Skip to content

net: support https protocol via caddy #3126

net: support https protocol via caddy

net: support https protocol via caddy #3126

Workflow file for this run

name: Build Artifacts (DEB)
on:
workflow_dispatch:
inputs:
logLevel:
description: 'Log level'
required: true
default: 'warning'
type: choice
options:
- info
- warning
- debug
tags:
description: 'Test scenario tags'
required: false
type: boolean
pull_request:
branches: [master, develop]
paths-ignore:
- '**/*.md'
- '.circleci/**'
- '.cirrus.yml'
push:
branches: [master, develop]
paths-ignore:
- '**/*.md'
- '.circleci/**'
- '.cirrus.yml'
release:
types: [published]
schedule:
- cron: '0 16 * * *'
concurrency:
group: ${{ github.workflow }} / ${{ startsWith(github.event_name, 'pull') && github.ref_name || github.sha }}
cancel-in-progress: ${{ startsWith(github.event_name, 'pull') }}
env:
CACHE_EPOCH: 126-1
GOPROXY: direct
DH_QUIET: 1
jobs:
deb-release:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
distro: [xenial]
arch: [amd64, i386]
include:
- distro: bionic
arch: arm64
- distro: sid
arch: riscv64
# XFAIL stretch
# XFAIL focal-i386,jammy-i386,noble-i386
# XFAIL sid-riscv64 (gui, curl)
# distro: [trusty, xenial, bionic, focal, jammy, noble, stretch, buster, bullseye, bookworm]
# arch: [i386, amd64, armhf, arm64]
# include:
# - distro: stretch
# arch: armel
# - distro: stretch
# arch: mipsel
# - distro: stretch
# arch: mips64el
env:
DEBIAN_FRONTEND: 'noninteractive'
HOST_ARCH: '${{ matrix.arch }}'
HOST_DISTRO: '${{ matrix.distro }}'
steps:
- uses: actions/checkout@v4
- name: Checkout with shallow submodules
run: |
# unshallow must come first otherwise submodule may be get unshallowed
git fetch --tags --unshallow
git submodule update --init --depth 1
- name: Patch libcxxabi for both of armel and armhf
if: ${{ env.HOST_ARCH == 'armel' || env.HOST_ARCH == 'armhf' }}
run: |
cd third_party/libc++abi
patch -p1 < v8-6.7.17-fix-gcc-unwind-header.patch
- name: Cache clang
id: clang-cache
uses: actions/cache@v4
with:
path: |
third_party/llvm-build/Release+Asserts
key: ${{ runner.os }}-toolchain-${{ hashFiles('CLANG_REVISION') }}-v${{ env.CACHE_EPOCH }}
- name: Cache golang
uses: actions/cache@v4
with:
path: |
/tmp/.cache/go-build
/tmp/go/pkg/mod
key: ${{ runner.os }}-go-tmp-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-tmp-
- name: "Install dependency: prebuilt clang and clang-tidy binaries"
if: ${{ steps.clang-cache.outputs.cache-hit != 'true' }}
run: |
./scripts/download-clang-prebuilt-binaries.py
rm -f third_party/llvm-build/Release+Asserts/*.tgz
- name: Change ubuntu mirror
run: |
sudo sed -i 's/azure.archive.ubuntu.com/azure.archive.ubuntu.com/g' /etc/apt/sources.list
sudo apt-get update -qq
- name: Populate dependencies (debian keyring, for debian distributions)
run: |
curl -O http://ftp.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2023.4_all.deb
sudo apt-get update -qq && sudo apt-get install -f -y $PWD/debian*.deb
rm -f *.deb
- name: Populate dependencies (sbuild, debhelper, schroot, debootstrap and ubuntu-dev-tools)
run: |
sudo apt-get update -qq
sudo apt-get install -y sbuild debhelper schroot debootstrap ubuntu-dev-tools qemu-user-static
- name: Populate dependencies (deboostrap update for sid fix)
if: ${{ env.HOST_DISTRO == 'sid' }}
run: |
curl -L -O http://mirrors.kernel.org/ubuntu/pool/main/d/debootstrap/debootstrap_1.0.132ubuntu1_all.deb
sudo apt-get update -qq && sudo apt-get install -f -y $PWD/debootstrap*.deb
rm -f *.deb
- name: Copy sbuilrc
run: |
cp -fv sbuildrc ~/.sbuildrc
sudo usermod -aG sudo "$USER"
sudo usermod -aG sbuild "$USER"
sudo chown -R sbuild:sbuild /var/lib/sbuild/
sudo chmod g+rws /var/lib/sbuild/
- name: Pre-Populate sysroot (distro option)
if: ${{ env.HOST_DISTRO == 'stretch' || env.HOST_DISTRO == 'buster' || env.HOST_DISTRO == 'bullseye' || env.HOST_DISTRO == 'bookworm' || env.HOST_DISTRO == 'sid' }}
run: |
echo "mksbuild_distro_opts=--distro=debian" >> $GITHUB_ENV
- name: Pre-Populate BUILD_ARCH (i386)
if: ${{ env.HOST_ARCH == 'i386' }}
run: |
echo "mksbuild_arch_opts=--arch=i386" >> $GITHUB_ENV
echo "BUILD_ARCH=i386" >> $GITHUB_ENV
- name: Pre-Populate BUILD_ARCH (amd64)
if: ${{ env.HOST_ARCH != 'i386' }}
run: |
echo "mksbuild_arch_opts=--arch=amd64" >> $GITHUB_ENV
echo "BUILD_ARCH=$(dpkg-architecture -q DEB_BUILD_ARCH)" >> $GITHUB_ENV
- name: Set check build profile
if: ${{ env.HOST_ARCH == 'i386' || env.HOST_ARCH == 'amd64' }}
run: |
echo "DEB_BUILD_PROFILES=check ${{ env.DEB_BUILD_PROFILES }}" >> $GITHUB_ENV
- name: Set cross build profile
if: ${{ env.HOST_ARCH != 'i386' && env.HOST_ARCH != 'amd64' }}
run: |
echo "DEB_BUILD_PROFILES=nocheck cross ${{ env.DEB_BUILD_PROFILES }}" >> $GITHUB_ENV
- name: Set nogui build profile (armel/mipsel/mips64el and riscv64 only)
if: ${{ env.HOST_ARCH == 'armel' || env.HOST_ARCH == 'mipsel' || env.HOST_ARCH == 'mips64el' || env.HOST_ARCH == 'riscv64' }}
run: |
echo "DEB_BUILD_PROFILES=nogui ${{ env.DEB_BUILD_PROFILES }}" >> $GITHUB_ENV
echo "APT_DEB_BUILD_PROFILES=-o Apt::Build-Profiles=nogui" >> $GITHUB_ENV
- name: Set clang build profile
run: |
echo "DEB_BUILD_PROFILES=clang ${{ env.DEB_BUILD_PROFILES }}" >> $GITHUB_ENV
echo "CC=${{ github.workspace }}/third_party/llvm-build/Release+Asserts/bin/clang" >> $GITHUB_ENV
echo "CXX=${{ github.workspace }}/third_party/llvm-build/Release+Asserts/bin/clang++" >> $GITHUB_ENV
- name: Fix schroot permissions (set store permissions for restore)
run: |
sudo mkdir -p /etc/schroot/chroot.d /var/lib/schroot/chroots
sudo chown -R $USER:sbuild /etc/schroot/chroot.d /var/lib/schroot/chroots
- name: Cache schroot
id: schroot-cache
uses: actions/cache@v4
with:
path: |
/etc/schroot/chroot.d
/var/lib/schroot/chroots
key: ${{ runner.os }}-22.04-schroot-${{ env.HOST_DISTRO }}-${{ env.HOST_ARCH }}-v3
- name: Fix schroot permissions (restore root permissions)
run: |
sudo chown -R root:root /etc/schroot/chroot.d /var/lib/schroot/chroots
# mk-sbuild may fail due to the missing pkg-config-<gnu-type>, but it
# should be fine, will create pkg-config shim in next step
- name: Populate sysroot
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo -n sudo -u "$USER" -g sbuild mk-sbuild ${{ env.mksbuild_arch_opts }} ${{ env.HOST_DISTRO }} --target=${{ env.HOST_ARCH }} ${{ env.mksbuild_distro_opts }} || true
sudo sed -i '/profile/d' /etc/schroot/chroot.d/*
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get clean
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get update -qq
- name: Populate sysroot (crosscompile toolchain)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_ARCH != 'i386' && env.HOST_ARCH != 'amd64' }}
run: |
export HOST_GNU_TYPE=$(dpkg-architecture -a ${{ env.HOST_ARCH }} -q DEB_HOST_GNU_TYPE)
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
dpkg --add-architecture ${{ env.HOST_ARCH }}
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get update -qq
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y dpkg-cross pkg-config gcc-$HOST_GNU_TYPE g++-$HOST_GNU_TYPE libc6:${{ env.HOST_ARCH }} libstdc++6:${{ env.HOST_ARCH }} linux-libc-dev:${{ env.HOST_ARCH }}
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
ln -sf /usr/share/pkg-config-crosswrapper /usr/bin/${HOST_GNU_TYPE}-pkg-config
- name: Populate sysroot (crosscompile toolchain, for bookworm and later distro)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_ARCH != 'i386' && env.HOST_ARCH != 'amd64' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
bash -c "[ ! -f /usr/share/pkg-config-crosswrapper ] && cp -v $PWD/debian/pkg-config-crosswrapper /usr/share/pkg-config-crosswrapper || :"
- name: Populate sysroot (standard toolchain)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y fakeroot advancecomp apt-utils file build-essential pkg-config debhelper lockfile-progs optipng tzdata ucf
- name: Populate sysroot (amd64 runtime for clang)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_ARCH == 'i386' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
cp -f /etc/apt/sources.list /etc/apt/sources.list.amd64
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
sed -i s/i386/amd64/g /etc/apt/sources.list.amd64
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
bash -c "cat /etc/apt/sources.list /etc/apt/sources.list.amd64 | tee /tmp/sources.list"
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
mv -f /tmp/sources.list /etc/apt/sources.list
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
dpkg --add-architecture amd64
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get update -qq
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y libc6:amd64 libstdc++6:amd64 zlib1g:amd64
- name: Populate sysroot (ca-certificates, git)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y ca-certificates git
- name: Populate sysroot (golang, new distro)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_DISTRO != 'trusty' && env.HOST_DISTRO != 'xenial' && env.HOST_DISTRO != 'bionic' && env.HOST_DISTRO != 'stretch' && env.HOST_DISTRO != 'buster' && env.HOST_DISTRO != 'bullseye' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y golang
- name: Populate sysroot (golang, old distro)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && (env.HOST_DISTRO == 'trusty' || env.HOST_DISTRO == 'xenial' || env.HOST_DISTRO == 'bionic' || env.HOST_DISTRO == 'stretch' || env.HOST_DISTRO == 'buster' || env.HOST_DISTRO == 'bullseye') }}
run: |
# shipped with debian bullseye
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-defaults/golang_1.15~1_${{ env.BUILD_ARCH }}.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-defaults/golang-go_1.15~1_${{ env.BUILD_ARCH }}.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-defaults/golang-src_1.15~1_${{ env.BUILD_ARCH }}.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-defaults/golang-doc_1.15~1_all.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-1.15/golang-1.15_1.15.15-1~deb11u4_all.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-1.15/golang-1.15-go_1.15.15-1~deb11u4_${{ env.BUILD_ARCH }}.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-1.15/golang-1.15-src_1.15.15-1~deb11u4_${{ env.BUILD_ARCH }}.deb
curl -O http://ftp.us.debian.org/debian/pool/main/g/golang-1.15/golang-1.15-doc_1.15.15-1~deb11u4_all.deb
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
dpkg --force-depends -i $PWD/*.deb || true
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y -f
rm -f *.deb
- name: Populate dependencie (cmake)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y cmake ninja-build
- name: Populate dependencie (cmake, overwrite)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
curl -L -O https://github.com/Kitware/CMake/releases/download/v3.28.5/cmake-3.28.5-linux-x86_64.tar.gz
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
tar -C /usr/local --strip-components=1 -xf cmake-3.28.5-linux-x86_64.tar.gz
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
cmake --version
rm -f *.tar.gz
- name: Populate dependencie (base)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y perl gcc g++ ninja-build
- name: Populate dependencie (zlib)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y zlib1g-dev:${{ env.HOST_ARCH }}
- name: Populate dependencie (gui, exclude some arches)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_ARCH != 'armel' && env.HOST_ARCH != 'mipsel' && env.HOST_ARCH != 'mips64el' && env.HOST_ARCH != 'riscv64' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get -o DPkg::Options::="--force-confnew" install -y libglib2.0-dev:${{ env.HOST_ARCH }} libgtk-3-dev:${{ env.HOST_ARCH }}
- name: Populate dependencie (curl, for test purpose, exclude some arches)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' && env.HOST_ARCH != 'armel' && env.HOST_ARCH != 'mipsel' && env.HOST_ARCH != 'mips64el' && env.HOST_ARCH != 'riscv64' }}
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt-get install -y libcurl4-openssl-dev:${{ env.HOST_ARCH }}
- name: Populate dependencie (list upgradable packages)
run: |
sudo schroot --chroot "source:${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}" --user root -- \
apt list --upgradeable || true
- name: Build deb
run: |
export DEB_BUILD_PROFILES
export DH_QUIET
sudo -E sudo -E -u "$USER" -g sbuild ./scripts/build-deb.sh
- name: Upload dist tarball (including debuginfo)
if: ${{ github.event_name == 'release' }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
gh release upload ${{ github.event.release.tag_name }} yass*.deb
- name: Shutdown schroot sessions
run: |
sudo schroot --end-session --all-sessions
- name: Fix schroot dev nodes permissions
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo rm -rf /var/lib/schroot/chroots/${{ env.HOST_DISTRO }}-${{ env.BUILD_ARCH }}-${{ env.HOST_ARCH }}/dev
- name: Fix schroot permissions (restore store permissions)
if: ${{ steps.schroot-cache.outputs.cache-hit != 'true' }}
run: |
sudo chown -R $USER /etc/schroot/chroot.d /var/lib/schroot/chroots