Add dependency check for OpenSSL 3.0
Overview
When we allowed OpenSSL 3 build testing with Allow OpenSSL 3.2.1 builds (!7416 - merged) • Balasankar 'Balu' C • 16.10 , it broke the dependency check job as seen in [CI] Pipeline failure on `master` failed for co... (#8455 - closed) • Robert Marshall • 16.10
To fix that broken pipeline, a quick patch with Check correct file for openssl deps updates (!7483 - merged) • Balasankar 'Balu' C, Robert Marshall+ • 16.10 only restored OpenSSL 1.0 dependency checks.
We need to identify the path forward for OpenSSL 3.0 dependency checks before we can ship it.
Context
The check was not added with the emergency patch because there are several complications.
- The tag format changed for OpenSSL 3.0 releases
- Decision: group updates into one merge request like chef or break into two updates.
- When do we want to add the dependency check since OpenSSL 3.0 is not yet shipped with GitLab.
- Do we convert to RenovateBot for the new dependency check?
Deliverables
- Identify when the dependency check needs to start.
- Identify the mechanism - deps.io or RenovateBot.
- Implement the dependency check for OpenSSL 3.0