macOS OpenSSL #295
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: macOS OpenSSL | |
| on: | |
| schedule: | |
| # Run once a week on Fridays | |
| - cron: "0 0 * * FRI" | |
| pull_request: | |
| paths: | |
| - '.github/workflows/build-macos-openssl.yml' | |
| # Contains the OpenSSL version we'll build | |
| - 'cryptography-linux/openssl-version.sh' | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - '.github/workflows/build-macos-openssl.yml' | |
| # Contains the OpenSSL version we'll build | |
| - 'cryptography-linux/openssl-version.sh' | |
| jobs: | |
| build: | |
| runs-on: macos-11.0 | |
| strategy: | |
| matrix: | |
| ARCH: | |
| - NAME: x86_64 | |
| ARTIFACT_NAME: x86-64 | |
| CFLAGS: "-mmacosx-version-min=10.12 -march=core2" | |
| OPENSSLDIR: "/usr/local/etc/openssl@3" | |
| - NAME: arm64 | |
| ARTIFACT_NAME: arm64 | |
| CFLAGS: "-mmacosx-version-min=11.0" | |
| OPENSSLDIR: "/opt/homebrew/etc/openssl@3" | |
| name: "Build OpenSSL for macOS (${{ matrix.ARCH.NAME }})" | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Download OpenSSL | |
| run: | | |
| source ./cryptography-linux/openssl-version.sh | |
| curl -o openssl.tar.gz https://www.openssl.org/source/$OPENSSL_VERSION.tar.gz | |
| shasum -a 256 -c <<< "$OPENSSL_SHA256 *openssl.tar.gz" | |
| - name: Extract OpenSSL | |
| run: | | |
| tar zxf openssl.tar.gz | |
| - name: Build OpenSSL | |
| run: | | |
| set -x | |
| source ./cryptography-linux/openssl-version.sh | |
| mkdir artifact | |
| BASEDIR=$(pwd) | |
| cd openssl* | |
| # Use the brew openssldir so pyopenssl users with homebrew installed | |
| # will have roots for TLS. This is obviously not great but we live in | |
| # an imperfect world. | |
| perl ./Configure \ | |
| --prefix="${BASEDIR}/artifact" \ | |
| --openssldir=${{ matrix.ARCH.OPENSSLDIR }} \ | |
| darwin64-${{ matrix.ARCH.NAME }}-cc \ | |
| $OPENSSL_BUILD_FLAGS | |
| make -j$(sysctl -n hw.logicalcpu) | |
| make install_sw | |
| env: | |
| CFLAGS: ${{ matrix.ARCH.CFLAGS }} | |
| - uses: actions/[email protected] | |
| with: | |
| name: "openssl-macos-${{ matrix.ARCH.ARTIFACT_NAME }}" | |
| path: artifact/ | |
| universal2: | |
| runs-on: macos-11.0 | |
| name: "Build OpenSSL for macOS universal2" | |
| needs: [ build ] | |
| steps: | |
| - uses: actions/[email protected] | |
| with: | |
| name: openssl-macos-x86-64 | |
| path: x86-64 | |
| - uses: actions/[email protected] | |
| with: | |
| name: openssl-macos-arm64 | |
| path: arm64 | |
| - name: Create universal2 OpenSSL | |
| run: | | |
| mkdir artifact | |
| cd artifact | |
| mkdir bin lib | |
| cp -r ../x86-64/include . | |
| cp -r ../x86-64/lib/pkgconfig lib/ | |
| cp ../x86-64/bin/c_rehash bin/ # c_rehash is a perl script | |
| lipo -create -output bin/openssl ../x86-64/bin/openssl ../arm64/bin/openssl | |
| lipo -create -output lib/libssl.a ../x86-64/lib/libssl.a ../arm64/lib/libssl.a | |
| lipo -create -output lib/libcrypto.a ../x86-64/lib/libcrypto.a ../arm64/lib/libcrypto.a | |
| - uses: actions/[email protected] | |
| with: | |
| name: "openssl-macos-universal2" | |
| path: artifact/ |