|
| 1 | +# Continuous integration and pull request validation builds for the |
| 2 | +# main and maintenance branches. |
| 3 | +name: CI Build |
| 4 | + |
| 5 | +on: |
| 6 | + push: |
| 7 | + branches: [ main, maint/* ] |
| 8 | + pull_request: |
| 9 | + branches: [ main, maint/* ] |
| 10 | + workflow_dispatch: |
| 11 | + |
| 12 | +env: |
| 13 | + docker-registry: docker.pkg.github.com |
| 14 | + docker-config-path: source/ci/docker |
| 15 | + |
| 16 | +jobs: |
| 17 | + # Build the docker container images that we will use for our Linux |
| 18 | + # builds. This will identify the last commit to the repository that |
| 19 | + # updated the docker images, and try to download the image tagged with |
| 20 | + # that sha. If it does not exist, we'll do a docker build and push |
| 21 | + # the image up to GitHub Packages for the actual CI/CD runs. We tag |
| 22 | + # with both the sha and "latest" so that the subsequent runs need not |
| 23 | + # know the sha. Only do this on CI builds (when the event is a "push") |
| 24 | + # because PR builds from forks lack permission to write packages. |
| 25 | + build_containers: |
| 26 | + name: Create docker image |
| 27 | + strategy: |
| 28 | + matrix: |
| 29 | + container: |
| 30 | + - name: xenial |
| 31 | + - name: bionic |
| 32 | + - name: focal |
| 33 | + - name: docurium |
| 34 | + - name: bionic-x86 |
| 35 | + dockerfile: bionic |
| 36 | + base: multiarch/ubuntu-core:x86-bionic |
| 37 | + qemu: true |
| 38 | + - name: bionic-arm32 |
| 39 | + dockerfile: bionic |
| 40 | + base: multiarch/ubuntu-core:armhf-bionic |
| 41 | + qemu: true |
| 42 | + - name: bionic-arm64 |
| 43 | + dockerfile: bionic |
| 44 | + base: multiarch/ubuntu-core:arm64-bionic |
| 45 | + qemu: true |
| 46 | + - name: centos7 |
| 47 | + - name: centos8 |
| 48 | + runs-on: ubuntu-latest |
| 49 | + steps: |
| 50 | + - name: Check out repository |
| 51 | + uses: actions/checkout@v2 |
| 52 | + with: |
| 53 | + path: source |
| 54 | + fetch-depth: 0 |
| 55 | + if: github.event_name != 'pull_request' |
| 56 | + - name: Setup QEMU |
| 57 | + run: docker run --rm --privileged multiarch/qemu-user-static:register --reset |
| 58 | + if: matrix.container.qemu == true |
| 59 | + - name: Download existing container |
| 60 | + run: | |
| 61 | + "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}" |
| 62 | + env: |
| 63 | + DOCKER_REGISTRY: ${{ env.docker-registry }} |
| 64 | + GITHUB_TOKEN: ${{ secrets.github_token }} |
| 65 | + working-directory: ${{ env.docker-config-path }} |
| 66 | + if: github.event_name != 'pull_request' |
| 67 | + - name: Build and publish image |
| 68 | + run: | |
| 69 | + if [ "${{ matrix.container.base }}" != "" ]; then |
| 70 | + BASE_ARG="--build-arg BASE=${{ matrix.container.base }}" |
| 71 | + fi |
| 72 | + docker build -t ${{ env.docker-registry-container-sha }} ${BASE_ARG} -f ${{ env.dockerfile }} . |
| 73 | + docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }} |
| 74 | + docker push ${{ env.docker-registry-container-sha }} |
| 75 | + docker push ${{ env.docker-registry-container-latest }} |
| 76 | + working-directory: ${{ env.docker-config-path }} |
| 77 | + if: github.event_name != 'pull_request' && env.docker-container-exists != 'true' |
| 78 | + |
| 79 | + # Run our CI/CD builds. We build a matrix with the various build targets |
| 80 | + # and their details. Then we build either in a docker container (Linux) |
| 81 | + # or on the actual hosts (macOS, Windows). |
| 82 | + build: |
| 83 | + name: Build |
| 84 | + needs: [ build_containers ] |
| 85 | + strategy: |
| 86 | + matrix: |
| 87 | + platform: |
| 88 | + - # Xenial, GCC, OpenSSL |
| 89 | + container: |
| 90 | + name: xenial |
| 91 | + env: |
| 92 | + CC: gcc |
| 93 | + CMAKE_GENERATOR: Ninja |
| 94 | + CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON |
| 95 | + os: ubuntu-latest |
| 96 | + - # Xenial, GCC, mbedTLS |
| 97 | + container: |
| 98 | + name: xenial |
| 99 | + env: |
| 100 | + CC: gcc |
| 101 | + CMAKE_GENERATOR: Ninja |
| 102 | + CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON |
| 103 | + os: ubuntu-latest |
| 104 | + - # Xenial, Clang, OpenSSL |
| 105 | + container: |
| 106 | + name: xenial |
| 107 | + env: |
| 108 | + CC: clang |
| 109 | + CMAKE_GENERATOR: Ninja |
| 110 | + CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON |
| 111 | + os: ubuntu-latest |
| 112 | + - # Xenial, Clang, mbedTLS |
| 113 | + container: |
| 114 | + name: xenial |
| 115 | + env: |
| 116 | + CC: clang |
| 117 | + CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON |
| 118 | + CMAKE_GENERATOR: Ninja |
| 119 | + os: ubuntu-latest |
| 120 | + - # Focal, Clang 10, mbedTLS, MemorySanitizer |
| 121 | + container: |
| 122 | + name: focal |
| 123 | + env: |
| 124 | + CC: clang-10 |
| 125 | + CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer |
| 126 | + CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON |
| 127 | + CMAKE_GENERATOR: Ninja |
| 128 | + SKIP_SSH_TESTS: true |
| 129 | + SKIP_NEGOTIATE_TESTS: true |
| 130 | + ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 |
| 131 | + UBSAN_OPTIONS: print_stacktrace=1 |
| 132 | + os: ubuntu-latest |
| 133 | + - # Focal, Clang 10, OpenSSL, UndefinedBehaviorSanitizer |
| 134 | + container: |
| 135 | + name: focal |
| 136 | + env: |
| 137 | + CC: clang-10 |
| 138 | + CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer |
| 139 | + CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON |
| 140 | + CMAKE_GENERATOR: Ninja |
| 141 | + SKIP_SSH_TESTS: true |
| 142 | + SKIP_NEGOTIATE_TESTS: true |
| 143 | + ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 |
| 144 | + UBSAN_OPTIONS: print_stacktrace=1 |
| 145 | + os: ubuntu-latest |
| 146 | + - # Focal, Clang 10, OpenSSL, ThreadSanitizer |
| 147 | + container: |
| 148 | + name: focal |
| 149 | + env: |
| 150 | + CC: clang-10 |
| 151 | + CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer |
| 152 | + CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON |
| 153 | + CMAKE_GENERATOR: Ninja |
| 154 | + SKIP_SSH_TESTS: true |
| 155 | + SKIP_NEGOTIATE_TESTS: true |
| 156 | + ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10 |
| 157 | + UBSAN_OPTIONS: print_stacktrace=1 |
| 158 | + TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1 |
| 159 | + os: ubuntu-latest |
| 160 | + - # macOS |
| 161 | + os: macos-10.15 |
| 162 | + env: |
| 163 | + CC: clang |
| 164 | + CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON |
| 165 | + PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig |
| 166 | + SKIP_SSH_TESTS: true |
| 167 | + SKIP_NEGOTIATE_TESTS: true |
| 168 | + setup-script: osx |
| 169 | + - # Windows amd64 Visual Studio |
| 170 | + os: windows-2019 |
| 171 | + env: |
| 172 | + ARCH: amd64 |
| 173 | + CMAKE_GENERATOR: Visual Studio 16 2019 |
| 174 | + CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON |
| 175 | + SKIP_SSH_TESTS: true |
| 176 | + SKIP_NEGOTIATE_TESTS: true |
| 177 | + - # Windows x86 Visual Studio |
| 178 | + os: windows-2019 |
| 179 | + env: |
| 180 | + ARCH: x86 |
| 181 | + CMAKE_GENERATOR: Visual Studio 16 2019 |
| 182 | + CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON |
| 183 | + SKIP_SSH_TESTS: true |
| 184 | + SKIP_NEGOTIATE_TESTS: true |
| 185 | + - # Windows amd64 mingw |
| 186 | + os: windows-2019 |
| 187 | + setup-script: mingw |
| 188 | + env: |
| 189 | + ARCH: amd64 |
| 190 | + CMAKE_GENERATOR: MinGW Makefiles |
| 191 | + CMAKE_OPTIONS: -DDEPRECATE_HARD=ON |
| 192 | + BUILD_TEMP: D:\Temp |
| 193 | + BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin |
| 194 | + SKIP_SSH_TESTS: true |
| 195 | + SKIP_NEGOTIATE_TESTS: true |
| 196 | + - # Windows x86 mingw |
| 197 | + os: windows-2019 |
| 198 | + setup-script: mingw |
| 199 | + env: |
| 200 | + ARCH: x86 |
| 201 | + CMAKE_GENERATOR: MinGW Makefiles |
| 202 | + CMAKE_OPTIONS: -DDEPRECATE_HARD=ON |
| 203 | + BUILD_TEMP: D:\Temp |
| 204 | + BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin |
| 205 | + SKIP_SSH_TESTS: true |
| 206 | + SKIP_NEGOTIATE_TESTS: true |
| 207 | + fail-fast: false |
| 208 | + env: ${{ matrix.platform.env }} |
| 209 | + runs-on: ${{ matrix.platform.os }} |
| 210 | + steps: |
| 211 | + - name: Check out repository |
| 212 | + uses: actions/checkout@v2 |
| 213 | + with: |
| 214 | + path: source |
| 215 | + fetch-depth: 0 |
| 216 | + - name: Set up build environment |
| 217 | + run: source/ci/setup-${{ matrix.platform.setup-script }}.sh |
| 218 | + shell: bash |
| 219 | + if: matrix.platform.setup-script != '' |
| 220 | + - name: Setup QEMU |
| 221 | + run: docker run --rm --privileged multiarch/qemu-user-static:register --reset |
| 222 | + if: matrix.platform.container.qemu == true |
| 223 | + - name: Download container |
| 224 | + run: | |
| 225 | + "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}" |
| 226 | + env: |
| 227 | + DOCKER_REGISTRY: ${{ env.docker-registry }} |
| 228 | + GITHUB_TOKEN: ${{ secrets.github_token }} |
| 229 | + working-directory: ${{ env.docker-config-path }} |
| 230 | + if: matrix.platform.container.name != '' |
| 231 | + - name: Create container |
| 232 | + run: docker build -t ${{ env.docker-registry-container-sha }} -f ${{ env.dockerfile }} . |
| 233 | + working-directory: ${{ env.docker-config-path }} |
| 234 | + if: matrix.platform.container.name != '' && env.docker-container-exists != 'true' |
| 235 | + - name: Build and test |
| 236 | + run: | |
| 237 | + export GITTEST_NEGOTIATE_PASSWORD="${{ secrets.GITTEST_NEGOTIATE_PASSWORD }}" |
| 238 | +
|
| 239 | + if [ -n "${{ matrix.platform.container.name }}" ]; then |
| 240 | + docker run \ |
| 241 | + --rm \ |
| 242 | + --user libgit2:libgit2 \ |
| 243 | + -v "$(pwd)/source:/home/libgit2/source" \ |
| 244 | + -w /home/libgit2 \ |
| 245 | + -e ASAN_SYMBOLIZER_PATH \ |
| 246 | + -e CC \ |
| 247 | + -e CFLAGS \ |
| 248 | + -e CMAKE_GENERATOR \ |
| 249 | + -e CMAKE_OPTIONS \ |
| 250 | + -e GITTEST_NEGOTIATE_PASSWORD \ |
| 251 | + -e PKG_CONFIG_PATH \ |
| 252 | + -e SKIP_NEGOTIATE_TESTS \ |
| 253 | + -e SKIP_SSH_TESTS \ |
| 254 | + -e TSAN_OPTIONS \ |
| 255 | + -e UBSAN_OPTIONS \ |
| 256 | + ${{ env.docker-registry-container-sha }} \ |
| 257 | + /bin/bash -c "mkdir build && cd build && ../source/ci/build.sh && ../source/ci/test.sh" |
| 258 | + else |
| 259 | + mkdir build && cd build |
| 260 | + ../source/ci/build.sh |
| 261 | + ../source/ci/test.sh |
| 262 | + fi |
| 263 | + shell: bash |
| 264 | + |
| 265 | + # Generate documentation using docurium. We'll upload the documentation |
| 266 | + # as a build artifact so that it can be reviewed as part of a pull |
| 267 | + # request or in a forked build. For CI builds in the main repository's |
| 268 | + # main branch, we'll push the gh-pages branch back up so that it is |
| 269 | + # published to our documentation site. |
| 270 | + documentation: |
| 271 | + name: Generate documentation |
| 272 | + needs: [build_containers] |
| 273 | + runs-on: ubuntu-latest |
| 274 | + steps: |
| 275 | + - name: Check out repository |
| 276 | + uses: actions/checkout@v2 |
| 277 | + with: |
| 278 | + path: source |
| 279 | + fetch-depth: 0 |
| 280 | + - name: Generate documentation |
| 281 | + working-directory: source |
| 282 | + run: | |
| 283 | + git config user.name 'Documentation Generation' |
| 284 | + git config user.email 'libgit2@users.noreply.github.com' |
| 285 | + git branch gh-pages origin/gh-pages |
| 286 | + docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }} |
| 287 | + docker run \ |
| 288 | + --rm \ |
| 289 | + -v "$(pwd):/home/libgit2" \ |
| 290 | + -w /home/libgit2 \ |
| 291 | + ${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \ |
| 292 | + cm doc api.docurium |
| 293 | + git checkout gh-pages |
| 294 | + zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip . |
| 295 | + - uses: actions/upload-artifact@v2 |
| 296 | + name: Upload artifact |
| 297 | + with: |
| 298 | + name: api-documentation |
| 299 | + path: source/api-documentation.zip |
| 300 | + - name: Push documentation branch |
| 301 | + working-directory: source |
| 302 | + run: git push origin gh-pages |
| 303 | + if: github.event_name != 'pull_request' && github.repository == 'libgit2/libgit2' |
0 commit comments