BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0 #1478
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright 2019 Ilya Shipitsin <[email protected]> | |
# Copyright 2020 Tim Duesterhus <[email protected]> | |
# | |
# This program is free software; you can redistribute it and/or | |
# modify it under the terms of the GNU General Public License | |
# as published by the Free Software Foundation; either version | |
# 2 of the License, or (at your option) any later version. | |
name: VTest | |
on: | |
push: | |
jobs: | |
# The generate-matrix job generates the build matrix using JSON output | |
# generated by .github/matrix.py. | |
generate-matrix: | |
name: Generate Build Matrix | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Generate Build Matrix | |
id: set-matrix | |
run: python3 .github/matrix.py "${{ github.event_name }}" | |
# The Test job actually runs the tests. | |
Test: | |
name: ${{ matrix.name }} | |
needs: generate-matrix | |
runs-on: ${{ matrix.os }} | |
strategy: | |
matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
fail-fast: false | |
env: | |
# Configure a short TMPDIR to prevent failures due to long unix socket | |
# paths. | |
TMPDIR: /tmp | |
# Force ASAN output into asan.log to make the output more readable. | |
ASAN_OPTIONS: log_path=asan.log | |
OT_CPP_VERSION: 1.5.0 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 100 | |
# | |
# Github Action cache key cannot contain comma, so we calculate it based on job name | |
# | |
- name: Generate cache key | |
id: generate-cache-key | |
run: | | |
echo "key=$(echo ${{ matrix.name }} | sha256sum | awk '{print $1}')" >> $GITHUB_OUTPUT | |
- name: Cache SSL libs | |
if: ${{ matrix.ssl && matrix.ssl != 'stock' && matrix.ssl != 'BORINGSSL=yes' && matrix.ssl != 'QUICTLS=yes' }} | |
id: cache_ssl | |
uses: actions/cache@v4 | |
with: | |
path: '~/opt/' | |
key: ssl-${{ steps.generate-cache-key.outputs.key }} | |
- name: Cache OpenTracing | |
if: ${{ contains(matrix.FLAGS, 'USE_OT=1') }} | |
id: cache_ot | |
uses: actions/cache@v4 | |
with: | |
path: '~/opt-ot/' | |
key: ot-${{ matrix.CC }}-${{ env.OT_CPP_VERSION }}-${{ contains(matrix.name, 'ASAN') }} | |
- name: Install apt dependencies | |
if: ${{ startsWith(matrix.os, 'ubuntu-') }} | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y \ | |
liblua5.3-dev \ | |
libpcre2-dev \ | |
libsystemd-dev \ | |
ninja-build \ | |
socat | |
- name: Install brew dependencies | |
if: ${{ startsWith(matrix.os, 'macos-') }} | |
run: | | |
brew install socat | |
brew install lua | |
- name: Install VTest | |
run: | | |
scripts/build-vtest.sh | |
- name: Install SSL ${{ matrix.ssl }} | |
if: ${{ matrix.ssl && matrix.ssl != 'stock' && steps.cache_ssl.outputs.cache-hit != 'true' }} | |
run: env ${{ matrix.ssl }} scripts/build-ssl.sh | |
- name: Install OpenTracing libs | |
if: ${{ contains(matrix.FLAGS, 'USE_OT=1') && steps.cache_ot.outputs.cache-hit != 'true' }} | |
run: | | |
wget https://github.com/opentracing/opentracing-cpp/archive/v${OT_CPP_VERSION}.tar.gz | |
tar xf v${OT_CPP_VERSION}.tar.gz | |
cd opentracing-cpp-${OT_CPP_VERSION} | |
mkdir build | |
cd build | |
cmake -DCMAKE_INSTALL_PREFIX=${HOME}/opt-ot -DBUILD_STATIC_LIBS=OFF -DBUILD_MOCKTRACER=OFF -DBUILD_TESTING=OFF .. | |
make -j$(nproc) | |
make install | |
git clone https://github.com/haproxytech/opentracing-c-wrapper.git | |
cd opentracing-c-wrapper | |
./scripts/bootstrap | |
./configure --prefix=${HOME}/opt-ot --with-opentracing=${HOME}/opt-ot | |
make -j$(nproc) | |
make install | |
- name: Build WURFL | |
if: ${{ contains(matrix.FLAGS, 'USE_WURFL=1') }} | |
run: make -C addons/wurfl/dummy | |
- name: Compile HAProxy with ${{ matrix.CC }} | |
run: | | |
echo "::group::Show compiler's version" | |
echo | ${{ matrix.CC }} -v | |
echo "::endgroup::" | |
echo "::group::Show platform specific defines" | |
echo | ${{ matrix.CC }} -dM -xc -E - | |
echo "::endgroup::" | |
make -j$(nproc) all \ | |
ERR=1 \ | |
TARGET=${{ matrix.TARGET }} \ | |
CC=${{ matrix.CC }} \ | |
DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \ | |
${{ join(matrix.FLAGS, ' ') }} \ | |
ADDLIB="-Wl,-rpath,/usr/local/lib/ -Wl,-rpath,$HOME/opt/lib/" | |
sudo make install | |
- name: Show HAProxy version | |
id: show-version | |
run: | | |
echo "::group::Show dynamic libraries." | |
if command -v ldd > /dev/null; then | |
# Linux | |
ldd $(which haproxy) | |
else | |
# macOS | |
otool -L $(which haproxy) | |
fi | |
echo "::endgroup::" | |
haproxy -vv | |
echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT | |
- name: Install problem matcher for VTest | |
# This allows one to more easily see which tests fail. | |
run: echo "::add-matcher::.github/vtest.json" | |
- name: Run VTest for HAProxy ${{ steps.show-version.outputs.version }} | |
id: vtest | |
# sudo is required, because macOS fails due to an open files limit. | |
run: sudo make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel | |
- name: Show results | |
if: ${{ failure() }} | |
# The chmod / sudo is necessary due to the `sudo` while running the tests. | |
run: | | |
sudo chmod a+rX ${TMPDIR}/haregtests-*/ | |
for folder in ${TMPDIR}/haregtests-*/vtc.*; do | |
printf "::group::" | |
cat $folder/INFO | |
cat $folder/LOG | |
echo "::endgroup::" | |
done | |
shopt -s nullglob | |
for asan in asan.log*; do | |
echo "::group::$asan" | |
sudo cat $asan | |
echo "::endgroup::" | |
done | |
exit 1 |