123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547 |
- # Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
- #
- # SPDX-License-Identifier: curl
- name: Linux HTTP/3
- 'on':
- push:
- branches:
- - master
- - '*/ci'
- paths-ignore:
- - '**/*.md'
- - '**/CMakeLists.txt'
- - '.circleci/**'
- - 'appveyor.*'
- - 'CMake/**'
- - 'packages/**'
- - 'plan9/**'
- - 'projects/**'
- - 'winbuild/**'
- pull_request:
- branches:
- - master
- paths-ignore:
- - '**/*.md'
- - '**/CMakeLists.txt'
- - '.circleci/**'
- - 'appveyor.*'
- - 'CMake/**'
- - 'packages/**'
- - 'plan9/**'
- - 'projects/**'
- - 'winbuild/**'
- concurrency:
- # Hardcoded workflow filename as workflow name above is just Linux again
- group: http3-${{ github.event.pull_request.number || github.sha }}
- cancel-in-progress: true
- permissions: {}
- env:
- MAKEFLAGS: -j 5
- # handled in renovate.json
- openssl-version: 3.4.0
- # handled in renovate.json
- quictls-version: 3.3.0
- # renovate: datasource=github-tags depName=gnutls/gnutls versioning=semver registryUrl=https://github.com
- gnutls-version: 3.8.8
- wolfssl-version: master
- # renovate: datasource=github-tags depName=ngtcp2/nghttp3 versioning=semver registryUrl=https://github.com
- nghttp3-version: 1.6.0
- # renovate: datasource=github-tags depName=ngtcp2/ngtcp2 versioning=semver registryUrl=https://github.com
- ngtcp2-version: 1.9.1
- # renovate: datasource=github-tags depName=nghttp2/nghttp2 versioning=semver registryUrl=https://github.com
- nghttp2-version: 1.64.0
- # renovate: datasource=github-tags depName=cloudflare/quiche versioning=semver registryUrl=https://github.com
- quiche-version: 0.22.0
- jobs:
- setup:
- runs-on: ubuntu-latest
- outputs:
- wolfssl-version: ${{ steps.wolfssl-version.outputs.result }}
- steps:
- - id: wolfssl-version
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
- with:
- result-encoding: string
- script: |
- let version = '${{ env.wolfssl-version }}'
- if (version != 'master') {
- return version
- }
- let { data: commits } = await github.rest.repos.listCommits({
- owner: 'wolfSSL',
- repo: 'wolfssl',
- })
- return commits[0].sha
- build-cache:
- needs:
- - setup
- runs-on: ubuntu-latest
- steps:
- - name: cache quictls
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-quictls-no-deprecated
- env:
- cache-name: cache-quictls-no-deprecated
- with:
- path: /home/runner/quictls/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}-quic1
- - name: cache gnutls
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-gnutls
- env:
- cache-name: cache-gnutls
- with:
- path: /home/runner/gnutls/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
- - name: cache wolfssl
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-wolfssl
- env:
- cache-name: cache-wolfssl
- wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
- with:
- path: /home/runner/wolfssl/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
- - name: cache nghttp3
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-nghttp3
- env:
- cache-name: cache-nghttp3
- with:
- path: /home/runner/nghttp3/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
- - name: cache ngtcp2
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-ngtcp2
- env:
- cache-name: cache-ngtcp2
- with:
- path: /home/runner/ngtcp2/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}
- - name: cache nghttp2
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-nghttp2
- env:
- cache-name: cache-nghttp2
- with:
- path: /home/runner/nghttp2/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}
- - id: settings
- if: |
- steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true' ||
- steps.cache-gnutls.outputs.cache-hit != 'true' ||
- steps.cache-wolfssl.outputs.cache-hit != 'true' ||
- steps.cache-nghttp3.outputs.cache-hit != 'true' ||
- steps.cache-ngtcp2.outputs.cache-hit != 'true' ||
- steps.cache-nghttp2.outputs.cache-hit != 'true'
- run: |
- echo 'needs-build=true' >> $GITHUB_OUTPUT
- - name: install build prereqs
- if: steps.settings.outputs.needs-build == 'true'
- run: |
- sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
- sudo apt-get update -y
- sudo apt-get install -y --no-install-suggests --no-install-recommends \
- libtool autoconf automake pkgconf stunnel4 \
- libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \
- nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \
- libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
- texinfo texlive texlive-extra-utils autopoint libev-dev \
- apache2 apache2-dev libnghttp2-dev
- echo 'CC=gcc-12' >> $GITHUB_ENV
- echo 'CXX=g++-12' >> $GITHUB_ENV
- - if: steps.cache-quictls-no-deprecated.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b openssl-${{ env.quictls-version }}-quic1 https://github.com/quictls/openssl quictls
- cd quictls
- ./config no-deprecated --prefix=$PWD/build --libdir=lib no-makedepend no-apps no-docs no-tests
- make
- make -j1 install_sw
- name: 'build quictls'
- - if: steps.cache-gnutls.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b ${{ env.gnutls-version }} https://github.com/gnutls/gnutls.git
- cd gnutls
- ./bootstrap
- ./configure --disable-dependency-tracking --prefix=$PWD/build \
- LDFLAGS="-Wl,-rpath,$PWD/build/lib -L$PWD/build/lib" \
- --with-included-libtasn1 --with-included-unistring \
- --disable-guile --disable-doc --disable-tests --disable-tools
- make
- make install
- name: 'build gnutls'
- - if: steps.cache-wolfssl.outputs.cache-hit != 'true'
- env:
- wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
- run: |
- cd $HOME
- mkdir wolfssl
- cd wolfssl
- git init
- git remote add origin https://github.com/wolfSSL/wolfssl.git
- git fetch origin --depth=1 ${{ env.wolfssl-version }}
- git checkout ${{ env.wolfssl-version }}
- ./autogen.sh
- ./configure --disable-dependency-tracking --enable-all --enable-quic \
- --disable-benchmark --disable-crypttests --disable-examples --prefix=$PWD/build
- make
- make install
- name: 'build wolfssl'
- - if: steps.cache-nghttp3.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b v${{ env.nghttp3-version }} https://github.com/ngtcp2/nghttp3
- cd nghttp3
- git submodule update --init --depth=1
- autoreconf -fi
- ./configure --disable-dependency-tracking --prefix=$PWD/build PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig" --enable-lib-only
- make
- make install
- name: 'build nghttp3'
- - if: steps.cache-ngtcp2.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b v${{ env.ngtcp2-version }} https://github.com/ngtcp2/ngtcp2
- cd ngtcp2
- autoreconf -fi
- ./configure --disable-dependency-tracking --prefix=$PWD/build \
- PKG_CONFIG_PATH="$PWD/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/gnutls/build/lib/pkgconfig:$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig" \
- --enable-lib-only --with-openssl --with-gnutls --with-wolfssl
- make install
- name: 'build ngtcp2'
- - if: steps.cache-nghttp2.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b v${{ env.nghttp2-version }} https://github.com/nghttp2/nghttp2
- cd nghttp2
- autoreconf -fi
- ./configure --disable-dependency-tracking --prefix=$PWD/build \
- PKG_CONFIG_PATH="$HOME/build/lib/pkgconfig:$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig" \
- LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib" \
- --enable-http3
- make install
- name: 'build nghttp2'
- linux:
- name: ${{ matrix.build.generate && 'CM' || 'AM' }} ${{ matrix.build.name }}
- needs:
- - setup
- - build-cache
- runs-on: 'ubuntu-24.04'
- timeout-minutes: 45
- strategy:
- fail-fast: false
- matrix:
- build:
- - name: quictls
- PKG_CONFIG_PATH: '$HOME/quictls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
- configure: >-
- LDFLAGS="-Wl,-rpath,$HOME/quictls/build/lib"
- --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug --disable-ntlm
- --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
- --with-openssl=$HOME/quictls/build
- - name: gnutls
- PKG_CONFIG_PATH: '$HOME/gnutls/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
- configure: >-
- LDFLAGS="-Wl,-rpath,$HOME/gnutls/build/lib"
- --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
- --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
- --with-gnutls=$HOME/gnutls/build
- - name: wolfssl
- PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
- configure: >-
- LDFLAGS="-Wl,-rpath,$HOME/wolfssl/build/lib"
- --with-ngtcp2=$HOME/ngtcp2/build --enable-warnings --enable-werror --enable-debug
- --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
- --with-wolfssl=$HOME/wolfssl/build
- --enable-ech
- - name: wolfssl
- PKG_CONFIG_PATH: '$HOME/wolfssl/build/lib/pkgconfig:$HOME/nghttp3/build/lib/pkgconfig:$HOME/ngtcp2/build/lib/pkgconfig:$HOME/nghttp2/build/lib/pkgconfig'
- generate: >-
- -DCURL_USE_WOLFSSL=ON -DUSE_NGTCP2=ON -DENABLE_DEBUG=ON
- -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
- -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
- -DUSE_ECH=ON
- - name: openssl-quic
- PKG_CONFIG_PATH: '$HOME/openssl/build/lib64/pkgconfig'
- configure: >-
- LDFLAGS="-Wl,-rpath,$HOME/openssl/build/lib64"
- --enable-warnings --enable-werror --enable-debug --disable-ntlm
- --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
- --with-openssl=$HOME/openssl/build --with-openssl-quic
- --with-nghttp3=$HOME/nghttp3/build
- - name: quiche
- configure: >-
- LDFLAGS="-Wl,-rpath,$HOME/quiche/target/release"
- --with-openssl=$HOME/quiche/quiche/deps/boringssl/src
- --enable-warnings --enable-werror --enable-debug
- --with-quiche=$HOME/quiche/target/release
- --with-test-nghttpx="$HOME/nghttp2/build/bin/nghttpx"
- --with-ca-fallback
- - name: quiche
- PKG_CONFIG_PATH: '$HOME/quiche/target/release'
- generate: >-
- -DOPENSSL_ROOT_DIR=$HOME/quiche/quiche/deps/boringssl/src -DENABLE_DEBUG=ON
- -DUSE_QUICHE=ON
- -DTEST_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
- -DHTTPD_NGHTTPX="$HOME/nghttp2/build/bin/nghttpx"
- -DCURL_CA_FALLBACK=ON
- steps:
- - run: |
- sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
- sudo apt-get update -y
- sudo apt-get install -y --no-install-suggests --no-install-recommends \
- libtool autoconf automake ninja-build pkgconf stunnel4 \
- libpsl-dev libbrotli-dev libzstd-dev zlib1g-dev libev-dev libc-ares-dev \
- nettle-dev libp11-kit-dev libtspi-dev libunistring-dev guile-2.2-dev libtasn1-bin \
- libtasn1-6-dev libidn2-0-dev gawk gperf libtss2-dev dns-root-data bison gtk-doc-tools \
- texinfo texlive texlive-extra-utils autopoint libev-dev \
- apache2 apache2-dev libnghttp2-dev vsftpd
- python3 -m venv $HOME/venv
- echo 'CC=gcc-12' >> $GITHUB_ENV
- echo 'CXX=g++-12' >> $GITHUB_ENV
- name: 'install prereqs'
- - name: cache quictls
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-quictls-no-deprecated
- env:
- cache-name: cache-quictls-no-deprecated
- with:
- path: /home/runner/quictls/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quictls-version }}
- fail-on-cache-miss: true
- - name: cache gnutls
- if: matrix.build.name == 'gnutls'
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-gnutls
- env:
- cache-name: cache-gnutls
- with:
- path: /home/runner/gnutls/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.gnutls-version }}
- fail-on-cache-miss: true
- - name: cache wolfssl
- if: matrix.build.name == 'wolfssl'
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-wolfssl
- env:
- cache-name: cache-wolfssl
- wolfssl-version: ${{ needs.setup.outputs.wolfssl-version }}
- with:
- path: /home/runner/wolfssl/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.wolfssl-version }}
- fail-on-cache-miss: true
- - name: cache nghttp3
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-nghttp3
- env:
- cache-name: cache-nghttp3
- with:
- path: /home/runner/nghttp3/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp3-version }}
- fail-on-cache-miss: true
- - name: cache ngtcp2
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-ngtcp2
- env:
- cache-name: cache-ngtcp2
- with:
- path: /home/runner/ngtcp2/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.ngtcp2-version }}
- fail-on-cache-miss: true
- - name: cache nghttp2
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-nghttp2
- env:
- cache-name: cache-nghttp2
- with:
- path: /home/runner/nghttp2/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.nghttp2-version }}
- fail-on-cache-miss: true
- - name: cache openssl
- if: matrix.build.name == 'openssl-quic'
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-openssl
- env:
- cache-name: cache-openssl
- with:
- path: /home/runner/openssl/build
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.openssl-version }}
- - name: 'install openssl'
- if: matrix.build.name == 'openssl-quic' && steps.cache-openssl.outputs.cache-hit != 'true'
- run: |
- git clone --quiet --depth=1 -b openssl-${{ env.openssl-version }} https://github.com/openssl/openssl
- cd openssl
- ./config --prefix=$HOME/openssl/build no-makedepend no-apps no-docs no-tests
- make
- make -j1 install_sw
- cat exporters/openssl.pc
- - name: cache quiche
- if: matrix.build.name == 'quiche'
- uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4
- id: cache-quiche
- env:
- cache-name: cache-quiche
- with:
- path: /home/runner/quiche
- key: ${{ runner.os }}-http3-build-${{ env.cache-name }}-${{ env.quiche-version }}
- - if: matrix.build.name == 'quiche' && steps.cache-quiche.outputs.cache-hit != 'true'
- run: |
- cd $HOME
- git clone --quiet --depth=1 -b ${{ env.quiche-version }} --recursive https://github.com/cloudflare/quiche.git
- cd quiche
- #### Work-around https://github.com/curl/curl/issues/7927 #######
- #### See https://github.com/alexcrichton/cmake-rs/issues/131 ####
- sed -i -e 's/cmake = "0.1"/cmake = "=0.1.45"/' quiche/Cargo.toml
- cargo build -v --package quiche --release --features ffi,pkg-config-meta,qlog --verbose
- ln -s libquiche.so target/release/libquiche.so.0
- mkdir -v quiche/deps/boringssl/src/lib
- ln -vnf $(find target/release -name libcrypto.a -o -name libssl.a) quiche/deps/boringssl/src/lib/
- # include dir
- # $HOME/quiche/quiche/deps/boringssl/src/include
- # lib dir
- # $HOME/quiche/quiche/deps/boringssl/src/lib
- name: 'build quiche and boringssl'
- - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- with:
- persist-credentials: false
- - run: autoreconf -fi
- if: ${{ matrix.build.configure }}
- name: 'autoreconf'
- - name: 'configure'
- run: |
- if [ -n '${{ matrix.build.PKG_CONFIG_PATH }}' ]; then
- export PKG_CONFIG_PATH="${{ matrix.build.PKG_CONFIG_PATH }}"
- fi
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake -B . -G Ninja \
- -DCMAKE_C_COMPILER_TARGET=$(uname -m)-pc-linux-gnu -DBUILD_STATIC_LIBS=ON \
- -DCMAKE_UNITY_BUILD=ON -DCURL_TEST_BUNDLES=ON -DCURL_WERROR=ON \
- ${{ matrix.build.generate }}
- else
- ./configure --disable-dependency-tracking --enable-unity --enable-test-bundles --enable-warnings --enable-werror \
- ${{ matrix.build.configure }}
- fi
- - name: 'configure log'
- if: ${{ !cancelled() }}
- run: cat config.log CMakeFiles/CMakeConfigureLog.yaml 2>/dev/null || true
- - name: 'curl_config.h'
- run: |
- echo '::group::raw'; cat lib/curl_config.h || true; echo '::endgroup::'
- grep -F '#define' lib/curl_config.h | sort || true
- - name: 'test configs'
- run: |
- cat tests/config || true
- cat tests/http/config.ini || true
- - name: 'build'
- run: |
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake --build . --verbose
- else
- make V=1
- fi
- - run: ./src/curl -V
- name: 'check curl -V output'
- - name: 'build tests'
- run: |
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake --build . --verbose --target testdeps
- else
- make V=1 -C tests
- fi
- - name: 'install test prereqs'
- run: |
- source $HOME/venv/bin/activate
- python3 -m pip install -r tests/requirements.txt
- - name: 'run tests'
- env:
- TFLAGS: "${{ matrix.build.tflags }}"
- run: |
- source $HOME/venv/bin/activate
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake --build . --verbose --target test-ci
- else
- make V=1 test-ci
- fi
- - name: 'install pytest prereqs'
- run: |
- source $HOME/venv/bin/activate
- python3 -m pip install -r tests/http/requirements.txt
- - name: 'run pytest'
- env:
- TFLAGS: "${{ matrix.build.tflags }}"
- CURL_CI: github
- run: |
- source $HOME/venv/bin/activate
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake --build . --verbose --target curl-pytest-ci
- else
- make V=1 pytest-ci
- fi
- - name: 'build examples'
- run: |
- if [ -n '${{ matrix.build.generate }}' ]; then
- cmake --build . --verbose --target curl-examples
- else
- make V=1 examples
- fi
|