forked from strongswan/strongswan
-
Notifications
You must be signed in to change notification settings - Fork 0
175 lines (169 loc) · 5.66 KB
/
linux.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: Linux
on: [push, pull_request]
env:
# this test case does not actually test anything but tries to access system
# directories that might be inaccessible on build hosts
TESTS_CASES_EXCLUDE: sw_collector
TESTS_REDUCED_KEYLENGTHS: yes
CCACHE_BASEDIR: ${{ github.workspace }}
CCACHE_COMPRESS: true
CCACHE_MAXSIZE: 200M
OS_NAME: linux
jobs:
pre-check:
runs-on: ubuntu-latest
outputs:
should_skip: ${{ steps.skip-check.outputs.should_skip }}
steps:
- id: skip-check
uses: fkirc/skip-duplicate-actions@master
with:
concurrent_skipping: 'same_content'
latest:
needs: pre-check
if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
runs-on: ubuntu-latest
strategy:
matrix:
test: [ all, default, printf-builtin ]
compiler: [ gcc, clang ]
leak-detective: [ no, yes ]
monolithic: [ no, yes ]
exclude:
# leaks will show up whether we build monolithic or not
- leak-detective: yes
monolithic: yes
# monolithic builds don't affect the printf-hook implementation
- test: printf-builtin
monolithic: yes
include:
- test: apidoc
- test: coverage
- test: dist
- test: nm
- test: no-dbg
- test: no-dbg
compiler: clang
- test: fuzzing
compiler: clang
monolithic: yes
env:
LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
MONOLITHIC: ${{ matrix.monolithic || 'no' }}
CC: ${{ matrix.compiler || 'gcc' }}
TEST: ${{ matrix.test }}
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: ~/.cache/ccache
# with regards to ccache, monolithic builds don't differ from regular
# builds and, similarly, builds with leak-detective only differ in two
# files (LD itself and library.c); but different tests build different
# dependencies, so different caches are needed
key: ccache-ubuntu-latest-${{ env.CC }}-${{ matrix.test }}-${{ github.sha }}
restore-keys: |
ccache-ubuntu-latest-${{ env.CC }}-${{ matrix.test }}-
ccache-ubuntu-latest-${{ env.CC }}-
- run: |
sudo apt-get install -qq ccache
echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
ccache -z
- uses: ./.github/actions/default
- run: ccache -s
- if: ${{ success() && matrix.test == 'coverage' }}
run: bash <(curl -s https://codecov.io/bash)
- if: ${{ failure() }}
uses: actions/upload-artifact@v4
with:
name: Logs ${{ github.job }}
path: config.log
retention-days: 5
crypto-plugins:
needs: pre-check
if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-latest, ubuntu-20.04 ]
test: [ botan, wolfssl, openssl, openssl-3, openssl-awslc, gcrypt ]
leak-detective: [ no, yes ]
exclude:
# test custom-built libs only on one platform
- os: ubuntu-20.04
test: botan
- os: ubuntu-20.04
test: wolfssl
- os: ubuntu-20.04
test: openssl-3
- os: ubuntu-20.04
test: openssl-awslc
env:
LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
CC: ${{ matrix.compiler || 'gcc' }}
TEST: ${{ matrix.test }}
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
# path is different on newer systems
path: |
~/.cache/ccache
~/.ccache
key: ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.sha }}
restore-keys: |
ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-
ccache-${{ matrix.os }}-${{ env.CC }}-all-${{ github.sha }}
ccache-${{ matrix.os }}-${{ env.CC }}-all-
ccache-${{ matrix.os }}-${{ env.CC }}-
- run: |
sudo apt-get install -qq ccache
echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
ccache -z
- uses: ./.github/actions/default
- run: ccache -s
- if: ${{ failure() }}
uses: actions/upload-artifact@v4
with:
name: Logs ${{ github.job }}
path: config.log
retention-days: 5
older:
needs: pre-check
if: ${{ needs.pre-check.outputs.should_skip != 'true' }}
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ ubuntu-20.04 ]
test: [ all, nm ]
compiler: [ gcc, clang ]
exclude:
- test: nm
compiler: clang
env:
LEAK_DETECTIVE: ${{ matrix.leak-detective || 'no' }}
CC: ${{ matrix.compiler || 'gcc' }}
TEST: ${{ matrix.test }}
# LSan causes spurious SIGSEGV after tests due to DTLS handling by glibc
ASAN_OPTIONS: intercept_tls_get_addr=0
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: ~/.ccache
key: ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-${{ github.sha }}
restore-keys: |
ccache-${{ matrix.os }}-${{ env.CC }}-${{ matrix.test }}-
ccache-${{ matrix.os }}-${{ env.CC }}-
- run: |
sudo apt-get install -qq ccache
echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
ccache -z
- uses: ./.github/actions/default
- run: ccache -s
- if: ${{ failure() }}
uses: actions/upload-artifact@v4
with:
name: Logs ${{ github.job }}
path: config.log
retention-days: 5