SANITIZERS: asan+ubsan
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
UNIT_TESTS: yes
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
defaults:
run:
working-directory: ./pdns-${{ env.BUILDER_VERSION }}
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
SANITIZERS: ${{ matrix.sanitizers }}
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
UNIT_TESTS: yes
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
defaults:
run:
working-directory: ./pdns/recursordist/pdns-recursor-${{ env.BUILDER_VERSION }}
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
UNIT_TESTS: yes
FUZZING_TARGETS: yes
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
defaults:
run:
working-directory: ./pdns/dnsdistdist/dnsdist-${{ env.BUILDER_VERSION }}
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
ASAN_OPTIONS: detect_leaks=0
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-tsan.supp"
AUTH_BACKEND_IP_ADDR: "172.17.0.1"
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
strategy:
matrix:
include:
options: >-
--restart always
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
LDAPHOST: ldap://ldapserver/
ODBCINI: /github/home/.odbc.ini
AUTH_BACKEND_IP_ADDR: "172.17.0.1"
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
strategy:
matrix:
include:
options: >-
--restart always
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
env:
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
ASAN_OPTIONS: detect_leaks=0
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
ASAN_OPTIONS: detect_leaks=0
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp'
ASAN_OPTIONS: detect_leaks=0
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
# - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
- uses: actions/checkout@v4
with:
UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp'
ASAN_OPTIONS: detect_leaks=0
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
- options: --sysctl net.ipv6.conf.all.disable_ipv6=0
+ options: --privileged --sysctl net.ipv6.conf.all.disable_ipv6=0
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5
COVERAGE: yes
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 --privileged
steps:
+ # workaround issue 9491 repo actions/runner-images
+ - name: get runner image version
+ id: runner-image-version
+ run: |
+ echo "image-version=$(echo $ImageVersion)" >> "$GITHUB_OUTPUT"
+ working-directory: .
+ - name: modify number of bits to use for aslr entropy
+ if: ${{ steps.runner-image-version.outputs.ImageVersion }} == '20240310.1.0'
+ run: |
+ sudo sysctl -a | grep vm.mmap.rnd
+ sudo sysctl -w vm.mmap_rnd_bits=28
+ working-directory: .
- uses: actions/checkout@v4
with:
fetch-depth: 5