From dec4ce28518fed88cdbc11f8f6f1e1c8670b0394 Mon Sep 17 00:00:00 2001 From: Sean T Allen Date: Sun, 22 Oct 2023 17:20:17 -0400 Subject: [PATCH] Add OpenSSL 3.1.3 builder (#64) --- .github/workflows/linux-builder-update.yml | 36 ++++++++++++++ .github/workflows/pr.yml | 8 ++++ .../Dockerfile | 22 +++++++++ .../README.md | 3 ++ .../build-and-push.bash | 47 +++++++++++++++++++ 5 files changed, 116 insertions(+) create mode 100644 x86-64-unknown-linux-builder-with-openssl_3.1.3/Dockerfile create mode 100644 x86-64-unknown-linux-builder-with-openssl_3.1.3/README.md create mode 100644 x86-64-unknown-linux-builder-with-openssl_3.1.3/build-and-push.bash diff --git a/.github/workflows/linux-builder-update.yml b/.github/workflows/linux-builder-update.yml index be99197..61e7599 100644 --- a/.github/workflows/linux-builder-update.yml +++ b/.github/workflows/linux-builder-update.yml @@ -242,6 +242,40 @@ jobs: topic: ${{ github.repository }} scheduled job failure content: ${{ github.server_url}}/${{ github.repository }}/actions/runs/${{ github.run_id }} failed. + x86-64-unknown-linux-builder-with-openssl_3_1_3: + needs: + - x86-64-unknown-linux-builder + + name: Update x86-64-unknown-linux-builder-with-openssl_3.1.3 + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Login to DockerHub + run: docker login -u "$DOCKER_USERNAME" -p "$DOCKER_PASSWORD" + env: + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + - name: Login to GitHub Container Registry + # v2.2.0 + uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push + run: bash x86-64-unknown-linux-builder-with-openssl_3.1.3/build-and-push.bash + - name: Send alert on failure + if: ${{ failure() }} + uses: zulip/github-actions-zulip/send-message@b62d5a0e48a4d984ea4fce5dd65ba691963d4db4 + with: + api-key: ${{ secrets.ZULIP_SCHEDULED_JOB_FAILURE_API_KEY }} + email: ${{ secrets.ZULIP_SCHEDULED_JOB_FAILURE_EMAIL }} + organization-url: 'https://ponylang.zulipchat.com/' + to: notifications + type: stream + topic: ${{ github.repository }} scheduled job failure + content: ${{ github.server_url}}/${{ github.repository }}/actions/runs/${{ github.run_id }} failed. + x86-64-unknown-linux-builder-with-pcre: needs: - x86-64-unknown-linux-builder @@ -285,6 +319,7 @@ jobs: - x86-64-unknown-linux-builder-with-openssl_1_1_1w - x86-64-unknown-linux-builder-with-openssl_3_0_7 - x86-64-unknown-linux-builder-with-openssl_3_1_0 + - x86-64-unknown-linux-builder-with-openssl_3_1_3 - x86-64-unknown-linux-builder-with-pcre name: Send 'shared-docker-linux-builders-updated' event @@ -358,6 +393,7 @@ jobs: - shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_1.1.1w - shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_3.0.7 - shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_3.1.0 + - shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_3.1.3 - shared-docker-ci-x86-64-unknown-linux-builder-with-pcre steps: diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index a81869a..2551be4 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -94,6 +94,14 @@ jobs: - name: Docker build run: "docker build --pull --file=x86-64-unknown-linux-builder-with-openssl_3.1.0/Dockerfile ." + validate-x86-64-unknown-linux-builder-with-openssl_3_1_3-image-builds: + name: Validate x86-64-unknown-linux-builder-with-openssl_3.1.3 Docker image builds + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Docker build + run: "docker build --pull --file=x86-64-unknown-linux-builder-with-openssl_3.1.3/Dockerfile ." + validate-x86-64-unknown-linux-builder-with-pcre-image-builds: name: Validate x86-64-unknown-linux-builder-with-pcre Docker image builds runs-on: ubuntu-latest diff --git a/x86-64-unknown-linux-builder-with-openssl_3.1.3/Dockerfile b/x86-64-unknown-linux-builder-with-openssl_3.1.3/Dockerfile new file mode 100644 index 0000000..410e0bb --- /dev/null +++ b/x86-64-unknown-linux-builder-with-openssl_3.1.3/Dockerfile @@ -0,0 +1,22 @@ +ARG FROM_TAG=release +FROM ghcr.io/ponylang/shared-docker-ci-x86-64-unknown-linux-builder:${FROM_TAG} + +RUN apk add --update --no-cache \ + clang-dev \ + linux-headers \ + perl + +RUN cd /tmp && \ + wget https://www.openssl.org/source/openssl-3.1.3.tar.gz && \ + tar xf openssl-3.1.3.tar.gz && \ + cd openssl-3.1.3 && \ + ./Configure --api=3.0.0 no-shared linux-x86_64 enable-rc5 enable-md2 && \ + make && \ + make install && \ + cd /tmp && \ + rm -rf openssl-3.1.3 + +# For some reason, even though lib64 is in the linker search path, the +# libraries when installed there can't be found +RUN cp /usr/local/lib64/libssl.a /usr/local/lib/ && \ + cp /usr/local/lib64/libcrypto.a /usr/local/lib diff --git a/x86-64-unknown-linux-builder-with-openssl_3.1.3/README.md b/x86-64-unknown-linux-builder-with-openssl_3.1.3/README.md new file mode 100644 index 0000000..57fdcfb --- /dev/null +++ b/x86-64-unknown-linux-builder-with-openssl_3.1.3/README.md @@ -0,0 +1,3 @@ +# x86-64-unknown-linux-builder-with-openssl_3.1.3 + +The x86-64-unknown-linux-builder with OpenSSL 3.1.3 implementation installed as well. Rebuilt daily. diff --git a/x86-64-unknown-linux-builder-with-openssl_3.1.3/build-and-push.bash b/x86-64-unknown-linux-builder-with-openssl_3.1.3/build-and-push.bash new file mode 100644 index 0000000..0874482 --- /dev/null +++ b/x86-64-unknown-linux-builder-with-openssl_3.1.3/build-and-push.bash @@ -0,0 +1,47 @@ +#!/bin/bash + +set -o errexit +set -o nounset + +# +# *** You should already be logged in to DockerHub +# and GitHub Container Registry when you run this *** +# + +DOCKERFILE_DIR="$(dirname "$0")" + +## DockerHub + +NAME="ponylang/shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_3.1.3" + +# built from x86-64-unknown-linux-builder release tag +FROM_TAG=release +TAG_AS=release +docker build --pull --build-arg FROM_TAG="${FROM_TAG}" \ + -t "${NAME}:${TAG_AS}" "${DOCKERFILE_DIR}" +docker push "${NAME}:${TAG_AS}" + +# built from x86-64-unknown-linux-builder latest tag +FROM_TAG=latest +TAG_AS=latest +docker build --pull --build-arg FROM_TAG="${FROM_TAG}" \ + -t "${NAME}:${TAG_AS}" "${DOCKERFILE_DIR}" +docker push "${NAME}:${TAG_AS}" + +## GitHub Container Registry + +NAME="ghcr.io/ponylang/shared-docker-ci-x86-64-unknown-linux-builder-with-openssl_3.1.3" + +# built from x86-64-unknown-linux-builder release tag +FROM_TAG=release +TAG_AS=release +docker build --pull --build-arg FROM_TAG="${FROM_TAG}" \ + -t "${NAME}:${TAG_AS}" "${DOCKERFILE_DIR}" +docker push "${NAME}:${TAG_AS}" + +# built from x86-64-unknown-linux-builder latest tag +FROM_TAG=latest +TAG_AS=latest +docker build --pull --build-arg FROM_TAG="${FROM_TAG}" \ + -t "${NAME}:${TAG_AS}" "${DOCKERFILE_DIR}" +docker push "${NAME}:${TAG_AS}"