romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 00:41:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

GHA/http3-linux: add AWS-LC and BoringSSL jobs

Browse source 
Closes #18391
This commit is contained in:
Viktor Szakats 2025-08-24 21:29:23 +02:00
parent e2c747bb5d
commit 455cd07410
No known key found for this signature in database
GPG key ID: B5ABD165E2AEF201
1 changed files with 135 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

139
.github/workflows/http3-linux.yml vendored
View file

@ -47,6 +47,10 @@ env:
QUICTLS_VERSION: 3.3.0
# renovate: datasource=github-tags depName=libressl/portable versioning=semver registryUrl=https://github.com
LIBRESSL_VERSION: 4.1.0
# renovate: datasource=github-tags depName=awslabs/aws-lc versioning=semver registryUrl=https://github.com
AWSLC_VERSION: 1.58.0
# renovate: datasource=github-tags depName=google/boringssl versioning=semver registryUrl=https://github.com
BORINGSSL_VERSION: 0.20250818.0
# renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
GNUTLS_VERSION: 3.8.10
# renovate: datasource=github-tags depName=wolfSSL/wolfssl versioning=semver extractVersion=^v?(?<version>.+)-stable$ registryUrl=https://github.com
@ -84,6 +88,24 @@ jobs:
path: ~/libressl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
- name: 'cache awslc'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-awslc
env:
cache-name: cache-awslc
with:
path: ~/awslc/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
- name: 'cache boringssl'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-boringssl
env:
cache-name: cache-boringssl
with:
path: ~/boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
- name: 'cache quictls'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-quictls-no-deprecated
@ -127,7 +149,16 @@ jobs:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
- name: 'cache ngtcp2 boringssl'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-ngtcp2-boringssl
env:
cache-name: cache-ngtcp2-boringssl
with:
path: ~/ngtcp2-boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }}
- name: 'cache nghttp2'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
@ -142,11 +173,14 @@ jobs:
if: >-
${{ steps.cache-openssl-http3.outputs.cache-hit != 'true' ||
steps.cache-libressl.outputs.cache-hit != 'true' ||
steps.cache-awslc.outputs.cache-hit != 'true' ||
steps.cache-boringssl.outputs.cache-hit != 'true' ||
steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' ||
steps.cache-gnutls.outputs.cache-hit != 'true' ||
steps.cache-wolfssl.outputs.cache-hit != 'true' ||
steps.cache-nghttp3.outputs.cache-hit != 'true' ||
steps.cache-ngtcp2.outputs.cache-hit != 'true' ||
steps.cache-ngtcp2-boringssl.outputs.cache-hit != 'true' ||
steps.cache-nghttp2.outputs.cache-hit != 'true' }}
run: echo 'needs-build=true' >> "$GITHUB_OUTPUT"
@ -188,6 +222,28 @@ jobs:
cmake --build .
cmake --install .
- name: 'build awslc'
if: ${{ steps.cache-awslc.outputs.cache-hit != 'true' }}
run: |
cd ~
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
--location "https://github.com/awslabs/aws-lc/archive/refs/tags/v${AWSLC_VERSION}.tar.gz" | tar -xz
cd "aws-lc-${AWSLC_VERSION}"
cmake -B . -G Ninja -DBUILD_SHARED_LIBS=ON -DBUILD_TOOL=OFF -DBUILD_TESTING=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/awslc/build
cmake --build .
cmake --install .
- name: 'build boringssl'
if: ${{ steps.cache-boringssl.outputs.cache-hit != 'true' }}
run: |
mkdir boringssl-src
cd boringssl-src
curl --disable --fail --silent --show-error --connect-timeout 15 --max-time 120 --retry 6 --retry-connrefused \
"https://boringssl.googlesource.com/boringssl/+archive/${BORINGSSL_VERSION}.tar.gz" | tar -xz
cmake -B . -G Ninja -DBUILD_SHARED_LIBS=ON -DBUILD_TESTING=OFF -DCMAKE_INSTALL_PREFIX=/home/runner/boringssl/build
cmake --build .
cmake --install .
- name: 'build quictls'
if: ${{ steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' }}
run: |
@ -238,7 +294,7 @@ jobs:
- name: 'build ngtcp2'
if: ${{ steps.cache-ngtcp2.outputs.cache-hit != 'true' }}
# building 3 times to get crypto libs for ossl, libressl and quictls installed
# building 3 times to get crypto libs for ossl, libressl, quictls and awslc installed
run: |
cd ~
git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2
@ -254,7 +310,22 @@ jobs:
make clean
./configure --disable-dependency-tracking --prefix="$PWD"/build \
PKG_CONFIG_PATH=/home/runner/openssl/build/lib/pkgconfig:/home/runner/gnutls/build/lib/pkgconfig:/home/runner/wolfssl/build/lib/pkgconfig \
--enable-lib-only --with-openssl --with-gnutls --with-wolfssl
--enable-lib-only --with-openssl --with-gnutls --with-wolfssl --with-boringssl \
BORINGSSL_LIBS='-L/home/runner/awslc/build/lib -lssl -lcrypto' \
BORINGSSL_CFLAGS='-I/home/runner/awslc/build/include'
make install
- name: 'build ngtcp2 boringssl'
if: ${{ steps.cache-ngtcp2-boringssl.outputs.cache-hit != 'true' }}
run: |
cd ~
git clone --quiet --depth=1 -b "v${NGTCP2_VERSION}" https://github.com/ngtcp2/ngtcp2 ngtcp2-boringssl
cd ngtcp2-boringssl
autoreconf -fi
./configure --disable-dependency-tracking --prefix="$PWD"/build \
--enable-lib-only --with-openssl=no --with-boringssl \
BORINGSSL_LIBS='-L/home/runner/boringssl/build/lib -lssl -lcrypto' \
BORINGSSL_CFLAGS='-I/home/runner/boringssl/build/include'
make install
- name: 'build nghttp2'
@ -313,6 +384,36 @@ jobs:
-DOPENSSL_ROOT_DIR=/home/runner/libressl/build
-DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON
- name: 'awslc'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/awslc/build/lib
--with-ngtcp2 --disable-ntlm
--with-openssl=/home/runner/awslc/build --enable-ssls-export
- name: 'awslc'
PKG_CONFIG_PATH: /home/runner/awslc/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/awslc/build -DBUILD_SHARED_LIBS=OFF
-DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON
-DCMAKE_UNITY_BUILD=ON
- name: 'boringssl'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
configure: >-
LDFLAGS=-Wl,-rpath,/home/runner/boringssl/build/lib
--with-ngtcp2 --disable-ntlm
--with-openssl=/home/runner/boringssl/build --enable-ssls-export
- name: 'boringssl'
PKG_CONFIG_PATH: /home/runner/boringssl/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2-boringssl/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
generate: >-
-DOPENSSL_ROOT_DIR=/home/runner/boringssl/build -DBUILD_SHARED_LIBS=OFF
-DUSE_NGTCP2=ON -DCURL_DISABLE_NTLM=ON
-DCMAKE_UNITY_BUILD=ON
- name: 'quictls'
install_steps: skipall
PKG_CONFIG_PATH: /home/runner/quictls/build/lib/pkgconfig:/home/runner/nghttp3/build/lib/pkgconfig:/home/runner/ngtcp2/build/lib/pkgconfig:/home/runner/nghttp2/build/lib/pkgconfig
@ -428,6 +529,26 @@ jobs:
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.LIBRESSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache awslc'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-awslc
env:
cache-name: cache-awslc
with:
path: ~/awslc/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.AWSLC_VERSION }}
fail-on-cache-miss: true
- name: 'cache boringssl'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-boringssl
env:
cache-name: cache-boringssl
with:
path: ~/boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.BORINGSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache quictls'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-quictls-no-deprecated
@ -477,7 +598,17 @@ jobs:
cache-name: cache-ngtcp2
with:
path: ~/ngtcp2/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.OPENSSL_VERSION }}-${{ env.LIBRESSL_VERSION }}-${{ env.AWSLC_VERSION }}-${{ env.QUICTLS_VERSION }}-${{ env.GNUTLS_VERSION }}-${{ env.WOLFSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache ngtcp2 boringssl'
uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4
id: cache-ngtcp2-boringssl
env:
cache-name: cache-ngtcp2-boringssl
with:
path: ~/ngtcp2-boringssl/build
key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.NGTCP2_VERSION }}-${{ env.BORINGSSL_VERSION }}
fail-on-cache-miss: true
- name: 'cache nghttp2'