Skip to content

Continuous integration #524

Continuous integration

Continuous integration #524

Workflow file for this run

name: Continuous integration
on:
push:
pull_request:
schedule:
# Run every day at midnight UTC
- cron: '0 0 * * *'
jobs:
build:
strategy:
fail-fast: false
matrix:
platform: [ubuntu-latest, macos-latest, self-hosted-linux-aarch64, self-hosted-mac-m1]
runs-on: ${{ matrix.platform }}
steps:
- name: Set up JDK 11 for toolchains
uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 11
- name: Set runner-specific environment variables
shell: bash
run: |
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV
echo "M2_REPO=${{ runner.temp }}/m2" >> $GITHUB_ENV
- uses: actions/checkout@v2
- name: Setup Linux environment
if: runner.os == 'Linux' && runner.arch == 'x64'
run: |
echo "CC=clang" >> $GITHUB_ENV
echo "CXX=clang++" >> $GITHUB_ENV
sudo add-apt-repository ppa:openjdk-r/ppa
sudo apt-get -qq update
sudo apt-get -qq install -y --no-install-recommends \
gcc-multilib \
g++-multilib \
openjdk-11-jre-headless
- name: Setup Linux environment
if: runner.os == 'Linux' && runner.arch == 'arm64'
run: |
echo "CC=clang" >> $GITHUB_ENV
echo "CXX=clang++" >> $GITHUB_ENV
yum -qqy update
yum -qq install -y perl git make clang libstdc++-static java-11-openjdk
- name: Setup macOS environment
if: runner.os == 'macOS' && runner.arch == 'arm64'
run: |
echo "CC=clang" >> $GITHUB_ENV
echo "CXX=clang++" >> $GITHUB_ENV
- name: Checkout Tongsuo tag 8.4.0-pre2 branch
shell: bash
run: |
mkdir -p "$TONGSUO_HOME"
cd "$TONGSUO_HOME"
for i in {1..10}; do git clone -b 8.4.0-pre2 https://github.com/Tongsuo-Project/Tongsuo.git "./" && break || sleep 5; done
- name: Build Tongsuo x86-64 MacOS
if: runner.os == 'macOS' && runner.arch == 'x64'
env:
# For compatibility, but 10.15 target requires 16-byte stack alignment.
MACOSX_DEPLOYMENT_TARGET: 10.11
run: |
mkdir -p "$TONGSUO_HOME/build.x64"
pushd "$TONGSUO_HOME"
./config --libdir=lib --prefix=$TONGSUO_HOME/build.x64 enable-weak-ssl-ciphers
make -s -j4
make install
tar -zcvf build.x64.tgz build.x64
popd
- name: Upload macOS-X64 Tongsuo lib and bin
if: runner.os == 'macOS' && runner.arch == 'x64'
uses: actions/upload-artifact@v2
with:
name: tongsuo_osx_x64_bin.tgz
path: ${{ runner.temp }}/Tongsuo/build.x64.tgz
if-no-files-found: error
- name: Build Tongsuo MacOS arm64
if: runner.os == 'macOS' && runner.arch == 'arm64'
env:
# For compatibility, but 10.15 target requires 16-byte stack alignment.
MACOSX_DEPLOYMENT_TARGET: 10.11
run: |
mkdir -p "$TONGSUO_HOME/build.arm64"
pushd "$TONGSUO_HOME"
./config --libdir=lib --prefix=$TONGSUO_HOME/build.arm64 enable-weak-ssl-ciphers
make -s -j4
make install
tar -zcvf build.arm64.tgz build.arm64
popd
- name: Upload macOS-ARM64 Tongsuo bin
if: runner.os == 'macOS' && runner.arch == 'arm64'
uses: actions/upload-artifact@v2
with:
name: tongsuo_osx_arm64_bin.tgz
path: ${{ runner.temp }}/Tongsuo/build.arm64.tgz
if-no-files-found: error
- name: Build Tongsuo x86_64 Linux
if: runner.os == 'Linux' && runner.arch == 'x64'
shell: bash
run: |
mkdir -p "$TONGSUO_HOME/build.x64"
pushd "$TONGSUO_HOME"
./config --libdir=lib --prefix=$TONGSUO_HOME/build.x64 enable-weak-ssl-ciphers
make -s -j4
make install
tar -zcvf build.x64.tgz build.x64
popd
- name: Upload Linux-X64 Tongsuo bin
if: runner.os == 'Linux' && runner.arch == 'x64'
uses: actions/upload-artifact@v2
with:
name: tongsuo_linux_x64_bin.tgz
path: ${{ runner.temp }}/Tongsuo/build.x64.tgz
if-no-files-found: error
- name: Build Tongsuo arm64 Linux
if: runner.os == 'Linux' && runner.arch == 'arm64'
shell: bash
run: |
mkdir -p "$TONGSUO_HOME/build.arm64"
pushd "$TONGSUO_HOME"
./config --libdir=lib --prefix=$TONGSUO_HOME/build.arm64 enable-weak-ssl-ciphers
make -s -j4
make install
tar -zcvf build.arm64.tgz build.arm64
popd
- name: Upload Linux-ARM64 Tongsuo bin
if: runner.os == 'Linux' && runner.arch == 'arm64'
uses: actions/upload-artifact@v2
with:
name: tongsuo_linux_arm64_bin.tgz
path: ${{ runner.temp }}/Tongsuo/build.arm64.tgz
if-no-files-found: error
- name: Build with Gradle
shell: bash
run: ./gradlew assemble -PcheckErrorQueue
- name: Test with Gradle
shell: bash
run: ./gradlew test -PcheckErrorQueue
- name: Other checks with Gradle
shell: bash
run: ./gradlew check -PcheckErrorQueue
- name: Publish to local Maven repo
shell: bash
run: ./gradlew publishToMavenLocal -Dmaven.repo.local="$M2_REPO"
- name: Upload Maven respository
uses: actions/upload-artifact@v2
with:
name: m2repo-${{ runner.os }}-${{ runner.arch }}
path: ${{ runner.temp }}/m2
# testjar is platform-independent, choose linux-x86-64 platform runner
# to collect testjar and upload.
- name: Build test JAR with dependencies
if: runner.os == 'Linux' && runner.arch == 'x64'
shell: bash
run: ./gradlew :security-native:testJar -PcheckErrorQueue
- name: Upload test JAR with dependencies
if: runner.os == 'Linux' && runner.arch == 'x64'
uses: actions/upload-artifact@v2
with:
name: testjar
path: openjdk/build/libs/security-native-*-tests.jar
if-no-files-found: error
uberjar:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set runner-specific environment variables
shell: bash
run: |
echo "M2_REPO=${{ runner.temp }}/m2" >> $GITHUB_ENV
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV
- name: Download Maven repository for Linux X86-64
uses: actions/download-artifact@v2
with:
name: m2repo-Linux-X64
path: ${{ runner.temp }}/m2
- name: Download Maven repository for Linux ARM64
uses: actions/download-artifact@v2
with:
name: m2repo-Linux-ARM64
path: ${{ runner.temp }}/m2
- name: Download Maven repository for MacOS X86-64
uses: actions/download-artifact@v2
with:
name: m2repo-macOS-X64
path: ${{ runner.temp }}/m2
- name: Download Maven repository for MacOS ARM64
uses: actions/download-artifact@v2
with:
name: m2repo-macOS-ARM64
path: ${{ runner.temp }}/m2
- name: Checkout Tongsuo tag 8.4.0-pre2 branch
shell: bash
run: |
mkdir -p "$TONGSUO_HOME"
cd "$TONGSUO_HOME"
for i in {1..10}; do git clone -b 8.4.0-pre2 https://github.com/Tongsuo-Project/Tongsuo.git "./" && break || sleep 5; done
- name: Build UberJAR with Gradle
shell: bash
run: |
./gradlew :security-native-uber:build -Dcom.alibaba.dragonwell.security.native.buildUberJar=true -Dmaven.repo.local="$M2_REPO"
- name: Publish UberJAR to Maven Local
shell: bash
run: |
./gradlew :security-native-uber:publishToMavenLocal -Dcom.alibaba.dragonwell.security.native.buildUberJar=true -Dmaven.repo.local="$M2_REPO"
- name: Upload Maven respository
uses: actions/upload-artifact@v2
with:
name: m2repo-uber
path: ${{ runner.temp }}/m2
openjdk-test:
needs: uberjar
strategy:
fail-fast: false
matrix:
platform: [ubuntu-latest, macos-latest, self-hosted-linux-aarch64, self-hosted-mac-m1]
java: [8, 11]
include:
- java: 8
suite_class: "org.conscrypt.Conscrypt(OpenJdk)?Suite"
- java: 11
suite_class: "org.conscrypt.Conscrypt(OpenJdk)?Suite"
runs-on: ${{ matrix.platform }}
steps:
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: ${{ matrix.java }}
distribution: 'zulu'
- name: Set runner-specific environment variables
shell: bash
run: |
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV
mkdir -p "${{ runner.temp }}/Tongsuo"
- name: Download Maven repository for macOS X64
if: runner.os == 'macOS' && runner.arch == 'x64'
uses: actions/download-artifact@v2
with:
name: tongsuo_osx_x64_bin.tgz
path: ${{ runner.temp }}/Tongsuo
- name: Uncompress files
if: runner.os == 'macOS' && runner.arch == 'x64'
run: |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.x64.tgz -C ${{ runner.temp }}/Tongsuo
DYLD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.x64/lib ${{ runner.temp }}/Tongsuo/build.x64/bin/openssl version
- name: Download Maven repository for macOS arm64
if: runner.os == 'macOS' && runner.arch == 'arm64'
uses: actions/download-artifact@v2
with:
name: tongsuo_osx_arm64_bin.tgz
path: ${{ runner.temp }}/Tongsuo
- name: Uncompress files
if: runner.os == 'macOS' && runner.arch == 'arm64'
run: |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.arm64.tgz -C ${{ runner.temp }}/Tongsuo
DYLD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.arm64/lib ${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl version
- name: Download Maven repository for Linux X64
if: runner.os == 'Linux' && runner.arch == 'x64'
uses: actions/download-artifact@v2
with:
name: tongsuo_linux_x64_bin.tgz
path: ${{ runner.temp }}/Tongsuo
- name: Uncompress files
if: runner.os == 'Linux' && runner.arch == 'x64'
run: |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.x64.tgz -C ${{ runner.temp }}/Tongsuo && ls ${{ runner.temp }}/Tongsuo
LD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.x64/lib ${{ runner.temp }}/Tongsuo/build.x64/bin/openssl version
- name: Download Maven repository for Linux ARM64
if: runner.os == 'Linux' && runner.arch == 'arm64'
uses: actions/download-artifact@v2
with:
name: tongsuo_linux_arm64_bin.tgz
path: ${{ runner.temp }}/Tongsuo
- name: Uncompress files
if: runner.os == 'Linux' && runner.arch == 'arm64'
run: |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.arm64.tgz -C ${{ runner.temp }}/Tongsuo && ls ${{ runner.temp }}/Tongsuo
LD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.arm64/lib ${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl version
- name: Download UberJAR
uses: actions/download-artifact@v2
with:
name: m2repo-uber
path: m2
- name: Download Test JAR with Dependencies
uses: actions/download-artifact@v2
with:
name: testjar
path: testjar
- name: Download JUnit runner
shell: bash
run: mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:copy -Dartifact=org.junit.platform:junit-platform-console-standalone:1.6.2 -DoutputDirectory=. -Dmdep.stripVersion=true
- name: Run JUnit tests
if: runner.arch == 'x64'
shell: bash
run: |
DIR="$(find m2/com/alibaba/dragonwell/security-native-uber -maxdepth 1 -mindepth 1 -type d -print)"
VERSION="${DIR##*/}"
TESTJAR="$(find testjar -name '*-tests.jar')"
zip -d $TESTJAR 'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*.DSA'
CLASS_PATH="$DIR/security-native-uber-$VERSION.jar:$TESTJAR"
PROPERTY0="-Dtest.babassl.path=${{ runner.temp }}/Tongsuo/build.x64/bin/openssl"
PROPERTY1="-Dtest.openssl.path=${{ runner.temp }}/Tongsuo/build.x64/bin/openssl"
PROPERTY2="-Dtest.babassl.lib.path=${{ runner.temp }}/Tongsuo/build.x64/lib"
PROPERTY3="-Dtest.openssl.lib.path=${{ runner.temp }}/Tongsuo/build.x64/lib"
PROPERTY4="-Dtest.classpath=$CLASS_PATH"
java $PROPERTY0 $PROPERTY1 $PROPERTY2 $PROPERTY3 $PROPERTY4 -jar junit-platform-console-standalone.jar -cp $CLASS_PATH -n='${{ matrix.suite_class }}' --scan-classpath --reports-dir=results --fail-if-no-tests
- name: Run JUnit tests
if: runner.arch == 'arm64'
shell: bash
run: |
DIR="$(find m2/com/alibaba/dragonwell/security-native-uber -maxdepth 1 -mindepth 1 -type d -print)"
VERSION="${DIR##*/}"
TESTJAR="$(find testjar -name '*-tests.jar')"
zip -d $TESTJAR 'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*.DSA'
CLASS_PATH="$DIR/security-native-uber-$VERSION.jar:$TESTJAR"
PROPERTY0="-Dtest.babassl.path=${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl"
PROPERTY1="-Dtest.openssl.path=${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl"
PROPERTY2="-Dtest.babassl.lib.path=${{ runner.temp }}/Tongsuo/build.arm64/lib"
PROPERTY3="-Dtest.openssl.lib.path=${{ runner.temp }}/Tongsuo/build.arm64/lib"
PROPERTY4="-Dtest.classpath=$CLASS_PATH"
java $PROPERTY0 $PROPERTY1 $PROPERTY2 $PROPERTY3 $PROPERTY4 -jar junit-platform-console-standalone.jar -cp $CLASS_PATH -n='${{ matrix.suite_class }}' --scan-classpath --reports-dir=results --fail-if-no-tests
- name: Archive test results
if: ${{ always() }}
uses: actions/upload-artifact@v2
with:
name: test-results-${{ matrix.platform }}-${{ matrix.java }}
path: results