1# Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved. 2# 3# Licensed under the Apache License 2.0 (the "License"). You may not use 4# this file except in compliance with the License. You can obtain a copy 5# in the file LICENSE in the source distribution or at 6# https://www.openssl.org/source/license.html 7 8name: OS Zoo CI 9 10on: 11 schedule: 12 - cron: '50 02 * * *' 13 workflow_dispatch: 14 15permissions: 16 contents: read 17 18jobs: 19 alpine: 20 strategy: 21 fail-fast: false 22 matrix: 23 tag: [edge, latest] 24 cc: [gcc, clang] 25 runs-on: ubuntu-latest 26 container: 27 image: docker.io/library/alpine:${{ matrix.tag }} 28 env: 29 # See https://www.openwall.com/lists/musl/2022/02/16/14 30 # for the reason why -Wno-sign-compare is needed with clang 31 # -Wno-stringop-overflow is needed to silence a bogus 32 # warning on new fortify-headers with gcc 33 EXTRA_CFLAGS: ${{ matrix.cc == 'clang' && '-Wno-sign-compare' || matrix.tag == 'edge' && '-Wno-stringop-overflow' || '' }} 34 CC: ${{ matrix.cc }} 35 steps: 36 - name: install packages 37 run: apk --no-cache add build-base perl linux-headers ${{ matrix.cc }} 38 - uses: actions/checkout@v4 39 - name: config 40 run: | 41 ./config --banner=Configured no-shared -Wall -Werror enable-fips --strict-warnings \ 42 ${EXTRA_CFLAGS} 43 - name: config dump 44 run: ./configdata.pm --dump 45 - name: make 46 run: make -s -j4 47 - name: get cpu info 48 run: | 49 cat /proc/cpuinfo 50 ./util/opensslwrap.sh version -c 51 - name: make test 52 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 53 54 linux: 55 strategy: 56 fail-fast: false 57 matrix: 58 zoo: 59 - image: docker.io/library/debian:10 60 install: apt-get update && apt-get install -y gcc make perl 61 - image: docker.io/library/debian:11 62 install: apt-get update && apt-get install -y gcc make perl 63 - image: docker.io/library/debian:12 64 install: apt-get update && apt-get install -y gcc make perl 65 - image: docker.io/library/ubuntu:20.04 66 install: apt-get update && apt-get install -y gcc make perl 67 - image: docker.io/library/ubuntu:22.04 68 install: apt-get update && apt-get install -y gcc make perl 69 - image: docker.io/library/fedora:38 70 install: dnf install -y gcc make perl-core 71 - image: docker.io/library/fedora:39 72 install: dnf install -y gcc make perl-core 73 - image: docker.io/library/centos:8 74 install: | 75 sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* && \ 76 sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* && \ 77 dnf install -y gcc make perl-core 78 - image: docker.io/library/rockylinux:8 79 install: dnf install -y gcc make perl-core 80 - image: docker.io/library/rockylinux:9 81 install: dnf install -y gcc make perl-core 82 runs-on: ubuntu-latest 83 container: ${{ matrix.zoo.image }} 84 steps: 85 - uses: actions/checkout@v4 86 - name: install packages 87 run: ${{ matrix.zoo.install }} 88 - name: config 89 run: ./config 90 - name: config dump 91 run: ./configdata.pm --dump 92 - name: make 93 run: make -j4 94 - name: get cpu info 95 run: | 96 cat /proc/cpuinfo 97 ./util/opensslwrap.sh version -c 98 - name: make test 99 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 100 101 macos: 102 strategy: 103 fail-fast: false 104 matrix: 105 os: [macos-13, macos-14, macos-15] 106 runs-on: ${{ matrix.os }} 107 steps: 108 - uses: actions/checkout@v4 109 - name: checkout fuzz/corpora submodule 110 run: git submodule update --init --depth 1 fuzz/corpora 111 - name: config 112 run: ./config --banner=Configured -Wall -Werror --strict-warnings enable-fips 113 - name: config dump 114 run: ./configdata.pm --dump 115 - name: make 116 run: make -s -j4 117 - name: get cpu info 118 run: | 119 sysctl machdep.cpu 120 ./util/opensslwrap.sh version -c 121 - name: make test 122 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 123 124 windows: 125 strategy: 126 fail-fast: false 127 matrix: 128 os: [windows-2019, windows-2022] 129 runs-on: ${{ matrix.os }} 130 steps: 131 - uses: actions/checkout@v4 132 - name: checkout fuzz/corpora submodule 133 run: git submodule update --init --depth 1 fuzz/corpora 134 - uses: ilammy/msvc-dev-cmd@v1 135 - uses: ilammy/setup-nasm@v1 136 - name: prepare the build directory 137 run: mkdir _build 138 - name: config 139 working-directory: _build 140 run: perl ..\Configure --banner=Configured no-makedepend enable-fips 141 - name: config dump 142 working-directory: _build 143 run: ./configdata.pm --dump 144 - name: build 145 working-directory: _build 146 run: nmake /S 147 - name: download coreinfo 148 uses: suisei-cn/actions-download-file@v1.6.0 149 with: 150 url: "https://download.sysinternals.com/files/Coreinfo.zip" 151 target: _build/coreinfo/ 152 - name: get cpu info 153 working-directory: _build 154 run: | 155 7z.exe x coreinfo/Coreinfo.zip 156 ./Coreinfo64.exe -accepteula -f 157 apps/openssl.exe version -c 158 - name: test 159 working-directory: _build 160 run: nmake test VERBOSE_FAILURE=yes HARNESS_JOBS=4 161 162 self-hosted: 163 strategy: 164 matrix: 165 os: [freebsd-13.2, ubuntu-arm64-22.04] 166 runs-on: ${{ matrix.os }}-self-hosted 167 continue-on-error: true 168 steps: 169 - uses: actions/checkout@v4 170 - name: config 171 run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace 172 - name: config dump 173 run: ./configdata.pm --dump 174 - name: make 175 run: make -j4 176 - name: get cpu info 177 run: ./util/opensslwrap.sh version -c 178 - name: make test 179 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 180
