github: Adapt to switch to Ubuntu 24.04 for ubuntu-latest

2025-10-03 00:00:24 -04:00 · 2025-01-09 14:21:10 +01:00 · 2025-01-09 14:21:10 +01:00 · 9d29d522e5
commit 9d29d522e5
parent 95dbd5c858
2 changed files with 25 additions and 11 deletions
--- a/.github/workflows/linux.yml
+++ b/.github/workflows/linux.yml
@ -41,8 +41,7 @@ jobs:
          - test: printf-builtin
            monolithic: yes
        include:
-          - os: ubuntu-24.04
-            test: apidoc
+          - test: apidoc
          - test: coverage
          - test: dist
          - test: nm
@ -97,17 +96,25 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        os: [ ubuntu-latest, ubuntu-20.04 ]
+        os: [ ubuntu-latest, ubuntu-22.04, ubuntu-20.04 ]
        test: [ botan, wolfssl, openssl, openssl-3, openssl-awslc, gcrypt ]
        leak-detective: [ no, yes ]
        exclude:
-          # test custom-built libs only on one platform
-          - os: ubuntu-20.04
+          # test custom-built libs only on the latest platform
+          - os: ubuntu-22.04
            test: botan
          - os: ubuntu-20.04
+            test: botan
+          - os: ubuntu-22.04
            test: wolfssl
          - os: ubuntu-20.04
+            test: wolfssl
+          - os: ubuntu-22.04
            test: openssl-3
+          - os: ubuntu-20.04
+            test: openssl-3
+          - os: ubuntu-22.04
+            test: openssl-awslc
          - os: ubuntu-20.04
            test: openssl-awslc
    env:
@ -147,7 +154,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        os: [ ubuntu-20.04 ]
+        os: [ ubuntu-22.04, ubuntu-20.04 ]
        test: [ all, nm ]
        compiler: [ gcc, clang ]
        exclude:
@ -157,13 +164,16 @@ jobs:
      LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
      CC: ${{ matrix.compiler || 'gcc' }}
      TEST: ${{ matrix.test }}
-      # LSan causes spurious SIGSEGV after tests due to DTLS handling by glibc
+      # LSan causes spurious SIGSEGV after tests due to DTLS handling by glibc (on 20.04)
      ASAN_OPTIONS: intercept_tls_get_addr=0
    steps:
      - uses: actions/checkout@v4
      - uses: actions/cache@v4
        with:
-          path: ~/.ccache
+          # path is different on newer systems
+          path: |
+            ~/.cache/ccache
+            ~/.ccache
          key: ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.sha }}
          restore-keys: |
            ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-
--- a/scripts/test.sh
+++ b/scripts/test.sh
@ -173,7 +173,7 @@ system_uses_openssl3()

 prepare_system_openssl()
 {
-	# On systems that ship OpenSSL 3 (e.g. Ubuntu 22.04), we require debug
+	# On systems that ship OpenSSL 3 (e.g. Ubuntu 22.04+), we require debug
 	# symbols to whitelist leaks
 	if test "$1" = "deps"; then
 		echo "deb http://ddebs.ubuntu.com $(lsb_release -cs) main restricted
@ -181,13 +181,17 @@ prepare_system_openssl()
 			deb http://ddebs.ubuntu.com $(lsb_release -cs)-proposed main restricted" | \
 			sudo tee -a /etc/apt/sources.list.d/ddebs.list
 		sudo apt-get install -qq ubuntu-dbgsym-keyring
-		DEPS="$DEPS libssl3-dbgsym"
+		if [ "$ID" = "ubuntu" -a "$VERSION_ID" = "24.04" ]; then
+			DEPS="$DEPS libssl3t64-dbgsym"
+		else
+			DEPS="$DEPS libssl3-dbgsym"
+		fi
 	fi
 	if test "$LEAK_DETECTIVE" = "yes"; then
 		# make sure we can properly whitelist functions with leak detective
 		DEPS="$DEPS binutils-dev"
 		CONFIG="$CONFIG --enable-bfd-backtraces"
-	else
+	elif [ "$ID" = "ubuntu" -a "$VERSION_ID" != "24.04" ]; then
 		# with ASan we have to use the (extremely) slow stack unwind as the
 		# shipped version of the library is built with -fomit-frame-pointer
 		export ASAN_OPTIONS=fast_unwind_on_malloc=0