378d500caf
REGTESTS: use -dI for insecure fork by default in the regtest scripts
...
Let's remove the CI HAPROXY_ARGS setting and set -dI for anything run
with the run-regtests.sh.
2024-04-22 16:15:57 +02:00
76f56a39be
CI: modernize macos matrix
...
let's stick to macos-13 for stable branches and macos-14 for development branches.
since macos-14 is available for Apple Silicon, some modifications are required
for VTest (should be ported to VTest later)
news: https://github.blog/changelog/2024-01-30-github-actions-macos-14-sonoma-is-now-available/
2024-04-19 17:37:24 +02:00
2bb9e3bd06
CI: reduce ASAN log redirection umbrella size
...
previously ASAN_OPTIONS=log_path=asan.log was intended for VTest
execution only, it should not affect "haproxy -vv" and hsproxy
config smoke testing
2024-04-17 11:14:44 +02:00
b5dd8b466e
CI: revert kernel addr randomization introduced in 3a0fc864
...
It has been resolved on image generation side:
https://github.com/actions/runner-images/issues/9491
It is no harm to keep it on our side as well, but we can drop it.
2024-04-13 14:43:36 +02:00
ac73a23454
BUILD: makefile: also drop DEBUG_CFLAGS
...
This one is often used as a gateway to inject regular CFLAGS, even though
not designed for this. It's now ignored, but any attempt at setting it
reports a warning suggesting to use CFLAGS or ARCH_FLAGS instead.
2024-04-11 17:33:28 +02:00
88c151f9ca
BUILD: makefile: drop the ARCH variable and better document ARCH_FLAGS
...
ARCH_FLAGS was always present and is documented as being fed to both
CC and LD during the build. This is meant for options that need to be
consistent between the two stages such as -pg, -flto, -fsanitize=address,
-m64, -g etc. Its doc was lacking a bit of clarity though, and it was
not enumerated in the makefile's variables list.
ARCH however was only documented as affecting ARCH_FLAGS, and was just
never used as the only two really usable and supported ARCH_FLAGS options
were -m32 and -m64. In addition it was even written in the makefile that
it was CPU that was affecting the ARCH_FLAGS. Let's just drop ARCH and
improve the documentation on ARCH_FLAGS. Again, if ARCH is set, a warning
is emitted explaining how to proceed.
ARCH_FLAGS is now preset to -g so that we finally have a correct place
to deal with such debugging options that need to be passed to both
stages. The fedora and musl CI workflows were updated to also use it
instead of sticking to duplicate DEBUG_CFLAGS+LDFLAGS.
It's also worth noting that BUILD_ARCH was being passed to the build
process and never used anywhere in the code, so its removal will not
be noticed.
2024-04-11 17:33:28 +02:00
8194499bec
BUILD: makefile: move -O2 from CPU_CFLAGS to OPT_CFLAGS
...
CPU_CFLAGS is meant to set the CPU-specific options (-mcpu, -march etc).
The fact that it also includes the optimization level is annoying because
one cannot be set without replacing the other. Let's move the optimization
level to a new independent OPT_CFLAGS that is added early to the list, so
that other CFLAGS (including CPU_CFLAGS) can continue to override it if
necessary.
2024-04-11 17:25:45 +02:00
6b6a6ad431
CI: update the build options to get rid of unneeded DEBUG options
...
Now that DEBUG_STRICT and DEBUG_MEMORY_POOLS are the default, we can
drop them from the build options.
2024-04-11 17:25:45 +02:00
ba1a0559e4
CI: extend Fedora Rawhide, add m32 mode
...
hopefully it will allow to catch regressions like this
https://github.com/haproxy/haproxy/commit/e41638a
2024-04-04 08:59:34 +02:00
9dd9289cec
CI: vtest: show coredumps if any
...
if any coredump is found, it is passed to gdb with
'thread apply all bt full'
2024-04-02 07:29:08 +02:00
3a0fc8641b
CI: temporarily adjust kernel entropy to work with ASAN/clang
...
clang runtime (shipped with clang14) is not compatible with recent
Ubuntu kernels
more details: https://github.com/actions/runner-images/issues/9491
2024-03-18 19:54:33 +01:00
9c2e900a9b
CI: github: add -dI to haproxy arguments
...
-dI is useful when running with ASAN, allow to fork addr2line
2024-03-13 11:23:14 +01:00
bb25ee7b26
CI: github: add -DDEBUG_LIST to the default builds
...
Add the -DDEBUG_LIST flag which allow to check if a list element was
removed twice.
2024-03-13 09:01:11 +01:00
e3af7f832c
CI: skip scheduled builds on forks
...
tracking bleeding edge changes with some rare platforms or modern
compilers on scheduled basis is not what usually forks do. let's
skip by default in forks, if some fork is interested, it might be
enabled locally
2024-03-05 11:50:34 +01:00
6142a3fad7
CI: enable monthly build only test on netbsd-9.3
...
it is interesting to try https://github.com/vmactions/netbsd-vm actions
2024-03-05 11:50:34 +01:00
6b54a7b65e
CI: run more smoke tests on config syntax to check memory related issues
...
config syntax check seems add a value on testing code path not
covered by VTest, also checks are very fast
2024-03-05 11:50:34 +01:00
4559470728
CI: Update to actions/cache@v4
...
No functional change, but this upgrade is required, due to the v3 runtime being
deprecated:
> Node.js 16 actions are deprecated. Please update the following actions to use
> Node.js 20: actions/cache@v3. For more information see:
> https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/ .
2024-02-10 05:12:20 +01:00
7b881003b1
CI: github: abandon asan matrix.py helper
...
that helper was useful in days when we beleived that gcc and clang
require different flags. those days are gone.
2024-02-07 11:05:28 +01:00
98291440b8
Revert "CI: enable spell check on git push"
...
This reverts commit 413aa6e2e9
2024-01-26 19:58:14 +01:00
413aa6e2e9
CI: enable spell check on git push
2024-01-26 17:30:03 +01:00
4bdfd2ebc9
CI: extend spell check white list
...
siz - seen in src/debug.c
EXPERIM - seen in src/cli.c
2024-01-26 17:29:27 +01:00
8a7c0360f3
CI: github: update wolfSSL to 5.6.6
...
Update wolfSSL to 5.6.6
2024-01-12 17:48:22 +01:00
07dc373163
CI: codespell: add more words to whitelist
...
"Collet" is "Yann Collet" - a developer of xxhash
"bu" is variable name in src/sock_unix.c
"htmp" is variable name in src/quic_retransmit.c
2024-01-12 08:34:53 +01:00
128490f183
CI: codespell: ignore some words in URLs
...
"trafic,ressources" are found in URIs, due to
https://github.com/codespell-project/actions-codespell/issues/55 we cannot use
wildcard for exclusion, let start with fixed list
2024-01-12 08:34:53 +01:00
e6d0b87f7f
CI: use semantic version compare for determing "latest" OpenSSL
...
currently "openssl-3.2.0-beta1" wins over "openssl-3.2.0" due to
string comparision. let's switch to semantic version compare
2024-01-02 10:23:40 +01:00
1a19e4e7af
CI: github: switch to wolfssl git-c4b77ad for new PR
...
The "dynamic-certs-n-ciphers" PR was just merged, lets build the wolfssl
git instead of the 5.6.4 version, so we could test the feature.
2023-12-08 12:08:22 +01:00
63957b7c87
CI: limit codespell checks to main repo, not forks
2023-11-23 16:23:14 +01:00
20726b43aa
CI: github: update wolfSSL to 5.6.4
...
Update wolfSSL to the 5.6.4 released version.
2023-11-03 18:50:45 +01:00
cc743b698f
CI: github: add awslc 1.16.0 to the push CI
...
Add a awslc 1.16.0 to the push CI. Since this is a fixed version it
shouldn't cause problems.
2023-10-11 11:38:27 +02:00
5fa7bf207e
CI: github: update wolfssl to git revision d83f2fa
...
WolfSSL 5.6.3 does not pass all the haproxy reg-tests since some fixes
are still unreleased in the master branch.
Build wolfSSL with a recent git revision to have passing reg-tests.
2023-10-11 11:25:00 +02:00
160615e574
CI: github: add a wolfssl entry to the CI
...
Add a build with wolfssl 5.6.3 to the github CI.
2023-10-11 11:24:40 +02:00
aaa326b571
CI: github: add USE_QUIC=1 to aws-lc build
...
Feature are limited but aws-lc can now build with USE_QUIC=1.
2023-10-04 17:03:34 +02:00
d89734bcc5
CI: musl: drop shopt in workflow invocation
...
"shopt" is bash specific, while musl uses bourne shell.
/__w/_temp/1b0f5f5d-c71b-4a66-8be3-e1fe51c10993.sh: line 7: shopt: not found
2023-09-08 19:05:04 +02:00
8382d71808
CI: musl: highlight section if there are coredumps
...
previously, section was collapsed, thus it was harder to find that
there's something to look at
2023-09-08 19:05:04 +02:00
5c923f1869
CI: Update to actions/checkout@v4
...
No functional change, but we should keep this current.
see 5f4ddb54b0
2023-09-06 17:46:02 +02:00
06d36913bd
CI: github: Add a weekly CI run building with AWS-LC
...
Use determine_latest_aws_lc() from matrix.py to always test with
the latest release of AWS-LC. Run the common "default,bug,devel"
tests.
2023-09-06 13:41:36 +02:00
b2a7840a28
CI: Update matrix.py so all code is contained in functions.
...
Refactor matrix.py so all the logic is contained inside either
helper functions or a new main function. Run the new main function
by default. This lets other GitHub actions use functions in the
python code without generating the whole matrix.
2023-09-06 13:41:36 +02:00
4f77690366
CI: add support to matrix.py to determine the latest AWS-LC release
...
Refactor the existing OpenSSL tag parsing logic to share some of GitHub
tag logic. OpenSSL and AWS-LC don't follow the same naming convention so
each library has it's own sorting logic.
2023-09-06 13:41:36 +02:00
28e94c6192
CI: fedora: fix "dnf" invocation syntax
...
In 39e205302e
2023-08-25 09:31:09 +02:00
54cafa908d
CI: get rid of travis-ci wrapper for Coverity scan
...
historically coverity scan was performed by travis-ci script, let us
rewrite it in bash
2023-08-10 08:01:17 +02:00
39e205302e
CI: do not use "groupinstall" for Fedora Rawhide builds
...
Fedora Rawhide migrated to dnf5, which does not support "groupinstall"
2023-08-10 08:01:17 +02:00
f7dcceccc9
CI: explicitely highlight VTest result section if there's something
...
it turned out that people miss VTest result section because it is not highlighted,
let us fix that
2023-07-17 15:56:53 +02:00
ddedefcaaa
CI: add naming convention documentation
...
branches "haproxy-" stand for stable branches, otherwise development
2023-07-17 15:56:52 +02:00
8a46f98615
CI: drop Fedora m32 pipeline in favour of cross matrix
...
Fedora m32 monthly was introduced before cross matrix. Actually,
many of cross builds are 32 bit, no need to keep dedicated Fedora
definition
2023-05-17 14:57:10 +02:00
5414d82ce5
CI: enable monthly Fedora Rawhide clang builds
...
that was temporarily disabled due to
https://github.com/haproxy/haproxy/issues/1868
we are unblocked, let us enable clang in matrix
2023-05-13 17:42:32 +02:00
ed79a27a91
CI: more granular failure on generating build matrix
...
when some api endpoints used for determine latest OpenSSL, LibreSSL
are unavailable, fail only those builds, not entire matrix
2023-05-08 14:05:44 +02:00
156c4b3439
CI: switch to Fastly CDN to download LibreSSL
...
OpenBSD ftp is down, let us switch to mirror
2023-04-26 18:41:03 +02:00
edfa7c99e9
CI: extend spellchecker whitelist, add "clen" as well
...
"clen" is all around the code, since codespell cannot distingush
variables names, let us ignore it
2023-04-23 09:44:53 +02:00
ea5a5e6feb
CI: enable monthly test on Fedora Rawhide
...
Fedora Rawhide is shipped with the most recent compilers, not yet released with
more conservative distro. It is good to catch compile errors on those compilers.
2023-04-14 10:05:32 +02:00
86a40f5de9
CI: bump "actions/checkout" to v3 for cross zoo matrix
...
actions/checkout@v2 is deprecated, accidently it was not updated in our
build definition
2023-04-14 10:05:09 +02:00
William Lallemand
Ilya Shipitsin
Willy Tarreau
Tim Duesterhus
Andrew Hopkins