summaryrefslogtreecommitdiffstats
path: root/.github/workflows
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--.github/workflows/ci.yml238
-rw-r--r--.github/workflows/cifuzz.yml24
-rw-r--r--.github/workflows/codeql.yml39
-rw-r--r--.github/workflows/devel-push.yml109
4 files changed, 410 insertions, 0 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..ef3bfe6
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,238 @@
+name: libyang CI
+on:
+ push:
+ branches:
+ - master
+ - devel
+ pull_request:
+ branches:
+ - master
+ - devel
+
+jobs:
+ build-unix:
+ name: ${{ matrix.config.name }}
+ runs-on: ${{ matrix.config.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ config:
+ - {
+ name: "Release, gcc",
+ os: "ubuntu-22.04",
+ build-type: "Release",
+ cc: "gcc",
+ options: "-DENABLE_TESTS=ON",
+ packager: "sudo apt-get",
+ # no expect because stdout seems to be redirected
+ packages: "libcmocka-dev shunit2",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "Release, clang",
+ os: "ubuntu-22.04",
+ build-type: "Release",
+ cc: "clang",
+ options: "-DENABLE_TESTS=ON",
+ packager: "sudo apt-get",
+ packages: "libcmocka-dev shunit2",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "Debug, gcc",
+ os: "ubuntu-22.04",
+ build-type: "Debug",
+ cc: "gcc",
+ options: "",
+ packager: "sudo apt-get",
+ packages: "libcmocka-dev valgrind shunit2",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "Debug, clang",
+ os: "ubuntu-22.04",
+ build-type: "Debug",
+ cc: "clang",
+ options: "",
+ packager: "sudo apt-get",
+ # no valgrind because it does not support DWARF5 yet generated by clang 14
+ packages: "libcmocka-dev shunit2",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "Release, macOS 11, clang",
+ os: "macos-11",
+ build-type: "Release",
+ cc: "clang",
+ options: "-DENABLE_TESTS=ON -DPATH_EXPECT=",
+ packager: "brew",
+ packages: "cmocka shunit2",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "ASAN and UBSAN",
+ os: "ubuntu-22.04",
+ build-type: "Debug",
+ cc: "clang",
+ options: "-DCMAKE_C_FLAGS=-fsanitize=address,undefined -DENABLE_TESTS=ON -DENABLE_VALGRIND_TESTS=OFF",
+ packager: "sudo apt-get",
+ packages: "libcmocka-dev",
+ snaps: "",
+ build-cmd: "make"
+ }
+ - {
+ name: "ABI Check",
+ os: "ubuntu-22.04",
+ build-type: "ABICheck",
+ cc: "gcc",
+ options: "",
+ packager: "sudo apt-get",
+ packages: "libcmocka-dev abi-dumper abi-compliance-checker",
+ snaps: "core universal-ctags",
+ build-cmd: "make abi-check"
+ }
+ - {
+ name: "DEB Package",
+ os: "ubuntu-22.04",
+ build-type: "Release",
+ cc: "gcc",
+ options: "",
+ packager: "sudo apt-get",
+ packages: "cmake debhelper libcmocka-dev python3-pip",
+ snaps: "",
+ build-cmd: ""
+ }
+
+ steps:
+ - uses: actions/checkout@main
+ with:
+ fetch-depth: 100
+
+ - name: Deps-packages
+ shell: bash
+ run: |
+ ${{ matrix.config.packager }} update
+ if ${{ matrix.config.packages != '' }}
+ then ${{ matrix.config.packager }} install ${{ matrix.config.packages }}
+ fi
+ if ${{ matrix.config.snaps != '' }}
+ then sudo snap install ${{ matrix.config.snaps }}
+ fi
+
+ - name: Deps-uncrustify
+ shell: bash
+ working-directory: ${{ github.workspace }}
+ run: |
+ git clone --branch uncrustify-0.77.1 https://github.com/uncrustify/uncrustify
+ cd uncrustify
+ mkdir build
+ cd build
+ CC=${{ matrix.config.cc }} cmake ..
+ make
+ sudo make install
+ if: ${{ matrix.config.name == 'Debug, gcc' }}
+
+ - name: Build-and-install-package
+ shell: bash
+ working-directory: ${{ github.workspace }}
+ run: |
+ pip install apkg
+ apkg system-setup
+ apkg build
+ apkg install
+ if: ${{ matrix.config.name == 'DEB Package' }}
+
+ - name: Configure
+ shell: bash
+ working-directory: ${{ github.workspace }}
+ run: |
+ mkdir build
+ cd build
+ CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} ..
+ if: ${{ matrix.config.name != 'DEB Package' }}
+
+ - name: Build
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: |
+ export LC_ALL=C.UTF-8
+ export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH
+ ${{ matrix.config.build-cmd }}
+ if: ${{ matrix.config.name != 'DEB Package' }}
+
+ - name: Test
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: ctest --output-on-failure
+ if: ${{ matrix.config.name != 'DEB Package' }}
+
+ build-windows:
+ name: ${{ matrix.name }}
+ runs-on: ${{ matrix.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - name: "Windows 2022 MSVC 16 LF"
+ os: windows-2022
+ triplet: x64-windows
+ build_type: Release
+ generators: "Visual Studio 17 2022"
+ autocrlf: input
+ eol: lf
+
+ - name: "Windows 2022 MSVC 16 no autoCRLF"
+ os: windows-2022
+ triplet: x64-windows
+ build_type: Release
+ generators: "Visual Studio 17 2022"
+
+ steps:
+ - name: Unix line endings in git
+ if: matrix.autocrlf
+ run: |
+ git config --global core.autocrlf ${{ matrix.autocrlf }}
+
+ - name: Unix line endings in git
+ if: matrix.eol
+ run: |
+ git config --global core.eol ${{ matrix.eol }}
+
+ - uses: actions/checkout@main
+
+ - name: Get number of CPU cores
+ id: cpu-cores
+ uses: SimenB/github-actions-cpu-cores@v1
+
+ - name: Install Windows dependencies
+ run: vcpkg install --triplet=${{ matrix.triplet }} pcre2 pthreads dirent dlfcn-win32 cmocka getopt
+
+ - name: Configure
+ shell: bash
+ run: |
+ cmake \
+ -S '${{ github.workspace }}/' \
+ -B '${{ github.workspace }}/'../build \
+ -G '${{ matrix.generators }}' \
+ -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} \
+ -DVCPKG_TARGET_TRIPLET=${{ matrix.triplet }} \
+ -DCMAKE_TOOLCHAIN_FILE=${VCPKG_INSTALLATION_ROOT//\\//}/scripts/buildsystems/vcpkg.cmake \
+ -DENABLE_TESTS=ON \
+ '-DCMAKE_INSTALL_PREFIX:PATH=${{ github.workspace }}'/../target
+
+ - name: Build
+ working-directory: '${{ github.workspace }}/../build'
+ run: cmake --build . -j${{ steps.cpu-cores.outputs.count }} --config ${{ matrix.build_type }}
+
+ - name: Test
+ working-directory: '${{ github.workspace }}/../build'
+ run: ctest --output-on-failure -j${{ steps.cpu-cores.outputs.count }} --build-config ${{ matrix.build_type }}
+
+ - name: Install
+ working-directory: '${{ github.workspace }}/../build'
+ run: cmake --install . --strip
diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml
new file mode 100644
index 0000000..89b7bbd
--- /dev/null
+++ b/.github/workflows/cifuzz.yml
@@ -0,0 +1,24 @@
+name: CIFuzz
+on: [pull_request]
+jobs:
+ Fuzzing:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Build Fuzzers
+ id: build
+ uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master
+ with:
+ oss-fuzz-project-name: 'libyang'
+ dry-run: false
+ - name: Run Fuzzers
+ uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master
+ with:
+ oss-fuzz-project-name: 'libyang'
+ fuzz-seconds: 300
+ dry-run: false
+ - name: Upload Crash
+ uses: actions/upload-artifact@v3
+ if: failure() && steps.build.outcome == 'success'
+ with:
+ name: artifacts
+ path: ./out/artifacts
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000..89a4f0a
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,39 @@
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ "master", "devel" ]
+ pull_request:
+ branches: [ "devel" ]
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ cpp ]
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@main
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@main
+ with:
+ languages: ${{ matrix.language }}
+ queries: +security-and-quality
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@main
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@main
+ with:
+ category: "/language:${{ matrix.language }}"
diff --git a/.github/workflows/devel-push.yml b/.github/workflows/devel-push.yml
new file mode 100644
index 0000000..5d01a0c
--- /dev/null
+++ b/.github/workflows/devel-push.yml
@@ -0,0 +1,109 @@
+name: libyang devel push
+on:
+ push:
+ branches:
+ - devel
+
+env:
+ COVERITY_PROJECT: CESNET%2Flibyang
+
+jobs:
+ build:
+ name: ${{ matrix.config.name }}
+ runs-on: ${{ matrix.config.os }}
+ strategy:
+ fail-fast: false
+ matrix:
+ config:
+ - {
+ name: "Coverity",
+ os: "ubuntu-latest",
+ build-type: "Debug",
+ cc: "clang",
+ options: "",
+ packager: "sudo apt-get",
+ packages: "",
+ snaps: "",
+ make-prepend: "cov-build --dir cov-int",
+ make-target: ""
+ }
+ - {
+ name: "Codecov",
+ os: "ubuntu-latest",
+ build-type: "Debug",
+ cc: "gcc",
+ options: "-DENABLE_COVERAGE=ON",
+ packager: "sudo apt-get",
+ packages: "libcmocka-dev lcov",
+ snaps: "",
+ make-prepend: "",
+ make-target: ""
+ }
+
+ steps:
+ - uses: actions/checkout@main
+
+ - name: Deps-packages
+ shell: bash
+ run: |
+ ${{ matrix.config.packager }} update
+ if ${{ matrix.config.packages != '' }}
+ then ${{ matrix.config.packager }} install ${{ matrix.config.packages }}
+ fi
+ if ${{ matrix.config.snaps != '' }}
+ then sudo snap install ${{ matrix.config.snaps }}
+ fi
+
+ - name: Deps-coverity
+ shell: bash
+ working-directory: ${{ github.workspace }}
+ run: |
+ wget -q https://scan.coverity.com/download/linux64 --post-data "token=$TOKEN&project=$COVERITY_PROJECT" -O coverity-tools.tar.gz
+ mkdir coverity-tools
+ tar xzf coverity-tools.tar.gz --strip 1 -C coverity-tools
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ if: ${{ matrix.config.name == 'Coverity' }}
+
+ - name: Configure
+ shell: bash
+ working-directory: ${{ github.workspace }}
+ run: |
+ mkdir build
+ cd build
+ CC=${{ matrix.config.cc }} cmake -DCMAKE_BUILD_TYPE=${{ matrix.config.build-type }} ${{ matrix.config.options }} ..
+
+ - name: Build
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: |
+ export LC_ALL=C.UTF-8
+ export PATH=/snap/bin:${{ github.workspace }}/coverity-tools/bin:$PATH
+ ${{ matrix.config.make-prepend }} make ${{ matrix.config.make-target }}
+
+ - name: Test
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: ctest --output-on-failure
+
+ - name: Upload to Coverity.com
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: |
+ tar czvf libyang.tgz cov-int
+ curl \
+ --form token=$TOKEN \
+ --form email=mvasko@cesnet.cz \
+ --form file=@libyang.tgz \
+ --form version="`./yanglint -v | cut -d\" \" -f2`" \
+ --form description="libyang YANG library" \
+ https://scan.coverity.com/builds?project=$COVERITY_PROJECT
+ env:
+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+ if: ${{ matrix.config.name == 'Coverity' }}
+
+ - name: Upload to Codecov.io
+ shell: bash
+ working-directory: ${{ github.workspace }}/build
+ run: bash <(curl -s https://codecov.io/bash)
+ if: ${{ matrix.config.name == 'Codecov' }}