New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run GHA CI with multiple OpenSSL versions #87977
Comments
CI only tests one OpenSSL version, but Python supports multiple versions of OpenSSL. OpenSSL 1.0.2, 1.1.0, 1.1.1, and 3.0.0 have different APIs and behave differently. We should run minimal tests with all major OpenSSL versions to ensure that Python compiles and works with supported versions. This will slow down CI a bit. I figured out how to include ccache to speed up compilation a lot. With populated ccache configure + make takes less than 30 seconds instead of 90 seconds. I also noticed that GHA action configuration compiles Python with custom OpenSSL but fails to set rpath / LD_LIBRARY_PATH. I think this means that we compile with custom OpenSSL but actual tests use OSS' OpenSSL libraries. |
Github selects required actions based on the "name" attribute of a job. Therefore I decided to keep the default "Ubuntu" job and moved the additional OpenSSL tests to another job. For future reference, my first approach was:
|
The new checks are only executed when one or more OpenSSL-related files are modified. The checks run a handful of networking and hashing test suites. All SSL checks are optional. This PR also introduces ccache to speed up compilation. In common cases it speeds up configure and compile time from about 90 seconds to less than 30 seconds. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: