[SSLNTV-33] Add Ubuntu workflow that uses OpenSSL 3.0.7 #25
Conversation
Skyllarr
force-pushed
the
linux-ci-rebased
branch
from
3800079 to
6aafc88
Compare
Skyllarr
changed the title
.github/workflows/build-natives.yaml
Outdated
| name: Install latest version of OpenSSL in ubuntu | ||
| run: | | ||
| echo "Installed version of OpenSSL on ubuntu is " | ||
| openssl version |
There was a problem hiding this comment.
Should this line be moved to the end of this section to ensure the version is correct after installing and building?
There was a problem hiding this comment.
Oh maybe this line is meant to check the existing version first?
There was a problem hiding this comment.
Ah right, I was using this to check the existing version first but it can be removed now
There was a problem hiding this comment.
@fjuma ubuntu does not package 3.x versions, they just patch CVEs when needed to older versions IIUC. So I had to install manually and I cca followed this tutorial https://www.howtoforge.com/tutorial/how-to-install-openssl-from-source-on-linux/
There was a problem hiding this comment.
This uses 3.0.7 since that is the one that got used in windows but we should configure windows version as well, I created https://issues.redhat.com/browse/SSLNTV-36 for now
Skyllarr
force-pushed
the
linux-ci-rebased
branch
from
6aafc88 to
63c2d69
Compare
| echo "/usr/local/ssl/lib64" | sudo tee openssl-3.0.7.conf | ||
| sudo ldconfig -v | ||
| - if: matrix.os == 'ubuntu-latest' | ||
| name: Run tests with the built Linux native |
There was a problem hiding this comment.
Are we missing a block for building the Ubuntu native with the newly installed OpenSSL?
There was a problem hiding this comment.
Yes, sorry I realized it a few minutes ago , it was built with the old version and then wilfdly-openssl tested with new one I think, working on it!
There was a problem hiding this comment.
macos is almost ready as well, will update both
@fjuma I opened this PR #27 to check if the macos CI that I have works. The macOS passed CI, but windows job failed. But the Windows CI was merged already #23 so not sure what changed, it now has issues locating libssl. I tried a "test" commit that changes path to openssl https://github.com/wildfly-security/wildfly-openssl-natives/pull/27/commits but it did not help. You can let me know if the macOS in #27 looks good to you in the current state, and if so I can update this ubuntu job accordingly |
Skyllarr
force-pushed
the
linux-ci-rebased
branch
from
63c2d69 to
b3006f3
Compare
Skyllarr
force-pushed
the
linux-ci-rebased
branch
from
b3006f3 to
7480810
Compare
|
@fjuma Ready for review |
.github/workflows/build-natives.yaml
Outdated
| name: Install latest version of OpenSSL in Ubuntu | ||
| run: | | ||
| cd /usr/local/src/ | ||
| sudo wget https://www.openssl.org/source/openssl-3.0.7.tar.gz |
There was a problem hiding this comment.
Should we update this to 3.1.2 now?
.github/workflows/build-natives.yaml
Outdated
| sudo make test | ||
| sudo make install | ||
| cd /etc/ld.so.conf.d/ | ||
| echo "/usr/local/ssl/lib64" | sudo tee openssl-3.0.7.conf |
.github/workflows/build-natives.yaml
Outdated
| openssl version | ||
| export WILDFLY_OPENSSL_NATIVES_VERSION=${{ steps.build-wildfly-openssl-natives-on-ubuntu.outputs.WILDFLY_OPENSSL_NATIVES_VERSION }} | ||
| echo Running tests with WildFly OpenSSL Natives $WILDFLY_OPENSSL_NATIVES_VERSION | ||
| mvn -B verify --file pom.xml -Dorg.wildfly.openssl.path="/usr/local/src/openssl-3.0.7" -Dversion.org.wildfly.openssl.natives=$WILDFLY_OPENSSL_NATIVES_VERSION |
…ll requests and tags for Linux
Skyllarr
force-pushed
the
linux-ci-rebased
branch
from
7480810 to
f467a63
Compare
|
Thanks @Skyllarr! CI failed for some reason so I've re-triggered it. |
|
Superseded by #30 |
https://issues.redhat.com/browse/SSLNTV-33