projects / tinc / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
CI: remove OpenSSL 3 from Fedora; add RHEL 9 & Alpine Edge
[tinc] / .github / workflows / test.yml
1 name: Test
2
3 on:
4   push:
5   pull_request:
6     types:
7       - opened
8       - synchronize
9
10 jobs:
11   cross:
12     runs-on: ubuntu-latest
13     timeout-minutes: 30
14     strategy:
15       fail-fast: false
16       matrix:
17         arch:
18           - armhf
19           - mipsel
20           - mingw
21
22     container:
23       image: debian:bullseye
24       options: --privileged
25
26     steps:
27       - name: Checkout code
28         uses: actions/checkout@v1
29
30       - name: Install deps
31         run: HOST=${{ matrix.arch }} sh .ci/deps.sh
32
33       - name: Prepare the system
34         run: HOST=${{ matrix.arch }} sh .ci/test/prepare.sh
35
36       - name: Run tests with default settings
37         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default
38
39       - name: Run tests without legacy protocol
40         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy
41         if: always()
42
43       - name: Run tests with libgcrypt
44         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt
45         if: always()
46
47       - name: Upload test results
48         uses: actions/upload-artifact@v2
49         with:
50           name: tests_cross_${{ matrix.arch }}
51           path: /tmp/logs/tests.*.tar.gz
52         if: always()
53
54   static-analysis:
55     runs-on: ubuntu-latest
56     timeout-minutes: 30
57     steps:
58       - name: Checkout code
59         uses: actions/checkout@v1
60
61       - name: Install tools
62         run: |
63           sudo apt-get install -y astyle clang-tidy-$CLANG
64           sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-$CLANG 100
65           curl -OL "https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK/shellcheck-v${SHELLCHECK}.linux.x86_64.tar.xz"
66           tar -C ~ --strip-components=1 --wildcards -xf ./shellcheck-*.tar.xz 'shellcheck-*/shellcheck'
67           curl -o ~/shfmt -L "https://github.com/mvdan/sh/releases/download/v$SHFMT/shfmt_v${SHFMT}_linux_amd64"
68           chmod 755 ~/shfmt ~/shellcheck
69           python3 -m venv /tmp/venv
70           . /tmp/venv/bin/activate
71           pip3 install black pylint mypy
72         env:
73           CLANG: 11
74           SHELLCHECK: 0.7.2
75           SHFMT: 3.3.0
76
77       - name: Install deps
78         run: sudo SKIP_OPENSSL3=1 sh .ci/deps.sh
79
80       - name: Lint/typecheck/check formatting on C/shell/Python code
81         run: |
82           . /tmp/venv/bin/activate
83           PATH=$PATH:$HOME ./lint.py
84         if: always()
85
86       - name: Run clang-tidy
87         run: sh .ci/tidy/run.sh
88         if: always()
89
90       - name: Check warnings (gcc)
91         run: bash .ci/warn/run.sh
92         env:
93           CC: gcc-10
94         if: always()
95
96       - name: Check warnings (clang)
97         run: bash .ci/warn/run.sh
98         env:
99           CC: clang-12
100         if: always()
101
102   sanitizer:
103     runs-on: ubuntu-latest
104     timeout-minutes: 30
105     strategy:
106       fail-fast: false
107       matrix:
108         sanitizer:
109           - address
110           - thread
111           - undefined
112     env:
113       SANITIZER: "${{ matrix.sanitizer }}"
114
115     steps:
116       - name: Checkout code
117         uses: actions/checkout@v1
118
119       - name: Install deps
120         run: sudo sh .ci/deps.sh
121
122       - name: Run tests with OpenSSL 3
123         run: bash .ci/sanitizers/run.sh openssl3
124         if: always()
125
126       - name: Sanitize tests with default settings
127         run: bash .ci/sanitizers/run.sh default
128         if: always()
129
130       - name: Sanitize tests without legacy protocol
131         run: bash .ci/sanitizers/run.sh nolegacy
132         if: always()
133
134       - name: Run tests with libgcrypt
135         run: bash .ci/sanitizers/run.sh gcrypt
136         if: always()
137
138       - name: Upload test results
139         uses: actions/upload-artifact@v2
140         with:
141           name: tests_sanitizer_${{ matrix.sanitizer }}
142           path: /tmp/logs/tests.*.tar.gz
143         if: always()
144
145   linux:
146     runs-on: ubuntu-latest
147     timeout-minutes: 30
148     strategy:
149       fail-fast: false
150       matrix:
151         os:
152           - alpine
153           - alpine:edge
154           - centos:7 # aka RHEL 7
155           - almalinux:8 # aka RHEL 8
156           - almalinux:9 # aka RHEL 9
157           - fedora
158           - debian:buster
159           - debian:bullseye
160           - debian:testing
161           - ubuntu # current LTS
162           - ubuntu:rolling # latest
163     container:
164       image: ${{ matrix.os }}
165       options: --privileged
166       env:
167         CI: 1
168     steps:
169       - name: Checkout code
170         uses: actions/checkout@v1
171
172       - name: Install deps
173         run: sh .ci/deps.sh
174
175       - name: Assign name for test results artifact
176         run: echo ARTIFACT="$(echo '${{ matrix.os }}' | sed 's|[:/]|_|g')" >>"$GITHUB_ENV"
177
178       - name: Create a non-privileged user
179         run: sh .ci/test/prepare.sh
180
181       - name: Run tests with OpenSSL 3
182         run: sudo -u build CI=1 sh .ci/test/run.sh openssl3
183
184       - name: Run tests with default settings
185         run: sudo -u build CI=1 sh .ci/test/run.sh default
186         if: always()
187
188       - name: Run tests without legacy protocol
189         run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy
190         if: always()
191
192       - name: Run tests with libgcrypt
193         run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt
194         if: always()
195
196       - name: Upload test results
197         uses: actions/upload-artifact@v2
198         with:
199           name: tests_${{ env.ARTIFACT }}
200           path: /tmp/logs/tests.*.tar.gz
201         if: always()
202
203       - name: Build package
204         run: sh .ci/package/build.sh
205         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
206         continue-on-error: true
207
208       - name: Upload package
209         uses: actions/upload-artifact@v2
210         with:
211           name: pkg-${{ env.ARTIFACT }}
212           path: |
213             *.deb
214             ~/rpmbuild/RPMS/*/*.rpm
215         continue-on-error: true
216
217   pkg-publish:
218     if: always() && (github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-'))
219     runs-on: ubuntu-latest
220     continue-on-error: true
221     needs:
222       - linux
223       - mingw
224
225     steps:
226       - name: Create artifact directory
227         run: mkdir -p /tmp/artifacts
228
229       - name: Download packages
230         uses: actions/download-artifact@v2
231         with:
232           path: /tmp/artifacts
233
234       - name: Publish packages (dev)
235         uses: marvinpinto/action-automatic-releases@latest
236         with:
237           repo_token: ${{ secrets.GITHUB_TOKEN }}
238           automatic_release_tag: latest
239           title: Development release
240           prerelease: true
241           files: /tmp/artifacts/**/*.(deb|rpm|exe)
242         if: startsWith(github.ref, 'refs/heads/')
243
244       - name: Publish packages (release)
245         uses: softprops/action-gh-release@v1
246         with:
247           files: |
248             /tmp/artifacts/**/*.deb
249             /tmp/artifacts/**/*.rpm
250             /tmp/artifacts/**/*.exe
251         if: startsWith(github.ref, 'refs/tags/')
252
253   macos:
254     runs-on: macos-latest
255     timeout-minutes: 20
256
257     steps:
258       - name: Checkout code
259         uses: actions/checkout@v1
260
261       - name: Install build deps
262         run: sh .ci/deps.sh
263
264       - name: Run tests with default settings
265         run: sh .ci/test/run.sh default
266
267       - name: Run tests without legacy protocol
268         run: sh .ci/test/run.sh nolegacy
269         if: always()
270
271       - name: Run tests with libgcrypt
272         run: sh .ci/test/run.sh gcrypt
273         if: always()
274
275       - name: Upload test results
276         uses: actions/upload-artifact@v2
277         with:
278           name: tests_macos
279           path: /tmp/logs/tests.*.tar.gz
280         if: always()
281
282   mingw:
283     runs-on: windows-latest
284     timeout-minutes: 30
285
286     steps:
287       - name: Install msys2
288         uses: msys2/setup-msys2@v2
289         with:
290           update: true
291           # https://packages.msys2.org/package/
292           install: >-
293             base-devel
294             mingw-w64-x86_64-meson
295             mingw-w64-x86_64-pkgconf
296             mingw-w64-x86_64-gcc
297             mingw-w64-x86_64-openssl
298             mingw-w64-x86_64-libgcrypt
299             mingw-w64-x86_64-zlib
300             mingw-w64-x86_64-lzo2
301             mingw-w64-x86_64-lz4
302             mingw-w64-x86_64-ncurses
303             mingw-w64-x86_64-miniupnpc
304             mingw-w64-x86_64-nsis
305             git
306             openbsd-netcat
307             procps
308
309       - name: Checkout code
310         uses: actions/checkout@v1
311
312       - name: Run tests with default settings
313         shell: msys2 {0}
314         run: sh .ci/test/run.sh default
315
316       - name: Create installer
317         shell: msys2 {0}
318         run: sh .ci/package/build.sh
319         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
320         continue-on-error: true
321
322       - name: Upload package
323         uses: actions/upload-artifact@v2
324         with:
325           name: pkg-windows
326           path: .ci/package/win/tinc-*.exe
327         continue-on-error: true
328
329       - name: Run tests without legacy protocol
330         shell: msys2 {0}
331         run: sh .ci/test/run.sh nolegacy
332         if: always()
333
334       - name: Run tests with libgcrypt
335         shell: msys2 {0}
336         run: sh .ci/test/run.sh gcrypt
337         if: always()
338
339       - name: Upload test results
340         uses: actions/upload-artifact@v2
341         with:
342           name: tests_windows
343           path: /tmp/logs/tests.*.tar.gz
344         if: always()
345
346   msvc:
347     runs-on: windows-latest
348     timeout-minutes: 30
349
350     strategy:
351       fail-fast: false
352       matrix:
353         target:
354           - { build: amd64, host: amd64, test: test }
355           - { build: amd64, host: x86, test: test }
356           - { build: amd64, host: arm64, test: notest }
357
358     env:
359       HOST_ARCH: ${{ matrix.target.host }}
360       BUILD_ARCH: ${{ matrix.target.build }}
361
362     steps:
363       - name: Install meson
364         run: pip3 install meson
365
366       - name: Checkout code
367         uses: actions/checkout@v1
368
369       - name: Activate dev environment
370         uses: ilammy/msvc-dev-cmd@v1
371         with:
372           arch: ${{ matrix.target.build == matrix.target.host && matrix.target.host || format('{0}_{1}', matrix.target.build, matrix.target.host) }}
373
374       - name: Build (nolegacy)
375         run: .ci\windows\build.cmd nolegacy
376
377       - name: Test (nolegacy)
378         run: .ci\windows\test.cmd nolegacy
379         if: always() && matrix.target.test == 'test'
380
381       - name: Build (OpenSSL)
382         run: .ci\windows\build.cmd openssl
383         if: always()
384
385       - name: Test (OpenSSL)
386         run: .ci\windows\test.cmd openssl
387         if: always() && matrix.target.test == 'test'
tinc, the VPN daemon