mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-12-24 11:01:00 +01:00
Code Issues Projects Releases Wiki Activity
25,941 Commits 29 Branches 405 Tags
Commit Graph

261 Commits

Author SHA1 Message Date
Frederic Lecaille
6e94b69665 REGTESTS: ssl: Move all the SSL certificates, keys, crt-lists inside "certs" directory 
Move all these files and others for OCSP tests found into reg-tests/ssl
to reg-test/ssl/certs and adapt all the VTC files which use them.

This patch is needed by other tests which have to include the SSL tests.
Indeed, some VTC commands contain paths to these files which cannot
be customized with environment variables, depending on the location the VTC file
is runi from, because VTC does not resolve the environment variables. Only macros
as ${testdir} can be resolved.

For instance this command run from a VTC file from reg-tests/ssl directory cannot
be reused from another directory, except if we add a symbolic link for each certs,
key etc.

 haproxy h1 -cli {
   send "del ssl crt-list ${testdir}/localhost.crt-list ${testdir}/common.pem:1"
 }

This is not what we want. We add a symbolic link to reg-test/ssl/certs to the
directory and modify the command above as follows:

 haproxy h1 -cli {
   send "del ssl crt-list ${testdir}/certs/localhost.crt-list ${testdir}/certs/common.pem:1"
 }
 2025-12-08 10:40:59 +01:00
William Lallemand
1f562687e3 CI: github: make install-bin instead of make install 
make install now have a dependency to install-admin which have a
dependency to admin/halog/halog.

halog links haproxy .o together with its own objects, but those objects
when built with ASAN must also be linked with ASAN or it won't be
possible to link the binary.

We don't need an ASAN-ready halog, so let's just do an install-bin
instead that will just install haproxy.
 2025-11-18 20:11:23 +01:00
William Lallemand
3c578ca31c CI: github: update to macos-26 
macOS-15 images seems to have difficulties to run the reg-tests since a
few days for an unknown reason. Doing a rollback of both VTest2 and
haporxy doesn't seem to fix the problem so this is probably related to a
change in github actions.

This patch switches the image to the new macos-26 images which seems to
fix the problem.
 2025-11-03 16:17:36 +01:00
William Lallemand
ce413f002a CI: github: add USE_ECH=1 to haproxy for openssl-ech job 
Add the USE_ECH=1 make option to the haproxy build in order to test the
build of the feature.
 2025-10-30 10:38:38 +01:00
Ilia Shipitsin
9781d91e4d CI: disable fail-fast on fedora rawhide builds 
Previously builds were dependent in terms that if one fails, other are
stopped. By their nature those builds are independent, let's not to fail
them altogether
 2025-10-29 08:15:01 +01:00
William Lallemand
6499c0a0d5 CI: github: build halog on the vtest job 
halog was not built in the vtest job. Add it to vtest.yml to be able to
track build issues on push.
 2025-09-26 16:29:29 +02:00
William Lallemand
230a072102 CI: github: add curl+ech build into openssl-ech job 
Build a curl binary with the ECH function linked with our openssl+ech
library.
 2025-09-25 17:05:46 +02:00
Ilia Shipitsin
8c8e50e09a CI: move VTest preparation & friends to dedicated composite action 
reference: https://docs.github.com/en/actions/tutorials/create-actions/create-a-composite-action

preparing coredump limits, installing VTest are now served by dedicated
composite action
 2025-09-22 19:18:23 +02:00
William Lallemand
9517116f63 CI: github: add an OpenSSL + ECH job 
The upcoming ECH feature need a patched OpenSSL with the "feature/ech"
branch.

This daily job launches an openssl build, as well as haproxy build with
reg-tests.
 2025-09-16 15:05:44 +02:00
Ilia Shipitsin
3354719709 CI: fix syntax of Quic Interop pipelines 
previously, wrong syntax of passing build arguments was used, thus
previously images were built using default SSLLIB=QuicTLS-1.1.1
 2025-09-03 11:36:14 +02:00
Tim Duesterhus
b81a7f428b CI: Update to actions/checkout@v5 
No functional change, but we should keep this current.

see 5f4ddb54b05ae0355b1f64c22263a6bc381410df
see 5c923f1869881156bf3a25c9659655ae10f7dbd0
 2025-08-13 19:15:04 +02:00
Ilia Shipitsin
c10e8401e2 CI: vtest: add Ubuntu arm64 builds 
Reference: https://github.com/actions/partner-runner-images

since GHA now supports arm64 as well, let add those builds. We will
start with ASAN builds, other will be added later if required
 2025-08-08 15:36:11 +02:00
Ilia Shipitsin
6b2bbcb428 CI: vtest: add os name to OT cache key 
currently OpenTracing cache does not include os name. it does not
allow to distinguish, for example between ubuntu-24.04 and
ubuntu-24.04-arm.
 2025-08-08 15:36:12 +02:00
William Lallemand
9e78859fb3 CI: github: skip a ssl library version when latest is already in the list 
Skip the job for "latest" libssl version, when this version is the same
as a one already in the list.

This avoid having 2 jobs for OpenSSL 3.5.1 since no new dev version are
available for now and 3.5.1 is already in the list.
 2025-07-07 19:46:07 +02:00
William Lallemand
0efbe6da88 CI: github: update to OpenSSL 3.5.1 
Update the OpenSSL 3.5 job to 3.5.1.

This must be backported to 3.2.
 2025-07-07 13:58:38 +02:00
William Lallemand
d0bd0595da CI: github: update the stable CI to ubuntu-24.04 
Update the stable CI to ubuntu-24.04.

Must be backported to 3.2.
 2025-07-07 09:29:33 +02:00
William Lallemand
b6fec27ef6 CI: github: add an OpenSSL 3.5.0 job 
Add an OpenSSL 3.5.0 job to test USE_QUIC.

This must be backported to 3.2.
 2025-07-07 09:27:17 +02:00
Ilia Shipitsin
d8c867a1e6 CI: enable USE_QUIC=1 for OpenSSL versions >= 3.5.0 
OpenSSL 3.5.0 introduced experimental support for QUIC. This change enables the use_quic option when a compatible version of OpenSSL is detected, allowing QUIC-based functionality to be leveraged where applicable. Feature remains disabled for earlier versions to ensure compatibility.
 2025-07-07 09:02:11 +02:00
Ilia Shipitsin
198d422a31 CI: set DEBUG_STRICT=2 for coverity scan 
enabling DEBUG_STRICT=2 will enable BUG_ON_HOT() and help coverity
in bug detection

for the reference: https://github.com/haproxy/haproxy/issues/3008
 2025-07-06 08:17:37 +02:00
Ilya Shipitsin
94ded5523f CI: combine AWS-LC and AWS-LC-FIPS by template 
let's reduce code duplication by involving workflow templates
 2025-05-27 15:06:58 +02:00
Ilia Shipitsin
12de9ecce5 CI: WolfSSL: enable unit tests 
Run the new make unit-tests on the CI.
 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
75a1e40501 CI: QuicTLS (weekly): limit run on forks only to manual dispatch 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
a8b1b08fd7 CI: musl: enable unit tests 
Run the new make unit-tests on the CI.
 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
01225f9aa5 CI: compliance: limit run on forks only to manual + cleanup 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
61b30a09c0 CI: AWS-LC: enable unit tests 
Run the new make unit-tests on the CI.
 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
944a96156e CI: AWS-LC(fips): enable unit tests 
Run the new make unit-tests on the CI.
 2025-05-14 17:00:31 +02:00
Ilia Shipitsin
4dee087f19 CI: fedora rawhide: enable unit tests 
Run the new make unit-tests on the CI.
 2025-04-15 16:53:54 +02:00
Ilya Shipitsin
eed4116c07 CI: enable weekly QuicTLS build 
QuicTLS started own fork not dependant on OpenSSL, lets add
that to weekly builds

ML: https://www.mail-archive.com/haproxy@formilux.org/msg45574.html
GH: https://github.com/quictls/quictls/issues/244
 2025-04-11 16:01:45 +02:00
Ilia Shipitsin
bd477d5f51 CI: codespell: add "pres" to spellcheck whitelist 
spellcheck was triggered by the following:

  * pres  : same as "res" but using the parent stream, if any. "pres"
            variables are only accessible during response processing of the
            parent stream.
 2025-04-03 11:37:25 +02:00
Ilia Shipitsin
30df5b0f23 CI: spell check: allow manual trigger 2025-04-03 11:37:25 +02:00
Ilia Shipitsin
415d446065 CI: QUIC Interop on LibreSSL: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
8d591c387a CI: QUIC Interop on AWS-LC: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
7de45e3874 CI: NetBSD: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
8231f58fdc CI: Illumos: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
7495dbed22 CI: cross compile: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
7eb54656ae CI: coverity scan: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
424ca19831 CI: spellcheck: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
d9cb95c2a5 CI: fedora rawhide: install "awk" as a dependency 
for some reason it is not installed by default on rawhide anymore
 2025-03-28 09:51:35 +01:00
Ilia Shipitsin
21894300c1 CI: fedora rawhide: allow "on: workflow_dispatch" in forks 
previously that build were limited to "haproxy" github organization
only. let's allow manual builds from forks
 2025-03-28 09:51:35 +01:00
William Lallemand
c6e6318125 CI: github: add "jose" to apt dependencies 
jose is used in the JWS unit-test, let's add it to the CI.
 2025-03-11 22:29:40 +01:00
William Lallemand
29db5406b4 CI: github: show results of the Unit tests 
Add a "Show Unit-Tests results" section which show each unit test which
failed by displaying their result file.
 2025-03-06 21:23:54 +01:00
William Lallemand
588237ca6e CI: github: fix h2spec.config proxy names 
h2spec.config config file emitted a warning because the frontend name
has the same name as the backend.
 2025-03-04 11:44:03 +01:00
William Lallemand
937ece45d4 CI: github: remove smoke tests from vtest.yml 
Smoke tests from the vtest.yml are not useful anymore since they are run
directly by tests/unit/smoke/test.sh. This patch removes them.
 2025-03-03 12:46:20 +01:00
William Lallemand
7a2a613132 CI: github: run make unit-tests on the CI 
Run the new make unit-tests on the CI.

It requires HAProxy to be built with -DDEBUG_UNIT so the -U option is
available in HAProxy
 2025-03-03 12:43:32 +01:00
Ilia Shipitsin
0bdf414fa5 CI: QUIC Interop: clean old docker images 
currently temporary docker images are kept forever. let's delete
outdated ones
 2025-02-21 11:34:43 +01:00
William Lallemand
4332fed6c1 CI: github: activate debug in wolfssl weekly build 
Activate the WolfSSL debugging of WolfSSL in the weekly job.
 2024-12-23 18:00:34 +01:00
William Lallemand
dfc403f5c6 CI: github: activate ASAN on the WolfSSL weekly job 
Activate ASAN on the WolfSSL weekly job in order to have use-after-free
traces.
 2024-12-23 17:27:27 +01:00
William Lallemand
ef108705e4 CI: github: try to build the latest WolfSSL master weekly 
The WolfSSL latest version is still broken (5.7.4), no new release was
done with a new version.

Modify the weekly CI job so we could build with the latest git version.
 2024-12-23 17:27:00 +01:00
Ilia Shipitsin
6aae995b1d CI: limit aws-lc and libressl Quic Interop to "haproxy" only 
those CI are not supposed to run in forks (however, if someone wants,
he can enable it personally)
 2024-12-23 13:59:48 +01:00
William Lallemand
0c1fdb2908 CI: github: let's add an AWS-LC-FIPS job 
Add a job which does exactly the same as the aws-lc.yml job, but using
the AWS-LC-FIPS build.
 2024-12-12 16:35:42 +01:00