Skip to content

Commit

Permalink
tmp: build golden packages
Browse files Browse the repository at this point in the history
  • Loading branch information
@ctz
ctz committed Aug 13, 2024
1 parent 8b45ed5 commit 5af90d8
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 169 deletions.
213 changes: 46 additions & 167 deletions .github/workflows/libssl.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,188 +15,67 @@ defaults:
working-directory: rustls-libssl

jobs:
build:
name: Build+test
runs-on: ${{ matrix.os }}
release_packages:
name: Produce release packages
runs-on: ubuntu-latest
container: ${{ matrix.container }}:${{ matrix.version }}
strategy:
matrix:
rust:
- stable
- beta
- nightly
# TODO(XXX): consider replacing ubuntu-24.04 w/ ubuntu-latest when appropriate
os: [ubuntu-24.04, ubuntu-22.04]
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install build dependencies
run: sudo apt-get update && sudo apt-get install -y openssl libssl3 libssl-dev lld
include:
- container: fedora
version: 40
package: rpm
- container: ubuntu
version: 24.04
package: deb
# nb. ubuntu:22.04 has a too-old golang to build nfpm
# we could install an upstream golang if we want to
# package there.

- name: Install ${{ matrix.rust }} toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}

- run: make PROFILE=debug test
- run: make PROFILE=debug integration
# Note: we only check the client/server binaries here, assuming that
# is sufficient for any other test binaries.
- name: Verify debug builds were using ASAN
run: |
nm target/client | grep '__asan_init'
nm target/server | grep '__asan_init'
- name: Build release binaries
run: |
make clean
make PROFILE=release
- name: Verify release builds were not using ASAN
run: |
nm target/client | grep -v '__asan_init'
nm target/server | grep -v '__asan_init'
valgrind:
name: Valgrind
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@stable
- name: Install valgrind
run: sudo apt-get update && sudo apt-get install -y valgrind
- name: Install build dependencies
run: sudo apt-get update && sudo apt-get install -y openssl libssl3 libssl-dev lld
- run: VALGRIND="valgrind -q" make PROFILE=release test integration

docs:
name: Check for documentation errors
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install build dependencies
run: sudo apt-get update && sudo apt-get install -y openssl libssl3 libssl-dev lld

- name: Install rust toolchain
uses: dtolnay/rust-toolchain@nightly
- name: Install prerequisites (apt)
if: matrix.package == 'deb'
working-directory: /
run: |
apt-get update
apt-get install -y curl build-essential git
- name: cargo doc (all features)
run: cargo doc --all-features --no-deps --workspace
env:
RUSTDOCFLAGS: -Dwarnings
- name: Install prerequisites (yum)
if: matrix.package == 'rpm'
working-directory: /
run: |
yum install -y curl make automake gcc gcc-c++ kernel-devel
format:
name: Format
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt
- name: Check Rust formatting
run: cargo fmt --all -- --check
- name: Check src/entry.rs formatting
run: ./admin/format --all -- --check
- name: Check C formatting
run: make format-check
- name: Check ordering of build.rs entrypoints
run: ./admin/sort-entrypoints.py
- name: Check MATRIX.md is up-to-date
run: ./admin/matrix.py > MATRIX.md.new && diff -su MATRIX.md MATRIX.md.new

clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
- name: Install stable rust toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: clippy
- name: Check clippy
# We allow unknown lints here because sometimes the nightly job
# (below) will have a new lint that we want to suppress.
# If we suppress (e.g. #![allow(clippy::arc_with_non_send_sync)]),
# we would get an unknown-lint error from older clippy versions.
run: cargo clippy --locked --workspace --all-targets -- -D warnings -A unknown-lints

clippy-nightly-optional:
name: Clippy nightly (optional)
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@nightly
with:
components: clippy
- name: Check clippy
run: cargo clippy --locked --workspace --all-targets -- -D warnings

clang-tidy:
name: Clang Tidy
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Clang tidy
run: clang-tidy tests/*.c -- -I src/

miri:
name: Miri
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install nightly Rust
uses: dtolnay/rust-toolchain@nightly
- run: rustup override set "nightly-$(curl -s https://rust-lang.github.io/rustup-components-history/x86_64-unknown-linux-gnu/miri)"
- run: rustup component add miri
- run: cargo miri test

packaging:
name: Packaging
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
with:
persist-credentials: false

- name: Install build dependencies
run: sudo apt-get update && sudo apt-get install -y openssl libssl3 libssl-dev lld

- name: Install cargo-get
run: cargo install cargo-get
- name: Install build dependencies (apt)
if: matrix.package == 'deb'
run: |
apt-get update
apt-get install -y openssl libssl3 libssl-dev lld golang-go
cargo install cargo-get
go install github.com/goreleaser/nfpm/v2/cmd/nfpm@latest
- name: Install nfpm
- name: Install build dependencies (yum)
if: matrix.package == 'rpm'
run: |
yum install -y openssl openssl-devel lld go
cargo install cargo-get
go install github.com/goreleaser/nfpm/v2/cmd/nfpm@latest
echo PATH=$PATH:$HOME/go/bin >> $GITHUB_ENV
- name: Build packages
run: make package PROFILE=release
- name: Build package
run: |
make package-${{ matrix.package }} PROFILE=release NFPM=$HOME/go/bin/nfpm
- name: Test packages
run: make test-package PROFILE=release
- name: Archive package
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.package }} package built on ${{ matrix.container }} ${{ matrix.version }}
path: rustls-libssl/target/dist/*.${{ matrix.package }}
if-no-files-found: error
5 changes: 3 additions & 2 deletions rustls-libssl/Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
CARGO ?= cargo
NFPM ?= nfpm
CARGOFLAGS += --locked

CFLAGS := -Werror -Wall -Wextra -Wpedantic -g $(shell pkg-config --cflags openssl)
Expand Down Expand Up @@ -73,13 +74,13 @@ package-deb: dist/nfpm.yaml target/release/libssl.so.3 target/VERSION
mkdir --parents target/dist
env VERSION=$(shell $(CARGO) get package.version) \
VERSION_PRERELEASE=$(shell $(CARGO) get package.version --pre) \
nfpm package --config $< --target target/dist --packager deb
$(NFPM) package --config $< --target target/dist --packager deb

package-rpm: dist/nfpm.yaml target/release/libssl.so.3 target/VERSION
mkdir --parents target/dist
env VERSION=$(shell $(CARGO) get package.version) \
VERSION_PRERELEASE=$(shell $(CARGO) get package.version --pre) \
nfpm package --config $< --target target/dist --packager rpm
$(NFPM) package --config $< --target target/dist --packager rpm

target/VERSION: ALWAYS
echo "This is rustls-libssl `git describe --always`\nDate: `date`\nIncorporating:" > $@
Expand Down

0 comments on commit 5af90d8

Please sign in to comment.