Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update nix corretto; make it platform aware. #4043

Merged
merged 5 commits into from
Jun 14, 2023
Merged

Update nix corretto; make it platform aware. #4043

merged 5 commits into from
Jun 14, 2023

Conversation

dougch
Copy link
Contributor

@dougch dougch commented Jun 6, 2023
edited
Loading

Resolved issues:

none

Description of changes:

Add support for the linux-arm version of Amazon Corretto in nix development shells, and while we're here, bump the version from 8 to 17.

Call-outs:

We were still testing TLS1.1 in the java provider, which worked for Corretto 8, but has been disabled by default in newer jdk's.

Do we want to keep older/additional versions of corretto around for coverage reasons?

Until the nassl/sslyze install is fixed for arm, you must quote them out in nix/pyenv.nix to validate this change on arm. This change will still get tested for x86 in CI.

Testing:

How is this change tested (unit tests, fuzz tests, etc.)? locally.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label Jun 6, 2023
@dougch dougch force-pushed the devShell_corretto branch 4 times, most recently from 1f5159e to eee5c39 Compare June 6, 2023 23:48
@dougch dougch force-pushed the devShell_corretto branch from bf9539c to c3b3369 Compare June 7, 2023 21:36
@dougch dougch force-pushed the devShell_corretto branch from c3b3369 to e615a04 Compare June 7, 2023 21:45
@dougch dougch marked this pull request as ready for review June 7, 2023 22:37
@dougch dougch requested review from maddeleine and toidiu June 7, 2023 22:38
@dougch dougch requested a review from aditishri18 June 13, 2023 18:07
@toidiu
Copy link
Contributor

toidiu commented Jun 13, 2023

Are we sure no one is using old corretto and or are we dropping support for older corretto version?

@maddeleine
Copy link
Contributor

Are we sure no one is using old corretto and or are we dropping support for older corretto version?

What we're saying with this change is "the scenario where an s2n-tls endpoint negotiates with a corretto endpoint older than 17 is untested/unsupported". Which is an acceptable change since I'd rather us test with a newer corretto than an older one.

@toidiu
Copy link
Contributor

toidiu commented Jun 13, 2023

What we're saying with this change is "the scenario where an s2n-tls endpoint negotiates with a corretto endpoint older than 17 is untested/unsupported". Which is an acceptable change since I'd rather us test with a newer corretto than an older one.

Can/should we test with both old and new or are we ok dropping support for old corretto.

@dougch
Copy link
Contributor Author

dougch commented Jun 13, 2023

Can/should we test with both old and new or are we ok dropping support for old Corretto.

8 is in long term support mode, so I'm gently suggesting we leave it behind.

@dougch dougch enabled auto-merge (squash) June 14, 2023 15:43
@dougch dougch merged commit f7d65fc into aws:main Jun 14, 2023
@dougch dougch mentioned this pull request Jun 21, 2023
Closed
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aditishri18 aditishri18 aditishri18 approved these changes

@maddeleine maddeleine maddeleine approved these changes

@toidiu toidiu toidiu approved these changes

Assignees
No one assigned
Labels
s2n-core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@dougch @toidiu @maddeleine @aditishri18