search

envoyproxy / envoy-openssl

Envoy OpenSSL extensions
Apache License 2.0
47 stars 45 forks source link

setting up a proper build environment #66

Open thekief opened 1 year ago

thekief commented 1 year ago

The last few days I looked into the project and tried to build locally. I initally tried to build it on my local system but noticed that there were some problems that are probably much easier in a separate environment.

After trying a custom container and building envoyproxy/envoy-build-ubuntu referenced in the envoy documentation, I still have not succeeded in building the reverse proxy with OpenSSL support. I managed to bypass errors, such as envoyproxy/envoy-build-ubuntu not having exported the path to clang and some "missing" folders but I always end up with bssl not building.

What is the proper build environment/container for this project?

thekief commented 1 year ago

Happy new year :D

Over the last couple days I looked into the Github Actions and build a Docker Image and the build continued a bit further. I stumbled on additional problems:

Use --sandbox_debug to see verbose messages from the sandbox In file included from external/com_github_google_jwt_verify/src/verify.cc:15: In file included from external/com_github_google_jwt_verify/jwt_verify_lib/verify.h:17: external/com_github_google_jwt_verify/jwt_verifylib/jwks.h:61:5: error: use of undeclared identifier 'bssl' bssl::UniquePtr rsa; ^ external/com_github_google_jwt_verify/jwt_verify_lib/jwks.h:62:5: error: use of undeclared identifier 'bssl' bssl::UniquePtr eckey; ^ external/com_github_google_jwt_verify/jwt_verifylib/jwks.h:64:5: error: use of undeclared identifier 'bssl' bssl::UniquePtr bio; ^ external/com_github_google_jwt_verify/jwt_verifylib/jwks.h:65:5: error: use of undeclared identifier 'bssl' bssl::UniquePtr x509; ^ external/com_github_google_jwt_verify/src/verify.cc:21:10: fatal error: 'openssl/curve25519.h' file not found

include "openssl/curve25519.h"

     ^~~~~~~~~~~~~~~~~~~~~~

5 errors generated. Target //:envoy failed to build Use --verbose_failures to see the command lines of failed build steps. INFO: Elapsed time: 2.152s, Critical Path: 1.88s INFO: 24 processes: 22 internal, 2 processwrapper-sandbox. FAILED: Build did NOT complete successfully



Before installing any additional dependencies I was wondering, which version of BoringSSL to install. Is something linked in one of the submodules? Should I just grab the version from Google?
thekief commented 1 year ago

After some time I finally got back to this and I am still stuck building the project in a local build environment.

Similar to #53 I also would ask you to provide some more details on the building process, as the readme does not properly build. I tried to follow the steps specified in the Github workflow files but it still fails.

Right now I got following issue, when trying to build the image in a local Debian/Ubuntu container:

n file included from /build/bssl-compat/source/cipher.c:1:
In file included from /build/bssl-compat/include/openssl/cipher.h:60:
/build/bssl-compat/include/openssl/base.h:83:10: fatal error: 'ossl/openssl/types.h' file not found
#include <ossl/openssl/types.h>
         ^~~~~~~~~~~~~~~~~~~~~~
In file included from /build/bssl-compat/source/digest.c:1:
In file included from /build/bssl-compat/include/openssl/digest.h:60:
/build/bssl-compat/include/openssl/base.h:83:10: fatal error: 'ossl/openssl/types.h' file not found
#include <ossl/openssl/types.h>
         ^~~~~~~~~~~~~~~~~~~~~~
In file included from /build/bssl-compat/source/crypto.c:1:
In file included from /build/bssl-compat/include/openssl/crypto.h:18:
/build/bssl-compat/include/openssl/base.h:83:10: fatal error: 'ossl/openssl/types.h' file not found
#include <ossl/openssl/types.h>

Any tips and hints would be appreciated.