diff --git a/.github/workflows/integrations.yml b/.github/workflows/integrations.yml index 17aabcb66c4..854febd7b3f 100644 --- a/.github/workflows/integrations.yml +++ b/.github/workflows/integrations.yml @@ -148,3 +148,15 @@ jobs: - name: Run strongswan build run: | ./tests/ci/integration/run_strongswan_integration.sh + ruby-releases: + if: github.repository_owner == 'aws' + runs-on: ubuntu-latest + steps: + - name: Install OS Dependencies + run: | + sudo apt-get update + sudo apt-get -y --no-install-recommends install cmake gcc ninja-build golang make autoconf ruby + - uses: actions/checkout@v3 + - name: Build AWS-LC, build ruby, run tests + run: | + ./tests/ci/integration/run_ruby_integration.sh ruby_3_1 diff --git a/tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby.patch b/tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby.patch new file mode 100644 index 00000000000..073c0b72436 --- /dev/null +++ b/tests/ci/integration/ruby_patch/ruby_3_1/aws-lc-ruby.patch @@ -0,0 +1,26 @@ +diff --git a/ext/openssl/ossl_ocsp.c b/ext/openssl/ossl_ocsp.c +index 1e87484..23de3a2 100644 +--- a/ext/openssl/ossl_ocsp.c ++++ b/ext/openssl/ossl_ocsp.c +@@ -10,7 +10,7 @@ + */ + #include "ossl.h" + +-#if !defined(OPENSSL_NO_OCSP) ++#if !defined(OPENSSL_NO_OCSP) && !defined(OPENSSL_IS_AWSLC) + + #define NewOCSPReq(klass) \ + TypedData_Wrap_Struct((klass), &ossl_ocsp_request_type, 0) +diff --git a/ext/openssl/ossl_ocsp.h b/ext/openssl/ossl_ocsp.h +index 6d2aac8..5e86ac8 100644 +--- a/ext/openssl/ossl_ocsp.h ++++ b/ext/openssl/ossl_ocsp.h +@@ -11,7 +11,7 @@ + #if !defined(_OSSL_OCSP_H_) + #define _OSSL_OCSP_H_ + +-#if !defined(OPENSSL_NO_OCSP) ++#if !defined(OPENSSL_NO_OCSP) && !defined(OPENSSL_IS_AWSLC) + extern VALUE mOCSP; + extern VALUE cOCSPReq; + extern VALUE cOCSPRes; diff --git a/tests/ci/integration/run_ruby_integration.sh b/tests/ci/integration/run_ruby_integration.sh new file mode 100755 index 00000000000..3cd11b92d6f --- /dev/null +++ b/tests/ci/integration/run_ruby_integration.sh @@ -0,0 +1,75 @@ +#!/bin/bash -exu +# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. +# SPDX-License-Identifier: Apache-2.0 OR ISC + +source tests/ci/common_posix_setup.sh + +set -exuo pipefail + +# Set up environment. + +# SYS_ROOT +# - SRC_ROOT(aws-lc) +# - SCRATCH_FOLDER +# - RUBY_SRC_FOLDER +# - ruby_3_1 +# - RUBY_PATCH_FOLDER +# - ruby_3_1 +# - AWS_LC_BUILD_FOLDER +# - AWS_LC_INSTALL_FOLDER + +# Assumes script is executed from the root of aws-lc directory +SCRATCH_FOLDER="${SRC_ROOT}/RUBY_BUILD_ROOT" +RUBY_SRC_FOLDER="${SCRATCH_FOLDER}/ruby-src" +RUBY_PATCH_FOLDER="${SRC_ROOT}/tests/ci/integration/ruby_patch" +AWS_LC_BUILD_FOLDER="${SCRATCH_FOLDER}/aws-lc-build" +AWS_LC_INSTALL_FOLDER="${SCRATCH_FOLDER}/aws-lc-install" + +function ruby_build() { + local branch=${1} + pushd ${branch} + ./autogen.sh + mkdir -p build && cd build + ../configure --with-openssl-dir=${AWS_LC_INSTALL_FOLDER} \ + --with-openssl-lib=${AWS_LC_INSTALL_FOLDER}/lib \ + --with-openssl-include=${AWS_LC_INSTALL_FOLDER}/include + make -j ${NUM_CPU_THREADS} + popd +} + +function ruby_patch() { + local branch=${1} + local src_dir="${RUBY_SRC_FOLDER}/${branch}" + local patch_dir="${RUBY_PATCH_FOLDER}/${branch}" + if [[ ! $(find -L ${patch_dir} -type f -name '*.patch') ]]; then + echo "No patch for ${branch}!" + exit 1 + fi + git clone https://github.com/ruby/ruby.git ${src_dir} \ + --depth 1 \ + --branch ${branch} +} + +if [[ "$#" -eq "0" ]]; then + echo "No ruby branches provided for testing" + exit 1 +fi + +mkdir -p ${SCRATCH_FOLDER} +rm -rf ${SCRATCH_FOLDER}/* +cd ${SCRATCH_FOLDER} + +mkdir -p ${AWS_LC_BUILD_FOLDER} ${AWS_LC_INSTALL_FOLDER} + +aws_lc_build ${SRC_ROOT} ${AWS_LC_BUILD_FOLDER} ${AWS_LC_INSTALL_FOLDER} -DBUILD_TESTING=OFF -DBUILD_SHARED_LIBS=0 -DAWS_LC_INTERNAL_IGNORE_BN_SET_FLAGS=1 + +mkdir -p ${RUBY_SRC_FOLDER} +pushd ${RUBY_SRC_FOLDER} + +# NOTE: As we add more versions to support, we may want to parallelize here +for branch in "$@"; do + ruby_patch ${branch} + ruby_build ${branch} +done + +popd