From 8a6186b0c1b6dbad8e1706d1b8705b2b2657fcbc Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 10:01:41 +0530 Subject: [PATCH 1/8] test arm agent Signed-off-by: Ravi Duddela --- .bldr.toml | 2 + .expeditor/generate_verify_pipeline.sh | 1 + .../templates/verify_armlinux_pipeline.yml | 37 +++++++++++ openssl3/plan.sh | 62 +++++++++++++++++++ 4 files changed, 102 insertions(+) create mode 100644 .expeditor/templates/verify_armlinux_pipeline.yml create mode 100644 openssl3/plan.sh diff --git a/.bldr.toml b/.bldr.toml index b9439c5053..a5cb61263a 100644 --- a/.bldr.toml +++ b/.bldr.toml @@ -1135,6 +1135,8 @@ plan_path = "openssl-musl" paths = [ "openssl/*", ] +[openssl3] +plan_path = "openssl3" [openssl11] plan_path = "openssl11" [openvpn] diff --git a/.expeditor/generate_verify_pipeline.sh b/.expeditor/generate_verify_pipeline.sh index 6522b1facd..537b1e3f6d 100755 --- a/.expeditor/generate_verify_pipeline.sh +++ b/.expeditor/generate_verify_pipeline.sh @@ -66,6 +66,7 @@ for plan in ${plans[@]}; do if [[ -f $plan/plan.sh ]]; then emit_pipeline .expeditor/templates/verify_linux_pipeline.yml "$plan" + emit_pipeline .expeditor/templates/verify_armlinux_pipeline.yml "$plan" fi if [[ -f $plan/plan.ps1 ]]; then diff --git a/.expeditor/templates/verify_armlinux_pipeline.yml b/.expeditor/templates/verify_armlinux_pipeline.yml new file mode 100644 index 0000000000..4fce590b2c --- /dev/null +++ b/.expeditor/templates/verify_armlinux_pipeline.yml @@ -0,0 +1,37 @@ + - label: "[@@plan@@] :linux: :habicat: Shellcheck" + command: + - bin/ci/shellcheck.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + + - label: "[@@plan@@] :linux: :habicat: Check for default variables" + command: + - bin/ci/check-default-variables.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + + - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" + command: + - bin/ci/verify-pr-build.sh @@plan@@ + expeditor: + executor: + arm-linux: + sinfle-use: true + privileged: true + timeout_in_minutes: 60 + + - label: "[@@plan@@] :linux: :habicat: Build and run tests" + command: + - bin/ci/build-and-run-tests.sh @@plan@@ + expeditor: + executor: + arm-linux: + single-use: true + privileged: true + timeout_in_minutes: 60 diff --git a/openssl3/plan.sh b/openssl3/plan.sh new file mode 100644 index 0000000000..4f93439391 --- /dev/null +++ b/openssl3/plan.sh @@ -0,0 +1,62 @@ +pkg_name="openssl" +pkg_origin="core" +pkg_version="3.1.4" +pkg_maintainer="The Habitat Maintainers " +pkg_description="\ +OpenSSL is an open source project that provides a robust, commercial-grade, \ +and full-featured toolkit for the Transport Layer Security (TLS) and Secure \ +Sockets Layer (SSL) protocols. It is also a general-purpose cryptography \ +library.\ +" +pkg_upstream_url="https://www.openssl.org" +pkg_license=('OpenSSL') +pkg_source="https://www.openssl.org/source/${pkg_name}-${pkg_version}.tar.gz" +pkg_shasum="840af5366ab9b522bde525826be3ef0fb0af81c6a9ebd84caa600fea1731eee3" +pkg_dirname="${pkg_name}-${pkg_version}" +pkg_deps=( + core/glibc +) +pkg_build_deps=( + core/gcc + core/perl +) + +pkg_bin_dirs=(bin) +pkg_include_dirs=(include) +pkg_lib_dirs=(lib) +pkg_pconfig_dirs=(lib/pkgconfig) + +do_prepare() { + local perl + perl="$(pkg_path_for core/perl)" + + export PERL="${perl}/bin/perl" + + #patch -p1 <"$PLAN_CONTEXT/hab-ssl-cert-file.patch" + + # Apply all reported CVE patches for OpenSSL version 3.0.7 + # https://www.openssl.org/news/vulnerabilities-3.0.html + #patch -p1 <"$PLAN_CONTEXT/CVE-2022-3996.patch" + + build_line "Setting PERL=${PERL}" +} + +do_build() { + "$(pkg_path_for core/perl)"/bin/perl ./Configure \ + --prefix="${pkg_prefix}" \ + --openssldir=ssl \ + fips + + make -j"$(nproc)" +} + +do_check() { + make test +} + +do_install() { + do_default_install + + # Remove dependency on Perl at runtime + #rm -rfv "$pkg_prefix/ssl/misc" "$pkg_prefix/bin/c_rehash" +} From 7bcc0e673e3aa790fc313f99468012c6aa29d356 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 10:09:16 +0530 Subject: [PATCH 2/8] removed arm Signed-off-by: Ravi Duddela --- .expeditor/generate_verify_pipeline.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/.expeditor/generate_verify_pipeline.sh b/.expeditor/generate_verify_pipeline.sh index 537b1e3f6d..6522b1facd 100755 --- a/.expeditor/generate_verify_pipeline.sh +++ b/.expeditor/generate_verify_pipeline.sh @@ -66,7 +66,6 @@ for plan in ${plans[@]}; do if [[ -f $plan/plan.sh ]]; then emit_pipeline .expeditor/templates/verify_linux_pipeline.yml "$plan" - emit_pipeline .expeditor/templates/verify_armlinux_pipeline.yml "$plan" fi if [[ -f $plan/plan.ps1 ]]; then From 4de7f460b3e1d4597ed48e1ca2b63c46caf72071 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 11:40:51 +0530 Subject: [PATCH 3/8] including only arm pipeline Signed-off-by: Ravi Duddela --- .expeditor/generate_verify_pipeline.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.expeditor/generate_verify_pipeline.sh b/.expeditor/generate_verify_pipeline.sh index 6522b1facd..e79f740ab3 100755 --- a/.expeditor/generate_verify_pipeline.sh +++ b/.expeditor/generate_verify_pipeline.sh @@ -65,7 +65,7 @@ for plan in ${plans[@]}; do fi if [[ -f $plan/plan.sh ]]; then - emit_pipeline .expeditor/templates/verify_linux_pipeline.yml "$plan" + emit_pipeline .expeditor/templates/verify_armlinux_pipeline.yml "$plan" fi if [[ -f $plan/plan.ps1 ]]; then From 2e0f443445e49a3df483645252a5cb034e3b54e0 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 11:42:44 +0530 Subject: [PATCH 4/8] including only linux pipeline Signed-off-by: Ravi Duddela --- .expeditor/generate_verify_pipeline.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.expeditor/generate_verify_pipeline.sh b/.expeditor/generate_verify_pipeline.sh index e79f740ab3..6522b1facd 100755 --- a/.expeditor/generate_verify_pipeline.sh +++ b/.expeditor/generate_verify_pipeline.sh @@ -65,7 +65,7 @@ for plan in ${plans[@]}; do fi if [[ -f $plan/plan.sh ]]; then - emit_pipeline .expeditor/templates/verify_armlinux_pipeline.yml "$plan" + emit_pipeline .expeditor/templates/verify_linux_pipeline.yml "$plan" fi if [[ -f $plan/plan.ps1 ]]; then From dbaf8537429e50f9b4ca4205408f548a85877bf4 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 12:05:58 +0530 Subject: [PATCH 5/8] changing executor in existing linux pipeline Signed-off-by: Ravi Duddela --- .expeditor/templates/verify_linux_pipeline.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.expeditor/templates/verify_linux_pipeline.yml b/.expeditor/templates/verify_linux_pipeline.yml index 9548cc0ce3..5059d2473e 100644 --- a/.expeditor/templates/verify_linux_pipeline.yml +++ b/.expeditor/templates/verify_linux_pipeline.yml @@ -3,21 +3,21 @@ - bin/ci/shellcheck.sh @@plan@@ expeditor: executor: - docker: + arm-linux: - label: "[@@plan@@] :linux: :habicat: Check for default variables" command: - bin/ci/check-default-variables.sh @@plan@@ expeditor: executor: - docker: + arm-linux: - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" command: - bin/ci/verify-pr-build.sh @@plan@@ expeditor: executor: - docker: + arm-linux: privileged: true timeout_in_minutes: 60 @@ -26,6 +26,6 @@ - bin/ci/build-and-run-tests.sh @@plan@@ expeditor: executor: - docker: + arm-linux: privileged: true timeout_in_minutes: 60 From bb5fca6dfb209f7074dd345c68ed15a2217f2314 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 12:09:32 +0530 Subject: [PATCH 6/8] changing constant name linux pipeline Signed-off-by: Ravi Duddela --- .expeditor/templates/verify_linux_pipeline.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.expeditor/templates/verify_linux_pipeline.yml b/.expeditor/templates/verify_linux_pipeline.yml index 5059d2473e..9cbdaaca6c 100644 --- a/.expeditor/templates/verify_linux_pipeline.yml +++ b/.expeditor/templates/verify_linux_pipeline.yml @@ -3,21 +3,21 @@ - bin/ci/shellcheck.sh @@plan@@ expeditor: executor: - arm-linux: + linux-arm: - label: "[@@plan@@] :linux: :habicat: Check for default variables" command: - bin/ci/check-default-variables.sh @@plan@@ expeditor: executor: - arm-linux: + linux-arm: - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" command: - bin/ci/verify-pr-build.sh @@plan@@ expeditor: executor: - arm-linux: + linux-arm: privileged: true timeout_in_minutes: 60 @@ -26,6 +26,6 @@ - bin/ci/build-and-run-tests.sh @@plan@@ expeditor: executor: - arm-linux: + linux-arm: privileged: true timeout_in_minutes: 60 From 7ddce1d352983a02c2976551fd2ac72ef4a2c7df Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 12:47:06 +0530 Subject: [PATCH 7/8] added pkg target Signed-off-by: Ravi Duddela --- .bldr.toml | 4 +++- .expeditor/templates/verify_linux_pipeline.yml | 8 ++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.bldr.toml b/.bldr.toml index a5cb61263a..70b51f7638 100644 --- a/.bldr.toml +++ b/.bldr.toml @@ -1136,7 +1136,9 @@ paths = [ "openssl/*", ] [openssl3] -plan_path = "openssl3" +pkg_targets = [ + "arm-linux", +] [openssl11] plan_path = "openssl11" [openvpn] diff --git a/.expeditor/templates/verify_linux_pipeline.yml b/.expeditor/templates/verify_linux_pipeline.yml index 9cbdaaca6c..9548cc0ce3 100644 --- a/.expeditor/templates/verify_linux_pipeline.yml +++ b/.expeditor/templates/verify_linux_pipeline.yml @@ -3,21 +3,21 @@ - bin/ci/shellcheck.sh @@plan@@ expeditor: executor: - linux-arm: + docker: - label: "[@@plan@@] :linux: :habicat: Check for default variables" command: - bin/ci/check-default-variables.sh @@plan@@ expeditor: executor: - linux-arm: + docker: - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" command: - bin/ci/verify-pr-build.sh @@plan@@ expeditor: executor: - linux-arm: + docker: privileged: true timeout_in_minutes: 60 @@ -26,6 +26,6 @@ - bin/ci/build-and-run-tests.sh @@plan@@ expeditor: executor: - linux-arm: + docker: privileged: true timeout_in_minutes: 60 From 78a1c7d846f8e3d2ace239ae16f0abf468a96230 Mon Sep 17 00:00:00 2001 From: Ravi Duddela Date: Tue, 6 Feb 2024 13:18:30 +0530 Subject: [PATCH 8/8] added arm docker in executor Signed-off-by: Ravi Duddela --- .expeditor/templates/verify_linux_pipeline.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.expeditor/templates/verify_linux_pipeline.yml b/.expeditor/templates/verify_linux_pipeline.yml index 9548cc0ce3..c3cc7b7c84 100644 --- a/.expeditor/templates/verify_linux_pipeline.yml +++ b/.expeditor/templates/verify_linux_pipeline.yml @@ -3,21 +3,21 @@ - bin/ci/shellcheck.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: - label: "[@@plan@@] :linux: :habicat: Check for default variables" command: - bin/ci/check-default-variables.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: - label: "[@@plan@@] :linux: :habicat: Build with DO_CHECK=true" command: - bin/ci/verify-pr-build.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: privileged: true timeout_in_minutes: 60 @@ -26,6 +26,6 @@ - bin/ci/build-and-run-tests.sh @@plan@@ expeditor: executor: - docker: + docker-linux-arm64: privileged: true timeout_in_minutes: 60