From ba42281e2c41dc884943771455aff1127341a05b Mon Sep 17 00:00:00 2001 From: Rushil Mehra Date: Tue, 22 Oct 2024 16:27:26 -0700 Subject: [PATCH] wip --- .github/workflows/ci.yml | 542 ++++++++++++++++++++------------------- boring-sys/build/main.rs | 4 +- 2 files changed, 280 insertions(+), 266 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 083ee77c..b277728b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,242 +58,242 @@ jobs: key: clippy-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }} - name: Run clippy run: cargo clippy --all --all-targets - test: - name: Test - runs-on: ${{ matrix.os }} - strategy: - matrix: - thing: - - stable - - arm-android - - arm64-android - - i686-android - - x86_64-android - - aarch64-ios - - aarch64-ios-sim - - x86_64-ios - - i686-linux - - arm-linux - - aarch64-linux - - arm64-macos - - x86_64-macos - - x86_64-mingw - - i686-msvc - - x86_64-msvc - include: - - check_only: false - - extra_test_args: '' - - apt_packages: '' - - custom_env: {} - - thing: stable - target: x86_64-unknown-linux-gnu - rust: stable - os: ubuntu-latest - - thing: arm-android - target: armv7-linux-androideabi - rust: stable - os: ubuntu-latest - check_only: true - - thing: arm64-android - target: aarch64-linux-android - rust: stable - os: ubuntu-latest - check_only: true - - thing: i686-android - target: i686-linux-android - rust: stable - os: ubuntu-latest - check_only: true - - thing: x86_64-android - target: x86_64-linux-android - rust: stable - os: ubuntu-latest - check_only: true - - thing: aarch64-ios - target: aarch64-apple-ios - os: macos-latest - check_only: true - # It's... theoretically possible to run tests on iPhone Simulator, - # but for now, make sure that BoringSSL only builds. - - thing: aarch64-ios-sim - target: aarch64-apple-ios-sim - os: macos-latest - check_only: true - - thing: x86_64-ios - target: x86_64-apple-ios - os: macos-latest - check_only: true - - thing: i686-linux - target: i686-unknown-linux-gnu - rust: stable - os: ubuntu-latest - apt_packages: gcc-multilib g++-multilib - - thing: arm-linux - target: arm-unknown-linux-gnueabi - rust: stable - os: ubuntu-latest - apt_packages: gcc-arm-linux-gnueabi g++-arm-linux-gnueabi - check_only: true - custom_env: - CC: arm-linux-gnueabi-gcc - CXX: arm-linux-gnueabi-g++ - CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABI_LINKER: arm-linux-gnueabi-g++ - - thing: aarch64-linux - target: aarch64-unknown-linux-gnu - rust: stable - os: ubuntu-latest - apt_packages: crossbuild-essential-arm64 - check_only: true - custom_env: - CC: aarch64-linux-gnu-gcc - CXX: aarch64-linux-gnu-g++ - CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-g++ - - thing: arm64-macos - target: aarch64-apple-darwin - rust: stable - os: macos-latest - check_only: true - - thing: x86_64-macos - target: x86_64-apple-darwin - rust: stable - os: macos-latest - - thing: x86_64-mingw - target: x86_64-pc-windows-gnu - rust: stable - os: windows-latest - check_only: true # tests are flaky for unclear reasons - custom_env: - CC: gcc - CXX: g++ - C_INCLUDE_PATH: "C:\\msys64\\usr\\include" - CPLUS_INCLUDE_PATH: "C:\\msys64\\usr\\include" - LIBRARY_PATH: "C:\\msys64\\usr\\lib" - # CI's Windows doesn't have required root certs - extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring - - thing: i686-msvc - target: i686-pc-windows-msvc - rust: stable-x86_64-msvc - os: windows-latest - # CI's Windows doesn't have required root certs - extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring - - thing: x86_64-msvc - target: x86_64-pc-windows-msvc - rust: stable-x86_64-msvc - os: windows-latest - # CI's Windows doesn't have required root certs - extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring + #test: + # name: Test + # runs-on: ${{ matrix.os }} + # strategy: + # matrix: + # thing: + # - stable + # - arm-android + # - arm64-android + # - i686-android + # - x86_64-android + # - aarch64-ios + # - aarch64-ios-sim + # - x86_64-ios + # - i686-linux + # - arm-linux + # - aarch64-linux + # - arm64-macos + # - x86_64-macos + # - x86_64-mingw + # - i686-msvc + # - x86_64-msvc + # include: + # - check_only: false + # - extra_test_args: '' + # - apt_packages: '' + # - custom_env: {} + # - thing: stable + # target: x86_64-unknown-linux-gnu + # rust: stable + # os: ubuntu-latest + # - thing: arm-android + # target: armv7-linux-androideabi + # rust: stable + # os: ubuntu-latest + # check_only: true + # - thing: arm64-android + # target: aarch64-linux-android + # rust: stable + # os: ubuntu-latest + # check_only: true + # - thing: i686-android + # target: i686-linux-android + # rust: stable + # os: ubuntu-latest + # check_only: true + # - thing: x86_64-android + # target: x86_64-linux-android + # rust: stable + # os: ubuntu-latest + # check_only: true + # - thing: aarch64-ios + # target: aarch64-apple-ios + # os: macos-latest + # check_only: true + # # It's... theoretically possible to run tests on iPhone Simulator, + # # but for now, make sure that BoringSSL only builds. + # - thing: aarch64-ios-sim + # target: aarch64-apple-ios-sim + # os: macos-latest + # check_only: true + # - thing: x86_64-ios + # target: x86_64-apple-ios + # os: macos-latest + # check_only: true + # - thing: i686-linux + # target: i686-unknown-linux-gnu + # rust: stable + # os: ubuntu-latest + # apt_packages: gcc-multilib g++-multilib + # - thing: arm-linux + # target: arm-unknown-linux-gnueabi + # rust: stable + # os: ubuntu-latest + # apt_packages: gcc-arm-linux-gnueabi g++-arm-linux-gnueabi + # check_only: true + # custom_env: + # CC: arm-linux-gnueabi-gcc + # CXX: arm-linux-gnueabi-g++ + # CARGO_TARGET_ARM_UNKNOWN_LINUX_GNUEABI_LINKER: arm-linux-gnueabi-g++ + # - thing: aarch64-linux + # target: aarch64-unknown-linux-gnu + # rust: stable + # os: ubuntu-latest + # apt_packages: crossbuild-essential-arm64 + # check_only: true + # custom_env: + # CC: aarch64-linux-gnu-gcc + # CXX: aarch64-linux-gnu-g++ + # CARGO_TARGET_AARCH64_UNKNOWN_LINUX_GNU_LINKER: aarch64-linux-gnu-g++ + # - thing: arm64-macos + # target: aarch64-apple-darwin + # rust: stable + # os: macos-latest + # check_only: true + # - thing: x86_64-macos + # target: x86_64-apple-darwin + # rust: stable + # os: macos-latest + # - thing: x86_64-mingw + # target: x86_64-pc-windows-gnu + # rust: stable + # os: windows-latest + # check_only: true # tests are flaky for unclear reasons + # custom_env: + # CC: gcc + # CXX: g++ + # C_INCLUDE_PATH: "C:\\msys64\\usr\\include" + # CPLUS_INCLUDE_PATH: "C:\\msys64\\usr\\include" + # LIBRARY_PATH: "C:\\msys64\\usr\\lib" + # # CI's Windows doesn't have required root certs + # extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring + # - thing: i686-msvc + # target: i686-pc-windows-msvc + # rust: stable-x86_64-msvc + # os: windows-latest + # # CI's Windows doesn't have required root certs + # extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring + # - thing: x86_64-msvc + # target: x86_64-pc-windows-msvc + # rust: stable-x86_64-msvc + # os: windows-latest + # # CI's Windows doesn't have required root certs + # extra_test_args: --workspace --exclude tokio-boring --exclude hyper-boring - steps: - - uses: actions/checkout@v4 - with: - submodules: 'recursive' - - name: Install Rust (rustup) - run: rustup update ${{ matrix.rust }} --no-self-update && rustup default ${{ matrix.rust }} - shell: bash - - run: rustup target add ${{ matrix.target }} - - name: Install target-specific APT dependencies - if: "matrix.apt_packages != ''" - run: sudo apt update && sudo apt install -y ${{ matrix.apt_packages }} - shell: bash - - name: Install nasm - if: startsWith(matrix.os, 'windows') - run: choco install nasm - shell: cmd - - name: Install LLVM and Clang - if: startsWith(matrix.os, 'windows') - uses: KyleMayes/install-llvm-action@v1 - with: - version: "11.0" - directory: ${{ runner.temp }}/llvm - - name: Set LIBCLANG_PATH - if: startsWith(matrix.os, 'windows') - run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV - - name: Set Android Linker path - if: endsWith(matrix.thing, '-android') - run: echo "CARGO_TARGET_$(echo ${{ matrix.target }} | tr \\-a-z _A-Z)_LINKER=$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64/bin/$(echo ${{ matrix.target }} | sed s/armv7/armv7a/)21-clang++" >> "$GITHUB_ENV" - - name: Build tests - # We `build` because we want the linker to verify we are cross-compiling correctly for check-only targets. - run: cargo build --target ${{ matrix.target }} --tests ${{ matrix.extra_test_args }} - shell: bash - env: ${{ matrix.custom_env }} - - name: Run tests - if: "!matrix.check_only" - run: cargo test --target ${{ matrix.target }} ${{ matrix.extra_test_args }} - shell: bash - env: ${{ matrix.custom_env }} - - name: Test boring-sys cargo publish - # Running `cargo publish --dry-run` tests two things: - # - # 1. That `boring-sys` can build BoringSSL with just the files included - # in the crates.io package (as determined by the `include` field in - # the `Cargo.toml`). - # 2. That the final `boring-sys` package size, including the BoringSSL - # submodules, is not too large to be published to `crates.io`. - # - # Both of these may no longer be the case after updating the BoringSSL - # submodules to a new revision, so it's important to test this on CI. - run: cargo publish --dry-run -p boring-sys + # steps: + # - uses: actions/checkout@v4 + # with: + # submodules: 'recursive' + # - name: Install Rust (rustup) + # run: rustup update ${{ matrix.rust }} --no-self-update && rustup default ${{ matrix.rust }} + # shell: bash + # - run: rustup target add ${{ matrix.target }} + # - name: Install target-specific APT dependencies + # if: "matrix.apt_packages != ''" + # run: sudo apt update && sudo apt install -y ${{ matrix.apt_packages }} + # shell: bash + # - name: Install nasm + # if: startsWith(matrix.os, 'windows') + # run: choco install nasm + # shell: cmd + # - name: Install LLVM and Clang + # if: startsWith(matrix.os, 'windows') + # uses: KyleMayes/install-llvm-action@v1 + # with: + # version: "11.0" + # directory: ${{ runner.temp }}/llvm + # - name: Set LIBCLANG_PATH + # if: startsWith(matrix.os, 'windows') + # run: echo "LIBCLANG_PATH=$((gcm clang).source -replace "clang.exe")" >> $env:GITHUB_ENV + # - name: Set Android Linker path + # if: endsWith(matrix.thing, '-android') + # run: echo "CARGO_TARGET_$(echo ${{ matrix.target }} | tr \\-a-z _A-Z)_LINKER=$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64/bin/$(echo ${{ matrix.target }} | sed s/armv7/armv7a/)21-clang++" >> "$GITHUB_ENV" + # - name: Build tests + # # We `build` because we want the linker to verify we are cross-compiling correctly for check-only targets. + # run: cargo build --target ${{ matrix.target }} --tests ${{ matrix.extra_test_args }} + # shell: bash + # env: ${{ matrix.custom_env }} + # - name: Run tests + # if: "!matrix.check_only" + # run: cargo test --target ${{ matrix.target }} ${{ matrix.extra_test_args }} + # shell: bash + # env: ${{ matrix.custom_env }} + # - name: Test boring-sys cargo publish + # # Running `cargo publish --dry-run` tests two things: + # # + # # 1. That `boring-sys` can build BoringSSL with just the files included + # # in the crates.io package (as determined by the `include` field in + # # the `Cargo.toml`). + # # 2. That the final `boring-sys` package size, including the BoringSSL + # # submodules, is not too large to be published to `crates.io`. + # # + # # Both of these may no longer be the case after updating the BoringSSL + # # submodules to a new revision, so it's important to test this on CI. + # run: cargo publish --dry-run -p boring-sys - test-fips: - name: Test FIPS integration - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v4 - with: - submodules: 'recursive' - - name: Install Rust (rustup) - run: rustup update stable --no-self-update && rustup default stable - shell: bash - - name: Install Clang-12 - uses: KyleMayes/install-llvm-action@v1 - with: - version: "12.0.0" - directory: ${{ runner.temp }}/llvm - - name: Install golang - uses: actions/setup-go@v5 - with: - go-version: '>=1.22.0' - - name: Add clang++-12 link - working-directory: ${{ runner.temp }}/llvm/bin - run: ln -s clang clang++-12 - - name: Run tests - run: cargo test --features fips - - name: Test boring-sys cargo publish (FIPS) - # Running `cargo publish --dry-run` tests two things: - # - # 1. That `boring-sys` can build BoringSSL with just the files included - # in the crates.io package (as determined by the `include` field in - # the `Cargo.toml`). - # 2. That the final `boring-sys` package size, including the BoringSSL - # submodules, is not too large to be published to `crates.io`. - # - # Both of these may no longer be the case after updating the BoringSSL - # submodules to a new revision, so it's important to test this on CI. - run: cargo publish --dry-run -p boring-sys --features fips + #test-fips: + # name: Test FIPS integration + # runs-on: ubuntu-20.04 + # steps: + # - uses: actions/checkout@v4 + # with: + # submodules: 'recursive' + # - name: Install Rust (rustup) + # run: rustup update stable --no-self-update && rustup default stable + # shell: bash + # - name: Install Clang-12 + # uses: KyleMayes/install-llvm-action@v1 + # with: + # version: "12.0.0" + # directory: ${{ runner.temp }}/llvm + # - name: Install golang + # uses: actions/setup-go@v5 + # with: + # go-version: '>=1.22.0' + # - name: Add clang++-12 link + # working-directory: ${{ runner.temp }}/llvm/bin + # run: ln -s clang clang++-12 + # - name: Run tests + # run: cargo test --features fips + # - name: Test boring-sys cargo publish (FIPS) + # # Running `cargo publish --dry-run` tests two things: + # # + # # 1. That `boring-sys` can build BoringSSL with just the files included + # # in the crates.io package (as determined by the `include` field in + # # the `Cargo.toml`). + # # 2. That the final `boring-sys` package size, including the BoringSSL + # # submodules, is not too large to be published to `crates.io`. + # # + # # Both of these may no longer be the case after updating the BoringSSL + # # submodules to a new revision, so it's important to test this on CI. + # run: cargo publish --dry-run -p boring-sys --features fips - cross-build: - name: Cross build from macOS to Linux - runs-on: macos-latest - strategy: - matrix: - include: - - target: x86_64-unknown-linux-gnu - steps: - - uses: actions/checkout@v4 - with: - submodules: 'recursive' - - name: Install Rust (rustup) - run: rustup update stable --no-self-update && rustup default stable && rustup target add ${{ matrix.target }} - shell: bash - - name: Install ${{ matrix.target }} toolchain - run: brew tap messense/macos-cross-toolchains && brew install ${{ matrix.target }} - - name: Set BORING_BSSL_SYSROOT - run: echo "BORING_BSSL_SYSROOT=$(brew --prefix ${{ matrix.target }})/toolchain/${{ matrix.target }}/sysroot" >> $GITHUB_ENV - shell: bash - - name: Set CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER - run: echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER=${{ matrix.target }}-gcc" >> $GITHUB_ENV - - name: Build for ${{ matrix.target }} - run: cargo build --target ${{ matrix.target }} --all-targets + #cross-build: + # name: Cross build from macOS to Linux + # runs-on: macos-latest + # strategy: + # matrix: + # include: + # - target: x86_64-unknown-linux-gnu + # steps: + # - uses: actions/checkout@v4 + # with: + # submodules: 'recursive' + # - name: Install Rust (rustup) + # run: rustup update stable --no-self-update && rustup default stable && rustup target add ${{ matrix.target }} + # shell: bash + # - name: Install ${{ matrix.target }} toolchain + # run: brew tap messense/macos-cross-toolchains && brew install ${{ matrix.target }} + # - name: Set BORING_BSSL_SYSROOT + # run: echo "BORING_BSSL_SYSROOT=$(brew --prefix ${{ matrix.target }})/toolchain/${{ matrix.target }}/sysroot" >> $GITHUB_ENV + # shell: bash + # - name: Set CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER + # run: echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER=${{ matrix.target }}-gcc" >> $GITHUB_ENV + # - name: Build for ${{ matrix.target }} + # run: cargo build -vvv --target ${{ matrix.target }} --all-targets cross-build-fips: name: Cross build from macOS to Linux (FIPS) @@ -320,10 +320,18 @@ jobs: directory: ${{ runner.temp }}/llvm - name: Add clang++-12 link working-directory: ${{ runner.temp }}/llvm/bin - run: ln -s clang clang++-12 + run: ln -s clang++ clang++-12 - name: Install ${{ matrix.target }} toolchain # TODO(rmehra): find a better way to overwrite the python3 version without specifying version - run: brew tap messense/macos-cross-toolchains && brew install --overwrite python@3.12 && brew install ${{ matrix.target }} + run: brew tap messense/macos-cross-toolchains && brew install --overwrite python@3.12 && brew install ${{ matrix.target }} && brew link x86_64-unknown-linux-gnu + - name: Uname + run: uname -a + - name: Debug brew + run: brew linkage x86_64-unknown-linux-gnu + # - name: Debug brew2 + # run: brew linkage --test x86_64-unknown-linux-gnu + - name: Debug brew3 + run: brew doctor - name: Set BORING_BSSL_FIPS_COMPILER_EXTERNAL_TOOLCHAIN run: echo "BORING_BSSL_FIPS_COMPILER_EXTERNAL_TOOLCHAIN=$(brew --prefix ${{ matrix.target }})/toolchain" >> $GITHUB_ENV shell: bash @@ -331,35 +339,41 @@ jobs: run: echo "BORING_BSSL_FIPS_SYSROOT=$BORING_BSSL_FIPS_COMPILER_EXTERNAL_TOOLCHAIN/${{ matrix.target }}/sysroot" >> $GITHUB_ENV shell: bash - name: Set CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER - run: echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER=${{ matrix.target }}-gcc" >> $GITHUB_ENV + run: echo "CARGO_TARGET_X86_64_UNKNOWN_LINUX_GNU_LINKER=x86_64-linux-gnu-gcc" >> $GITHUB_ENV + - name: Debug + run: which clang + shell: bash + - name: Debug + run: ls /Users/runner/work/_temp/llvm/bin + shell: bash - name: Build for ${{ matrix.target }} run: cargo build --target ${{ matrix.target }} --all-targets --features fips - test-features: - name: Test features - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v4 - with: - submodules: 'recursive' - - name: Install Rust (rustup) - run: rustup update stable --no-self-update && rustup default stable - shell: bash - - run: cargo test --features rpk - name: Run `rpk` tests - - run: cargo test --features pq-experimental - name: Run `pq-experimental` tests - - run: cargo test --features underscore-wildcards - name: Run `underscore-wildcards` tests - - run: cargo test --features pq-experimental,rpk - name: Run `pq-experimental,rpk` tests - - run: cargo test --features kx-safe-default,pq-experimental - name: Run `kx-safe-default` tests - - run: cargo test --features pq-experimental,underscore-wildcards - name: Run `pq-experimental,underscore-wildcards` tests - - run: cargo test --features rpk,underscore-wildcards - name: Run `rpk,underscore-wildcards` tests - - run: cargo test --features pq-experimental,rpk,underscore-wildcards - name: Run `pq-experimental,rpk,underscore-wildcards` tests - - run: cargo test -p hyper-boring --features hyper1 - name: Run hyper 1.0 tests for hyper-boring + # test-features: + # name: Test features + # runs-on: ubuntu-20.04 + # steps: + # - uses: actions/checkout@v4 + # with: + # submodules: 'recursive' + # - name: Install Rust (rustup) + # run: rustup update stable --no-self-update && rustup default stable + # shell: bash + # - run: cargo test --features rpk + # name: Run `rpk` tests + # - run: cargo test --features pq-experimental + # name: Run `pq-experimental` tests + # - run: cargo test --features underscore-wildcards + # name: Run `underscore-wildcards` tests + # - run: cargo test --features pq-experimental,rpk + # name: Run `pq-experimental,rpk` tests + # - run: cargo test --features kx-safe-default,pq-experimental + # name: Run `kx-safe-default` tests + # - run: cargo test --features pq-experimental,underscore-wildcards + # name: Run `pq-experimental,underscore-wildcards` tests + # - run: cargo test --features rpk,underscore-wildcards + # name: Run `rpk,underscore-wildcards` tests + # - run: cargo test --features pq-experimental,rpk,underscore-wildcards + # name: Run `pq-experimental,rpk,underscore-wildcards` tests + # - run: cargo test -p hyper-boring --features hyper1 + # name: Run hyper 1.0 tests for hyper-boring diff --git a/boring-sys/build/main.rs b/boring-sys/build/main.rs index 7966e215..76d3f9d1 100644 --- a/boring-sys/build/main.rs +++ b/boring-sys/build/main.rs @@ -318,8 +318,8 @@ fn get_boringssl_cmake_config(config: &Config) -> cmake::Config { } _ => { eprintln!( - "warning: no toolchain file configured by boring-sys for {}", - config.target + "warning: no toolchain file configured by boring-sys for {} and {}", + config.target, config.target_arch ); } },