "${CC}" --version || true command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true xcodebuild -version || true
xcrun --sdk macosx --show-sdk-path 2>/dev/null || true xcrun --sdk macosx --show-sdk-path 2>/dev/null || true
xcrun --sdk macosx --show-sdk-version || true xcrun --sdk macosx --show-sdk-version || true
@ -442,27 +460,27 @@ jobs:
- name: 'configure / ${{ matrix.build }}' - name: 'configure / ${{ matrix.build }}'
run: | run: |
if [ '${{ matrix.compiler }}' = 'gcc-13' ] && [ '${{ matrix.image }}' = 'macos-15' ] ; then if [ "${MATRIX_COMPILER}" = 'gcc-13' ] && [ "${MATRIX_IMAGE}" = 'macos-15' ] ; then
# Ref: https://github.com/Homebrew/homebrew-core/issues/194778#issuecomment-2793243409 # Ref: https://github.com/Homebrew/homebrew-core/issues/194778#issuecomment-2793243409
/opt/homebrew/opt/gcc@13/libexec/gcc/aarch64-apple-darwin24/13/install-tools/mkheaders /opt/homebrew/opt/gcc@13/libexec/gcc/aarch64-apple-darwin24/13/install-tools/mkheaders
fi fi
if [[ '${{ matrix.compiler }}' = 'gcc'* ]]; then if [[ "${MATRIX_COMPILER}" = 'gcc'* ]]; then
sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for sysroot="$("${CC}" --print-sysroot)" # Must match the SDK gcc was built for
else else
sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)" sysroot="$(xcrun --sdk macosx --show-sdk-path 2>/dev/null)"
fi fi
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
CC="$(brew --prefix ${{ matrix.compiler }})/bin/clang" CC="$(brew --prefix "${MATRIX_COMPILER}")/bin/clang"
CC+=" --sysroot=${sysroot}" CC+=" --sysroot=${sysroot}"
CC+=" --target=$(uname -m)-apple-darwin" CC+=" --target=$(uname -m)-apple-darwin"
fi fi
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
[ '${{ matrix.config }}' = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON' [ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=' -DCURL_USE_OPENSSL=ON'
[ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON' [ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' -DCURL_USE_SECTRANSP=ON'
[ -n '${{ matrix.macos-version-min }}' ] && options+=' -DCMAKE_OSX_DEPLOYMENT_TARGET=${{ matrix.macos-version-min }}' [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && options+=" -DCMAKE_OSX_DEPLOYMENT_TARGET=${MATRIX_MACOS_VERSION_MIN}"
# would pick up nghttp2, libidn2, and libssh2 # would pick up nghttp2, libidn2, and libssh2
cmake -B bld -G Ninja -D_CURL_PREFILL=ON \ cmake -B bld -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
@ -475,16 +493,16 @@ jobs:
${options} ${options}
else else
export CFLAGS export CFLAGS
if [[ '${{ matrix.compiler }}' = 'llvm'* ]]; then if [[ "${MATRIX_COMPILER}" = 'llvm'* ]]; then
options+=" --target=$(uname -m)-apple-darwin" options+=" --target=$(uname -m)-apple-darwin"
fi fi
if [ '${{ matrix.compiler }}' != 'clang' ]; then if [ "${MATRIX_COMPILER}" != 'clang' ]; then
options+=" --with-sysroot=${sysroot}" options+=" --with-sysroot=${sysroot}"
CFLAGS+=" --sysroot=${sysroot}" CFLAGS+=" --sysroot=${sysroot}"
fi fi
[ '${{ matrix.config }}' = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)" [ "${MATRIX_CONFIG}" = 'OpenSSL' ] && options+=" --with-openssl=$(brew --prefix openssl)"
[ '${{ matrix.config }}' = 'SecureTransport' ] && options+=' --with-secure-transport' [ "${MATRIX_CONFIG}" = 'SecureTransport' ] && options+=' --with-secure-transport'
[ -n '${{ matrix.macos-version-min }}' ] && CFLAGS+=' -mmacosx-version-min=${{ matrix.macos-version-min }}' [ -n "${MATRIX_MACOS_VERSION_MIN}" ] && CFLAGS+=" -mmacosx-version-min=${MATRIX_MACOS_VERSION_MIN}"
# would pick up nghttp2, libidn2, but libssh2 is disabled by default # would pick up nghttp2, libidn2, but libssh2 is disabled by default
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \ --disable-dependency-tracking \
@ -505,7 +523,7 @@ jobs:
- name: 'build / ${{ matrix.build }}' - name: 'build / ${{ matrix.build }}'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose cmake --build bld --verbose
else else
make -C bld V=1 make -C bld V=1

251
.github/workflows/non-native.yml vendored
View file

@ -52,7 +52,10 @@ jobs:
persist-credentials: false persist-credentials: false
- name: 'cmake' - name: 'cmake'
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
MATRIX_ARCH: '${{ matrix.arch }}'
with: with:
environment_variables: MATRIX_ARCH
operating_system: 'netbsd' operating_system: 'netbsd'
version: '10.1' version: '10.1'
architecture: ${{ matrix.arch }} architecture: ${{ matrix.arch }}
@ -60,6 +63,7 @@ jobs:
# https://pkgsrc.se/ # https://pkgsrc.se/
time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket time sudo pkgin -y install cmake ninja-build pkg-config perl brotli heimdal openldap-client libssh2 libidn2 libpsl nghttp2 py311-impacket
time cmake -B bld -G Ninja \ time cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
@ -69,8 +73,9 @@ jobs:
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld time cmake --build bld
time cmake --install bld
bld/src/curl --disable --version bld/src/curl --disable --version
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps time cmake --build bld --target testdeps
export TFLAGS='-j8' export TFLAGS='-j8'
time cmake --build bld --target test-ci time cmake --build bld --target test-ci
@ -92,7 +97,10 @@ jobs:
persist-credentials: false persist-credentials: false
- name: 'cmake' - name: 'cmake'
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
MATRIX_ARCH: '${{ matrix.arch }}'
with: with:
environment_variables: MATRIX_ARCH
operating_system: 'openbsd' operating_system: 'openbsd'
version: '7.7' version: '7.7'
architecture: ${{ matrix.arch }} architecture: ${{ matrix.arch }}
@ -101,6 +109,7 @@ jobs:
# https://www.openbsd.org/faq/faq15.html # https://www.openbsd.org/faq/faq15.html
time sudo pkg_add cmake ninja brotli openldap-client-- libssh2 libidn2 libpsl nghttp2 py3-six py3-impacket time sudo pkg_add cmake ninja brotli openldap-client-- libssh2 libidn2 libpsl nghttp2 py3-six py3-impacket
time cmake -B bld -G Ninja \ time cmake -B bld -G Ninja \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \ -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
@ -109,8 +118,9 @@ jobs:
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld time cmake --build bld
time cmake --install bld
bld/src/curl --disable --version bld/src/curl --disable --version
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps time cmake --build bld --target testdeps
export TFLAGS='-j8' export TFLAGS='-j8'
time cmake --build bld --target test-ci time cmake --build bld --target test-ci
@ -135,84 +145,95 @@ jobs:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
persist-credentials: false persist-credentials: false
- name: 'autotools' - name: '${{ matrix.build }}'
if: ${{ matrix.build == 'autotools' }}
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0 uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
env:
CC: '${{ matrix.compiler }}'
MATRIX_ARCH: '${{ matrix.arch }}'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_DESC: '${{ matrix.desc }}'
MATRIX_OPTIONS: '${{ matrix.options }}'
with: with:
environment_variables: CC MATRIX_ARCH MATRIX_BUILD MATRIX_DESC MATRIX_OPTIONS
operating_system: 'freebsd' operating_system: 'freebsd'
version: '14.2' version: '14.2'
architecture: ${{ matrix.arch }} architecture: ${{ matrix.arch }}
run: | run: |
export MAKEFLAGS=-j3
export CURL_CI=github export CURL_CI=github
# https://ports.freebsd.org/ # https://ports.freebsd.org/
time sudo pkg install -y autoconf automake libtool \ if [ "${MATRIX_BUILD}" = 'cmake' ]; then
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket time sudo pkg install -y cmake-core ninja perl5 \
time autoreconf -fi pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
export CC='${{ matrix.compiler }}' else
if [ '${{ matrix.arch }}' != 'x86_64' ]; then time sudo pkg install -y autoconf automake libtool \
options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
fi export MAKEFLAGS=-j3
mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ fi
--prefix="${HOME}"/install \
--with-openssl \ if [ "${MATRIX_BUILD}" = 'cmake' ]; then
--with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \ time cmake -B bld -G Ninja \
--disable-dependency-tracking \ -DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
${options} \ -DCMAKE_C_COMPILER="${CC}" \
${{ matrix.options }} \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
|| { tail -n 1000 config.log; false; } -DCURL_WERROR=ON \
echo '::group::curl_config.h (raw)'; cat lib/curl_config.h || true; echo '::endgroup::' -DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
echo '::group::curl_config.h'; grep -F '#define' lib/curl_config.h | sort || true; echo '::endgroup::' -DCURL_USE_OPENSSL=ON \
time make install -DCURL_USE_GSSAPI=ON \
src/curl --disable --version ${MATRIX_OPTIONS} \
desc='${{ matrix.desc }}' || { cat bld/CMakeFiles/CMake*.yaml; false; }
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU else
time make -C tests time autoreconf -fi
if [ "${desc#*!runtests*}" = "${desc}" ]; then if [ "${MATRIX_ARCH}" != 'x86_64' ]; then
time make test-ci V=1 TFLAGS='-j8' options='--disable-manual --disable-docs' # Slow with autotools, skip on emulated CPU
fi fi
fi mkdir bld && cd bld
if [ "${desc#*!examples*}" = "${desc}" ]; then time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
echo '::group::build examples' --prefix="$HOME"/curl-install \
time make examples --with-openssl \
echo '::endgroup::' --with-brotli --enable-ldap --enable-ldaps --with-libidn2 --with-libssh2 --with-nghttp2 --with-gssapi \
--disable-dependency-tracking \
${options} \
${MATRIX_OPTIONS} \
|| { tail -n 1000 config.log; false; }
cd ..
fi fi
- name: 'cmake'
if: ${{ matrix.build == 'cmake' }}
uses: cross-platform-actions/action@97419d18f6470332677e345e9df97cdc71244ead # v0.28.0
with:
operating_system: 'freebsd'
version: '14.1'
architecture: ${{ matrix.arch }}
run: |
# https://ports.freebsd.org/
time sudo pkg install -y cmake-core ninja perl5 \
pkgconf brotli openldap26-client libidn2 libnghttp2 stunnel py311-impacket
time cmake -B bld -G Ninja \
-DCMAKE_C_COMPILER='${{ matrix.compiler }}' \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \
-DENABLE_DEBUG=ON -DCMAKE_BUILD_TYPE=Debug \
-DCURL_USE_OPENSSL=ON \
-DCURL_USE_GSSAPI=ON \
${{ matrix.options }} \
|| { cat bld/CMakeFiles/CMake*.yaml; false; }
echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::curl_config.h (raw)'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::' echo '::group::curl_config.h'; grep -F '#define' bld/lib/curl_config.h | sort || true; echo '::endgroup::'
time cmake --build bld
if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld
time cmake --install bld
else
time make -C bld install
fi
bld/src/curl --disable --version bld/src/curl --disable --version
desc='${{ matrix.desc }}'
if [ '${{ matrix.arch }}' = 'x86_64' ]; then # Slow on emulated CPU if [ "${MATRIX_ARCH}" = 'x86_64' ]; then # Slow on emulated CPU
time cmake --build bld --target testdeps if [ "${MATRIX_BUILD}" = 'cmake' ]; then
if [ "${desc#*!runtests*}" = "${desc}" ]; then time cmake --build bld --target testdeps
else
time make -C bld -C tests
fi
if [ "${MATRIX_DESC#*!runtests*}" = "${MATRIX_DESC}" ]; then
export TFLAGS='-j8' export TFLAGS='-j8'
time cmake --build bld --target test-ci if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld --verbose --target test-ci
else
time make -C bld V=1 test-ci
fi
fi fi
fi fi
if [ "${desc#*!examples*}" = "${desc}" ]; then
if [ "${MATRIX_DESC#*!examples*}" = "${MATRIX_DESC}" ]; then
echo '::group::build examples' echo '::group::build examples'
time cmake --build bld --target curl-examples if [ "${MATRIX_BUILD}" = 'cmake' ]; then
time cmake --build bld --target curl-examples
else
time make -C bld examples
fi
echo '::endgroup::' echo '::endgroup::'
fi fi
@ -236,8 +257,9 @@ jobs:
export MAKEFLAGS=-j3 export MAKEFLAGS=-j3
export CURL_CI=github export CURL_CI=github
time autoreconf -fi time autoreconf -fi
mkdir bld && cd bld && time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \ mkdir bld && cd bld
--prefix="${HOME}"/install \ time ../configure --enable-unity --enable-test-bundles --enable-debug --enable-warnings --enable-werror \
--prefix="$HOME"/curl-install \
--with-openssl \ --with-openssl \
--disable-dependency-tracking \ --disable-dependency-tracking \
|| { tail -n 1000 config.log; false; } || { tail -n 1000 config.log; false; }
@ -259,24 +281,26 @@ jobs:
MAKEFLAGS: -j 4 MAKEFLAGS: -j 4
DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer" DEVELOPER_DIR: "/Applications/Xcode${{ matrix.build.xcode && format('_{0}', matrix.build.xcode) || '' }}.app/Contents/Developer"
CC: ${{ matrix.build.compiler || 'clang' }} CC: ${{ matrix.build.compiler || 'clang' }}
MATRIX_BUILD: ${{ matrix.build.generate && 'cmake' || 'autotools' }}
MATRIX_OPTIONS: ${{ matrix.build.options }}
# renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com # renovate: datasource=github-tags depName=libressl-portable/portable versioning=semver registryUrl=https://github.com
libressl-version: 4.1.0 LIBRESSL_VERSION: 4.1.0
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
build: build:
- name: 'libressl' - name: 'libressl'
install_steps: libressl install_steps: libressl
configure: --with-openssl="$HOME/libressl" --without-libpsl configure: --with-openssl=/Users/runner/libressl --without-libpsl
- name: 'libressl' - name: 'libressl'
install_steps: libressl install_steps: libressl
# FIXME: Could not make OPENSSL_ROOT_DIR work. CMake seems to prepend sysroot to it. # FIXME: Could not make OPENSSL_ROOT_DIR work. CMake seems to prepend sysroot to it.
generate: >- generate: >-
-DCMAKE_BUILD_TYPE=Release -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCMAKE_BUILD_TYPE=Release -DCMAKE_UNITY_BUILD_BATCH_SIZE=50
-DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" -DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include
-DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" -DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a
-DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" -DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a
-DCURL_USE_LIBPSL=OFF -DCURL_USE_LIBPSL=OFF
- name: 'libressl' - name: 'libressl'
@ -286,27 +310,27 @@ jobs:
generate: >- generate: >-
-DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF -DCMAKE_XCODE_ATTRIBUTE_CODE_SIGNING_ALLOWED=OFF
-DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl -DMACOSX_BUNDLE_GUI_IDENTIFIER=se.curl
-DOPENSSL_INCLUDE_DIR="$HOME/libressl/include" -DOPENSSL_INCLUDE_DIR=/Users/runner/libressl/include
-DOPENSSL_SSL_LIBRARY="$HOME/libressl/lib/libssl.a" -DOPENSSL_SSL_LIBRARY=/Users/runner/libressl/lib/libssl.a
-DOPENSSL_CRYPTO_LIBRARY="$HOME/libressl/lib/libcrypto.a" -DOPENSSL_CRYPTO_LIBRARY=/Users/runner/libressl/lib/libcrypto.a
-DCURL_USE_LIBPSL=OFF -DCURL_USE_LIBPSL=OFF
steps: steps:
- name: 'brew install' - name: 'brew install'
if: ${{ matrix.build.configure }} if: ${{ matrix.build.configure }}
run: | run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile # shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'toolchain versions' - name: 'toolchain versions'
run: | run: |
which "${CC}"; "${CC}" --version || true command -v "${CC}"; "${CC}" --version || true
xcodebuild -version || true xcodebuild -version || true
xcodebuild -sdk -version | grep '^Path:' || true xcodebuild -sdk -version | grep '^Path:' || true
xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true xcrun --sdk iphoneos --show-sdk-path 2>/dev/null || true
xcrun --sdk iphoneos --show-sdk-version || true xcrun --sdk iphoneos --show-sdk-version || true
echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::' echo '::group::macros predefined'; "${CC}" -dM -E - < /dev/null | sort || true; echo '::endgroup::'
echo '::group::brew packages installed'; ls -l "$(brew --prefix)/opt"; echo '::endgroup::' echo '::group::brew packages installed'; ls -l /opt/homebrew/opt; echo '::endgroup::'
- name: 'cache libressl' - name: 'cache libressl'
if: contains(matrix.build.install_steps, 'libressl') if: contains(matrix.build.install_steps, 'libressl')
@ -316,18 +340,18 @@ jobs:
cache-name: cache-libressl cache-name: cache-libressl
with: with:
path: ~/libressl path: ~/libressl
key: iOS-${{ env.cache-name }}-${{ env.libressl-version }} key: iOS-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'build libressl' - name: 'build libressl'
if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true' if: contains(matrix.build.install_steps, 'libressl') && steps.cache-libressl.outputs.cache-hit != 'true'
run: | run: |
curl -LsSf --retry 6 --retry-connrefused --max-time 999 \ curl -LsSf --retry 6 --retry-connrefused --max-time 999 \
https://github.com/libressl/portable/releases/download/v${{ env.libressl-version }}/libressl-${{ env.libressl-version }}.tar.gz | tar -x "https://github.com/libressl/portable/releases/download/v${LIBRESSL_VERSION}/libressl-${LIBRESSL_VERSION}.tar.gz" | tar -x
cd libressl-${{ env.libressl-version }} cd "libressl-${LIBRESSL_VERSION}"
# FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0' # FIXME: on the 4.0.1 release, delete '-DHAVE_ENDIAN_H=0'
cmake -B . -G Ninja \ cmake -B . -G Ninja \
-DHAVE_ENDIAN_H=0 \ -DHAVE_ENDIAN_H=0 \
-DCMAKE_INSTALL_PREFIX="$HOME/libressl" \ -DCMAKE_INSTALL_PREFIX=/Users/runner/libressl \
-DCMAKE_SYSTEM_NAME=iOS \ -DCMAKE_SYSTEM_NAME=iOS \
-DCMAKE_SYSTEM_PROCESSOR=aarch64 \ -DCMAKE_SYSTEM_PROCESSOR=aarch64 \
-DBUILD_SHARED_LIBS=OFF \ -DBUILD_SHARED_LIBS=OFF \
@ -345,22 +369,26 @@ jobs:
run: autoreconf -fi run: autoreconf -fi
- name: 'configure' - name: 'configure'
env:
MATRIX_CONFIGURE: '${{ matrix.build.configure }}'
MATRIX_GENERATE: '${{ matrix.build.generate }}'
MATRIX_GENERATOR: '${{ matrix.build.generator }}'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
# https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-ios-tvos-visionos-or-watchos # https://cmake.org/cmake/help/latest/manual/cmake-toolchains.7.html#cross-compiling-for-ios-tvos-visionos-or-watchos
[ -n '${{ matrix.build.generator }}' ] && options='-G ${{ matrix.build.generator }}' [ -n "${MATRIX_GENERATOR}" ] && options="-G ${MATRIX_GENERATOR}"
cmake -B bld -G Ninja -D_CURL_PREFILL=ON \ cmake -B bld -G Ninja -D_CURL_PREFILL=ON \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
-DCMAKE_SYSTEM_NAME=iOS \ -DCMAKE_SYSTEM_NAME=iOS \
-DUSE_APPLE_IDN=ON \ -DUSE_APPLE_IDN=ON \
${{ matrix.build.generate }} ${options} ${MATRIX_GENERATE} ${options}
else else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--disable-dependency-tracking \ --disable-dependency-tracking \
CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \ CFLAGS="-isysroot $(xcrun --sdk iphoneos --show-sdk-path 2>/dev/null)" \
--host=aarch64-apple-darwin \ --host=aarch64-apple-darwin \
--with-apple-idn \ --with-apple-idn \
${{ matrix.build.configure }} ${MATRIX_CONFIGURE}
fi fi
- name: 'configure log' - name: 'configure log'
@ -374,8 +402,8 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --verbose cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --verbose
else else
make -C bld V=1 make -C bld V=1
fi fi
@ -385,16 +413,16 @@ jobs:
- name: 'build tests' - name: 'build tests'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --target testdeps --verbose cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target testdeps --verbose
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
fi fi
- name: 'build examples' - name: 'build examples'
run: | run: |
if [ -n '${{ matrix.build.generate }}' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld ${{ matrix.build.options }} --parallel 4 --target curl-examples --verbose cmake --build bld ${MATRIX_OPTIONS} --parallel 4 --target curl-examples --verbose
else else
make -C bld examples V=1 make -C bld examples V=1
fi fi
@ -405,6 +433,7 @@ jobs:
timeout-minutes: 25 timeout-minutes: 25
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
MATRIX_BUILD: '${{ matrix.build }}'
strategy: strategy:
matrix: matrix:
include: include:
@ -431,23 +460,26 @@ jobs:
run: autoreconf -fi run: autoreconf -fi
- name: 'configure' - name: 'configure'
env:
MATRIX_OPTIONS: '${{ matrix.options }}'
MATRIX_PLATFORM: '${{ matrix.platform }}'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake if [ "${MATRIX_BUILD}" = 'cmake' ]; then # https://developer.android.com/ndk/guides/cmake
cmake -B bld -G Ninja \ cmake -B bld -G Ninja \
-DANDROID_ABI=arm64-v8a \ -DANDROID_ABI=arm64-v8a \
-DANDROID_PLATFORM='android-${{ matrix.platform }}' \ -DANDROID_PLATFORM="android-${MATRIX_PLATFORM}" \
-DCMAKE_TOOLCHAIN_FILE="${ANDROID_NDK_HOME}/build/cmake/android.toolchain.cmake" -DCMAKE_WARN_DEPRECATED=OFF \ -DCMAKE_TOOLCHAIN_FILE="${ANDROID_NDK_HOME}/build/cmake/android.toolchain.cmake" -DCMAKE_WARN_DEPRECATED=OFF \
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
${{ matrix.options }} ${MATRIX_OPTIONS}
else else
TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64" TOOLCHAIN="${ANDROID_NDK_HOME}/toolchains/llvm/prebuilt/linux-x86_64"
mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
CC="$TOOLCHAIN/bin/aarch64-linux-android${{ matrix.platform }}-clang" \ CC="$TOOLCHAIN/bin/aarch64-linux-android${MATRIX_PLATFORM}-clang" \
AR="$TOOLCHAIN/bin/llvm-ar" \ AR="$TOOLCHAIN/bin/llvm-ar" \
RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \ RANLIB="$TOOLCHAIN/bin/llvm-ranlib" \
--host=aarch64-linux-android${{ matrix.platform }} \ --host="aarch64-linux-android${MATRIX_PLATFORM}" \
${{ matrix.options }} ${MATRIX_OPTIONS}
fi fi
- name: 'configure log' - name: 'configure log'
@ -461,7 +493,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --verbose cmake --build bld --verbose
else else
make -C bld V=1 make -C bld V=1
@ -472,7 +504,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --target testdeps
else else
make -C bld -C tests make -C bld -C tests
@ -480,7 +512,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --target curl-examples
else else
make -C bld examples make -C bld examples
@ -492,7 +524,8 @@ jobs:
timeout-minutes: 5 timeout-minutes: 5
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
toolchain-version: '3.4' MATRIX_BUILD: '${{ matrix.build }}'
TOOLCHAIN_VERSION: '3.4'
strategy: strategy:
matrix: matrix:
build: [autotools, cmake] build: [autotools, cmake]
@ -508,15 +541,15 @@ jobs:
id: cache-compiler id: cache-compiler
with: with:
path: ~/djgpp path: ~/djgpp
key: ${{ runner.os }}-djgpp-${{ env.toolchain-version }}-amd64 key: ${{ runner.os }}-djgpp-${{ env.TOOLCHAIN_VERSION }}-amd64
- name: 'install compiler (djgpp)' - name: 'install compiler (djgpp)'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
run: | run: |
cd "${HOME}" || exit 1 cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 \
--location 'https://github.com/andrewwutw/build-djgpp/releases/download/v${{ env.toolchain-version }}/djgpp-linux64-gcc1220.tar.bz2' | tar -xj --location "https://github.com/andrewwutw/build-djgpp/releases/download/v${TOOLCHAIN_VERSION}/djgpp-linux64-gcc1220.tar.bz2" | tar -xj
cd djgpp || exit 1 cd djgpp
for f in wat3211b.zip zlb13b.zip ssl102ub.zip; do for f in wat3211b.zip zlb13b.zip ssl102ub.zip; do
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \
"https://www.delorie.com/pub/djgpp/current/v2tk/$f" --output bin.zip "https://www.delorie.com/pub/djgpp/current/v2tk/$f" --output bin.zip
@ -530,7 +563,7 @@ jobs:
- name: 'configure' - name: 'configure'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \ cmake -B bld -G Ninja \
-DCMAKE_SYSTEM_NAME=DOS \ -DCMAKE_SYSTEM_NAME=DOS \
-DCMAKE_SYSTEM_PROCESSOR=x86 \ -DCMAKE_SYSTEM_PROCESSOR=x86 \
@ -570,7 +603,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld cmake --build bld
else else
make -C bld make -C bld
@ -582,7 +615,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --target testdeps
else else
make -C bld -C tests make -C bld -C tests
@ -591,7 +624,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --target curl-examples
else else
make -C bld examples make -C bld examples

245
.github/workflows/windows.yml vendored
View file

@ -49,6 +49,7 @@ jobs:
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
SHELLOPTS: 'igncr' SHELLOPTS: 'igncr'
MATRIX_BUILD: '${{ matrix.build }}'
strategy: strategy:
matrix: matrix:
include: include:
@ -88,19 +89,22 @@ jobs:
- name: 'configure' - name: 'configure'
timeout-minutes: 5 timeout-minutes: 5
env:
MATRIX_CONFIG: '${{ matrix.config }}'
run: | run: |
PATH=/usr/bin PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja -D_CURL_PREFILL=ON ${options} \ cmake -B bld -G Ninja -D_CURL_PREFILL=ON ${options} \
-DCMAKE_INSTALL_PREFIX="$HOME"/curl-install \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
${{ matrix.config }} ${MATRIX_CONFIG}
else else
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--prefix="${HOME}"/install \ --prefix="$HOME"/curl-install \
--with-libssh2 \ --with-libssh2 \
--disable-dependency-tracking \ --disable-dependency-tracking \
${{ matrix.config }} ${MATRIX_CONFIG}
fi fi
- name: 'configure log' - name: 'configure log'
@ -119,8 +123,9 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
run: | run: |
PATH=/usr/bin PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld cmake --build bld --verbose
cmake --install bld --verbose
else else
make -C bld V=1 install make -C bld V=1 install
fi fi
@ -130,7 +135,7 @@ jobs:
run: | run: |
PATH=/usr/bin PATH=/usr/bin
find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH" PATH="$PWD/bld/lib:$PATH"
fi fi
bld/src/curl.exe --disable --version bld/src/curl.exe --disable --version
@ -140,8 +145,8 @@ jobs:
timeout-minutes: 15 timeout-minutes: 15
run: | run: |
PATH=/usr/bin PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --verbose --target testdeps
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
fi fi
@ -149,15 +154,17 @@ jobs:
- name: 'run tests' - name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 15 timeout-minutes: 15
env:
TFLAGS: '${{ matrix.tflags }}'
run: | run: |
PATH=/usr/bin PATH=/usr/bin
export TFLAGS='-j8 ${{ matrix.tflags }}' TFLAGS="-j8 ${TFLAGS}"
if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
fi fi
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH" PATH="$PWD/bld/lib:$PATH"
cmake --build bld --target test-ci cmake --build bld --verbose --target test-ci
else else
make -C bld V=1 test-ci make -C bld V=1 test-ci
fi fi
@ -167,8 +174,8 @@ jobs:
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
PATH=/usr/bin PATH=/usr/bin
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --verbose --target curl-examples
else else
make -C bld V=1 examples make -C bld V=1 examples
fi fi
@ -182,6 +189,9 @@ jobs:
shell: msys2 {0} shell: msys2 {0}
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_SYS: '${{ matrix.sys }}'
MATRIX_TEST: '${{ matrix.test }}'
strategy: strategy:
matrix: matrix:
include: include:
@ -250,32 +260,39 @@ jobs:
- name: 'configure' - name: 'configure'
timeout-minutes: 5 timeout-minutes: 5
env:
CFLAGS: '${{ matrix.cflags }}'
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_ENV: '${{ matrix.env }}'
MATRIX_TYPE: '${{ matrix.type }}'
run: | run: |
if [ '${{ matrix.test }}' = 'uwp' ]; then if [ "${MATRIX_TEST}" = 'uwp' ]; then
CPPFLAGS='-DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP' CPPFLAGS='-DWINSTORECOMPAT -DWINAPI_FAMILY=WINAPI_FAMILY_APP'
if [[ '${{ matrix.env }}' != 'clang'* ]]; then if [[ "${MATRIX_ENV}" != 'clang'* ]]; then
specs="$(realpath gcc-specs-uwp)" specs="$(realpath gcc-specs-uwp)"
gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp/' -e 's/-lmsvcrt/-lucrtapp/' > "${specs}" gcc -dumpspecs | sed -e 's/-lmingwex/-lwindowsapp -lmingwex -lwindowsapp/' -e 's/-lmsvcrt/-lucrtapp/' > "${specs}"
CFLAGS="-specs=${specs}" CFLAGS="-specs=${specs}"
CFLAGS_CMAKE="-specs=$(cygpath -w "${specs}")" CFLAGS_CMAKE="-specs=$(cygpath -w "${specs}")"
fi fi
fi fi
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
for _chkprefill in '' ${{ matrix.chkprefill }}; do for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
if [[ '${{ matrix.env }}' = 'clang'* ]]; then if [[ "${MATRIX_ENV}" = 'clang'* ]]; then
options='-DCMAKE_C_COMPILER=clang' options='-DCMAKE_C_COMPILER=clang'
else else
options='-DCMAKE_C_COMPILER=gcc' options='-DCMAKE_C_COMPILER=gcc'
fi fi
[ '${{ matrix.sys }}' = 'msys' ] && options+=' -D_CURL_PREFILL=ON' [ "${MATRIX_SYS}" = 'msys' ] && options+=' -D_CURL_PREFILL=ON'
[ '${{ matrix.test }}' = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' [ "${MATRIX_TEST}" = 'uwp' ] && options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0'
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja ${options} \ cmake -B "bld${_chkprefill}" -G Ninja ${options} \
-DCMAKE_C_FLAGS="${{ matrix.cflags }} ${CFLAGS_CMAKE} ${CPPFLAGS}" \ -DCMAKE_INSTALL_PREFIX="${HOME}"/curl-install \
-DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ -DCMAKE_C_FLAGS="${CFLAGS_CMAKE} ${CPPFLAGS}" \
-DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
${{ matrix.config }} ${MATRIX_CONFIG}
done done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -284,10 +301,10 @@ jobs:
else else
export CFLAGS CPPFLAGS export CFLAGS CPPFLAGS
mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \ mkdir bld && cd bld && ../configure --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
--prefix="${HOME}"/install \ --prefix="$HOME"/curl-install \
--with-libssh2 \ --with-libssh2 \
--disable-dependency-tracking \ --disable-dependency-tracking \
${{ matrix.config }} ${MATRIX_CONFIG}
fi fi
- name: 'configure log' - name: 'configure log'
@ -298,12 +315,14 @@ jobs:
run: | run: |
echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::' echo '::group::raw'; cat bld/lib/curl_config.h || true; echo '::endgroup::'
grep -F '#define' bld/lib/curl_config.h | sort || true grep -F '#define' bld/lib/curl_config.h | sort || true
cat bld/cmake_install.cmake || true
- name: 'build' - name: 'build'
timeout-minutes: 10 timeout-minutes: 10
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld cmake --build bld --verbose
cmake --install bld --verbose
else else
make -C bld V=1 install make -C bld V=1 install
fi fi
@ -311,7 +330,7 @@ jobs:
- name: 'curl version' - name: 'curl version'
timeout-minutes: 1 timeout-minutes: 1
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH" PATH="$PWD/bld/lib:$PATH"
else else
PATH="$PWD/bld/lib/.libs:$PATH" PATH="$PWD/bld/lib/.libs:$PATH"
@ -319,7 +338,7 @@ jobs:
mv bld/src/.libs/curl.exe bld/src/curl.exe mv bld/src/.libs/curl.exe bld/src/curl.exe
fi fi
find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \; find . \( -name '*.exe' -o -name '*.dll' -o -name '*.a' \) -exec file '{}' \;
if [ '${{ matrix.test }}' != 'uwp' ]; then # curl: error initializing curl library if [ "${MATRIX_TEST}" != 'uwp' ]; then # curl: error initializing curl library
bld/src/curl.exe --disable --version bld/src/curl.exe --disable --version
fi fi
@ -327,12 +346,12 @@ jobs:
if: ${{ matrix.tflags != 'skipall' }} # Save time by skipping this for autotools if: ${{ matrix.tflags != 'skipall' }} # Save time by skipping this for autotools
timeout-minutes: 10 timeout-minutes: 10
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --verbose --target testdeps
else else
make -C bld V=1 -C tests make -C bld V=1 -C tests
fi fi
if [ '${{ matrix.build }}' != 'cmake' ]; then if [ "${MATRIX_BUILD}" != 'cmake' ]; then
# avoid libtool's .exe wrappers # avoid libtool's .exe wrappers
mv bld/tests/http/clients/.libs/*.exe bld/tests/http/clients mv bld/tests/http/clients/.libs/*.exe bld/tests/http/clients
mv bld/tests/libtest/.libs/*.exe bld/tests/libtest mv bld/tests/libtest/.libs/*.exe bld/tests/libtest
@ -360,11 +379,14 @@ jobs:
- name: 'run tests' - name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10 timeout-minutes: 10
env:
MATRIX_INSTALL: '${{ matrix.install }}'
TFLAGS: '${{ matrix.tflags }}'
run: | run: |
export TFLAGS='-j8 ${{ matrix.tflags }}' TFLAGS="-j8 ${TFLAGS}"
if [ '${{ matrix.sys }}' != 'msys' ]; then if [ "${MATRIX_SYS}" != 'msys' ]; then
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [[ '${{ matrix.install }}' = *'libssh2-wincng'* ]]; then if [[ "${MATRIX_INSTALL}" = *'libssh2-wincng'* ]]; then
TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804 TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804
fi fi
fi fi
@ -372,9 +394,9 @@ jobs:
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
fi fi
PATH="$PATH:/c/Program Files (x86)/stunnel/bin" PATH="$PATH:/c/Program Files (x86)/stunnel/bin"
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
PATH="$PWD/bld/lib:$PATH" PATH="$PWD/bld/lib:$PATH"
cmake --build bld --target test-ci cmake --build bld --verbose --target test-ci
else else
PATH="$PWD/bld/lib/.libs:$PATH" PATH="$PWD/bld/lib/.libs:$PATH"
make -C bld V=1 test-ci make -C bld V=1 test-ci
@ -384,8 +406,8 @@ jobs:
if: ${{ matrix.build == 'cmake' || (matrix.tflags == 'skipall' || matrix.tflags == 'skiprun') }} # Save time by skipping this for autotools running tests if: ${{ matrix.build == 'cmake' || (matrix.tflags == 'skipall' || matrix.tflags == 'skiprun') }} # Save time by skipping this for autotools running tests
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --verbose --target curl-examples
else else
make -C bld V=1 examples make -C bld V=1 examples
fi fi
@ -399,6 +421,7 @@ jobs:
shell: msys2 {0} shell: msys2 {0}
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
MATRIX_DIR: '${{ matrix.dir }}'
strategy: strategy:
matrix: matrix:
include: include:
@ -457,11 +480,13 @@ jobs:
- name: 'install compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})' - name: 'install compiler (gcc ${{ matrix.ver }}-${{ matrix.env }})'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
timeout-minutes: 5 timeout-minutes: 5
env:
MATRIX_URL: '${{ matrix.url }}'
run: | run: |
cd /d || exit 1 cd /d
mkdir my-cache mkdir my-cache
cd my-cache || exit 1 cd my-cache
curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https '${{ matrix.url }}' curl --fail --silent --show-error --retry 3 --retry-connrefused --output pack.bin --location --proto-redir =https "${MATRIX_URL}"
pwd pwd
7z x -y pack.bin >/dev/null 7z x -y pack.bin >/dev/null
rm -r -f pack.bin rm -r -f pack.bin
@ -475,18 +500,22 @@ jobs:
- name: 'configure' - name: 'configure'
timeout-minutes: 5 timeout-minutes: 5
env:
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
MATRIX_TYPE: '${{ matrix.type }}'
run: | run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
for _chkprefill in '' ${{ matrix.chkprefill }}; do for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options='' options=''
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" -G Ninja ${options} \ cmake -B "bld${_chkprefill}" -G Ninja ${options} \
-DCMAKE_C_COMPILER=gcc \ -DCMAKE_C_COMPILER=gcc \
-DCMAKE_BUILD_TYPE='${{ matrix.type }}' \ -DCMAKE_BUILD_TYPE="${MATRIX_TYPE}" \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=30 -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
-DUSE_LIBIDN2=OFF \ -DUSE_LIBIDN2=OFF \
${{ matrix.config }} ${MATRIX_CONFIG}
done done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -505,7 +534,7 @@ jobs:
- name: 'build' - name: 'build'
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld cmake --build bld
- name: 'curl version' - name: 'curl version'
@ -519,7 +548,7 @@ jobs:
if: ${{ matrix.tflags != 'skipall' }} if: ${{ matrix.tflags != 'skipall' }}
timeout-minutes: 10 timeout-minutes: 10
run: | run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld --target testdeps cmake --build bld --target testdeps
- name: 'install test prereqs' - name: 'install test prereqs'
@ -542,9 +571,11 @@ jobs:
- name: 'run tests' - name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10 timeout-minutes: 10
env:
TFLAGS: '${{ matrix.tflags }}'
run: | run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
export TFLAGS='-j8 ${{ matrix.tflags }}' TFLAGS="-j8 ${TFLAGS}"
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then if [ -x "$(cygpath "${SYSTEMROOT}/System32/curl.exe")" ]; then
TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")" TFLAGS+=" -ac $(cygpath "${SYSTEMROOT}/System32/curl.exe")"
@ -555,7 +586,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
PATH="/d/my-cache/${{ matrix.dir }}/bin:$PATH" PATH="/d/my-cache/${MATRIX_DIR}/bin:$PATH"
cmake --build bld --target curl-examples cmake --build bld --target curl-examples
linux-cross-mingw-w64: linux-cross-mingw-w64:
@ -565,6 +596,8 @@ jobs:
env: env:
MAKEFLAGS: -j 5 MAKEFLAGS: -j 5
TRIPLET: 'x86_64-w64-mingw32' TRIPLET: 'x86_64-w64-mingw32'
MATRIX_BUILD: '${{ matrix.build }}'
MATRIX_COMPILER: '${{ matrix.compiler }}'
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -575,11 +608,11 @@ jobs:
steps: steps:
- name: 'install packages' - name: 'install packages'
timeout-minutes: 5 timeout-minutes: 5
# zizmor: ignore[template-injection] env:
INSTALL_PACKAGES: ${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }}
run: | run: |
sudo rm -f /var/lib/man-db/auto-update sudo rm -f /var/lib/man-db/auto-update
sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 \ sudo apt-get -o Dpkg::Use-Pty=0 install mingw-w64 ${INSTALL_PACKAGES}
${{ matrix.compiler == 'clang-tidy' && 'clang' || '' }}
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -591,8 +624,8 @@ jobs:
- name: 'configure' - name: 'configure'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
if [ '${{ matrix.compiler }}' = 'clang-tidy' ]; then if [ "${MATRIX_COMPILER}" = 'clang-tidy' ]; then
options+=' -DCURL_CLANG_TIDY=ON' options+=' -DCURL_CLANG_TIDY=ON'
options+=' -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON' options+=' -DENABLE_UNICODE=ON -DUSE_SSLS_EXPORT=ON'
options+=' -DCMAKE_C_COMPILER=clang' options+=' -DCMAKE_C_COMPILER=clang'
@ -627,7 +660,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld cmake --build bld
else else
make -C bld make -C bld
@ -639,7 +672,7 @@ jobs:
- name: 'build tests' - name: 'build tests'
if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }} # Save time by skipping this for autotools and clang-tidy if: ${{ matrix.build == 'cmake' && matrix.compiler != 'clang-tidy' }} # Save time by skipping this for autotools and clang-tidy
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --target testdeps
else else
make -C bld -C tests make -C bld -C tests
@ -648,7 +681,7 @@ jobs:
- name: 'build examples' - name: 'build examples'
if: ${{ matrix.compiler != 'clang-tidy' }} # Save time by skipping this for clang-tidy if: ${{ matrix.compiler != 'clang-tidy' }} # Save time by skipping this for clang-tidy
run: | run: |
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --target curl-examples
else else
make -C bld examples make -C bld examples
@ -660,7 +693,8 @@ jobs:
timeout-minutes: 10 timeout-minutes: 10
env: env:
MAKEFLAGS: -j 4 MAKEFLAGS: -j 4
toolchain-version: '0.59.1' TOOLCHAIN_VERSION: '0.59.1'
MATRIX_BUILD: '${{ matrix.build }}'
strategy: strategy:
matrix: matrix:
build: [autotools, cmake] build: [autotools, cmake]
@ -670,23 +704,23 @@ jobs:
if: ${{ matrix.build == 'autotools' }} if: ${{ matrix.build == 'autotools' }}
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
echo automake libtool | xargs -Ix -n1 echo brew '"x"' > /tmp/Brewfile # shellcheck disable=SC2181,SC2034
while [[ $? == 0 ]]; do for i in 1 2 3; do brew update && brew bundle install --file /tmp/Brewfile && break 2 || { echo Error: wait to try again; sleep 10; } done; false Too many retries; done while [[ $? == 0 ]]; do for i in 1 2 3; do if brew update && brew install automake libtool; then break 2; else echo Error: wait to try again; sleep 10; fi; done; false Too many retries; done
- name: 'cache compiler (mingw32ce)' - name: 'cache compiler (mingw32ce)'
uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4 uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
id: cache-compiler id: cache-compiler
with: with:
path: ~/opt/mingw32ce path: ~/opt/mingw32ce
key: ${{ runner.os }}-mingw32ce-${{ env.toolchain-version }}-amd64 key: ${{ runner.os }}-mingw32ce-${{ env.TOOLCHAIN_VERSION }}-amd64
- name: 'install compiler (mingw32ce)' - name: 'install compiler (mingw32ce)'
if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }} if: ${{ steps.cache-compiler.outputs.cache-hit != 'true' }}
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
cd "${HOME}" || exit 1 cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 --retry-connrefused --proto-redir =https \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 3 --retry-connrefused --proto-redir =https \
--location 'https://downloads.sourceforge.net/cegcc/cegcc/${{ env.toolchain-version }}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2' | tar -x --location "https://downloads.sourceforge.net/cegcc/cegcc/${TOOLCHAIN_VERSION}/cegcc_mingw32ce_snowleopard_r1397.tar.bz2" | tar -x
ls -l ls -l
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
@ -696,7 +730,7 @@ jobs:
- name: 'configure' - name: 'configure'
run: | run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH" PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake -B bld -G Ninja \ cmake -B bld -G Ninja \
-DCMAKE_SYSTEM_NAME=WindowsCE \ -DCMAKE_SYSTEM_NAME=WindowsCE \
-DCMAKE_SYSTEM_VERSION=8.0 \ -DCMAKE_SYSTEM_VERSION=8.0 \
@ -706,7 +740,7 @@ jobs:
-DCMAKE_C_COMPILER=arm-mingw32ce-gcc \ -DCMAKE_C_COMPILER=arm-mingw32ce-gcc \
-DCMAKE_RC_COMPILER=arm-mingw32ce-windres \ -DCMAKE_RC_COMPILER=arm-mingw32ce-windres \
-DMINGW32CE_LIBRARY_DIR="$HOME/opt/mingw32ce/arm-mingw32ce/lib" \ -DMINGW32CE_LIBRARY_DIR="$HOME/opt/mingw32ce/arm-mingw32ce/lib" \
-DCMAKE_IGNORE_PREFIX_PATH="$(brew --prefix)" \ -DCMAKE_IGNORE_PREFIX_PATH=/opt/homebrew \
-DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCMAKE_UNITY_BUILD_BATCH_SIZE=50 -DCURL_TEST_BUNDLES=ON \
-DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=OFF \ -DBUILD_SHARED_LIBS=ON -DBUILD_STATIC_LIBS=ON -DBUILD_STATIC_CURL=OFF \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
@ -733,7 +767,7 @@ jobs:
- name: 'build' - name: 'build'
run: | run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH" PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld cmake --build bld
else else
make -C bld make -C bld
@ -747,7 +781,7 @@ jobs:
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: | run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH" PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target testdeps cmake --build bld --target testdeps
else else
make -C bld -C tests make -C bld -C tests
@ -757,7 +791,7 @@ jobs:
if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time if: ${{ matrix.build == 'cmake' }} # skip for autotools to save time
run: | run: |
PATH="$HOME/opt/mingw32ce/bin:$PATH" PATH="$HOME/opt/mingw32ce/bin:$PATH"
if [ '${{ matrix.build }}' = 'cmake' ]; then if [ "${MATRIX_BUILD}" = 'cmake' ]; then
cmake --build bld --target curl-examples cmake --build bld --target curl-examples
else else
make -C bld examples make -C bld examples
@ -771,7 +805,13 @@ jobs:
run: run:
shell: msys2 {0} shell: msys2 {0}
env: env:
openssh_windows-version: 'v9.8.1.0p1-Preview' MATRIX_ARCH: '${{ matrix.arch }}'
MATRIX_IMAGE: '${{ matrix.image }}'
MATRIX_INSTALL: '${{ matrix.install }}'
MATRIX_OPENSSH: '${{ matrix.openssh }}'
MATRIX_PLAT: '${{ matrix.plat }}'
MATRIX_TYPE: '${{ matrix.type }}'
OPENSSH_WINDOWS_VERSION: 'v9.8.1.0p1-Preview'
VCPKG_DISABLE_METRICS: '1' VCPKG_DISABLE_METRICS: '1'
strategy: strategy:
matrix: matrix:
@ -831,7 +871,7 @@ jobs:
- name: 'vcpkg build' - name: 'vcpkg build'
timeout-minutes: 45 timeout-minutes: 45
run: vcpkg x-set-installed ${{ matrix.install }} '--triplet=${{ matrix.arch }}-${{ matrix.plat }}' run: vcpkg x-set-installed ${MATRIX_INSTALL} --triplet="${MATRIX_ARCH}-${MATRIX_PLAT}"
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with: with:
@ -839,24 +879,27 @@ jobs:
- name: 'configure' - name: 'configure'
timeout-minutes: 5 timeout-minutes: 5
env:
MATRIX_CHKPREFILL: '${{ matrix.chkprefill }}'
MATRIX_CONFIG: '${{ matrix.config }}'
run: | run: |
for _chkprefill in '' ${{ matrix.chkprefill }}; do for _chkprefill in '' ${MATRIX_CHKPREFILL}; do
options='' options=''
if [ '${{ matrix.plat }}' = 'uwp' ]; then if [ "${MATRIX_PLAT}" = 'uwp' ]; then
options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0' options+=' -DCMAKE_SYSTEM_NAME=WindowsStore -DCMAKE_SYSTEM_VERSION=10.0'
cflags='-DWINAPI_FAMILY=WINAPI_FAMILY_PC_APP' cflags='-DWINAPI_FAMILY=WINAPI_FAMILY_PC_APP'
ldflags='-OPT:NOREF -OPT:NOICF -APPCONTAINER:NO' ldflags='-OPT:NOREF -OPT:NOICF -APPCONTAINER:NO'
vsglobals=';AppxPackage=false;WindowsAppContainer=false' vsglobals=';AppxPackage=false;WindowsAppContainer=false'
fi fi
[ '${{ matrix.arch }}' = 'arm64' ] && options+=' -A ARM64' [ "${MATRIX_ARCH}" = 'arm64' ] && options+=' -A ARM64'
[ '${{ matrix.arch }}' = 'x64' ] && options+=' -A x64' [ "${MATRIX_ARCH}" = 'x64' ] && options+=' -A x64'
[ '${{ matrix.arch }}' = 'x86' ] && options+=' -A Win32' [ "${MATRIX_ARCH}" = 'x86' ] && options+=' -A Win32'
[ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF' [ "${_chkprefill}" = '_chkprefill' ] && options+=' -D_CURL_PREFILL=OFF'
cmake -B "bld${_chkprefill}" ${options} \ cmake -B "bld${_chkprefill}" ${options} \
-DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \ -DCMAKE_TOOLCHAIN_FILE="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake" \
-DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \ -DVCPKG_INSTALLED_DIR="$VCPKG_INSTALLATION_ROOT/installed" \
-DVCPKG_TARGET_TRIPLET='${{ matrix.arch }}-${{ matrix.plat }}' \ -DVCPKG_TARGET_TRIPLET="${MATRIX_ARCH}-${MATRIX_PLAT}" \
-DCMAKE_C_COMPILER_TARGET='${{ matrix.arch }}-${{ matrix.plat }}' \ -DCMAKE_C_COMPILER_TARGET="${MATRIX_ARCH}-${MATRIX_PLAT}" \
-DCMAKE_C_FLAGS="${cflags}" \ -DCMAKE_C_FLAGS="${cflags}" \
-DCMAKE_EXE_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ -DCMAKE_EXE_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \
-DCMAKE_SHARED_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \ -DCMAKE_SHARED_LINKER_FLAGS="-INCREMENTAL:NO ${ldflags}" \
@ -864,7 +907,7 @@ jobs:
-DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \ -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON \
-DCURL_WERROR=ON \ -DCURL_WERROR=ON \
-DBUILD_SHARED_LIBS=OFF \ -DBUILD_SHARED_LIBS=OFF \
${{ matrix.config }} ${MATRIX_CONFIG}
done done
if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then if [ -d bld_chkprefill ] && ! diff -u bld/lib/curl_config.h bld_chkprefill/lib/curl_config.h; then
echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::' echo '::group::reference configure log'; cat bld_chkprefill/CMakeFiles/CMake*.yaml 2>/dev/null || true; echo '::endgroup::'
@ -882,43 +925,43 @@ jobs:
- name: 'build' - name: 'build'
timeout-minutes: 5 timeout-minutes: 5
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5
- name: 'curl version' - name: 'curl version'
timeout-minutes: 1 timeout-minutes: 1
run: | run: |
PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \; PATH=/usr/bin find . \( -name '*.exe' -o -name '*.dll' -o -name '*.lib' -o -name '*.pdb' \) -exec file '{}' \;
if [ '${{ matrix.plat }}' != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll if [ "${MATRIX_PLAT}" != 'uwp' ]; then # Missing: ucrtbased.dll, VCRUNTIME140D.dll, VCRUNTIME140D_APP.dll
PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH" PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH"
'bld/src/${{ matrix.type }}/curl.exe' --disable --version "bld/src/${MATRIX_TYPE}/curl.exe" --disable --version
fi fi
- name: 'build tests' - name: 'build tests'
if: ${{ matrix.tflags != 'skipall' }} if: ${{ matrix.tflags != 'skipall' }}
timeout-minutes: 10 timeout-minutes: 10
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target testdeps run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target testdeps
- name: 'install test prereqs' - name: 'install test prereqs'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 5 timeout-minutes: 5
run: | run: |
if [ '${{ matrix.openssh }}' = '' ]; then # MSYS2 openssh if [ -z "${MATRIX_OPENSSH}" ]; then # MSYS2 openssh
/usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh /usr/bin/pacman --noconfirm --noprogressbar --sync --needed openssh
elif [ '${{ matrix.openssh }}' = 'OpenSSH-Windows-builtin' ]; then elif [ "${MATRIX_OPENSSH}" = 'OpenSSH-Windows-builtin' ]; then
# https://learn.microsoft.com/windows-server/administration/openssh/openssh_install_firstuse # https://learn.microsoft.com/windows-server/administration/openssh/openssh_install_firstuse
if [ '${{ matrix.image }}' != 'windows-2025' ]; then if [ "${MATRIX_IMAGE}" != 'windows-2025' ]; then
pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0' pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0'
pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0' pwsh -Command 'Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0'
fi fi
else # OpenSSH-Windows else # OpenSSH-Windows
cd /c || exit 1 # no D: drive on windows-11-arm runners cd /c # no D: drive on windows-11-arm runners
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \ curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 60 --retry 3 \
--location 'https://github.com/PowerShell/Win32-OpenSSH/releases/download/${{ env.openssh_windows-version }}/OpenSSH-Win64.zip' --output bin.zip --location "https://github.com/PowerShell/Win32-OpenSSH/releases/download/${OPENSSH_WINDOWS_VERSION}/OpenSSH-Win64.zip" --output bin.zip
unzip bin.zip unzip bin.zip
rm -f bin.zip rm -f bin.zip
fi fi
/c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true /c/ProgramData/chocolatey/choco.exe install --yes --no-progress --limit-output --timeout 180 --force stunnel || true
if [ '${{ matrix.image }}' != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step if [ "${MATRIX_IMAGE}" != 'windows-11-arm' ]; then # save 30-60 seconds, to counteract the slower test run step
python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket python3 -m pip --disable-pip-version-check --no-input --no-cache-dir install --progress-bar off --prefer-binary impacket
fi fi
@ -935,26 +978,28 @@ jobs:
- name: 'run tests' - name: 'run tests'
if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }} if: ${{ matrix.tflags != 'skipall' && matrix.tflags != 'skiprun' }}
timeout-minutes: 10 timeout-minutes: 10
env:
TFLAGS: '${{ matrix.tflags }}'
run: | run: |
export CURL_DIRSUFFIX='${{ matrix.type }}' export CURL_DIRSUFFIX="${MATRIX_TYPE}"
export TFLAGS='-j8 ${{ matrix.tflags }}' TFLAGS="-j8 ${TFLAGS}"
TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl) TFLAGS+=' !498' # 'Reject too large HTTP response headers on endless redirects' HTTP, HTTP GET (runtests detecting result code 2009 instead of 56 returned by curl)
if [[ '${{ matrix.install }}' = *'libssh2[core,zlib]'* ]]; then if [[ "${MATRIX_INSTALL}" = *'libssh2[core,zlib]'* ]]; then
TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804 TFLAGS+=' ~SCP ~SFTP' # Flaky: `-8, Unable to exchange encryption keys`. https://github.com/libssh2/libssh2/issues/804
fi fi
if [ -n '${{ matrix.openssh }}' ]; then # OpenSSH-Windows if [ -n "${MATRIX_OPENSSH}" ]; then # OpenSSH-Windows
TFLAGS+=' ~601 ~603 ~617 ~619 ~621 ~641 ~665 ~2004' # SCP TFLAGS+=' ~601 ~603 ~617 ~619 ~621 ~641 ~665 ~2004' # SCP
if [[ '${{ matrix.install }}' = *'libssh '* ]]; then if [[ "${MATRIX_INSTALL}" = *'libssh '* ]]; then
TFLAGS+=' ~614' # 'SFTP pre-quote chmod' SFTP, pre-quote, directory TFLAGS+=' ~614' # 'SFTP pre-quote chmod' SFTP, pre-quote, directory
else else
TFLAGS+=' ~3022' # 'SCP correct sha256 host key' SCP, server sha256 key check TFLAGS+=' ~3022' # 'SCP correct sha256 host key' SCP, server sha256 key check
fi fi
PATH="/c/OpenSSH-Win64:$PATH" PATH="/c/OpenSSH-Win64:$PATH"
fi fi
PATH="$PWD/bld/lib/${{ matrix.type }}:$PATH:/c/Program Files (x86)/stunnel/bin" PATH="$PWD/bld/lib/${MATRIX_TYPE}:$PATH:/c/Program Files (x86)/stunnel/bin"
cmake --build bld --config '${{ matrix.type }}' --target test-ci cmake --build bld --config "${MATRIX_TYPE}" --target test-ci
- name: 'build examples' - name: 'build examples'
timeout-minutes: 5 timeout-minutes: 5
if: ${{ contains(matrix.name, '+examples') }} if: ${{ contains(matrix.name, '+examples') }}
run: cmake --build bld --config '${{ matrix.type }}' --parallel 5 --target curl-examples run: cmake --build bld --config "${MATRIX_TYPE}" --parallel 5 --target curl-examples