diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/codeql.yml | 9 | ||||
| -rw-r--r-- | .github/dependabot.yml | 6 | ||||
| -rwxr-xr-x | .github/diag.sh | 16 | ||||
| -rw-r--r-- | .github/workflows/ci.yml | 227 | ||||
| -rw-r--r-- | .github/workflows/codecov.yml | 18 | ||||
| -rw-r--r-- | .github/workflows/codeql.yml | 60 | ||||
| -rw-r--r-- | .github/workflows/freebsd.yml | 33 | ||||
| -rw-r--r-- | .github/workflows/linux.yml | 35 | ||||
| -rw-r--r-- | .github/workflows/macos.yml | 18 |
9 files changed, 329 insertions, 93 deletions
diff --git a/.github/codeql.yml b/.github/codeql.yml new file mode 100644 index 0000000..6ff8337 --- /dev/null +++ b/.github/codeql.yml @@ -0,0 +1,9 @@ +query-filters: + - exclude: + id: cpp/commented-out-code + - exclude: + id: cpp/long-switch + - exclude: + id: cpp/loop-variable-changed + - exclude: + id: cpp/poorly-documented-function diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..5ace460 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,6 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" diff --git a/.github/diag.sh b/.github/diag.sh new file mode 100755 index 0000000..942487a --- /dev/null +++ b/.github/diag.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +# Copyright © Tavian Barnes <tavianator@tavianator.com> +# SPDX-License-Identifier: 0BSD + +# Convert compiler diagnostics to GitHub Actions messages +# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#setting-a-warning-message + +set -eu + +filter() { + sed -E 's/^(([^:]*):([^:]*):([^:]*): (warning|error): (.*))$/::\5 file=\2,line=\3,col=\4,title=Compiler \5::\6\ +\1/' +} + +"$@" 2> >(filter >&2) | filter diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..8011224 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,227 @@ +name: CI + +on: [push, pull_request] + +jobs: + linux: + name: Linux + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Install dependencies + run: | + sudo dpkg --add-architecture i386 + sudo apt-get update -y + sudo apt-get install -y \ + expect \ + gcc-multilib \ + libgcc-s1:i386 \ + acl \ + libacl1-dev \ + libacl1:i386 \ + attr \ + libcap2-bin \ + libcap-dev \ + libcap2:i386 \ + libonig-dev \ + libonig5:i386 \ + liburing-dev + # Ubuntu doesn't let you install the -dev packages for both amd64 and + # i386 at once, so we make our own symlinks to fix -m32 -lacl -l... + sudo ln -s libacl.so.1 /lib/i386-linux-gnu/libacl.so + sudo ln -s libcap.so.2 /lib/i386-linux-gnu/libcap.so + sudo ln -s libonig.so.5 /lib/i386-linux-gnu/libonig.so + # Work around https://github.com/actions/runner-images/issues/9491 + sudo sysctl vm.mmap_rnd_bits=28 + + - name: Run tests + run: | + .github/diag.sh make -j$(nproc) distcheck + + - uses: actions/upload-artifact@v4 + with: + name: linux-config.log + path: distcheck-*/gen/config.log + + macos: + name: macOS + + runs-on: macos-14 + + steps: + - uses: actions/checkout@v4 + + - name: Install dependencies + run: | + brew install \ + bash \ + expect + + - name: Run tests + run: | + jobs=$(sysctl -n hw.ncpu) + .github/diag.sh make -j$jobs distcheck + + freebsd: + name: FreeBSD + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Run tests + uses: cross-platform-actions/action@v0.24.0 + with: + operating_system: freebsd + version: "14.0" + + run: | + sudo pkg install -y \ + bash \ + expect \ + oniguruma \ + pkgconf \ + tcl-wrapper + sudo mount -t fdescfs none /dev/fd + .github/diag.sh make -j$(nproc) distcheck + + - uses: actions/upload-artifact@v4 + with: + name: freebsd-config.log + path: distcheck-*/gen/config.log + + openbsd: + name: OpenBSD + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Run tests + uses: cross-platform-actions/action@v0.24.0 + with: + operating_system: openbsd + version: "7.5" + + run: | + sudo pkg_add \ + bash \ + expect \ + gmake \ + oniguruma + jobs=$(sysctl -n hw.ncpu) + ./configure MAKE=gmake + .github/diag.sh gmake -j$jobs check TEST_FLAGS="--sudo --verbose=skipped" + + - uses: actions/upload-artifact@v4 + with: + name: openbsd-config.log + path: gen/config.log + + netbsd: + name: NetBSD + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Run tests + uses: cross-platform-actions/action@v0.24.0 + with: + operating_system: netbsd + version: "10.0" + + run: | + PATH="/sbin:/usr/sbin:$PATH" + sudo pkgin -y install \ + bash \ + oniguruma \ + pkgconf \ + tcl-expect + jobs=$(sysctl -n hw.ncpu) + ./configure + .github/diag.sh make -j$jobs check TEST_FLAGS="--sudo --verbose=skipped" + + - uses: actions/upload-artifact@v4 + with: + name: netbsd-config.log + path: gen/config.log + + dragonflybsd: + name: DragonFly BSD + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Run tests + uses: vmactions/dragonflybsd-vm@v1 + with: + release: "6.4.0" + usesh: true + + prepare: | + pkg install -y \ + bash \ + expect \ + oniguruma \ + pkgconf \ + sudo \ + tcl-wrapper + pw useradd -n action -m -G wheel -s /usr/local/bin/bash + echo "%wheel ALL=(ALL) NOPASSWD: ALL" >>/usr/local/etc/sudoers + + run: | + chown -R action:action . + jobs=$(sysctl -n hw.ncpu) + sudo -u action ./configure + sudo -u action .github/diag.sh make -j$jobs check TEST_FLAGS="--sudo --verbose=skipped" + + - uses: actions/upload-artifact@v4 + with: + name: dragonfly-config.log + path: gen/config.log + + omnios: + name: OmniOS + + runs-on: ubuntu-22.04 + + steps: + - uses: actions/checkout@v4 + + - name: Run tests + uses: vmactions/omnios-vm@v1 + with: + release: "r151048" + usesh: true + + prepare: | + pkg install \ + bash \ + build-essential \ + expect \ + gnu-make \ + onig \ + sudo + useradd -m -g staff action + echo "%staff ALL=(ALL) NOPASSWD: ALL" >>/etc/sudoers + + run: | + PATH="/usr/xpg4/bin:$PATH" + chown -R action:staff . + jobs=$(getconf NPROCESSORS_ONLN) + sudo -u action ./configure MAKE=gmake + sudo -u action .github/diag.sh gmake -j$jobs check TEST_FLAGS="--sudo --verbose=skipped" + + - uses: actions/upload-artifact@v4 + with: + name: omnios-config.log + path: gen/config.log diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index f582892..6aaace6 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -1,31 +1,35 @@ name: codecov.io -on: [push, pull_request] +on: [push] jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Install dependencies run: | sudo apt-get update -y sudo apt-get install -y \ + expect \ gcc \ acl \ libacl1-dev \ attr \ - libattr1-dev \ libcap2-bin \ libcap-dev \ + libonig-dev \ + liburing-dev - name: Generate coverage run: | - make -j$(nproc) gcov check - gcov -abcfu *.c tests/*.c + ./configure --enable-gcov + make -j$(nproc) check TEST_FLAGS="--sudo" + gcov -abcfpu obj/*/*.o - - uses: codecov/codecov-action@v2 + - uses: codecov/codecov-action@v4 with: + token: ${{ secrets.CODECOV_TOKEN }} fail_ci_if_error: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..a0b8fe3 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,60 @@ +name: CodeQL + +on: + push: + branches: + - main + pull_request: + branches: + - main + schedule: + - cron: "10 14 * * 2" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-22.04 + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install dependencies + run: | + sudo apt-get update -y + sudo apt-get install -y \ + gcc \ + acl \ + libacl1-dev \ + attr \ + libcap2-bin \ + libcap-dev \ + libonig-dev \ + liburing-dev + + - name: Configure + run: | + ./configure + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: cpp + queries: +security-and-quality + config-file: .github/codeql.yml + + - name: Build + run: | + make -j$(nproc) all + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:cpp" diff --git a/.github/workflows/freebsd.yml b/.github/workflows/freebsd.yml deleted file mode 100644 index 82c0275..0000000 --- a/.github/workflows/freebsd.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: FreeBSD - -on: [push, pull_request] - -jobs: - build: - if: ${{ github.repository_owner == 'tavianator' && (github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository) }} - - runs-on: ubuntu-latest - - concurrency: muon - - steps: - - uses: actions/checkout@v2 - - - uses: tailscale/github-action@main - with: - authkey: ${{ secrets.TAILSCALE_KEY }} - - - name: Configure SSH - env: - SSH_KEY: ${{ secrets.SSH_KEY }} - run: | - mkdir ~/.ssh - printf '%s' "$SSH_KEY" >~/.ssh/github-actions - chmod 0600 ~/.ssh/github-actions - printf 'Host %s\n\tStrictHostKeyChecking=accept-new\n\tUser github\n\tIdentityFile ~/.ssh/github-actions\n' "$(tailscale ip -6 muon)" >~/.ssh/config - - - name: Run tests - run: | - muon=$(tailscale ip -6 muon) - rsync -rl --delete . "[$muon]:bfs" - ssh "$muon" 'gmake -C bfs -j$(sysctl -n hw.ncpu) distcheck' diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml deleted file mode 100644 index 67943f4..0000000 --- a/.github/workflows/linux.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Linux - -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v2 - - - name: Install dependencies - run: | - sudo dpkg --add-architecture i386 - sudo apt-get update -y - sudo apt-get install -y \ - gcc-multilib \ - acl \ - libacl1-dev \ - libacl1:i386 \ - attr \ - libattr1-dev \ - libattr1:i386 \ - libcap2-bin \ - libcap-dev \ - libcap2:i386 - # Ubuntu doesn't let you install the -dev packages for both amd64 and - # i386 at once, so we make our own symlinks to fix -m32 -lacl -lattr -lcap - sudo ln -s libacl.so.1 /lib/i386-linux-gnu/libacl.so - sudo ln -s libattr.so.1 /lib/i386-linux-gnu/libattr.so - sudo ln -s libcap.so.2 /lib/i386-linux-gnu/libcap.so - - - name: Run tests - run: | - make -j$(nproc) distcheck diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml deleted file mode 100644 index 39a0f9c..0000000 --- a/.github/workflows/macos.yml +++ /dev/null @@ -1,18 +0,0 @@ -name: macOS - -on: [push, pull_request] - -jobs: - build: - runs-on: macos-latest - - steps: - - uses: actions/checkout@v2 - - - name: Install dependencies - run: | - brew install coreutils - - - name: Run tests - run: | - make -j$(sysctl -n hw.ncpu) distcheck |