Continuous integration #524
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous integration | |
on: | |
push: | |
pull_request: | |
schedule: | |
# Run every day at midnight UTC | |
- cron: '0 0 * * *' | |
jobs: | |
build: | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: [ubuntu-latest, macos-latest, self-hosted-linux-aarch64, self-hosted-mac-m1] | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- name: Set up JDK 11 for toolchains | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'zulu' | |
java-version: 11 | |
- name: Set runner-specific environment variables | |
shell: bash | |
run: | | |
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV | |
echo "M2_REPO=${{ runner.temp }}/m2" >> $GITHUB_ENV | |
- uses: actions/checkout@v2 | |
- name: Setup Linux environment | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
run: | | |
echo "CC=clang" >> $GITHUB_ENV | |
echo "CXX=clang++" >> $GITHUB_ENV | |
sudo add-apt-repository ppa:openjdk-r/ppa | |
sudo apt-get -qq update | |
sudo apt-get -qq install -y --no-install-recommends \ | |
gcc-multilib \ | |
g++-multilib \ | |
openjdk-11-jre-headless | |
- name: Setup Linux environment | |
if: runner.os == 'Linux' && runner.arch == 'arm64' | |
run: | | |
echo "CC=clang" >> $GITHUB_ENV | |
echo "CXX=clang++" >> $GITHUB_ENV | |
yum -qqy update | |
yum -qq install -y perl git make clang libstdc++-static java-11-openjdk | |
- name: Setup macOS environment | |
if: runner.os == 'macOS' && runner.arch == 'arm64' | |
run: | | |
echo "CC=clang" >> $GITHUB_ENV | |
echo "CXX=clang++" >> $GITHUB_ENV | |
- name: Checkout Tongsuo tag 8.4.0-pre2 branch | |
shell: bash | |
run: | | |
mkdir -p "$TONGSUO_HOME" | |
cd "$TONGSUO_HOME" | |
for i in {1..10}; do git clone -b 8.4.0-pre2 https://github.com/Tongsuo-Project/Tongsuo.git "./" && break || sleep 5; done | |
- name: Build Tongsuo x86-64 MacOS | |
if: runner.os == 'macOS' && runner.arch == 'x64' | |
env: | |
# For compatibility, but 10.15 target requires 16-byte stack alignment. | |
MACOSX_DEPLOYMENT_TARGET: 10.11 | |
run: | | |
mkdir -p "$TONGSUO_HOME/build.x64" | |
pushd "$TONGSUO_HOME" | |
./config --libdir=lib --prefix=$TONGSUO_HOME/build.x64 enable-weak-ssl-ciphers | |
make -s -j4 | |
make install | |
tar -zcvf build.x64.tgz build.x64 | |
popd | |
- name: Upload macOS-X64 Tongsuo lib and bin | |
if: runner.os == 'macOS' && runner.arch == 'x64' | |
uses: actions/upload-artifact@v2 | |
with: | |
name: tongsuo_osx_x64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo/build.x64.tgz | |
if-no-files-found: error | |
- name: Build Tongsuo MacOS arm64 | |
if: runner.os == 'macOS' && runner.arch == 'arm64' | |
env: | |
# For compatibility, but 10.15 target requires 16-byte stack alignment. | |
MACOSX_DEPLOYMENT_TARGET: 10.11 | |
run: | | |
mkdir -p "$TONGSUO_HOME/build.arm64" | |
pushd "$TONGSUO_HOME" | |
./config --libdir=lib --prefix=$TONGSUO_HOME/build.arm64 enable-weak-ssl-ciphers | |
make -s -j4 | |
make install | |
tar -zcvf build.arm64.tgz build.arm64 | |
popd | |
- name: Upload macOS-ARM64 Tongsuo bin | |
if: runner.os == 'macOS' && runner.arch == 'arm64' | |
uses: actions/upload-artifact@v2 | |
with: | |
name: tongsuo_osx_arm64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo/build.arm64.tgz | |
if-no-files-found: error | |
- name: Build Tongsuo x86_64 Linux | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
shell: bash | |
run: | | |
mkdir -p "$TONGSUO_HOME/build.x64" | |
pushd "$TONGSUO_HOME" | |
./config --libdir=lib --prefix=$TONGSUO_HOME/build.x64 enable-weak-ssl-ciphers | |
make -s -j4 | |
make install | |
tar -zcvf build.x64.tgz build.x64 | |
popd | |
- name: Upload Linux-X64 Tongsuo bin | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
uses: actions/upload-artifact@v2 | |
with: | |
name: tongsuo_linux_x64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo/build.x64.tgz | |
if-no-files-found: error | |
- name: Build Tongsuo arm64 Linux | |
if: runner.os == 'Linux' && runner.arch == 'arm64' | |
shell: bash | |
run: | | |
mkdir -p "$TONGSUO_HOME/build.arm64" | |
pushd "$TONGSUO_HOME" | |
./config --libdir=lib --prefix=$TONGSUO_HOME/build.arm64 enable-weak-ssl-ciphers | |
make -s -j4 | |
make install | |
tar -zcvf build.arm64.tgz build.arm64 | |
popd | |
- name: Upload Linux-ARM64 Tongsuo bin | |
if: runner.os == 'Linux' && runner.arch == 'arm64' | |
uses: actions/upload-artifact@v2 | |
with: | |
name: tongsuo_linux_arm64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo/build.arm64.tgz | |
if-no-files-found: error | |
- name: Build with Gradle | |
shell: bash | |
run: ./gradlew assemble -PcheckErrorQueue | |
- name: Test with Gradle | |
shell: bash | |
run: ./gradlew test -PcheckErrorQueue | |
- name: Other checks with Gradle | |
shell: bash | |
run: ./gradlew check -PcheckErrorQueue | |
- name: Publish to local Maven repo | |
shell: bash | |
run: ./gradlew publishToMavenLocal -Dmaven.repo.local="$M2_REPO" | |
- name: Upload Maven respository | |
uses: actions/upload-artifact@v2 | |
with: | |
name: m2repo-${{ runner.os }}-${{ runner.arch }} | |
path: ${{ runner.temp }}/m2 | |
# testjar is platform-independent, choose linux-x86-64 platform runner | |
# to collect testjar and upload. | |
- name: Build test JAR with dependencies | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
shell: bash | |
run: ./gradlew :security-native:testJar -PcheckErrorQueue | |
- name: Upload test JAR with dependencies | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
uses: actions/upload-artifact@v2 | |
with: | |
name: testjar | |
path: openjdk/build/libs/security-native-*-tests.jar | |
if-no-files-found: error | |
uberjar: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set runner-specific environment variables | |
shell: bash | |
run: | | |
echo "M2_REPO=${{ runner.temp }}/m2" >> $GITHUB_ENV | |
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV | |
- name: Download Maven repository for Linux X86-64 | |
uses: actions/download-artifact@v2 | |
with: | |
name: m2repo-Linux-X64 | |
path: ${{ runner.temp }}/m2 | |
- name: Download Maven repository for Linux ARM64 | |
uses: actions/download-artifact@v2 | |
with: | |
name: m2repo-Linux-ARM64 | |
path: ${{ runner.temp }}/m2 | |
- name: Download Maven repository for MacOS X86-64 | |
uses: actions/download-artifact@v2 | |
with: | |
name: m2repo-macOS-X64 | |
path: ${{ runner.temp }}/m2 | |
- name: Download Maven repository for MacOS ARM64 | |
uses: actions/download-artifact@v2 | |
with: | |
name: m2repo-macOS-ARM64 | |
path: ${{ runner.temp }}/m2 | |
- name: Checkout Tongsuo tag 8.4.0-pre2 branch | |
shell: bash | |
run: | | |
mkdir -p "$TONGSUO_HOME" | |
cd "$TONGSUO_HOME" | |
for i in {1..10}; do git clone -b 8.4.0-pre2 https://github.com/Tongsuo-Project/Tongsuo.git "./" && break || sleep 5; done | |
- name: Build UberJAR with Gradle | |
shell: bash | |
run: | | |
./gradlew :security-native-uber:build -Dcom.alibaba.dragonwell.security.native.buildUberJar=true -Dmaven.repo.local="$M2_REPO" | |
- name: Publish UberJAR to Maven Local | |
shell: bash | |
run: | | |
./gradlew :security-native-uber:publishToMavenLocal -Dcom.alibaba.dragonwell.security.native.buildUberJar=true -Dmaven.repo.local="$M2_REPO" | |
- name: Upload Maven respository | |
uses: actions/upload-artifact@v2 | |
with: | |
name: m2repo-uber | |
path: ${{ runner.temp }}/m2 | |
openjdk-test: | |
needs: uberjar | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: [ubuntu-latest, macos-latest, self-hosted-linux-aarch64, self-hosted-mac-m1] | |
java: [8, 11] | |
include: | |
- java: 8 | |
suite_class: "org.conscrypt.Conscrypt(OpenJdk)?Suite" | |
- java: 11 | |
suite_class: "org.conscrypt.Conscrypt(OpenJdk)?Suite" | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- name: Set up Java | |
uses: actions/setup-java@v3 | |
with: | |
java-version: ${{ matrix.java }} | |
distribution: 'zulu' | |
- name: Set runner-specific environment variables | |
shell: bash | |
run: | | |
echo "TONGSUO_HOME=${{ runner.temp }}/Tongsuo" >> $GITHUB_ENV | |
mkdir -p "${{ runner.temp }}/Tongsuo" | |
- name: Download Maven repository for macOS X64 | |
if: runner.os == 'macOS' && runner.arch == 'x64' | |
uses: actions/download-artifact@v2 | |
with: | |
name: tongsuo_osx_x64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo | |
- name: Uncompress files | |
if: runner.os == 'macOS' && runner.arch == 'x64' | |
run: | | |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.x64.tgz -C ${{ runner.temp }}/Tongsuo | |
DYLD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.x64/lib ${{ runner.temp }}/Tongsuo/build.x64/bin/openssl version | |
- name: Download Maven repository for macOS arm64 | |
if: runner.os == 'macOS' && runner.arch == 'arm64' | |
uses: actions/download-artifact@v2 | |
with: | |
name: tongsuo_osx_arm64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo | |
- name: Uncompress files | |
if: runner.os == 'macOS' && runner.arch == 'arm64' | |
run: | | |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.arm64.tgz -C ${{ runner.temp }}/Tongsuo | |
DYLD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.arm64/lib ${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl version | |
- name: Download Maven repository for Linux X64 | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
uses: actions/download-artifact@v2 | |
with: | |
name: tongsuo_linux_x64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo | |
- name: Uncompress files | |
if: runner.os == 'Linux' && runner.arch == 'x64' | |
run: | | |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.x64.tgz -C ${{ runner.temp }}/Tongsuo && ls ${{ runner.temp }}/Tongsuo | |
LD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.x64/lib ${{ runner.temp }}/Tongsuo/build.x64/bin/openssl version | |
- name: Download Maven repository for Linux ARM64 | |
if: runner.os == 'Linux' && runner.arch == 'arm64' | |
uses: actions/download-artifact@v2 | |
with: | |
name: tongsuo_linux_arm64_bin.tgz | |
path: ${{ runner.temp }}/Tongsuo | |
- name: Uncompress files | |
if: runner.os == 'Linux' && runner.arch == 'arm64' | |
run: | | |
tar -xzvf ${{ runner.temp }}/Tongsuo/build.arm64.tgz -C ${{ runner.temp }}/Tongsuo && ls ${{ runner.temp }}/Tongsuo | |
LD_LIBRARY_PATH=${{ runner.temp }}/Tongsuo/build.arm64/lib ${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl version | |
- name: Download UberJAR | |
uses: actions/download-artifact@v2 | |
with: | |
name: m2repo-uber | |
path: m2 | |
- name: Download Test JAR with Dependencies | |
uses: actions/download-artifact@v2 | |
with: | |
name: testjar | |
path: testjar | |
- name: Download JUnit runner | |
shell: bash | |
run: mvn org.apache.maven.plugins:maven-dependency-plugin:3.1.2:copy -Dartifact=org.junit.platform:junit-platform-console-standalone:1.6.2 -DoutputDirectory=. -Dmdep.stripVersion=true | |
- name: Run JUnit tests | |
if: runner.arch == 'x64' | |
shell: bash | |
run: | | |
DIR="$(find m2/com/alibaba/dragonwell/security-native-uber -maxdepth 1 -mindepth 1 -type d -print)" | |
VERSION="${DIR##*/}" | |
TESTJAR="$(find testjar -name '*-tests.jar')" | |
zip -d $TESTJAR 'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*.DSA' | |
CLASS_PATH="$DIR/security-native-uber-$VERSION.jar:$TESTJAR" | |
PROPERTY0="-Dtest.babassl.path=${{ runner.temp }}/Tongsuo/build.x64/bin/openssl" | |
PROPERTY1="-Dtest.openssl.path=${{ runner.temp }}/Tongsuo/build.x64/bin/openssl" | |
PROPERTY2="-Dtest.babassl.lib.path=${{ runner.temp }}/Tongsuo/build.x64/lib" | |
PROPERTY3="-Dtest.openssl.lib.path=${{ runner.temp }}/Tongsuo/build.x64/lib" | |
PROPERTY4="-Dtest.classpath=$CLASS_PATH" | |
java $PROPERTY0 $PROPERTY1 $PROPERTY2 $PROPERTY3 $PROPERTY4 -jar junit-platform-console-standalone.jar -cp $CLASS_PATH -n='${{ matrix.suite_class }}' --scan-classpath --reports-dir=results --fail-if-no-tests | |
- name: Run JUnit tests | |
if: runner.arch == 'arm64' | |
shell: bash | |
run: | | |
DIR="$(find m2/com/alibaba/dragonwell/security-native-uber -maxdepth 1 -mindepth 1 -type d -print)" | |
VERSION="${DIR##*/}" | |
TESTJAR="$(find testjar -name '*-tests.jar')" | |
zip -d $TESTJAR 'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*.DSA' | |
CLASS_PATH="$DIR/security-native-uber-$VERSION.jar:$TESTJAR" | |
PROPERTY0="-Dtest.babassl.path=${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl" | |
PROPERTY1="-Dtest.openssl.path=${{ runner.temp }}/Tongsuo/build.arm64/bin/openssl" | |
PROPERTY2="-Dtest.babassl.lib.path=${{ runner.temp }}/Tongsuo/build.arm64/lib" | |
PROPERTY3="-Dtest.openssl.lib.path=${{ runner.temp }}/Tongsuo/build.arm64/lib" | |
PROPERTY4="-Dtest.classpath=$CLASS_PATH" | |
java $PROPERTY0 $PROPERTY1 $PROPERTY2 $PROPERTY3 $PROPERTY4 -jar junit-platform-console-standalone.jar -cp $CLASS_PATH -n='${{ matrix.suite_class }}' --scan-classpath --reports-dir=results --fail-if-no-tests | |
- name: Archive test results | |
if: ${{ always() }} | |
uses: actions/upload-artifact@v2 | |
with: | |
name: test-results-${{ matrix.platform }}-${{ matrix.java }} | |
path: results |