Commit Graph

34 Commits

Author SHA1 Message Date
Juliusz Sosinowicz dd2f9d3ab8 CI: offload ccache/apt/buildx caches off the GitHub Actions cache
The 10 GB, LRU-evicted, PR-scoped Actions cache was being thrashed - the
docker simulator buildx layers (~6 GiB), plus per-PR ccache and apt-archive
writes whose keys never hit - which kept evicting the shared ccache, while
the apt mirror timed out often enough to break PR CI. Move the heavy caches
to ghcr (free, separate pool) and make PR runs read-only against the Actions
cache.

apt dependencies from prebuilt ghcr .deb bundles
  - ci-deps-image.yml resolves each package list under .github/ci-deps/ into
    its .deb closure and publishes ghcr.io/<owner>/wolfssl-ci-debs:<tag> in
    two tiers: <ver>-minimal (make-check family) and <ver>-full (interop
    superset), for ubuntu-22.04 and 24.04.
  - install-apt-deps gains a ghcr-debs-tag input: pull the bundle and install
    offline (--no-download) so the apt mirror is never on the PR critical
    path. Any failure (bundle missing/not public/incomplete) falls through to
    the existing apt path, so it is always safe to set.

sim-test buildx layers to a shared ghcr registry cache
  - the 7 docker simulator workflows switch from cache-to: type=gha to
    ghcr.io/wolfssl/wolfssl-sim-cache:<scope>. cache-from reads on every run
    (anonymous); cache-to writes only on the weekend cron and manual
    workflow_dispatch. Per-distinct-image tags and de-duplicated writers keep
    parallel matrix jobs from racing on one ref.

ccache: PRs read, the schedule writes
  - ccache-setup gains read-only: PR runs restore the shared master-scoped
    cache but never upload; schedule/push runs refresh it. Wired across
    os-check (linux + macOS), pq-all, smoke-test and the 12 small make-check
    workflows.
  - parallel-make-check.py gains --build-only (compile every config, skip the
    test phase) so weekday-morning seed crons warm the cache PR runs consume.

artifact retention capped at 7 days on the failure-log/result uploads that
previously defaulted to 90.

ONE-TIME SETUP: after their first publish, make the ghcr packages
wolfssl-ci-debs and wolfssl-sim-cache PUBLIC so anonymous pulls work from PR
(including fork) runs; until then everything falls back cleanly.
2026-06-15 22:36:35 +00:00
Juliusz Sosinowicz 844852202b .github: bump JavaScript actions to Node.js 24 runtimes
GitHub Actions now emits "Node.js 20 actions are deprecated" warnings:
actions are forced to Node.js 24 by default starting 2026-06-16, and
Node.js 20 is removed from the runners on 2026-09-16. Update every
JavaScript action referenced by the workflows and the local composite
actions to the lowest release that runs on Node.js 24:

  actions/checkout              v4     -> v5
  actions/checkout (SHA pin)    v4.1.7 -> v5
  actions/upload-artifact       v4     -> v6   (v5 still Node.js 20)
  actions/download-artifact     v4     -> v7   (v5/v6 still Node.js 20)
  actions/cache[/restore|/save] v4     -> v5
  actions/setup-python          v5     -> v6
  actions/github-script         v7     -> v8
  docker/setup-buildx-action    v3     -> v4
  docker/build-push-action      v5     -> v7   (v6 still Node.js 20)
  docker/login-action           v3     -> v4
  microsoft/setup-msbuild       v2     -> v3
  open-watcom/setup-watcom      v0     -> v1

Actions already running on Node.js 24 (jwlawson/actions-setup-cmake,
shogo82148/actions-setup-perl, msys2/setup-msys2, dorny/paths-filter)
are left unchanged. These bumps are runtime-only; no workflow uses an
input or output removed by the new majors, and v4-format artifacts
remain compatible across the upload v6 / download v7 backends.
2026-06-15 18:09:04 +00:00
David Garske 7f80896033 CI optimizations
- Skip CI for draft PRs and redundant master-push re-runs; membrowse nightly.
- Add smoke test (8 configs, CFLAGS=-Werror, post-merge tree, fail-fast on conflicts).
- Add wait-for-smoke composite action for downstream CI gating.
- Add check-source-text + bash -n + shellcheck workflow (script in make dist).
- Cache apt-get update in install-apt-deps composite on cache hit.
2026-05-21 13:19:29 -07:00
JacobBarthelmeh 186ab8b0c3 remove openvpn master from CI test 2026-04-24 16:55:51 -06:00
Juliusz Sosinowicz a4632ea508 Add BN_bn2binpad API and enable OpenVPN master CI testing 2026-04-13 15:35:40 +02:00
David Garske cc72851694 Merge pull request #10026 from LinuxJedi/actions-composite-caching
Composite GHA action with caching
2026-04-09 12:01:24 -07:00
JacobBarthelmeh eddea3884a pin OpenVPN version until BN_bn2binpad is added 2026-04-06 09:22:28 -06:00
Andrew Hutchings 36de828dc0 Composite GHA action with caching
This adds caching for apt and should make things a bit more stable and
faster.
2026-03-24 15:24:01 +00:00
Josh Holtrop 69fd8dc01f Update from Ubuntu 22.04 to Ubuntu 24.04 for several github workflows 2026-01-20 21:44:56 -05:00
Juliusz Sosinowicz 1d2acd9de6 Revert to ubuntu-22.04 2024-12-10 16:27:41 +01:00
Daniel Pouzzner 0ded8ba0c7 Merge pull request #8074 from bandi13/revertGithubFix
Revert "Merge pull request #8072 from rizlik/github-fix"
2024-10-29 15:17:50 -05:00
Juliusz Sosinowicz e1aba52e51 openvpn action: remove v2.6.0 as certs have expired 2024-10-21 13:50:36 +02:00
Andras Fekete a5331d406c Revert "Merge pull request #8072 from rizlik/github-fix"
This reverts commit 0f8b4dbc63, reversing
changes made to 743a78dc85.
2024-10-15 12:39:01 -04:00
Marco Oliverio 5d3f7c2528 ci: github: fix ubuntu version to 22.04 2024-10-14 16:46:45 +00:00
gojimmypi 27adc66cca Add conditional repository_owner to workflow, remove socat strategy 2024-09-23 11:30:58 -07:00
Juliusz Sosinowicz 5320b425e7 Use tar to preserve links
Something broke in the actions/download-artifact action and it is not preserving symbolic links. It didn't get a new release so my guess is that something was updated in the node environment or in npm. This is a future proof solution to preserve the fs structure between upload and download.
2024-08-05 18:23:20 +02:00
Andras Fekete c0e372005b Reenable failing external project test 2024-05-16 09:26:01 -04:00
Daniel Pouzzner 2fe366cc74 wolfcrypt/test/test.c: add test coverage for WOLFSSL_AESXTS_STREAM.
linuxkm/lkcapi_glue.c: typographic cleanups, and failsafe error return constructs when skcipher_walk_virt() returns zero walk.nbytes.

wolfcrypt/src/aes.c: additional comments and inline documentation.

.github/workflows/openvpn.yml: disable test on master branch.
2024-05-14 19:11:39 -05:00
Juliusz Sosinowicz 7206508329 Don't use main.yml since it has a limit of 20 jobs 2024-05-06 17:18:01 +02:00
Andras Fekete 42091b8970 Normally these tests take 3 minutes, but sometimes they take much longer 2024-03-18 11:22:03 -04:00
JacobBarthelmeh 5106cb16e2 workaround for llvm version and ASLR issue 2024-03-17 22:22:16 +07:00
Juliusz Sosinowicz 98e328dafc Enable master openvpn testing
Depends on https://github.com/wolfSSL/wolfssl/pull/7236
2024-02-16 11:32:04 +01:00
Juliusz Sosinowicz d34cf39206 Increase retention days to make re-running easier 2024-02-09 11:36:55 +01:00
Andras Fekete de0d1ea1e7 Temporarily disable OpenVPN-master test 2024-02-08 13:52:32 -05:00
Juliusz Sosinowicz 31bfac43ea Update github actions
Many of these updates should also speed up some steps
2024-02-02 20:14:28 +01:00
Juliusz Sosinowicz 72d99d0ae0 Add timeouts to action tests 2023-07-24 09:13:10 +02:00
Juliusz Sosinowicz f5b0c406c0 use unique artifact names 2023-03-28 17:17:18 +02:00
Juliusz Sosinowicz 1766a69152 actions: Build wolfSSL in seperate job 2023-03-28 17:00:51 +02:00
JacobBarthelmeh 8ba35a5f16 Merge pull request #6180 from julek-wolfssl/openvpn-test
Add libnl-genl-3-200 as dependency to openvpn test
2023-03-15 10:11:20 -06:00
Andras Fekete f3e785b4c7 Let tests run to completion 2023-03-13 09:48:37 -04:00
Juliusz Sosinowicz 9628eb0159 Add libnl-genl-3-200 as dependency to openvpn test
Looks like github actions removed libnl-genl-3-200 from the default image. Need to install manually.
2023-03-09 21:47:10 +01:00
Juliusz Sosinowicz e04a01dc4c Add fsanitize testing for openvpn 2023-03-08 11:23:41 +01:00
Andras Fekete 2cbf5435c6 Attempt to fix build error 2023-02-27 17:07:13 -05:00
Juliusz Sosinowicz 261054896c Actions fix
Fix for `workflows must be defined at the top level of the .github/workflows/ directory` error.
2023-02-20 18:42:47 +01:00