[libgit2.git] / .github / workflows / main.yml

# Continuous integration and pull request validation builds for the
# main and maintenance branches.
name: CI Build

on:
  push:
    branches: [ main, maint/* ]
  pull_request:
    branches: [ main, maint/* ]
  workflow_dispatch:

env:
  docker-registry: ghcr.io
  docker-config-path: source/ci/docker

jobs:
  # Build the docker container images that we will use for our Linux
  # builds.  This will identify the last commit to the repository that
  # updated the docker images, and try to download the image tagged with
  # that sha.  If it does not exist, we'll do a docker build and push
  # the image up to GitHub Packages for the actual CI/CD runs.  We tag
  # with both the sha and "latest" so that the subsequent runs need not
  # know the sha.  Only do this on CI builds (when the event is a "push")
  # because PR builds from forks lack permission to write packages.
  containers:
    strategy:
      matrix:
        container:
        - name: xenial
        - name: bionic
        - name: focal
        - name: docurium
        - name: bionic-x86
          dockerfile: bionic
          base: multiarch/ubuntu-core:x86-bionic
          qemu: true
        - name: bionic-arm32
          dockerfile: bionic
          base: multiarch/ubuntu-core:armhf-bionic
          qemu: true
        - name: bionic-arm64
          dockerfile: bionic
          base: multiarch/ubuntu-core:arm64-bionic
          qemu: true
        - name: centos7
        - name: centos8
    runs-on: ubuntu-latest
    name: "Create container: ${{ matrix.container.name }}"
    steps:
    - name: Check out repository
      uses: actions/checkout@v2
      with:
        path: source
        fetch-depth: 0
      if: github.event_name != 'pull_request'
    - name: Setup QEMU
      run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
      if: matrix.container.qemu == true
    - name: Download existing container
      run: |
        "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}"
      env:
        DOCKER_REGISTRY: ${{ env.docker-registry }}
        GITHUB_TOKEN: ${{ secrets.github_token }}
      working-directory: ${{ env.docker-config-path }}
      if: github.event_name != 'pull_request'
    - name: Build and publish image
      run: |
        if [ "${{ matrix.container.base }}" != "" ]; then
          BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
        fi
        docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
        docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
        docker push ${{ env.docker-registry-container-sha }}
        docker push ${{ env.docker-registry-container-latest }}
      working-directory: ${{ env.docker-config-path }}
      if: github.event_name != 'pull_request' && env.docker-container-exists != 'true'

  # Run our CI/CD builds.  We build a matrix with the various build targets
  # and their details.  Then we build either in a docker container (Linux)
  # or on the actual hosts (macOS, Windows).
  build:
    needs: [ containers ]
    strategy:
      matrix:
        platform:
        - name: "Linux (Xenial, GCC, OpenSSL)"
          id: xenial-gcc-openssl
          container:
            name: xenial
          env:
            CC: gcc
            CMAKE_GENERATOR: Ninja
            CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
          os: ubuntu-latest
        - name: Linux (Xenial, GCC, mbedTLS)
          id: xenial-gcc-mbedtls
          container:
            name: xenial
          env:
            CC: gcc
            CMAKE_GENERATOR: Ninja
            CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
          os: ubuntu-latest
        - name: "Linux (Xenial, Clang, OpenSSL)"
          id: xenial-clang-openssl
          container:
            name: xenial
          env:
            CC: clang
            CMAKE_GENERATOR: Ninja
            CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
          os: ubuntu-latest
        - name: "Linux (Xenial, Clang, mbedTLS)"
          id: xenial-clang-mbedtls
          container:
            name: xenial
          env:
            CC: clang
            CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
            CMAKE_GENERATOR: Ninja
          os: ubuntu-latest
        - name: "Linux (MemorySanitizer)"
          id: memorysanitizer
          container:
            name: focal
          env:
            CC: clang-10
            CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
            CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
            CMAKE_GENERATOR: Ninja
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
            ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
            UBSAN_OPTIONS: print_stacktrace=1
          os: ubuntu-latest
        - name: "Linux (UndefinedBehaviorSanitizer)"
          id: ubsanitizer
          container:
            name: focal
          env:
            CC: clang-10
            CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
            CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
            CMAKE_GENERATOR: Ninja
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
            ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
            UBSAN_OPTIONS: print_stacktrace=1
          os: ubuntu-latest
        - name: "Linux (ThreadSanitizer)"
          id: threadsanitizer
          container:
            name: focal
          env:
            CC: clang-10
            CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
            CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
            CMAKE_GENERATOR: Ninja
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
            ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
            UBSAN_OPTIONS: print_stacktrace=1
            TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
          os: ubuntu-latest
        - name: "macOS"
          id: macos
          os: macos-10.15
          env:
            CC: clang
            CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
            PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
          setup-script: osx
        - name: "Windows (amd64, Visual Studio)"
          id: windows-amd64-vs
          os: windows-2019
          env:
            ARCH: amd64
            CMAKE_GENERATOR: Visual Studio 16 2019
            CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
        - name: "Windows (x86, Visual Studio)"
          id: windows-x86-vs
          os: windows-2019
          env:
            ARCH: x86
            CMAKE_GENERATOR: Visual Studio 16 2019
            CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
        - name: "Windows (amd64, mingw)"
          id: windows-amd64-mingw
          os: windows-2019
          setup-script: mingw
          env:
            ARCH: amd64
            CMAKE_GENERATOR: MinGW Makefiles
            CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
            BUILD_TEMP: D:\Temp
            BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
        - name: "Windows (x86, mingw)"
          id: windows-x86-mingw
          os: windows-2019
          setup-script: mingw
          env:
            ARCH: x86
            CMAKE_GENERATOR: MinGW Makefiles
            CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
            BUILD_TEMP: D:\Temp
            BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
            SKIP_SSH_TESTS: true
            SKIP_NEGOTIATE_TESTS: true
      fail-fast: false
    env: ${{ matrix.platform.env }}
    runs-on: ${{ matrix.platform.os }}
    name: "Build: ${{ matrix.platform.name }}"
    steps:
    - name: Check out repository
      uses: actions/checkout@v2
      with:
        path: source
        fetch-depth: 0
    - name: Set up build environment
      run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh
      shell: bash
      if: matrix.platform.setup-script != ''
    - name: Setup QEMU
      run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
      if: matrix.platform.container.qemu == true
    - name: Download container
      run: |
        "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
      env:
        DOCKER_REGISTRY: ${{ env.docker-registry }}
        GITHUB_TOKEN: ${{ secrets.github_token }}
      working-directory: ${{ env.docker-config-path }}
      if: matrix.platform.container.name != ''
    - name: Create container
      run: |
        if [ "${{ matrix.container.base }}" != "" ]; then
          BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
        fi
        docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
      working-directory: ${{ env.docker-config-path }}
      if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
    - name: Build and test
      run: |
        export GITTEST_NEGOTIATE_PASSWORD="${{ secrets.GITTEST_NEGOTIATE_PASSWORD }}"

        if [ -n "${{ matrix.platform.container.name }}" ]; then
          mkdir build
          docker run \
              --rm \
              --user "$(id -u):$(id -g)" \
              -v "$(pwd)/source:/home/libgit2/source" \
              -v "$(pwd)/build:/home/libgit2/build" \
              -w /home/libgit2 \
              -e ASAN_SYMBOLIZER_PATH \
              -e CC \
              -e CFLAGS \
              -e CMAKE_GENERATOR \
              -e CMAKE_OPTIONS \
              -e GITTEST_NEGOTIATE_PASSWORD \
              -e GITTEST_FLAKY_STAT \
              -e PKG_CONFIG_PATH \
              -e SKIP_NEGOTIATE_TESTS \
              -e SKIP_SSH_TESTS \
              -e TSAN_OPTIONS \
              -e UBSAN_OPTIONS \
              ${{ env.docker-registry-container-sha }} \
              /bin/bash -c "cd build && ../source/ci/build.sh && ../source/ci/test.sh"
        else
          mkdir build
          cd build
          ../source/ci/build.sh
          ../source/ci/test.sh
        fi
      shell: bash
    - name: Upload test results
      uses: actions/upload-artifact@v3
      if: success() || failure()
      with:
        name: test-results-${{ matrix.platform.id }}
        path: build/results_*.xml

  test_results:
    name: Test results
    needs: [ build ]
    runs-on: ubuntu-latest
    steps:
    - name: Download test results
      uses: actions/download-artifact@v3
    - name: Generate test summary
      uses: test-summary/action@v1
      with:
        paths: 'test-results-*/*.xml'


  # Generate documentation using docurium.  We'll upload the documentation
  # as a build artifact so that it can be reviewed as part of a pull
  # request or in a forked build.  For CI builds in the main repository's
  # main branch, we'll push the gh-pages branch back up so that it is
  # published to our documentation site.
  documentation:
    name: Generate documentation
    needs: [ containers ]
    if: success() || failure()
    runs-on: ubuntu-latest
    steps:
    - name: Check out repository
      uses: actions/checkout@v2
      with:
        path: source
        fetch-depth: 0
    - name: Generate documentation
      working-directory: source
      run: |
        git config user.name 'Documentation Generation'
        git config user.email 'libgit2@users.noreply.github.com'
        git branch gh-pages origin/gh-pages
        docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }}
        docker run \
            --rm \
            -v "$(pwd):/home/libgit2" \
            -w /home/libgit2 \
            ${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \
            cm doc api.docurium
        git checkout gh-pages
        zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip .
    - uses: actions/upload-artifact@v2
      name: Upload artifact
      with:
        name: api-documentation
        path: source/api-documentation.zip
    - name: Push documentation branch
      working-directory: source
      run: git push origin gh-pages
      if: github.event_name == 'push' && github.repository == 'libgit2/libgit2'
Commit	Line	Data
22a2d3d5	1	# Continuous integration and pull request validation builds for the
c25aa7cd	2	# main and maintenance branches.
22a2d3d5 UG	3	name: CI Build
	4
	5	on:
	6	push:
c25aa7cd	7	branches: [ main, maint/* ]
22a2d3d5	8	pull_request:
c25aa7cd PP	9	branches: [ main, maint/* ]
c25aa7cd PP	10	workflow_dispatch:
22a2d3d5 UG	11
22a2d3d5 UG	12	env:
ad5611d8	13	docker-registry: ghcr.io
c25aa7cd	14	docker-config-path: source/ci/docker
22a2d3d5 UG	15
	16	jobs:
	17	# Build the docker container images that we will use for our Linux
	18	# builds. This will identify the last commit to the repository that
	19	# updated the docker images, and try to download the image tagged with
	20	# that sha. If it does not exist, we'll do a docker build and push
	21	# the image up to GitHub Packages for the actual CI/CD runs. We tag
	22	# with both the sha and "latest" so that the subsequent runs need not
	23	# know the sha. Only do this on CI builds (when the event is a "push")
	24	# because PR builds from forks lack permission to write packages.
e579e0f7	25	containers:
22a2d3d5 UG	26	strategy:
	27	matrix:
	28	container:
c25aa7cd PP	29	- name: xenial
	30	- name: bionic
	31	- name: focal
	32	- name: docurium
	33	- name: bionic-x86
	34	dockerfile: bionic
	35	base: multiarch/ubuntu-core:x86-bionic
	36	qemu: true
	37	- name: bionic-arm32
	38	dockerfile: bionic
	39	base: multiarch/ubuntu-core:armhf-bionic
	40	qemu: true
	41	- name: bionic-arm64
	42	dockerfile: bionic
	43	base: multiarch/ubuntu-core:arm64-bionic
	44	qemu: true
	45	- name: centos7
	46	- name: centos8
22a2d3d5	47	runs-on: ubuntu-latest
e579e0f7	48	name: "Create container: ${{ matrix.container.name }}"
22a2d3d5 UG	49	steps:
	50	- name: Check out repository
	51	uses: actions/checkout@v2
	52	with:
c25aa7cd	53	path: source
22a2d3d5	54	fetch-depth: 0
c25aa7cd PP	55	if: github.event_name != 'pull_request'
	56	- name: Setup QEMU
	57	run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
	58	if: matrix.container.qemu == true
22a2d3d5	59	- name: Download existing container
c25aa7cd PP	60	run: \|
c25aa7cd PP	61	"${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}"
22a2d3d5 UG	62	env:
	63	DOCKER_REGISTRY: ${{ env.docker-registry }}
	64	GITHUB_TOKEN: ${{ secrets.github_token }}
c25aa7cd PP	65	working-directory: ${{ env.docker-config-path }}
c25aa7cd PP	66	if: github.event_name != 'pull_request'
22a2d3d5 UG	67	- name: Build and publish image
22a2d3d5 UG	68	run: \|
c25aa7cd PP	69	if [ "${{ matrix.container.base }}" != "" ]; then
	70	BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
	71	fi
ad5611d8	72	docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
c25aa7cd	73	docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
22a2d3d5	74	docker push ${{ env.docker-registry-container-sha }}
c25aa7cd	75	docker push ${{ env.docker-registry-container-latest }}
22a2d3d5	76	working-directory: ${{ env.docker-config-path }}
c25aa7cd	77	if: github.event_name != 'pull_request' && env.docker-container-exists != 'true'
22a2d3d5 UG	78
	79	# Run our CI/CD builds. We build a matrix with the various build targets
	80	# and their details. Then we build either in a docker container (Linux)
	81	# or on the actual hosts (macOS, Windows).
	82	build:
e579e0f7	83	needs: [ containers ]
22a2d3d5 UG	84	strategy:
	85	matrix:
	86	platform:
e579e0f7	87	- name: "Linux (Xenial, GCC, OpenSSL)"
ad5611d8	88	id: xenial-gcc-openssl
c25aa7cd PP	89	container:
c25aa7cd PP	90	name: xenial
22a2d3d5 UG	91	env:
	92	CC: gcc
	93	CMAKE_GENERATOR: Ninja
e579e0f7	94	CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
22a2d3d5	95	os: ubuntu-latest
e579e0f7	96	- name: Linux (Xenial, GCC, mbedTLS)
ad5611d8	97	id: xenial-gcc-mbedtls
c25aa7cd PP	98	container:
c25aa7cd PP	99	name: xenial
22a2d3d5 UG	100	env:
	101	CC: gcc
	102	CMAKE_GENERATOR: Ninja
e579e0f7	103	CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
22a2d3d5	104	os: ubuntu-latest
e579e0f7	105	- name: "Linux (Xenial, Clang, OpenSSL)"
ad5611d8	106	id: xenial-clang-openssl
c25aa7cd PP	107	container:
c25aa7cd PP	108	name: xenial
22a2d3d5 UG	109	env:
	110	CC: clang
	111	CMAKE_GENERATOR: Ninja
e579e0f7	112	CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
22a2d3d5	113	os: ubuntu-latest
e579e0f7	114	- name: "Linux (Xenial, Clang, mbedTLS)"
ad5611d8	115	id: xenial-clang-mbedtls
c25aa7cd PP	116	container:
c25aa7cd PP	117	name: xenial
22a2d3d5 UG	118	env:
22a2d3d5 UG	119	CC: clang
e579e0f7	120	CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
22a2d3d5 UG	121	CMAKE_GENERATOR: Ninja
22a2d3d5 UG	122	os: ubuntu-latest
e579e0f7	123	- name: "Linux (MemorySanitizer)"
ad5611d8	124	id: memorysanitizer
c25aa7cd PP	125	container:
c25aa7cd PP	126	name: focal
22a2d3d5 UG	127	env:
	128	CC: clang-10
	129	CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
e579e0f7	130	CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
22a2d3d5 UG	131	CMAKE_GENERATOR: Ninja
	132	SKIP_SSH_TESTS: true
	133	SKIP_NEGOTIATE_TESTS: true
	134	ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
c25aa7cd	135	UBSAN_OPTIONS: print_stacktrace=1
22a2d3d5	136	os: ubuntu-latest
e579e0f7	137	- name: "Linux (UndefinedBehaviorSanitizer)"
ad5611d8	138	id: ubsanitizer
c25aa7cd PP	139	container:
c25aa7cd PP	140	name: focal
22a2d3d5 UG	141	env:
	142	CC: clang-10
	143	CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
e579e0f7	144	CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
22a2d3d5 UG	145	CMAKE_GENERATOR: Ninja
	146	SKIP_SSH_TESTS: true
	147	SKIP_NEGOTIATE_TESTS: true
	148	ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
c25aa7cd PP	149	UBSAN_OPTIONS: print_stacktrace=1
c25aa7cd PP	150	os: ubuntu-latest
e579e0f7	151	- name: "Linux (ThreadSanitizer)"
ad5611d8	152	id: threadsanitizer
c25aa7cd PP	153	container:
	154	name: focal
	155	env:
	156	CC: clang-10
	157	CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
e579e0f7	158	CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
c25aa7cd PP	159	CMAKE_GENERATOR: Ninja
	160	SKIP_SSH_TESTS: true
	161	SKIP_NEGOTIATE_TESTS: true
	162	ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
	163	UBSAN_OPTIONS: print_stacktrace=1
	164	TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
22a2d3d5	165	os: ubuntu-latest
e579e0f7	166	- name: "macOS"
ad5611d8	167	id: macos
22a2d3d5 UG	168	os: macos-10.15
	169	env:
	170	CC: clang
	171	CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
22a2d3d5 UG	172	PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
	173	SKIP_SSH_TESTS: true
	174	SKIP_NEGOTIATE_TESTS: true
	175	setup-script: osx
e579e0f7	176	- name: "Windows (amd64, Visual Studio)"
ad5611d8	177	id: windows-amd64-vs
22a2d3d5 UG	178	os: windows-2019
	179	env:
	180	ARCH: amd64
	181	CMAKE_GENERATOR: Visual Studio 16 2019
c25aa7cd	182	CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON
22a2d3d5 UG	183	SKIP_SSH_TESTS: true
22a2d3d5 UG	184	SKIP_NEGOTIATE_TESTS: true
e579e0f7	185	- name: "Windows (x86, Visual Studio)"
ad5611d8	186	id: windows-x86-vs
22a2d3d5 UG	187	os: windows-2019
	188	env:
	189	ARCH: x86
	190	CMAKE_GENERATOR: Visual Studio 16 2019
c25aa7cd	191	CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON
22a2d3d5 UG	192	SKIP_SSH_TESTS: true
22a2d3d5 UG	193	SKIP_NEGOTIATE_TESTS: true
e579e0f7	194	- name: "Windows (amd64, mingw)"
ad5611d8	195	id: windows-amd64-mingw
22a2d3d5 UG	196	os: windows-2019
	197	setup-script: mingw
	198	env:
	199	ARCH: amd64
	200	CMAKE_GENERATOR: MinGW Makefiles
	201	CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
	202	BUILD_TEMP: D:\Temp
	203	BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
	204	SKIP_SSH_TESTS: true
	205	SKIP_NEGOTIATE_TESTS: true
e579e0f7	206	- name: "Windows (x86, mingw)"
ad5611d8	207	id: windows-x86-mingw
22a2d3d5 UG	208	os: windows-2019
	209	setup-script: mingw
	210	env:
	211	ARCH: x86
	212	CMAKE_GENERATOR: MinGW Makefiles
	213	CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
	214	BUILD_TEMP: D:\Temp
	215	BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
	216	SKIP_SSH_TESTS: true
	217	SKIP_NEGOTIATE_TESTS: true
	218	fail-fast: false
	219	env: ${{ matrix.platform.env }}
	220	runs-on: ${{ matrix.platform.os }}
e579e0f7	221	name: "Build: ${{ matrix.platform.name }}"
22a2d3d5 UG	222	steps:
	223	- name: Check out repository
	224	uses: actions/checkout@v2
	225	with:
c25aa7cd	226	path: source
22a2d3d5 UG	227	fetch-depth: 0
22a2d3d5 UG	228	- name: Set up build environment
ad5611d8	229	run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh
22a2d3d5 UG	230	shell: bash
22a2d3d5 UG	231	if: matrix.platform.setup-script != ''
c25aa7cd PP	232	- name: Setup QEMU
	233	run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
	234	if: matrix.platform.container.qemu == true
22a2d3d5	235	- name: Download container
c25aa7cd PP	236	run: \|
c25aa7cd PP	237	"${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
22a2d3d5 UG	238	env:
	239	DOCKER_REGISTRY: ${{ env.docker-registry }}
	240	GITHUB_TOKEN: ${{ secrets.github_token }}
c25aa7cd PP	241	working-directory: ${{ env.docker-config-path }}
c25aa7cd PP	242	if: matrix.platform.container.name != ''
22a2d3d5	243	- name: Create container
ad5611d8 TR	244	run: \|
	245	if [ "${{ matrix.container.base }}" != "" ]; then
	246	BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
	247	fi
	248	docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
22a2d3d5	249	working-directory: ${{ env.docker-config-path }}
c25aa7cd	250	if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
22a2d3d5 UG	251	- name: Build and test
	252	run: \|
	253	export GITTEST_NEGOTIATE_PASSWORD="${{ secrets.GITTEST_NEGOTIATE_PASSWORD }}"
	254
c25aa7cd	255	if [ -n "${{ matrix.platform.container.name }}" ]; then
ad5611d8	256	mkdir build
22a2d3d5 UG	257	docker run \
22a2d3d5 UG	258	--rm \
ad5611d8	259	--user "$(id -u):$(id -g)" \
c25aa7cd	260	-v "$(pwd)/source:/home/libgit2/source" \
ad5611d8	261	-v "$(pwd)/build:/home/libgit2/build" \
c25aa7cd	262	-w /home/libgit2 \
22a2d3d5 UG	263	-e ASAN_SYMBOLIZER_PATH \
	264	-e CC \
	265	-e CFLAGS \
	266	-e CMAKE_GENERATOR \
	267	-e CMAKE_OPTIONS \
	268	-e GITTEST_NEGOTIATE_PASSWORD \
ad5611d8	269	-e GITTEST_FLAKY_STAT \
22a2d3d5 UG	270	-e PKG_CONFIG_PATH \
	271	-e SKIP_NEGOTIATE_TESTS \
	272	-e SKIP_SSH_TESTS \
c25aa7cd PP	273	-e TSAN_OPTIONS \
c25aa7cd PP	274	-e UBSAN_OPTIONS \
22a2d3d5	275	${{ env.docker-registry-container-sha }} \
ad5611d8	276	/bin/bash -c "cd build && ../source/ci/build.sh && ../source/ci/test.sh"
22a2d3d5	277	else
ad5611d8 TR	278	mkdir build
ad5611d8 TR	279	cd build
c25aa7cd PP	280	../source/ci/build.sh
c25aa7cd PP	281	../source/ci/test.sh
22a2d3d5 UG	282	fi
22a2d3d5 UG	283	shell: bash
ad5611d8 TR	284	- name: Upload test results
	285	uses: actions/upload-artifact@v3
	286	if: success() \|\| failure()
	287	with:
	288	name: test-results-${{ matrix.platform.id }}
	289	path: build/results_*.xml
	290
	291	test_results:
	292	name: Test results
	293	needs: [ build ]
	294	runs-on: ubuntu-latest
	295	steps:
	296	- name: Download test results
	297	uses: actions/download-artifact@v3
	298	- name: Generate test summary
	299	uses: test-summary/action@v1
	300	with:
	301	paths: 'test-results-/.xml'
	302
22a2d3d5 UG	303
	304	# Generate documentation using docurium. We'll upload the documentation
	305	# as a build artifact so that it can be reviewed as part of a pull
	306	# request or in a forked build. For CI builds in the main repository's
c25aa7cd	307	# main branch, we'll push the gh-pages branch back up so that it is
22a2d3d5 UG	308	# published to our documentation site.
	309	documentation:
	310	name: Generate documentation
e579e0f7	311	needs: [ containers ]
ad5611d8	312	if: success() \|\| failure()
22a2d3d5 UG	313	runs-on: ubuntu-latest
	314	steps:
	315	- name: Check out repository
	316	uses: actions/checkout@v2
	317	with:
c25aa7cd	318	path: source
22a2d3d5 UG	319	fetch-depth: 0
22a2d3d5 UG	320	- name: Generate documentation
c25aa7cd	321	working-directory: source
22a2d3d5 UG	322	run: \|
	323	git config user.name 'Documentation Generation'
	324	git config user.email 'libgit2@users.noreply.github.com'
	325	git branch gh-pages origin/gh-pages
	326	docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }}
	327	docker run \
	328	--rm \
c25aa7cd PP	329	-v "$(pwd):/home/libgit2" \
c25aa7cd PP	330	-w /home/libgit2 \
22a2d3d5 UG	331	${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \
	332	cm doc api.docurium
	333	git checkout gh-pages
	334	zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip .
	335	- uses: actions/upload-artifact@v2
	336	name: Upload artifact
	337	with:
	338	name: api-documentation
c25aa7cd	339	path: source/api-documentation.zip
22a2d3d5	340	- name: Push documentation branch
c25aa7cd	341	working-directory: source
22a2d3d5	342	run: git push origin gh-pages
e579e0f7	343	if: github.event_name == 'push' && github.repository == 'libgit2/libgit2'