Use a matrix for nightly valgrind (Take 4) #70
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# (C) 2023 Jack Lloyd | |
# (C) 2023 Fabian Albert, Rohde & Schwarz Cybersecurity | |
# | |
# Botan is released under the Simplified BSD License (see license.txt) | |
name: nightly | |
permissions: | |
contents: read | |
# implicitly all other scopes not listed become none | |
on: | |
workflow_dispatch: | |
push: | |
paths: | |
# Run if a pull request changes this workflow to | |
# validate it works properly before merging. | |
- '.github/workflows/nightly.yml' | |
schedule: | |
# runs every day at 3:23 AM UTC | |
- cron: '23 3 * * *' | |
jobs: | |
sanitizer: | |
name: "Sanitizers" | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- target: sanitizer | |
compiler: msvc | |
host_os: windows-2022 | |
make_tool: ninja | |
- target: sanitizer | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
runs-on: ${{ matrix.host_os }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
path: ./source | |
- name: Fetch BoringSSL fork for BoGo tests | |
uses: actions/checkout@v4 | |
with: | |
repository: randombit/boringssl | |
ref: rene/runner-20241016 | |
path: ./boringssl | |
- name: Setup Build Agent | |
uses: ./source/.github/actions/setup-build-agent | |
with: | |
target: ${{ matrix.target }} | |
cache-key: ${{ matrix.host_os }}-${{ matrix.compiler }}-x86_64-${{ matrix.target }} | |
- name: Build and Test Botan | |
run: python3 ./source/src/scripts/ci_build.py --root-dir=${{ github.workspace }}/source --build-dir=${{ github.workspace }}/build --boringssl-dir=${{ github.workspace }}/boringssl --cc='${{ matrix.compiler }}' --make-tool='${{ matrix.make_tool }}' --test-results-dir=junit_results ${{ matrix.target }} | |
x-compile: | |
name: "Cross" | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- target: cross-alpha | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-hppa64 | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-m68k | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-mips | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-ppc32 | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-sh4 | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-sparc64 | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-riscv64 | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-s390x | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: cross-android-arm64-amalgamation | |
compiler: clang | |
host_os: ubuntu-24.04 | |
- target: cross-arm64-amalgamation | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
- target: emscripten | |
compiler: emcc | |
host_os: macos-14 | |
- target: sde | |
compiler: gcc | |
host_os: ubuntu-24.04 | |
runs-on: ${{ matrix.host_os }} | |
env: | |
ANDROID_NDK: android-ndk-r26 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Build Agent | |
uses: ./.github/actions/setup-build-agent | |
with: | |
target: ${{ matrix.target }} | |
cache-key: ${{ matrix.host_os }}-${{ matrix.compiler }}-xcompile-${{ matrix.target }} | |
- name: Build and Test Botan | |
run: python3 ./src/scripts/ci_build.py --cc='${{ matrix.compiler }}' --make-tool='${{ matrix.make_tool }}' --test-results-dir=junit_results ${{ matrix.target }} | |
clang_tidy: | |
name: "clang-tidy" | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Build Agent | |
uses: ./.github/actions/setup-build-agent | |
with: | |
target: clang-tidy | |
cache-key: linux-x86_64-clang-tidy | |
- name: Install dependencies | |
run: sudo apt-get -qq install libboost-dev libbz2-dev liblzma-dev libsqlite3-dev | |
- name: Configure Build | |
run: python3 ./configure.py --cc=clang --build-targets=shared,cli,tests,examples,bogo_shim --build-fuzzers=test --with-boost --with-sqlite --with-zlib --with-lzma --with-bzip2 | |
- name: Run Clang Tidy | |
run: python3 ./src/scripts/dev_tools/run_clang_tidy.py --verbose | |
valgrind: | |
name: "valgrind" | |
strategy: | |
fail-fast: false | |
matrix: | |
compiler: [clang, gcc] | |
cxxflags: ["-O0", "-O1", "-O2", "-O3", "-Os"] | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Create Cache Key Hash | |
run: | | |
hash=$(echo "${{ matrix.compiler }}${{ matrix.cxxflags }}" | sha256sum | head -c 10) | |
echo "CACHE_KEY_HASH=${hash}" >> $GITHUB_ENV | |
- name: Setup Build Agent | |
uses: ./.github/actions/setup-build-agent | |
with: | |
target: valgrind-full | |
cache-key: linux-x86_64-valgrind-full-${{ env.CACHE_KEY_HASH }} | |
- name: Determine Valgrind Target | |
run: | | |
if [[ "${{ matrix.cxxflags }}" == "-O0" || ("${{ matrix.cxxflags }}" == "-Os" && "${{ matrix.compiler }}" == "gcc") ]]; then | |
echo "VALGRIND_TARGET=valgrind" >> $GITHUB_ENV | |
else | |
echo "VALGRIND_TARGET=valgrind-full" >> $GITHUB_ENV | |
fi | |
- name: Valgrind Checks | |
run: python3 ./src/scripts/ci_build.py --make-tool=make --cc=${{ matrix.compiler }} --custom-optimization-flags="${{ matrix.cxxflags }}" ${{ env.VALGRIND_TARGET }} | |
hybrid_tls_interop: | |
name: "PQ/T TLS 1.3" | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Build Agent | |
uses: ./.github/actions/setup-build-agent | |
with: | |
target: hybrid-tls13-interop-test | |
cache-key: linux-x86_64-hybrid_tls | |
- name: Hybrid PQ/T TLS 1.3 Online Interop Checks | |
run: python3 ./src/scripts/ci_build.py --cc=gcc --make-tool=make hybrid-tls13-interop-test | |
tls_anvil_server_test: | |
name: "TLS-Anvil (server)" | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Fetch Botan Repository | |
uses: actions/checkout@v4 | |
- name: Setup Build Agent | |
uses: ./.github/actions/setup-build-agent | |
with: | |
target: tlsanvil | |
cache-key: linux-x86_64-tlsanvil | |
- name: Build and Test Botan Server with TLS-Anvil | |
run: > | |
python3 ./src/scripts/ci/ci_tlsanvil_test.py | |
--botan-dir . | |
--test-target server | |
--parallel $(nproc) | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: tls-anvil-server-test-results | |
path: | | |
./TestSuiteResults/ | |
./logs/ | |
- name: Check TLS-Anvil Test Results | |
run: python3 ./src/scripts/ci/ci_tlsanvil_check.py --verbose ./TestSuiteResults |