Inhaltsverzeichnis
7.1 GitHub Actions
Ta stran prikazuje, kako samodejno zgradite OpenSSL z GitHub Actions.
Kaj je GitHub Actions?
GitHub Actions je CI/CD platforma GitHub:
- Neposredno integrirana v GitHub
- Brezplačno za javne repozitorije
- YAML-osnovana konfiguracija
Osnovni koncepti
| Pojem | Pomen |
| ——- | ——- |
| Workflow | Celotna avtomatizacija (.yml datoteka) |
| Job | Skupina korakov (npr. „build-windows“) |
| Step | Posamezen ukaz ali Action |
| Runner | Strežnik, ki izvaja job |
| Artifact | Rezultat (npr. DLL-ji) |
Ustvarjanje datoteke Workflow
Ustvarite datoteko .github/workflows/build-openssl.yml:
# OpenSSL Build Workflow name: Build OpenSSL 3.6 # Kdaj se gradi? on: push: branches: [ main ] # Ob push na main pull_request: branches: [ main ] # Ob Pull Requests workflow_dispatch: # Ročni zagon schedule: - cron: '0 2 * * 0' # Vsako nedeljo ob 2:00 jobs: # ============================================ # Windows x64 gradnja # ============================================ build-windows: runs-on: windows-latest steps: # 1. Checkout repozitorija - name: Checkout uses: actions/checkout@v4 with: submodules: true # 2. Namestitev Perl - name: Install Strawberry Perl run: choco install strawberryperl -y # 3. Namestitev NASM - name: Install NASM run: choco install nasm -y # 4. Gradnja - name: Build OpenSSL shell: cmd run: | call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat" set PATH=C:\Strawberry\perl\bin;C:\Program Files\NASM;%PATH% cd src perl Configure VC-WIN64A --prefix=%GITHUB_WORKSPACE%\bin nmake nmake install_sw # 5. Preverjanje različice - name: Verify Build run: | bin\bin\openssl.exe version -a bin\bin\openssl.exe list -signature-algorithms | findstr mldsa # 6. Nalaganje artefakta - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: openssl-3.6.0-win-x64 path: bin/ retention-days: 30 # ============================================ # Linux x64 gradnja # ============================================ build-linux: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - name: Install Dependencies run: | sudo apt-get update sudo apt-get install -y build-essential perl nasm - name: Build OpenSSL run: | cd src ./Configure linux-x86_64 --prefix=$GITHUB_WORKSPACE/linux-build make -j$(nproc) make install - name: Verify Build run: | linux-build/bin/openssl version -a - name: Upload Artifact uses: actions/upload-artifact@v4 with: name: openssl-3.6.0-linux-x64 path: linux-build/ retention-days: 30
Razlaga strukture Workflow
Sprožilec (on:)
on: push: branches: [ main ] # Samo main veja paths: - 'src/**' # Samo če je src/ spremenjen workflow_dispatch: # Ročno v GitHub UI
Jobs
jobs: job-name: runs-on: windows-latest # ali ubuntu-latest needs: [drugi-jobs] # Odvisnosti if: github.event_name == 'push' # Pogoj
Koraki
steps: - name: Opisno ime uses: action/name@v4 # Vnaprej pripravljena Action with: parameter: vrednost - name: Shell ukaz run: echo "Hello" shell: bash # ali cmd, pwsh
Secrets za zasebne gradnje
Če objavljate zasebne gradnje:
1. Ustvarjanje Secret v GitHub
Repository → Settings → Secrets → New secret
NUGET_API_KEY- Vaš NuGet ključAZURE_STORAGE_KEY- Za Blob nalaganje
2. Uporaba v Workflow
- name: Publish NuGet run: dotnet nuget push *.nupkg --api-key ${{ secrets.NUGET_API_KEY }} env: NUGET_API_KEY: ${{ secrets.NUGET_API_KEY }}
Ustvarjanje Release
Samodejno Release ob oznaki:
on: push: tags: - 'v*' # npr. v3.6.0 jobs: release: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 # ... koraki gradnje ... - name: Create Release uses: softprops/action-gh-release@v1 with: files: | openssl-3.6.0-win-x64.zip openssl-3.6.0-linux-x64.tar.gz env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Matrix gradnje
Več konfiguracij hkrati:
jobs: build: runs-on: ${{ matrix.os }} strategy: matrix: os: [windows-latest, ubuntu-latest] include: - os: windows-latest target: VC-WIN64A - os: ubuntu-latest target: linux-x86_64 steps: - name: Configure run: perl Configure ${{ matrix.target }}
Ročni zagon Workflow
- Pojdite na zavihek „Actions“ v GitHub
- Izberite Workflow
- Kliknite „Run workflow“
- Izberite vejo
- Kliknite „Run workflow“
Pogoste težave
"nmake: command not found"
Okolje Visual Studio ni naloženo:
- name: Build shell: cmd run: | call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Auxiliary\Build\vcvars64.bat" nmake
Gradnja traja predolgo
Uporabite predpomnilnik:
- name: Cache OpenSSL Build uses: actions/cache@v4 with: path: src/ key: openssl-${{ hashFiles('src/VERSION') }}
Naprej na
Wolfgang van der Stille @ EMSR DATA d.o.o. - Post-Quantum Cryptography Professional
Zuletzt geändert: dne 15.12.2025 ob 21:25
