From: Gerardo Ravago <gcr@amazon.com>
Date: Thu, 22 Feb 2024 18:47:58 +0000 (-0500)
Subject: github: Add AWS-LC CI job
X-Git-Tag: 5.9.14dr2~3
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1301c762d4b8093434856772467ff5e3306fe584;p=thirdparty%2Fstrongswan.git

github: Add AWS-LC CI job

AWS-LC is an OpenSSL derivative which can be used with the openssl plugin.
This adds a CI job that resembles the openssl-3 test case. It downloads
the source tarball for an AWS-LC release, builds that source using
CMake/Ninja, and then builds/tests strongSwan using the same technique
used by openssl-3.

References strongswan/strongswan#1907
Closes strongswan/strongswan#2151
---

diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml
index a786a25315..ad46d5c745 100644
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@@ -91,7 +91,7 @@ jobs:
     strategy:
       matrix:
         os: [ ubuntu-latest, ubuntu-20.04 ]
-        test: [ botan, wolfssl, openssl, openssl-3, gcrypt ]
+        test: [ botan, wolfssl, openssl, openssl-3, openssl-awslc, gcrypt ]
         leak-detective: [ no, yes ]
         exclude:
           # test custom-built libs only on one platform
@@ -101,6 +101,8 @@ jobs:
             test: wolfssl
           - os: ubuntu-20.04
             test: openssl-3
+          - os: ubuntu-20.04
+            test: openssl-awslc
     env:
       LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
       CC: ${{ matrix.compiler || 'gcc' }}
diff --git a/scripts/test.sh b/scripts/test.sh
index 78c1779392..f2bdd74f78 100755
--- a/scripts/test.sh
+++ b/scripts/test.sh
@@ -125,13 +125,42 @@ build_openssl()
 	fi
 }
 
+build_awslc()
+{
+	LC_REV=1.22.0
+	LC_PKG=aws-lc-$LC_REV
+	LC_DIR=$DEPS_BUILD_DIR/$LC_PKG
+	LC_SRC=https://github.com/aws/aws-lc/archive/refs/tags/v${LC_REV}.tar.gz
+	LC_BUILD=$LC_DIR/build
+	LC_INS=$DEPS_PREFIX/ssl
+
+	mkdir -p $LC_BUILD
+
+	echo "$ build_awslc()"
+
+	curl -L $LC_SRC | tar xz -C $DEPS_BUILD_DIR || exit $?
+
+	cd $LC_BUILD &&
+	cmake -GNinja -DCMAKE_INSTALL_PREFIX=$LC_INS .. &&
+	ninja &&
+	sudo ninja install || exit $?
+	cd -
+}
+
 use_custom_openssl()
 {
 	CFLAGS="$CFLAGS -I$DEPS_PREFIX/ssl/include"
 	export LDFLAGS="$LDFLAGS -L$DEPS_PREFIX/ssl/lib"
 	export LD_LIBRARY_PATH="$DEPS_PREFIX/ssl/lib:$LD_LIBRARY_PATH"
 	if test "$1" = "build-deps"; then
-		build_openssl
+		case "$TEST" in
+			openssl-awslc)
+				build_awslc
+				;;
+			*)
+				build_openssl
+				;;
+		esac
 	fi
 }
 
@@ -192,6 +221,9 @@ openssl*)
 	if test "$TEST" = "openssl-3"; then
 		DEPS=""
 		use_custom_openssl $1
+	elif test "$TEST" = "openssl-awslc"; then
+		DEPS="cmake ninja-build golang"
+		use_custom_openssl $1
 	elif system_uses_openssl3; then
 		prepare_system_openssl $1
 	fi