]>
Commit | Line | Data |
---|---|---|
22a2d3d5 | 1 | # Continuous integration and pull request validation builds for the |
c25aa7cd | 2 | # main and maintenance branches. |
22a2d3d5 UG |
3 | name: CI Build |
4 | ||
5 | on: | |
6 | push: | |
c25aa7cd | 7 | branches: [ main, maint/* ] |
22a2d3d5 | 8 | pull_request: |
c25aa7cd PP |
9 | branches: [ main, maint/* ] |
10 | workflow_dispatch: | |
22a2d3d5 UG |
11 | |
12 | env: | |
13 | docker-registry: docker.pkg.github.com | |
c25aa7cd | 14 | docker-config-path: source/ci/docker |
22a2d3d5 UG |
15 | |
16 | jobs: | |
17 | # Build the docker container images that we will use for our Linux | |
18 | # builds. This will identify the last commit to the repository that | |
19 | # updated the docker images, and try to download the image tagged with | |
20 | # that sha. If it does not exist, we'll do a docker build and push | |
21 | # the image up to GitHub Packages for the actual CI/CD runs. We tag | |
22 | # with both the sha and "latest" so that the subsequent runs need not | |
23 | # know the sha. Only do this on CI builds (when the event is a "push") | |
24 | # because PR builds from forks lack permission to write packages. | |
e579e0f7 | 25 | containers: |
22a2d3d5 UG |
26 | strategy: |
27 | matrix: | |
28 | container: | |
c25aa7cd PP |
29 | - name: xenial |
30 | - name: bionic | |
31 | - name: focal | |
32 | - name: docurium | |
33 | - name: bionic-x86 | |
34 | dockerfile: bionic | |
35 | base: multiarch/ubuntu-core:x86-bionic | |
36 | qemu: true | |
37 | - name: bionic-arm32 | |
38 | dockerfile: bionic | |
39 | base: multiarch/ubuntu-core:armhf-bionic | |
40 | qemu: true | |
41 | - name: bionic-arm64 | |
42 | dockerfile: bionic | |
43 | base: multiarch/ubuntu-core:arm64-bionic | |
44 | qemu: true | |
45 | - name: centos7 | |
46 | - name: centos8 | |
22a2d3d5 | 47 | runs-on: ubuntu-latest |
e579e0f7 | 48 | name: "Create container: ${{ matrix.container.name }}" |
22a2d3d5 UG |
49 | steps: |
50 | - name: Check out repository | |
51 | uses: actions/checkout@v2 | |
52 | with: | |
c25aa7cd | 53 | path: source |
22a2d3d5 | 54 | fetch-depth: 0 |
c25aa7cd PP |
55 | if: github.event_name != 'pull_request' |
56 | - name: Setup QEMU | |
57 | run: docker run --rm --privileged multiarch/qemu-user-static:register --reset | |
58 | if: matrix.container.qemu == true | |
22a2d3d5 | 59 | - name: Download existing container |
c25aa7cd PP |
60 | run: | |
61 | "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}" | |
22a2d3d5 UG |
62 | env: |
63 | DOCKER_REGISTRY: ${{ env.docker-registry }} | |
64 | GITHUB_TOKEN: ${{ secrets.github_token }} | |
c25aa7cd PP |
65 | working-directory: ${{ env.docker-config-path }} |
66 | if: github.event_name != 'pull_request' | |
22a2d3d5 UG |
67 | - name: Build and publish image |
68 | run: | | |
c25aa7cd PP |
69 | if [ "${{ matrix.container.base }}" != "" ]; then |
70 | BASE_ARG="--build-arg BASE=${{ matrix.container.base }}" | |
71 | fi | |
72 | docker build -t ${{ env.docker-registry-container-sha }} ${BASE_ARG} -f ${{ env.dockerfile }} . | |
73 | docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }} | |
22a2d3d5 | 74 | docker push ${{ env.docker-registry-container-sha }} |
c25aa7cd | 75 | docker push ${{ env.docker-registry-container-latest }} |
22a2d3d5 | 76 | working-directory: ${{ env.docker-config-path }} |
c25aa7cd | 77 | if: github.event_name != 'pull_request' && env.docker-container-exists != 'true' |
22a2d3d5 UG |
78 | |
79 | # Run our CI/CD builds. We build a matrix with the various build targets | |
80 | # and their details. Then we build either in a docker container (Linux) | |
81 | # or on the actual hosts (macOS, Windows). | |
82 | build: | |
e579e0f7 | 83 | needs: [ containers ] |
22a2d3d5 UG |
84 | strategy: |
85 | matrix: | |
86 | platform: | |
e579e0f7 | 87 | - name: "Linux (Xenial, GCC, OpenSSL)" |
c25aa7cd PP |
88 | container: |
89 | name: xenial | |
22a2d3d5 UG |
90 | env: |
91 | CC: gcc | |
92 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 93 | CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON |
22a2d3d5 | 94 | os: ubuntu-latest |
e579e0f7 | 95 | - name: Linux (Xenial, GCC, mbedTLS) |
c25aa7cd PP |
96 | container: |
97 | name: xenial | |
22a2d3d5 UG |
98 | env: |
99 | CC: gcc | |
100 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 101 | CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 | 102 | os: ubuntu-latest |
e579e0f7 | 103 | - name: "Linux (Xenial, Clang, OpenSSL)" |
c25aa7cd PP |
104 | container: |
105 | name: xenial | |
22a2d3d5 UG |
106 | env: |
107 | CC: clang | |
108 | CMAKE_GENERATOR: Ninja | |
e579e0f7 | 109 | CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 | 110 | os: ubuntu-latest |
e579e0f7 | 111 | - name: "Linux (Xenial, Clang, mbedTLS)" |
c25aa7cd PP |
112 | container: |
113 | name: xenial | |
22a2d3d5 UG |
114 | env: |
115 | CC: clang | |
e579e0f7 | 116 | CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON |
22a2d3d5 UG |
117 | CMAKE_GENERATOR: Ninja |
118 | os: ubuntu-latest | |
e579e0f7 | 119 | - name: "Linux (MemorySanitizer)" |
c25aa7cd PP |
120 | container: |
121 | name: focal | |
22a2d3d5 UG |
122 | env: |
123 | CC: clang-10 | |
124 | CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 125 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
22a2d3d5 UG |
126 | CMAKE_GENERATOR: Ninja |
127 | SKIP_SSH_TESTS: true | |
128 | SKIP_NEGOTIATE_TESTS: true | |
129 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
c25aa7cd | 130 | UBSAN_OPTIONS: print_stacktrace=1 |
22a2d3d5 | 131 | os: ubuntu-latest |
e579e0f7 | 132 | - name: "Linux (UndefinedBehaviorSanitizer)" |
c25aa7cd PP |
133 | container: |
134 | name: focal | |
22a2d3d5 UG |
135 | env: |
136 | CC: clang-10 | |
137 | CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 138 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
22a2d3d5 UG |
139 | CMAKE_GENERATOR: Ninja |
140 | SKIP_SSH_TESTS: true | |
141 | SKIP_NEGOTIATE_TESTS: true | |
142 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
c25aa7cd PP |
143 | UBSAN_OPTIONS: print_stacktrace=1 |
144 | os: ubuntu-latest | |
e579e0f7 | 145 | - name: "Linux (ThreadSanitizer)" |
c25aa7cd PP |
146 | container: |
147 | name: focal | |
148 | env: | |
149 | CC: clang-10 | |
150 | CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer | |
e579e0f7 | 151 | CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON |
c25aa7cd PP |
152 | CMAKE_GENERATOR: Ninja |
153 | SKIP_SSH_TESTS: true | |
154 | SKIP_NEGOTIATE_TESTS: true | |
155 | ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 | |
156 | UBSAN_OPTIONS: print_stacktrace=1 | |
157 | TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1 | |
22a2d3d5 | 158 | os: ubuntu-latest |
e579e0f7 | 159 | - name: "macOS" |
22a2d3d5 UG |
160 | os: macos-10.15 |
161 | env: | |
162 | CC: clang | |
163 | CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON | |
22a2d3d5 UG |
164 | PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig |
165 | SKIP_SSH_TESTS: true | |
166 | SKIP_NEGOTIATE_TESTS: true | |
167 | setup-script: osx | |
e579e0f7 | 168 | - name: "Windows (amd64, Visual Studio)" |
22a2d3d5 UG |
169 | os: windows-2019 |
170 | env: | |
171 | ARCH: amd64 | |
172 | CMAKE_GENERATOR: Visual Studio 16 2019 | |
c25aa7cd | 173 | CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON |
22a2d3d5 UG |
174 | SKIP_SSH_TESTS: true |
175 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 176 | - name: "Windows (x86, Visual Studio)" |
22a2d3d5 UG |
177 | os: windows-2019 |
178 | env: | |
179 | ARCH: x86 | |
180 | CMAKE_GENERATOR: Visual Studio 16 2019 | |
c25aa7cd | 181 | CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON |
22a2d3d5 UG |
182 | SKIP_SSH_TESTS: true |
183 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 184 | - name: "Windows (amd64, mingw)" |
22a2d3d5 UG |
185 | os: windows-2019 |
186 | setup-script: mingw | |
187 | env: | |
188 | ARCH: amd64 | |
189 | CMAKE_GENERATOR: MinGW Makefiles | |
190 | CMAKE_OPTIONS: -DDEPRECATE_HARD=ON | |
191 | BUILD_TEMP: D:\Temp | |
192 | BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin | |
193 | SKIP_SSH_TESTS: true | |
194 | SKIP_NEGOTIATE_TESTS: true | |
e579e0f7 | 195 | - name: "Windows (x86, mingw)" |
22a2d3d5 UG |
196 | os: windows-2019 |
197 | setup-script: mingw | |
198 | env: | |
199 | ARCH: x86 | |
200 | CMAKE_GENERATOR: MinGW Makefiles | |
201 | CMAKE_OPTIONS: -DDEPRECATE_HARD=ON | |
202 | BUILD_TEMP: D:\Temp | |
203 | BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin | |
204 | SKIP_SSH_TESTS: true | |
205 | SKIP_NEGOTIATE_TESTS: true | |
206 | fail-fast: false | |
207 | env: ${{ matrix.platform.env }} | |
208 | runs-on: ${{ matrix.platform.os }} | |
e579e0f7 | 209 | name: "Build: ${{ matrix.platform.name }}" |
22a2d3d5 UG |
210 | steps: |
211 | - name: Check out repository | |
212 | uses: actions/checkout@v2 | |
213 | with: | |
c25aa7cd | 214 | path: source |
22a2d3d5 UG |
215 | fetch-depth: 0 |
216 | - name: Set up build environment | |
c25aa7cd | 217 | run: source/ci/setup-${{ matrix.platform.setup-script }}.sh |
22a2d3d5 UG |
218 | shell: bash |
219 | if: matrix.platform.setup-script != '' | |
c25aa7cd PP |
220 | - name: Setup QEMU |
221 | run: docker run --rm --privileged multiarch/qemu-user-static:register --reset | |
222 | if: matrix.platform.container.qemu == true | |
22a2d3d5 | 223 | - name: Download container |
c25aa7cd PP |
224 | run: | |
225 | "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}" | |
22a2d3d5 UG |
226 | env: |
227 | DOCKER_REGISTRY: ${{ env.docker-registry }} | |
228 | GITHUB_TOKEN: ${{ secrets.github_token }} | |
c25aa7cd PP |
229 | working-directory: ${{ env.docker-config-path }} |
230 | if: matrix.platform.container.name != '' | |
22a2d3d5 | 231 | - name: Create container |
c25aa7cd | 232 | run: docker build -t ${{ env.docker-registry-container-sha }} -f ${{ env.dockerfile }} . |
22a2d3d5 | 233 | working-directory: ${{ env.docker-config-path }} |
c25aa7cd | 234 | if: matrix.platform.container.name != '' && env.docker-container-exists != 'true' |
22a2d3d5 UG |
235 | - name: Build and test |
236 | run: | | |
237 | export GITTEST_NEGOTIATE_PASSWORD="${{ secrets.GITTEST_NEGOTIATE_PASSWORD }}" | |
238 | ||
c25aa7cd | 239 | if [ -n "${{ matrix.platform.container.name }}" ]; then |
22a2d3d5 UG |
240 | docker run \ |
241 | --rm \ | |
c25aa7cd PP |
242 | --user libgit2:libgit2 \ |
243 | -v "$(pwd)/source:/home/libgit2/source" \ | |
244 | -w /home/libgit2 \ | |
22a2d3d5 UG |
245 | -e ASAN_SYMBOLIZER_PATH \ |
246 | -e CC \ | |
247 | -e CFLAGS \ | |
248 | -e CMAKE_GENERATOR \ | |
249 | -e CMAKE_OPTIONS \ | |
250 | -e GITTEST_NEGOTIATE_PASSWORD \ | |
251 | -e PKG_CONFIG_PATH \ | |
252 | -e SKIP_NEGOTIATE_TESTS \ | |
253 | -e SKIP_SSH_TESTS \ | |
c25aa7cd PP |
254 | -e TSAN_OPTIONS \ |
255 | -e UBSAN_OPTIONS \ | |
22a2d3d5 | 256 | ${{ env.docker-registry-container-sha }} \ |
c25aa7cd | 257 | /bin/bash -c "mkdir build && cd build && ../source/ci/build.sh && ../source/ci/test.sh" |
22a2d3d5 UG |
258 | else |
259 | mkdir build && cd build | |
c25aa7cd PP |
260 | ../source/ci/build.sh |
261 | ../source/ci/test.sh | |
22a2d3d5 UG |
262 | fi |
263 | shell: bash | |
264 | ||
265 | # Generate documentation using docurium. We'll upload the documentation | |
266 | # as a build artifact so that it can be reviewed as part of a pull | |
267 | # request or in a forked build. For CI builds in the main repository's | |
c25aa7cd | 268 | # main branch, we'll push the gh-pages branch back up so that it is |
22a2d3d5 UG |
269 | # published to our documentation site. |
270 | documentation: | |
271 | name: Generate documentation | |
e579e0f7 | 272 | needs: [ containers ] |
22a2d3d5 UG |
273 | runs-on: ubuntu-latest |
274 | steps: | |
275 | - name: Check out repository | |
276 | uses: actions/checkout@v2 | |
277 | with: | |
c25aa7cd | 278 | path: source |
22a2d3d5 UG |
279 | fetch-depth: 0 |
280 | - name: Generate documentation | |
c25aa7cd | 281 | working-directory: source |
22a2d3d5 UG |
282 | run: | |
283 | git config user.name 'Documentation Generation' | |
284 | git config user.email 'libgit2@users.noreply.github.com' | |
285 | git branch gh-pages origin/gh-pages | |
286 | docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }} | |
287 | docker run \ | |
288 | --rm \ | |
c25aa7cd PP |
289 | -v "$(pwd):/home/libgit2" \ |
290 | -w /home/libgit2 \ | |
22a2d3d5 UG |
291 | ${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \ |
292 | cm doc api.docurium | |
293 | git checkout gh-pages | |
294 | zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip . | |
295 | - uses: actions/upload-artifact@v2 | |
296 | name: Upload artifact | |
297 | with: | |
298 | name: api-documentation | |
c25aa7cd | 299 | path: source/api-documentation.zip |
22a2d3d5 | 300 | - name: Push documentation branch |
c25aa7cd | 301 | working-directory: source |
22a2d3d5 | 302 | run: git push origin gh-pages |
e579e0f7 | 303 | if: github.event_name == 'push' && github.repository == 'libgit2/libgit2' |