summaryrefslogtreecommitdiffstats
path: root/.github
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--.github/ISSUE_TEMPLATE19
-rw-r--r--.github/actions/run-build/action.yml45
-rw-r--r--.github/release.yml29
-rw-r--r--.github/workflows/benchmark.yml82
-rw-r--r--.github/workflows/build-containers.yml72
-rw-r--r--.github/workflows/main.yml304
-rw-r--r--.github/workflows/nightly.yml410
7 files changed, 961 insertions, 0 deletions
diff --git a/.github/ISSUE_TEMPLATE b/.github/ISSUE_TEMPLATE
new file mode 100644
index 0000000..717f8b9
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE
@@ -0,0 +1,19 @@
+You are opening a _bug report_ against the libgit2 project: we use
+GitHub Issues for tracking bug reports and feature requests. If you
+have a question about an API or usage, please ask on StackOverflow:
+http://stackoverflow.com/questions/tagged/libgit2. If you want to
+have high-level discussions about the libgit2 project itself, visit
+https://github.com/libgit2/discussions.
+
+Otherwise, to report a bug, please fill out the reproduction steps
+(below) and delete these introductory paragraphs. Thanks!
+
+### Reproduction steps
+
+### Expected behavior
+
+### Actual behavior
+
+### Version of libgit2 (release number or SHA1)
+
+### Operating system(s) tested
diff --git a/.github/actions/run-build/action.yml b/.github/actions/run-build/action.yml
new file mode 100644
index 0000000..41145d3
--- /dev/null
+++ b/.github/actions/run-build/action.yml
@@ -0,0 +1,45 @@
+# Run a build step in a container or directly on the Actions runner
+name: Run Build Step
+description: Run a build step in a container or directly on the Actions runner
+
+inputs:
+ command:
+ description: Command to run
+ required: true
+ type: string
+ container:
+ description: Optional container to run in
+ type: string
+ container-version:
+ description: Version of the container to run
+ type: string
+
+runs:
+ using: 'composite'
+ steps:
+ - run: |
+ if [ -n "${{ inputs.container }}" ]; then
+ docker run \
+ --rm \
+ --user "$(id -u):$(id -g)" \
+ -v "$(pwd)/source:/home/libgit2/source" \
+ -v "$(pwd)/build:/home/libgit2/build" \
+ -w /home/libgit2 \
+ -e ASAN_SYMBOLIZER_PATH \
+ -e CC \
+ -e CFLAGS \
+ -e CMAKE_GENERATOR \
+ -e CMAKE_OPTIONS \
+ -e GITTEST_NEGOTIATE_PASSWORD \
+ -e GITTEST_FLAKY_STAT \
+ -e PKG_CONFIG_PATH \
+ -e SKIP_NEGOTIATE_TESTS \
+ -e SKIP_SSH_TESTS \
+ -e TSAN_OPTIONS \
+ -e UBSAN_OPTIONS \
+ ${{ inputs.container-version }} \
+ /bin/bash -c "${{ inputs.command }}"
+ else
+ ${{ inputs.command }}
+ fi
+ shell: bash
diff --git a/.github/release.yml b/.github/release.yml
new file mode 100644
index 0000000..7a00321
--- /dev/null
+++ b/.github/release.yml
@@ -0,0 +1,29 @@
+changelog:
+ categories:
+ - title: New features
+ labels:
+ - feature
+ - title: Performance improvements
+ labels:
+ - performance
+ - title: Bug fixes
+ labels:
+ - bug
+ - title: Security fixes
+ labels:
+ - security
+ - title: Code cleanups
+ labels:
+ - cleanup
+ - title: Build and CI improvements
+ labels:
+ - build
+ - title: Documentation improvements
+ labels:
+ - documentation
+ - title: Git compatibility fixes
+ labels:
+ - git compatibility
+ - title: Other changes
+ labels:
+ - '*'
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
new file mode 100644
index 0000000..bf21674
--- /dev/null
+++ b/.github/workflows/benchmark.yml
@@ -0,0 +1,82 @@
+# Benchmark libgit2 against the git reference implementation.
+name: Benchmark
+
+on:
+ workflow_dispatch:
+ schedule:
+ - cron: '15 4 * * *'
+
+jobs:
+ # Run our nightly builds. We build a matrix with the various build
+ # targets and their details. Then we build either in a docker container
+ # (Linux) or on the actual hosts (macOS, Windows).
+ build:
+ # Only run scheduled workflows on the main repository; prevents people
+ # from using build minutes on their forks.
+ if: github.repository == 'libgit2/libgit2'
+
+ strategy:
+ matrix:
+ platform:
+ - name: "Linux (clang, OpenSSL)"
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DBUILD_TESTS=OFF -DBUILD_EXAMPLES=OFF -DBUILD_CLI=ON -DCMAKE_BUILD_TYPE=Release
+ CMAKE_BUILD_OPTIONS: --config Release
+ id: linux
+ os: ubuntu-latest
+ setup-script: ubuntu
+ - name: "macOS"
+ os: macos-11
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DBUILD_TESTS=OFF -DBUILD_EXAMPLES=OFF -DBUILD_CLI=ON -DCMAKE_BUILD_TYPE=Release
+ CMAKE_BUILD_OPTIONS: --config Release
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ id: macos
+ setup-script: osx
+ - name: "Windows (amd64, Visual Studio)"
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DDEPRECATE_HARD=ON -DBUILD_TESTS=OFF -DBUILD_EXAMPLES=OFF -DBUILD_CLI=ON -DCMAKE_BUILD_TYPE=Release
+ CMAKE_BUILD_OPTIONS: --config Release
+ id: windows
+ setup-script: win32
+ fail-fast: false
+ name: "Build ${{ matrix.platform.name }}"
+ env: ${{ matrix.platform.env }}
+ runs-on: ${{ matrix.platform.os }}
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Set up benchmark environment
+ run: source/ci/setup-${{ matrix.platform.setup-script }}-benchmark.sh
+ shell: bash
+ if: matrix.platform.setup-script != ''
+ - name: Build
+ run: |
+ mkdir build && cd build
+ ../source/ci/build.sh
+ shell: bash
+ - name: Benchmark
+ run: |
+ if [[ "$(uname -s)" == MINGW* ]]; then
+ GIT2_CLI="$(cygpath -w $(pwd))\\build\\Release\\git2"
+ else
+ GIT2_CLI="$(pwd)/build/git2"
+ fi
+
+ mkdir benchmark && cd benchmark
+ ../source/tests/benchmarks/benchmark.sh --baseline-cli "git" --cli "${GIT2_CLI}" --json benchmarks.json --zip benchmarks.zip
+ shell: bash
+ - name: Upload results
+ uses: actions/upload-artifact@v2
+ with:
+ name: benchmark-${{ matrix.platform.id }}
+ path: benchmark
+ if: always()
diff --git a/.github/workflows/build-containers.yml b/.github/workflows/build-containers.yml
new file mode 100644
index 0000000..767798b
--- /dev/null
+++ b/.github/workflows/build-containers.yml
@@ -0,0 +1,72 @@
+# Generate the containers that we use for builds.
+name: Build Containers
+
+on:
+ workflow_call:
+
+env:
+ docker-registry: ghcr.io
+ docker-config-path: source/ci/docker
+
+jobs:
+ # Build the docker container images that we will use for our Linux
+ # builds. This will identify the last commit to the repository that
+ # updated the docker images, and try to download the image tagged with
+ # that sha. If it does not exist, we'll do a docker build and push
+ # the image up to GitHub Packages for the actual CI/CD runs. We tag
+ # with both the sha and "latest" so that the subsequent runs need not
+ # know the sha. Only do this on CI builds (when the event is a "push")
+ # because PR builds from forks lack permission to write packages.
+ containers:
+ strategy:
+ matrix:
+ container:
+ - name: xenial
+ - name: bionic
+ - name: focal
+ - name: docurium
+ - name: bionic-x86
+ dockerfile: bionic
+ base: multiarch/ubuntu-core:x86-bionic
+ qemu: true
+ - name: bionic-arm32
+ dockerfile: bionic
+ base: multiarch/ubuntu-core:armhf-bionic
+ qemu: true
+ - name: bionic-arm64
+ dockerfile: bionic
+ base: multiarch/ubuntu-core:arm64-bionic
+ qemu: true
+ - name: centos7
+ - name: centos8
+ runs-on: ubuntu-latest
+ name: "Create container: ${{ matrix.container.name }}"
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ if: github.event_name != 'pull_request'
+ - name: Setup QEMU
+ run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
+ if: matrix.container.qemu == true
+ - name: Download existing container
+ run: |
+ "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.container.name }}" "${{ matrix.container.dockerfile }}"
+ env:
+ DOCKER_REGISTRY: ${{ env.docker-registry }}
+ GITHUB_TOKEN: ${{ secrets.github_token }}
+ working-directory: ${{ env.docker-config-path }}
+ if: github.event_name != 'pull_request'
+ - name: Build and publish image
+ run: |
+ if [ "${{ matrix.container.base }}" != "" ]; then
+ BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
+ fi
+ docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
+ docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
+ docker push ${{ env.docker-registry-container-sha }}
+ docker push ${{ env.docker-registry-container-latest }}
+ working-directory: ${{ env.docker-config-path }}
+ if: github.event_name != 'pull_request' && env.docker-container-exists != 'true'
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
new file mode 100644
index 0000000..d84ded0
--- /dev/null
+++ b/.github/workflows/main.yml
@@ -0,0 +1,304 @@
+# Continuous integration and pull request validation builds for the
+# main and maintenance branches.
+name: CI Build
+
+on:
+ push:
+ branches: [ main, maint/* ]
+ pull_request:
+ branches: [ main, maint/* ]
+ workflow_dispatch:
+
+env:
+ docker-registry: ghcr.io
+ docker-config-path: source/ci/docker
+
+jobs:
+ containers:
+ uses: ./.github/workflows/build-containers.yml
+
+ # Run our CI/CD builds. We build a matrix with the various build targets
+ # and their details. Then we build either in a docker container (Linux)
+ # or on the actual hosts (macOS, Windows).
+ build:
+ needs: [ containers ]
+ strategy:
+ matrix:
+ platform:
+ - name: "Linux (Xenial, GCC, OpenSSL)"
+ id: xenial-gcc-openssl
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ os: ubuntu-latest
+ - name: Linux (Xenial, GCC, mbedTLS)
+ id: xenial-gcc-mbedtls
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "Linux (Xenial, Clang, OpenSSL)"
+ id: xenial-clang-openssl
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "Linux (Xenial, Clang, mbedTLS)"
+ id: xenial-clang-mbedtls
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ os: ubuntu-latest
+ - name: "macOS"
+ id: macos
+ os: macos-11
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ setup-script: osx
+ - name: "Windows (amd64, Visual Studio, Schannel)"
+ id: windows-amd64-vs
+ os: windows-2019
+ setup-script: win32
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel -DUSE_SSH=ON -DCMAKE_PREFIX_PATH=D:\Temp\libssh2
+ BUILD_PATH: C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin;D:\Temp\libssh2\bin
+ BUILD_TEMP: D:\Temp
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, Visual Studio, WinHTTP)"
+ id: windows-x86-vs
+ os: windows-2019
+ setup-script: win32
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON -DCMAKE_PREFIX_PATH=D:\Temp\libssh2
+ BUILD_PATH: C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin;D:\Temp\libssh2\bin
+ BUILD_TEMP: D:\Temp
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (amd64, mingw, WinHTTP)"
+ id: windows-amd64-mingw
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, mingw, Schannel)"
+ id: windows-x86-mingw
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+
+ # Sanitizers
+ - name: "Sanitizer (Memory)"
+ id: memorysanitizer
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ os: ubuntu-latest
+ - name: "Sanitizer (UndefinedBehavior)"
+ id: ubsanitizer
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ os: ubuntu-latest
+ - name: "Sanitizer (Thread)"
+ id: threadsanitizer
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
+ os: ubuntu-latest
+
+ # Experimental: SHA256 support
+ - name: "Linux (SHA256, Xenial, Clang, OpenSSL)"
+ id: xenial-clang-openssl
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DEXPERIMENTAL_SHA256=ON
+ os: ubuntu-latest
+ - name: "macOS (SHA256)"
+ id: macos
+ os: macos-11
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON -DEXPERIMENTAL_SHA256=ON
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ setup-script: osx
+ - name: "Windows (SHA256, amd64, Visual Studio)"
+ id: windows-amd64-vs
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DEXPERIMENTAL_SHA256=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ fail-fast: false
+ env: ${{ matrix.platform.env }}
+ runs-on: ${{ matrix.platform.os }}
+ name: "Build: ${{ matrix.platform.name }}"
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Set up build environment
+ run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh
+ shell: bash
+ if: matrix.platform.setup-script != ''
+ - name: Setup QEMU
+ run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
+ if: matrix.platform.container.qemu == true
+ - name: Download container
+ run: |
+ "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
+ env:
+ DOCKER_REGISTRY: ${{ env.docker-registry }}
+ GITHUB_TOKEN: ${{ secrets.github_token }}
+ working-directory: ${{ env.docker-config-path }}
+ if: matrix.platform.container.name != ''
+ - name: Create container
+ run: |
+ if [ "${{ matrix.container.base }}" != "" ]; then
+ BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
+ fi
+ docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
+ working-directory: ${{ env.docker-config-path }}
+ if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
+ - name: Prepare build
+ run: mkdir build
+ - name: Build
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd build && ../source/ci/build.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+ - name: Test
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd build && ../source/ci/test.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+ - name: Upload test results
+ uses: actions/upload-artifact@v3
+ if: success() || failure()
+ with:
+ name: test-results-${{ matrix.platform.id }}
+ path: build/results_*.xml
+
+ test_results:
+ name: Test results
+ needs: [ build ]
+ if: always()
+ runs-on: ubuntu-latest
+ steps:
+ - name: Download test results
+ uses: actions/download-artifact@v3
+ - name: Generate test summary
+ uses: test-summary/action@v2
+ with:
+ paths: 'test-results-*/*.xml'
+
+
+ # Generate documentation using docurium. We'll upload the documentation
+ # as a build artifact so that it can be reviewed as part of a pull
+ # request or in a forked build. For CI builds in the main repository's
+ # main branch, we'll push the gh-pages branch back up so that it is
+ # published to our documentation site.
+ documentation:
+ name: Generate documentation
+ needs: [ containers ]
+ if: success() || failure()
+ runs-on: ubuntu-latest
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Generate documentation
+ working-directory: source
+ run: |
+ git config user.name 'Documentation Generation'
+ git config user.email 'libgit2@users.noreply.github.com'
+ git branch gh-pages origin/gh-pages
+ docker login https://${{ env.docker-registry }} -u ${{ github.actor }} -p ${{ github.token }}
+ docker run \
+ --rm \
+ -v "$(pwd):/home/libgit2" \
+ -w /home/libgit2 \
+ ${{ env.docker-registry }}/${{ github.repository }}/docurium:latest \
+ cm doc api.docurium
+ git checkout gh-pages
+ zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip .
+ - uses: actions/upload-artifact@v3
+ name: Upload artifact
+ with:
+ name: api-documentation
+ path: source/api-documentation.zip
+ - name: Push documentation branch
+ working-directory: source
+ run: git push origin gh-pages
+ if: github.event_name == 'push' && github.repository == 'libgit2/libgit2'
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
new file mode 100644
index 0000000..18328a7
--- /dev/null
+++ b/.github/workflows/nightly.yml
@@ -0,0 +1,410 @@
+# Nightly build for the main branch across multiple targets.
+name: Nightly Build
+
+on:
+ workflow_dispatch:
+ schedule:
+ - cron: '15 1 * * *'
+
+env:
+ docker-registry: ghcr.io
+ docker-config-path: source/ci/docker
+
+jobs:
+ # Run our nightly builds. We build a matrix with the various build
+ # targets and their details. Then we build either in a docker container
+ # (Linux) or on the actual hosts (macOS, Windows).
+ build:
+ # Only run scheduled workflows on the main repository; prevents people
+ # from using build minutes on their forks.
+ if: github.repository == 'libgit2/libgit2'
+
+ strategy:
+ matrix:
+ platform:
+ - name: Linux (Xenial, GCC, OpenSSL)
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "Linux (Xenial, GCC, mbedTLS)"
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "Linux (Xenial, Clang, OpenSSL)"
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "Linux (Xenial, Clang, mbedTLS)"
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ os: ubuntu-latest
+ - name: "Linux (no threads)"
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_OPTIONS: -DTHREADSAFE=OFF -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ os: ubuntu-latest
+ - name: "Linux (dynamically-loaded OpenSSL)"
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ os: ubuntu-latest
+ - name: "Linux (MemorySanitizer)"
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ os: ubuntu-latest
+ - name: "Linux (UndefinedBehaviorSanitizer)"
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ os: ubuntu-latest
+ - name: "Linux (ThreadSanitizer)"
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
+ os: ubuntu-latest
+ - name: "Linux (no mmap)"
+ container:
+ name: focal
+ env:
+ CC: clang-10
+ CFLAGS: -DNO_MMAP
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (CentOS 7)"
+ container:
+ name: centos7
+ env:
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
+ SKIP_NEGOTIATE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (CentOS 7, dynamically-loaded OpenSSL)"
+ container:
+ name: centos7
+ env:
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
+ SKIP_NEGOTIATE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (CentOS 8)"
+ container:
+ name: centos8
+ env:
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON
+ PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
+ SKIP_NEGOTIATE_TESTS: true
+ SKIP_SSH_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (CentOS 8, dynamically-loaded OpenSSL)"
+ container:
+ name: centos8
+ env:
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON
+ PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
+ SKIP_NEGOTIATE_TESTS: true
+ SKIP_SSH_TESTS: true
+ os: ubuntu-latest
+ - name: "macOS"
+ os: macos-11
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ setup-script: osx
+ - name: "Windows (amd64, Visual Studio, WinHTTP)"
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=WinHTTP
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, Visual Studio, WinHTTP)"
+ os: windows-2019
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=WinHTTP -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (amd64, Visual Studio, Schannel)"
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, Visual Studio, Schannel)"
+ os: windows-2019
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel -DUSE_BUNDLED_ZLIB=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (amd64, mingw, WinHTTP)"
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, mingw, Schannel)"
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (no mmap)"
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CFLAGS: -DNO_MMAP
+ CMAKE_OPTIONS: -A x64 -DDEPRECATE_HARD=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Linux (Bionic, GCC, dynamically-loaded OpenSSL)"
+ container:
+ name: bionic
+ dockerfile: bionic
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ RUN_INVASIVE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (x86, Bionic, Clang, OpenSSL)"
+ container:
+ name: bionic-x86
+ dockerfile: bionic
+ qemu: true
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ RUN_INVASIVE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (x86, Bionic, GCC, OpenSSL)"
+ container:
+ name: bionic-x86
+ dockerfile: bionic
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ RUN_INVASIVE_TESTS: true
+ os: ubuntu-latest
+ - name: "Linux (arm32, Bionic, GCC, OpenSSL)"
+ container:
+ name: bionic-arm32
+ dockerfile: bionic
+ qemu: true
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ RUN_INVASIVE_TESTS: true
+ SKIP_PROXY_TESTS: true
+ GITTEST_FLAKY_STAT: true
+ os: ubuntu-latest
+ - name: "Linux (arm64, Bionic, GCC, OpenSSL)"
+ container:
+ name: bionic-arm64
+ dockerfile: bionic
+ qemu: true
+ env:
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ RUN_INVASIVE_TESTS: true
+ SKIP_PROXY_TESTS: true
+ os: ubuntu-latest
+
+ # Experimental: SHA256 support
+ - name: "Linux (SHA256, Xenial, Clang, OpenSSL)"
+ id: xenial-clang-openssl
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ os: ubuntu-latest
+ - name: "macOS (SHA256)"
+ id: macos
+ os: macos-10.15
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON -DEXPERIMENTAL_SHA256=ON
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ setup-script: osx
+ - name: "Windows (SHA256, amd64, Visual Studio)"
+ id: windows-amd64-vs
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DEXPERIMENTAL_SHA256=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ fail-fast: false
+ env: ${{ matrix.platform.env }}
+ runs-on: ${{ matrix.platform.os }}
+ name: "Build ${{ matrix.platform.name }}"
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Set up build environment
+ run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh
+ shell: bash
+ if: matrix.platform.setup-script != ''
+ - name: Setup QEMU
+ run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
+ if: matrix.platform.container.qemu == true
+ - name: Download container
+ run: |
+ "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
+ env:
+ DOCKER_REGISTRY: ${{ env.docker-registry }}
+ GITHUB_TOKEN: ${{ secrets.github_token }}
+ working-directory: ${{ env.docker-config-path }}
+ if: matrix.platform.container.name != ''
+ - name: Create container
+ run: docker build -t ${{ env.docker-registry-container-sha }} -f ${{ env.dockerfile }} .
+ working-directory: ${{ env.docker-config-path }}
+ if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
+ - name: Prepare build
+ run: mkdir build
+ - name: Build
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd build && ../source/ci/build.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+ - name: Test
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd build && ../source/ci/test.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+
+ coverity:
+ # Only run scheduled workflows on the main repository; prevents people
+ # from using build minutes on their forks.
+ if: github.repository == 'libgit2/libgit2'
+
+ name: Coverity
+ runs-on: ubuntu-latest
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Download container
+ run: |
+ "${{ github.workspace }}/source/ci/getcontainer.sh" xenial
+ env:
+ DOCKER_REGISTRY: ${{ env.docker-registry }}
+ GITHUB_TOKEN: ${{ secrets.github_token }}
+ working-directory: ${{ env.docker-config-path }}
+ - name: Run Coverity
+ run: source/ci/coverity.sh
+ env:
+ COVERITY_TOKEN: ${{ secrets.coverity_token }}
+
+ codeql:
+ # Only run scheduled workflows on the main repository; prevents people
+ # from using build minutes on their forks.
+ if: github.repository == 'libgit2/libgit2'
+
+ name: CodeQL
+ runs-on: ubuntu-latest
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v3
+ with:
+ fetch-depth: 0
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: 'cpp'
+
+ - name: Build
+ run: |
+ mkdir build
+ cd build
+ cmake .. -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON
+ cmake --build .
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2