Limit Server::inBuf growth (#1898) #3710
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: GitHub CI | |
on: | |
push: | |
# test this branch and staged PRs based on this branch code | |
branches: [ "master", "auto" ] | |
pull_request: | |
# test PRs targeting this branch code | |
branches: [ "master" ] | |
env: | |
# empty except for pull_request events | |
PULL_REQUEST_NUMBER: ${{ github.event.pull_request.number }} | |
# Full clones of Squid repository branches (depth=19000+) waste resources, | |
# while excessively shallow clones break tests that check for past commits | |
# (e.g., to skip a particular test until a known bug is fixed) or generate | |
# diffs against them (e.g., for `git diff --check`). This arbitrary limit | |
# tries to balance the two concerns. | |
CHECKOUT_FETCH_DEPTH: 1001 | |
jobs: | |
functionality-tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install prerequisite packages | |
run: | | |
sudo apt-get --quiet=2 update | |
sudo apt-get --quiet=2 install libtool-bin | |
- name: Setup a nodejs environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 20 | |
- name: Checkout Squid sources | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: ${{ env.CHECKOUT_FETCH_DEPTH }} | |
- run: ./bootstrap.sh | |
- run: ./configure --with-openssl | |
- run: make -j`nproc` | |
- run: | | |
sudo make install | |
sudo chown -R nobody:nogroup /usr/local/squid | |
- run: ./test-suite/test-functionality.sh | |
# Squid logs are not readable to actions/upload-artifact below | |
- name: Prep test logs | |
if: success() || failure() | |
run: sudo chmod -R a+rX /usr/local/squid | |
- name: Publish test logs | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-logs | |
path: | | |
${{ runner.temp }}/*.log | |
/usr/local/squid/var/logs/overlord/*.log | |
source-maintenance-tests: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install prerequisite packages | |
run: | | |
sudo apt-get --quiet=2 update | |
sudo apt-get --quiet=2 install astyle | |
sudo apt-get --quiet=2 install gperf | |
pip install \ | |
--user \ | |
--no-cache-dir \ | |
--disable-pip-version-check \ | |
--quiet \ | |
--progress-bar off \ | |
codespell==1.16 # TODO: Upgrade to codespell v2 | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: ${{ env.CHECKOUT_FETCH_DEPTH }} | |
- run: ./test-suite/test-sources.sh | |
build-tests: | |
strategy: | |
fail-fast: true | |
matrix: | |
os: | |
- ubuntu-22.04 | |
- macos-14 | |
compiler: | |
- { CC: gcc, CXX: g++ } | |
- { CC: clang, CXX: clang++ } | |
layer: | |
- { name: layer-00-default, nick: default } | |
- { name: layer-01-minimal, nick: minimal } | |
- { name: layer-02-maximus, nick: maximus } | |
exclude: | |
# Non-clang testing on MacOS is too much work for very little gain | |
- { os: macos-14, compiler: { CC: gcc, CXX: g++ } } | |
runs-on: ${{ matrix.os }} | |
name: build-tests(${{ matrix.os }},${{ matrix.compiler.CC }},${{ matrix.layer.nick }}) | |
env: | |
CC: ${{ matrix.compiler.CC }} | |
CXX: ${{ matrix.compiler.CXX }} | |
steps: | |
- name: Install prerequisite Linux packages | |
if: runner.os == 'Linux' | |
run: | | |
# required for "apt-get build-dep" to work | |
sudo sed --in-place -E 's/# (deb-src.*updates main)/ \1/g' /etc/apt/sources.list | |
sudo apt-get --quiet=2 update | |
sudo apt-get --quiet=2 build-dep squid | |
sudo apt-get --quiet=2 install linuxdoc-tools libtool-bin ${{ matrix.compiler.CC }} | |
- name: Install prerequisite MacOS packages | |
if: runner.os == 'macOS' | |
run: | | |
brew install \ | |
automake coreutils cppunit gawk \ | |
gnu-getopt gnu-sed grep libtool \ | |
make cyrus-sasl | |
# openldap openssl # already provided by github workers base-image | |
- name: Checkout sources | |
uses: actions/checkout@v4 | |
- name: Run build on Linux | |
if: runner.os == 'Linux' | |
run: ./test-builds.sh ${{ matrix.layer.name }} | |
- name: Run build on MacOS | |
if: runner.os == 'macOS' | |
run: | | |
eval `brew shellenv` | |
PKG_CONFIG_PATH="$HOMEBREW_PREFIX/lib/pkgconfig" | |
PKG_CONFIG_PATH="$PKG_CONFIG_PATH:$HOMEBREW_PREFIX/opt/openldap/lib/pkgconfig" | |
PKG_CONFIG_PATH="$PKG_CONFIG_PATH:$HOMEBREW_PREFIX/opt/cyrus-sasl/lib/pkgconfig" | |
export PKG_CONFIG_PATH | |
export GETOPT="$HOMEBREW_PREFIX/opt/gnu-getopt/bin/getopt" | |
export MAKE="$HOMEBREW_PREFIX/bin/gmake" | |
# ensure we use Homebrew headers and libraries | |
# this is needed because pkg-config --libs openssl points to the wrong directory | |
# in version openssl@3: stable 3.3.0 | |
export CPPFLAGS="-I$HOMEBREW_PREFIX/include${CPPFLAGS:+ $CPPFLAGS}" | |
export LDFLAGS="-L$HOMEBREW_PREFIX/lib${LDFLAGS:+ $LDFLAGS}" | |
export CFLAGS="-Wno-compound-token-split-by-macro${CFLAGS:+ $CFLAGS}" # needed fir ltdl with Xcode | |
# libtool package referenced below fails to copy its configure* | |
# files, possibly due to a packaging/brewing bug. The following sed | |
# command restores installed libtoolize code to its earlier (and | |
# working) variation. | |
echo "brew libtool package details:" | |
brew info libtool --json | grep -E 'rebuild|tap_git_head' | |
# This hack was tested on libtoolize package with the following output: | |
# "rebuild": 2, | |
# "tap_git_head": "5cede8ea3b7b12c7f68215f75a951430b38d945f", | |
# | |
editable=$HOMEBREW_CELLAR/libtool/2.4.7/bin/glibtoolize | |
sed -i.bak 's@ltdl_ac_aux_dir=""@ltdl_ac_aux_dir="../build-aux"@' $editable || true | |
diff -u $editable.bak $editable || true | |
./test-builds.sh ${{ matrix.layer.name }} | |
- name: Publish build logs | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: build-logs-${{ matrix.os }}-${{ matrix.compiler.CC }}-${{ matrix.layer.nick }} | |
path: btlayer-*.log | |
CodeQL-tests: | |
runs-on: [ ubuntu-22.04 ] | |
permissions: | |
security-events: write | |
steps: | |
- name: Install Squid prerequisite Linux packages | |
if: runner.os == 'Linux' | |
run: | | |
# required for "apt-get build-dep" to work | |
sudo sed --in-place -E 's/# (deb-src.*updates main)/ \1/g' /etc/apt/sources.list | |
sudo apt-get --quiet=2 update | |
sudo apt-get --quiet=2 build-dep squid | |
sudo apt-get --quiet=2 install linuxdoc-tools libtool-bin | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@v3 | |
- name: Build Squid | |
run: ./test-builds.sh ./test-suite/buildtests/layer-02-maximus.opts | |
- name: Perform CodeQL Analysis | |
uses: github/codeql-action/analyze@v3 |