chore(deps) bump OpenSSL to 3.1.2 #2278
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: main | |
pull_request: | |
branches: '**' | |
defaults: | |
run: | |
shell: bash | |
env: | |
COVERALLS_SERVICE_NUMBER: ${{ github.run_id }}-${{ github.run_attempt }} | |
jobs: | |
tests: | |
name: 'Unit' | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 40 | |
#if: ${{ false }} | |
outputs: | |
coveralls_name: ${{ steps.lcov.outputs.name }} | |
env: | |
NGX_BUILD_GCOV: 1 | |
TEST_NGINX_TIMEOUT: 60 | |
TEST_NGINX_EXTERNAL_TIMEOUT: 120s | |
strategy: | |
fail-fast: false | |
matrix: | |
label: [""] | |
os: [ubuntu-latest] | |
cc: [gcc-9] | |
ngx: [1.25.1] | |
openresty: [""] | |
runtime: [wasmer] | |
wasmer: [3.1.1] | |
wasmtime: [""] | |
v8: [""] | |
debug: [debug, no_debug] | |
hup: [no_hup] | |
ssl: [ssl] | |
module_type: ["static"] | |
include: | |
# Wasmtime | |
- runtime: wasmtime | |
wasmtime: 8.0.1 | |
os: ubuntu-latest | |
cc: gcc-9 | |
ngx: 1.25.1 | |
debug: debug | |
hup: hup | |
ssl: ssl | |
# V8 | |
- runtime: v8 | |
v8: 11.4.183.23 | |
os: ubuntu-latest | |
cc: gcc-9 | |
ngx: 1.25.1 | |
debug: debug | |
hup: no_hup | |
ssl: ssl | |
# Old Nginx | |
- label: old_nginx | |
os: ubuntu-latest | |
cc: gcc-9 | |
ngx: 1.21.6 | |
runtime: wasmer | |
wasmer: 3.1.1 | |
debug: debug | |
hup: no_hup | |
ssl: ssl | |
# Nginx + dynamic ngx_wasm_module + HUP | |
- label: dynamic_nginx | |
os: ubuntu-latest | |
cc: gcc-9 | |
ngx: 1.25.1 | |
runtime: wasmtime | |
wasmtime: 8.0.1 | |
debug: debug | |
hup: hup | |
ssl: ssl | |
module_type: dynamic | |
# No SSL | |
- ssl: no_ssl | |
os: ubuntu-latest | |
cc: gcc-9 | |
ngx: 1.25.1 | |
runtime: wasmer | |
wasmer: 3.1.1 | |
debug: no_debug | |
hup: no_hup | |
# OpenResty | |
- label: openresty | |
os: ubuntu-latest | |
cc: gcc-9 | |
openresty: 1.21.4.1 | |
runtime: wasmtime | |
wasmtime: 8.0.1 | |
debug: debug | |
hup: no_hup | |
ssl: ssl | |
# OpenResty + dynamic ngx_wasm_module | |
- label: dynamic_openresty | |
os: ubuntu-latest | |
cc: gcc-9 | |
openresty: 1.21.4.1 | |
runtime: wasmtime | |
wasmtime: 8.0.1 | |
debug: debug | |
hup: no_hup | |
ssl: ssl | |
module_type: dynamic | |
steps: | |
- name: 'Setup deps - apt-get' | |
if: ${{ matrix.cc == 'gcc-9' }} | |
run: sudo apt-get update && sudo apt-get install -y gcc-9 libstdc++-9-dev lcov | |
- uses: actions/checkout@v3 | |
- name: 'Setup cache - rustup toolchain' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
~/.rustup/settings.toml | |
~/.rustup/toolchains/* | |
~/.rustup/update-hashes/* | |
key: rust-toolchain-${{ runner.os }}-${{ hashFiles('.github/**/*.yml', '.github/**/*.sh') }} | |
- name: 'Setup cache - work/ dir' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
work/downloads | |
work/runtimes | |
work/openssl | |
key: work-${{ runner.os }}-${{ matrix.cc }}-${{ matrix.ngx }}-${{ matrix.openresty }}-${{ matrix.runtime }}-${{ hashFiles('util/**/*.sh', 'util/**/*.pl', 'util/**/*.awk', '.github/**/*.yml', '.github/**/*.sh', '.github/**/*.js', 'rust-toolchain') }} | |
- name: Setup Rust | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
target: wasm32-wasi | |
- name: Setup TinyGo | |
uses: acifani/setup-tinygo@v1 | |
with: | |
tinygo-version: 0.27.0 | |
- name: Setup Wasm runtime | |
run: ./util/runtime.sh -R ${{ matrix.runtime }} -V ${{ matrix[matrix.runtime] }} | |
env: | |
GITHUB_OAUTH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} | |
- run: make setup | |
- run: make | |
env: | |
CC: ${{ matrix.cc }} | |
NGX: ${{ matrix.ngx }} | |
NGX_BUILD_SSL: ${{ matrix.ssl == 'ssl' && 1 || 0 }} | |
NGX_BUILD_DEBUG: ${{ matrix.debug == 'debug' && 1 || 0 }} | |
NGX_BUILD_OPENRESTY: ${{ matrix.openresty }} | |
NGX_BUILD_DYNAMIC_MODULE: ${{ matrix.module_type == 'dynamic' && 1 || 0 }} | |
- run: make test | |
env: | |
TEST_NGINX_USE_HUP: ${{ matrix.hup == 'hup' && 1 || 0 }} | |
NGX_BUILD_DYNAMIC_MODULE: ${{ matrix.module_type == 'dynamic' && 1 || 0 }} | |
- name: Run lcov | |
id: lcov | |
if: ${{ !env.ACT && matrix.cc == 'gcc-9' }} | |
run: | | |
name="unit" | |
if [ -n "${{ matrix.openresty }}" ]; then | |
name="$name-openresty_${{ matrix.openresty }}" | |
else | |
name="$name-ngx_${{ matrix.ngx }}" | |
fi | |
name="$name-${{ matrix.runtime }}" | |
name="$name-${{ matrix.ssl }}" | |
name="$name-${{ matrix.debug }}" | |
name="$name-${{ matrix.hup }}" | |
if [ "${{ matrix.module_type }}" = dynamic ]; then | |
name="$name-dynamic" | |
else | |
name="$name-static" | |
fi | |
echo "name=$name" >> $GITHUB_OUTPUT | |
lcov --capture --directory work/buildroot --output-file lcov.info | |
lcov --remove lcov.info "*/ngx_wasm_module/src/common/debug/*" --output-file lcov.info | |
lcov --extract lcov.info "*/ngx_wasm_module/src/*" --output-file lcov.info | |
- name: Coveralls Upload | |
if: ${{ !env.ACT && matrix.cc == 'gcc-9' }} | |
uses: coverallsapp/github-action@v2 | |
with: | |
github-token: ${{ secrets.github_token }} | |
flag-name: ${{ steps.lcov.outputs.name }} | |
path-to-lcov: './lcov.info' | |
parallel: true | |
- uses: actions/upload-artifact@v2 | |
if: ${{ failure() && !env.ACT }} | |
with: | |
name: ${{ github.workflow }}-${{ github.job }}-sha-${{ github.sha }}-run-${{ github.run_number }}-${{ matrix.runtime }} | |
path: | | |
work/buildroot/ | |
t/servroot* | |
finish: | |
needs: tests | |
runs-on: ubuntu-latest | |
steps: | |
- name: Coveralls Finished | |
uses: coverallsapp/github-action@v2 | |
with: | |
github-token: ${{ secrets.github_token }} | |
parallel-finished: true | |
carryforward: "unit-ngx_1.25.1-wasmer-ssl-debug-no_hup-static,unit-ngx_1.25.1-wasmer-ssl-no_debug-no_hup-static,unit-ngx_1.25.1-wasmtime-ssl-debug-hup-static,unit-ngx_1.25.1-wasmtime-ssl-debug-hup-dynamic,unit-ngx_1.25.1-v8-ssl-debug-no_hup-static,unit-ngx_1.21.6-wasmer-ssl-debug-no_hup-static,unit-ngx_1.25.1-wasmer-no_ssl-no_debug-no_hup-static,unit-openresty_1.21.4.1-wasmtime-ssl-debug-no_hup-static,unit-openresty_1.21.4.1-wasmtime-ssl-debug-no_hup-dynamic" | |
valgrind: | |
name: 'Valgrind' | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 120 | |
#if: ${{ false }} | |
env: | |
NGX_BUILD_NOPOOL: 1 | |
NGX_BUILD_CC_OPT: '-O2' | |
TEST_NGINX_RANDOMIZE: 1 | |
TEST_NGINX_TIMEOUT: 120 | |
TEST_NGINX_EXTERNAL_TIMEOUT: 200 | |
TEST_NGINX_USE_VALGRIND: 1 | |
strategy: | |
fail-fast: false | |
matrix: | |
label: [""] | |
os: [ubuntu-22.04] | |
cc: [gcc-10] | |
ngx: [1.25.1] | |
openresty: [""] | |
runtime: [wasmer] | |
wasmer: [3.1.1] | |
wasmtime: [""] | |
v8: [""] | |
hup: [no_hup, hup] | |
debug: [debug] | |
include: | |
# Wasmtime | |
- runtime: wasmtime | |
wasmtime: 8.0.1 | |
os: ubuntu-22.04 | |
cc: gcc-10 | |
ngx: 1.25.1 | |
hup: no_hup | |
debug: debug | |
# V8 | |
- runtime: v8 | |
v8: 11.4.183.23 | |
os: ubuntu-22.04 | |
cc: gcc-10 | |
ngx: 1.25.1 | |
debug: debug | |
hup: no_hup | |
# OpenResty | |
- label: openresty | |
os: ubuntu-22.04 | |
cc: gcc-10 | |
openresty: 1.21.4.1 | |
ngx: | |
runtime: wasmer | |
wasmer: 3.1.1 | |
debug: debug | |
hup: no_hup | |
steps: | |
- run: sudo apt-get update && sudo apt-get install -y valgrind | |
- uses: actions/checkout@v3 | |
- name: 'Setup cache - rustup toolchain' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
~/.rustup/settings.toml | |
~/.rustup/toolchains/* | |
~/.rustup/update-hashes/* | |
key: rust-toolchain-${{ runner.os }}-${{ hashFiles('.github/**/*.yml', '.github/**/*.sh') }} | |
- name: 'Setup cache - work/ dir' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
work/downloads | |
work/runtimes | |
work/openssl | |
key: work-${{ runner.os }}-${{ matrix.cc }}-${{ matrix.ngx }}-${{ matrix.openresty }}-${{ matrix.runtime }}-${{ hashFiles('util/**/*.sh', 'util/**/*.pl', 'util/**/*.awk', '.github/**/*.yml', '.github/**/*.sh', '.github/**/*.js', 'rust-toolchain') }} | |
- name: Setup Rust | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
target: wasm32-wasi | |
- name: Setup TinyGo | |
uses: acifani/setup-tinygo@v1 | |
with: | |
tinygo-version: 0.27.0 | |
- name: Setup Wasm runtime | |
run: ./util/runtime.sh -R ${{ matrix.runtime }} -V ${{ matrix[matrix.runtime] }} | |
env: | |
GITHUB_OAUTH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} | |
- run: make setup | |
- run: make | |
env: | |
CC: ${{ matrix.cc }} | |
NGX: ${{ matrix.ngx }} | |
NGX_BUILD_DEBUG: ${{ matrix.debug == 'debug' && 1 || 0 }} | |
NGX_BUILD_OPENRESTY: ${{ matrix.openresty }} | |
- run: make test 2>&1 | tee valgrind.out | |
env: | |
TEST_NGINX_USE_HUP: ${{ matrix.hup == 'hup' && 1 || 0 }} | |
TEST_NGINX_NO_CLEAN: 1 | |
- run: | | |
awk -f ./util/parse-valgrind.awk valgrind.out > valgrind.log | |
if [[ -s valgrind.log ]]; then | |
cat valgrind.log >&2 | |
exit 1 | |
fi | |
- uses: actions/upload-artifact@v2 | |
if: ${{ failure() && !env.ACT }} | |
with: | |
name: ${{ github.workflow }}-${{ github.job }}-sha-${{ github.sha }}-run-${{ github.run_number }}-${{ matrix.runtime }} | |
path: | | |
work/buildroot/ | |
t/servroot* | |
valgrind.out | |
lint: | |
name: 'Lint' | |
runs-on: ubuntu-latest | |
#if: ${{ false }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions-rs/toolchain@v1 | |
with: | |
components: clippy | |
- uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
work/downloads | |
key: lint-${{ runner.os }}-${{ hashFiles('util/**/*.sh', 'util/**/*.pl', 'util/**/*.awk', '.github/**/*.yml', '.github/**/*.sh', '.github/**/*.js', 'rust-toolchain') }} | |
- run: make setup | |
- run: make lint | |
- uses: actions-rs/clippy-check@v1 | |
if: ${{ !env.ACT }} | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
args: --all-features | |
- run: | | |
if [[ $(make reindex 2>&1 | tee reindex.out | grep -c done) -gt 0 ]]; then | |
cat reindex.out >&2 | |
exit 1 | |
fi | |
analyzer: | |
name: 'Clang analyzer' | |
runs-on: ubuntu-latest | |
#if: ${{ false }} | |
env: | |
NGX_BUILD_CLANG_ANALYZER: 1 | |
strategy: | |
fail-fast: false | |
matrix: | |
cc: [clang-11] | |
openresty: [1.21.4.1] | |
runtime: [wasmer, wasmtime, v8] | |
wasmer: [3.1.1] | |
wasmtime: [8.0.1] | |
v8: [11.4.183.23] | |
debug: [debug, no_debug] | |
ssl: [ssl] | |
include: | |
# No SSL | |
- os: ubuntu-latest | |
cc: clang-11 | |
ngx: 1.25.1 | |
runtime: wasmer | |
wasmer: 3.1.1 | |
debug: debug | |
ssl: no_ssl | |
steps: | |
- run: | | |
sudo apt-get update | |
sudo apt-get install -y $(echo ${{ matrix.cc }} | sed s/clang/clang-tools/) | |
sudo update-alternatives --install /usr/bin/scan-build scan-build /usr/bin/$(echo ${{ matrix.cc }} | sed s/clang/scan-build/) 100 | |
- uses: actions/checkout@v3 | |
- name: 'Setup cache - work/ dir' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
work/downloads | |
work/runtimes | |
work/openssl | |
key: work-${{ runner.os }}-${{ matrix.cc }}-${{ matrix.ngx }}-${{ matrix.openresty }}-${{ matrix.runtime }}-${{ hashFiles('util/**/*.sh', 'util/**/*.pl', 'util/**/*.awk', '.github/**/*.yml', '.github/**/*.sh', '.github/**/*.js', 'rust-toolchain') }} | |
- name: Setup Wasm runtime | |
run: ./util/runtime.sh -R ${{ matrix.runtime }} -V ${{ matrix[matrix.runtime] }} | |
env: | |
GITHUB_OAUTH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} | |
- run: make setup | |
- run: make | |
env: | |
CC: ${{ matrix.cc }} | |
NGX_BUILD_SSL: ${{ matrix.ssl == 'ssl' && 1 || 0 }} | |
NGX_BUILD_DEBUG: ${{ matrix.debug == 'debug' && 1 || 0 }} | |
NGX_BUILD_OPENRESTY: ${{ matrix.openresty }} | |
- uses: actions/upload-artifact@v2 | |
if: ${{ failure() && !env.ACT }} | |
with: | |
name: ${{ github.workflow }}-${{ github.job }}-sha-${{ github.sha }}-run-${{ github.run_number }} | |
path: work/scans/* | |
build: | |
name: 'Test builds' | |
runs-on: ${{ matrix.os }} | |
timeout-minutes: 45 | |
#if: ${{ false }} | |
strategy: | |
fail-fast: false | |
matrix: | |
label: [""] | |
os: [ubuntu-latest] | |
cc: [clang-14, gcc-10] | |
ngx: [1.25.1] | |
runtime: [wasmer, wasmtime, v8] | |
wasmtime: [8.0.1] | |
wasmer: [3.1.1] | |
v8: [11.4.183.23] | |
include: | |
- label: old_nginx | |
os: ubuntu-latest | |
cc: clang-14 | |
ngx: 1.21.6 | |
runtime: wasmtime | |
wasmtime: 8.0.1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: 'Setup cache - work/ dir' | |
uses: actions/cache@v3 | |
if: ${{ !env.ACT }} | |
with: | |
path: | | |
work/downloads | |
work/runtimes | |
work/openssl | |
key: work-${{ runner.os }}-${{ matrix.cc }}-${{ matrix.ngx }}-${{ matrix.openresty }}-${{ matrix.runtime }}-${{ hashFiles('util/**/*.sh', 'util/**/*.pl', 'util/**/*.awk', '.github/**/*.yml', '.github/**/*.sh', '.github/**/*.js', 'rust-toolchain') }} | |
- name: Setup Wasm runtime | |
run: ./util/runtime.sh -R ${{ matrix.runtime }} -V ${{ matrix[matrix.runtime] }} | |
env: | |
GITHUB_OAUTH_TOKEN: ${{ secrets.GH_BOT_TOKEN }} | |
- run: make setup | |
- run: make test-build | |
env: | |
NGX_WASM_RUNTIME: ${{ matrix.runtime }} |