I attached a patch.
btw, we only build for the latest LibreSSL. are we ok to skip LibreSSL for
stable branches ?
the remaining feature requests might be addressed later, I hope
пн, 12 дек. 2022 г. в 13:03, William Lallemand <wlallem...@haproxy.com>:
> On Mon, Dec 12, 2022 at 08:48:06AM +0100, William Lallemand wrote:
> > Hi Ilya !
> >
> > On Mon, Dec 12, 2022 at 10:56:11AM +0500, Илья Шипицин wrote:
> > > hello,
> > >
> > > I made some prototype of I meant:
> > >
> > >
> https://github.com/chipitsine/haproxy/commit/c95955ecfd1a5b514c235b0f155bfa71178b51d5
> > >
> >
> > - We don't often use "dev" in our branches so we should build everything
> > when it's not a stable branch.
> >
> > - We don't want to build "3.0" OR latest, in fact we only need to
> > condition the "latest" build, because the other one will always be
> > built.
> >
> > So once the "3.1" is released we could add an entry for it to
> > the file and "latest" will be another version. This way we could
> > backport the "3.1" in previous branches if we want to support it.
> >
> > > I;m not sure how stable branches are named in private github ci. If
> you can
> > > enlighten me, I'll try to adopt.
> > > currently, I did the following, if branch name is either master or
> contains
> > > "dev", so "latest" semantic is chosen, fixed versions are used
> otherwise.
> > >
> >
> > The stable branches are named "haproxy-X.Y", so in my opinion we should
> > build the "latest" for anything which is not a stable branch.
> >
> > > also, I know that the same ci is used for
> > >
> > > https://github.com/haproxytech/quic-dev
> > >
> > >
> > > @Frederic Lecaille <flecai...@haproxy.com> , which behaviour would
> you like
> > > for that repo ? what is branch naming convention ?
> > >
> > The same as the master branch IMHO.
> >
> > Also, the problem is uglier than I thought, we are not testing 1.1.1
> > anymore since "ubuntu-latest" was upgraded to 22.04 a few weeks ago
> > without us noticing. "ssl=stock" is now a 3.0 branch. It brokes all
> > stable branches below 2.6 because they need the deprecated SSL API.
> > I changed "ubuntu-latest" to "ubuntu-20.04" for those branches so it
> > works as earlier. I'm going to reintroduce "1.1.1" for master to 2.6 so
> > it is correctly tested again.
> >
> > In my opinion we need a similar mecanism for the distribution than for
> > the ssl libs. Maybe using "latest" only in dev branches and a fixed
> > version for stable branches will be enough.
> >
> > Regards,
> >
>
> Just thought about something, is it possible to have the versions in the
> job names ? So we don't have surprises. For example the Ubuntu version
> which was resolved by "ubuntu-latest" and the SSL version of
> "ssl=stock", we could easily see the changes this way.
>
> --
> William Lallemand
>
From d3056da0e532914fca7ff0936be34d3df3e94602 Mon Sep 17 00:00:00 2001
From: Ilya Shipitsin <chipits...@gmail.com>
Date: Mon, 12 Dec 2022 19:15:22 +0500
Subject: [PATCH] CI: split ssl lib selection based on git branch
when *SSL_VERSION="latest" behaviour was introduced, it seems to be fine
for development branches, but too intrusive for stable branches.
let us limit "latest" semantic only for development builds, if branch name
contains "haproxy-" it is supposed to be stable branch, no latest openssl
should be taken
---
.github/matrix.py | 10 ++++------
.github/workflows/vtest.yml | 2 +-
2 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/.github/matrix.py b/.github/matrix.py
index 98d0a1f2a..fd9491aee 100755
--- a/.github/matrix.py
+++ b/.github/matrix.py
@@ -15,12 +15,12 @@ import re
from os import environ
if len(sys.argv) == 2:
- build_type = sys.argv[1]
+ ref_name = sys.argv[1]
else:
- print("Usage: {} <build_type>".format(sys.argv[0]), file=sys.stderr)
+ print("Usage: {} <ref_name>".format(sys.argv[0]), file=sys.stderr)
sys.exit(1)
-print("Generating matrix for type '{}'.".format(build_type))
+print("Generating matrix for type '{}'.".format(ref_name))
def clean_os(os):
@@ -129,11 +129,9 @@ for CC in ["gcc", "clang"]:
"stock",
"OPENSSL_VERSION=1.0.2u",
"OPENSSL_VERSION=1.1.1s",
- "OPENSSL_VERSION=latest",
- "LIBRESSL_VERSION=latest",
"QUICTLS=yes",
# "BORINGSSL=yes",
- ]:
+ ] + (["OPENSSL_VERSION=latest", "LIBRESSL_VERSION=latest"] if "haproxy-" not in ref_name else []):
flags = ["USE_OPENSSL=1"]
if ssl == "BORINGSSL=yes" or ssl == "QUICTLS=yes" or "LIBRESSL" in ssl:
flags.append("USE_QUIC=1")
diff --git a/.github/workflows/vtest.yml b/.github/workflows/vtest.yml
index fb7b1d968..a7cdcc514 100644
--- a/.github/workflows/vtest.yml
+++ b/.github/workflows/vtest.yml
@@ -26,7 +26,7 @@ jobs:
- uses: actions/checkout@v3
- name: Generate Build Matrix
id: set-matrix
- run: python3 .github/matrix.py "${{ github.event_name }}"
+ run: python3 .github/matrix.py "${{ github.ref_name }}"
# The Test job actually runs the tests.
Test:
--
2.38.1
