name: CI DEB on: push: branches-ignore: - coverity_scan pull_request: env: DEBIAN_FRONTEND: noninteractive CC: gcc jobs: deb-build: strategy: matrix: env: - { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" } - { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" } - { NAME: "ubuntu-24.04", OS: "ubuntu:24.04" } - { NAME: "debian-10", OS: "debian:buster" } - { NAME: "debian-11", OS: "debian:bullseye" } - { NAME: "debian-12", OS: "debian:bookworm" } - { NAME: "debian-sid", OS: "debian:sid" } fail-fast: false runs-on: ubuntu-latest container: image: ${{ matrix.env.OS }} env: HOSTAPD_BUILD_DIR: /tmp/eapol_test.ci HOSTAPD_GIT_TAG: hostap_2_8 name: "DEB build" steps: - name: Package manager performance and stability improvements run: | if [ -f "/etc/apt/sources.list" ]; then sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list fi echo 'Acquire::Retries "10";' > /etc/apt/apt.conf.d/80-retries echo 'force-unsafe-io' > /etc/dpkg/dpkg.cfg.d/02speedup echo 'man-db man-db/auto-update boolean false' | debconf-set-selections apt-get update - name: Install recent git run: | apt-get install -y --no-install-recommends git-core ca-certificates - uses: actions/checkout@v4 with: path: freeradius - name: Prepare filesystem run: | pwd ls -la mkdir debs ls -la - name: Install build dependencies run: | apt-get install -y --no-install-recommends build-essential devscripts quilt equivs procps fakeroot debian/rules debian/control mk-build-deps -irt"apt-get -y" debian/control working-directory: freeradius - name: Show versions run: | $CC --version make --version krb5-config --all || : openssl version - name: Build DEBs run: | make deb working-directory: freeradius - name: Collect DEBs run: | mv *.deb debs/ - name: Restore eapol_test build directory from cache uses: actions/cache@v4 id: hostapd-cache with: path: ${{ env.HOSTAPD_BUILD_DIR }} key: hostapd-${{ matrix.env.NAME }}-${{ env.HOSTAPD_GIT_TAG }}-v1 # Debian sid defaults to gcc12 which fails to build eapol_test - name: Install GCC 10 for eapol_test build run: | apt-get install -y --no-install-recommends gcc-10 update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-10 60 && update-alternatives --set gcc /usr/bin/gcc-10 if: ${{ matrix.env.OS == 'debian:sid' }} - name: Build eapol_test run: | apt-get install -y libnl-3-dev libnl-genl-3-dev scripts/ci/eapol_test-build.sh mv scripts/ci/eapol_test/eapol_test ../debs working-directory: freeradius - name: Store DEBs uses: actions/upload-artifact@v4 with: name: debs-${{ matrix.env.NAME }} path: debs # # If the CI has failed and the branch is ci-debug then start a tmate # session. SSH rendezvous point is emited continuously in the job output. # - name: "Debug: Package dependancies for tmate" run: | apt-get install -y --no-install-recommends xz-utils if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} - name: "Debug: Start tmate" uses: mxschmitt/action-tmate@v3 with: limit-access-to-actor: true sudo: false if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} deb-test: needs: - deb-build strategy: matrix: env: - { NAME: "ubuntu-20.04", OS: "ubuntu:20.04" } - { NAME: "ubuntu-22.04", OS: "ubuntu:22.04" } - { NAME: "ubuntu-24.04", OS: "ubuntu:24.04" } - { NAME: "debian-10", OS: "debian:buster" } - { NAME: "debian-11", OS: "debian:bullseye" } - { NAME: "debian-12", OS: "debian:bookworm" } - { NAME: "debian-sid", OS: "debian:sid" } fail-fast: false runs-on: ubuntu-latest container: image: ${{ matrix.env.OS }} name: "DEB install test" steps: - name: Load DEBs uses: actions/download-artifact@v4 with: name: debs-${{ matrix.env.NAME }} - name: Package manager performance improvements run: | if [ -f "/etc/apt/sources.list" ]; then sed -i 's/deb.debian.org/debian-archive.trafficmanager.net/' /etc/apt/sources.list sed -i 's/archive.ubuntu.com/azure.archive.ubuntu.com/' /etc/apt/sources.list fi echo force-unsafe-io > /etc/dpkg/dpkg.cfg.d/02speedup echo 'man-db man-db/auto-update boolean false' | debconf-set-selections apt-get update # For pkill and strings - name: Install procps and binutils run: | apt-get update apt-get install -y --no-install-recommends procps binutils - name: Install DEBs run: | find . -maxdepth 1 -name '*.deb' | xargs apt-get install -y --no-install-recommends - name: Config test run: | freeradius -XxC # # We now perform some post-install tests that depend on the availability # of the source tree # - name: Install pre-built eapol_test run: | apt-get install -y libssl1.? libdbus-1-? libnl-3-200 libnl-genl-3-200 mv eapol_test /usr/local/bin chmod +x /usr/local/bin/eapol_test - uses: actions/checkout@v4 with: path: freeradius - name: Run the post-install test target run: | echo "top_builddir := $(pwd)" > Make.inc make -C src/tests/ OPENSSL_LIBS=1 EAPOL_TEST_BIN="$(which eapol_test)" $(pwd)/build/tests/eapol_test/eapol_test.mk make -f scripts/ci/package-test.mk package-test working-directory: freeradius - name: Upload radius logs on failure if: ${{ failure() }} uses: actions/upload-artifact@v4 with: name: radius-logs-${{ matrix.env.NAME }}.tgz path: | /var/log/freeradius freeradius/build/tests/eapol_test # # See above comments for tmate # - name: "Debug: Package dependancies for tmate" run: | apt-get install -y --no-install-recommends xz-utils if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }} - name: "Debug: Start tmate" uses: mxschmitt/action-tmate@v3 with: limit-access-to-actor: true sudo: false if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}