1# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 2# 3# SPDX-License-Identifier: curl 4 5name: http3-linux 6 7on: 8 push: 9 branches: 10 - master 11 - '*/ci' 12 paths-ignore: 13 - '**/*.md' 14 - '**/CMakeLists.txt' 15 - '.azure-pipelines.yml' 16 - '.circleci/**' 17 - '.cirrus.yml' 18 - 'appveyor.*' 19 - 'CMake/**' 20 - 'packages/**' 21 - 'plan9/**' 22 - 'projects/**' 23 - 'winbuild/**' 24 pull_request: 25 branches: 26 - master 27 paths-ignore: 28 - '**/*.md' 29 - '**/CMakeLists.txt' 30 - '.azure-pipelines.yml' 31 - '.circleci/**' 32 - '.cirrus.yml' 33 - 'appveyor.*' 34 - 'CMake/**' 35 - 'packages/**' 36 - 'plan9/**' 37 - 'projects/**' 38 - 'winbuild/**' 39 40concurrency: 41 # Hardcoded workflow filename as workflow name above is just Linux again 42 group: http3-${{ github.event.pull_request.number || github.sha }} 43 cancel-in-progress: true 44 45permissions: {} 46 47env: 48 MAKEFLAGS: -j 5 49 # handled in renovate.json 50 openssl3-version: openssl-3.3.0 51 # unhandled 52 quictls-version: 3.1.4+quic 53 # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com 54 gnutls-version: 3.8.5 55 wolfssl-version: master 56 # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com 57 nghttp3-version: 1.4.0 58 # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com 59 ngtcp2-version: 1.6.0 60 # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com 61 nghttp2-version: 1.62.1 62 # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com 63 quiche-version: 0.21.0 64 # renovate: datasource=github-tags depName=icing/mod_h2 versioning=semver registryUrl=https://github.com 65 mod_h2-version: 2.0.27 66 67jobs: 68 setup: 69 runs-on: ubuntu-latest 70 outputs: 71 wolfssl-version: ${{ steps.wolfssl-version.outputs.result }} 72 73 steps: 74 - id: wolfssl-version 75 uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7 76 with: 77 result-encoding: string 78 script: | 79 let version = '${{ env.wolfssl-version }}' 80 81 if (version != 'master') { 82 return version 83 } 84 85 let { data: commits } = await github.rest.repos.listCommits({ 86 owner: 'wolfSSL', 87 repo: 'wolfssl', 88 }) 89 90 return commits[0].sha 91 92 build-cache: 93 needs: 94 - setup 95 runs-on: ubuntu-latest 96 97 steps: 98 - name: cache quictls 99 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 100 id: cache-quictls-no-deprecated 101 env: 102 cache-name: cache-quictls-no-deprecated 103 with: 104 path: /home/runner/quictls/build 105 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }} 106 107 - name: cache gnutls 108 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 109 id: cache-gnutls 110 env: 111 cache-name: cache-gnutls 112 with: 113 path: /home/runner/gnutls/build 114 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} 115 116 - name: cache wolfssl 117 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 118 id: cache-wolfssl 119 env: 120 cache-name: cache-wolfssl 121 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 122 with: 123 path: /home/runner/wolfssl/build 124 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} 125 126 - name: cache nghttp3 127 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 128 id: cache-nghttp3 129 env: 130 cache-name: cache-nghttp3 131 with: 132 path: /home/runner/nghttp3/build 133 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} 134 135 - name: cache ngtcp2 136 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 137 id: cache-ngtcp2 138 env: 139 cache-name: cache-ngtcp2 140 with: 141 path: /home/runner/ngtcp2/build 142 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} 143 144 - name: cache nghttp2 145 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 146 id: cache-nghttp2 147 env: 148 cache-name: cache-nghttp2 149 with: 150 path: /home/runner/nghttp2/build 151 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} 152 153 - id: settings 154 if: | 155 steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' || 156 steps.cache-gnutls.outputs.cache-hit != 'true' || 157 steps.cache-wolfssl.outputs.cache-hit != 'true' || 158 steps.cache-nghttp3.outputs.cache-hit != 'true' || 159 steps.cache-ngtcp2.outputs.cache-hit != 'true' || 160 steps.cache-nghttp2.outputs.cache-hit != 'true' 161 run: | 162 echo 'needs-build=true' >> $GITHUB_OUTPUT 163 164 - name: install build prerequisites 165 if: steps.settings.outputs.needs-build == 'true' 166 run: | 167 sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list 168 sudo apt-get update 169 sudo apt-get install libtool autoconf automake pkg-config stunnel4 \ 170 libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ 171 nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ 172 libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ 173 texinfo texlive texlive-extra-utils autopoint libev-dev \ 174 apache2 apache2-dev libnghttp2-dev 175 echo 'CC=gcc-12' >> $GITHUB_ENV 176 echo 'CXX=g++-12' >> $GITHUB_ENV 177 178 - if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' 179 run: | 180 cd $HOME 181 git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }} https://github.com/quictls/openssl quictls 182 cd quictls 183 ./config no-deprecated --prefix=$PWD/build --libdir=$PWD/build/lib 184 make 185 make -j1 install_sw 186 name: 'build quictls' 187 188 - if: steps.cache-gnutls.outputs.cache-hit != 'true' 189 run: | 190 cd $HOME 191 git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git 192 cd gnutls 193 ./bootstrap 194 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 195 LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \ 196 --with-included-libtasn1 --with-included-unistring \ 197 --disable-guile --disable-doc --disable-tests --disable-tools 198 make 199 make install 200 name: 'build gnutls' 201 202 - if: steps.cache-wolfssl.outputs.cache-hit != 'true' 203 env: 204 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 205 run: | 206 cd $HOME 207 mkdir wolfssl 208 cd wolfssl 209 git init 210 git remote add origin https://github.com/wolfSSL/wolfssl.git 211 git fetch origin --depth=1 ${{ env.wolfssl-version }} 212 git checkout ${{ env.wolfssl-version }} 213 ./autogen.sh 214 ./configure --disable-dependency-tracking --enable-all --enable-quic --prefix=$PWD/build 215 make 216 make install 217 name: 'build wolfssl' 218 219 - if: steps.cache-nghttp3.outputs.cache-hit != 'true' 220 run: | 221 cd $HOME 222 git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3 223 cd nghttp3 224 git submodule update --init 225 autoreconf -fi 226 ./configure --disable-dependency-tracking --prefix=$PWD/build PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" --enable-lib-only 227 make 228 make install 229 name: 'build nghttp3' 230 231 - if: steps.cache-ngtcp2.outputs.cache-hit != 'true' 232 run: | 233 cd $HOME 234 git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2 235 cd ngtcp2 236 autoreconf -fi 237 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 238 PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig" \ 239 --enable-lib-only --with-openssl --with-gnutls --with-wolfssl 240 make install 241 name: 'build ngtcp2' 242 243 - if: steps.cache-nghttp2.outputs.cache-hit != 'true' 244 run: | 245 cd $HOME 246 git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2 247 cd nghttp2 248 autoreconf -fi 249 ./configure --disable-dependency-tracking --prefix=$PWD/build \ 250 PKG_CONFIG_PATH="$HOME/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \ 251 LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \ 252 --enable-http3 253 make install 254 name: 'build nghttp2' 255 256 autotools: 257 name: ${{ matrix.build.name }} 258 needs: 259 - setup 260 - build-cache 261 runs-on: 'ubuntu-latest' 262 timeout-minutes: 60 263 strategy: 264 fail-fast: false 265 matrix: 266 build: 267 - name: quictls 268 configure: >- 269 PKG_CONFIG_PATH="$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" 270 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm 271 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 272 --with-openssl=$HOME/quictls/build 273 - name: gnutls 274 configure: >- 275 PKG_CONFIG_PATH="$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib" 276 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug 277 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 278 --with-gnutls=$HOME/gnutls/build 279 - name: wolfssl 280 configure: >- 281 PKG_CONFIG_PATH="$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib" 282 --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug 283 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 284 --with-wolfssl=$HOME/wolfssl/build 285 - name: openssl-quic 286 configure: >- 287 PKG_CONFIG_PATH="$HOME/openssl3/build/lib64/pkgconfig" LDFLAGS="-Wl,-rpath,$HOME/openssl3/build/lib64" 288 --enable-warnings --enable-werror --enable-debug --disable-ntlm 289 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 290 --with-openssl=$HOME/openssl3/build --with-openssl-quic 291 --with-nghttp3=$HOME/nghttp3/build 292 - name: quiche 293 configure: >- 294 LDFLAGS="-Wl,-rpath,/home/runner/quiche/target/release" 295 --with-openssl=/home/runner/quiche/quiche/deps/boringssl/src 296 --enable-debug 297 --with-quiche=/home/runner/quiche/target/release 298 --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx" 299 --with-ca-fallback 300 301 steps: 302 - run: | 303 sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list 304 sudo apt-get update 305 sudo apt-get install libtool autoconf automake pkg-config stunnel4 \ 306 libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \ 307 nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \ 308 libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \ 309 texinfo texlive texlive-extra-utils autopoint libev-dev \ 310 apache2 apache2-dev libnghttp2-dev vsftpd 311 echo 'CC=gcc-12' >> $GITHUB_ENV 312 echo 'CXX=g++-12' >> $GITHUB_ENV 313 name: 'install prereqs and impacket, pytest, crypto, apache2' 314 315 - name: cache quictls 316 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 317 id: cache-quictls-no-deprecated 318 env: 319 cache-name: cache-quictls-no-deprecated 320 with: 321 path: /home/runner/quictls/build 322 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }} 323 fail-on-cache-miss: true 324 325 - name: cache gnutls 326 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 327 id: cache-gnutls 328 env: 329 cache-name: cache-gnutls 330 with: 331 path: /home/runner/gnutls/build 332 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }} 333 fail-on-cache-miss: true 334 335 - name: cache wolfssl 336 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 337 id: cache-wolfssl 338 env: 339 cache-name: cache-wolfssl 340 wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }} 341 with: 342 path: /home/runner/wolfssl/build 343 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }} 344 fail-on-cache-miss: true 345 346 - name: cache nghttp3 347 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 348 id: cache-nghttp3 349 env: 350 cache-name: cache-nghttp3 351 with: 352 path: /home/runner/nghttp3/build 353 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }} 354 fail-on-cache-miss: true 355 356 - name: cache ngtcp2 357 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 358 id: cache-ngtcp2 359 env: 360 cache-name: cache-ngtcp2 361 with: 362 path: /home/runner/ngtcp2/build 363 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }} 364 fail-on-cache-miss: true 365 366 - name: cache nghttp2 367 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 368 id: cache-nghttp2 369 env: 370 cache-name: cache-nghttp2 371 with: 372 path: /home/runner/nghttp2/build 373 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }} 374 fail-on-cache-miss: true 375 376 - name: cache openssl3 377 if: matrix.build.name == 'openssl-quic' 378 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 379 id: cache-openssl3 380 env: 381 cache-name: cache-openssl3 382 with: 383 path: /home/runner/openssl3/build 384 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl3-version }} 385 386 - name: 'install openssl3' 387 if: matrix.build.name == 'openssl-quic' && steps.cache-openssl3.outputs.cache-hit != 'true' 388 run: | 389 git clone --quiet --depth=1 -b ${{ env.openssl3-version }} https://github.com/openssl/openssl 390 cd openssl 391 ./config --prefix=$HOME/openssl3/build 392 make -j1 install_sw 393 cat exporters/openssl.pc 394 395 - name: cache quiche 396 if: matrix.build.name == 'quiche' 397 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 398 id: cache-quiche 399 env: 400 cache-name: cache-quiche 401 with: 402 path: /home/runner/quiche 403 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-quiche-${{ env.quiche-version }} 404 405 - if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true' 406 run: | 407 cd $HOME 408 git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git 409 cd quiche 410 #### Work-around https://github.com/curl/curl/issues/7927 ####### 411 #### See https://github.com/alexcrichton/cmake-rs/issues/131 #### 412 sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml 413 414 cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose 415 mkdir -v quiche/deps/boringssl/src/lib 416 ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/ 417 418 # include dir 419 # /home/runner/quiche/quiche/deps/boringssl/src/include 420 # lib dir 421 # /home/runner/quiche/quiche/deps/boringssl/src/lib 422 name: 'build quiche and boringssl' 423 424 - name: cache mod_h2 425 uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 426 id: cache-mod_h2 427 env: 428 cache-name: cache-mod_h2 429 with: 430 path: /home/runner/mod_h2 431 key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.mod_h2-version }} 432 433 - if: steps.cache-mod_h2.outputs.cache-hit != 'true' 434 run: | 435 cd $HOME 436 git clone --quiet --depth=1 -b v${{ env.mod_h2-version }} https://github.com/icing/mod_h2 437 cd mod_h2 438 autoreconf -fi 439 ./configure 440 make 441 name: 'build mod_h2' 442 443 - run: | 444 cd $HOME/mod_h2 445 sudo make install 446 name: 'install mod_h2' 447 448 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 449 450 - run: | 451 sudo python3 -m pip install -r tests/requirements.txt -r tests/http/requirements.txt 452 name: 'install python test prereqs' 453 454 - run: autoreconf -fi 455 name: 'autoreconf' 456 457 - run: ./configure --disable-dependency-tracking ${{ matrix.build.configure }} 458 name: 'configure' 459 460 - run: make V=1 461 name: 'make' 462 463 - run: make V=1 examples 464 name: 'make examples' 465 466 - run: make V=1 -C tests 467 name: 'make tests' 468 469 - run: make V=1 test-ci 470 name: 'run tests' 471 env: 472 TFLAGS: "${{ matrix.build.tflags }}" 473 474 - run: pytest -v tests 475 name: 'run pytest' 476 env: 477 TFLAGS: "${{ matrix.build.tflags }}" 478 CURL_CI: github 479