]>
Commit | Line | Data |
---|---|---|
22a2d3d5 | 1 | # Continuous integration and pull request validation builds for the |
c25aa7cd | 2 | # main and maintenance branches. |
22a2d3d5 UG |
3 | name: CI Build |
4 | ||
5 | on: | |
6 | push: | |
c25aa7cd | 7 | branches: [ main, maint/* ] |
22a2d3d5 | 8 | pull_request: |
c25aa7cd PP |
9 | branches: [ main, maint/* ] |
10 | workflow_dispatch: | |
22a2d3d5 UG |
11 | |
12 | env: | |
ad5611d8 | 13 | docker-registry: ghcr.io |
c25aa7cd | 14 | docker-config-path: source/ci/docker |
22a2d3d5 UG |
15 | |
16 | jobs: | |
17 | # Build the docker container images that we will use for our Linux | |
18 | # builds. This will identify the last commit to the repository that | |
19 | # updated the docker images, and try to download the image tagged with | |
20 | # that sha. If it does not exist, we'll do a docker build and push | |
21 | # the image up to GitHub Packages for the actual CI/CD runs. We tag | |
22 | # with both the sha and "latest" so that the subsequent runs need not | |
23 | # know the sha. Only do this on CI builds (when the event is a "push") | |
24 | # because PR builds from forks lack permission to write packages. | |
e579e0f7 | 25 | containers: |
22a2d3d5 UG |
26 | strategy: |
27 | matrix: | |
28 | container: | |
c25aa7cd PP |
29 | - name: xenial |
30 | - name: bionic | |
31 | - name: focal | |
32 | - name: docurium | |
33 | - name: bionic-x86 | |
34 | dockerfile: bionic | |
35 | base: multiarch/ubuntu-core:x86-bionic | |
36 | qemu: true | |
37 | - name: bionic-arm32 | |
38 | dockerfile: bionic | |
39 | base: multiarch/ubuntu-core:armhf-bionic | |
40 | qemu: true | |
41 | - name: bionic-arm64 | |
42 | dockerfile: bionic | |
43 | base: multiarch/ubuntu-core:arm64-bionic | |
44 | qemu: true | |
45 | - name: centos7 | |
46 | - name: centos8 | |
22a2d3d5 | 47 | runs-on: ubuntu-latest |
e579e0f7 | 48 | name: "Create container: ${{ matrix.container.name }}" |
22a2d3d5 UG |
49 | steps: |
50 | - name: Check out repository | |
51 | uses: actions/checkout@v2 | |
52 | with: | |
c25aa7cd | 53 | path: source |
22a2d3d5 | 54 | fetch-depth: 0 |
c25aa7cd PP |
55 | if: github.event_name != 'pull_request' |
56 | - name: Setup QEMU | |
57 | run: docker run --rm --privileged multiarch/qemu-user-static:register --reset | |
58 | if: matrix.container.qemu == true | |
22a2d3d5 | 59 | - name: Download existing container |
c25aa7cd PP |
60 | run: | |
61 | "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}" | |
22a2d3d5 UG |
62 | env: |
63 | DOCKER_REGISTRY: ${{ env.docker-registry }} | |
64 | GITHUB_TOKEN: ${{ secrets.github_token }} | |
c25aa7cd PP |
65 | working-directory: ${{ env.docker-config-path }} |
66 | if: github.event_name != 'pull_request' | |
22a2d3d5 UG |
67 | - name: Build and publish image |
68 | run: | | |
c25aa7cd PP |
69 | if [ "${{ matrix.container.base }}" != "" ]; then |
70 | BASE_ARG="--build-arg BASE=${{ matrix.container.base }}" | |
71 | fi | |
ad5611d8 | 72 | docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} . |
c25aa7cd | 73 | docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }} |
22a2d3d5 | 74 | docker push ${{ env.docker-registry-container-sha }} |
c25aa7cd | 75 | docker push ${{ env.docker-registry-container-latest }} |
22a2d3d5 | 76 | working-directory: ${{ env.docker-config-path }} |
c25aa7cd | 77 | if: github.event_name != 'pull_request' && env.docker-container-exists != 'true' |
22a2d3d5 UG |
78 | |
79 | # Run our CI/CD builds. We build a matrix with the various build targets | |
80 | # and their details. Then we build either in a docker container (Linux) | |
81 | # or on the actual hosts (macOS, Windows). | |
82 | build: | |
e579e0f7 | 83 | needs: [ containers ] |
22a2d3d5 UG |
84 | strategy: |
85 | matrix: | |
86 | platform: | |
e579e0f7 | 87 | - name: "Linux (Xenial, GCC, OpenSSL)" |
ad5611d8 | 88 | id: xenial-gcc-openssl |
c25aa7cd PP |
89 | container: |
90 | name: xenial | |
22a2d3d5 UG |
91 | env: |
92 | CC: gcc | |
93 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 94 | CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON |
22a2d3d5 | 95 | os: ubuntu-latest |
e579e0f7 | 96 | - name: Linux (Xenial, GCC, mbedTLS) |
ad5611d8 | 97 | id: xenial-gcc-mbedtls |
c25aa7cd PP |
98 | container: |
99 | name: xenial | |
22a2d3d5 UG |
100 | env: |
101 | CC: gcc | |
102 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 103 | CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 | 104 | os: ubuntu-latest |
e579e0f7 | 105 | - name: "Linux (Xenial, Clang, OpenSSL)" |
ad5611d8 | 106 | id: xenial-clang-openssl |
c25aa7cd PP |
107 | container: |
108 | name: xenial | |
22a2d3d5 UG |
109 | env: |
110 | CC: clang | |
111 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 112 | CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 | 113 | os: ubuntu-latest |
e579e0f7 | 114 | - name: "Linux (Xenial, Clang, mbedTLS)" |
ad5611d8 | 115 | id: xenial-clang-mbedtls |
c25aa7cd PP |
116 | container: |
117 | name: xenial | |
22a2d3d5 UG |
118 | env: |
119 | CC: clang | |
e579e0f7 | 120 | CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 UG |
121 | CMAKE_GENERATOR: Ninja |
122 | os: ubuntu-latest | |
e579e0f7 | 123 | - name: "Linux (MemorySanitizer)" |
ad5611d8 | 124 | id: memorysanitizer |
c25aa7cd PP |
125 | container: |
126 | name: focal | |
22a2d3d5 UG |
127 | env: |
128 | CC: clang-10 | |
129 | CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 130 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
22a2d3d5 UG |
131 | CMAKE_GENERATOR: Ninja |
132 | SKIP_SSH_TESTS: true | |
133 | SKIP_NEGOTIATE_TESTS: true | |
134 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
c25aa7cd | 135 | UBSAN_OPTIONS: print_stacktrace=1 |
22a2d3d5 | 136 | os: ubuntu-latest |
e579e0f7 | 137 | - name: "Linux (UndefinedBehaviorSanitizer)" |
ad5611d8 | 138 | id: ubsanitizer |
c25aa7cd PP |
139 | container: |
140 | name: focal | |
22a2d3d5 UG |
141 | env: |
142 | CC: clang-10 | |
143 | CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 144 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
22a2d3d5 UG |
145 | CMAKE_GENERATOR: Ninja |
146 | SKIP_SSH_TESTS: true | |
147 | SKIP_NEGOTIATE_TESTS: true | |
148 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
c25aa7cd PP |
149 | UBSAN_OPTIONS: print_stacktrace=1 |
150 | os: ubuntu-latest | |
e579e0f7 | 151 | - name: "Linux (ThreadSanitizer)" |
ad5611d8 | 152 | id: threadsanitizer |
c25aa7cd PP |
153 | container: |
154 | name: focal | |
155 | env: | |
156 | CC: clang-10 | |
157 | CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 158 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
c25aa7cd PP |
159 | CMAKE_GENERATOR: Ninja |
160 | SKIP_SSH_TESTS: true | |
161 | SKIP_NEGOTIATE_TESTS: true | |
162 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
163 | UBSAN_OPTIONS: print_stacktrace=1 | |
164 | TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1 | |
22a2d3d5 | 165 | os: ubuntu-latest |
e579e0f7 | 166 | - name: "macOS" |
ad5611d8 | 167 | id: macos |
22a2d3d5 UG |
168 | os: macos-10.15 |
169 | env: | |
170 | CC: clang | |
171 | CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON | |
22a2d3d5 UG |
172 | PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig |
173 | SKIP_SSH_TESTS: true | |
174 | SKIP_NEGOTIATE_TESTS: true | |
175 | setup-script: osx | |
e579e0f7 | 176 | - name: "Windows (amd64, Visual Studio)" |
ad5611d8 | 177 | id: windows-amd64-vs |
22a2d3d5 UG |
178 | os: windows-2019 |
179 | env: | |
180 | ARCH: amd64 | |
181 | CMAKE_GENERATOR: Visual Studio 16 2019 | |
c25aa7cd | 182 | CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON |
22a2d3d5 UG |
183 | SKIP_SSH_TESTS: true |
184 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 185 | - name: "Windows (x86, Visual Studio)" |
ad5611d8 | 186 | id: windows-x86-vs |
22a2d3d5 UG |
187 | os: windows-2019 |
188 | env: | |
189 | ARCH: x86 | |
190 | CMAKE_GENERATOR: Visual Studio 16 2019 | |
c25aa7cd | 191 | CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON |
22a2d3d5 UG |
192 | SKIP_SSH_TESTS: true |
193 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 194 | - name: "Windows (amd64, mingw)" |
ad5611d8 | 195 | id: windows-amd64-mingw |
22a2d3d5 UG |
196 | os: windows-2019 |
197 | setup-script: mingw | |
198 | env: | |
199 | ARCH: amd64 | |
200 | CMAKE_GENERATOR: MinGW Makefiles | |
201 | CMAKE_OPTIONS: -DDEPRECATE_HARD=ON | |
202 | BUILD_TEMP: D:\Temp | |
203 | BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin | |
204 | SKIP_SSH_TESTS: true | |
205 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 206 | - name: "Windows (x86, mingw)" |
ad5611d8 | 207 | id: windows-x86-mingw |
22a2d3d5 UG |
208 | os: windows-2019 |
209 | setup-script: mingw | |
210 | env: | |
211 | ARCH: x86 | |
212 | CMAKE_GENERATOR: MinGW Makefiles | |
213 | CMAKE_OPTIONS: -DDEPRECATE_HARD=ON | |
214 | BUILD_TEMP: D:\Temp | |
215 | BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin | |
216 | SKIP_SSH_TESTS: true | |
217 | SKIP_NEGOTIATE_TESTS: true | |
218 | fail-fast: false | |
219 | env: ${{ matrix.platform.env }} | |
220 | runs-on: ${{ matrix.platform.os }} | |
e579e0f7 | 221 | name: "Build: ${{ matrix.platform.name }}" |
22a2d3d5 UG |
222 | steps: |
223 | - name: Check out repository | |
224 | uses: actions/checkout@v2 | |
225 | with: | |
c25aa7cd | 226 | path: source |
22a2d3d5 UG |
227 | fetch-depth: 0 |
228 | - name: Set up build environment | |
ad5611d8 | 229 | run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh |
22a2d3d5 UG |
230 | shell: bash |
231 | if: matrix.platform.setup-script != '' | |
c25aa7cd PP |
232 | - name: Setup QEMU |
233 | run: docker run --rm --privileged multiarch/qemu-user-static:register --reset | |
234 | if: matrix.platform.container.qemu == true | |
22a2d3d5 | 235 | - name: Download container |
c25aa7cd PP |
236 | run: | |
237 | "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}" | |
22a2d3d5 UG |
238 | env: |
239 | DOCKER_REGISTRY: ${{ env.docker-registry }} | |
240 | GITHUB_TOKEN: ${{ secrets.github_token }} | |
c25aa7cd PP |
241 | working-directory: ${{ env.docker-config-path }} |
242 | if: matrix.platform.container.name != '' | |
22a2d3d5 | 243 | - name: Create container |
ad5611d8 TR |
244 | run: | |
245 | if [ "${{ matrix.container.base }}" != "" ]; then | |
246 | BASE_ARG="--build-arg BASE=${{ matrix.container.base }}" | |
247 | fi | |
248 | docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} . | |
22a2d3d5 | 249 | working-directory: ${{ env.docker-config-path }} |
c25aa7cd | 250 | if: matrix.platform.container.name != '' && env.docker-container-exists != 'true' |
22a2d3d5 UG |
251 | - name: Build and test |
252 | run: | | |
253 | export GITTEST_NEGOTIATE_PASSWORD="${{ secrets.GITTEST_NEGOTIATE_PASSWORD }}" | |
254 | ||
c25aa7cd | 255 | if [ -n "${{ matrix.platform.container.name }}" ]; then |
ad5611d8 | 256 | mkdir build |
22a2d3d5 UG |
257 | docker run \ |
258 | --rm \ | |
ad5611d8 | 259 | --user "$(id -u):$(id -g)" \ |
c25aa7cd | 260 | -v "$(pwd)/source:/home/libgit2/source" \ |
ad5611d8 | 261 | -v "$(pwd)/build:/home/libgit2/build" \ |
c25aa7cd | 262 | -w /home/libgit2 \ |
22a2d3d5 UG |
263 | -e ASAN_SYMBOLIZER_PATH \ |
264 | -e CC \ | |
265 | -e CFLAGS \ | |
266 | -e CMAKE_GENERATOR \ | |
267 | -e CMAKE_OPTIONS \ | |
268 | -e GITTEST_NEGOTIATE_PASSWORD \ | |
ad5611d8 | 269 | -e GITTEST_FLAKY_STAT \ |
22a2d3d5 UG |
270 | -e PKG_CONFIG_PATH \ |
271 | -e SKIP_NEGOTIATE_TESTS \ | |
272 | -e SKIP_SSH_TESTS \ | |
c25aa7cd PP |
273 | -e TSAN_OPTIONS \ |
274 | -e UBSAN_OPTIONS \ | |
22a2d3d5 | 275 | ${{ env.docker-registry-container-sha }} \ |
ad5611d8 | 276 | /bin/bash -c "cd build && ../source/ci/build.sh && ../source/ci/test.sh" |
22a2d3d5 | 277 | else |
ad5611d8 TR |
278 | mkdir build |
279 | cd build | |
c25aa7cd PP |
280 | ../source/ci/build.sh |
281 | ../source/ci/test.sh | |
22a2d3d5 UG |
282 | fi |
283 | shell: bash | |
ad5611d8 TR |
284 | - name: Upload test results |
285 | uses: actions/upload-artifact@v3 | |
286 | if: success() || failure() | |
287 | with: | |
288 | name: test-results-${{ matrix.platform.id }} | |
289 | path: build/results_*.xml | |
290 | ||
291 | test_results: | |
292 | name: Test results | |
293 | needs: [ build ] | |
294 | runs-on: ubuntu-latest | |
295 | steps: | |
296 | - name: Download test results | |
297 | uses: actions/download-artifact@v3 | |
298 | - name: Generate test summary | |
299 | uses: test-summary/action@v1 | |
300 | with: | |
301 | paths: 'test-results-*/*.xml' | |
302 | ||
22a2d3d5 UG |
303 | |
304 | # Generate documentation using docurium. We'll upload the documentation | |
305 | # as a build artifact so that it can be reviewed as part of a pull | |
306 | # request or in a forked build. For CI builds in the main repository's | |
c25aa7cd | 307 | # main branch, we'll push the gh-pages branch back up so that it is |
22a2d3d5 UG |
308 | # published to our documentation site. |
309 | documentation: | |
310 | name: Generate documentation | |
e579e0f7 | 311 | needs: [ containers ] |
ad5611d8 | 312 | if: success() || failure() |
22a2d3d5 UG |
313 | runs-on: ubuntu-latest |
314 | steps: | |
315 | - name: Check out repository | |
316 | uses: actions/checkout@v2 | |
317 | with: | |
c25aa7cd | 318 | path: source |
22a2d3d5 UG |
319 | fetch-depth: 0 |
320 | - name: Generate documentation | |
c25aa7cd | 321 | working-directory: source |
22a2d3d5 UG |
322 | run: | |
323 | git config user.name 'Documentation Generation' | |
324 | git config user.email 'libgit2@users.noreply.github.com' | |
325 | git branch gh-pages origin/gh-pages | |
326 | docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }} | |
327 | docker run \ | |
328 | --rm \ | |
c25aa7cd PP |
329 | -v "$(pwd):/home/libgit2" \ |
330 | -w /home/libgit2 \ | |
22a2d3d5 UG |
331 | ${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \ |
332 | cm doc api.docurium | |
333 | git checkout gh-pages | |
334 | zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip . | |
335 | - uses: actions/upload-artifact@v2 | |
336 | name: Upload artifact | |
337 | with: | |
338 | name: api-documentation | |
c25aa7cd | 339 | path: source/api-documentation.zip |
22a2d3d5 | 340 | - name: Push documentation branch |
c25aa7cd | 341 | working-directory: source |
22a2d3d5 | 342 | run: git push origin gh-pages |
e579e0f7 | 343 | if: github.event_name == 'push' && github.repository == 'libgit2/libgit2' |