summaryrefslogtreecommitdiffstats
path: root/.github
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--.github/actions/download-or-build-container/action.yml109
-rw-r--r--.github/actions/run-build/action.yml10
-rw-r--r--.github/release.yml6
-rw-r--r--.github/workflows/benchmark.yml74
-rw-r--r--.github/workflows/build-containers.yml4
-rw-r--r--.github/workflows/experimental.yml118
-rw-r--r--.github/workflows/main.yml164
-rw-r--r--.github/workflows/nightly.yml378
8 files changed, 615 insertions, 248 deletions
diff --git a/.github/actions/download-or-build-container/action.yml b/.github/actions/download-or-build-container/action.yml
new file mode 100644
index 0000000..9c83a98
--- /dev/null
+++ b/.github/actions/download-or-build-container/action.yml
@@ -0,0 +1,109 @@
+# Run a build step in a container or directly on the Actions runner
+name: Download or Build Container
+description: Download a container from the package registry, or build it if it's not found
+
+inputs:
+ container:
+ description: Container name
+ type: string
+ required: true
+ dockerfile:
+ description: Dockerfile
+ type: string
+ base:
+ description: Container base
+ type: string
+ registry:
+ description: Docker registry to read and publish to
+ type: string
+ default: ghcr.io
+ config-path:
+ description: Path to Dockerfiles
+ type: string
+ github_token:
+ description: GitHub Token
+ type: string
+
+runs:
+ using: 'composite'
+ steps:
+ - name: Download container
+ run: |
+ IMAGE_NAME="${{ inputs.container }}"
+ DOCKERFILE_PATH="${{ inputs.dockerfile }}"
+ DOCKER_REGISTRY="${{ inputs.registry }}"
+ DOCKERFILE_ROOT="${{ inputs.config-path }}"
+
+ if [ "${DOCKERFILE_PATH}" = "" ]; then
+ DOCKERFILE_PATH="${DOCKERFILE_ROOT}/${IMAGE_NAME}"
+ else
+ DOCKERFILE_PATH="${DOCKERFILE_ROOT}/${DOCKERFILE_PATH}"
+ fi
+
+ GIT_WORKTREE=$(cd "${GITHUB_ACTION_PATH}" && git rev-parse --show-toplevel)
+ echo "::: git worktree is ${GIT_WORKTREE}"
+ cd "${GIT_WORKTREE}"
+
+ DOCKER_CONTAINER="${GITHUB_REPOSITORY}/${IMAGE_NAME}"
+ DOCKER_REGISTRY_CONTAINER="${DOCKER_REGISTRY}/${DOCKER_CONTAINER}"
+
+ echo "dockerfile=${DOCKERFILE_PATH}" >> $GITHUB_ENV
+ echo "docker-container=${DOCKER_CONTAINER}" >> $GITHUB_ENV
+ echo "docker-registry-container=${DOCKER_REGISTRY_CONTAINER}" >> $GITHUB_ENV
+
+ # Identify the last git commit that touched the Dockerfiles
+ # Use this as a hash to identify the resulting docker containers
+ echo "::: dockerfile path is ${DOCKERFILE_PATH}"
+
+ DOCKER_SHA=$(git log -1 --pretty=format:"%h" -- "${DOCKERFILE_PATH}")
+ echo "docker-sha=${DOCKER_SHA}" >> $GITHUB_ENV
+
+ echo "::: docker sha is ${DOCKER_SHA}"
+
+ DOCKER_REGISTRY_CONTAINER_SHA="${DOCKER_REGISTRY_CONTAINER}:${DOCKER_SHA}"
+
+ echo "docker-registry-container-sha=${DOCKER_REGISTRY_CONTAINER_SHA}" >> $GITHUB_ENV
+ echo "docker-registry-container-latest=${DOCKER_REGISTRY_CONTAINER}:latest" >> $GITHUB_ENV
+
+ echo "::: logging in to ${DOCKER_REGISTRY} as ${GITHUB_ACTOR}"
+
+ exists="true"
+ docker login https://${DOCKER_REGISTRY} -u ${GITHUB_ACTOR} -p ${GITHUB_TOKEN} || exists="false"
+
+ echo "::: pulling ${DOCKER_REGISTRY_CONTAINER_SHA}"
+
+ if [ "${exists}" != "false" ]; then
+ docker pull ${DOCKER_REGISTRY_CONTAINER_SHA} || exists="false"
+ fi
+
+ if [ "${exists}" = "true" ]; then
+ echo "::: docker container exists in registry"
+ echo "docker-container-exists=true" >> $GITHUB_ENV
+ else
+ echo "::: docker container does not exist in registry"
+ echo "docker-container-exists=false" >> $GITHUB_ENV
+ fi
+ shell: bash
+ env:
+ GITHUB_TOKEN: ${{ inputs.github_token }}
+ - name: Create container
+ run: |
+ if [ "${{ inputs.base }}" != "" ]; then
+ BASE_ARG="--build-arg BASE=${{ inputs.base }}"
+ fi
+
+ GIT_WORKTREE=$(cd "${GITHUB_ACTION_PATH}" && git rev-parse --show-toplevel)
+ echo "::: git worktree is ${GIT_WORKTREE}"
+ cd "${GIT_WORKTREE}"
+
+ docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
+ docker tag ${{ env.docker-registry-container-sha }} ${{ env.docker-registry-container-latest }}
+ shell: bash
+ working-directory: source/${{ inputs.config-path }}
+ if: env.docker-container-exists != 'true'
+ - name: Publish container
+ run: |
+ docker push ${{ env.docker-registry-container-sha }}
+ docker push ${{ env.docker-registry-container-latest }}
+ shell: bash
+ if: env.docker-container-exists != 'true' && github.event_name != 'pull_request'
diff --git a/.github/actions/run-build/action.yml b/.github/actions/run-build/action.yml
index 41145d3..9afcfb1 100644
--- a/.github/actions/run-build/action.yml
+++ b/.github/actions/run-build/action.yml
@@ -5,14 +5,19 @@ description: Run a build step in a container or directly on the Actions runner
inputs:
command:
description: Command to run
- required: true
type: string
+ required: true
container:
description: Optional container to run in
type: string
container-version:
description: Version of the container to run
type: string
+ shell:
+ description: Shell to use
+ type: string
+ required: true
+ default: 'bash'
runs:
using: 'composite'
@@ -35,6 +40,7 @@ runs:
-e PKG_CONFIG_PATH \
-e SKIP_NEGOTIATE_TESTS \
-e SKIP_SSH_TESTS \
+ -e SKIP_PUSHOPTIONS_TESTS \
-e TSAN_OPTIONS \
-e UBSAN_OPTIONS \
${{ inputs.container-version }} \
@@ -42,4 +48,4 @@ runs:
else
${{ inputs.command }}
fi
- shell: bash
+ shell: ${{ inputs.shell != '' && inputs.shell || 'bash' }}
diff --git a/.github/release.yml b/.github/release.yml
index 7a00321..4d4e318 100644
--- a/.github/release.yml
+++ b/.github/release.yml
@@ -21,9 +21,15 @@ changelog:
- title: Documentation improvements
labels:
- documentation
+ - title: Platform compatibility fixes
+ labels:
+ - compatibility
- title: Git compatibility fixes
labels:
- git compatibility
+ - title: Dependency updates
+ labels:
+ - dependency
- title: Other changes
labels:
- '*'
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
index bf21674..6ee492a 100644
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -6,10 +6,14 @@ on:
schedule:
- cron: '15 4 * * *'
+permissions:
+ contents: read
+
jobs:
- # Run our nightly builds. We build a matrix with the various build
- # targets and their details. Then we build either in a docker container
- # (Linux) or on the actual hosts (macOS, Windows).
+ # Run our benchmarks. We build a matrix with the various build
+ # targets and their details. Unlike our CI builds, we run these
+ # directly on the VM instead of in containers since we do not
+ # need the breadth of platform diversity.
build:
# Only run scheduled workflows on the main repository; prevents people
# from using build minutes on their forks.
@@ -27,7 +31,7 @@ jobs:
os: ubuntu-latest
setup-script: ubuntu
- name: "macOS"
- os: macos-11
+ os: macos-12
env:
CC: clang
CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DBUILD_TESTS=OFF -DBUILD_EXAMPLES=OFF -DBUILD_CLI=ON -DCMAKE_BUILD_TYPE=Release
@@ -45,12 +49,12 @@ jobs:
id: windows
setup-script: win32
fail-fast: false
- name: "Build ${{ matrix.platform.name }}"
+ name: "Benchmark ${{ matrix.platform.name }}"
env: ${{ matrix.platform.env }}
runs-on: ${{ matrix.platform.os }}
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
@@ -72,11 +76,65 @@ jobs:
fi
mkdir benchmark && cd benchmark
- ../source/tests/benchmarks/benchmark.sh --baseline-cli "git" --cli "${GIT2_CLI}" --json benchmarks.json --zip benchmarks.zip
+ ../source/tests/benchmarks/benchmark.sh --baseline-cli "git" --cli "${GIT2_CLI}" --name libgit2 --json benchmarks.json --zip benchmarks.zip
shell: bash
- name: Upload results
- uses: actions/upload-artifact@v2
+ uses: actions/upload-artifact@v4
with:
name: benchmark-${{ matrix.platform.id }}
path: benchmark
if: always()
+
+ # Publish the results
+ publish:
+ name: Publish results
+ needs: [ build ]
+ if: ${{ always() && github.repository == 'libgit2/libgit2' }}
+ runs-on: ubuntu-latest
+ steps:
+ - name: Check out benchmark repository
+ uses: actions/checkout@v4
+ with:
+ repository: libgit2/benchmarks
+ path: site
+ fetch-depth: 0
+ ssh-key: ${{ secrets.BENCHMARKS_PUBLISH_KEY }}
+ - name: Download test results
+ uses: actions/download-artifact@v4
+ - name: Publish API
+ run: |
+ # Move today's benchmark run into the right place
+ for platform in linux macos windows; do
+ TIMESTAMP=$(jq .time.start < "benchmark-${platform}/benchmarks.json")
+ TIMESTAMP_LEN=$(echo -n ${TIMESTAMP} | wc -c | xargs)
+ DENOMINATOR=1
+ if [ "${TIMESTAMP_LEN}" = "19" ]; then
+ DENOMINATOR="1000000000"
+ elif [ "${TIMESTAMP_LEN}" = "13" ]; then
+ DENOMINATOR="1000"
+ else
+ echo "unknown timestamp"
+ exit 1
+ fi
+
+ if [[ "$(uname -s)" == "Darwin" ]]; then
+ DATE=$(date -R -r $(("${TIMESTAMP}/${DENOMINATOR}")) +"%Y-%m-%d")
+ else
+ DATE=$(date -d @$(("${TIMESTAMP}/${DENOMINATOR}")) +"%Y-%m-%d")
+ fi
+
+ mkdir -p "site/public/api/runs/${DATE}"
+ cp "benchmark-${platform}/benchmarks.json" "site/public/api/runs/${DATE}/${platform}.json"
+ done
+
+ (cd site && node scripts/aggregate.js)
+
+ (
+ cd site &&
+ git config user.name 'Benchmark Site Generation' &&
+ git config user.email 'libgit2@users.noreply.github.com' &&
+ git add . &&
+ git commit --allow-empty -m"benchmark update ${DATE}" &&
+ git push origin main
+ )
+ shell: bash
diff --git a/.github/workflows/build-containers.yml b/.github/workflows/build-containers.yml
index 767798b..b52571c 100644
--- a/.github/workflows/build-containers.yml
+++ b/.github/workflows/build-containers.yml
@@ -24,6 +24,7 @@ jobs:
- name: xenial
- name: bionic
- name: focal
+ - name: noble
- name: docurium
- name: bionic-x86
dockerfile: bionic
@@ -39,11 +40,12 @@ jobs:
qemu: true
- name: centos7
- name: centos8
+ - name: fedora
runs-on: ubuntu-latest
name: "Create container: ${{ matrix.container.name }}"
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
diff --git a/.github/workflows/experimental.yml b/.github/workflows/experimental.yml
new file mode 100644
index 0000000..5bfea2c
--- /dev/null
+++ b/.github/workflows/experimental.yml
@@ -0,0 +1,118 @@
+# Validation builds for experimental features; these shouldn't be
+# required for pull request approval.
+name: Experimental Features
+
+on:
+ push:
+ branches: [ main, maint/* ]
+ pull_request:
+ branches: [ main, maint/* ]
+ workflow_dispatch:
+
+env:
+ docker-registry: ghcr.io
+ docker-config-path: ci/docker
+
+permissions:
+ contents: write
+ packages: write
+
+jobs:
+ # Run our CI/CD builds. We build a matrix with the various build targets
+ # and their details. Then we build either in a docker container (Linux)
+ # or on the actual hosts (macOS, Windows).
+ build:
+ strategy:
+ matrix:
+ platform:
+ # All builds: experimental SHA256 support
+ - name: "Linux (SHA256, Xenial, Clang, OpenSSL)"
+ id: linux-sha256
+ os: ubuntu-latest
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DEXPERIMENTAL_SHA256=ON
+ - name: "macOS (SHA256)"
+ id: macos-sha256
+ os: macos-12
+ setup-script: osx
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON -DEXPERIMENTAL_SHA256=ON
+ CMAKE_GENERATOR: Ninja
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (SHA256, amd64, Visual Studio)"
+ id: windows-sha256
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DEXPERIMENTAL_SHA256=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ fail-fast: false
+ env: ${{ matrix.platform.env }}
+ runs-on: ${{ matrix.platform.os }}
+ name: "Build: ${{ matrix.platform.name }}"
+ steps:
+ - name: Check out repository
+ uses: actions/checkout@v4
+ with:
+ path: source
+ fetch-depth: 0
+ - name: Set up build environment
+ run: source/ci/setup-${{ matrix.platform.setup-script }}-build.sh
+ shell: bash
+ if: matrix.platform.setup-script != ''
+ - name: Setup QEMU
+ run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
+ if: matrix.platform.container.qemu == true
+ - name: Set up container
+ uses: ./source/.github/actions/download-or-build-container
+ with:
+ registry: ${{ env.docker-registry }}
+ config-path: ${{ env.docker-config-path }}
+ container: ${{ matrix.platform.container.name }}
+ github_token: ${{ secrets.github_token }}
+ dockerfile: ${{ matrix.platform.container.dockerfile }}
+ if: matrix.platform.container.name != ''
+ - name: Prepare build
+ run: mkdir build
+ - name: Build
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/build.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
+ - name: Test
+ uses: ./source/.github/actions/run-build
+ with:
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/test.sh
+ container: ${{ matrix.platform.container.name }}
+ container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
+ - name: Upload test results
+ uses: actions/upload-artifact@v4
+ if: success() || failure()
+ with:
+ name: test-results-${{ matrix.platform.id }}
+ path: build/results_*.xml
+
+ test_results:
+ name: Test results
+ needs: [ build ]
+ if: always()
+ runs-on: ubuntu-latest
+ steps:
+ - name: Download test results
+ uses: actions/download-artifact@v3
+ - name: Generate test summary
+ uses: test-summary/action@v2
+ with:
+ paths: 'test-results-*/*.xml'
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index d84ded0..87e834f 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -11,66 +11,68 @@ on:
env:
docker-registry: ghcr.io
- docker-config-path: source/ci/docker
+ docker-config-path: ci/docker
-jobs:
- containers:
- uses: ./.github/workflows/build-containers.yml
+permissions:
+ contents: write
+ packages: write
+jobs:
# Run our CI/CD builds. We build a matrix with the various build targets
# and their details. Then we build either in a docker container (Linux)
# or on the actual hosts (macOS, Windows).
build:
- needs: [ containers ]
strategy:
matrix:
platform:
- - name: "Linux (Xenial, GCC, OpenSSL)"
- id: xenial-gcc-openssl
+ # All builds: core platforms
+ - name: "Linux (Noble, GCC, OpenSSL, libssh2)"
+ id: noble-gcc-openssl
+ os: ubuntu-latest
container:
- name: xenial
+ name: noble
env:
CC: gcc
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=libssh2 -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ - name: "Linux (Noble, Clang, mbedTLS, OpenSSH)"
+ id: noble-clang-mbedtls
os: ubuntu-latest
- - name: Linux (Xenial, GCC, mbedTLS)
- id: xenial-gcc-mbedtls
container:
- name: xenial
+ name: noble
env:
- CC: gcc
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=exec
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ - name: "Linux (Xenial, GCC, OpenSSL, OpenSSH)"
+ id: xenial-gcc-openssl
os: ubuntu-latest
- - name: "Linux (Xenial, Clang, OpenSSL)"
- id: xenial-clang-openssl
container:
name: xenial
env:
- CC: clang
+ CC: gcc
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=exec -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ - name: "Linux (Xenial, Clang, mbedTLS, libssh2)"
+ id: xenial-gcc-mbedtls
os: ubuntu-latest
- - name: "Linux (Xenial, Clang, mbedTLS)"
- id: xenial-clang-mbedtls
container:
name: xenial
env:
CC: clang
- CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
- os: ubuntu-latest
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=libssh2
- name: "macOS"
id: macos
- os: macos-11
+ os: macos-12
+ setup-script: osx
env:
CC: clang
CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
+ CMAKE_GENERATOR: Ninja
PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
- setup-script: osx
- name: "Windows (amd64, Visual Studio, Schannel)"
id: windows-amd64-vs
os: windows-2019
@@ -120,13 +122,15 @@ jobs:
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
- # Sanitizers
+ # All builds: sanitizers
- name: "Sanitizer (Memory)"
- id: memorysanitizer
+ id: sanitizer-memory
+ os: ubuntu-latest
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
+ CC: clang
CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
@@ -134,73 +138,59 @@ jobs:
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
UBSAN_OPTIONS: print_stacktrace=1
+ - name: "Sanitizer (Address)"
+ id: sanitizer-address
os: ubuntu-latest
- - name: "Sanitizer (UndefinedBehavior)"
- id: ubsanitizer
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
- CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
- CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
+ CC: clang
+ CFLAGS: -fsanitize=address -ggdb -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
UBSAN_OPTIONS: print_stacktrace=1
+ - name: "Sanitizer (UndefinedBehavior)"
+ id: sanitizer-ub
os: ubuntu-latest
- - name: "Sanitizer (Thread)"
- id: threadsanitizer
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
- CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CC: clang
+ CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
UBSAN_OPTIONS: print_stacktrace=1
- TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
+ - name: "Sanitizer (Thread)"
+ id: sanitizer-thread
os: ubuntu-latest
-
- # Experimental: SHA256 support
- - name: "Linux (SHA256, Xenial, Clang, OpenSSL)"
- id: xenial-clang-openssl
+ setup-script: sanitizer
container:
- name: xenial
+ name: noble
env:
CC: clang
+ CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON -DEXPERIMENTAL_SHA256=ON
- os: ubuntu-latest
- - name: "macOS (SHA256)"
- id: macos
- os: macos-11
- env:
- CC: clang
- CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON -DEXPERIMENTAL_SHA256=ON
- PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- setup-script: osx
- - name: "Windows (SHA256, amd64, Visual Studio)"
- id: windows-amd64-vs
- os: windows-2019
- env:
- ARCH: amd64
- CMAKE_GENERATOR: Visual Studio 16 2019
- CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DEXPERIMENTAL_SHA256=ON
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
+ ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
fail-fast: false
env: ${{ matrix.platform.env }}
runs-on: ${{ matrix.platform.os }}
name: "Build: ${{ matrix.platform.name }}"
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
@@ -211,38 +201,33 @@ jobs:
- name: Setup QEMU
run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
if: matrix.platform.container.qemu == true
- - name: Download container
- run: |
- "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
- env:
- DOCKER_REGISTRY: ${{ env.docker-registry }}
- GITHUB_TOKEN: ${{ secrets.github_token }}
- working-directory: ${{ env.docker-config-path }}
+ - name: Set up container
+ uses: ./source/.github/actions/download-or-build-container
+ with:
+ registry: ${{ env.docker-registry }}
+ config-path: ${{ env.docker-config-path }}
+ container: ${{ matrix.platform.container.name }}
+ github_token: ${{ secrets.github_token }}
+ dockerfile: ${{ matrix.platform.container.dockerfile }}
if: matrix.platform.container.name != ''
- - name: Create container
- run: |
- if [ "${{ matrix.container.base }}" != "" ]; then
- BASE_ARG="--build-arg BASE=${{ matrix.container.base }}"
- fi
- docker build -t ${{ env.docker-registry-container-sha }} --build-arg UID=$(id -u) --build-arg GID=$(id -g) ${BASE_ARG} -f ${{ env.dockerfile }} .
- working-directory: ${{ env.docker-config-path }}
- if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
- name: Prepare build
run: mkdir build
- name: Build
uses: ./source/.github/actions/run-build
with:
- command: cd build && ../source/ci/build.sh
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/build.sh
container: ${{ matrix.platform.container.name }}
container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
- name: Test
uses: ./source/.github/actions/run-build
with:
- command: cd build && ../source/ci/test.sh
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/test.sh
container: ${{ matrix.platform.container.name }}
container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
- name: Upload test results
- uses: actions/upload-artifact@v3
+ uses: actions/upload-artifact@v4
if: success() || failure()
with:
name: test-results-${{ matrix.platform.id }}
@@ -269,15 +254,22 @@ jobs:
# published to our documentation site.
documentation:
name: Generate documentation
- needs: [ containers ]
if: success() || failure()
runs-on: ubuntu-latest
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
+ - name: Set up container
+ uses: ./source/.github/actions/download-or-build-container
+ with:
+ registry: ${{ env.docker-registry }}
+ config-path: ${{ env.docker-config-path }}
+ container: docurium
+ github_token: ${{ secrets.github_token }}
+ dockerfile: ${{ matrix.platform.container.dockerfile }}
- name: Generate documentation
working-directory: source
run: |
@@ -293,7 +285,7 @@ jobs:
cm doc api.docurium
git checkout gh-pages
zip --exclude .git/\* --exclude .gitignore --exclude .gitattributes -r api-documentation.zip .
- - uses: actions/upload-artifact@v3
+ - uses: actions/upload-artifact@v4
name: Upload artifact
with:
name: api-documentation
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
index 18328a7..28a0618 100644
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@@ -8,7 +8,11 @@ on:
env:
docker-registry: ghcr.io
- docker-config-path: source/ci/docker
+ docker-config-path: ci/docker
+
+permissions:
+ contents: read
+ packages: write
jobs:
# Run our nightly builds. We build a matrix with the various build
@@ -22,59 +26,112 @@ jobs:
strategy:
matrix:
platform:
- - name: Linux (Xenial, GCC, OpenSSL)
- container:
- name: xenial
- env:
- CC: gcc
- CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ # All builds: core platforms
+ - name: "Linux (Noble, GCC, OpenSSL, libssh2)"
+ id: noble-gcc-openssl
os: ubuntu-latest
- - name: "Linux (Xenial, GCC, mbedTLS)"
container:
- name: xenial
+ name: noble
env:
CC: gcc
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=libssh2 -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ - name: "Linux (Noble, Clang, mbedTLS, OpenSSH)"
+ id: noble-clang-mbedtls
os: ubuntu-latest
- - name: "Linux (Xenial, Clang, OpenSSL)"
container:
- name: xenial
+ name: noble
env:
CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=exec
CMAKE_GENERATOR: Ninja
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ - name: "Linux (Xenial, GCC, OpenSSL, OpenSSH)"
+ id: xenial-gcc-openssl
os: ubuntu-latest
- - name: "Linux (Xenial, Clang, mbedTLS)"
container:
name: xenial
env:
- CC: clang
- CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CC: gcc
CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=builtin -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=exec -DDEBUG_STRICT_ALLOC=ON -DDEBUG_STRICT_OPEN=ON
+ - name: "Linux (Xenial, Clang, mbedTLS, libssh2)"
+ id: xenial-gcc-mbedtls
os: ubuntu-latest
- - name: "Linux (no threads)"
container:
name: xenial
env:
- CC: gcc
- CMAKE_OPTIONS: -DTHREADSAFE=OFF -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CC: clang
CMAKE_GENERATOR: Ninja
- os: ubuntu-latest
- - name: "Linux (dynamically-loaded OpenSSL)"
- container:
- name: xenial
+ CMAKE_OPTIONS: -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=libssh2
+ - name: "macOS"
+ id: macos
+ os: macos-12
+ setup-script: osx
env:
CC: clang
- CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
CMAKE_GENERATOR: Ninja
+ PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (amd64, Visual Studio, Schannel)"
+ id: windows-amd64-vs
+ os: windows-2019
+ setup-script: win32
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel -DUSE_SSH=ON -DCMAKE_PREFIX_PATH=D:\Temp\libssh2
+ BUILD_PATH: C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin;D:\Temp\libssh2\bin
+ BUILD_TEMP: D:\Temp
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, Visual Studio, WinHTTP)"
+ id: windows-x86-vs
+ os: windows-2019
+ setup-script: win32
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON -DCMAKE_PREFIX_PATH=D:\Temp\libssh2
+ BUILD_PATH: C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin;D:\Temp\libssh2\bin
+ BUILD_TEMP: D:\Temp
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (amd64, mingw, WinHTTP)"
+ id: windows-amd64-mingw
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (x86, mingw, Schannel)"
+ id: windows-x86-mingw
+ os: windows-2019
+ setup-script: mingw
+ env:
+ ARCH: x86
+ CMAKE_GENERATOR: MinGW Makefiles
+ CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
+ BUILD_TEMP: D:\Temp
+ BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+
+ # All builds: sanitizers
+ - name: "Sanitizer (Memory)"
+ id: memorysanitizer
os: ubuntu-latest
- - name: "Linux (MemorySanitizer)"
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
+ CC: clang-17
CFLAGS: -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local/msan -DUSE_HTTPS=mbedTLS -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
@@ -82,60 +139,62 @@ jobs:
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
UBSAN_OPTIONS: print_stacktrace=1
+ - name: "Sanitizer (UndefinedBehavior)"
+ id: ubsanitizer
os: ubuntu-latest
- - name: "Linux (UndefinedBehaviorSanitizer)"
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
+ CC: clang-17
CFLAGS: -fsanitize=undefined,nullability -fno-sanitize-recover=undefined,nullability -fsanitize-blacklist=/home/libgit2/source/script/sanitizers.supp -fno-optimize-sibling-calls -fno-omit-frame-pointer
- CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
+ - name: "Sanitizer (Thread)"
+ id: threadsanitizer
os: ubuntu-latest
- - name: "Linux (ThreadSanitizer)"
+ setup-script: sanitizer
container:
- name: focal
+ name: noble
env:
- CC: clang-10
+ CC: clang-17
CFLAGS: -fsanitize=thread -fno-optimize-sibling-calls -fno-omit-frame-pointer
- CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local -DUSE_HTTPS=OpenSSL -DUSE_SHA1=HTTPS -DREGEX_BACKEND=pcre -DDEPRECATE_HARD=ON -DUSE_BUNDLED_ZLIB=ON -DUSE_SSH=ON
CMAKE_GENERATOR: Ninja
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
ASAN_SYMBOLIZER_PATH: /usr/bin/llvm-symbolizer-10
+ UBSAN_OPTIONS: print_stacktrace=1
TSAN_OPTIONS: suppressions=/home/libgit2/source/script/thread-sanitizer.supp second_deadlock_stack=1
+
+ # Nightly builds: extended platforms
+ - name: "Linux (CentOS 7, OpenSSL)"
+ id: centos7-openssl
os: ubuntu-latest
- - name: "Linux (no mmap)"
- container:
- name: focal
- env:
- CC: clang-10
- CFLAGS: -DNO_MMAP
- CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local
- CMAKE_GENERATOR: Ninja
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- os: ubuntu-latest
- - name: "Linux (CentOS 7)"
container:
name: centos7
env:
CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
SKIP_NEGOTIATE_TESTS: true
- os: ubuntu-latest
+ SKIP_PUSHOPTIONS_TESTS: true
- name: "Linux (CentOS 7, dynamically-loaded OpenSSL)"
+ id: centos7-dynamicopenssl
+ os: ubuntu-latest
container:
name: centos7
env:
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
SKIP_NEGOTIATE_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
+ - name: "Linux (CentOS 8, OpenSSL)"
+ id: centos8-openssl
os: ubuntu-latest
- - name: "Linux (CentOS 8)"
container:
name: centos8
env:
@@ -143,8 +202,9 @@ jobs:
PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
SKIP_NEGOTIATE_TESTS: true
SKIP_SSH_TESTS: true
- os: ubuntu-latest
- name: "Linux (CentOS 8, dynamically-loaded OpenSSL)"
+ id: centos8-dynamicopenssl
+ os: ubuntu-latest
container:
name: centos8
env:
@@ -152,80 +212,18 @@ jobs:
PKG_CONFIG_PATH: /usr/local/lib/pkgconfig
SKIP_NEGOTIATE_TESTS: true
SKIP_SSH_TESTS: true
- os: ubuntu-latest
- - name: "macOS"
- os: macos-11
- env:
- CC: clang
- CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON
- PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- setup-script: osx
- - name: "Windows (amd64, Visual Studio, WinHTTP)"
- os: windows-2019
- env:
- ARCH: amd64
- CMAKE_GENERATOR: Visual Studio 16 2019
- CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=WinHTTP
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (x86, Visual Studio, WinHTTP)"
- os: windows-2019
- env:
- ARCH: x86
- CMAKE_GENERATOR: Visual Studio 16 2019
- CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=WinHTTP -DUSE_SHA1=HTTPS -DUSE_BUNDLED_ZLIB=ON
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (amd64, Visual Studio, Schannel)"
- os: windows-2019
- env:
- ARCH: amd64
- CMAKE_GENERATOR: Visual Studio 16 2019
- CMAKE_OPTIONS: -A x64 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (x86, Visual Studio, Schannel)"
- os: windows-2019
- env:
- ARCH: x86
- CMAKE_GENERATOR: Visual Studio 16 2019
- CMAKE_OPTIONS: -A Win32 -DWIN32_LEAKCHECK=ON -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel -DUSE_BUNDLED_ZLIB=ON
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (amd64, mingw, WinHTTP)"
- os: windows-2019
- setup-script: mingw
- env:
- ARCH: amd64
- CMAKE_GENERATOR: MinGW Makefiles
- CMAKE_OPTIONS: -DDEPRECATE_HARD=ON
- BUILD_TEMP: D:\Temp
- BUILD_PATH: D:\Temp\mingw64\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (x86, mingw, Schannel)"
- os: windows-2019
- setup-script: mingw
- env:
ARCH: x86
- CMAKE_GENERATOR: MinGW Makefiles
- CMAKE_OPTIONS: -DDEPRECATE_HARD=ON -DUSE_HTTPS=Schannel
- BUILD_TEMP: D:\Temp
- BUILD_PATH: D:\Temp\mingw32\bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\CMake\bin
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
- - name: "Windows (no mmap)"
- os: windows-2019
+ - name: "Linux (Fedora, llhttp)"
+ id: fedora
+ os: ubuntu-latest
+ container:
+ name: fedora
env:
- ARCH: amd64
- CMAKE_GENERATOR: Visual Studio 16 2019
- CFLAGS: -DNO_MMAP
- CMAKE_OPTIONS: -A x64 -DDEPRECATE_HARD=ON
- SKIP_SSH_TESTS: true
- SKIP_NEGOTIATE_TESTS: true
+ CC: gcc
+ CMAKE_GENERATOR: Ninja
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DREGEX_BACKEND=pcre2 -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=libssh2 -DUSE_HTTP_PARSER=llhttp
- name: "Linux (Bionic, GCC, dynamically-loaded OpenSSL)"
+ id: bionic-gcc-dynamicopenssl
container:
name: bionic
dockerfile: bionic
@@ -234,8 +232,10 @@ jobs:
CMAKE_GENERATOR: Ninja
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
RUN_INVASIVE_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
os: ubuntu-latest
- name: "Linux (x86, Bionic, Clang, OpenSSL)"
+ id: bionic-x86-clang-openssl
container:
name: bionic-x86
dockerfile: bionic
@@ -245,8 +245,10 @@ jobs:
CMAKE_GENERATOR: Ninja
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
RUN_INVASIVE_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
os: ubuntu-latest
- name: "Linux (x86, Bionic, GCC, OpenSSL)"
+ id: bionic-x86-gcc-openssl
container:
name: bionic-x86
dockerfile: bionic
@@ -255,8 +257,10 @@ jobs:
CMAKE_GENERATOR: Ninja
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
RUN_INVASIVE_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
os: ubuntu-latest
- name: "Linux (arm32, Bionic, GCC, OpenSSL)"
+ id: bionic-arm32-gcc-openssl
container:
name: bionic-arm32
dockerfile: bionic
@@ -267,9 +271,11 @@ jobs:
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DUSE_SSH=ON
RUN_INVASIVE_TESTS: true
SKIP_PROXY_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
GITTEST_FLAKY_STAT: true
os: ubuntu-latest
- name: "Linux (arm64, Bionic, GCC, OpenSSL)"
+ id: bionic-arm64-gcc-openssl
container:
name: bionic-arm64
dockerfile: bionic
@@ -280,11 +286,57 @@ jobs:
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_GSSAPI=ON -DUSE_SSH=ON
RUN_INVASIVE_TESTS: true
SKIP_PROXY_TESTS: true
+ SKIP_PUSHOPTIONS_TESTS: true
os: ubuntu-latest
- # Experimental: SHA256 support
+ # Nightly builds: ensure we fallback when missing core functionality
+ - name: "Linux (no threads)"
+ id: xenial-nothreads
+ os: ubuntu-latest
+ container:
+ name: xenial
+ env:
+ CC: gcc
+ CMAKE_OPTIONS: -DTHREADSAFE=OFF -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+ SKIP_PUSHOPTIONS_TESTS: true
+ - name: "Linux (no mmap)"
+ id: noble-nommap
+ os: ubuntu-latest
+ container:
+ name: noble
+ env:
+ CC: gcc
+ CFLAGS: -DNO_MMAP
+ CMAKE_OPTIONS: -DCMAKE_PREFIX_PATH=/usr/local
+ CMAKE_GENERATOR: Ninja
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+ - name: "Windows (no mmap)"
+ id: windows-nommap
+ os: windows-2019
+ env:
+ ARCH: amd64
+ CMAKE_GENERATOR: Visual Studio 16 2019
+ CFLAGS: -DNO_MMAP
+ CMAKE_OPTIONS: -A x64 -DDEPRECATE_HARD=ON
+ SKIP_SSH_TESTS: true
+ SKIP_NEGOTIATE_TESTS: true
+
+ # Nightly builds: extended SSL support
+ - name: "Linux (dynamically-loaded OpenSSL)"
+ id: xenial-dynamicopenssl
+ os: ubuntu-latest
+ container:
+ name: xenial
+ env:
+ CC: clang
+ CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL-Dynamic -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
+ CMAKE_GENERATOR: Ninja
+
+ # All builds: experimental SHA256 support
- name: "Linux (SHA256, Xenial, Clang, OpenSSL)"
- id: xenial-clang-openssl
+ id: linux-sha256
container:
name: xenial
env:
@@ -293,17 +345,17 @@ jobs:
CMAKE_OPTIONS: -DUSE_HTTPS=OpenSSL -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=valgrind -DUSE_GSSAPI=ON -DUSE_SSH=ON
os: ubuntu-latest
- name: "macOS (SHA256)"
- id: macos
- os: macos-10.15
+ id: macos-sha256
+ os: macos-12
+ setup-script: osx
env:
CC: clang
CMAKE_OPTIONS: -DREGEX_BACKEND=regcomp_l -DDEPRECATE_HARD=ON -DUSE_LEAK_CHECKER=leaks -DUSE_GSSAPI=ON -DEXPERIMENTAL_SHA256=ON
PKG_CONFIG_PATH: /usr/local/opt/openssl/lib/pkgconfig
SKIP_SSH_TESTS: true
SKIP_NEGOTIATE_TESTS: true
- setup-script: osx
- name: "Windows (SHA256, amd64, Visual Studio)"
- id: windows-amd64-vs
+ id: windows-sha256
os: windows-2019
env:
ARCH: amd64
@@ -317,7 +369,7 @@ jobs:
name: "Build ${{ matrix.platform.name }}"
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
@@ -328,32 +380,50 @@ jobs:
- name: Setup QEMU
run: docker run --rm --privileged multiarch/qemu-user-static:register --reset
if: matrix.platform.container.qemu == true
- - name: Download container
- run: |
- "${{ github.workspace }}/source/ci/getcontainer.sh" "${{ matrix.platform.container.name }}" "${{ matrix.platform.container.dockerfile }}"
- env:
- DOCKER_REGISTRY: ${{ env.docker-registry }}
- GITHUB_TOKEN: ${{ secrets.github_token }}
- working-directory: ${{ env.docker-config-path }}
+ - name: Set up container
+ uses: ./source/.github/actions/download-or-build-container
+ with:
+ registry: ${{ env.docker-registry }}
+ config-path: ${{ env.docker-config-path }}
+ container: ${{ matrix.platform.container.name }}
+ github_token: ${{ secrets.github_token }}
+ dockerfile: ${{ matrix.platform.container.dockerfile }}
if: matrix.platform.container.name != ''
- - name: Create container
- run: docker build -t ${{ env.docker-registry-container-sha }} -f ${{ env.dockerfile }} .
- working-directory: ${{ env.docker-config-path }}
- if: matrix.platform.container.name != '' && env.docker-container-exists != 'true'
- name: Prepare build
run: mkdir build
- name: Build
uses: ./source/.github/actions/run-build
with:
- command: cd build && ../source/ci/build.sh
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/build.sh
container: ${{ matrix.platform.container.name }}
container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
- name: Test
uses: ./source/.github/actions/run-build
with:
- command: cd build && ../source/ci/test.sh
+ command: cd ${BUILD_WORKSPACE:-.}/build && ../source/ci/test.sh
container: ${{ matrix.platform.container.name }}
container-version: ${{ env.docker-registry-container-sha }}
+ shell: ${{ matrix.platform.shell }}
+ - name: Upload test results
+ uses: actions/upload-artifact@v4
+ if: success() || failure()
+ with:
+ name: test-results-${{ matrix.platform.id }}
+ path: build/results_*.xml
+
+ test_results:
+ name: Test results
+ needs: [ build ]
+ if: ${{ always() && github.repository == 'libgit2/libgit2' }}
+ runs-on: ubuntu-latest
+ steps:
+ - name: Download test results
+ uses: actions/download-artifact@v3
+ - name: Generate test summary
+ uses: test-summary/action@v2
+ with:
+ paths: 'test-results-*/*.xml'
coverity:
# Only run scheduled workflows on the main repository; prevents people
@@ -364,17 +434,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
path: source
fetch-depth: 0
- - name: Download container
- run: |
- "${{ github.workspace }}/source/ci/getcontainer.sh" xenial
- env:
- DOCKER_REGISTRY: ${{ env.docker-registry }}
- GITHUB_TOKEN: ${{ secrets.github_token }}
- working-directory: ${{ env.docker-config-path }}
+ - name: Set up container
+ uses: ./source/.github/actions/download-or-build-container
+ with:
+ registry: ${{ env.docker-registry }}
+ config-path: ${{ env.docker-config-path }}
+ container: xenial
+ github_token: ${{ secrets.github_token }}
+ if: matrix.platform.container.name != ''
- name: Run Coverity
run: source/ci/coverity.sh
env:
@@ -385,11 +456,16 @@ jobs:
# from using build minutes on their forks.
if: github.repository == 'libgit2/libgit2'
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
name: CodeQL
runs-on: ubuntu-latest
steps:
- name: Check out repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
with:
fetch-depth: 0