ruby icon indicating copy to clipboard operation
ruby copied to clipboard
verified publisher icon ruby

mingw.yml - fixup to use ucrt, logging

Open MSP-Greg opened this issue 1 year ago • 2 comments

The mingw.yml workflow uses setup-ruby to configure/install build tools, packages and the 'baseruby'.

setup-ruby is designed to work with most CI, where the tools & packages match the selected Ruby version. Currently, the workflow's selected Ruby version is 3.0.

The publicly available Ruby 3.0 is a mingw Ruby that uses OpenSSL 1.1.1. Since we want the head CI to use ucrt tools and packages, and also use OpenSSL 3.3.x, use Ruby 3.2 for the selected/base Ruby.

Additionally, there were two 'informational' steps, combine those into one, and add info as to the current packages installed.

setup-ruby could allow an input to specify the build type and OpenSSL version (defaulting to what the specified Ruby version uses), but there aren't a lot of use cases...

MSP-Greg avatar Jun 18 '24 22:06 MSP-Greg

Like to clarify one thing. In the mingw.yml CI, setup-ruby runs in the 'Set up Ruby & MSYS2' step.

Currently, the following appears in the step log, which indicates MINGW64 tools/packages are installed, along with OpenSSL 1.1.1:

Downloading mingw64 build tools Extracting mingw64 build tools

In the CI after this PR the following appears in the step log, which indicates that UCRT64 tools/packages are installed, along with OpenSSL 3.x:

Downloading ucrt64-3.0 build tools Extracting ucrt64-3.0 build tools

MSP-Greg avatar Jun 24 '24 21:06 MSP-Greg

@nobu @hsbt

A long time ago I decided that if all Ruby Windows CI (not just ruby/ruby, but other repos or gems also) was implementing handling of build tools/packages, it would waste a lot of free resources, and also possibly take longer.

So, it was decided to create archive files several times a day and build that into setup-ruby. The archive files contain the current MSYS2 packages. There have been occasional issues, but otherwise it’s been working well for several years.

The mingw.yml workflow currently makes use of these via setup-ruby, and they contain the most recent tools and packages.

Since both MSYS2 and MSFT/vcpkg are rolling releases, problems may arise, especially with Ruby stable branches. For example, suppose MSYS2’s current OpenSSL packages was 3.2.1. They then move to OpenSSL 3.3.0. Then a CVE issue arises in 3.2.1, and OpenSSL releases 3.2.2. With a rolling release, 3.2.2 will never be added by MSYS2, as the ‘rolling release’ is already on 3.3.0.

So, I’m not sure what the best way to handle stable Ruby branches is.

If you want to handle MSYS2 separate fromsetup-ruby, please close this PR.

MSP-Greg avatar Jun 27 '24 18:06 MSP-Greg