Skip to content

Commit

Permalink
tools: automate ngtcp2 and nghttp3 update
Browse files Browse the repository at this point in the history
PR-URL: #47402
Refs: nodejs/security-wg#828
Reviewed-By: Paolo Insogna <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Mohammed Keyvanzadeh <[email protected]>
Reviewed-By: Trivikram Kamat <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
  • Loading branch information
marco-ippolito authored Apr 12, 2023
1 parent 56ccd59 commit 6dcbf8b
Show file tree
Hide file tree
Showing 4 changed files with 218 additions and 0 deletions.
16 changes: 16 additions & 0 deletions .github/workflows/tools.yml
Original file line number Diff line number Diff line change
Expand Up @@ -174,6 +174,22 @@ jobs:
cat temp-output
tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
rm temp-output
- id: ngtcp2
subsystem: deps
label: dependencies
run: |
./tools/dep_updaters/update-ngtcp2.sh > temp-output
cat temp-output
tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
rm temp-output
- id: nghttp3
subsystem: deps
label: dependencies
run: |
./tools/dep_updaters/update-nghttp3.sh > temp-output
cat temp-output
tail -n1 temp-output | grep "NEW_VERSION=" >> "$GITHUB_ENV" || true
rm temp-output
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with:
Expand Down
62 changes: 62 additions & 0 deletions doc/contributing/maintaining-ngtpc2.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
# ngtcp2 and nghttp3

The ngtcp2 and nghttp3 dependencies provide the core functionality for
QUIC and HTTP/3.

The sources are pulled from:

* ngtcp2: <https://github.com/ngtcp2/ngtcp2>
* nghttp3: <https://github.com/ngtcp2/nghttp3>

In both the `ngtcp2` and `nghttp3` git repos, the active development occurs
in the default branch (currently named `main` in each). Tagged versions do not
always point to the default branch.

We only use a subset of the sources for each.

## Updating

The `nghttp3` library depends on `ngtcp2`. Both should always be updated
together. From `ngtcp2` we only want the contents of the `lib` and `crypto`
directories; from `nghttp3` we only want the contents of the `lib` directory.

After updating either dependency, check if any source files or include
directories have been added or removed and update `ngtcp2.gyp` accordingly.

### Updating ngtcp2

The `tools/dep_updaters/update-ngtcp2.sh` script automates the update of the
ngtcp2 source files.

Check that Node.js still builds and tests.

1. Add ngtcp2:
```console
$ git add deps/ngtcp2
```
2. Commit the changes: `git commit`.
3. Add a message like:
```text
deps: update ngtcp2 to <version>

Updated as described in doc/contributing/maintaining-ngtcp2.md.
```

### Updating nghttp3

The `tools/dep_updaters/update-nghttp3.sh` script automates the update of the
nghttp3 source files.

Check that Node.js still builds and tests.

1. Add nghttp3:
```console
$ git add deps/ngtcp2
```
2. Commit the changes: `git commit`.
3. Add a message like:
```text
deps: update nghttp3 to <version>

Updated as described in doc/contributing/maintaining-ngtcp2.md.
```
67 changes: 67 additions & 0 deletions tools/dep_updaters/update-nghttp3.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
#!/bin/sh
set -e
# Shell script to update nghttp3 in the source tree to a specific version

This comment has been minimized.

Copy link
@danielasmelash

danielasmelash Apr 12, 2023

  • $NODE= throw a new error

This comment has been minimized.

Copy link
@Trott

Trott Apr 13, 2023

Member

User blocked.

BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
DEPS_DIR="$BASE_DIR/deps"
[ -z "$NODE" ] && NODE="$BASE_DIR/out/Release/node"
[ -x "$NODE" ] || NODE=$(command -v node)

NEW_VERSION="$("$NODE" --input-type=module <<'EOF'
const res = await fetch('https://api.github.com/repos/ngtcp2/nghttp3/releases');
if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res });
const releases = await res.json()
const { tag_name } = releases.at(0);
console.log(tag_name.replace('v', ''));
EOF
)"

NGHTTP3_VERSION_H="$DEPS_DIR/ngtcp2/nghttp3/lib/includes/nghttp3/version.h"

CURRENT_VERSION=$(grep "#define NGHTTP3_VERSION" "$NGHTTP3_VERSION_H" | sed -n "s/^.*VERSION \"\(.*\)\"/\1/p")

if [ "$NEW_VERSION" = "$CURRENT_VERSION" ]; then
echo "Skipped because http3 is on the latest version."
exit 0
fi

WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp')

cleanup () {
EXIT_CODE=$?
[ -d "$WORKSPACE" ] && rm -rf "$WORKSPACE"
exit $EXIT_CODE
}

trap cleanup INT TERM EXIT

NGHTTP3_REF="v$NEW_VERSION"
NGHTTP3_ZIP="nghttp3-$NEW_VERSION"

cd "$WORKSPACE"

echo "Fetching nghttp3 source archive..."
curl -sL -o "$NGHTTP3_ZIP.zip" "https://github.com/ngtcp2/nghttp3/archive/refs/tags/$NGHTTP3_REF.zip"
unzip "$NGHTTP3_ZIP.zip"
rm "$NGHTTP3_ZIP.zip"
mv "$NGHTTP3_ZIP" nghttp3

cd nghttp3

autoreconf -i

./configure --prefix="$PWD/build" --enable-lib-only

cp -R lib/* "$DEPS_DIR/ngtcp2/nghttp3/lib/"

echo "All done!"
echo ""
echo "Please git add nghttp3, commit the new version:"
echo ""
echo "$ git add -A deps/nghttp3"
echo "$ git commit -m \"deps: update nghttp3 to $NEW_VERSION\""
echo ""

# The last line of the script should always print the new version,
# as we need to add it to $GITHUB_ENV variable.
echo "NEW_VERSION=$NEW_VERSION"
73 changes: 73 additions & 0 deletions tools/dep_updaters/update-ngtcp2.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
#!/bin/sh
set -e
# Shell script to update ngtcp2 in the source tree to a specific version

BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
DEPS_DIR="$BASE_DIR/deps"
[ -z "$NODE" ] && NODE="$BASE_DIR/out/Release/node"
[ -x "$NODE" ] || NODE=$(command -v node)

NEW_VERSION="$("$NODE" --input-type=module <<'EOF'
const res = await fetch('https://api.github.com/repos/ngtcp2/ngtcp2/releases');
if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res });
const releases = await res.json()
const { tag_name } = releases.at(0);
console.log(tag_name.replace('v', ''));
EOF
)"

NGTCP2_VERSION_H="$DEPS_DIR/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h"

CURRENT_VERSION=$(grep "#define NGTCP2_VERSION" "$NGTCP2_VERSION_H" | sed -n "s/^.*VERSION \"\(.*\)\"/\1/p")

if [ "$NEW_VERSION" = "$CURRENT_VERSION" ]; then
echo "Skipped because ngtcp2 is on the latest version."
exit 0
fi

WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp')

cleanup () {
EXIT_CODE=$?
[ -d "$WORKSPACE" ] && rm -rf "$WORKSPACE"
exit $EXIT_CODE
}

trap cleanup INT TERM EXIT

NGTCP2_REF="v$NEW_VERSION"
NGTCP2_ZIP="ngtcp2-$NEW_VERSION"

cd "$WORKSPACE"

echo "Fetching ngtcp2 source archive..."
curl -sL -o "$NGTCP2_ZIP.zip" "https://github.com/ngtcp2/ngtcp2/archive/refs/tags/$NGTCP2_REF.zip"
unzip "$NGTCP2_ZIP.zip"
rm "$NGTCP2_ZIP.zip"
mv "$NGTCP2_ZIP" ngtcp2

cd ngtcp2

autoreconf -i

# For Mac users who have installed libev with MacPorts, append
# ',-L/opt/local/lib' to LDFLAGS, and also pass
# CPPFLAGS="-I/opt/local/include" to ./configure.

./configure --prefix="$PWD/build" --enable-lib-only

cp -R lib/* "$DEPS_DIR/ngtcp2/ngtcp2/lib/"

cp -R crypto/* "$DEPS_DIR/ngtcp2/ngtcp2/crypto/"

echo "All done!"
echo ""
echo "Please git add ngtcp2, commit the new version:"
echo ""
echo "$ git add -A deps/ngtcp2"
echo "$ git commit -m \"deps: update ngtcp2 to $NEW_VERSION\""
echo ""

# The last line of the script should always print the new version,
# as we need to add it to $GITHUB_ENV variable.
echo "NEW_VERSION=$NEW_VERSION"

0 comments on commit 6dcbf8b

Please sign in to comment.