From d84d69ad9c494c4acfcf39aa3084070a5f64e6e6 Mon Sep 17 00:00:00 2001 From: Aiden Fujiwara <106630142+afujiwara-roblox@users.noreply.github.com> Date: Fri, 3 Nov 2023 10:03:09 -0700 Subject: [PATCH] Vendored Openssl (#87) This PR looks to build Foreman with a vendored openssl --- .github/workflows/ci.yml | 146 ++++++++-------- .github/workflows/openssl.sh | 19 ++ .github/workflows/release.yml | 238 ++++++++++++++------------ Cargo.lock | 21 ++- Cargo.toml | 3 +- scripts/end-to-end-tests.sh | 8 +- scripts/kill-process-test-unix.sh | 2 +- scripts/kill-process-test-windows.ps1 | 2 +- tests/snapshots/help_command.snap | 2 +- 9 files changed, 247 insertions(+), 194 deletions(-) create mode 100644 .github/workflows/openssl.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4c97967..7a1b147 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -3,106 +3,108 @@ name: CI on: push: branches: - - main + - main pull_request: branches: - - main + - main jobs: checks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2 - - name: Setup Rust toolchain - shell: bash - run: rustup default stable + - name: Setup Rust toolchain + shell: bash + run: rustup default stable - - name: Rustfmt - shell: bash - run: cargo fmt -- --check + - name: Rustfmt + shell: bash + run: cargo fmt -- --check - - name: Clippy - shell: bash - run: cargo clippy + - name: Clippy + shell: bash + run: cargo clippy build: needs: checks - timeout-minutes: 15 + timeout-minutes: 20 strategy: matrix: - os: [windows-latest, ubuntu-latest] - rust_version: [stable, "1.66.0"] + os: [windows-latest, ubuntu-latest] + rust_version: [stable, "1.66.0"] - runs-on: ${{ matrix.os }} + runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v2 - - - name: Setup Rust toolchain - shell: bash - run: rustup default ${{ matrix.rust_version }} + - uses: actions/checkout@v2 - - name: Build - shell: bash - run: cargo build --locked --verbose + - name: Setup Rust toolchain + run: rustup default ${{ matrix.rust_version }} - - name: Run tests - shell: bash - run: cargo test --locked --verbose + - name: Build + run: cargo build --locked --verbose - end-to-end-tests: - strategy: - matrix: - os: [ubuntu-latest, windows-latest] + - name: Run tests + run: cargo test --locked --verbose - runs-on: ${{ matrix.os }} + end-to-end-tests-ubuntu: + runs-on: ubuntu-latest needs: build - steps: - - uses: actions/checkout@v2 - - - name: End-to-end tests - shell: bash - run: | - cargo install --path . - foreman --version - PATH=$PATH:~/.foreman/bin - ./scripts/end-to-end-tests.sh - - kill-process-test-unix: - strategy: - matrix: - os: [ubuntu-latest] - - runs-on: ${{ matrix.os }} + - uses: actions/checkout@v2 + + - name: End-to-end tests ubuntu + shell: bash + run: | + cargo install --path . + foreman --version + PATH=$PATH:~/.foreman/bin + ./scripts/end-to-end-tests.sh + + end-to-end-tests-windows: + runs-on: windows-latest needs: build steps: - - uses: actions/checkout@v2 - - - name: kill-process-test-unix - shell: bash - run: | - cargo install --path . - foreman --version - PATH=$PATH:~/.foreman/bin - ./scripts/kill-process-test-unix.sh - - kill-process-test-windows: - strategy: - matrix: - os: [windows-latest] - runs-on: ${{ matrix.os }} + - uses: actions/checkout@v2 + + - name: install foreman from source + shell: pwsh + run: | + cargo install --path . + foreman --version + + - name: End-to-end tests windows + shell: bash + run: | + PATH=$PATH:~/.foreman/bin + ./scripts/end-to-end-tests.sh + + kill-process-test-unix: + runs-on: ubuntu-latest needs: build steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2 - - name: kill-process-test-windows - shell: pwsh - run: | - cargo install --path . - foreman --version - $env:Path += '%USERPROFILE%/.foreman/bin' - .\scripts\kill-process-test-windows.ps1 + - name: kill-process-test-unix + shell: bash + run: | + cargo install --path . + foreman --version + PATH=$PATH:~/.foreman/bin + ./scripts/kill-process-test-unix.sh + kill-process-test-windows: + runs-on: windows-latest + needs: build + steps: + - uses: actions/checkout@v2 + + - name: kill-process-test-windows + shell: pwsh + run: | + cargo install --path . + foreman --version + $env:Path += '%USERPROFILE%/.foreman/bin' + .\scripts\kill-process-test-windows.ps1 diff --git a/.github/workflows/openssl.sh b/.github/workflows/openssl.sh new file mode 100644 index 0000000..d348a6d --- /dev/null +++ b/.github/workflows/openssl.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +set -x +set -e + +OPENSSL_VER=${OPENSSL_VER:-openssl-1.1.1n} +OPENSSL_DST=${PWD}/${OPENSSL_VER}-install + +if [[ ! -d ${OPENSSL_DST} ]]; then + curl -O https://www.openssl.org/source/${OPENSSL_VER}.tar.gz + tar xzf ${OPENSSL_VER}.tar.gz + cd ${OPENSSL_VER} + ./Configure no-shared enable-rc5 zlib darwin64-arm64-cc --prefix=${OPENSSL_DST} --openssldir=${OPENSSL_DST} + make -j2 + make install + cd - +fi + +export OPENSSL_DIR=${OPENSSL_DST} \ No newline at end of file diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5009edf..1febfa9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -4,138 +4,158 @@ on: push: tags: ["*"] +env: + OPENSSL_VER: openssl-1.1.1n + jobs: windows: runs-on: windows-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v1 - - name: Build release binary - run: cargo build --verbose --locked --release + - name: Build release binary + run: cargo build --verbose --locked --release - - name: Upload artifacts - uses: actions/upload-artifact@v1 - with: - name: foreman-win64 - path: target/release/foreman.exe + - name: Upload artifacts + uses: actions/upload-artifact@v1 + with: + name: foreman-win64 + path: target/release/foreman.exe - macos: + macos-x86-64: runs-on: macos-latest timeout-minutes: 20 steps: - - uses: actions/checkout@v1 - - - name: Install Rust - run: | - curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y - rustup target install aarch64-apple-darwin - rustup target install x86_64-apple-darwin - - - name: Build x86_64 release binary - run: | - source $HOME/.cargo/env - cargo build --verbose --locked --release --target x86_64-apple-darwin - - - name: Upload Intel (x86_64) artifacts - uses: actions/upload-artifact@v1 - with: - name: foreman-macos-x86_64 - path: target/x86_64-apple-darwin/release/foreman - - - name: Cleanup finished x86_64 build - run: rm -rf ./target - - - name: Build arm64 release binary - run: | - source $HOME/.cargo/env - cargo build --verbose --locked --release --target aarch64-apple-darwin - - - name: Upload arm64 artifacts - uses: actions/upload-artifact@v1 - with: - name: foreman-macos-arm64 - path: target/aarch64-apple-darwin/release/foreman + - uses: actions/checkout@v1 + + - name: Install Rust + run: | + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + rustup target install aarch64-apple-darwin + rustup target install x86_64-apple-darwin + + - name: Build x86_64 release binary + run: | + source $HOME/.cargo/env + cargo build --verbose --locked --release --target x86_64-apple-darwin + + - name: Upload Intel (x86_64) artifacts + uses: actions/upload-artifact@v1 + with: + name: foreman-macos-x86_64 + path: target/x86_64-apple-darwin/release/foreman + + macos-arm64: + runs-on: macos-latest + timeout-minutes: 20 + steps: + - uses: actions/checkout@v1 + + - name: Install Rust + run: | + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + rustup target install aarch64-apple-darwin + rustup target install x86_64-apple-darwin + + - name: Cache OpenSSL + uses: actions/cache@v2 + with: + path: | + ${{ env.OPENSSL_VER }}-install + key: ${{ env.OPENSSL_VER }}-darwin-arm64-static + + - name: Build arm64 release binary + run: | + source $HOME/.cargo/env + source .github/workflows/openssl.sh + cargo build --verbose --locked --release --target aarch64-apple-darwin + + - name: Upload arm64 artifacts + uses: actions/upload-artifact@v1 + with: + name: foreman-macos-arm64 + path: target/aarch64-apple-darwin/release/foreman linux: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@v1 - - name: Build - run: cargo build --locked --verbose --release + - name: Build + run: cargo build --locked --verbose --release - - name: Upload artifacts - uses: actions/upload-artifact@v1 - with: - name: foreman-linux - path: target/release/foreman + - name: Upload artifacts + uses: actions/upload-artifact@v1 + with: + name: foreman-linux + path: target/release/foreman release: runs-on: ubuntu-latest timeout-minutes: 15 - needs: ['windows', 'macos', 'linux'] + needs: ["windows", "macos-x86-64", "macos-arm64", "linux"] steps: - - uses: actions/checkout@v1 - - name: Download artifacts - uses: actions/download-artifact@v2 - with: - path: artifacts - - run: | - zip -rj foreman-win64.zip ./artifacts/foreman-win64/* - zip -rj foreman-macos-x86_64.zip ./artifacts/foreman-macos-x86_64/* - zip -rj foreman-macos-arm64.zip ./artifacts/foreman-macos-arm64/* - zip -rj foreman-linux.zip ./artifacts/foreman-linux/* - - name: Create release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - draft: true - tag_name: ${{ github.ref }} - release_name: ${{ github.ref }} - - - name: Upload windows build - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ./foreman-win64.zip - asset_name: foreman-win64.zip - asset_content_type: application/zip - - - name: Upload macos build - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ./foreman-macos-x86_64.zip - asset_name: foreman-macos-x86_64.zip - asset_content_type: application/zip - - - name: Upload macos build (arm64) - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ./foreman-macos-arm64.zip - asset_name: foreman-macos-arm64.zip - asset_content_type: application/zip - - - name: Upload linux build - uses: actions/upload-release-asset@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - upload_url: ${{ steps.create_release.outputs.upload_url }} - asset_path: ./foreman-linux.zip - asset_name: foreman-linux.zip - asset_content_type: application/zip + - uses: actions/checkout@v1 + - name: Download artifacts + uses: actions/download-artifact@v2 + with: + path: artifacts + - run: | + zip -rj foreman-win64.zip ./artifacts/foreman-win64/* + zip -rj foreman-macos-x86_64.zip ./artifacts/foreman-macos-x86_64/* + zip -rj foreman-macos-arm64.zip ./artifacts/foreman-macos-arm64/* + zip -rj foreman-linux.zip ./artifacts/foreman-linux/* + - name: Create release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + draft: true + tag_name: ${{ github.ref }} + release_name: ${{ github.ref }} + + - name: Upload windows build + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ./foreman-win64.zip + asset_name: foreman-win64.zip + asset_content_type: application/zip + + - name: Upload macos build + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ./foreman-macos-x86_64.zip + asset_name: foreman-macos-x86_64.zip + asset_content_type: application/zip + + - name: Upload macos build (arm64) + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ./foreman-macos-arm64.zip + asset_name: foreman-macos-arm64.zip + asset_content_type: application/zip + + - name: Upload linux build + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create_release.outputs.upload_url }} + asset_path: ./foreman-linux.zip + asset_name: foreman-linux.zip + asset_content_type: application/zip diff --git a/Cargo.lock b/Cargo.lock index 77719e0..5178c82 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -390,7 +390,7 @@ checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b" [[package]] name = "foreman" -version = "1.4.0" +version = "1.5.0" dependencies = [ "artiaa_auth", "assert_cmd", @@ -399,6 +399,7 @@ dependencies = [ "env_logger", "insta", "log", + "openssl", "reqwest", "rpassword", "semver", @@ -849,9 +850,9 @@ checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "openssl" -version = "0.10.57" +version = "0.10.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bac25ee399abb46215765b1cb35bc0212377e58a061560d8b29b024fd0430e7c" +checksum = "a9dfc0783362704e97ef3bd24261995a699468440099ef95d869b4d9732f829a" dependencies = [ "bitflags 2.4.0", "cfg-if", @@ -879,14 +880,24 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" +[[package]] +name = "openssl-src" +version = "300.1.6+3.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "439fac53e092cd7442a3660c85dde4643ab3b5bd39040912388dcdabf6b88085" +dependencies = [ + "cc", +] + [[package]] name = "openssl-sys" -version = "0.9.92" +version = "0.9.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db7e971c2c2bba161b2d2fdf37080177eff520b3bc044787c7f1f5f9e78d869b" +checksum = "2f55da20b29f956fb01f0add8683eb26ee13ebe3ebd935e49898717c6b4b2830" dependencies = [ "cc", "libc", + "openssl-src", "pkg-config", "vcpkg", ] diff --git a/Cargo.toml b/Cargo.toml index c9d7b12..c65a4dc 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,7 +6,7 @@ default-members = [".", "artiaa_auth"] [package] name = "foreman" description = "Toolchain manager for simple binary tools" -version = "1.4.0" +version = "1.5.0" authors = [ "Lucien Greathouse ", "Matt Hargett ", @@ -35,6 +35,7 @@ urlencoding = "2.1.0" zip = "0.5" url = "2.4.1" artiaa_auth = { path = "./artiaa_auth" } +openssl = { version = "0.10.58", features = ["vendored"] } [target.'cfg(windows)'.dependencies] command-group = "1.0.8" diff --git a/scripts/end-to-end-tests.sh b/scripts/end-to-end-tests.sh index a50b565..0d83251 100755 --- a/scripts/end-to-end-tests.sh +++ b/scripts/end-to-end-tests.sh @@ -21,20 +21,20 @@ write_foreman_toml () { verify_github_tool () { write_foreman_toml github $1 $2 $3 - cargo run --release -- install + foreman install verify_tool_version $1 $3 rm foreman.toml # for compatibility, verify that `source` also works write_foreman_toml source $1 $2 $3 - cargo run --release -- install + foreman install verify_tool_version $1 $3 rm foreman.toml } verify_gitlab_tool () { write_foreman_toml gitlab $1 $2 $3 - cargo run --release -- install + foreman install verify_tool_version $1 $3 rm foreman.toml } @@ -44,7 +44,7 @@ verify_install_all_before_fail () { echo "$1 = { github = \"$2\", version = \"=$3\" }" >> foreman.toml { # try - cargo run --release -- install + foreman install } || { # finally verify_tool_version $1 $3 diff --git a/scripts/kill-process-test-unix.sh b/scripts/kill-process-test-unix.sh index 12b4bbf..6a3479c 100755 --- a/scripts/kill-process-test-unix.sh +++ b/scripts/kill-process-test-unix.sh @@ -18,7 +18,7 @@ create_rojo_files() { setup_rojo() { write_foreman_toml github rojo "rojo-rbx/rojo" "7.3.0" - cargo run --release -- install + foreman install create_rojo_files } diff --git a/scripts/kill-process-test-windows.ps1 b/scripts/kill-process-test-windows.ps1 index 22006bb..2f94b40 100644 --- a/scripts/kill-process-test-windows.ps1 +++ b/scripts/kill-process-test-windows.ps1 @@ -16,7 +16,7 @@ function create_rojo_files() { function setup_rojo() { write_foreman_toml github rojo "rojo-rbx/rojo" "7.3.0" - cargo run --release -- install + foreman install create_rojo_files } diff --git a/tests/snapshots/help_command.snap b/tests/snapshots/help_command.snap index 2f07938..08cd5cf 100644 --- a/tests/snapshots/help_command.snap +++ b/tests/snapshots/help_command.snap @@ -2,7 +2,7 @@ source: tests/cli.rs expression: content --- -foreman 1.4.0 +foreman 1.5.0 USAGE: foreman [FLAGS]