Skip to content

BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0 #1478

BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0

BUG/MINOR: ssl: can't load a separated key file with openssl > 3.0 #1478

Workflow file for this run

# Copyright 2019 Ilya Shipitsin <[email protected]>
# Copyright 2020 Tim Duesterhus <[email protected]>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version
# 2 of the License, or (at your option) any later version.
name: VTest
on:
push:
jobs:
# The generate-matrix job generates the build matrix using JSON output
# generated by .github/matrix.py.
generate-matrix:
name: Generate Build Matrix
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- name: Generate Build Matrix
id: set-matrix
run: python3 .github/matrix.py "${{ github.event_name }}"
# The Test job actually runs the tests.
Test:
name: ${{ matrix.name }}
needs: generate-matrix
runs-on: ${{ matrix.os }}
strategy:
matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }}
fail-fast: false
env:
# Configure a short TMPDIR to prevent failures due to long unix socket
# paths.
TMPDIR: /tmp
# Force ASAN output into asan.log to make the output more readable.
ASAN_OPTIONS: log_path=asan.log
OT_CPP_VERSION: 1.5.0
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 100
#
# Github Action cache key cannot contain comma, so we calculate it based on job name
#
- name: Generate cache key
id: generate-cache-key
run: |
echo "key=$(echo ${{ matrix.name }} | sha256sum | awk '{print $1}')" >> $GITHUB_OUTPUT
- name: Cache SSL libs
if: ${{ matrix.ssl && matrix.ssl != 'stock' && matrix.ssl != 'BORINGSSL=yes' && matrix.ssl != 'QUICTLS=yes' }}
id: cache_ssl
uses: actions/cache@v4
with:
path: '~/opt/'
key: ssl-${{ steps.generate-cache-key.outputs.key }}
- name: Cache OpenTracing
if: ${{ contains(matrix.FLAGS, 'USE_OT=1') }}
id: cache_ot
uses: actions/cache@v4
with:
path: '~/opt-ot/'
key: ot-${{ matrix.CC }}-${{ env.OT_CPP_VERSION }}-${{ contains(matrix.name, 'ASAN') }}
- name: Install apt dependencies
if: ${{ startsWith(matrix.os, 'ubuntu-') }}
run: |
sudo apt-get update
sudo apt-get install -y \
liblua5.3-dev \
libpcre2-dev \
libsystemd-dev \
ninja-build \
socat
- name: Install brew dependencies
if: ${{ startsWith(matrix.os, 'macos-') }}
run: |
brew install socat
brew install lua
- name: Install VTest
run: |
scripts/build-vtest.sh
- name: Install SSL ${{ matrix.ssl }}
if: ${{ matrix.ssl && matrix.ssl != 'stock' && steps.cache_ssl.outputs.cache-hit != 'true' }}
run: env ${{ matrix.ssl }} scripts/build-ssl.sh
- name: Install OpenTracing libs
if: ${{ contains(matrix.FLAGS, 'USE_OT=1') && steps.cache_ot.outputs.cache-hit != 'true' }}
run: |
wget https://github.com/opentracing/opentracing-cpp/archive/v${OT_CPP_VERSION}.tar.gz
tar xf v${OT_CPP_VERSION}.tar.gz
cd opentracing-cpp-${OT_CPP_VERSION}
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=${HOME}/opt-ot -DBUILD_STATIC_LIBS=OFF -DBUILD_MOCKTRACER=OFF -DBUILD_TESTING=OFF ..
make -j$(nproc)
make install
git clone https://github.com/haproxytech/opentracing-c-wrapper.git
cd opentracing-c-wrapper
./scripts/bootstrap
./configure --prefix=${HOME}/opt-ot --with-opentracing=${HOME}/opt-ot
make -j$(nproc)
make install
- name: Build WURFL
if: ${{ contains(matrix.FLAGS, 'USE_WURFL=1') }}
run: make -C addons/wurfl/dummy
- name: Compile HAProxy with ${{ matrix.CC }}
run: |
echo "::group::Show compiler's version"
echo | ${{ matrix.CC }} -v
echo "::endgroup::"
echo "::group::Show platform specific defines"
echo | ${{ matrix.CC }} -dM -xc -E -
echo "::endgroup::"
make -j$(nproc) all \
ERR=1 \
TARGET=${{ matrix.TARGET }} \
CC=${{ matrix.CC }} \
DEBUG="-DDEBUG_STRICT -DDEBUG_MEMORY_POOLS -DDEBUG_POOL_INTEGRITY" \
${{ join(matrix.FLAGS, ' ') }} \
ADDLIB="-Wl,-rpath,/usr/local/lib/ -Wl,-rpath,$HOME/opt/lib/"
sudo make install
- name: Show HAProxy version
id: show-version
run: |
echo "::group::Show dynamic libraries."
if command -v ldd > /dev/null; then
# Linux
ldd $(which haproxy)
else
# macOS
otool -L $(which haproxy)
fi
echo "::endgroup::"
haproxy -vv
echo "version=$(haproxy -v |awk 'NR==1{print $3}')" >> $GITHUB_OUTPUT
- name: Install problem matcher for VTest
# This allows one to more easily see which tests fail.
run: echo "::add-matcher::.github/vtest.json"
- name: Run VTest for HAProxy ${{ steps.show-version.outputs.version }}
id: vtest
# sudo is required, because macOS fails due to an open files limit.
run: sudo make reg-tests VTEST_PROGRAM=../vtest/vtest REGTESTS_TYPES=default,bug,devel
- name: Show results
if: ${{ failure() }}
# The chmod / sudo is necessary due to the `sudo` while running the tests.
run: |
sudo chmod a+rX ${TMPDIR}/haregtests-*/
for folder in ${TMPDIR}/haregtests-*/vtc.*; do
printf "::group::"
cat $folder/INFO
cat $folder/LOG
echo "::endgroup::"
done
shopt -s nullglob
for asan in asan.log*; do
echo "::group::$asan"
sudo cat $asan
echo "::endgroup::"
done
exit 1