1# Copyright 2021-2024 The OpenSSL Project Authors. All Rights Reserved. 2# 3# Licensed under the Apache License 2.0 (the "License"). You may not use 4# this file except in compliance with the License. You can obtain a copy 5# in the file LICENSE in the source distribution or at 6# https://www.openssl.org/source/license.html 7 8name: OS Zoo CI 9 10on: 11 schedule: 12 - cron: '0 5 * * *' 13 14permissions: 15 contents: read 16 17jobs: 18 alpine: 19 strategy: 20 fail-fast: false 21 matrix: 22 tag: [edge, latest] 23 cc: [gcc, clang] 24 branch: [openssl-3.0, openssl-3.1, master] 25 runs-on: ubuntu-latest 26 container: 27 image: docker.io/library/alpine:${{ matrix.tag }} 28 env: 29 # See https://www.openwall.com/lists/musl/2022/02/16/14 30 # for the reason why -Wno-sign-compare is needed with clang 31 # -Wno-stringop-overflow is needed to silence a bogus 32 # warning on new fortify-headers with gcc 33 EXTRA_CFLAGS: ${{ matrix.cc == 'clang' && '-Wno-sign-compare' || matrix.tag == 'edge' && '-Wno-stringop-overflow' || '' }} 34 CC: ${{ matrix.cc }} 35 steps: 36 - name: install packages 37 run: apk --no-cache add build-base perl linux-headers ${{ matrix.cc }} 38 - uses: actions/checkout@v4 39 with: 40 ref: ${{ matrix.branch }} 41 - name: config 42 run: | 43 ./config --banner=Configured no-shared -Wall -Werror enable-fips --strict-warnings \ 44 ${EXTRA_CFLAGS} 45 - name: config dump 46 run: ./configdata.pm --dump 47 - name: make 48 run: make -s -j4 49 - name: get cpu info 50 run: | 51 cat /proc/cpuinfo 52 ./util/opensslwrap.sh version -c 53 - name: make test 54 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 55 56 linux: 57 strategy: 58 fail-fast: false 59 matrix: 60 branch: [openssl-3.0, openssl-3.1, master] 61 zoo: 62 - image: docker.io/library/debian:10 63 install: apt-get update && apt-get install -y gcc make perl 64 - image: docker.io/library/debian:11 65 install: apt-get update && apt-get install -y gcc make perl 66 - image: docker.io/library/debian:12 67 install: apt-get update && apt-get install -y gcc make perl 68 - image: docker.io/library/ubuntu:20.04 69 install: apt-get update && apt-get install -y gcc make perl 70 - image: docker.io/library/ubuntu:22.04 71 install: apt-get update && apt-get install -y gcc make perl 72 - image: docker.io/library/fedora:38 73 install: dnf install -y gcc make perl-core 74 - image: docker.io/library/fedora:39 75 install: dnf install -y gcc make perl-core 76 - image: docker.io/library/centos:8 77 install: | 78 sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-* && \ 79 sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-* && \ 80 dnf install -y gcc make perl-core 81 - image: docker.io/library/rockylinux:8 82 install: dnf install -y gcc make perl-core 83 - image: docker.io/library/rockylinux:9 84 install: dnf install -y gcc make perl-core 85 runs-on: ubuntu-latest 86 container: ${{ matrix.zoo.image }} 87 steps: 88 - uses: actions/checkout@v4 89 with: 90 ref: ${{ matrix.branch }} 91 - name: install packages 92 run: ${{ matrix.zoo.install }} 93 - name: config 94 run: ./config 95 - name: config dump 96 run: ./configdata.pm --dump 97 - name: make 98 run: make -j4 99 - name: get cpu info 100 run: | 101 cat /proc/cpuinfo 102 ./util/opensslwrap.sh version -c 103 - name: make test 104 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 105 106 macos: 107 strategy: 108 fail-fast: false 109 matrix: 110 branch: [openssl-3.0, openssl-3.1, master] 111 os: [macos-12, macos-13, macos-14] 112 runs-on: ${{ matrix.os }} 113 steps: 114 - uses: actions/checkout@v4 115 with: 116 ref: ${{ matrix.branch }} 117 - name: checkout fuzz/corpora submodule 118 run: git submodule update --init --depth 1 fuzz/corpora 119 - name: config 120 run: ./config --banner=Configured -Wall -Werror --strict-warnings enable-fips 121 - name: config dump 122 run: ./configdata.pm --dump 123 - name: make 124 run: make -s -j4 125 - name: get cpu info 126 run: | 127 sysctl machdep.cpu 128 ./util/opensslwrap.sh version -c 129 - name: make test 130 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 131 132 windows: 133 strategy: 134 fail-fast: false 135 matrix: 136 branch: [openssl-3.0, openssl-3.1, master] 137 os: [windows-2019, windows-2022] 138 runs-on: ${{ matrix.os }} 139 steps: 140 - uses: actions/checkout@v4 141 with: 142 ref: ${{ matrix.branch }} 143 - name: checkout fuzz/corpora submodule 144 run: git submodule update --init --depth 1 fuzz/corpora 145 - uses: ilammy/msvc-dev-cmd@v1 146 - uses: ilammy/setup-nasm@v1 147 - name: prepare the build directory 148 run: mkdir _build 149 - name: config 150 working-directory: _build 151 run: perl ..\Configure --banner=Configured no-makedepend enable-fips 152 - name: config dump 153 working-directory: _build 154 run: ./configdata.pm --dump 155 - name: build 156 working-directory: _build 157 run: nmake /S 158 - name: download coreinfo 159 uses: suisei-cn/actions-download-file@v1.6.0 160 with: 161 url: "https://download.sysinternals.com/files/Coreinfo.zip" 162 target: _build/coreinfo/ 163 - name: get cpu info 164 working-directory: _build 165 run: | 166 7z.exe x coreinfo/Coreinfo.zip 167 ./Coreinfo64.exe -accepteula -f 168 apps/openssl.exe version -c 169 - name: test 170 working-directory: _build 171 run: nmake test VERBOSE_FAILURE=yes HARNESS_JOBS=4 172 173 self-hosted: 174 strategy: 175 matrix: 176 os: [freebsd-13.2, ubuntu-arm64-22.04] 177 runs-on: ${{ matrix.os }}-self-hosted 178 continue-on-error: true 179 steps: 180 - uses: actions/checkout@v4 181 - name: config 182 run: ./config enable-fips enable-ec_nistp_64_gcc_128 enable-md2 enable-rc5 enable-ssl3 enable-ssl3-method enable-trace 183 - name: config dump 184 run: ./configdata.pm --dump 185 - name: make 186 run: make -j4 187 - name: get cpu info 188 run: ./util/opensslwrap.sh version -c 189 - name: make test 190 run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} 191
