From 09dda64ce99668c918fada04b9ad6bf9cd2ab104 Mon Sep 17 00:00:00 2001 From: Kirill Isakov Date: Fri, 18 Mar 2022 23:19:38 +0600 Subject: [PATCH] GitHub CI: change build system to meson --- .ci/build.sh | 10 ++++++ .ci/conf.sh | 61 +++++++++----------------------- .ci/cross/linux/armhf | 4 +++ .ci/cross/linux/mipsel | 4 +++ .ci/cross/windows/amd64 | 17 +++++++++ .ci/deps.sh | 66 ++++++++++++++++++++++++++--------- .ci/package/deb/build.sh | 7 ++-- .ci/package/deb/debian/info | 1 - .ci/package/deb/debian/rules | 18 ++-------- .ci/package/rpm/build.sh | 19 +++------- .ci/package/rpm/tinc.spec | 18 +++++++--- .ci/package/win/build.sh | 2 +- .ci/package/win/installer.nsi | 4 +-- .ci/sanitizers/ignore.txt | 12 +++---- .ci/test/prepare.sh | 7 +++- .ci/test/run.sh | 55 +++++++++-------------------- .ci/tidy/run.sh | 9 ++--- .ci/warn/run.sh | 9 ++--- .clang-tidy | 1 + .github/workflows/test.yml | 21 ++++------- 20 files changed, 166 insertions(+), 179 deletions(-) create mode 100755 .ci/build.sh mode change 100644 => 100755 .ci/conf.sh create mode 100644 .ci/cross/linux/armhf create mode 100644 .ci/cross/linux/mipsel create mode 100644 .ci/cross/windows/amd64 delete mode 100644 .ci/package/deb/debian/info diff --git a/.ci/build.sh b/.ci/build.sh new file mode 100755 index 00000000..7be77ce3 --- /dev/null +++ b/.ci/build.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +set -eux + +flags=$(./.ci/conf.sh "$@") + +# shellcheck disable=SC2086 +meson setup build $flags + +ninja -C build diff --git a/.ci/conf.sh b/.ci/conf.sh old mode 100644 new mode 100755 index d075aba5..324331fb --- a/.ci/conf.sh +++ b/.ci/conf.sh @@ -1,67 +1,38 @@ #!/bin/sh -set -eu +set -eux add_flag() { printf ' %s ' "$@" } conf_linux() { - . /etc/os-release - - if type rpm >&2; then - # CentOS 7 has OpenSSL 1.1 installed in a non-default location. - if [ -d /usr/include/openssl11 ]; then - add_flag --with-openssl-include=/usr/include/openssl11 - fi - - if [ -d /usr/lib64/openssl11 ]; then - add_flag --with-openssl-lib=/usr/lib64/openssl11 - fi - - # RHEL 8 does not ship miniupnpc. - if rpm -q miniupnpc-devel >&2; then - add_flag --enable-miniupnpc - fi + HOST="${HOST:-nonexistent}" + if [ "$HOST" = mingw ]; then + cross=".ci/cross/windows/amd64" else - # vde2 is available everywhere except the RHEL family. - add_flag --enable-vde + cross=".ci/cross/linux/$HOST" fi - - # Cross-compilation. - if [ -n "${HOST:-}" ]; then - case "$HOST" in - armhf) triplet=arm-linux-gnueabihf ;; - mipsel) triplet=mipsel-linux-gnu ;; - *) exit 1 ;; - esac - - add_flag --host="$triplet" + if [ -f "$cross" ]; then + add_flag --cross-file "$cross" fi - - add_flag --enable-uml "$@" + add_flag -Dminiupnpc=auto -Duml=true } conf_windows() { - add_flag \ - --enable-miniupnpc \ - --disable-readline \ - --with-curses-include=/mingw64/include/ncurses \ - "$@" + add_flag -Dminiupnpc=auto } conf_macos() { - add_flag \ - --with-openssl="$(brew --prefix openssl)" \ - --with-miniupnpc="$(brew --prefix miniupnpc)" \ - --enable-tunemu \ - --enable-miniupnpc \ - "$@" + openssl=$(brew --prefix openssl) + add_flag -Dminiupnpc=auto -Dpkg_config_path="$openssl/lib/pkgconfig" } +add_flag -Dbuildtype=release "$@" + case "$(uname -s)" in -Linux) conf_linux "$@" ;; -MINGW*) conf_windows "$@" ;; -Darwin) conf_macos "$@" ;; +Linux) conf_linux ;; +MINGW*) conf_windows ;; +Darwin) conf_macos ;; *) exit 1 ;; esac diff --git a/.ci/cross/linux/armhf b/.ci/cross/linux/armhf new file mode 100644 index 00000000..f87447ef --- /dev/null +++ b/.ci/cross/linux/armhf @@ -0,0 +1,4 @@ +[binaries] +c = 'arm-linux-gnueabihf-gcc' +pkgconfig = 'arm-linux-gnueabihf-pkg-config' + diff --git a/.ci/cross/linux/mipsel b/.ci/cross/linux/mipsel new file mode 100644 index 00000000..2bdfb8af --- /dev/null +++ b/.ci/cross/linux/mipsel @@ -0,0 +1,4 @@ +[binaries] +c = 'mipsel-linux-gnu-gcc' +pkgconfig = 'mipsel-linux-gnu-pkg-config' + diff --git a/.ci/cross/windows/amd64 b/.ci/cross/windows/amd64 new file mode 100644 index 00000000..884dae83 --- /dev/null +++ b/.ci/cross/windows/amd64 @@ -0,0 +1,17 @@ +[properties] +root = '/usr/x86_64-w64-mingw32' + +[binaries] +c = 'x86_64-w64-mingw32-gcc' +ar = 'x86_64-w64-mingw32-ar' +as = 'x86_64-w64-mingw32-as' +strip = 'x86_64-w64-mingw32-strip' +windres = 'x86_64-w64-mingw32-windres' +pkgconfig = 'x86_64-w64-mingw32-pkg-config' + +[host_machine] +system = 'windows' +endian = 'little' +cpu = 'x86_64' +cpu_family = 'x86_64' + diff --git a/.ci/deps.sh b/.ci/deps.sh index 2f0dab2d..523e7aa7 100755 --- a/.ci/deps.sh +++ b/.ci/deps.sh @@ -6,25 +6,28 @@ deps_linux_alpine() { apk upgrade apk add \ - git binutils make autoconf automake gcc linux-headers diffutils \ - procps socat shadow sudo libgcrypt-dev texinfo texlive gzip \ + git binutils meson pkgconf gcc linux-headers diffutils \ + procps socat shadow sudo libgcrypt-dev texinfo gzip \ openssl-dev zlib-dev lzo-dev ncurses-dev readline-dev musl-dev lz4-dev vde2-dev } -deps_linux_debian() { - export DEBIAN_FRONTEND=noninteractive - - HOST=${HOST:-} +deps_linux_debian_mingw() { + apt-get install -y \ + mingw-w64 mingw-w64-tools \ + wine wine-binfmt \ + libgcrypt-mingw-w64-dev \ + "$@" +} +deps_linux_debian_linux() { if [ -n "$HOST" ]; then dpkg --add-architecture "$HOST" fi apt-get update - apt-get upgrade -y apt-get install -y \ - git binutils make autoconf automake gcc diffutils sudo texinfo texlive netcat-openbsd procps socat \ + binutils make gcc \ zlib1g-dev:"$HOST" \ libssl-dev:"$HOST" \ liblzo2-dev:"$HOST" \ @@ -38,6 +41,36 @@ deps_linux_debian() { if [ -n "$HOST" ]; then apt-get install -y crossbuild-essential-"$HOST" qemu-user + else + linux_openssl3 + fi +} + +deps_linux_debian() { + export DEBIAN_FRONTEND=noninteractive + + apt-get update + apt-get upgrade -y + apt-get install -y git pkgconf diffutils sudo texinfo \ + netcat-openbsd procps socat + + HOST=${HOST:-} + if [ "$HOST" = mingw ]; then + deps_linux_debian_mingw "$@" + else + deps_linux_debian_linux "$@" + fi + + . /etc/os-release + + # Debian Buster ships an old version of meson (0.49). + # MinGW cross-compilation requires something newer than 0.55 that ships in Bullseye, + # or it fails when looking for dependencies in the OpenSSL wrap. + if [ "${ID:-}/${VERSION_CODENAME:-}" = debian/buster ] || [ "$HOST" = mingw ]; then + apt-get install -y python3 python3-pip ninja-build + pip3 install meson + else + apt-get install -y meson fi } @@ -54,7 +87,7 @@ deps_linux_rhel() { yum upgrade -y yum install -y \ - git binutils make autoconf automake gcc diffutils sudo texinfo-tex netcat procps systemd perl-IPC-Cmd \ + git binutils make meson pkgconf gcc diffutils sudo texinfo-tex netcat procps systemd perl-IPC-Cmd \ findutils socat lzo-devel zlib-devel lz4-devel ncurses-devel readline-devel libgcrypt-devel "$@" if yum info openssl11-devel; then @@ -69,11 +102,6 @@ deps_linux_rhel() { } linux_openssl3() { - if [ -n "${HOST:-}" ]; then - echo >&2 "Not installing OpenSSL 3 to a cross-compilation job" - return - fi - src=/usr/local/src/openssl ssl3=/opt/ssl3 @@ -86,7 +114,12 @@ linux_openssl3() { make -j"$(nproc)" make install_sw - ldconfig -v $ssl3/lib64 + if [ -f /etc/ld.so.conf ]; then + echo $ssl3/lib64 >>/etc/ld.so.conf + ldconfig -v + else + ldconfig -v $ssl3/lib64 + fi cd - } @@ -101,7 +134,6 @@ deps_linux() { debian | ubuntu) deps_linux_debian "$@" - linux_openssl3 ;; centos | almalinux | fedora) @@ -114,7 +146,7 @@ deps_linux() { } deps_macos() { - brew install coreutils netcat automake lzo lz4 miniupnpc libgcrypt openssl "$@" + brew install coreutils netcat lzo lz4 miniupnpc libgcrypt openssl meson "$@" pip3 install --user compiledb } diff --git a/.ci/package/deb/build.sh b/.ci/package/deb/build.sh index fa72face..61396f1e 100755 --- a/.ci/package/deb/build.sh +++ b/.ci/package/deb/build.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -euo pipefail +set -euxo pipefail . /etc/os-release @@ -18,8 +18,9 @@ export DEBIAN_FRONTEND=noninteractive apt-get install -y devscripts git-buildpackage dh-make export USER=${USER:-$(whoami)} +export EMAIL=ci@tinc-vpn.org -os="$ID-$VERSION_ID" +os="$ID-${VERSION_ID:-unknown}" templates=$(dirname "$0")/debian git clean -dfx @@ -47,5 +48,5 @@ cp "$templates/"* debian/ # remove useless READMEs created by dh_make rm -f debian/README.* -dpkg-buildpackage -d -us -uc +dpkg-buildpackage -rfakeroot -us -uc -b mv ../*.deb . diff --git a/.ci/package/deb/debian/info b/.ci/package/deb/debian/info deleted file mode 100644 index 5468d6c9..00000000 --- a/.ci/package/deb/debian/info +++ /dev/null @@ -1 +0,0 @@ -doc/tinc.info diff --git a/.ci/package/deb/debian/rules b/.ci/package/deb/debian/rules index e1cbc60c..fd9343fb 100755 --- a/.ci/package/deb/debian/rules +++ b/.ci/package/deb/debian/rules @@ -1,21 +1,7 @@ #!/usr/bin/make -f %: - dh $@ - -override_dh_auto_configure: - dh_auto_configure -- --enable-uml --enable-miniupnpc \ - --with-systemd=/lib/systemd/system/ - $(MAKE) clean - -override_dh_auto_install: - dh_auto_install -- install-html - # Remove info dir file - rm -f debian/tinc/usr/share/info/dir + dh $@ --buildsystem=meson override_dh_auto_test: - # Don't run the tests, it involves starting tinc daemons and making network connections. - # I don't think the autobuilders will like this. - -override_dh_installinit: - dh_installinit -r + # Disable tests. diff --git a/.ci/package/rpm/build.sh b/.ci/package/rpm/build.sh index b07df47c..48f57add 100755 --- a/.ci/package/rpm/build.sh +++ b/.ci/package/rpm/build.sh @@ -1,23 +1,16 @@ #!/bin/bash -set -euo pipefail +set -euxo pipefail + +if ! rpm -qi openssl-devel; then + exit 0 +fi find_tag() { git describe --always --tags --match='release-*' "$@" } -# CentOS 7 has OpenSSL 1.1 installed in a non-default location. -if [ -d /usr/include/openssl11 ]; then - set -- "$@" --with-openssl-include=/usr/include/openssl11 -fi - -if [ -d /usr/lib64/openssl11 ]; then - set -- "$@" --with-openssl-lib=/usr/lib64/openssl11 -fi - spec=$HOME/rpmbuild/SPECS/tinc.spec -configure=$(sh .ci/conf.sh) - version=$(find_tag HEAD | sed 's/-/_/g') version=${version//release_/} @@ -28,10 +21,8 @@ rpmdev-setuptree cp "$(dirname "$0")/tinc.spec" "$spec" sed -i "s/__VERSION__/$version/" "$spec" -sed -i "s#__CONFIGURE_ARGS__#$configure#" "$spec" git clean -dfx -autoreconf -fsi cp -a . ~/rpmbuild/BUILD rpmbuild -bb "$spec" diff --git a/.ci/package/rpm/tinc.spec b/.ci/package/rpm/tinc.spec index eda70d44..58bbaf6b 100644 --- a/.ci/package/rpm/tinc.spec +++ b/.ci/package/rpm/tinc.spec @@ -6,7 +6,15 @@ Summary: A virtual private network daemon License: GPLv2+ URL: https://www.tinc-vpn.org/ +BuildRequires: gcc +BuildRequires: meson BuildRequires: systemd +BuildRequires: openssl-devel +BuildRequires: lzo-devel +BuildRequires: zlib-devel +BuildRequires: lz4-devel +BuildRequires: ncurses-devel +BuildRequires: readline-devel Requires(post): systemd Requires(preun): systemd @@ -22,16 +30,16 @@ information with each other over the Internet without exposing any information to others. %define debug_package %{nil} +%define __meson_auto_features auto %prep %build -%configure --with-systemd=%{_unitdir} __CONFIGURE_ARGS__ -%make_build +%meson +%meson_build %install -%make_install -rm -f %{buildroot}%{_infodir}/dir +%meson_install %post %systemd_post %{name}@.service @@ -43,7 +51,7 @@ rm -f %{buildroot}%{_infodir}/dir %systemd_postun_with_restart %{name}@.service %files -%doc AUTHORS COPYING.README NEWS README.md THANKS doc/sample* doc/*.tex +%doc AUTHORS COPYING.README NEWS README.md THANKS doc/sample* %license COPYING %{_mandir}/man*/%{name}*.* %{_infodir}/%{name}.info.* diff --git a/.ci/package/win/build.sh b/.ci/package/win/build.sh index 098f4559..d9738dd9 100755 --- a/.ci/package/win/build.sh +++ b/.ci/package/win/build.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -euo pipefail +set -euxo pipefail curl -o wintap.exe -L 'https://build.openvpn.net/downloads/releases/latest/tap-windows-latest-stable.exe' diff --git a/.ci/package/win/installer.nsi b/.ci/package/win/installer.nsi index 4c4dd35b..90645d07 100644 --- a/.ci/package/win/installer.nsi +++ b/.ci/package/win/installer.nsi @@ -18,8 +18,8 @@ RequestExecutionLevel admin Section "Tinc" SetOutPath $INSTDIR - File ..\..\..\src\tinc.exe - File ..\..\..\src\tincd.exe + File ..\..\..\build\src\tinc.exe + File ..\..\..\build\src\tincd.exe File ..\..\..\wintap.exe CreateDirectory "$SMPROGRAMS\Tinc" diff --git a/.ci/sanitizers/ignore.txt b/.ci/sanitizers/ignore.txt index c088e06e..f2148789 100644 --- a/.ci/sanitizers/ignore.txt +++ b/.ci/sanitizers/ignore.txt @@ -1,9 +1,5 @@ -# plain make -src:ed25519/* -src:chacha-poly1305/* -src:xoshiro.c +# meson +src:../src/ed25519/* +src:../src/chacha-poly1305/* +src:../src/xoshiro.c -# make distcheck -src:../../../src/ed25519/* -src:../../../src/chacha-poly1305/* -src:../../../src/xoshiro.c diff --git a/.ci/test/prepare.sh b/.ci/test/prepare.sh index 8a01a3fc..82f103fb 100755 --- a/.ci/test/prepare.sh +++ b/.ci/test/prepare.sh @@ -1,6 +1,6 @@ #!/bin/sh -set -eu +set -eux if [ "$(id -u)" != 0 ] && sudo --preserve-env --non-interactive true; then echo >&2 "sudo already configured" @@ -12,3 +12,8 @@ useradd --user-group build echo 'build ALL=(ALL) NOPASSWD: ALL' >/etc/sudoers.d/build chmod 440 /etc/sudoers.d/build visudo --check + +if [ -n "${HOST:-}" ]; then + update-binfmts --enable + rm -f /dev/net/tun +fi diff --git a/.ci/test/run.sh b/.ci/test/run.sh index 2d1eb07d..fa23e241 100644 --- a/.ci/test/run.sh +++ b/.ci/test/run.sh @@ -1,6 +1,6 @@ #!/bin/sh -set -eu +set -eux bail() { echo >&2 "@" @@ -31,64 +31,41 @@ run_tests() { header "Running test flavor $flavor" - autoreconf -fsi + ./.ci/build.sh "$@" - DISTCHECK_CONFIGURE_FLAGS=$(sh .ci/conf.sh "$@") - export DISTCHECK_CONFIGURE_FLAGS - - # shellcheck disable=SC2086 - ./configure $DISTCHECK_CONFIGURE_FLAGS - - make -j"$(nproc)" all extra - - if [ "$(uname -s)" = Linux ]; then - cmd=distcheck - else - cmd=check + if [ "${HOST:-}" = mingw ]; then + echo >&2 "Integration tests cannot run under wine, skipping" + return 0 fi code=0 - make $cmd -j2 VERBOSE=1 || code=$? + meson test -C build --verbose || code=$? - sudo tar -c -z -f "/tmp/logs/tests.$flavor.tar.gz" test/ sanitizer/ + sudo tar -c -z -f "/tmp/logs/tests.$flavor.tar.gz" build/ sanitizer/ return $code } case "$(uname -s)" in -Linux) - if [ -n "${HOST:-}" ]; then - # Needed for cross-compilation for 32-bit targets. - export CPPFLAGS="${CPPFLAGS:-} -D_FILE_OFFSET_BITS=64" - fi - ;; - -MINGW*) - # No-op. - sudo() { "$@"; } - ;; - -Darwin) - nproc() { sysctl -n hw.ncpu; } - gcrypt=$(brew --prefix libgcrypt) - openssl=$(brew --prefix openssl) - export CPPFLAGS="${CPPFLAGS:-} -I/usr/local/include -I$gcrypt/include -I$openssl/include -I$gcrypt/include" - ;; +MINGW* | Darwin) sudo() { "$@"; } ;; esac -case "$1" in +flavor=$1 +shift + +case "$flavor" in default) - run_tests default + run_tests default "$@" ;; nolegacy) - run_tests nolegacy --disable-legacy-protocol + run_tests nolegacy -Dcrypto=nolegacy "$@" ;; gcrypt) - run_tests gcrypt --with-libgcrypt + run_tests gcrypt -Dcrypto=gcrypt "$@" ;; openssl3) if [ -d /opt/ssl3 ]; then - run_tests openssl3 --with-openssl=/opt/ssl3 --with-openssl-include=/opt/ssl3/include --with-openssl-lib=/opt/ssl3/lib64 + run_tests openssl3 -Dpkg_config_path=/opt/ssl3/lib64/pkgconfig "$@" else echo >&2 "OpenSSL 3 not installed, skipping test" fi diff --git a/.ci/tidy/run.sh b/.ci/tidy/run.sh index d196975b..36700a2e 100755 --- a/.ci/tidy/run.sh +++ b/.ci/tidy/run.sh @@ -2,6 +2,8 @@ set -eu +./.ci/build.sh "$@" + # Which paths to ignore. paths='src/solaris src/mingw src/gcrypt' @@ -26,11 +28,6 @@ for path in $paths; do path_filters=" $path_filters ! ( -path $path -prune ) " done -if ! [ -f compile_commands.json ]; then - make clean - compiledb make all extra -fi - echo >&2 "Running clang-tidy without $paths" # This is fine, our paths are relative and do not contain any whitespace. @@ -38,4 +35,4 @@ echo >&2 "Running clang-tidy without $paths" find src \ $path_filters \ -name '*.c' \ - -exec clang-tidy --header-filter='.*' '{}' + + -exec clang-tidy -p build --header-filter='.*' '{}' + diff --git a/.ci/warn/run.sh b/.ci/warn/run.sh index 65f46eb2..a4b3d9dc 100755 --- a/.ci/warn/run.sh +++ b/.ci/warn/run.sh @@ -3,20 +3,15 @@ set -euo pipefail test -n "$CC" -export CFLAGS="${CFLAGS:-} -Werror" result=0 check_warnings() { git clean -dfx - - autoreconf -fsi - # shellcheck disable=SC2046 - ./configure $(sh .ci/conf.sh) - make -j"$(nproc)" all extra || result=$? + ./.ci/build.sh -Dwerror=true "$@" || result=$? } check_warnings -check_warnings --disable-legacy-protocol +check_warnings -Dcrypto=nolegacy exit $result diff --git a/.clang-tidy b/.clang-tidy index 4a56007a..d0a89c18 100644 --- a/.clang-tidy +++ b/.clang-tidy @@ -1,2 +1,3 @@ Checks: '-*,bugprone-narrowing-conversions' +HeaderFilterRegex: '.*' WarningsAsErrors: '*' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b5392ff2..0dd0de22 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,6 +17,7 @@ jobs: arch: - armhf - mipsel + - mingw container: image: debian:bullseye @@ -30,10 +31,7 @@ jobs: run: HOST=${{ matrix.arch }} sh .ci/deps.sh - name: Prepare the system - run: | - sh .ci/test/prepare.sh - update-binfmts --enable - rm -f /dev/net/tun + run: HOST=${{ matrix.arch }} sh .ci/test/prepare.sh - name: Run tests with default settings run: sudo -u build CI=1 HOST=${{ matrix.arch }} sh .ci/test/run.sh default @@ -76,17 +74,12 @@ jobs: - name: Install deps run: sudo sh .ci/deps.sh - - name: Configure and compile - run: | - autoreconf -fsi - ./configure $(sh .ci/conf.sh) - - name: Run clang-tidy run: sh .ci/tidy/run.sh if: always() - name: Check code formatting - run: "! astyle -r --options=.astylerc --dry-run --formatted '*.c' '*.h' | grep '^Formatted'" + run: "! astyle --exclude=build -r --options=.astylerc --dry-run --formatted '*.c' '*.h' | grep '^Formatted'" if: always() - name: Check scripts formatting @@ -104,13 +97,13 @@ jobs: - name: Check warnings (gcc) run: bash .ci/warn/run.sh env: - CC: gcc + CC: gcc-10 if: always() - name: Check warnings (clang) run: bash .ci/warn/run.sh env: - CC: clang + CC: clang-12 if: always() sanitizer: @@ -291,8 +284,8 @@ jobs: # https://packages.msys2.org/package/ install: >- base-devel - autoconf-wrapper - automake-wrapper + mingw-w64-x86_64-meson + mingw-w64-x86_64-pkgconf mingw-w64-x86_64-gcc mingw-w64-x86_64-openssl mingw-w64-x86_64-libgcrypt -- 2.20.1