From 10b861206cb60f6258c163f27dd47c68e8b2e101 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sat, 4 Mar 2023 12:34:59 +0800
Subject: [PATCH] pointlessly optimize our ossl custom builds (#8432)

---
 .github/workflows/build_openssl.sh | 8 ++++++++
 .github/workflows/ci.yml           | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build_openssl.sh b/.github/workflows/build_openssl.sh
index 566abae69..704e29b41 100755
--- a/.github/workflows/build_openssl.sh
+++ b/.github/workflows/build_openssl.sh
@@ -41,6 +41,8 @@ if [[ "${TYPE}" == "openssl" ]]; then
   # avoid installing the docs (for performance)
   # https://github.com/openssl/openssl/issues/6685#issuecomment-403838728
   make install_sw install_ssldirs
+  # delete binaries we don't need
+  rm -rf "${OSSL_PATH}/bin"
   # For OpenSSL 3.0.0 set up the FIPS config. This does not activate it by
   # default, but allows programmatic activation at runtime
   if [[ "${VERSION}" =~ ^3. && "${CONFIG_FLAGS}" =~ enable-fips ]]; then
@@ -61,6 +63,10 @@ elif [[ "${TYPE}" == "libressl" ]]; then
   ./config -Wl -Wl,-Bsymbolic-functions -fPIC shared --prefix="${OSSL_PATH}"
   shlib_sed
   make -j"$(nproc)" install
+  # delete binaries, libtls, and docs we don't need. can't skip install/compile sadly
+  rm -rf "${OSSL_PATH}/bin"
+  rm -rf "${OSSL_PATH}/share"
+  rm -rf "${OSSL_PATH}/lib/libtls*"
   popd
 elif [[ "${TYPE}" == "boringssl" ]]; then
   git clone https://boringssl.googlesource.com/boringssl
@@ -72,6 +78,8 @@ elif [[ "${TYPE}" == "boringssl" ]]; then
   cmake .. -DCMAKE_POSITION_INDEPENDENT_CODE=ON -DRUST_BINDINGS="$(rustc -V --verbose | grep 'host: ' | sed 's/host: //')" -DCMAKE_INSTALL_PREFIX="${OSSL_PATH}"
   make -j"$(nproc)"
   make install
+  # delete binaries we don't need
+  rm -rf "${OSSL_PATH}/bin"
   popd
   popd
 fi
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index cdfb20c89..e467952ba 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -83,12 +83,12 @@ jobs:
       - name: Load OpenSSL cache
         uses: actions/cache@v3.2.6
         id: ossl-cache
-        timeout-minutes: 5
+        timeout-minutes: 2
         with:
           path: ${{ github.workspace }}/osslcache
           # When altering the openssl build process you may need to increment the value on the end of this cache key
           # so that you can prevent it from fetching the cache and skipping the build step.
-          key: ${{ matrix.PYTHON.OPENSSL.TYPE }}-${{ matrix.PYTHON.OPENSSL.VERSION }}-${{ env.CONFIG_HASH }}-6
+          key: ${{ matrix.PYTHON.OPENSSL.TYPE }}-${{ matrix.PYTHON.OPENSSL.VERSION }}-${{ env.CONFIG_HASH }}-8
         if: matrix.PYTHON.OPENSSL
       - name: Build custom OpenSSL/LibreSSL
         run: .github/workflows/build_openssl.sh