summaryrefslogtreecommitdiffstats
path: root/.github/workflows/ci-deb.yml
blob: 29d35d2f4674ea038c617c10c6b5adbf6db413be (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
name: CI DEB

on:
  push:
    branches-ignore:
      - coverity_scan
  pull_request:

env:
  DEBIAN_FRONTEND: noninteractive
  CC: gcc

jobs:
  deb-build:

    strategy:
      matrix:
        env:
          - { NAME: "ubuntu-18.04", OS: "ubuntu:bionic-20220801" }
          - { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" }
          - { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" }
          - { NAME: "debian-9",     OS: "debian:stretch" }
          - { NAME: "debian-10",    OS: "debian:buster" }
          - { NAME: "debian-11",    OS: "debian:bullseye" }
          - { NAME: "debian-sid",   OS: "debian:sid" }
      fail-fast: false

    runs-on: ubuntu-latest

    container:
      image: ${{ matrix.env.OS }}

    env:
      HOSTAPD_BUILD_DIR: /tmp/eapol_test.ci
      HOSTAPD_GIT_TAG: hostap_2_8

    name: "DEB build"

    steps:

    - name: Package manager performance and stability improvements
      run: |
        if [ -f "/etc/apt/sources.list" ]; then
        sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list
        sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list
        fi
        echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80-retries
        echo 'force-unsafe-io' > /etc/dpkg/dpkg.cfg.d/02speedup
        echo 'man-db man-db/auto-update boolean false' | debconf-set-selections
        apt-get update

    - name: Install recent git
      run: |
        apt-get install -y --no-install-recommends git-core ca-certificates

    - uses: actions/checkout@v2
      with:
        path: freeradius

    - name: Prepare filesystem
      run: |
        pwd
        ls -la
        mkdir debs
        ls -la

    - name: Install build dependencies
      run: |
        apt-get install -y --no-install-recommends build-essential devscripts quilt equivs procps
        debian/rules debian/control
        mk-build-deps -irt"apt-get -y" debian/control
      working-directory: freeradius

    - name: Show versions
      run: |
        $CC --version
        make --version
        krb5-config --all || :
        openssl version

    - name: Build DEBs
      run: |
        make deb
      working-directory: freeradius

    - name: Collect DEBs
      run: |
        mv *.deb debs/

    - name: Restore eapol_test build directory from cache
      uses: actions/cache@v2
      id: hostapd-cache
      with:
        path: ${{ env.HOSTAPD_BUILD_DIR }}
        key: hostapd-${{ matrix.env.NAME }}-${{ env.HOSTAPD_GIT_TAG }}-v1

    # Debian sid defaults to gcc12 which fails to build eapol_test
    - name: Install GCC 10 for eapol_test build
      run: |
        apt-get install -y --no-install-recommends gcc-10
        update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 60 && update-alternatives --set gcc /usr/bin/gcc-10
      if: ${{ matrix.env.OS == 'debian:sid' }}

    - name: Build eapol_test
      run: |
        apt-get install -y libnl-3-dev libnl-genl-3-dev
        scripts/ci/eapol_test-build.sh
        mv scripts/ci/eapol_test/eapol_test ../debs
      working-directory: freeradius

    - name: Store DEBs
      uses: actions/upload-artifact@v2
      with:
        name: debs-${{ matrix.env.NAME }}
        path: debs

    #
    #  If the CI has failed and the branch is ci-debug then start a tmate
    #  session. SSH rendezvous point is emited continuously in the job output.
    #
    - name: "Debug: Package dependancies for tmate"
      run: |
        apt-get install -y --no-install-recommends xz-utils
      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}

    - name: "Debug: Start tmate"
      uses: mxschmitt/action-tmate@v3
      with:
        limit-access-to-actor: true
        sudo: false
      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}


  deb-test:

    needs:
      - deb-build

    strategy:
      matrix:
        env:
          - { NAME: "ubuntu-18.04", OS: "ubuntu:bionic-20220801" }
          - { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" }
          - { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" }
          - { NAME: "debian-9", OS: "debian:stretch" }
          - { NAME: "debian-10", OS: "debian:buster" }
          - { NAME: "debian-11", OS: "debian:bullseye" }
          - { NAME: "debian-sid", OS: "debian:sid" }
      fail-fast: false

    runs-on: ubuntu-latest

    container:
      image: ${{ matrix.env.OS }}

    name: "DEB install test"

    steps:

    - name: Load DEBs
      uses: actions/download-artifact@v2
      with:
        name: debs-${{ matrix.env.NAME }}

    - name: Package manager performance improvements
      run: |
        if [ -f "/etc/apt/sources.list" ]; then
        sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list
        sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list
        fi
        echo force-unsafe-io > /etc/dpkg/dpkg.cfg.d/02speedup
        echo 'man-db man-db/auto-update boolean false' | debconf-set-selections
        apt-get update

    # For pkill and strings
    - name: Install procps and binutils
      run: |
        apt-get update
        apt-get install -y --no-install-recommends procps binutils

    - name: Install DEBs
      run: |
        find . -maxdepth 1 -name '*.deb' | xargs apt-get install -y --no-install-recommends

    - name: Config test
      run: |
        freeradius -XC

    #
    #  We now perform some post-install tests that depend on the availability
    #  of the source tree
    #
    - name: Install pre-built eapol_test
      run: |
        apt-get install -y libssl1.? libdbus-1-? libnl-3-200 libnl-genl-3-200
        mv eapol_test /usr/local/bin
        chmod +x /usr/local/bin/eapol_test

    - uses: actions/checkout@v2
      with:
        path: freeradius

    - name: Run the post-install test target
      run: |
        echo "top_builddir := $(pwd)" > Make.inc
        make -C src/tests/ OPENSSL_LIBS=1 EAPOL_TEST_BIN="$(which eapol_test)" $(pwd)/build/tests/eapol_test/eapol_test.mk
        make -f scripts/ci/package-test.mk package-test
      working-directory: freeradius

    - name: Upload radius logs on failure
      if: ${{ failure() }}
      uses: actions/upload-artifact@v2
      with:
        name: radius-logs-${{ matrix.env.NAME }}.tgz
        path: |
          /var/log/freeradius
          freeradius/build/tests/eapol_test

    #
    #  See above comments for tmate
    #
    - name: "Debug: Package dependancies for tmate"
      run: |
        apt-get install -y --no-install-recommends xz-utils
      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}

    - name: "Debug: Start tmate"
      uses: mxschmitt/action-tmate@v3
      with:
        limit-access-to-actor: true
        sudo: false
      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}