diff --git a/.azure-pipelines/azure-pipelines-win.yml b/.azure-pipelines/azure-pipelines-win.yml index 0272432..5b7766d 100755 --- a/.azure-pipelines/azure-pipelines-win.yml +++ b/.azure-pipelines/azure-pipelines-win.yml @@ -20,6 +20,7 @@ jobs: UPLOAD_TEMP: D:\\tmp steps: + - task: PythonScript@0 displayName: 'Download Miniforge' inputs: @@ -38,55 +39,14 @@ jobs: displayName: Add conda to PATH - script: | - call activate base - mamba.exe install "python=3.10" conda-build conda pip boa conda-forge-ci-setup=3 -c conda-forge --strict-channel-priority --yes - displayName: Install conda-build - - - script: set PYTHONUNBUFFERED=1 - displayName: Set PYTHONUNBUFFERED - - # Configure the VM - - script: | - call activate base - setup_conda_rc .\ ".\recipe" .\.ci_support\%CONFIG%.yaml - displayName: conda-forge CI setup - - # Configure the VM. - - script: | - set "CI=azure" - call activate base - run_conda_forge_build_setup - displayName: conda-forge build setup - - - script: | - call activate base - if EXIST LICENSE.txt ( - copy LICENSE.txt "recipe\\recipe-scripts-license.txt" - ) - if NOT [%HOST_PLATFORM%] == [%BUILD_PLATFORM%] ( - set "EXTRA_CB_OPTIONS=%EXTRA_CB_OPTIONS% --no-test" - ) - conda.exe mambabuild "recipe" -m .ci_support\%CONFIG%.yaml --suppress-variables %EXTRA_CB_OPTIONS% - displayName: Build recipe + call ".scripts\run_win_build.bat" + displayName: Run Windows build env: PYTHONUNBUFFERED: 1 - - script: | - set "FEEDSTOCK_NAME=%BUILD_REPOSITORY_NAME:*/=%" - call activate base - validate_recipe_outputs "%FEEDSTOCK_NAME%" - displayName: Validate Recipe Outputs - - - script: | - set "GIT_BRANCH=%BUILD_SOURCEBRANCHNAME%" - set "FEEDSTOCK_NAME=%BUILD_REPOSITORY_NAME:*/=%" - set "TEMP=$(UPLOAD_TEMP)" - if not exist "%TEMP%\" md "%TEMP%" - set "TMP=%TEMP%" - call activate base - upload_package --validate --feedstock-name="%FEEDSTOCK_NAME%" .\ ".\recipe" .ci_support\%CONFIG%.yaml - displayName: Upload package - env: + CONFIG: $(CONFIG) + CI: azure + UPLOAD_PACKAGES: $(UPLOAD_PACKAGES) + UPLOAD_TEMP: $(UPLOAD_TEMP) BINSTAR_TOKEN: $(BINSTAR_TOKEN) FEEDSTOCK_TOKEN: $(FEEDSTOCK_TOKEN) - STAGING_BINSTAR_TOKEN: $(STAGING_BINSTAR_TOKEN) - condition: and(succeeded(), not(eq(variables['UPLOAD_PACKAGES'], 'False')), not(eq(variables['Build.Reason'], 'PullRequest'))) \ No newline at end of file + STAGING_BINSTAR_TOKEN: $(STAGING_BINSTAR_TOKEN) \ No newline at end of file diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index e4e7a78..6ca9ca4 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -* @teo-tsirpanis @Shelnutt2 @jdblischak @jjerphan \ No newline at end of file +* @Shelnutt2 @jdblischak @jjerphan @teo-tsirpanis \ No newline at end of file diff --git a/.scripts/build_steps.sh b/.scripts/build_steps.sh index a6b09f6..322832b 100755 --- a/.scripts/build_steps.sh +++ b/.scripts/build_steps.sh @@ -31,11 +31,10 @@ pkgs_dirs: CONDARC - -mamba install --update-specs --yes --quiet --channel conda-forge \ - conda-build pip boa conda-forge-ci-setup=3 -mamba update --update-specs --yes --quiet --channel conda-forge \ - conda-build pip boa conda-forge-ci-setup=3 +mamba install --update-specs --yes --quiet --channel conda-forge --strict-channel-priority \ + pip mamba conda-build boa conda-forge-ci-setup=3 +mamba update --update-specs --yes --quiet --channel conda-forge --strict-channel-priority \ + pip mamba conda-build boa conda-forge-ci-setup # set up the condarc setup_conda_rc "${FEEDSTOCK_ROOT}" "${RECIPE_ROOT}" "${CONFIG_FILE}" diff --git a/.scripts/logging_utils.sh b/.scripts/logging_utils.sh index 57bc95c..aff009f 100644 --- a/.scripts/logging_utils.sh +++ b/.scripts/logging_utils.sh @@ -12,7 +12,7 @@ function startgroup { echo "##[group]$1";; travis ) echo "$1" - echo -en 'travis_fold:start:'"${1// /}"'\\r';; + echo -en 'travis_fold:start:'"${1// /}"'\r';; github_actions ) echo "::group::$1";; * ) @@ -28,7 +28,7 @@ function endgroup { azure ) echo "##[endgroup]";; travis ) - echo -en 'travis_fold:end:'"${1// /}"'\\r';; + echo -en 'travis_fold:end:'"${1// /}"'\r';; github_actions ) echo "::endgroup::";; esac diff --git a/.scripts/run_osx_build.sh b/.scripts/run_osx_build.sh index 3969edf..cd9a88f 100755 --- a/.scripts/run_osx_build.sh +++ b/.scripts/run_osx_build.sh @@ -23,10 +23,10 @@ bash $MINIFORGE_FILE -b -p ${MINIFORGE_HOME} source ${MINIFORGE_HOME}/etc/profile.d/conda.sh conda activate base -mamba install --update-specs --quiet --yes --channel conda-forge \ - conda-build pip boa conda-forge-ci-setup=3 -mamba update --update-specs --yes --quiet --channel conda-forge \ - conda-build pip boa conda-forge-ci-setup=3 +mamba install --update-specs --quiet --yes --channel conda-forge --strict-channel-priority \ + pip mamba conda-build boa conda-forge-ci-setup=3 +mamba update --update-specs --yes --quiet --channel conda-forge --strict-channel-priority \ + pip mamba conda-build boa conda-forge-ci-setup diff --git a/.scripts/run_win_build.bat b/.scripts/run_win_build.bat new file mode 100755 index 0000000..07d3445 --- /dev/null +++ b/.scripts/run_win_build.bat @@ -0,0 +1,115 @@ +:: PLEASE NOTE: This script has been automatically generated by conda-smithy. Any changes here +:: will be lost next time ``conda smithy rerender`` is run. If you would like to make permanent +:: changes to this script, consider a proposal to conda-smithy so that other feedstocks can also +:: benefit from the improvement. + +:: Note: we assume a Miniforge installation is available + +:: INPUTS (required environment variables) +:: CONFIG: name of the .ci_support/*.yaml file for this job +:: CI: azure, github_actions, or unset +:: UPLOAD_PACKAGES: true or false +:: UPLOAD_ON_BRANCH: true or false + +setlocal enableextensions enabledelayedexpansion + +call :start_group "Configuring conda" + +:: Activate the base conda environment +call activate base + +:: Provision the necessary dependencies to build the recipe later +echo Installing dependencies +mamba.exe install "python=3.10" pip mamba conda-build boa conda-forge-ci-setup=3 -c conda-forge --strict-channel-priority --yes +if !errorlevel! neq 0 exit /b !errorlevel! + +:: Set basic configuration +echo Setting up configuration +setup_conda_rc .\ ".\recipe" .\.ci_support\%CONFIG%.yaml +if !errorlevel! neq 0 exit /b !errorlevel! +echo Running build setup +CALL run_conda_forge_build_setup + + +if !errorlevel! neq 0 exit /b !errorlevel! + +if EXIST LICENSE.txt ( + echo Copying feedstock license + copy LICENSE.txt "recipe\\recipe-scripts-license.txt" +) +if NOT [%HOST_PLATFORM%] == [%BUILD_PLATFORM%] ( + set "EXTRA_CB_OPTIONS=%EXTRA_CB_OPTIONS% --no-test" +) + +call :end_group + +:: Build the recipe +echo Building recipe +conda.exe mambabuild "recipe" -m .ci_support\%CONFIG%.yaml --suppress-variables %EXTRA_CB_OPTIONS% +if !errorlevel! neq 0 exit /b !errorlevel! + +:: Prepare some environment variables for the upload step +if /i "%CI%" == "github_actions" ( + set "FEEDSTOCK_NAME=%GITHUB_REPOSITORY:*/=%" + set "GIT_BRANCH=%GITHUB_REF:refs/heads/=%" + if /i "%GITHUB_EVENT_NAME%" == "pull_request" ( + set "IS_PR_BUILD=True" + ) else ( + set "IS_PR_BUILD=False" + ) + set "TEMP=%RUNNER_TEMP%" +) +if /i "%CI%" == "azure" ( + set "FEEDSTOCK_NAME=%BUILD_REPOSITORY_NAME:*/=%" + set "GIT_BRANCH=%BUILD_SOURCEBRANCHNAME%" + if /i "%BUILD_REASON%" == "PullRequest" ( + set "IS_PR_BUILD=True" + ) else ( + set "IS_PR_BUILD=False" + ) + set "TEMP=%UPLOAD_TEMP%" +) + +:: Validate +call :start_group "Validating outputs" +validate_recipe_outputs "%FEEDSTOCK_NAME%" +if !errorlevel! neq 0 exit /b !errorlevel! +call :end_group + +if /i "%UPLOAD_PACKAGES%" == "true" ( + if /i "%IS_PR_BUILD%" == "false" ( + call :start_group "Uploading packages" + if not exist "%TEMP%\" md "%TEMP%" + set "TMP=%TEMP%" + upload_package --validate --feedstock-name="%FEEDSTOCK_NAME%" .\ ".\recipe" .ci_support\%CONFIG%.yaml + if !errorlevel! neq 0 exit /b !errorlevel! + call :end_group + ) +) + +exit + +:: Logging subroutines + +:start_group +if /i "%CI%" == "github_actions" ( + echo ::group::%~1 + exit /b +) +if /i "%CI%" == "azure" ( + echo ##[group]%~1 + exit /b +) +echo %~1 +exit /b + +:end_group +if /i "%CI%" == "github_actions" ( + echo ::endgroup:: + exit /b +) +if /i "%CI%" == "azure" ( + echo ##[endgroup] + exit /b +) +exit /b \ No newline at end of file diff --git a/README.md b/README.md index 1cd28eb..7a19a1c 100644 --- a/README.md +++ b/README.md @@ -283,4 +283,5 @@ Feedstock Maintainers * [@Shelnutt2](https://github.com/Shelnutt2/) * [@jdblischak](https://github.com/jdblischak/) * [@jjerphan](https://github.com/jjerphan/) +* [@teo-tsirpanis](https://github.com/teo-tsirpanis/) diff --git a/recipe/meta.yaml b/recipe/meta.yaml index a38c5ee..6da81e1 100644 --- a/recipe/meta.yaml +++ b/recipe/meta.yaml @@ -11,10 +11,12 @@ source: patches: # https://github.com/Azure/azure-sdk-for-cpp/issues/4784 # https://github.com/Azure/azure-sdk-for-cpp/pull/4785 - - 0001-remove-wil-from-exported-config.patch + - patches/0001-remove-wil-from-exported-config.patch + # See: https://github.com/Azure/azure-sdk-for-cpp/pull/4982 + - patches/0002-Add-support-of-setting-CAPath-and-relevant-test.patch build: - number: 0 + number: 1 run_exports: - {{ pin_subpackage("azure-core-cpp", max_pin="x") }} diff --git a/recipe/0001-remove-wil-from-exported-config.patch b/recipe/patches/0001-remove-wil-from-exported-config.patch similarity index 100% rename from recipe/0001-remove-wil-from-exported-config.patch rename to recipe/patches/0001-remove-wil-from-exported-config.patch diff --git a/recipe/patches/0002-Add-support-of-setting-CAPath-and-relevant-test.patch b/recipe/patches/0002-Add-support-of-setting-CAPath-and-relevant-test.patch new file mode 100644 index 0000000..fdd088f --- /dev/null +++ b/recipe/patches/0002-Add-support-of-setting-CAPath-and-relevant-test.patch @@ -0,0 +1,227 @@ +From bf652dcd47905ad1d23346bf4ee7192287dcd388 Mon Sep 17 00:00:00 2001 +From: Phoebus Mak <61957902+phoebusm@users.noreply.github.com> +Date: Fri, 29 Sep 2023 17:32:47 +0100 +Subject: [PATCH] Add support of setting CAPath and relevant test (#4982) + +* Add support of setting CAPath and relevant test + +* Renaming macro and update when will it get define +--- + sdk/core/azure-core/CHANGELOG.md | 3 ++ + .../inc/azure/core/http/curl_transport.hpp | 22 ++++++++++ + sdk/core/azure-core/src/http/curl/curl.cpp | 19 +++++++++ + .../test/ut/curl_connection_pool_test.cpp | 14 ++++--- + .../azure-core/test/ut/curl_options_test.cpp | 42 +++++++++++++++++++ + 5 files changed, 94 insertions(+), 6 deletions(-) + +diff --git a/sdk/core/azure-core/CHANGELOG.md b/sdk/core/azure-core/CHANGELOG.md +index 84051931ff..f7dc726aae 100644 +--- a/sdk/core/azure-core/CHANGELOG.md ++++ b/sdk/core/azure-core/CHANGELOG.md +@@ -4,6 +4,9 @@ + + ### Features Added + ++- [[#4983]](https://github.com/Azure/azure-sdk-for-cpp/issues/4983) Added support for setting `CURLOPT_CAPATH` libcurl option on Linux. ++ ++ + ### Breaking Changes + + ### Bugs Fixed +diff --git a/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp b/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp +index d0fb2b4e82..9e417afcfe 100644 +--- a/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp ++++ b/sdk/core/azure-core/inc/azure/core/http/curl_transport.hpp +@@ -12,6 +12,14 @@ + #include "azure/core/http/http.hpp" + #include "azure/core/http/policies/policy.hpp" + #include "azure/core/http/transport.hpp" ++#include "azure/core/platform.hpp" ++ ++#if defined(AZ_PLATFORM_LINUX) ++#include ++#if OPENSSL_VERSION_NUMBER >= 0x00905100L ++#define _azure_SUPPORT_SETTING_CAPATH ++#endif // OPENSSL_VERSION_NUMBER >= 0x00905100L ++#endif // defined(AZ_PLATFORM_LINUX) + + namespace Azure { namespace Core { namespace Http { + class CurlNetworkConnection; +@@ -122,6 +130,20 @@ namespace Azure { namespace Core { namespace Http { + */ + std::string CAInfo; + ++#if defined(_azure_SUPPORT_SETTING_CAPATH) ++ /** ++ * @brief Path to a directory which holds PEM encoded file, containing the certificate ++ * authorities sent to libcurl handle directly. ++ * ++ * @remark The Azure SDK will not check if the path is valid or not. ++ * ++ * @remark The default is the built-in system specific path. More about this option: ++ * https://curl.se/libcurl/c/CURLOPT_CAPATH.html ++ * ++ */ ++ std::string CAPath; ++#endif ++ + /** + * @brief All HTTP requests will keep the connection channel open to the service. + * +diff --git a/sdk/core/azure-core/src/http/curl/curl.cpp b/sdk/core/azure-core/src/http/curl/curl.cpp +index b8703eac04..89b292c7ee 100644 +--- a/sdk/core/azure-core/src/http/curl/curl.cpp ++++ b/sdk/core/azure-core/src/http/curl/curl.cpp +@@ -1283,6 +1283,12 @@ inline std::string GetConnectionKey(std::string const& host, CurlTransportOption + key.append(","); + key.append(!options.CAInfo.empty() ? options.CAInfo : "0"); + key.append(","); ++#if defined(_azure_SUPPORT_SETTING_CAPATH) ++ key.append(!options.CAPath.empty() ? options.CAPath : "0"); ++#else ++ key.append("0"); // CAPath is always empty on Windows; ++#endif ++ key.append(","); + key.append( + options.Proxy.HasValue() ? (options.Proxy.Value().empty() ? "NoProxy" : options.Proxy.Value()) + : "0"); +@@ -2314,6 +2320,19 @@ CurlConnection::CurlConnection( + } + } + ++#if defined(_azure_SUPPORT_SETTING_CAPATH) ++ if (!options.CAPath.empty()) ++ { ++ if (!SetLibcurlOption(m_handle, CURLOPT_CAPATH, options.CAPath.c_str(), &result)) ++ { ++ throw Azure::Core::Http::TransportException( ++ _detail::DefaultFailedToGetNewConnectionTemplate + hostDisplayName ++ + ". Failed to set CA path to:" + options.CAPath + ". " ++ + std::string(curl_easy_strerror(result))); ++ } ++ } ++#endif ++ + #if LIBCURL_VERSION_NUM >= 0x074D00 // 7.77.0 + if (!options.SslOptions.PemEncodedExpectedRootCertificates.empty()) + { +diff --git a/sdk/core/azure-core/test/ut/curl_connection_pool_test.cpp b/sdk/core/azure-core/test/ut/curl_connection_pool_test.cpp +index 5e835b123c..cad4aeb252 100644 +--- a/sdk/core/azure-core/test/ut/curl_connection_pool_test.cpp ++++ b/sdk/core/azure-core/test/ut/curl_connection_pool_test.cpp +@@ -56,7 +56,9 @@ namespace Azure { namespace Core { namespace Test { + Azure::Core::Http::Request req( + Azure::Core::Http::HttpMethod::Get, Azure::Core::Url(AzureSdkHttpbinServer::Get())); + std::string const expectedConnectionKey(CreateConnectionKey( +- AzureSdkHttpbinServer::Schema(), AzureSdkHttpbinServer::Host(), ",0,0,0,0,1,1,0,0,0,0")); ++ AzureSdkHttpbinServer::Schema(), ++ AzureSdkHttpbinServer::Host(), ++ ",0,0,0,0,0,1,1,0,0,0,0")); + + { + // Creating a new connection with default options +@@ -125,7 +127,7 @@ namespace Azure { namespace Core { namespace Test { + + // Now test that using a different connection config won't re-use the same connection + std::string const secondExpectedKey = AzureSdkHttpbinServer::Schema() + "://" +- + AzureSdkHttpbinServer::Host() + ",0,0,0,0,1,0,0,0,0,200000"; ++ + AzureSdkHttpbinServer::Host() + ",0,0,0,0,0,1,0,0,0,0,200000"; + { + // Creating a new connection with options + Azure::Core::Http::CurlTransportOptions options; +@@ -436,7 +438,7 @@ namespace Azure { namespace Core { namespace Test { + std::string const expectedConnectionKey(CreateConnectionKey( + AzureSdkHttpbinServer::Schema(), + AzureSdkHttpbinServer::Host(), +- ",0,0,0,0,1,1,0,0,0,0")); ++ ",0,0,0,0,0,1,1,0,0,0,0")); + + // Creating a new connection with default options + auto connection = Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool +@@ -474,7 +476,7 @@ namespace Azure { namespace Core { namespace Test { + std::string const expectedConnectionKey(CreateConnectionKey( + AzureSdkHttpbinServer::Schema(), + AzureSdkHttpbinServer::Host(), +- ":443,0,0,0,0,1,1,0,0,0,0")); ++ ":443,0,0,0,0,0,1,1,0,0,0,0")); + + // Creating a new connection with default options + auto connection = Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool +@@ -513,7 +515,7 @@ namespace Azure { namespace Core { namespace Test { + std::string const expectedConnectionKey(CreateConnectionKey( + AzureSdkHttpbinServer::Schema(), + AzureSdkHttpbinServer::Host(), +- ",0,0,0,0,1,1,0,0,0,0")); ++ ",0,0,0,0,0,1,1,0,0,0,0")); + + // Creating a new connection with default options + auto connection = Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool +@@ -550,7 +552,7 @@ namespace Azure { namespace Core { namespace Test { + std::string const expectedConnectionKey(CreateConnectionKey( + AzureSdkHttpbinServer::Schema(), + AzureSdkHttpbinServer::Host(), +- ":443,0,0,0,0,1,1,0,0,0,0")); ++ ":443,0,0,0,0,0,1,1,0,0,0,0")); + + // Creating a new connection with default options + auto connection = Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool +diff --git a/sdk/core/azure-core/test/ut/curl_options_test.cpp b/sdk/core/azure-core/test/ut/curl_options_test.cpp +index f20e3c0a04..7de70883ab 100644 +--- a/sdk/core/azure-core/test/ut/curl_options_test.cpp ++++ b/sdk/core/azure-core/test/ut/curl_options_test.cpp +@@ -12,6 +12,7 @@ + + #if defined(BUILD_CURL_HTTP_TRANSPORT_ADAPTER) + #include "azure/core/http/curl_transport.hpp" ++#include "openssl/x509.h" + #endif + + #include "transport_adapter_base_test.hpp" +@@ -234,6 +235,47 @@ namespace Azure { namespace Core { namespace Test { + .ConnectionPoolIndex.clear()); + } + ++#if defined(_azure_SUPPORT_SETTING_CAPATH) ++ TEST(CurlTransportOptions, setCADirectory) ++ { ++ Azure::Core::Http::CurlTransportOptions curlOptions; ++ // openssl default cert location will be used only if environment variable SSL_CERT_DIR ++ // is not set ++ const char* ca = getenv(X509_get_default_cert_dir_env()); ++ if (ca) ++ { ++ curlOptions.CAPath = ca; ++ } ++ else ++ { ++ curlOptions.CAPath = X509_get_default_cert_dir(); ++ } ++ ++ auto transportAdapter = std::make_shared(curlOptions); ++ Azure::Core::Http::Policies::TransportOptions options; ++ options.Transport = transportAdapter; ++ auto transportPolicy ++ = std::make_unique(options); ++ ++ std::vector> policies; ++ policies.emplace_back(std::move(transportPolicy)); ++ Azure::Core::Http::_internal::HttpPipeline pipeline(policies); ++ ++ // Use HTTPS ++ Azure::Core::Url url(AzureSdkHttpbinServer::Get()); ++ Azure::Core::Http::Request request(Azure::Core::Http::HttpMethod::Get, url); ++ ++ std::unique_ptr response; ++ EXPECT_NO_THROW(response = pipeline.Send(request, Azure::Core::Context::ApplicationContext)); ++ EXPECT_EQ(response->GetStatusCode(), Azure::Core::Http::HttpStatusCode::Ok); ++ ++ // Clean the connection from the pool *Windows fails to clean if we leave to be clean upon ++ // app-destruction ++ EXPECT_NO_THROW(Azure::Core::Http::_detail::CurlConnectionPool::g_curlConnectionPool ++ .ConnectionPoolIndex.clear()); ++ } ++#endif ++ + TEST(CurlTransportOptions, httpsDefault) + { + auto transportAdapter = std::make_shared();