diff --git a/.bldr.toml b/.bldr.toml index b9439c5053..70b51f7638 100644 --- a/.bldr.toml +++ b/.bldr.toml @@ -1135,6 +1135,10 @@ plan_path = "openssl-musl" paths = [ "openssl/*", ] +[openssl3] +pkg_targets = [ + "arm-linux", +] [openssl11] plan_path = "openssl11" [openvpn] diff --git a/.expeditor/templates/verify_armlinux_pipeline.yml b/.expeditor/templates/verify_armlinux_pipeline.yml new file mode 100644 index 0000000000..4fce590b2c --- /dev/null +++ b/.expeditor/templates/verify_armlinux_pipeline.yml @@ -0,0 +1,37 @@ + - label: "[@@plan@@] :linux: :habicat: Shellcheck" + command: + - bin/ci/shellcheck.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + + - label: "[@@plan@@] :linux: :habicat: Check for default variables" + command: + - bin/ci/check-default-variables.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + + - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" + command: + - bin/ci/verify-pr-build.sh @@plan@@ + expeditor: + executor: + arm-linux: + sinfle-use: true + privileged: true + timeout_in_minutes: 60 + + - label: "[@@plan@@] :linux: :habicat: Build and run tests" + command: + - bin/ci/build-and-run-tests.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + timeout_in_minutes: 60 diff --git a/.expeditor/templates/verify_linux_pipeline.yml b/.expeditor/templates/verify_linux_pipeline.yml index 9548cc0ce3..c3cc7b7c84 100644 --- a/.expeditor/templates/verify_linux_pipeline.yml +++ b/.expeditor/templates/verify_linux_pipeline.yml @@ -3,21 +3,21 @@ - bin/ci/shellcheck.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: - label: "[@@plan@@] :linux: :habicat: Check for default variables" command: - bin/ci/check-default-variables.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" command: - bin/ci/verify-pr-build.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: privileged: true timeout_in_minutes: 60 @@ -26,6 +26,6 @@ - bin/ci/build-and-run-tests.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: privileged: true timeout_in_minutes: 60 diff --git a/openssl3/plan.sh b/openssl3/plan.sh new file mode 100644 index 0000000000..4f93439391 --- /dev/null +++ b/openssl3/plan.sh @@ -0,0 +1,62 @@ +pkg_name="openssl" +pkg_origin="core" +pkg_version="3.1.4" +pkg_maintainer="The Habitat Maintainers " +pkg_description="\ +OpenSSL is an open source project that provides a robust, commercial-grade, \ +and full-featured toolkit for the Transport Layer Security (TLS) and Secure \ +Sockets Layer (SSL) protocols. It is also a general-purpose cryptography \ +library.\ +" +pkg_upstream_url="https://www.openssl.org" +pkg_license=('OpenSSL') +pkg_source="https://www.openssl.org/source/${pkg_name}-${pkg_version}.tar.gz" +pkg_shasum="840af5366ab9b522bde525826be3ef0fb0af81c6a9ebd84caa600fea1731eee3" +pkg_dirname="${pkg_name}-${pkg_version}" +pkg_deps=( + core/glibc +) +pkg_build_deps=( + core/gcc + core/perl +) + +pkg_bin_dirs=(bin) +pkg_include_dirs=(include) +pkg_lib_dirs=(lib) +pkg_pconfig_dirs=(lib/pkgconfig) + +do_prepare() { + local perl + perl="$(pkg_path_for core/perl)" + + export PERL="${perl}/bin/perl" + + #patch -p1 <"$PLAN_CONTEXT/hab-ssl-cert-file.patch" + + # Apply all reported CVE patches for OpenSSL version 3.0.7 + # https://www.openssl.org/news/vulnerabilities-3.0.html + #patch -p1 <"$PLAN_CONTEXT/CVE-2022-3996.patch" + + build_line "Setting PERL=${PERL}" +} + +do_build() { + "$(pkg_path_for core/perl)"/bin/perl ./Configure \ + --prefix="${pkg_prefix}" \ + --openssldir=ssl \ + fips + + make -j"$(nproc)" +} + +do_check() { + make test +} + +do_install() { + do_default_install + + # Remove dependency on Perl at runtime + #rm -rfv "$pkg_prefix/ssl/misc" "$pkg_prefix/bin/c_rehash" +}