diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index e8c50180e..00cc0a056 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -8,6 +8,12 @@ jobs: fail-fast: false matrix: include: + - environment: "ubuntu:23.10" + cc: "gcc" + upload_for_test: "false" + - environment: "ubuntu:23.10" + cc: "clang" + upload_for_test: "false" - environment: "ubuntu:23.04" cc: "gcc" upload_for_test: "false" @@ -288,7 +294,13 @@ jobs: build_macos: name: build on macos - runs-on: macos-latest + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - os: macos-latest + - os: macos-latest-xlarge steps: @@ -305,7 +317,7 @@ jobs: env: VERBOSE: 1 run: | - export PKG_CONFIG_PATH=/usr/local/opt/openssl@1.1/lib/pkgconfig:$PKG_CONFIG_PATH + mkdir build cd build cmake -DCMAKE_BUILD_TYPE=Release .. @@ -316,7 +328,6 @@ jobs: env: VERBOSE: 1 run: | - export PKG_CONFIG_PATH=/usr/local/opt/openssl@1.1/lib/pkgconfig:$PKG_CONFIG_PATH mkdir build-static cd build-static cmake -DENABLE_STATIC=ON -DCMAKE_BUILD_TYPE=Release .. @@ -332,7 +343,6 @@ jobs: fail-fast: false matrix: include: - - environment: "ubuntu:22.04" cc: "clang" - environment: "centos:7" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 70b7ad81a..149bb4df1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,55 +31,18 @@ jobs: name: yubihsm-shell-src path: artifact - Windowsx86: - name: Build Windows x86 release + Windowsx-build: + name: Build Windows release needs: source - runs-on: windows-latest - env: - VERSION: 2.4.1 - steps: - - name: Download source from source job - uses: actions/download-artifact@v3 - with: - name: yubihsm-shell-src - - - name: Extract source - run: | - Set-PSDebug -Trace 1 - tar xf yubihsm-shell-$env:VERSION.tar.gz - - - name: Build and make MSI installer - run: | - Set-PSDebug -Trace 1 - $YHSHELL_SRC_DIR="$env:GITHUB_WORKSPACE\yubihsm-shell-$env:VERSION" - $MERGEDPATH = Get-ChildItem "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Redist\MSVC\14.*\MergeModules\Microsoft_VC141_CRT_x86.msm" - - cd $YHSHELL_SRC_DIR/resources/release/win - ./make_release_binaries.ps1 Win32 C:/vcpkg - cd $YHSHELL_SRC_DIR/resources/release/win - ./repack_installer.ps1 x86 $env:WIX\bin "$MERGEDPATH" - - mkdir $env:GITHUB_WORKSPACE/artifact - cp -r $YHSHELL_SRC_DIR/resources/release/win/yubihsm-shell-x86 $env:GITHUB_WORKSPACE/artifact/ - cp -r $YHSHELL_SRC_DIR/resources/release/win/yubihsm-shell-x86.msi $env:GITHUB_WORKSPACE/artifact/ - - - name: Install yubihsm-shell - run: | - Set-PSDebug -Trace 1 - cd "$env:GITHUB_WORKSPACE\yubihsm-shell-$env:VERSION\resources\release\win" - msiexec /i yubihsm-shell-x86.msi /quiet /log $env:GITHUB_WORKSPACE/artifact/log_x86.txt - - - name: Upload artifact - uses: actions/upload-artifact@v3 - with: - name: yubihsm-shell-win32 - path: artifact - - - windowsx64: - name: Build Windows x64 release - needs: source - runs-on: windows-latest + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - os: windows-latest + arch: x86 + - os: windows-latest + arch: x64 env: VERSION: 2.4.1 steps: @@ -94,36 +57,45 @@ jobs: tar xf yubihsm-shell-$env:VERSION.tar.gz - name: Build and make MSI installer + env: + ARCH: ${{ matrix.arch }} run: | Set-PSDebug -Trace 1 $YHSHELL_SRC_DIR="$env:GITHUB_WORKSPACE\yubihsm-shell-$env:VERSION" $MERGEDPATH = Get-ChildItem "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Redist\MSVC\14.*\MergeModules\Microsoft_VC141_CRT_x86.msm" cd $YHSHELL_SRC_DIR/resources/release/win - ./make_release_binaries.ps1 x64 C:/vcpkg - cd $YHSHELL_SRC_DIR/resources/release/win - ./repack_installer.ps1 x64 $env:WIX\bin "$MERGEDPATH" + if($env:ARCH -eq "x86") + { + ./make_release_binaries.ps1 Win32 C:/vcpkg + } + else + { + ./make_release_binaries.ps1 x64 C:/vcpkg + } mkdir $env:GITHUB_WORKSPACE/artifact - cp -r $YHSHELL_SRC_DIR/resources/release/win/yubihsm-shell-x64 $env:GITHUB_WORKSPACE/artifact/ - cp -r $YHSHELL_SRC_DIR/resources/release/win/yubihsm-shell-x64.msi $env:GITHUB_WORKSPACE/artifact/ + cp -r $YHSHELL_SRC_DIR/resources/release/win/yubihsm-shell-$env:ARCH $env:GITHUB_WORKSPACE/artifact/ - - name: Install yubihsm-shell - run: | - Set-PSDebug -Trace 1 - cd "$env:GITHUB_WORKSPACE\yubihsm-shell-$env:VERSION\resources\release\win" - msiexec /i yubihsm-shell-x64.msi /quiet /log $env:GITHUB_WORKSPACE/artifact/log_x64.txt - name: Upload artifact uses: actions/upload-artifact@v3 with: - name: yubihsm-shell-win64 + name: yubihsm-shell-${{ matrix.arch }} path: artifact - macos_amd64: - name: Build MacOS amd64 release + macos-build: + name: Build MacOS release needs: source - runs-on: macos-latest + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - os: macos-latest + arch: amd + - os: macos-latest-xlarge + arch: arm env: VERSION: 2.4.1 SO_VERSION: 2 @@ -139,31 +111,24 @@ jobs: tar xf yubihsm-shell-$VERSION.tar.gz - name: Build and make MSI installer + env: + ARCH: ${{ matrix.arch }} run: | set -e -o pipefail set -x - - brew install openssl@1.1 - ls /usr/local/opt - ls /usr/local/opt/openssl@1.1 - ls /usr/local/opt/openssl@1.1/lib - - + YHSHELL_SRC_DIR="$GITHUB_WORKSPACE/yubihsm-shell-$VERSION" cd $YHSHELL_SRC_DIR - ./resources/release/macos/make_release_binaries.sh amd $VERSION $SO_VERSION - cd $YHSHELL_SRC_DIR/resources/release/macos/ - ./make_installer.sh amd64 $YHSHELL_SRC_DIR/resources/release/macos/yubihsm-shell-darwin-amd-$VERSION + ./resources/release/macos/make_release_binaries.sh $ARCH $VERSION $SO_VERSION mkdir $GITHUB_WORKSPACE/artifact - cp -r $YHSHELL_SRC_DIR/resources/release/macos/yubihsm-shell-darwin-amd-$VERSION $GITHUB_WORKSPACE/artifact/ - cp -r $YHSHELL_SRC_DIR/resources/release/macos/yubihsm2-sdk-darwin-amd64.pkg $GITHUB_WORKSPACE/artifact/ + cp -r $YHSHELL_SRC_DIR/resources/release/macos/yubihsm-shell-darwin-$ARCH-$VERSION $GITHUB_WORKSPACE/artifact/ - name: Upload artifact uses: actions/upload-artifact@v3 with: - name: yubihsm-shell-darwin-amd64 + name: yubihsm-shell-darwin-${{ matrix.arch }}64 path: artifact debian_based: @@ -171,6 +136,7 @@ jobs: fail-fast: false matrix: environment: [ + "ubuntu:23.10", "ubuntu:23.04", "ubuntu:22.04", "ubuntu:20.04", diff --git a/resources/release/macos/make_release_binaries.sh b/resources/release/macos/make_release_binaries.sh index 7ec2352de..33f3c840d 100755 --- a/resources/release/macos/make_release_binaries.sh +++ b/resources/release/macos/make_release_binaries.sh @@ -8,18 +8,18 @@ SO_VERSION=$3 if [ "$ARCH" == "amd" ]; then BREW_LIB="/usr/local/opt" - BREW_CELLAR="/usr/local/Cellar" + #BREW_CELLAR="/usr/local/Cellar" elif [ "$ARCH" == "arm" ]; then BREW_LIB="/opt/homebrew/opt" - BREW_CELLAR="/opt/homebrew/Cellar" + #BREW_CELLAR="/opt/homebrew/Cellar" else echo "Unknown architecture" exit fi -brew install cmake pkg-config gengetopt help2man openssl@1.1 +brew install cmake pkg-config gengetopt help2man openssl -export PKG_CONFIG_PATH=$BREW_LIB/openssl@1.1/lib/pkgconfig +export PKG_CONFIG_PATH=$BREW_LIB/openssl/lib/pkgconfig SOURCE_DIR=$PWD MAC_DIR=$SOURCE_DIR/resources/release/macos @@ -31,26 +31,26 @@ mkdir build; cd build cmake -DRELEASE_BUILD=1 -DWITHOUT_YKYH=1 -DWITHOUT_MANPAGES=1 -DCMAKE_INSTALL_PREFIX="$OUTPUT/" .. make install cd $OUTPUT/lib -ln -s "libcrypto.1.1.dylib" "libcrypto.dylib" -cp "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "$OUTPUT/lib" -chmod +w "$OUTPUT/lib/libcrypto.1.1.dylib" -cp -r $BREW_CELLAR/openssl@1.1/1.1.1*/include/openssl "$OUTPUT/include" +ln -s "libcrypto.3.dylib" "libcrypto.dylib" +cp "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "$OUTPUT/lib" +chmod +w "$OUTPUT/lib/libcrypto.3.dylib" +cp -r $BREW_LIB/openssl/include/openssl "$OUTPUT/include" -install_name_tool -id "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/lib/libcrypto.1.1.dylib" +install_name_tool -id "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/lib/libcrypto.3.dylib" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/lib/libyubihsm.dylib" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/lib/libyubihsm.$VERSION.dylib" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/lib/libyubihsm.$SO_VERSION.dylib" +install_name_tool -change "$BREW_LIB/openssl@3/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/lib/libyubihsm.dylib" +install_name_tool -change "$BREW_LIB/openssl@3/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/lib/libyubihsm.$VERSION.dylib" +install_name_tool -change "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/lib/libyubihsm.$SO_VERSION.dylib" install_name_tool -change "$BREW_LIB/libusb/lib/libusb-1.0.0.dylib" "@loader_path/../lib/libusb-1.0.0.dylib" "$OUTPUT/lib/libyubihsm_usb.dylib" install_name_tool -change "$BREW_LIB/libusb/lib/libusb-1.0.0.dylib" "@loader_path/../lib/libusb-1.0.0.dylib" "$OUTPUT/lib/libyubihsm_usb.$VERSION.dylib" install_name_tool -change "$BREW_LIB/libusb/lib/libusb-1.0.0.dylib" "@loader_path/../lib/libusb-1.0.0.dylib" "$OUTPUT/lib/libyubihsm_usb.$SO_VERSION.dylib" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/lib/pkcs11/yubihsm_pkcs11.dylib" +install_name_tool -change "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/lib/pkcs11/yubihsm_pkcs11.dylib" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/bin/yubihsm-shell" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/bin/yubihsm-wrap" -install_name_tool -change "$BREW_LIB/openssl@1.1/lib/libcrypto.1.1.dylib" "@loader_path/../lib/libcrypto.1.1.dylib" "$OUTPUT/bin/yubihsm-auth" +install_name_tool -change "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/bin/yubihsm-shell" +install_name_tool -change "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/bin/yubihsm-wrap" +install_name_tool -change "$BREW_LIB/openssl/lib/libcrypto.3.dylib" "@loader_path/../lib/libcrypto.3.dylib" "$OUTPUT/bin/yubihsm-auth" for file in `find $OUTPUT/lib $OUTPUT/bin -type f`; do if otool -L $file | grep -q '$OUTPUT'; then