Merge pull request #6243 from julek-wolfssl/reuse-wolfssl-builds

actions: Build wolfSSL in seperate job
2023-03-31 09:26:43 -06:00 · 2023-03-31 09:26:43 -06:00 · 74e6f0d337
commit 74e6f0d337
parent 00e3dcfab5 43ca374cad
4 changed files with 116 additions and 42 deletions
--- a/.github/workflows/docker-OpenWrt.yml
+++ b/.github/workflows/docker-OpenWrt.yml
@ -20,7 +20,7 @@ jobs:
            - name: Upload libwolfssl.so
              uses: actions/upload-artifact@v3
              with:
-                name: libwolfssl.so
+                name: openwrt-libwolfssl.so
                path: src/.libs/libwolfssl.so
                retention-days: 1
    compile_container:
@ -36,7 +36,7 @@ jobs:
            - uses: docker/setup-buildx-action@v2
            - uses: actions/download-artifact@v3
              with:
-                name: libwolfssl.so
+                name: openwrt-libwolfssl.so
                path: Docker/OpenWrt/.
            - name: Build but dont push
              uses: docker/build-push-action@v3
--- a/.github/workflows/hostap.yml
+++ b/.github/workflows/hostap.yml
@ -4,6 +4,46 @@ on:
  workflow_call:

 jobs:
+  build_wolfssl:
+    strategy:
+      matrix:
+        include:
+          - build_id: hostap-build1
+            wolf_extra_config: --disable-tls13
+          - build_id: hostap-build2
+            wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
+    runs-on: ubuntu-20.04
+    steps:
+        # No way to view the full strategy in the browser (really weird)
+      - name: Print strategy
+        run: |
+          cat <<EOF
+          ${{ toJSON(matrix) }}
+          EOF
+
+      - if: ${{ runner.debug }}
+        name: Enable wolfSSL debug logging
+        run: |
+          echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
+
+      - name: Build wolfSSL
+        uses: wolfSSL/actions-build-autotools-project@v1
+        with:
+          path: wolfssl
+          configure: >-
+            --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA
+            ${{ env.wolf_debug_flags }} ${{ matrix.wolf_extra_config }}
+          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ matrix.build_id }}
+          path: build-dir
+          retention-days: 1
+
  # Build wpa_supplicant with wolfSSL and hostapd with OpenSSL and interop.
  hostap_test:
    strategy:
@ -23,13 +63,13 @@ jobs:
            hostap_cherry_pick: 698c05da2bd3233b005d45873caa852bc29b32c5,
            remove_teap: true,
            # TLS 1.3 does not work for this version
-            wolf_extra_config: --disable-tls13,
+            build_id: hostap-build1,
          },
          # Test the dpp patch
          {
            hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
            osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
-            wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+            build_id: hostap-build2
          },
        ]
        # parallelize the tests to be able to run all tests within 10 minutes
@ -44,11 +84,12 @@ jobs:
            config: {
              hostap_ref: b607d2723e927a3446d89aed813f1aa6068186bb,
              osp_ref: ad5b52a49b3cc2a5bfb47ccc1d6a5137132e9446,
-              wolf_extra_config: --enable-brainpool --enable-wpas-dpp
+              build_id: hostap-build2
            }
    name: hwsim test
    # For openssl 1.1
    runs-on: ubuntu-20.04
+    needs: build_wolfssl
    steps:
        # No way to view the full strategy in the browser (really weird)
      - name: Print strategy
@ -57,6 +98,11 @@ jobs:
          ${{ toJSON(matrix) }}
          EOF

+      - name: Checkout wolfSSL
+        uses: actions/checkout@v3
+        with:
+          path: wolfssl
+
      - name: Install dependencies
        run: |
          # Don't prompt for anything
@ -75,19 +121,15 @@ jobs:
          lsmod | grep mac80211

      - if: ${{ runner.debug }}
-        name: Enable wolfSSL and hostap debug logging
+        name: Enable hostap debug logging
        run: |
-          echo "wolf_debug_flags=--enable-debug" >> $GITHUB_ENV
          echo "hostap_debug_flags=-d" >> $GITHUB_ENV

-      - name: Build wolfSSL
-        uses: wolfSSL/actions-build-autotools-project@v1
+      - name: Download lib
+        uses: actions/download-artifact@v3
        with:
-          path: wolfssl
-          configure: >-
-            --enable-wpas CFLAGS=-DWOLFSSL_STATIC_RSA
-            ${{ env.wolf_debug_flags }} ${{ matrix.config.wolf_extra_config }}
-          install: true
+          name: ${{ matrix.config.build_id }}
+          path: build-dir

      - name: Setup d-bus
        working-directory: wolfssl/.github/workflows/hostap-files
--- a/.github/workflows/openvpn.yml
+++ b/.github/workflows/openvpn.yml
@ -4,13 +4,9 @@ on:
  workflow_call:

 jobs:
-  openvpn_check:
-    strategy:
-      fail-fast: false
-      matrix:
-        # List of refs to test
-        ref: [ master, release/2.6, v2.6.0 ]
-    name: ${{ matrix.ref }}
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
    runs-on: ubuntu-latest
    steps:
      - name: Build wolfSSL
@ -20,6 +16,29 @@ jobs:
          configure: --enable-openvpn
          install: true

+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-openvpn
+          path: build-dir
+          retention-days: 1
+
+  openvpn_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of refs to test
+        ref: [ master, release/2.6, v2.6.0 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-openvpn
+          path: build-dir
+
      - name: Install dependencies
        run: |
          sudo apt-get update
@ -29,6 +48,10 @@ jobs:

      - if: ${{ matrix.ref != 'master' }}
        name: Build and test openvpn with fsanitize
+        run: |
+          echo 'extra_c_flags=CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"' >> $GITHUB_ENV
+
+      - name: Build and test openvpn
        uses: wolfSSL/actions-build-autotools-project@v1
        with:
          repository: OpenVPN/openvpn
@ -38,19 +61,9 @@ jobs:
            --with-crypto-library=wolfssl
            WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
            WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
-            CFLAGS="-fsanitize=address -fno-omit-frame-pointer -O2"
-          check: true
-
-      - if: ${{ matrix.ref == 'master' }}
-        name: Build and test openvpn without fsanitize
-        uses: wolfSSL/actions-build-autotools-project@v1
-        with:
-          repository: OpenVPN/openvpn
-          ref: ${{ matrix.ref }}
-          path: openvpn
-          configure: >-
-            --with-crypto-library=wolfssl
-            WOLFSSL_CFLAGS="-I$GITHUB_WORKSPACE/build-dir/include/ -I$GITHUB_WORKSPACE/build-dir/include/wolfssl"
-            WOLFSSL_LIBS="-L$GITHUB_WORKSPACE/build-dir/lib -lwolfssl"
+            ${{ env.extra_c_flags }}
          check: true

+      - name: Confirm OpenVPN built with wolfSSL
+        working-directory: ./openvpn
+        run: ldd src/openvpn/openvpn | grep wolfssl
--- a/.github/workflows/stunnel.yml
+++ b/.github/workflows/stunnel.yml
@ -4,13 +4,9 @@ on:
  workflow_call:

 jobs:
-  stunnel_check:
-    strategy:
-      fail-fast: false
-      matrix:
-        # List of releases to test
-        ref: [ 5.67 ]
-    name: ${{ matrix.ref }}
+  build_wolfssl:
+    name: Build wolfSSL
+    # Just to keep it the same as the testing target
    runs-on: ubuntu-latest
    steps:
      - name: Build wolfSSL
@ -19,6 +15,29 @@ jobs:
          path: wolfssl
          configure: --enable-stunnel
          install: true
+
+      - name: Upload built lib
+        uses: actions/upload-artifact@v3
+        with:
+          name: wolf-install-stunnel
+          path: build-dir
+          retention-days: 1
+
+  stunnel_check:
+    strategy:
+      fail-fast: false
+      matrix:
+        # List of releases to test
+        ref: [ 5.67 ]
+    name: ${{ matrix.ref }}
+    runs-on: ubuntu-latest
+    needs: build_wolfssl
+    steps:
+      - name: Download lib
+        uses: actions/download-artifact@v3
+        with:
+          name: wolf-install-stunnel
+          path: build-dir
    
      - name: Checkout OSP
        uses: actions/checkout@v3