tinc-vpn.org Git - tinc/blob - .github/workflows/test.yml

   1 name: Test
   2
   3 concurrency:
   4   group: test-${{ github.head_ref }}
   5   cancel-in-progress: true
   6
   7 on:
   8   push:
   9   pull_request:
  10     types:
  11       - opened
  12       - synchronize
  13
  14 jobs:
  15   cross:
  16     runs-on: ubuntu-22.04
  17     timeout-minutes: 30
  18     strategy:
  19       fail-fast: false
  20       matrix:
  21         arch:
  22           - armhf
  23           - mipsel
  24           - mingw
  25
  26     container:
  27       image: debian:bullseye
  28       options: --privileged
  29
  30     steps:
  31       - name: Checkout code
  32         uses: actions/checkout@v1
  33
  34       - name: Install deps
  35         run: HOST=${{ matrix.arch }} sh .ci/deps.sh
  36
  37       - name: Prepare the system
  38         run: HOST=${{ matrix.arch }} sh .ci/test/prepare.sh
  39
  40       - name: Run tests with default settings
  41         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default
  42
  43       - name: Run tests without legacy protocol
  44         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy
  45         if: always()
  46
  47       - name: Run tests with libgcrypt
  48         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt
  49         if: always()
  50
  51       - name: Upload test results
  52         uses: actions/upload-artifact@v2
  53         with:
  54           name: tests_cross_${{ matrix.arch }}
  55           path: /tmp/logs/tests.*.tar.gz
  56         if: always()
  57
  58   muon:
  59     runs-on: ubuntu-22.04
  60     timeout-minutes: 20
  61     container:
  62       image: debian:bullseye-slim
  63       env:
  64         CI: 1
  65
  66     steps:
  67       - name: Checkout code
  68         uses: actions/checkout@v1
  69
  70       - name: Install dependencies
  71         run: SKIP_OPENSSL3=1 SKIP_MESON=1 .ci/deps.sh libpkgconf-dev
  72
  73       - name: Compatibility with muon
  74         run: ./.ci/muon/run.sh
  75
  76   analysis:
  77     runs-on: ubuntu-22.04
  78     timeout-minutes: 30
  79     steps:
  80       - name: Checkout tinc
  81         uses: actions/checkout@v3
  82         with:
  83           fetch-depth: 0
  84
  85       - name: Install dependencies
  86         run: sudo SKIP_OPENSSL3=1 .ci/deps.sh autoconf automake iperf3
  87
  88       - name: Compatibility with older versions of tinc
  89         run: sudo ./.ci/compat/run.sh
  90         if: always()
  91
  92       - name: Install tools
  93         run: |
  94           sudo apt-get install -y astyle clang-tidy-$CLANG
  95           sudo update-alternatives --install /usr/bin/clang-tidy     clang-tidy     /usr/bin/clang-tidy-$CLANG     100
  96           sudo update-alternatives --install /usr/bin/run-clang-tidy run-clang-tidy /usr/bin/run-clang-tidy-$CLANG 100
  97           curl -OL "https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK/shellcheck-v${SHELLCHECK}.linux.x86_64.tar.xz"
  98           tar -C ~ --strip-components=1 --wildcards -xf ./shellcheck-*.tar.xz 'shellcheck-*/shellcheck'
  99           curl -o ~/shfmt -L "https://github.com/mvdan/sh/releases/download/v$SHFMT/shfmt_v${SHFMT}_linux_amd64"
 100           chmod 755 ~/shfmt ~/shellcheck
 101           python3 -m venv /tmp/venv
 102           . /tmp/venv/bin/activate
 103           pip3 install black pylint mypy markflow
 104         env:
 105           CLANG: 11
 106           SHELLCHECK: 0.8.0
 107           SHFMT: 3.5.0
 108         if: always()
 109
 110       - name: Lint/typecheck/check formatting on C/shell/Python code
 111         run: |
 112           . /tmp/venv/bin/activate
 113           PATH=$PATH:$HOME ./lint.py
 114         if: always()
 115
 116       - name: Check warnings (clang)
 117         run: bash .ci/warn/run.sh
 118         env:
 119           CC: clang-12
 120         if: always()
 121
 122       - name: Check warnings (gcc)
 123         run: bash .ci/warn/run.sh
 124         env:
 125           CC: gcc-11
 126         if: always()
 127
 128       - name: Archive test results
 129         run: sudo tar -caf tests.tar.gz /usr/local/etc
 130         continue-on-error: true
 131         if: always()
 132
 133       - name: Upload test results
 134         uses: actions/upload-artifact@v2
 135         with:
 136           name: tests_compat
 137           path: tests.tar.gz
 138         if: always()
 139
 140   sanitizer:
 141     runs-on: ubuntu-22.04
 142     timeout-minutes: 30
 143     strategy:
 144       fail-fast: false
 145       matrix:
 146         sanitizer:
 147           - address
 148           - thread
 149           - undefined
 150     env:
 151       SANITIZER: "${{ matrix.sanitizer }}"
 152
 153     steps:
 154       - name: Checkout code
 155         uses: actions/checkout@v1
 156
 157       - name: Install deps
 158         run: |
 159           sudo sh .ci/deps.sh
 160           sudo pip3 install --upgrade cryptography
 161
 162       - name: Run tests with OpenSSL 3
 163         run: bash .ci/sanitizers/run.sh openssl3
 164         if: always()
 165
 166       - name: Sanitize tests with default settings
 167         run: bash .ci/sanitizers/run.sh default
 168         if: always()
 169
 170       - name: Sanitize tests without legacy protocol
 171         run: bash .ci/sanitizers/run.sh nolegacy
 172         if: always()
 173
 174       - name: Run tests with libgcrypt
 175         run: bash .ci/sanitizers/run.sh gcrypt
 176         if: always()
 177
 178       - name: Upload test results
 179         uses: actions/upload-artifact@v2
 180         with:
 181           name: tests_sanitizer_${{ matrix.sanitizer }}
 182           path: /tmp/logs/tests.*.tar.gz
 183         if: always()
 184
 185   linux:
 186     runs-on: ubuntu-22.04
 187     timeout-minutes: 30
 188     strategy:
 189       fail-fast: false
 190       matrix:
 191         os:
 192           - alpine
 193           - alpine:edge
 194           - centos:7 # aka RHEL 7
 195           - almalinux:8 # aka RHEL 8
 196           - almalinux:9 # aka RHEL 9
 197           - fedora
 198           - debian:buster
 199           - debian:bullseye
 200           - debian:testing
 201           - ubuntu # current LTS
 202           - ubuntu:rolling # latest
 203     container:
 204       image: ${{ matrix.os }}
 205       options: --privileged
 206       env:
 207         CI: 1
 208     steps:
 209       - name: Checkout code
 210         uses: actions/checkout@v1
 211
 212       - name: Install deps
 213         run: sh .ci/deps.sh
 214
 215       - name: Assign name for test results artifact
 216         run: echo ARTIFACT="$(echo '${{ matrix.os }}' | sed 's|[:/]|_|g')" >>"$GITHUB_ENV"
 217
 218       - name: Create a non-privileged user
 219         run: sh .ci/test/prepare.sh
 220
 221       - name: Run tests with OpenSSL 3
 222         run: sudo -u build CI=1 sh .ci/test/run.sh openssl3
 223
 224       - name: Run tests with default settings
 225         run: sudo -u build CI=1 sh .ci/test/run.sh default
 226         if: always()
 227
 228       - name: Run tests without legacy protocol
 229         run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy
 230         if: always()
 231
 232       - name: Run tests with libgcrypt
 233         run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt
 234         if: always()
 235
 236       - name: Upload test results
 237         uses: actions/upload-artifact@v2
 238         with:
 239           name: tests_${{ env.ARTIFACT }}
 240           path: /tmp/logs/tests.*.tar.gz
 241         if: always()
 242
 243       - name: Build package
 244         run: sh .ci/package/build.sh
 245         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 246         continue-on-error: true
 247
 248       - name: Upload package
 249         uses: actions/upload-artifact@v2
 250         with:
 251           name: pkg-${{ env.ARTIFACT }}
 252           path: |
 253             *.deb
 254             ~/rpmbuild/RPMS/*/*.rpm
 255         continue-on-error: true
 256
 257   pkg-publish:
 258     if: always() && (github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-'))
 259     runs-on: ubuntu-22.04
 260     continue-on-error: true
 261     needs:
 262       - linux
 263       - mingw
 264
 265     steps:
 266       - name: Create artifact directory
 267         run: mkdir -p /tmp/artifacts
 268
 269       - name: Download packages
 270         uses: actions/download-artifact@v2
 271         with:
 272           path: /tmp/artifacts
 273
 274       - name: Publish packages (dev)
 275         uses: marvinpinto/action-automatic-releases@latest
 276         with:
 277           repo_token: ${{ secrets.GITHUB_TOKEN }}
 278           automatic_release_tag: latest
 279           title: Development release
 280           prerelease: true
 281           files: /tmp/artifacts/**/*.(deb|rpm|exe)
 282         if: startsWith(github.ref, 'refs/heads/')
 283
 284       - name: Publish packages (release)
 285         uses: softprops/action-gh-release@v1
 286         with:
 287           files: |
 288             /tmp/artifacts/**/*.deb
 289             /tmp/artifacts/**/*.rpm
 290             /tmp/artifacts/**/*.exe
 291         if: startsWith(github.ref, 'refs/tags/')
 292
 293   macos:
 294     runs-on: macos-12
 295     timeout-minutes: 20
 296
 297     steps:
 298       - name: Checkout code
 299         uses: actions/checkout@v1
 300
 301       - name: Install build deps
 302         run: sh .ci/deps.sh
 303
 304       - name: Run tests with default settings
 305         run: sh .ci/test/run.sh default
 306
 307       - name: Run tests without legacy protocol
 308         run: sh .ci/test/run.sh nolegacy
 309         if: always()
 310
 311       - name: Run tests with libgcrypt
 312         run: sh .ci/test/run.sh gcrypt
 313         if: always()
 314
 315       - name: Upload test results
 316         uses: actions/upload-artifact@v2
 317         with:
 318           name: tests_macos
 319           path: /tmp/logs/tests.*.tar.gz
 320         if: always()
 321
 322   mingw:
 323     runs-on: windows-latest
 324     timeout-minutes: 30
 325
 326     steps:
 327       - name: Install msys2
 328         uses: msys2/setup-msys2@v2
 329         with:
 330           update: true
 331           # https://packages.msys2.org/package/
 332           install: >-
 333             base-devel
 334             mingw-w64-x86_64-meson
 335             mingw-w64-x86_64-pkgconf
 336             mingw-w64-x86_64-gcc
 337             mingw-w64-x86_64-openssl
 338             mingw-w64-x86_64-libgcrypt
 339             mingw-w64-x86_64-zlib
 340             mingw-w64-x86_64-lzo2
 341             mingw-w64-x86_64-lz4
 342             mingw-w64-x86_64-ncurses
 343             mingw-w64-x86_64-miniupnpc
 344             mingw-w64-x86_64-nsis
 345             git
 346             openbsd-netcat
 347             procps
 348
 349       - name: Checkout code
 350         uses: actions/checkout@v1
 351
 352       - name: Run tests with default settings
 353         shell: msys2 {0}
 354         run: sh .ci/test/run.sh default
 355
 356       - name: Create installer
 357         shell: msys2 {0}
 358         run: sh .ci/package/build.sh
 359         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 360         continue-on-error: true
 361
 362       - name: Upload package
 363         uses: actions/upload-artifact@v2
 364         with:
 365           name: pkg-windows
 366           path: .ci/package/win/tinc-*.exe
 367         continue-on-error: true
 368
 369       - name: Run tests without legacy protocol
 370         shell: msys2 {0}
 371         run: sh .ci/test/run.sh nolegacy
 372         if: always()
 373
 374       - name: Run tests with libgcrypt
 375         shell: msys2 {0}
 376         run: sh .ci/test/run.sh gcrypt
 377         if: always()
 378
 379       - name: Upload test results
 380         uses: actions/upload-artifact@v2
 381         with:
 382           name: tests_windows
 383           path: /tmp/logs/tests.*.tar.gz
 384         if: always()
 385
 386   msvc:
 387     runs-on: windows-latest
 388     timeout-minutes: 30
 389
 390     strategy:
 391       fail-fast: false
 392       matrix:
 393         target:
 394           - { build: amd64, host: amd64, test: test }
 395           - { build: amd64, host: x86, test: test }
 396           - { build: amd64, host: arm64, test: notest }
 397
 398     env:
 399       HOST_ARCH: ${{ matrix.target.host }}
 400       BUILD_ARCH: ${{ matrix.target.build }}
 401
 402     steps:
 403       - name: Install meson
 404         run: pip3 install meson
 405
 406       - name: Checkout code
 407         uses: actions/checkout@v1
 408
 409       - name: Activate dev environment
 410         uses: ilammy/msvc-dev-cmd@v1
 411         with:
 412           arch: ${{ matrix.target.build == matrix.target.host && matrix.target.host || format('{0}_{1}', matrix.target.build, matrix.target.host) }}
 413
 414       - name: Build (nolegacy)
 415         run: .ci\windows\build.cmd nolegacy
 416
 417       - name: Test (nolegacy)
 418         run: .ci\windows\test.cmd nolegacy
 419         if: always() && matrix.target.test == 'test'
 420
 421       - name: Build (OpenSSL)
 422         run: .ci\windows\build.cmd openssl
 423         if: always()
 424
 425       - name: Test (OpenSSL)
 426         run: .ci\windows\test.cmd openssl
 427         if: always() && matrix.target.test == 'test'