projects / tinc / blob
? search:


ec70fa506d063dafd10e9e030c18d2cf62bd1d4a
[tinc] / .github / workflows / test.yml
1 name: Test
2
3 on:
4   push:
5   pull_request:
6     types:
7       - opened
8       - synchronize
9
10 jobs:
11   cross:
12     runs-on: ubuntu-latest
13     timeout-minutes: 30
14     strategy:
15       fail-fast: false
16       matrix:
17         arch:
18           - armhf
19           - mipsel
20           - mingw
21
22     container:
23       image: debian:bullseye
24       options: --privileged
25
26     steps:
27       - name: Checkout code
28         uses: actions/checkout@v1
29
30       - name: Install deps
31         run: HOST=${{ matrix.arch }} sh .ci/deps.sh
32
33       - name: Prepare the system
34         run: HOST=${{ matrix.arch }} sh .ci/test/prepare.sh
35
36       - name: Run tests with default settings
37         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default
38
39       - name: Run tests without legacy protocol
40         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy
41         if: always()
42
43       - name: Run tests with libgcrypt
44         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt
45         if: always()
46
47       - name: Upload test results
48         uses: actions/upload-artifact@v2
49         with:
50           name: tests_cross_${{ matrix.arch }}
51           path: /tmp/logs/tests.*.tar.gz
52         if: always()
53
54   static-analysis:
55     runs-on: ubuntu-latest
56     timeout-minutes: 30
57     steps:
58       - name: Checkout code
59         uses: actions/checkout@v1
60
61       - name: Install tools
62         run: |
63           sudo apt-get install -y astyle clang-tidy-$CLANG
64           sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-$CLANG 100
65           curl -OL "https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK/shellcheck-v${SHELLCHECK}.linux.x86_64.tar.xz"
66           tar -C ~ --strip-components=1 --wildcards -xf ./shellcheck-*.tar.xz 'shellcheck-*/shellcheck'
67           curl -o ~/shfmt -L "https://github.com/mvdan/sh/releases/download/v$SHFMT/shfmt_v${SHFMT}_linux_amd64"
68           chmod 755 ~/shfmt ~/shellcheck
69           python3 -m venv /tmp/venv
70           . /tmp/venv/bin/activate
71           pip3 install black pylint mypy
72         env:
73           CLANG: 11
74           SHELLCHECK: 0.7.2
75           SHFMT: 3.3.0
76
77       - name: Install deps
78         run: sudo SKIP_OPENSSL3=1 sh .ci/deps.sh
79
80       - name: Lint/typecheck/check formatting on C/shell/Python code
81         run: |
82           . /tmp/venv/bin/activate
83           PATH=$PATH:$HOME ./lint.py
84         if: always()
85
86       - name: Run clang-tidy
87         run: sh .ci/tidy/run.sh
88         if: always()
89
90       - name: Check warnings (gcc)
91         run: bash .ci/warn/run.sh
92         env:
93           CC: gcc-10
94         if: always()
95
96       - name: Check warnings (clang)
97         run: bash .ci/warn/run.sh
98         env:
99           CC: clang-12
100         if: always()
101
102   sanitizer:
103     runs-on: ubuntu-latest
104     timeout-minutes: 30
105     strategy:
106       fail-fast: false
107       matrix:
108         sanitizer:
109           - address
110           - thread
111           - undefined
112     env:
113       SANITIZER: "${{ matrix.sanitizer }}"
114
115     steps:
116       - name: Checkout code
117         uses: actions/checkout@v1
118
119       - name: Install deps
120         run: sudo sh .ci/deps.sh
121
122       - name: Run tests with OpenSSL 3
123         run: bash .ci/sanitizers/run.sh openssl3
124         if: always()
125
126       - name: Sanitize tests with default settings
127         run: bash .ci/sanitizers/run.sh default
128         if: always()
129
130       - name: Sanitize tests without legacy protocol
131         run: bash .ci/sanitizers/run.sh nolegacy
132         if: always()
133
134       - name: Run tests with libgcrypt
135         run: bash .ci/sanitizers/run.sh gcrypt
136         if: always()
137
138       - name: Upload test results
139         uses: actions/upload-artifact@v2
140         with:
141           name: tests_sanitizer_${{ matrix.sanitizer }}
142           path: /tmp/logs/tests.*.tar.gz
143         if: always()
144
145   linux:
146     runs-on: ubuntu-latest
147     timeout-minutes: 30
148     strategy:
149       fail-fast: false
150       matrix:
151         os:
152           - alpine
153           - centos:7 # aka RHEL 7
154           - almalinux:8 # aka RHEL 8
155           - fedora
156           - debian:buster
157           - debian:bullseye
158           - debian:testing
159           - ubuntu # current LTS
160           - ubuntu:rolling # latest
161     container:
162       image: ${{ matrix.os }}
163       options: --privileged
164       env:
165         CI: 1
166     steps:
167       - name: Checkout code
168         uses: actions/checkout@v1
169
170       - name: Install deps
171         run: sh .ci/deps.sh
172
173       - name: Assign name for test results artifact
174         run: echo ARTIFACT="$(echo '${{ matrix.os }}' | sed 's|[:/]|_|g')" >>"$GITHUB_ENV"
175
176       - name: Create a non-privileged user
177         run: sh .ci/test/prepare.sh
178
179       - name: Run tests with OpenSSL 3
180         run: sudo -u build CI=1 sh .ci/test/run.sh openssl3
181
182       - name: Run tests with default settings
183         run: sudo -u build CI=1 sh .ci/test/run.sh default
184         if: always()
185
186       - name: Run tests without legacy protocol
187         run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy
188         if: always()
189
190       - name: Run tests with libgcrypt
191         run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt
192         if: always()
193
194       - name: Upload test results
195         uses: actions/upload-artifact@v2
196         with:
197           name: tests_${{ env.ARTIFACT }}
198           path: /tmp/logs/tests.*.tar.gz
199         if: always()
200
201       - name: Build package
202         run: sh .ci/package/build.sh
203         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
204         continue-on-error: true
205
206       - name: Upload package
207         uses: actions/upload-artifact@v2
208         with:
209           name: pkg-${{ env.ARTIFACT }}
210           path: |
211             *.deb
212             ~/rpmbuild/RPMS/*/*.rpm
213         continue-on-error: true
214
215   pkg-publish:
216     if: always() && (github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-'))
217     runs-on: ubuntu-latest
218     continue-on-error: true
219     needs:
220       - linux
221       - mingw
222
223     steps:
224       - name: Create artifact directory
225         run: mkdir -p /tmp/artifacts
226
227       - name: Download packages
228         uses: actions/download-artifact@v2
229         with:
230           path: /tmp/artifacts
231
232       - name: Publish packages (dev)
233         uses: marvinpinto/action-automatic-releases@latest
234         with:
235           repo_token: ${{ secrets.GITHUB_TOKEN }}
236           automatic_release_tag: latest
237           title: Development release
238           prerelease: true
239           files: /tmp/artifacts/**/*.(deb|rpm|exe)
240         if: startsWith(github.ref, 'refs/heads/')
241
242       - name: Publish packages (release)
243         uses: softprops/action-gh-release@v1
244         with:
245           files: |
246             /tmp/artifacts/**/*.deb
247             /tmp/artifacts/**/*.rpm
248             /tmp/artifacts/**/*.exe
249         if: startsWith(github.ref, 'refs/tags/')
250
251   macos:
252     runs-on: macos-latest
253     timeout-minutes: 20
254
255     steps:
256       - name: Checkout code
257         uses: actions/checkout@v1
258
259       - name: Install build deps
260         run: sh .ci/deps.sh
261
262       - name: Run tests with default settings
263         run: sh .ci/test/run.sh default
264
265       - name: Run tests without legacy protocol
266         run: sh .ci/test/run.sh nolegacy
267         if: always()
268
269       - name: Run tests with libgcrypt
270         run: sh .ci/test/run.sh gcrypt
271         if: always()
272
273       - name: Upload test results
274         uses: actions/upload-artifact@v2
275         with:
276           name: tests_macos
277           path: /tmp/logs/tests.*.tar.gz
278         if: always()
279
280   mingw:
281     runs-on: windows-latest
282     timeout-minutes: 30
283
284     steps:
285       - name: Install msys2
286         uses: msys2/setup-msys2@v2
287         with:
288           update: true
289           # https://packages.msys2.org/package/
290           install: >-
291             base-devel
292             mingw-w64-x86_64-meson
293             mingw-w64-x86_64-pkgconf
294             mingw-w64-x86_64-gcc
295             mingw-w64-x86_64-openssl
296             mingw-w64-x86_64-libgcrypt
297             mingw-w64-x86_64-zlib
298             mingw-w64-x86_64-lzo2
299             mingw-w64-x86_64-lz4
300             mingw-w64-x86_64-ncurses
301             mingw-w64-x86_64-miniupnpc
302             mingw-w64-x86_64-nsis
303             git
304             openbsd-netcat
305             procps
306
307       - name: Checkout code
308         uses: actions/checkout@v1
309
310       - name: Run tests with default settings
311         shell: msys2 {0}
312         run: sh .ci/test/run.sh default
313
314       - name: Create installer
315         shell: msys2 {0}
316         run: sh .ci/package/build.sh
317         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
318         continue-on-error: true
319
320       - name: Upload package
321         uses: actions/upload-artifact@v2
322         with:
323           name: pkg-windows
324           path: .ci/package/win/tinc-*.exe
325         continue-on-error: true
326
327       - name: Run tests without legacy protocol
328         shell: msys2 {0}
329         run: sh .ci/test/run.sh nolegacy
330         if: always()
331
332       - name: Run tests with libgcrypt
333         shell: msys2 {0}
334         run: sh .ci/test/run.sh gcrypt
335         if: always()
336
337       - name: Upload test results
338         uses: actions/upload-artifact@v2
339         with:
340           name: tests_windows
341           path: /tmp/logs/tests.*.tar.gz
342         if: always()
343
344   msvc:
345     runs-on: windows-latest
346     timeout-minutes: 30
347
348     strategy:
349       fail-fast: false
350       matrix:
351         target:
352           - { build: amd64, host: amd64, test: test }
353           - { build: amd64, host: x86, test: test }
354           - { build: amd64, host: arm64, test: notest }
355
356     env:
357       HOST_ARCH: ${{ matrix.target.host }}
358       BUILD_ARCH: ${{ matrix.target.build }}
359
360     steps:
361       - name: Install meson
362         run: pip3 install meson
363
364       - name: Checkout code
365         uses: actions/checkout@v1
366
367       - name: Activate dev environment
368         uses: ilammy/msvc-dev-cmd@v1
369         with:
370           arch: ${{ matrix.target.build == matrix.target.host && matrix.target.host || format('{0}_{1}', matrix.target.build, matrix.target.host) }}
371
372       - name: Build (nolegacy)
373         run: .ci\windows\build.cmd nolegacy
374
375       - name: Test (nolegacy)
376         run: .ci\windows\test.cmd nolegacy
377         if: always() && matrix.target.test == 'test'
378
379       - name: Build (OpenSSL)
380         run: .ci\windows\build.cmd openssl
381         if: always()
382
383       - name: Test (OpenSSL)
384         run: .ci\windows\test.cmd openssl
385         if: always() && matrix.target.test == 'test'
tinc, the VPN daemon