tinc-vpn.org Git - tinc/blob - .github/workflows/test.yml

   1 name: Test
   2
   3 on:
   4   push:
   5   pull_request:
   6     types:
   7       - opened
   8       - synchronize
   9
  10 jobs:
  11   cross:
  12     runs-on: ubuntu-latest
  13     timeout-minutes: 30
  14     strategy:
  15       fail-fast: false
  16       matrix:
  17         arch:
  18           - armhf
  19           - mipsel
  20           - mingw
  21
  22     container:
  23       image: debian:bullseye
  24       options: --privileged
  25
  26     steps:
  27       - name: Checkout code
  28         uses: actions/checkout@v1
  29
  30       - name: Install deps
  31         run: HOST=${{ matrix.arch }} sh .ci/deps.sh
  32
  33       - name: Prepare the system
  34         run: HOST=${{ matrix.arch }} sh .ci/test/prepare.sh
  35
  36       - name: Run tests with default settings
  37         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default
  38
  39       - name: Run tests without legacy protocol
  40         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy
  41         if: always()
  42
  43       - name: Run tests with libgcrypt
  44         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt
  45
  46       - name: Upload test results
  47         uses: actions/upload-artifact@v2
  48         with:
  49           name: tests_cross_${{ matrix.arch }}
  50           path: /tmp/logs/tests.*.tar.gz
  51         if: always()
  52
  53   static-analysis:
  54     runs-on: ubuntu-latest
  55     timeout-minutes: 30
  56     steps:
  57       - name: Checkout code
  58         uses: actions/checkout@v1
  59
  60       - name: Install tools
  61         run: |
  62           sudo apt-get install -y astyle clang-tidy-$CLANG
  63           sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-$CLANG 100
  64           curl -OL "https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK/shellcheck-v${SHELLCHECK}.linux.x86_64.tar.xz"
  65           tar -C ~ --strip-components=1 --wildcards -xf ./shellcheck-*.tar.xz 'shellcheck-*/shellcheck'
  66           curl -o ~/shfmt -L "https://github.com/mvdan/sh/releases/download/v$SHFMT/shfmt_v${SHFMT}_linux_amd64"
  67           chmod 755 ~/shfmt ~/shellcheck
  68           pip3 install --user compiledb
  69         env:
  70           CLANG: 11
  71           SHELLCHECK: 0.7.2
  72           SHFMT: 3.3.0
  73
  74       - name: Install deps
  75         run: sudo sh .ci/deps.sh
  76
  77       - name: Run clang-tidy
  78         run: sh .ci/tidy/run.sh
  79         if: always()
  80
  81       - name: Check code formatting
  82         run: "! astyle --exclude=build -r --options=.astylerc --dry-run --formatted '*.c' '*.h' | grep '^Formatted'"
  83         if: always()
  84
  85       - name: Check scripts formatting
  86         run: find -type f -regextype egrep -regex '.+\.(sh|sh\.in|test)$' -exec ~/shfmt -d -i 2 -s '{}' +
  87         if: always()
  88
  89       - name: Run static analysis on scripts
  90         run: find -type f -regextype egrep -regex '.+\.sh(\.in)?$' -exec shellcheck -x '{}' +
  91         if: always()
  92
  93       - name: Run static analysis on tests
  94         run: find -type f -name '*.test' -execdir shellcheck -x '{}' +
  95         if: always()
  96
  97       - name: Check warnings (gcc)
  98         run: bash .ci/warn/run.sh
  99         env:
 100           CC: gcc-10
 101         if: always()
 102
 103       - name: Check warnings (clang)
 104         run: bash .ci/warn/run.sh
 105         env:
 106           CC: clang-12
 107         if: always()
 108
 109   sanitizer:
 110     runs-on: ubuntu-latest
 111     timeout-minutes: 30
 112     strategy:
 113       fail-fast: false
 114       matrix:
 115         sanitizer:
 116           - address
 117           - thread
 118           - undefined
 119     env:
 120       SANITIZER: "${{ matrix.sanitizer }}"
 121
 122     steps:
 123       - name: Checkout code
 124         uses: actions/checkout@v1
 125
 126       - name: Install deps
 127         run: sudo sh .ci/deps.sh
 128
 129       - name: Run tests with OpenSSL 3
 130         run: bash .ci/sanitizers/run.sh openssl3
 131
 132       - name: Sanitize tests with default settings
 133         run: bash .ci/sanitizers/run.sh default
 134
 135       - name: Sanitize tests without legacy protocol
 136         run: bash .ci/sanitizers/run.sh nolegacy
 137         if: always()
 138
 139       - name: Upload test results
 140         uses: actions/upload-artifact@v2
 141         with:
 142           name: tests_sanitizer_${{ matrix.sanitizer }}
 143           path: /tmp/logs/tests.*.tar.gz
 144         if: always()
 145
 146   linux:
 147     runs-on: ubuntu-latest
 148     timeout-minutes: 30
 149     strategy:
 150       fail-fast: false
 151       matrix:
 152         os:
 153           - alpine
 154           - centos:7 # aka RHEL 7
 155           - almalinux:8 # aka RHEL 8
 156           - fedora
 157           - debian:buster
 158           - debian:bullseye
 159           - debian:testing
 160           - ubuntu # current LTS
 161           - ubuntu:rolling # latest
 162     container:
 163       image: ${{ matrix.os }}
 164       options: --privileged
 165       env:
 166         CI: 1
 167     steps:
 168       - name: Checkout code
 169         uses: actions/checkout@v1
 170
 171       - name: Install deps
 172         run: sh .ci/deps.sh
 173
 174       - name: Assign name for test results artifact
 175         run: echo ARTIFACT="$(echo '${{ matrix.os }}' | sed 's|[:/]|_|g')" >>"$GITHUB_ENV"
 176
 177       - name: Create a non-privileged user
 178         run: sh .ci/test/prepare.sh
 179
 180       - name: Run tests with OpenSSL 3
 181         run: sudo -u build CI=1 sh .ci/test/run.sh openssl3
 182
 183       - name: Run tests with default settings
 184         run: sudo -u build CI=1 sh .ci/test/run.sh default
 185
 186       - name: Run tests without legacy protocol
 187         run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy
 188         if: always()
 189
 190       - name: Run tests with libgcrypt
 191         run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt
 192
 193       - name: Upload test results
 194         uses: actions/upload-artifact@v2
 195         with:
 196           name: tests_${{ env.ARTIFACT }}
 197           path: /tmp/logs/tests.*.tar.gz
 198         if: always()
 199
 200       - name: Build package
 201         run: sh .ci/package/build.sh
 202         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 203
 204       - name: Upload package
 205         uses: actions/upload-artifact@v2
 206         with:
 207           name: pkg-${{ env.ARTIFACT }}
 208           path: |
 209             *.deb
 210             ~/rpmbuild/RPMS/*/*.rpm
 211
 212   pkg-publish:
 213     if: always() && (github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-'))
 214     runs-on: ubuntu-latest
 215     needs:
 216       - linux
 217       - windows
 218
 219     steps:
 220       - name: Create artifact directory
 221         run: mkdir -p /tmp/artifacts
 222
 223       - name: Download packages
 224         uses: actions/download-artifact@v2
 225         with:
 226           path: /tmp/artifacts
 227
 228       - name: Publish packages (dev)
 229         uses: marvinpinto/action-automatic-releases@latest
 230         with:
 231           repo_token: ${{ secrets.GITHUB_TOKEN }}
 232           automatic_release_tag: latest
 233           title: Development release
 234           prerelease: true
 235           files: /tmp/artifacts/**/*.(deb|rpm|exe)
 236         if: startsWith(github.ref, 'refs/heads/')
 237
 238       - name: Publish packages (release)
 239         uses: softprops/action-gh-release@v1
 240         with:
 241           files: |
 242             /tmp/artifacts/**/*.deb
 243             /tmp/artifacts/**/*.rpm
 244             /tmp/artifacts/**/*.exe
 245         if: startsWith(github.ref, 'refs/tags/')
 246
 247   macos:
 248     runs-on: macos-latest
 249     timeout-minutes: 20
 250
 251     steps:
 252       - name: Checkout code
 253         uses: actions/checkout@v1
 254
 255       - name: Install build deps
 256         run: sh .ci/deps.sh
 257
 258       - name: Run tests with default settings
 259         run: sh .ci/test/run.sh default
 260
 261       - name: Run tests without legacy protocol
 262         run: sh .ci/test/run.sh nolegacy
 263         if: always()
 264
 265       - name: Run tests with libgcrypt
 266         run: sh .ci/test/run.sh gcrypt
 267
 268       - name: Upload test results
 269         uses: actions/upload-artifact@v2
 270         with:
 271           name: tests_macos
 272           path: /tmp/logs/tests.*.tar.gz
 273         if: always()
 274
 275   windows:
 276     runs-on: windows-latest
 277     timeout-minutes: 30
 278
 279     steps:
 280       - name: Install msys2
 281         uses: msys2/setup-msys2@v2
 282         with:
 283           update: true
 284           # https://packages.msys2.org/package/
 285           install: >-
 286             base-devel
 287             mingw-w64-x86_64-meson
 288             mingw-w64-x86_64-pkgconf
 289             mingw-w64-x86_64-gcc
 290             mingw-w64-x86_64-openssl
 291             mingw-w64-x86_64-libgcrypt
 292             mingw-w64-x86_64-zlib
 293             mingw-w64-x86_64-lzo2
 294             mingw-w64-x86_64-lz4
 295             mingw-w64-x86_64-ncurses
 296             mingw-w64-x86_64-miniupnpc
 297             mingw-w64-x86_64-nsis
 298             git
 299             openbsd-netcat
 300             procps
 301
 302       - name: Checkout code
 303         uses: actions/checkout@v1
 304
 305       - name: Run tests with default settings
 306         shell: msys2 {0}
 307         run: sh .ci/test/run.sh default
 308
 309       - name: Create installer
 310         shell: msys2 {0}
 311         run: sh .ci/package/build.sh
 312         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 313
 314       - name: Upload package
 315         uses: actions/upload-artifact@v2
 316         with:
 317           name: pkg-windows
 318           path: .ci/package/win/tinc-*.exe
 319
 320       - name: Run tests without legacy protocol
 321         shell: msys2 {0}
 322         run: sh .ci/test/run.sh nolegacy
 323         if: always()
 324
 325       - name: Run tests with libgcrypt
 326         shell: msys2 {0}
 327         run: sh .ci/test/run.sh gcrypt
 328
 329       - name: Upload test results
 330         uses: actions/upload-artifact@v2
 331         with:
 332           name: tests_windows
 333           path: /tmp/logs/tests.*.tar.gz
 334         if: always()