Add Fedora 44 CI image#425
Open
bneradt wants to merge 1 commit into
Open
Conversation
Fedora 44 is the next CI image target for ATS, and the existing Fedora 43-based configuration does not exercise the latest compiler, OpenSSL, Python, and H3 dependency stack. This adds the Fedora 44 image files with H3 helper scripts updated to the dependency versions used by proxy-verifier. The OpenSSL toolchain now uses official OpenSSL 3.5.5 with native QUIC, while the BoringSSL toolchain keeps the pinned BoringSSL revision and updates only nghttp2, ngtcp2, and nghttp3. This also switches the runtime stage to Fedora 44 and adds the Perl module required by the OpenSSL 3.5.5 build.
There was a problem hiding this comment.
Pull request overview
Adds a new Fedora 44-based Docker CI image for Traffic Server, including updated HTTP/3 toolchains to exercise newer compiler/OpenSSL/Python/H3 dependency stacks in CI.
Changes:
- Introduces a new multi-stage Fedora 44 Dockerfile that builds and installs H3 tooling, NuRaft, OpenTelemetry deps, WAMR, and ABI tools into
/opt. - Adds an OpenSSL-based H3 tools build script targeting upstream OpenSSL (tag
openssl-3.5.5) and refreshed nghttp* dependency tags. - Adds a BoringSSL-based H3 tools build script updating nghttp* tags, the pinned BoringSSL revision, and the bundled Go toolchain version.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| docker/fedora44/Dockerfile | New Fedora 44 CI image (build + runtime stages) producing /opt toolchain and runtime deps. |
| docker/fedora44/build_openssl_h3_tools.sh | Builds OpenSSL + quiche + nghttp2/ngtcp2/nghttp3 + curl for H3/QUIC testing. |
| docker/fedora44/build_boringssl_h3_tools.sh | Builds BoringSSL + quiche + nghttp2/ngtcp2/nghttp3 + curl for H3/QUIC testing. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+141
to
+143
| [ -f target/release/libquiche.so ] && cp target/release/libquiche.so ${QUICHE_BASE}/lib/ | ||
| # Why a link? https://github.com/cloudflare/quiche/issues/1808#issuecomment-2196233378 | ||
| ln -s ${QUICHE_BASE}/lib/libquiche.so ${QUICHE_BASE}/lib/libquiche.so.0 |
| --with-nghttp2=${BASE} \ | ||
| --with-nghttp3=${BASE} \ | ||
| --with-openssl-quic \ | ||
| --without-ngtcp2 \ |
| cp target/release/libquiche.a ${QUICHE_BASE}/lib/ | ||
| [ -f target/release/libquiche.so ] && cp target/release/libquiche.so ${QUICHE_BASE}/lib/ | ||
| # Why a link? https://github.com/cloudflare/quiche/issues/1808#issuecomment-2196233378 | ||
| ln -s ${QUICHE_BASE}/lib/libquiche.so ${QUICHE_BASE}/lib/libquiche.so.0 |
Comment on lines
+301
to
+303
| --with-nghttp2 \ | ||
| --with-nghttp3 \ | ||
| --with-ngtcp2 \ |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fedora 44 is the next CI image target for ATS, and the existing
Fedora 43-based configuration does not exercise the latest compiler,
OpenSSL, Python, and H3 dependency stack.
This adds the Fedora 44 image files with H3 helper scripts updated to
the dependency versions used by proxy-verifier. The OpenSSL toolchain
now uses official OpenSSL 3.5.5 with native QUIC, while the BoringSSL
toolchain keeps the pinned BoringSSL revision and updates only nghttp2,
ngtcp2, and nghttp3.
This also switches the runtime stage to Fedora 44 and adds the Perl
module required by the OpenSSL 3.5.5 build.