The attribute plugin is not available, 2fa disabled
Inhaltsverzeichnis
7.1 GitHub Actions
This page shows how to automatically build OpenSSL with GitHub Actions.
What is GitHub Actions?
GitHub Actions is GitHub's CI/CD platform:
- Directly integrated in GitHub
- Free for public repositories
- YAML-based configuration
Basic Concepts
| Term | Meaning |
| —— | ——— |
| Workflow | The entire automation (.yml file) |
| Job | A group of steps (e.g. „build-windows“) |
| Step | A single command or action |
| Runner | The server that executes the job |
| Artifact | The result (e.g. the DLLs) |
Create Workflow File
Create the file .github/workflows/build-openssl.yml:
# OpenSSL Build Workflow name: Build OpenSSL 3.6 # When to build? on: push: branches: [ main ] # On push to main pull_request: branches: [ main ] # On pull requests workflow_dispatch: # Start manually schedule: - cron: '0 2 * * 0' # Every Sunday 2:00 AM jobs: # ============================================ # Windows x64 Build # ============================================ build-windows: runs-on: windows-latest steps: # 1. Checkout repository - name: Checkout uses: actions/checkout@v4 with: submodules: true # 2. Install Perl - name: Install Strawberry Perl run: choco install strawberryperl -y # 3. Install NASM - name: Install NASM run: choco install nasm -y # 4. Build - name: Build OpenSSL shell: cmd run: | call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat" set PATH=C:\Strawberry\perl\bin;C:\Program Files\NASM;%PATH% cd src perl Configure VC-WIN64A --prefix=%GITHUB_WORKSPACE%\bin nmake nmake install_sw # 5. Verify version - name: Verify Build run: | bin\bin\openssl.exe version -a bin\bin\openssl.exe list -signature-algorithms | findstr mldsa # 6. Upload artifact - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: openssl-3.6.0-win-x64 path: bin/ retention-days: 30 # ============================================ # Linux x64 Build # ============================================ build-linux: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Install Dependencies run: | sudo apt-get update sudo apt-get install -y build-essential perl nasm - name: Build OpenSSL run: | cd src ./Configure linux-x86_64 --prefix=$GITHUB_WORKSPACE/linux-build make -j$(nproc) make install - name: Verify Build run: | linux-build/bin/openssl version -a - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: openssl-3.6.0-linux-x64 path: linux-build/ retention-days: 30
Workflow Structure Explained
Trigger (on:)
on: push: branches: [ main ] # Only main branch paths: - 'src/**' # Only if src/ changed workflow_dispatch: # Manually in GitHub UI
Jobs
jobs: job-name: runs-on: windows-latest # or ubuntu-latest needs: [other-jobs] # Dependencies if: github.event_name == 'push' # Condition
Steps
steps: - name: Descriptive Name uses: action/name@v4 # Pre-built action with: parameter: value - name: Shell Command run: echo "Hello" shell: bash # or cmd, pwsh
Secrets for Private Builds
If you publish private builds:
1. Create Secret in GitHub
Repository → Settings → Secrets → New secret
NUGET_API_KEY- Your NuGet keyAZURE_STORAGE_KEY- For blob upload
2. Use in Workflow
- name: Publish NuGet run: dotnet nuget push *.nupkg --api-key ${{ secrets.NUGET_API_KEY }} env: NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
Create Release
Automatically create release on tag:
on: push: tags: - 'v*' # e.g. v3.6.0 jobs: release: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 # ... Build steps ... - name: Create Release uses: softprops/action-gh-release@v1 with: files: | openssl-3.6.0-win-x64.zip openssl-3.6.0-linux-x64.tar.gz env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Matrix Builds
Multiple configurations at once:
jobs: build: runs-on: ${{ matrix.os }} strategy: matrix: os: [windows-latest, ubuntu-latest] include: - os: windows-latest target: VC-WIN64A - os: ubuntu-latest target: linux-x86_64 steps: - name: Configure run: perl Configure ${{ matrix.target }}
Start Workflow Manually
- Go to „Actions“ tab in GitHub
- Select the workflow
- Click „Run workflow“
- Select branch
- Click „Run workflow“
Common Problems
"nmake: command not found"
Visual Studio environment not loaded:
- name: Build shell: cmd run: | call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat" nmake
Build takes too long
Use cache:
- name: Cache OpenSSL Build uses: actions/cache@v4 with: path: src/ key: openssl-${{ hashFiles('src/VERSION') }}
Continue to
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional
Zuletzt geändert: on 2026/01/29 at 09:23 PM