Update workflows to test msquic with OpenSSL

Update GitHub Workflows to build msquic with OpenSSL with TLS backend, push to Quay.io, and test with current QUIC interop workflow

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28045)

diff --git a/.github/workflows/build_quic_interop_container.yml b/.github/workflows/build_quic_interop_container.yml
index 5d409cddd8794afeddd6350d044cfbadb6c3ee3b..d7b20692d83c6f55863d0eee0773a4a37b937fb7 100644 (file)
--- a/.github/workflows/build_quic_interop_container.yml
+++ b/.github/workflows/build_quic_interop_container.yml
@@ -1,4 +1,4 @@
-name: "Build openssl interop container from master"
+name: "Build openssl interop containers"
 
 on:
   schedule:
@@ -24,3 +24,24 @@ jobs:
         run: |
           docker push quay.io/openssl-ci/openssl-quic-interop:latest
 
+  update_msquic_quay_container:
+    if: github.repository == 'openssl/openssl'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          repository: microsoft/msquic
+          ref: main
+          submodules: recursive
+      - name: "log in to quay.io"
+        run: |
+          docker login -u openssl-ci+machine -p ${{ secrets.QUAY_IO_PASSWORD }} quay.io
+      - name: Patch qns.Dockerfile
+        run: |
+          sed 's/RUN     cmake -DQUIC_BUILD_TOOLS=on -DQUIC_ENABLE_LOGGING=on ../RUN     cmake -DQUIC_BUILD_TOOLS=on -DQUIC_ENABLE_LOGGING=on -DQUIC_TLS_LIB=openssl ../' ./scripts/qns.Dockerfile
+      - name: "Build container"
+        run: |
+          docker build -f ./scripts/qns.Dockerfile -t quay.io/openssl-ci/msquic-openssl:latest .
+      - name: "Push to quay"
+        run: |
+          docker push quay.io/openssl-ci/msquic-openssl:latest

diff --git a/.github/workflows/run_quic_interop.yml b/.github/workflows/run_quic_interop.yml
index 206932638e20a096d61015ae22f5c6d1d9c32611..b12e1116b669585e2ca546c074d11445f9a3424b 100644 (file)
--- a/.github/workflows/run_quic_interop.yml
+++ b/.github/workflows/run_quic_interop.yml
@@ -2,7 +2,7 @@ name: "Run openssl quic interop testing"
 
 on:
   workflow_run:
-    workflows: ["Build openssl interop container from master"]
+    workflows: ["Build openssl interop containers"]
     types: [completed]
   workflow_dispatch:
 
@@ -11,10 +11,12 @@ jobs:
     strategy:
       matrix:
         tests: [http3, transfer, handshake, retry, chacha20, resumption, multiplexing, ipv6]
-        servers: [quic-go, ngtcp2, mvfst, quiche, nginx, msquic, haproxy]
+        servers: [quic-go, ngtcp2, mvfst, quiche, nginx, msquic, haproxy, msquic-openssl]
         exclude:
           - servers: msquic
             tests: retry
+          - servers: msquic-openssl
+            tests: retry
       fail-fast: false
     runs-on: ubuntu-latest
     steps:
@@ -36,10 +38,15 @@ jobs:
           for i in {1..3}; do sudo apt-get install -y tshark && break; sleep 10; done
       - name: Patch implementations file
         run: |
-          jq '.openssl = { image: "quay.io/openssl-ci/openssl-quic-interop"
-                         , url: "https://github.com/openssl/openssl"
-                         , role: "both"
-                         }' ./implementations.json > ./implementations.tmp
+          jq '. + {
+            "openssl": { image: "quay.io/openssl-ci/openssl-quic-interop"
+                       , url: "https://github.com/openssl/openssl"
+                       , role: "both"
+                       },
+            "msquic-openssl": { image: "quay.io/openssl-ci/msquic-openssl"
+                              , url: "https://github.com/microsoft/msquic"
+                              , role: "both"
+                              }}' ./implementations.json > ./implementations.tmp
           mv ./implementations.tmp implementations.json
       - name: "Update to docker-compose 2.36 and docker engine 28.1.1"
         run: |
@@ -69,7 +76,7 @@ jobs:
     strategy:
       matrix:
         tests: [http3, transfer, handshake, retry, chacha20, resumption, amplificationlimit, ipv6]
-        clients: [quic-go, ngtcp2, mvfst, quiche, msquic, openssl, chrome]
+        clients: [quic-go, ngtcp2, mvfst, quiche, msquic, openssl, chrome, msquic-openssl]
         exclude:
           - clients: mvfst
             tests: amplificationlimit
@@ -94,10 +101,15 @@ jobs:
           for i in {1..3}; do sudo apt-get install -y tshark && break; done
       - name: Patch implementations file
         run: |
-          jq '.openssl = { image: "quay.io/openssl-ci/openssl-quic-interop"
-                         , url: "https://github.com/openssl/openssl"
-                         , role: "both"
-                         }' ./implementations.json > ./implementations.tmp
+          jq '. + {
+            "openssl": { image: "quay.io/openssl-ci/openssl-quic-interop"
+                       , url: "https://github.com/openssl/openssl"
+                       , role: "both"
+                       },
+            "msquic-openssl": { image: "quay.io/openssl-ci/msquic-openssl"
+                              , url: "https://github.com/microsoft/msquic"
+                              , role: "both"
+                              }}' ./implementations.json > ./implementations.tmp
           mv ./implementations.tmp implementations.json
       - name: "Update to docker-compose 2.36 and docker engine 28.1.1"
         run: |