diff options
Diffstat (limited to '.github')
| -rw-r--r-- | .github/workflows/ci.yml | 219 | ||||
| -rw-r--r-- | .github/workflows/cifuzz.yml | 24 | ||||
| -rw-r--r-- | .github/workflows/codeql.yml | 41 | ||||
| -rw-r--r-- | .github/workflows/devel-push.yml | 109 |
4 files changed, 393 insertions, 0 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..210b5be --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,219 @@ +name: libyang CI +on: + push: + branches: + - master + - devel + pull_request: + branches: + - master + - devel + +jobs: + build-unix: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Release, gcc", + os: "ubuntu-22.04", + build-type: "Release", + cc: "gcc", + options: "-DENABLE_TESTS=ON", + packager: "sudo apt-get", + # no expect because stdout seems to be redirected + packages: "libcmocka-dev shunit2", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "Release, clang", + os: "ubuntu-22.04", + build-type: "Release", + cc: "clang", + options: "-DENABLE_TESTS=ON", + packager: "sudo apt-get", + packages: "libcmocka-dev shunit2", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "Debug, gcc", + os: "ubuntu-22.04", + build-type: "Debug", + cc: "gcc", + options: "", + packager: "sudo apt-get", + packages: "libcmocka-dev valgrind shunit2", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "Debug, clang", + os: "ubuntu-22.04", + build-type: "Debug", + cc: "clang", + options: "", + packager: "sudo apt-get", + # no valgrind because it does not support DWARF5 yet generated by clang 14 + packages: "libcmocka-dev shunit2", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "Release, macOS 11, clang", + os: "macos-11", + build-type: "Release", + cc: "clang", + options: "-DENABLE_TESTS=ON -DPATH_EXPECT=", + packager: "brew", + packages: "cmocka shunit2", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "ASAN and UBSAN", + os: "ubuntu-22.04", + build-type: "Debug", + cc: "clang", + options: "-DCMAKE_C_FLAGS=-fsanitize=address,undefined -DENABLE_TESTS=ON -DENABLE_VALGRIND_TESTS=OFF", + packager: "sudo apt-get", + packages: "libcmocka-dev", + snaps: "", + make-prepend: "", + make-target: "" + } + - { + name: "ABI Check", + os: "ubuntu-22.04", + build-type: "ABICheck", + cc: "gcc", + options: "", + packager: "sudo apt-get", + packages: "libcmocka-dev abi-dumper abi-compliance-checker", + snaps: "core universal-ctags", + make-prepend: "", + make-target: "abi-check" + } + + steps: + - uses: actions/checkout@v3 + + - name: Deps-packages + shell: bash + run: | + ${{ matrix.config.packager }} update + if ${{ matrix.config.packages != '' }} + then ${{ matrix.config.packager }} install ${{ matrix.config.packages }} + fi + if ${{ matrix.config.snaps != '' }} + then sudo snap install ${{ matrix.config.snaps }} + fi + + - name: Deps-uncrustify + shell: bash + working-directory: ${{ github.workspace }} + run: | + git clone --branch uncrustify-0.75.1 https://github.com/uncrustify/uncrustify + cd uncrustify + mkdir build + cd build + CC=${{ matrix.config.cc }} cmake .. + make + sudo make install + if: ${{ matrix.config.name == 'Debug, gcc' }} + + - name: Configure + shell: bash + working-directory: ${{ github.workspace }} + run: | + mkdir build + cd build + CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} .. + + - name: Build + shell: bash + working-directory: ${{ github.workspace }}/build + run: | + export LC_ALL=C.UTF-8 + export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH + ${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }} + + - name: Test + shell: bash + working-directory: ${{ github.workspace }}/build + run: ctest --output-on-failure + + build-windows: + name: ${{ matrix.name }} + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + include: + - name: "Windows 2022 MSVC 16 LF" + os: windows-2022 + triplet: x64-windows + build_type: Release + generators: "Visual Studio 17 2022" + autocrlf: input + eol: lf + + - name: "Windows 2022 MSVC 16 no autoCRLF" + os: windows-2022 + triplet: x64-windows + build_type: Release + generators: "Visual Studio 17 2022" + + steps: + - name: Unix line endings in git + if: matrix.autocrlf + run: | + git config --global core.autocrlf ${{ matrix.autocrlf }} + + - name: Unix line endings in git + if: matrix.eol + run: | + git config --global core.eol ${{ matrix.eol }} + + - uses: actions/checkout@v3 + + - name: Get number of CPU cores + id: cpu-cores + uses: SimenB/github-actions-cpu-cores@v1 + + - name: Install Windows dependencies + run: vcpkg install --triplet=${{ matrix.triplet }} pcre2 pthreads dirent dlfcn-win32 cmocka getopt + + - name: Configure + shell: bash + run: | + cmake \ + -S '${{ github.workspace }}/' \ + -B '${{ github.workspace }}/'../build \ + -G '${{ matrix.generators }}' \ + -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \ + -DVCPKG_TARGET_TRIPLET=${{ matrix.triplet }} \ + -DCMAKE_TOOLCHAIN_FILE=${VCPKG_INSTALLATION_ROOT//\\//}/scripts/buildsystems/vcpkg.cmake \ + -DENABLE_TESTS=ON \ + '-DCMAKE_INSTALL_PREFIX:PATH=${{ github.workspace }}'/../target + + - name: Build + working-directory: '${{ github.workspace }}/../build' + run: cmake --build . -j${{ steps.cpu-cores.outputs.count }} --config ${{ matrix.build_type }} + + - name: Test + working-directory: '${{ github.workspace }}/../build' + run: ctest --output-on-failure -j${{ steps.cpu-cores.outputs.count }} --build-config ${{ matrix.build_type }} + + - name: Install + working-directory: '${{ github.workspace }}/../build' + run: cmake --install . --strip diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml new file mode 100644 index 0000000..89b7bbd --- /dev/null +++ b/.github/workflows/cifuzz.yml @@ -0,0 +1,24 @@ +name: CIFuzz +on: [pull_request] +jobs: + Fuzzing: + runs-on: ubuntu-latest + steps: + - name: Build Fuzzers + id: build + uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master + with: + oss-fuzz-project-name: 'libyang' + dry-run: false + - name: Run Fuzzers + uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master + with: + oss-fuzz-project-name: 'libyang' + fuzz-seconds: 300 + dry-run: false + - name: Upload Crash + uses: actions/upload-artifact@v3 + if: failure() && steps.build.outcome == 'success' + with: + name: artifacts + path: ./out/artifacts diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..264faa8 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,41 @@ +name: "CodeQL" + +on: + push: + branches: [ "master", "devel" ] + pull_request: + branches: [ "devel" ] + schedule: + - cron: "38 17 * * 4" + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ cpp ] + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-and-quality + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 + with: + category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/devel-push.yml b/.github/workflows/devel-push.yml new file mode 100644 index 0000000..7dddc13 --- /dev/null +++ b/.github/workflows/devel-push.yml @@ -0,0 +1,109 @@ +name: libyang devel push +on: + push: + branches: + - devel + +env: + COVERITY_PROJECT: CESNET%2Flibyang + +jobs: + build: + name: ${{ matrix.config.name }} + runs-on: ${{ matrix.config.os }} + strategy: + fail-fast: false + matrix: + config: + - { + name: "Coverity", + os: "ubuntu-latest", + build-type: "Debug", + cc: "clang", + options: "", + packager: "sudo apt-get", + packages: "", + snaps: "", + make-prepend: "cov-build --dir cov-int", + make-target: "" + } + - { + name: "Codecov", + os: "ubuntu-latest", + build-type: "Debug", + cc: "gcc", + options: "-DENABLE_COVERAGE=ON", + packager: "sudo apt-get", + packages: "libcmocka-dev lcov", + snaps: "", + make-prepend: "", + make-target: "" + } + + steps: + - uses: actions/checkout@v3 + + - name: Deps-packages + shell: bash + run: | + ${{ matrix.config.packager }} update + if ${{ matrix.config.packages != '' }} + then ${{ matrix.config.packager }} install ${{ matrix.config.packages }} + fi + if ${{ matrix.config.snaps != '' }} + then sudo snap install ${{ matrix.config.snaps }} + fi + + - name: Deps-coverity + shell: bash + working-directory: ${{ github.workspace }} + run: | + wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=$COVERITY_PROJECT" -O coverity-tools.tar.gz + mkdir coverity-tools + tar xzf coverity-tools.tar.gz --strip 1 -C coverity-tools + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + if: ${{ matrix.config.name == 'Coverity' }} + + - name: Configure + shell: bash + working-directory: ${{ github.workspace }} + run: | + mkdir build + cd build + CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} .. + + - name: Build + shell: bash + working-directory: ${{ github.workspace }}/build + run: | + export LC_ALL=C.UTF-8 + export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH + ${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }} + + - name: Test + shell: bash + working-directory: ${{ github.workspace }}/build + run: ctest --output-on-failure + + - name: Upload to Coverity.com + shell: bash + working-directory: ${{ github.workspace }}/build + run: | + tar czvf libyang.tgz cov-int + curl \ + --form token=$TOKEN \ + --form email=mvasko@cesnet.cz \ + --form file=@libyang.tgz \ + --form version="`./yanglint -v | cut -d\" \" -f2`" \ + --form description="libyang YANG library" \ + https://scan.coverity.com/builds?project=$COVERITY_PROJECT + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + if: ${{ matrix.config.name == 'Coverity' }} + + - name: Upload to Codecov.io + shell: bash + working-directory: ${{ github.workspace }}/build + run: bash <(curl -s https://codecov.io/bash) + if: ${{ matrix.config.name == 'Codecov' }} |