Skip to content

[COVPN-65] Make wolfssl as Lightway's cargo dependency #328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kp-shawn-thiah wants to merge 10 commits into
base: main
Choose a base branch
from
Open

[COVPN-65] Make wolfssl as Lightway's cargo dependency #328

kp-shawn-thiah wants to merge 10 commits into from
+75 −11

Conversation

@kp-shawn-thiah
Copy link

@kp-shawn-thiah kp-shawn-thiah commented Jan 19, 2026
edited
Loading

Since we are trying to use cargo dependency, we need to make sure that all new changes to wolfssl will be released into crates.io, then we won't need to use it as a git dependency to get the latest changes.

We can enforce updating of the version inside *.toml by blocking the CI if either wolfssl or wolfssl-sys does not have a version bump.

We can also add a bypass the release CI by adding label on the PR like skip-release, and it will not release into crates.io.

@kp-shawn-thiah kp-shawn-thiah requested a review from a team as a code owner January 19, 2026 08:21
@CLAassistant
Copy link

CLAassistant commented Jan 19, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions
Copy link

github-actions bot commented Jan 19, 2026
edited
Loading

Code coverage summary for f1335fe:

Filename                             Regions    Missed Regions     Cover   Functions  Missed Functions  Executed       Lines      Missed Lines     Cover    Branches   Missed Branches     Cover
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
wolfssl-sys/src/lib.rs                    25                 0   100.00%           2                 0   100.00%          13                 0   100.00%           0                 0         -
wolfssl/src/aes256.rs                    166                 8    95.18%          11                 0   100.00%         124                 4    96.77%           0                 0         -
wolfssl/src/chacha20_poly1305.rs          75                 2    97.33%           5                 0   100.00%          66                 2    96.97%           0                 0         -
wolfssl/src/context.rs                   401               173    56.86%          41                14    65.85%         286               110    61.54%           0                 0         -
wolfssl/src/error.rs                      45                13    71.11%           5                 1    80.00%          44                11    75.00%           0                 0         -
wolfssl/src/lib.rs                        81                15    81.48%          11                 1    90.91%          72                13    81.94%           0                 0         -
wolfssl/src/rng.rs                        72                10    86.11%           6                 0   100.00%          42                 3    92.86%           0                 0         -
wolfssl/src/ssl.rs                      1285               376    70.74%          84                25    70.24%         837               250    70.13%           0                 0         -
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TOTAL                                   2150               597    72.23%         165                41    75.15%        1484               393    73.52%           0                 0         -

✅ Region coverage 72% passes
✅ Line coverage 73% passes

@kp-shawn-thiah kp-shawn-thiah force-pushed the COVPN-65-update-release-workflow branch from cbc2ca2 to 28e4273 Compare January 20, 2026 06:38
@kp-shawn-thiah kp-shawn-thiah force-pushed the COVPN-65-update-release-workflow branch from ba912c3 to ea23d69 Compare January 20, 2026 07:04
kp-thomas-yau
kp-thomas-yau reviewed Jan 20, 2026
View reviewed changes
.github/workflows/release.yaml Outdated
Comment on lines 114 to 116
if (version_on_file != version_on_crate_io) {
console.log(`✓ ${name}: ${version_on_crate_io} → ${version_on_file}`)
bump_details.push(`${name}: ${version_on_crate_io} → ${version_on_file}`)
Copy link
Contributor

@kp-thomas-yau kp-thomas-yau Jan 20, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably also compare the 2 versions and make the version on file is actually newer than the one on crate io (instead of just checking they're different)

Copy link
Author

@kp-shawn-thiah kp-shawn-thiah Jan 20, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added more detailed checks for versions on file and crates io, it will now fail CI if the version of any of the releases is lower than crates io.

kp-weiwen-goh
kp-weiwen-goh reviewed Jan 20, 2026
View reviewed changes
README.md Outdated
1. Observe that a comment is add to the PR, indicating the current version and the upcoming version
1. Merge the PR, a new version should be released to both GitHub and Crates.io

If no version bump is present and no `ignore-release` label is set, CI will block the workflow.
Copy link
Contributor

@kp-weiwen-goh kp-weiwen-goh Jan 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should explain when we should use ignore-release. This should only be done on chore/ci PRs where there is no code change. Unless there is a good reason, we want to make a release every new change.

Copy link
Author

@kp-shawn-thiah kp-shawn-thiah Jan 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added explanation on the usage of ignore-release.

kp-shawn-thiah
kp-shawn-thiah commented Jan 20, 2026
View reviewed changes
.github/workflows/release.yaml Outdated
- uses: ./.github/actions/check-dependencies
id: check_dependencies

- name: Check semver compliance
Copy link
Author

@kp-shawn-thiah kp-shawn-thiah Jan 20, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently with this check, CIs will fail because the version published on crates io is outdated against the current code. Maybe we can comment this out first and add this back in after version on crates io has caught up.

@kp-shawn-thiah kp-shawn-thiah added ignore-release Ignore the release GitHub Action (test) and removed ignore-release Ignore the release GitHub Action (test) labels Jan 21, 2026
@github-actions
Copy link

github-actions bot commented Jan 21, 2026

🚀 Release Plan

Crate Previous version New version Release? Comment
wolfssl 3.0.0 3.0.1 ⛔ Blocked dependency on unreleased wolfssl-sys
wolfssl-sys 2.0.0 2.0.0 ❎ No release

@kp-shawn-thiah kp-shawn-thiah force-pushed the COVPN-65-update-release-workflow branch from aadca60 to 3b2d629 Compare January 21, 2026 02:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kp-thomas-yau kp-thomas-yau kp-thomas-yau left review comments

@kp-weiwen-goh kp-weiwen-goh kp-weiwen-goh left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@kp-shawn-thiah @CLAassistant @kp-thomas-yau @kp-weiwen-goh