Merge pull request #752 from rhenium/pkcs7-empty-signed-data-19974 #1039
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: [push, pull_request] | |
jobs: | |
ruby-versions: | |
uses: ruby/actions/.github/workflows/ruby_versions.yml@master | |
with: | |
engine: cruby-truffleruby | |
min_version: 2.6 | |
test: | |
needs: ruby-versions | |
name: >- | |
${{ matrix.os }} ${{ matrix.ruby }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
# ubuntu-22.04 uses OpenSSL 3.0, ubuntu-20.04 uses OpenSSL 1.1.1 | |
os: [ ubuntu-22.04, ubuntu-20.04, macos-latest, windows-latest ] | |
ruby: ${{ fromJson(needs.ruby-versions.outputs.versions) }} | |
exclude: | |
# uses non-standard MSYS2 OpenSSL 3 package | |
- { os: windows-latest, ruby: head } | |
- { os: windows-latest, ruby: truffleruby } | |
- { os: windows-latest, ruby: truffleruby-head } | |
- { os: macos-latest, ruby: truffleruby } | |
- { os: ubuntu-20.04, ruby: truffleruby } | |
include: | |
- { os: windows-latest, ruby: ucrt } | |
- { os: windows-latest, ruby: mswin } | |
steps: | |
- name: repo checkout | |
uses: actions/checkout@v4 | |
- name: load ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ matrix.ruby }} | |
- name: depends | |
run: bundle install | |
# Enable the verbose option in mkmf.rb to print the compiling commands. | |
- name: enable mkmf verbose | |
run: echo "MAKEFLAGS=V=1" >> $GITHUB_ENV | |
if: runner.os == 'Linux' || runner.os == 'macOS' | |
- name: set flags to check compiler warnings. | |
run: echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV | |
if: ${{ !matrix.skip-warnings }} | |
- name: compile | |
run: rake compile | |
- name: test | |
run: rake test TESTOPTS="-v --no-show-detail-immediately" | |
timeout-minutes: 5 | |
test-openssls: | |
name: >- | |
${{ matrix.openssl }} ${{ matrix.name-extra || '' }} | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [ ubuntu-latest ] | |
ruby: [ "3.0" ] | |
openssl: | |
# https://www.openssl.org/source/ | |
- openssl-1.0.2u # EOL | |
- openssl-1.1.0l # EOL | |
- openssl-1.1.1w # EOL | |
- openssl-3.0.13 | |
- openssl-3.1.5 | |
- openssl-3.2.1 | |
- openssl-3.3.0 | |
# http://www.libressl.org/releases.html | |
- libressl-3.1.5 # EOL | |
- libressl-3.2.7 # EOL | |
- libressl-3.3.6 # EOL | |
- libressl-3.4.3 # EOL | |
- libressl-3.5.3 # EOL | |
- libressl-3.6.3 # EOL | |
- libressl-3.7.3 # EOL | |
- libressl-3.8.4 | |
- libressl-3.9.1 | |
steps: | |
- name: repo checkout | |
uses: actions/checkout@v4 | |
- name: prepare openssl | |
run: | | |
# Enable Bash debugging option temporarily for debugging use. | |
set -x | |
mkdir -p tmp/build-openssl && cd tmp/build-openssl | |
case ${{ matrix.openssl }} in | |
openssl-*) | |
if [ -z "${{ matrix.git }}" ]; then | |
curl -OL https://ftp.openssl.org/source/${{ matrix.openssl }}.tar.gz | |
tar xf ${{ matrix.openssl }}.tar.gz && cd ${{ matrix.openssl }} | |
else | |
git clone -b ${{ matrix.branch }} --depth 1 ${{ matrix.git }} ${{ matrix.openssl }} | |
cd ${{ matrix.openssl }} | |
# Log the commit hash. | |
echo "Git commit: $(git rev-parse HEAD)" | |
fi | |
# shared is required for 1.0.x. | |
./Configure --prefix=$HOME/.openssl/${{ matrix.openssl }} --libdir=lib \ | |
shared linux-x86_64 ${{ matrix.append-configure }} | |
make depend | |
;; | |
libressl-*) | |
curl -OL https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/${{ matrix.openssl }}.tar.gz | |
tar xf ${{ matrix.openssl }}.tar.gz && cd ${{ matrix.openssl }} | |
./configure --prefix=$HOME/.openssl/${{ matrix.openssl }} | |
;; | |
*) | |
false | |
;; | |
esac | |
make -j4 | |
make install_sw | |
- name: load ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
ruby-version: ${{ matrix.ruby }} | |
- name: depends | |
run: bundle install | |
- name: enable mkmf verbose | |
run: echo "MAKEFLAGS=V=1" >> $GITHUB_ENV | |
if: runner.os == 'Linux' || runner.os == 'macOS' | |
- name: set flags to check compiler warnings. | |
run: echo "RUBY_OPENSSL_EXTCFLAGS=-Werror" >> $GITHUB_ENV | |
if: ${{ !matrix.skip-warnings }} | |
- name: compile | |
run: rake compile -- --with-openssl-dir=$HOME/.openssl/${{ matrix.openssl }} | |
- name: test | |
run: rake test TESTOPTS="-v --no-show-detail-immediately" | |
timeout-minutes: 5 |