Ilya Shipitsin
d89734bcc5
CI: musl: drop shopt in workflow invocation
...
"shopt" is bash specific, while musl uses bourne shell.
/__w/_temp/1b0f5f5d-c71b-4a66-8be3-e1fe51c10993.sh: line 7: shopt: not found
2023-09-08 19:05:04 +02:00
Ilya Shipitsin
8382d71808
CI: musl: highlight section if there are coredumps
...
previously, section was collapsed, thus it was harder to find that
there's something to look at
2023-09-08 19:05:04 +02:00
Tim Duesterhus
5c923f1869
CI: Update to actions/checkout@v4
...
No functional change, but we should keep this current.
see 5f4ddb54b0
2023-09-06 17:46:02 +02:00
Andrew Hopkins
06d36913bd
CI: github: Add a weekly CI run building with AWS-LC
...
Use determine_latest_aws_lc() from matrix.py to always test with
the latest release of AWS-LC. Run the common "default,bug,devel"
tests.
2023-09-06 13:41:36 +02:00
Andrew Hopkins
b2a7840a28
CI: Update matrix.py so all code is contained in functions.
...
Refactor matrix.py so all the logic is contained inside either
helper functions or a new main function. Run the new main function
by default. This lets other GitHub actions use functions in the
python code without generating the whole matrix.
2023-09-06 13:41:36 +02:00
Andrew Hopkins
4f77690366
CI: add support to matrix.py to determine the latest AWS-LC release
...
Refactor the existing OpenSSL tag parsing logic to share some of GitHub
tag logic. OpenSSL and AWS-LC don't follow the same naming convention so
each library has it's own sorting logic.
2023-09-06 13:41:36 +02:00
Ilya Shipitsin
28e94c6192
CI: fedora: fix "dnf" invocation syntax
...
In 39e205302e
I erroneously used
"dnf git" instead of "dnf install"
2023-08-25 09:31:09 +02:00
Ilya Shipitsin
54cafa908d
CI: get rid of travis-ci wrapper for Coverity scan
...
historically coverity scan was performed by travis-ci script, let us
rewrite it in bash
2023-08-10 08:01:17 +02:00
Ilya Shipitsin
39e205302e
CI: do not use "groupinstall" for Fedora Rawhide builds
...
Fedora Rawhide migrated to dnf5, which does not support "groupinstall"
2023-08-10 08:01:17 +02:00
Ilya Shipitsin
f7dcceccc9
CI: explicitely highlight VTest result section if there's something
...
it turned out that people miss VTest result section because it is not highlighted,
let us fix that
2023-07-17 15:56:53 +02:00
Ilya Shipitsin
ddedefcaaa
CI: add naming convention documentation
...
branches "haproxy-" stand for stable branches, otherwise development
2023-07-17 15:56:52 +02:00
Ilya Shipitsin
8a46f98615
CI: drop Fedora m32 pipeline in favour of cross matrix
...
Fedora m32 monthly was introduced before cross matrix. Actually,
many of cross builds are 32 bit, no need to keep dedicated Fedora
definition
2023-05-17 14:57:10 +02:00
Ilya Shipitsin
5414d82ce5
CI: enable monthly Fedora Rawhide clang builds
...
that was temporarily disabled due to
https://github.com/haproxy/haproxy/issues/1868
we are unblocked, let us enable clang in matrix
2023-05-13 17:42:32 +02:00
Ilya Shipitsin
ed79a27a91
CI: more granular failure on generating build matrix
...
when some api endpoints used for determine latest OpenSSL, LibreSSL
are unavailable, fail only those builds, not entire matrix
2023-05-08 14:05:44 +02:00
Ilia Shipitsin
156c4b3439
CI: switch to Fastly CDN to download LibreSSL
...
OpenBSD ftp is down, let us switch to mirror
2023-04-26 18:41:03 +02:00
Ilya Shipitsin
edfa7c99e9
CI: extend spellchecker whitelist, add "clen" as well
...
"clen" is all around the code, since codespell cannot distingush
variables names, let us ignore it
2023-04-23 09:44:53 +02:00
Ilya Shipitsin
ea5a5e6feb
CI: enable monthly test on Fedora Rawhide
...
Fedora Rawhide is shipped with the most recent compilers, not yet released with
more conservative distro. It is good to catch compile errors on those compilers.
2023-04-14 10:05:32 +02:00
Ilya Shipitsin
86a40f5de9
CI: bump "actions/checkout" to v3 for cross zoo matrix
...
actions/checkout@v2 is deprecated, accidently it was not updated in our
build definition
2023-04-14 10:05:09 +02:00
Ilya Shipitsin
d481ed3fa0
CI: exclude doc/{design-thoughts,internals} from spell check
...
as those directories do contain many documents written in French,
codespell is catching a lot of false positives scanning them.
2023-04-01 18:34:10 +02:00
Ilya Shipitsin
7e6e0388d6
CI: run smoke tests on config syntax to check memory related issues
...
config syntax check seems add a value on testing code path not
covered by VTest, also checks are very fast
2023-04-01 18:30:52 +02:00
Tim Duesterhus
081091187e
CI: Reformat matrix.py
using black
...
The initial version of matrix.py was formatted using `black` [1], but with all
the later changes, the formatting diverged quite a bit. This patch reformats
the script using black, fixing the indentation of some statements and
shortening overlong lines.
[1] https://github.com/psf/black
2023-01-03 16:28:34 +01:00
Tim Duesterhus
e327e41430
CI: Explicitly check environment variable against None
in matrix.py
...
For consistency with `GITHUB_OUTPUT` at the bottom.
2023-01-03 16:28:34 +01:00
Tim Duesterhus
96e03e1a89
CI: Unify the GITHUB_TOKEN
name across matrix.py and vtest.yml
...
This makes naming a little clearer in matrix.py, because the name matches the
name of the actual secret.
2023-01-03 16:28:34 +01:00
Tim Duesterhus
fd7931e7f3
CI: Use proper if
blocks instead of conditional expressions in matrix.py
...
For complex expressions, such as the ones modified, the condition expression is
much less readable, especially with the actual condition in the middle of the
"then" and "else" part.
2023-01-03 16:28:34 +01:00
Tim Duesterhus
fcc21be922
CI: Add in-memory cache for the latest OpenSSL/LibreSSL
...
These functions were previously called once per compiler. Add the `lru_cache`
decorator to only perform one HTTP request each.
2023-01-03 16:28:34 +01:00
Tim Duesterhus
3c9b6f6394
CI: Improve headline in matrix.py
...
Since 4a04cd35ae
(CI: github: split ssl lib
selection based on git branch) the branch, instead of the workflow type is
passed. The headline should reflect that.
2023-01-03 16:28:34 +01:00
William Lallemand
61839b098d
CI: github: use the GITHUB_TOKEN instead of a manually generated token
...
Github allows to use a auto generated GITHUB_TOKEN so we don't need to
handle the token in the secret configuration.
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#about-the-github_token-secret
2022-12-23 15:19:25 +01:00
Ilya Shipitsin
6fbc35f473
CI: github: enable github api authentication for OpenSSL tags read
...
github api throttles requests with no auth, thus we can enable
GITHUB_API_TOKEN env variable. if not set, current behaviour is kept
2022-12-22 17:36:32 +01:00
Ilya Shipitsin
f5994fc692
CI: github: split matrix for development and stable branches
...
ML ref: https://www.mail-archive.com/haproxy@formilux.org/msg42934.html
we agreed to use "latest" images for development branches and fixed
images for stable branches
Can be backported to 2.6.
2022-12-14 15:29:42 +01:00
Ilya Shipitsin
6dedeb70da
CI: github: remove redundant ASAN loop
...
it was there because we only ran ASAN for clang, now no need to separate loop
Can be backported to 2.6.
2022-12-14 15:29:20 +01:00
William Lallemand
2cb1493748
CI: github: set ulimit -n to a greater value
...
Set ulimit -n to 65536 to limit less the maxconn computation.
Could be backported at least to 2.5.
2022-12-14 00:31:19 +01:00
Ilya Shipitsin
4a04cd35ae
CI: github: split ssl lib selection based on git branch
...
when *SSL_VERSION="latest" behaviour was introduced, it seems to be fine
for development branches, but too intrusive for stable branches.
let us limit "latest" semantic only for development builds, if branch name
contains "haproxy-" it is supposed to be stable branch, no latest openssl
should be taken
[wla: must be backported as far as 2.6]
Signed-off-by: William Lallemand <wlallemand@haproxy.org>
2022-12-12 16:20:48 +01:00
William Lallemand
393e4e4dd1
CI: github: reintroduce openssl 1.1.1
...
OpenSSL 1.1.1 is not tested anymore since github updated "ubuntu-latest"
to 22.04, let's reintroduce this version.
2022-12-12 08:52:03 +01:00
Willy Tarreau
a051816c03
CI: emit the compiler's version in the build reports
...
Some occasional builds fail only on a specific platform and being able
to figure the exact compiler version used there is crucial. It's not
easy to guess from the rest of the output, so let's add it before the
platform-specific defines, which suit the same needs.
2022-11-14 11:14:02 +01:00
Ilya Shipitsin
6397c7c55f
CI: enable QUIC for LibreSSL builds
...
since LibreSSL-3.6.x supports QUIC, let us enable it
2022-11-07 07:49:11 +01:00
Ilya Shipitsin
70b2c72687
CI: switch to the "latest" LibreSSL
...
LibreSSL-3.6.0 had some regression, it was fixed in 3.6.1, let us
switch back to the latest LibreSSL available
2022-11-07 07:49:07 +01:00
Ilya Shipitsin
5526f922af
CI: add monthly gcc cross compile jobs
...
Build only gcc cross compile jobs are added with monthly run to catch
rare errors, mostly 32bit <--> 64bit
2022-10-30 17:17:43 +01:00
William Lallemand
6435801d09
CI: github: dump the backtrace of coredumps in the alpine container
...
This patch allows to show the backtrace of a coredump produced in the
alpine/musl jobs.
It activates some option required by the containers to allow the
production of coredump, set a shared directory so the kernel could dump
the coredump within the container. Some debug packages were also added.
2022-10-21 09:21:33 +02:00
Tim Duesterhus
b87ecbb179
CI: Replace the deprecated ::set-output
command by writing to $GITHUB_OUTPUT in workflow definition
...
See "CI: Replace the deprecated `::set-output` command by writing to
$GITHUB_OUTPUT in matrix.py" for the reasoning behind this commit.
2022-10-14 19:50:34 +02:00
Tim Duesterhus
8a03bf4052
CI: Replace the deprecated ::set-output
command by writing to $GITHUB_OUTPUT in matrix.py
...
As announced in
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
the `::set-output` command is deprecated, because processes during the workflow
execution might output untrusted information that might include the
`::set-output` command, thus allowing these untrusted information to hijack the
build.
The replacement is writing to the file indicated by the `$GITHUB_OUTPUT`
environment variable.
2022-10-14 19:50:34 +02:00
Ilya Shipitsin
b65fd66666
CI: SSL: temporarily stick to LibreSSL=3.5.3
...
recently released 3.6.0 introduced some regression which must be
resolved first, let us use 3.5.3 notation instead of "latest"
2022-10-13 08:53:27 +02:00
Ilya Shipitsin
14711bdc9a
CI: SSL: use proper version generating when "latest" semantic is used
...
both "OPENSSL_VERSION=latest" and "LIBRESSL_VERSION=latest" processing
introduced errors when build-ssl.sh script was invoked. that error
in turn led to skipping custom openssl build and haproxy was linked against
stock openssl, i.e. openssl-1.1.1
2022-10-13 08:53:11 +02:00
Ilya Shipitsin
4c785f0a1f
CI: enable weekly "m32" builds on x86_64
...
this is build only workflow, catches potential "size_t" mismatches
--
v2 job name added, various markup changes
2022-08-06 17:10:16 +02:00
Ilya Shipitsin
cfba1f93af
CI: re-enable gcc asan builds
...
for some unclear reasons asan builds were limited to clang only. let us
enable them for gcc as well
2022-07-04 17:28:58 +02:00
Ilya Shipitsin
7b893c2c6b
CI: determine actual OpenSSL version dynamically
...
this change introduce "OPENSSL_VERSION=latest" semantic, which scans
https://api.github.com/repos/openssl/openssl/tags and detects latest release.
2022-05-20 23:26:48 +02:00
Ilya Shipitsin
94cd779a4f
CI: determine actual LibreSSL version dynamically
...
this change introduce "LIBRESSL_VERSION=latest" semantic, which scans
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL/ and detects latest release.
LIBRESSL_VERSION=2.9.2 is removed from the matrix.
2022-05-14 17:30:15 +02:00
Ilya Shipitsin
0a802114e0
CI: dynamically determine actual version of h2spec
...
previously we used hardcoded h2spec version. let us switch to
the latest available
2022-05-08 11:01:58 +02:00
Ilya Shipitsin
c89dec3dc8
CI: github actions: update LibreSSL to 3.5.2
...
LibreSSL-3.5.2 was released on Apr 23nd 2022, let us switch to it
2022-04-30 14:12:51 +02:00
William Lallemand
c24ac4339c
CI: github actions: disable -Wno-deprecated
...
The deprecrated code is now disabled by default, so we can build with
quictls and openssl 3.0 without this option.
2022-04-11 19:05:03 +02:00
Tim Duesterhus
538d8fe8b7
CI: Update to actions/cache@v3
...
No functional changes for our use case, but we should keep this current.
2022-04-11 07:13:24 +02:00