[ruby-core:89450] [Ruby trunk Misc#15220] Adding OpenSSL 1.1.1 on Travis CI gcc-8 case

Issue #15220 has been updated by jaruga (Jun Aruga).

shyouhei (Shyouhei Urabe) wrote:
...
> This might not exactly be what you want but I have just enabled os: osx, whose homebrew accidentally includes openssl 1.1.1.
> It seems the builds are seconds slower than linux ones, but at least faster than installing openssl every time from the tarball.
> Is this sufficient for you?

Very cool! Thanks for the working.
This is sufficient and great solution for me.

Seeing the history of the openssl / 1.1.rb file, after the new OpenSSL 1.1.1 or 1.1.0i were released, the brew package was quickly updated to the latest version by someone within the same day.
https://formulae.brew.sh/formula/openssl / 1.1
https://github.com/Homebrew/homebrew-core/blob/master/Formula/openssl%401.1.rb

However I just want to ask you why you do not like my above 3rd solution.
It's not additional cost when doing pull-request and pushing to branches, isn't it?

----------------------------------------
Misc #15220: Adding OpenSSL 1.1.1 on Travis CI gcc-8 case
https://bugs.ruby-lang.org/issues/15220#change-74492

* Author: jaruga (Jun Aruga)
* Status: Open
* Priority: Normal
* Assignee:
----------------------------------------
Currently Travis CI test cases are running on OpenSSL 1.0.1f as the default setting.

I want to add the latest version OpenSSL 1.1.1 to the gcc-8 test case on Travis CI.

I sent pull-request for that.
https://github.com/ruby/ruby/pull/1980

## Motivation

The motivation is that ruby/openssl has very good CI environment covering the supported SSL collections.

However the benefits to enable OpenSSL 1.1.1 for the main repository (ruby/ruby) are

1. To make us check the entire logic on the latest OpenSSL as early as possible. For example, I can find this kind of issue [1] as early as possible.

2. We can check it on ruby-2.5 branch too. That is related to #15219 [2]

As we are working for OpenSSL 1.1.1 on Windows CI [3] and python project is testing on the custom OpenSSL built from the source code [4], I think that we can adapt it to Travis CI.

## Detail of implementation

In the new process, the OpenSSL is built from source code.
That takes 134.63 sec = 2 min 14 sec
I could not find the better idea than that.

I found the binary openssl package that someone is managing [5].
But it might not be valid for Trusty. And it seems that the repository is quite personal one.

I am using `cache/directories` element [6].

I created `tool/install_openssl.sh` script. But some logic might be moved to `configure.ac` like [7].

How do you think?

* [1] net/http, net/ftp: fix session resumption with TLS 1.3: https://github.com/ruby/ruby/commit/1dfc377
* [2] Ruby 2.5.X supporting OpenSSL 1.1.1 and TLS 1.3: https://bugs.ruby-lang.org/issues/15219
* [3] OpenSSL 1.1.1 soon available from MSYS2: https://bugs.ruby-lang.org/issues/15171
* [4] Python with custom OpenSSL: https://github.com/python/cpython/blob/master/.travis.yml#L15
* [5] Personal(?) openssl repository: https://launchpad.net/~xnox/+archive/ubuntu/openssl
* [6] Travis cache: https://docs.travis-ci.com/user/caching/#arbitrary-directories
* [7] deduce versioned tools from CC: https://github.com/ruby/ruby/commit/f677ba8

--
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>