Skip to content

Improve shared ssl context #659

Improve shared ssl context

Improve shared ssl context #659

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request:
permissions: "read-all"
concurrency:
group: ci-${{ github.ref_name }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
package:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: "Checkout repository"
uses: "actions/checkout@d632683dd7b4114ad314bca15554477dd762a938"
- name: "Setup Python"
uses: "actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3"
with:
python-version: "3.x"
cache: "pip"
- name: "Check packages"
run: |
python -m pip install -U pip setuptools wheel build twine rstcheck
python -m build
rstcheck CHANGES.rst
python -m twine check dist/*
test:
strategy:
fail-fast: false
matrix:
python-version: ["3.7", "3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
os:
- macos-13
- windows-2022
- ubuntu-20.04 # OpenSSL 1.1.1
- ubuntu-22.04 # OpenSSL 3.0
nox-session: ['']
include:
- experimental: false
traefik-server: true
- traefik-server: false
nox-session: test_ssl_large_resources-3.7
python-version: "3.7"
os: windows-2022
experimental: false
- traefik-server: false
nox-session: test_ssl_large_resources-3.9
python-version: "3.9"
os: windows-2022
experimental: false
- traefik-server: false
nox-session: test_ssl_large_resources-3.13
python-version: "3.13"
os: windows-2022
experimental: false
- traefik-server: false
nox-session: test_ssl_large_resources-3.7
python-version: "3.7"
os: ubuntu-20.04
experimental: false
- traefik-server: false
nox-session: test_ssl_large_resources-3.9
python-version: "3.9"
os: ubuntu-22.04
experimental: false
- traefik-server: false
nox-session: test_ssl_large_resources-3.13
python-version: "3.13"
os: ubuntu-22.04
experimental: false
- experimental: true
python-version: "3.14"
os: ubuntu-22.04
traefik-server: true
- experimental: true
python-version: "3.14"
os: macos-13
traefik-server: true
- experimental: true
python-version: "3.14"
os: windows-2022
traefik-server: true
- python-version: "pypy-3.7"
os: ubuntu-22.04
experimental: false
nox-session: test-pypy
- python-version: "pypy-3.8"
os: ubuntu-22.04
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "pypy-3.9-v7.3.13" # urllib3#3308
os: ubuntu-22.04
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "pypy-3.10"
os: ubuntu-22.04
experimental: false
nox-session: test-pypy
traefik-server: true
- python-version: "3.x"
os: ubuntu-22.04
experimental: false
nox-session: test_brotlipy
# Test CPython with a broken hostname_checks_common_name (the fix is in 3.9.3)
- python-version: "3.9.2"
os: ubuntu-20.04 # CPython 3.9.2 is not available for ubuntu-22.04.
experimental: false
nox-session: test-3.9
exclude:
# Ubuntu 22.04 comes with OpenSSL 3.0, so only CPython 3.9+ is compatible with it
# https://github.com/python/cpython/issues/83001
- python-version: "3.7"
os: ubuntu-22.04
- python-version: "3.8"
os: ubuntu-22.04
runs-on: ${{ matrix.os }}
name: ${{ fromJson('{"macos-13":"macOS","windows-2022":"Windows","ubuntu-20.04":"Ubuntu 20.04 (OpenSSL 1.1.1)","ubuntu-22.04":"Ubuntu 22 (OpenSSL 3+)"}')[matrix.os] }} ${{ matrix.python-version }} ${{ matrix.nox-session }}
continue-on-error: ${{ matrix.experimental }}
timeout-minutes: 60
steps:
- name: "Checkout repository"
uses: "actions/checkout@d632683dd7b4114ad314bca15554477dd762a938"
- name: "Traefik: Prerequisites - Colima (MacOS)"
if: ${{ matrix.traefik-server && contains(matrix.os, 'mac') }}
uses: douglascamata/setup-docker-macos-action@4fe96839fcba8a2d746e020d00a89a37afbc7dc9
with:
colima-network-address: true
- name: "Colima VM List (MacOS)"
if: ${{ matrix.traefik-server && contains(matrix.os, 'mac') }}
run: colima list
- name: "Setup Python ${{ matrix.python-version }}"
uses: "actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3"
with:
python-version: ${{ matrix.python-version }}
allow-prereleases: true
- name: "Install dependencies"
run: python -m pip install --upgrade pip setuptools nox
- name: "Run tests"
run: ./ci/run_tests.sh
env:
PYTHON_VERSION: ${{ matrix.python-version }}
NOX_SESSION: ${{ matrix.nox-session }}
TRAEFIK_HTTPBIN_ENABLE: ${{ matrix.traefik-server }}
# on MacOS, the Colima VM is located at "192.168.106.2" by default.
TRAEFIK_HTTPBIN_IPV4: ${{ contains(matrix.os, 'mac') && '192.168.65.2' || '127.0.0.1' }}
- name: "Upload artifact"
uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce"
with:
name: coverage-data
path: ".coverage.*"
if-no-files-found: error
coverage:
if: always()
runs-on: "ubuntu-latest"
needs: test
steps:
- name: "Checkout repository"
uses: "actions/checkout@d632683dd7b4114ad314bca15554477dd762a938"
- name: "Setup Python"
uses: "actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3"
with:
python-version: "3.x"
- name: "Install coverage"
run: "python -m pip install --upgrade coverage"
- name: "Download artifact"
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: coverage-data
- name: "Combine & check coverage"
run: |
python -m coverage combine
python -m coverage html --skip-covered --skip-empty
python -m coverage report --ignore-errors --show-missing --fail-under=86
- name: "Upload report"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with:
name: coverage-report
path: htmlcov