tinc-vpn.org Git - tinc/blob - .github/workflows/test.yml

   1 name: Test
   2
   3 on:
   4   push:
   5   pull_request:
   6     types:
   7       - opened
   8       - synchronize
   9
  10 jobs:
  11   cross:
  12     runs-on: ubuntu-latest
  13     timeout-minutes: 30
  14     strategy:
  15       fail-fast: false
  16       matrix:
  17         arch:
  18           - armhf
  19           - mipsel
  20
  21     container:
  22       image: debian:bullseye
  23       options: --privileged
  24
  25     steps:
  26       - name: Checkout code
  27         uses: actions/checkout@v1
  28
  29       - name: Install deps
  30         run: HOST=${{ matrix.arch }} sh .ci/deps.sh
  31
  32       - name: Prepare the system
  33         run: |
  34           sh .ci/test/prepare.sh
  35           update-binfmts --enable
  36           rm -f /dev/net/tun
  37
  38       - name: Run tests with default settings
  39         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default
  40
  41       - name: Run tests without legacy protocol
  42         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh nolegacy
  43         if: always()
  44
  45       - name: Run tests with libgcrypt
  46         run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh gcrypt
  47
  48       - name: Upload test results
  49         uses: actions/upload-artifact@v2
  50         with:
  51           name: tests_cross_${{ matrix.arch }}
  52           path: /tmp/logs/tests.*.tar.gz
  53         if: always()
  54
  55   static-analysis:
  56     runs-on: ubuntu-latest
  57     timeout-minutes: 30
  58     steps:
  59       - name: Checkout code
  60         uses: actions/checkout@v1
  61
  62       - name: Install tools
  63         run: |
  64           sudo apt-get install -y astyle clang-tidy-$CLANG
  65           sudo update-alternatives --install /usr/bin/clang-tidy clang-tidy /usr/bin/clang-tidy-$CLANG 100
  66           curl -OL "https://github.com/koalaman/shellcheck/releases/download/v$SHELLCHECK/shellcheck-v${SHELLCHECK}.linux.x86_64.tar.xz"
  67           tar -C ~ --strip-components=1 --wildcards -xf ./shellcheck-*.tar.xz 'shellcheck-*/shellcheck'
  68           curl -o ~/shfmt -L "https://github.com/mvdan/sh/releases/download/v$SHFMT/shfmt_v${SHFMT}_linux_amd64"
  69           chmod 755 ~/shfmt ~/shellcheck
  70           pip3 install --user compiledb
  71         env:
  72           CLANG: 11
  73           SHELLCHECK: 0.7.2
  74           SHFMT: 3.3.0
  75
  76       - name: Install deps
  77         run: sudo sh .ci/deps.sh
  78
  79       - name: Configure and compile
  80         run: |
  81           autoreconf -fsi
  82           ./configure $(sh .ci/conf.sh)
  83
  84       - name: Run clang-tidy
  85         run: sh .ci/tidy/run.sh
  86         if: always()
  87
  88       - name: Check code formatting
  89         run: "! astyle -r --options=.astylerc --dry-run --formatted '*.c' '*.h' | grep '^Formatted'"
  90         if: always()
  91
  92       - name: Check scripts formatting
  93         run: find -type f -regextype egrep -regex '.+\.(sh|sh\.in|test)$' -exec ~/shfmt -d -i 2 -s '{}' +
  94         if: always()
  95
  96       - name: Run static analysis on scripts
  97         run: find -type f -regextype egrep -regex '.+\.sh(\.in)?$' -exec shellcheck -x '{}' +
  98         if: always()
  99
 100       - name: Run static analysis on tests
 101         run: find -type f -name '*.test' -execdir shellcheck -x '{}' +
 102         if: always()
 103
 104       - name: Check warnings (gcc)
 105         run: bash .ci/warn/run.sh
 106         env:
 107           CC: gcc
 108         if: always()
 109
 110       - name: Check warnings (clang)
 111         run: bash .ci/warn/run.sh
 112         env:
 113           CC: clang
 114         if: always()
 115
 116   sanitizer:
 117     runs-on: ubuntu-latest
 118     timeout-minutes: 30
 119     strategy:
 120       fail-fast: false
 121       matrix:
 122         sanitizer:
 123           - address
 124           - thread
 125           - undefined
 126     env:
 127       SANITIZER: "${{ matrix.sanitizer }}"
 128
 129     steps:
 130       - name: Checkout code
 131         uses: actions/checkout@v1
 132
 133       - name: Install deps
 134         run: sudo sh .ci/deps.sh
 135
 136       - name: Run tests with OpenSSL 3
 137         run: bash .ci/sanitizers/run.sh openssl3
 138
 139       - name: Sanitize tests with default settings
 140         run: bash .ci/sanitizers/run.sh default
 141
 142       - name: Sanitize tests without legacy protocol
 143         run: bash .ci/sanitizers/run.sh nolegacy
 144         if: always()
 145
 146       - name: Upload test results
 147         uses: actions/upload-artifact@v2
 148         with:
 149           name: tests_sanitizer_${{ matrix.sanitizer }}
 150           path: /tmp/logs/tests.*.tar.gz
 151         if: always()
 152
 153   linux:
 154     runs-on: ubuntu-latest
 155     timeout-minutes: 30
 156     strategy:
 157       fail-fast: false
 158       matrix:
 159         os:
 160           - alpine
 161           - centos:7 # aka RHEL 7
 162           - almalinux:8 # aka RHEL 8
 163           - fedora
 164           - debian:buster
 165           - debian:bullseye
 166           - debian:testing
 167           - ubuntu # current LTS
 168           - ubuntu:rolling # latest
 169     container:
 170       image: ${{ matrix.os }}
 171       options: --privileged
 172       env:
 173         CI: 1
 174     steps:
 175       - name: Checkout code
 176         uses: actions/checkout@v1
 177
 178       - name: Install deps
 179         run: sh .ci/deps.sh
 180
 181       - name: Assign name for test results artifact
 182         run: echo ARTIFACT="$(echo '${{ matrix.os }}' | sed 's|[:/]|_|g')" >>"$GITHUB_ENV"
 183
 184       - name: Create a non-privileged user
 185         run: sh .ci/test/prepare.sh
 186
 187       - name: Run tests with OpenSSL 3
 188         run: sudo -u build CI=1 sh .ci/test/run.sh openssl3
 189
 190       - name: Run tests with default settings
 191         run: sudo -u build CI=1 sh .ci/test/run.sh default
 192
 193       - name: Run tests without legacy protocol
 194         run: sudo -u build CI=1 sh .ci/test/run.sh nolegacy
 195         if: always()
 196
 197       - name: Run tests with libgcrypt
 198         run: sudo -u build CI=1 sh .ci/test/run.sh gcrypt
 199
 200       - name: Upload test results
 201         uses: actions/upload-artifact@v2
 202         with:
 203           name: tests_${{ env.ARTIFACT }}
 204           path: /tmp/logs/tests.*.tar.gz
 205         if: always()
 206
 207       - name: Build package
 208         run: sh .ci/package/build.sh
 209         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 210
 211       - name: Upload package
 212         uses: actions/upload-artifact@v2
 213         with:
 214           name: pkg-${{ env.ARTIFACT }}
 215           path: |
 216             *.deb
 217             ~/rpmbuild/RPMS/*/*.rpm
 218
 219   pkg-publish:
 220     if: always() && (github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-'))
 221     runs-on: ubuntu-latest
 222     needs:
 223       - linux
 224       - windows
 225
 226     steps:
 227       - name: Create artifact directory
 228         run: mkdir -p /tmp/artifacts
 229
 230       - name: Download packages
 231         uses: actions/download-artifact@v2
 232         with:
 233           path: /tmp/artifacts
 234
 235       - name: Publish packages (dev)
 236         uses: marvinpinto/action-automatic-releases@latest
 237         with:
 238           repo_token: ${{ secrets.GITHUB_TOKEN }}
 239           automatic_release_tag: latest
 240           title: Development release
 241           prerelease: true
 242           files: /tmp/artifacts/**/*.(deb|rpm|exe)
 243         if: startsWith(github.ref, 'refs/heads/')
 244
 245       - name: Publish packages (release)
 246         uses: softprops/action-gh-release@v1
 247         with:
 248           files: |
 249             /tmp/artifacts/**/*.deb
 250             /tmp/artifacts/**/*.rpm
 251             /tmp/artifacts/**/*.exe
 252         if: startsWith(github.ref, 'refs/tags/')
 253
 254   macos:
 255     runs-on: macos-latest
 256     timeout-minutes: 20
 257
 258     steps:
 259       - name: Checkout code
 260         uses: actions/checkout@v1
 261
 262       - name: Install build deps
 263         run: sh .ci/deps.sh
 264
 265       - name: Run tests with default settings
 266         run: sh .ci/test/run.sh default
 267
 268       - name: Run tests without legacy protocol
 269         run: sh .ci/test/run.sh nolegacy
 270         if: always()
 271
 272       - name: Run tests with libgcrypt
 273         run: sh .ci/test/run.sh gcrypt
 274
 275       - name: Upload test results
 276         uses: actions/upload-artifact@v2
 277         with:
 278           name: tests_macos
 279           path: /tmp/logs/tests.*.tar.gz
 280         if: always()
 281
 282   windows:
 283     runs-on: windows-latest
 284     timeout-minutes: 30
 285
 286     steps:
 287       - name: Install msys2
 288         uses: msys2/setup-msys2@v2
 289         with:
 290           update: true
 291           # https://packages.msys2.org/package/
 292           install: >-
 293             base-devel
 294             autoconf-wrapper
 295             automake-wrapper
 296             mingw-w64-x86_64-gcc
 297             mingw-w64-x86_64-openssl
 298             mingw-w64-x86_64-libgcrypt
 299             mingw-w64-x86_64-zlib
 300             mingw-w64-x86_64-lzo2
 301             mingw-w64-x86_64-lz4
 302             mingw-w64-x86_64-ncurses
 303             mingw-w64-x86_64-miniupnpc
 304             mingw-w64-x86_64-nsis
 305             git
 306             openbsd-netcat
 307             procps
 308
 309       - name: Checkout code
 310         uses: actions/checkout@v1
 311
 312       - name: Run tests with default settings
 313         shell: msys2 {0}
 314         run: sh .ci/test/run.sh default
 315
 316       - name: Create installer
 317         shell: msys2 {0}
 318         run: sh .ci/package/build.sh
 319         if: github.ref == 'refs/heads/1.1' || startsWith(github.ref, 'refs/tags/release-')
 320
 321       - name: Upload package
 322         uses: actions/upload-artifact@v2
 323         with:
 324           name: pkg-windows
 325           path: .ci/package/win/tinc-*.exe
 326
 327       - name: Run tests without legacy protocol
 328         shell: msys2 {0}
 329         run: sh .ci/test/run.sh nolegacy
 330         if: always()
 331
 332       - name: Run tests with libgcrypt
 333         shell: msys2 {0}
 334         run: sh .ci/test/run.sh gcrypt
 335
 336       - name: Upload test results
 337         uses: actions/upload-artifact@v2
 338         with:
 339           name: tests_windows
 340           path: /tmp/logs/tests.*.tar.gz
 341         if: always()