New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[WFCORE-5786] / [WFCORE-5787] WildFly OpenSSL Component Upgrades #4945
Conversation
@luck3y Thanks again for your help with the other CI job! Would it be possible to update the agents for WildFly Core too so that they run with OpenSSL 3 as well? The following test uses OpenSSL so could be used as a sanity check to see which version of OpenSSL gets used when running: |
Hi @fjuma -- I can take a look at installing an updated OpenSSL on the other agents, however for those it will have to be available somewhere as an RPM, as compiling it locally on all of the agents otherwise will be impossible to maintain. I assume Windows has a native that uses OpenSSL as well? |
Thanks @luck3y! It is possible to run these tests on Windows too. However, was just looking at an existing Windows run and it looks like It might be because installing OpenSSL on Windows is a bit trickier so I think OpenSSL 1.1.1 was only installed on the Linux agents initially. Upgrading those Linux ones to OpenSSL 3 would be great if possible. |
@fjuma I've had a look and most major distros aren't shipping OpenSSL v3 yet. On Windows I could install 1.1.1 easily enough with ansible, so if that would help in the short term, let me know. Longer term, we're about to move CI over to a new infrastructure, mostly running on CentOS Stream 8. Even here though, OpenSSL v3 isn't available widely as a package yet, and RHEL doesn't use it by default until RHEL 9, which I think is in early beta now. So I think this might take a bit more time than just installing it, I've opened https://issues.redhat.com/browse/WFCI-56 to track this. |
@luck3y Makes sense, thanks for creating the WFCI issue! Regarding Windows, if installing OpenSSL 1.1.1 is something that doesn't take a lot of effort, then that would be good to do (but there's no rush at all for this since we've only had Linux runs for these tests for a while). |
@fjuma do you plan to backport it for WildFly 26.1? |
https://issues.redhat.com/browse/WFCORE-5786
https://issues.redhat.com/browse/WFCORE-5787
Task
New Feature
Feature Request
Release
Enhancement
Release