@@ -2,8 +2,8 @@ name: Patched JNI CI
22
33# This workflow attempts to build and test the wolfSSL JNI library with all
44# available wolfSSL PR patches applied, eg WOLFSSL_PR*_PATCH_APPLIED defines.
5- # It currently only supports a single PR patch at a time, using the highest PR
6- # number found in the defines.
5+ # It currently only supports a single open PR patch at a time. If all patches
6+ # are merged, it builds against master with all patch defines enabled .
77
88on :
99 push :
@@ -15,71 +15,132 @@ jobs:
1515 resolve_wolfssl_ref :
1616 runs-on : ubuntu-latest
1717 outputs :
18- should_run : ${{ steps.resolve .outputs.should_run }}
19- wolfssl_repo : ${{ steps.resolve .outputs.wolfssl_repo }}
20- wolfssl_ref : ${{ steps.resolve .outputs.wolfssl_ref }}
21- pr_number : ${{ steps.resolve .outputs.pr_number }}
18+ should_run : ${{ steps.eval_prs .outputs.should_run }}
19+ wolfssl_repo : ${{ steps.eval_prs .outputs.wolfssl_repo }}
20+ wolfssl_ref : ${{ steps.eval_prs .outputs.wolfssl_ref }}
21+ patch_defines : ${{ steps.eval_prs .outputs.patch_defines }}
2222 steps :
2323 - uses : actions/checkout@v4
2424
25- - name : Resolve wolfSSL ref from patch defines
26- id : resolve
25+ - name : Install prerequisites
2726 run : |
28- set -euo pipefail
27+ sudo apt-get update
28+ sudo apt-get install -y jq curl
2929
30- # Find WOLFSSL_PR*_PATCH_APPLIED defines in wolfssl source.
31- defines="$(./scripts/find-wolfssl-pr-patch-defines.sh)"
30+ name : Find patch defines
31+ id : find_defines
32+ run : |
33+ set -euo pipefail
34+ defines=""
35+ if ! defines="$(./scripts/find-wolfssl-pr-patch-defines.sh)"; then
36+ echo "::warning::find-wolfssl-pr-patch-defines.sh failed; skipping patched CI."
37+ echo "should_run=false" >> "$GITHUB_OUTPUT"
38+ exit 0
39+ fi
3240 if [ -z "$defines" ]; then
3341 echo "::warning::No WOLFSSL_PR*_PATCH_APPLIED defines found; skipping patched CI."
3442 echo "should_run=false" >> "$GITHUB_OUTPUT"
3543 exit 0
3644 fi
3745 echo "Found patch defines:"
3846 printf "%s\n" "$defines"
47+ {
48+ echo "should_run=true"
49+ echo "defines<<EOF"
50+ printf "%s\n" "$defines"
51+ echo "EOF"
52+ } >> "$GITHUB_OUTPUT"
53+
54+ name : Evaluate PR statuses
55+ id : eval_prs
56+ if : steps.find_defines.outputs.should_run == 'true'
57+ run : |
58+ set -euo pipefail
3959
40- # Find the highest PR number from the defines.
41- pr_number="$(printf "%s\n" "$defines" | sed -E 's/^WOLFSSL_PR([0-9]+)_PATCH_APPLIED$/\1/' | sort -n | tail -1)"
42- if [ -z "$pr_number" ]; then
43- echo "::warning::Failed to derive PR number from patch defines; skipping patched CI."
44- echo "should_run=false" >> "$GITHUB_OUTPUT"
45- exit 0
46- fi
47- echo "Highest PR number from defines: $pr_number"
48-
49- # Check PR status via GitHub API.
50- pr_json="$(curl -fsSL "https://api.github.com/repos/wolfSSL/wolfssl/pulls/$pr_number" || true)"
51- if [ -z "$pr_json" ]; then
52- echo "::warning::Unable to fetch PR #$pr_number from GitHub API; skipping patched CI."
53- echo "should_run=false" >> "$GITHUB_OUTPUT"
54- exit 0
55- fi
56- echo "Fetched PR #$pr_number info from GitHub API."
57-
58- state="$(printf "%s" "$pr_json" | jq -r '.state // empty')"
59- merged_at="$(printf "%s" "$pr_json" | jq -r '.merged_at // empty')"
60- head_repo="$(printf "%s" "$pr_json" | jq -r '.head.repo.full_name // empty')"
61- head_ref="$(printf "%s" "$pr_json" | jq -r '.head.ref // empty')"
62-
63- if [ -n "$merged_at" ]; then
64- echo "PR #$pr_number is merged; using wolfSSL master branch."
65- echo "should_run=true" >> "$GITHUB_OUTPUT"
66- echo "wolfssl_repo=wolfSSL/wolfssl" >> "$GITHUB_OUTPUT"
67- echo "wolfssl_ref=master" >> "$GITHUB_OUTPUT"
68- echo "pr_number=$pr_number" >> "$GITHUB_OUTPUT"
69- exit 0
70- fi
60+ defines="${{ steps.find_defines.outputs.defines }}"
61+ should_run=true
62+ wolfssl_repo="wolfSSL/wolfssl"
63+ wolfssl_ref="master"
64+ found_open=false
65+ patch_defines=""
7166
72- if [ "$state" = "open" ] && [ -n "$head_repo" ] && [ -n "$head_ref" ]; then
73- echo "should_run=true" >> "$GITHUB_OUTPUT"
74- echo "wolfssl_repo=$head_repo" >> "$GITHUB_OUTPUT"
75- echo "wolfssl_ref=$head_ref" >> "$GITHUB_OUTPUT"
76- echo "pr_number=$pr_number" >> "$GITHUB_OUTPUT"
77- echo "PR #$pr_number is open; using branch $head_ref from repo $head_repo."
78- exit 0
79- fi
67+ echo "Evaluating patch defines:"
68+ printf "%s\n" "$defines"
8069
81- echo "::warning::PR #$pr_number is not merged or has no accessible branch; skipping patched CI."
82- echo "should_run=false" >> "$GITHUB_OUTPUT"
70+ while read -r define; do
71+ define="$(printf "%s" "$define" | tr -d '\r' | xargs)"
72+ [ -z "$define" ] && continue
73+ pr_number="$(printf "%s" "$define" | sed -E 's/^WOLFSSL_PR([0-9]+)_PATCH_APPLIED$/\1/')"
74+ if [ -z "$pr_number" ] || [ "$pr_number" = "$define" ]; then
75+ echo "::warning::Failed to derive PR number from define $define; skipping patched CI."
76+ echo "should_run=false" >> "$GITHUB_OUTPUT"
77+ exit 0
78+ fi
79+
80+ pr_info=""
81+ if ! pr_info="$(./scripts/find-pr-info.sh "$pr_number" --repo wolfSSL/wolfssl)"; then
82+ echo "::warning::find-pr-info.sh failed for PR #$pr_number; skipping patched CI."
83+ echo "should_run=false" >> "$GITHUB_OUTPUT"
84+ exit 0
85+ fi
86+ if [ -z "$pr_info" ]; then
87+ echo "::warning::Unable to resolve PR #$pr_number info; skipping patched CI."
88+ echo "should_run=false" >> "$GITHUB_OUTPUT"
89+ exit 0
90+ fi
91+ echo "PR #$pr_number raw info:"
92+ printf "%s\n" "$pr_info"
93+
94+ info_repo="$(printf "%s\n" "$pr_info" | sed -n 's/^repo://p')"
95+ info_branch="$(printf "%s\n" "$pr_info" | sed -n 's/^branch://p')"
96+ info_commit="$(printf "%s\n" "$pr_info" | sed -n 's/^commit://p')"
97+ info_status="$(printf "%s\n" "$pr_info" | sed -n 's/^status://p')"
98+
99+ if [ -z "$info_repo" ] || [ -z "$info_branch" ] || [ -z "$info_commit" ] || [ -z "$info_status" ]; then
100+ echo "::warning::Missing expected PR info fields for PR #$pr_number; skipping patched CI."
101+ echo "should_run=false" >> "$GITHUB_OUTPUT"
102+ exit 0
103+ fi
104+
105+ case "$info_status" in
106+ merged)
107+ continue
108+ ;;
109+ open)
110+ if [ "$found_open" = "false" ]; then
111+ wolfssl_repo="$info_repo"
112+ wolfssl_ref="$info_commit"
113+ found_open=true
114+ patch_defines="WOLFSSL_PR${pr_number}_PATCH_APPLIED"
115+ echo "PR #$pr_number is open; using repo $wolfssl_repo"
116+ echo "PR #$pr_number is open; using branch $info_branch"
117+ echo "PR #$pr_number is open; using commit $wolfssl_ref"
118+ else
119+ echo "::warning::Found multiple PRs with patch defines; unable to determine which one to use; skipping patched CI."
120+ should_run=false
121+ break
122+ fi
123+ ;;
124+ *)
125+ echo "::warning::PR #$pr_number is in unexpected state: $info_status; skipping patched CI."
126+ should_run=false
127+ break
128+ ;;
129+ esac
130+ done <<EOF
131+ $defines
132+ EOF
133+
134+ echo "should_run=$should_run" >> "$GITHUB_OUTPUT"
135+ echo "wolfssl_repo=$wolfssl_repo" >> "$GITHUB_OUTPUT"
136+ echo "wolfssl_ref=$wolfssl_ref" >> "$GITHUB_OUTPUT"
137+ echo "patch_defines=$patch_defines" >> "$GITHUB_OUTPUT"
138+
139+ echo "Using: "
140+ echo "repo : $wolfssl_repo"
141+ echo "ref : $wolfssl_ref"
142+ echo "branch : $info_branch"
143+ echo "defines: $patch_defines"
83144
84145patched_jni_build :
85146 needs : resolve_wolfssl_ref
@@ -126,10 +187,9 @@ jobs:
126187 run : |
127188 echo "LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$GITHUB_WORKSPACE/build-dir/lib" >> "$GITHUB_ENV"
128189
129- name : Build and test JNI library with all patches
190+ name : Build and test JNI library with all patches enabled
130191 run : |
131- make all-patched PREFIX=$GITHUB_WORKSPACE/build-dir
132- make check
192+ make build check PREFIX=$GITHUB_WORKSPACE/build-dir ENABLE_PATCHES=1 PATCH_DEFINES="${{ needs.resolve_wolfssl_ref.outputs.patch_defines }}"
133193
134194name : Show logs on failure
135195 if : failure() || cancelled()
0 commit comments