1# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 2# 3# SPDX-License-Identifier: curl 4 5name: Linux HTTP/3 6 7'on': 8 push: 9 branches: 10 - master 11 - '*/ci' 12 paths-ignore: 13 - '**/*.md' 14 - '**/CMakeLists.txt' 15 - '.circleci/**' 16 - 'appveyor.*' 17 - 'CMake/**' 18 - 'packages/**' 19 - 'plan9/**' 20 - 'projects/**' 21 - 'winbuild/**' 22 pull_request: 23 branches: 24 - master 25 paths-ignore: 26 - '**/*.md' 27 - '**/CMakeLists.txt' 28 - '.circleci/**' 29 - 'appveyor.*' 30 - 'CMake/**' 31 - 'packages/**' 32 - 'plan9/**' 33 - 'projects/**' 34 - 'winbuild/**' 35 36concurrency: 37 # Hardcoded workflow filename as workflow name above is just Linux again 38 group: http3-${{ github.event.pull_request.number || github.sha }} 39 cancel-in-progress: true 40 41permissions: {} 42 43env: 44 MAKEFLAGS: -j 5 45 # handled in renovate.json 46 openssl3-version: openssl-3.3.0 47 # unhandled 48 quictls-version: 3.1.4+quic 49 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com 50 gnutls-version: 3.8.7 51 wolfssl-version: master 52 # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com 53 nghttp3-version: 1.5.0 54 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com 55 ngtcp2-version: 1.7.0 56 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com 57 nghttp2-version: 1.62.1 58 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com 59 quiche-version: 0.22.0 60 # renovate: datasource=github-tags depName=icing/mod_h2 versioning=semver registryUrl=https://github.com 61 mod_h2-version: 2.0.29 62 63jobs: 64 setup: 65 runs-on: ubuntu-latest 66 outputs: 67 wolfssl-version: ${{ steps.wolfssl-version.outputs.result }} 68 69 steps: 70 - id: wolfssl-version 71 uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 72 with: 73 result-encoding: string 74 script: | 75 let version = '${{ env.wolfssl-version }}' 76 77 if (version != 'master') { 78 return version 79 } 80 81 let { data: commits } = await github.rest.repos.listCommits({ 82 owner: 'wolfSSL', 83 repo: 'wolfssl', 84 }) 85 86 return commits[0].sha 87 88 build-cache: 89 needs: 90 - setup 91 runs-on: ubuntu-latest 92 93 steps: 94 - name: cache quictls 95 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 96 id: cache-quictls-no-deprecated 97 env: 98 cache-name: cache-quictls-no-deprecated 99 with: 100 path: /home/runner/quictls/build 101 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }} 102 103 - name: cache gnutls 104 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 105 id: cache-gnutls 106 env: 107 cache-name: cache-gnutls 108 with: 109 path: /home/runner/gnutls/build 110 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} 111 112 - name: cache wolfssl 113 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 114 id: cache-wolfssl 115 env: 116 cache-name: cache-wolfssl 117 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 118 with: 119 path: /home/runner/wolfssl/build 120 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} 121 122 - name: cache nghttp3 123 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 124 id: cache-nghttp3 125 env: 126 cache-name: cache-nghttp3 127 with: 128 path: /home/runner/nghttp3/build 129 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} 130 131 - name: cache ngtcp2 132 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 133 id: cache-ngtcp2 134 env: 135 cache-name: cache-ngtcp2 136 with: 137 path: /home/runner/ngtcp2/build 138 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} 139 140 - name: cache nghttp2 141 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 142 id: cache-nghttp2 143 env: 144 cache-name: cache-nghttp2 145 with: 146 path: /home/runner/nghttp2/build 147 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} 148 149 - id: settings 150 if: | 151 steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' || 152 steps.cache-gnutls.outputs.cache-hit != 'true' || 153 steps.cache-wolfssl.outputs.cache-hit != 'true' || 154 steps.cache-nghttp3.outputs.cache-hit != 'true' || 155 steps.cache-ngtcp2.outputs.cache-hit != 'true' || 156 steps.cache-nghttp2.outputs.cache-hit != 'true' 157 run: | 158 echo 'needs-build=true' >> $GITHUB_OUTPUT 159 160 - name: install build prerequisites 161 if: steps.settings.outputs.needs-build == 'true' 162 run: | 163 sudo apt-get install libtool autoconf automake pkgconf stunnel4 \ 164 libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ 165 nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ 166 libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ 167 texinfo texlive texlive-extra-utils autopoint libev-dev \ 168 apache2 apache2-dev libnghttp2-dev 169 echo 'CC=gcc-12' >> $GITHUB_ENV 170 echo 'CXX=g++-12' >> $GITHUB_ENV 171 172 - if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' 173 run: | 174 cd $HOME 175 git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }} https://github.com/quictls/openssl quictls 176 cd quictls 177 ./config no-deprecated --prefix=$PWD/build --libdir=lib 178 make 179 make -j1 install_sw 180 name: 'build quictls' 181 182 - if: steps.cache-gnutls.outputs.cache-hit != 'true' 183 run: | 184 cd $HOME 185 git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git 186 cd gnutls 187 ./bootstrap 188 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 189 LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ 190 --with-included-libtasn1 --with-included-unistring \ 191 --disable-guile --disable-doc --disable-tests --disable-tools 192 make 193 make install 194 name: 'build gnutls' 195 196 - if: steps.cache-wolfssl.outputs.cache-hit != 'true' 197 env: 198 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 199 run: | 200 cd $HOME 201 mkdir wolfssl 202 cd wolfssl 203 git init 204 git remote add origin https://github.com/wolfSSL/wolfssl.git 205 git fetch origin --depth=1 ${{ env.wolfssl-version }} 206 git checkout ${{ env.wolfssl-version }} 207 ./autogen.sh 208 ./configure --disable-dependency-tracking --enable-all --enable-quic --prefix=$PWD/build 209 make 210 make install 211 name: 'build wolfssl' 212 213 - if: steps.cache-nghttp3.outputs.cache-hit != 'true' 214 run: | 215 cd $HOME 216 git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 217 cd nghttp3 218 git submodule update --init 219 autoreconf -fi 220 ./configure --disable-dependency-tracking --prefix=$PWD/build PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" --enable-lib-only 221 make 222 make install 223 name: 'build nghttp3' 224 225 - if: steps.cache-ngtcp2.outputs.cache-hit != 'true' 226 run: | 227 cd $HOME 228 git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 229 cd ngtcp2 230 autoreconf -fi 231 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 232 PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig" \ 233 --enable-lib-only --with-openssl --with-gnutls --with-wolfssl 234 make install 235 name: 'build ngtcp2' 236 237 - if: steps.cache-nghttp2.outputs.cache-hit != 'true' 238 run: | 239 cd $HOME 240 git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 241 cd nghttp2 242 autoreconf -fi 243 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 244 PKG_CONFIG_PATH="$HOME/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ 245 LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ 246 --enable-http3 247 make install 248 name: 'build nghttp2' 249 250 autotools: 251 name: ${{ matrix.build.name }} 252 needs: 253 - setup 254 - build-cache 255 runs-on: 'ubuntu-latest' 256 timeout-minutes: 60 257 strategy: 258 fail-fast: false 259 matrix: 260 build: 261 - name: quictls 262 configure: >- 263 PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" 264 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm 265 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 266 --with-openssl=$HOME/quictls/build 267 - name: gnutls 268 configure: >- 269 PKG_CONFIG_PATH="$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" 270 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug 271 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 272 --with-gnutls=$HOME/gnutls/build 273 - name: wolfssl 274 configure: >- 275 PKG_CONFIG_PATH="$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" 276 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug 277 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 278 --with-wolfssl=$HOME/wolfssl/build 279 - name: openssl-quic 280 configure: >- 281 PKG_CONFIG_PATH="$HOME/openssl3/build/lib64/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/openssl3/build/lib64" 282 --enable-warnings --enable-werror --enable-debug --disable-ntlm 283 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 284 --with-openssl=$HOME/openssl3/build --with-openssl-quic 285 --with-nghttp3=$HOME/nghttp3/build 286 - name: quiche 287 configure: >- 288 LDFLAGS="-Wl,-rpath,/home/runner/quiche/target/release" 289 --with-openssl=/home/runner/quiche/quiche/deps/boringssl/src 290 --enable-warnings --enable-werror --enable-debug 291 --with-quiche=/home/runner/quiche/target/release 292 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 293 --with-ca-fallback 294 295 steps: 296 - run: | 297 sudo apt-get install libtool autoconf automake pkgconf stunnel4 \ 298 libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ 299 nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ 300 libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ 301 texinfo texlive texlive-extra-utils autopoint libev-dev \ 302 apache2 apache2-dev libnghttp2-dev vsftpd 303 echo 'CC=gcc-12' >> $GITHUB_ENV 304 echo 'CXX=g++-12' >> $GITHUB_ENV 305 name: 'install prereqs and impacket, pytest, crypto, apache2' 306 307 - name: cache quictls 308 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 309 id: cache-quictls-no-deprecated 310 env: 311 cache-name: cache-quictls-no-deprecated 312 with: 313 path: /home/runner/quictls/build 314 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }} 315 fail-on-cache-miss: true 316 317 - name: cache gnutls 318 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 319 id: cache-gnutls 320 env: 321 cache-name: cache-gnutls 322 with: 323 path: /home/runner/gnutls/build 324 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} 325 fail-on-cache-miss: true 326 327 - name: cache wolfssl 328 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 329 id: cache-wolfssl 330 env: 331 cache-name: cache-wolfssl 332 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 333 with: 334 path: /home/runner/wolfssl/build 335 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} 336 fail-on-cache-miss: true 337 338 - name: cache nghttp3 339 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 340 id: cache-nghttp3 341 env: 342 cache-name: cache-nghttp3 343 with: 344 path: /home/runner/nghttp3/build 345 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} 346 fail-on-cache-miss: true 347 348 - name: cache ngtcp2 349 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 350 id: cache-ngtcp2 351 env: 352 cache-name: cache-ngtcp2 353 with: 354 path: /home/runner/ngtcp2/build 355 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} 356 fail-on-cache-miss: true 357 358 - name: cache nghttp2 359 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 360 id: cache-nghttp2 361 env: 362 cache-name: cache-nghttp2 363 with: 364 path: /home/runner/nghttp2/build 365 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} 366 fail-on-cache-miss: true 367 368 - name: cache openssl3 369 if: matrix.build.name == 'openssl-quic' 370 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 371 id: cache-openssl3 372 env: 373 cache-name: cache-openssl3 374 with: 375 path: /home/runner/openssl3/build 376 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl3-version }} 377 378 - name: 'install openssl3' 379 if: matrix.build.name == 'openssl-quic' && steps.cache-openssl3.outputs.cache-hit != 'true' 380 run: | 381 git clone --quiet --depth=1 -b ${{ env.openssl3-version }} https://github.com/openssl/openssl 382 cd openssl 383 ./config --prefix=$HOME/openssl3/build 384 make -j1 install_sw 385 cat exporters/openssl.pc 386 387 - name: cache quiche 388 if: matrix.build.name == 'quiche' 389 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 390 id: cache-quiche 391 env: 392 cache-name: cache-quiche 393 with: 394 path: /home/runner/quiche 395 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-quiche-${{ env.quiche-version }} 396 397 - if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' 398 run: | 399 cd $HOME 400 git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git 401 cd quiche 402 #### Work-around https://github.com/curl/curl/issues/7927 ####### 403 #### See https://github.com/alexcrichton/cmake-rs/issues/131 #### 404 sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml 405 406 cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose 407 ln -s libquiche.so target/release/libquiche.so.0 408 mkdir -v quiche/deps/boringssl/src/lib 409 ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ 410 411 # include dir 412 # /home/runner/quiche/quiche/deps/boringssl/src/include 413 # lib dir 414 # /home/runner/quiche/quiche/deps/boringssl/src/lib 415 name: 'build quiche and boringssl' 416 417 - name: cache mod_h2 418 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 419 id: cache-mod_h2 420 env: 421 cache-name: cache-mod_h2 422 with: 423 path: /home/runner/mod_h2 424 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.mod_h2-version }} 425 426 - if: steps.cache-mod_h2.outputs.cache-hit != 'true' 427 run: | 428 cd $HOME 429 git clone --quiet --depth=1 -b v${{ env.mod_h2-version }} https://github.com/icing/mod_h2 430 cd mod_h2 431 autoreconf -fi 432 ./configure 433 make 434 name: 'build mod_h2' 435 436 - run: | 437 cd $HOME/mod_h2 438 sudo make install 439 name: 'install mod_h2' 440 441 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 442 443 - run: | 444 sudo python3 -m pip install -r tests/requirements.txt -r tests/http/requirements.txt 445 name: 'install python test prereqs' 446 447 - run: autoreconf -fi 448 name: 'autoreconf' 449 450 - run: ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles ${{ matrix.build.configure }} 451 name: 'configure' 452 453 - run: make V=1 454 name: 'make' 455 456 - run: make V=1 -C tests 457 name: 'make tests' 458 459 - run: make V=1 test-ci 460 name: 'run tests' 461 env: 462 TFLAGS: "${{ matrix.build.tflags }}" 463 464 - run: pytest -v tests/http 465 name: 'run pytest' 466 env: 467 TFLAGS: "${{ matrix.build.tflags }}" 468 CURL_CI: github 469 470 - run: make V=1 examples 471 name: 'make examples' 472