Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strongswan: 5.9.14 -> 6.0.0 #362302

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

strongswan: 5.9.14 -> 6.0.0 #362302

wants to merge 1 commit into from
+164 −84

Conversation

NickCao
Copy link
Member

@NickCao NickCao commented Dec 6, 2024

Things done

  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandboxing enabled in nix.conf? (See Nix manual)
    • sandbox = relaxed
    • sandbox = true
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 25.05 Release Notes (or backporting 24.11 and 25.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

Add a 👍 reaction to pull requests you find important.

@NickCao
Copy link
Member Author

NickCao commented Dec 6, 2024

Replaces #361767 #361768 #361769

@github-actions github-actions bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 1-10 10.rebuild-darwin: 1-10 and removed 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin labels Dec 6, 2024
@github-actions github-actions bot added 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Dec 6, 2024
@ofborg ofborg bot added 8.has: package (new) This PR adds a new package 11.by: package-maintainer This PR was created by the maintainer of the package it changes 10.rebuild-darwin: 1 10.rebuild-linux: 1 and removed 10.rebuild-darwin: 1 10.rebuild-linux: 1 labels Dec 6, 2024
@johanot
Copy link
Contributor

johanot commented Jan 3, 2025

@NickCao at first glance, LGTM. But I have two suggestions:

  1. Rename the current strongswan package to strongswan_5 or strongswan_5_9 and make "strongswan" a meta-package pointing to v5.9 (for now).
  2. Parameterize the existing NixOS test for strongswan-swanctl to run tests for both 5.9 and 6.0

re 2) I tried manually hacking the current test-case to use strongswan_6 and it passes. So I believe it's just a matter of making actual support for package arg in the test.

@johanot johanot mentioned this pull request Jan 4, 2025
Open
13 tasks
@NickCao
Copy link
Member Author

NickCao commented Jan 11, 2025

Let's do this in steps, first part: #372967

@github-actions github-actions bot removed 6.topic: nixos Issues or PRs affecting NixOS modules, or package usability issues specific to NixOS 8.has: module (update) This PR changes an existing module in `nixos/` labels Jan 12, 2025
@NickCao
Copy link
Member Author

NickCao commented Jan 12, 2025

@johanot After weeks of use I feel strongswan 6 is mostly backwards compatible with strongswan 5, maybe there isn't that much a need to keep strongswan 5 around?

@johanot
Copy link
Contributor

johanot commented Jan 12, 2025

Tbh I haven't really tried Strongswan 6 (yet) myself, which is partially why I wanted to improve the tests covering it (#370840). The code LGTM, I'd just like to be able to run the tests for all versions of the package (if we end up with more than one).

As for whether to drop 5.9: I don't know the lifecycle of strongswan. Is 5.9 EOL soon? Or is 5.9 supported long-term side by side with 6.0? In the former case, I would just go "strongswan: 5.9 -> 6.0". In the latter case, we might do nixpkgs a favor of keeping both versions around.

I promise to read up on the release cycle later, unless someone beats me to it here.

@NickCao
Copy link
Member Author

NickCao commented Jan 12, 2025

As for whether to drop 5.9: I don't know the lifecycle of strongswan. Is 5.9 EOL soon? Or is 5.9 supported long-term side by side with 6.0?

I don't see the lifecycle/policy posted anywhere, let's just ask: strongswan/strongswan#2614

@NickCao
Copy link
Member Author

NickCao commented Jan 13, 2025

Update: the answer is no.

@NickCao NickCao changed the title strongswan_6: init at 6.0.0 strongswan: 5.9.14 -> 6.0.0 Jan 13, 2025
@definfo
Copy link
Contributor

definfo commented Jan 27, 2025
edited
Loading

I noticed that strongswan 5.x in nixpkgs does not enable EAP-PEAP. Should we add this flag before bringing it to v6 ?

@NickCao
Copy link
Member Author

NickCao commented Jan 27, 2025

PEAP

Already enabled in this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
8.has: package (new) This PR adds a new package 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10 11.by: package-maintainer This PR was created by the maintainer of the package it changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@NickCao @johanot @definfo