From: Otto Moerbeek Date: Mon, 12 Jun 2023 12:28:37 +0000 (+0200) Subject: rec-4.9.x: specialize GH workflows for branch X-Git-Tag: rec-4.9.0-rc1^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a14fa82d366ba438fd62be256d0b0fd48979f582;p=thirdparty%2Fpdns.git rec-4.9.x: specialize GH workflows for branch --- diff --git a/.github/workflows/build-and-test-all.yml b/.github/workflows/build-and-test-all.yml index 9c33fb8393..dd66697fb5 100644 --- a/.github/workflows/build-and-test-all.yml +++ b/.github/workflows/build-and-test-all.yml @@ -16,73 +16,6 @@ env: REPO_HOME: '/__w/pdns/pdns' jobs: - build-auth: - name: build auth - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - ASAN_OPTIONS: detect_leaks=0 - FUZZING_TARGETS: yes - SANITIZERS: asan+ubsan - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - UNIT_TESTS: yes - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - outputs: - clang-tidy-failed: ${{ steps.clang-tidy-annotations.outputs.failed }} - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: get timestamp for cache - id: get-stamp - run: | - echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT" - shell: bash - - run: mkdir -p ~/.ccache - - name: let GitHub cache our ccache data - uses: actions/cache@v3 - with: - path: ~/.ccache - key: auth-ccache-${{ steps.get-stamp.outputs.stamp }} - restore-keys: auth-ccache- - - run: inv ci-autoconf - - run: inv ci-auth-configure - - run: inv ci-auth-make-bear # This runs under pdns/ - - run: ln -s .clang-tidy.full .clang-tidy - - name: Run clang-tidy - working-directory: pdns - run: git diff -U0 HEAD^..HEAD | python3 ../.github/scripts/git-filter.py | python3 /usr/bin/clang-tidy-diff-${CLANG_VERSION}.py -clang-tidy-binary /usr/bin/clang-tidy-${CLANG_VERSION} -extra-arg=-ferror-limit=0 -p2 -export-fixes clang-tidy-auth.yml - - name: Print clang-tidy fixes YAML - working-directory: pdns - shell: bash - run: | - if [ -f clang-tidy-auth.yml ]; then - cat clang-tidy-auth.yml - fi - - name: Result annotations - id: clang-tidy-annotations - shell: bash - working-directory: pdns - run: | - if [ -f clang-tidy-auth.yml ]; then - set +e - python3 ../.github/scripts/clang-tidy.py --fixes-file clang-tidy-auth.yml - echo "failed=$?" >> $GITHUB_OUTPUT - fi - - run: inv ci-auth-install-remotebackend-test-deps - - run: inv ci-auth-run-unit-tests - - run: inv ci-make-install - - run: ccache -s - - name: Store the binaries - uses: actions/upload-artifact@v3 # this takes 30 seconds, maybe we want to tar - with: - name: pdns-auth - path: /opt/pdns-auth - retention-days: 1 - build-recursor: name: build recursor if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} @@ -151,264 +84,6 @@ jobs: path: /opt/pdns-recursor retention-days: 1 - build-dnsdist: - name: build dnsdist - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - features: [least, full] - exclude: - - sanitizers: tsan - features: least - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - ASAN_OPTIONS: detect_leaks=0 - SANITIZERS: ${{ matrix.sanitizers }} - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - UNIT_TESTS: yes - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - defaults: - run: - working-directory: ./pdns/dnsdistdist/ - outputs: - clang-tidy-failed: ${{ steps.clang-tidy-annotations.outputs.failed }} - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: get timestamp for cache - id: get-stamp - run: | - echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT" - shell: bash - - run: mkdir -p ~/.ccache - - name: let GitHub cache our ccache data - uses: actions/cache@v3 - with: - path: ~/.ccache - key: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }} - restore-keys: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache- - - run: inv ci-autoconf - - run: inv ci-dnsdist-configure ${{ matrix.features }} - - run: inv ci-dnsdist-make-bear - - run: ln -s ../../.clang-tidy.full .clang-tidy - - name: Run clang-tidy - run: git diff -U0 HEAD^..HEAD | python3 ../../.github/scripts/git-filter.py | python3 /usr/bin/clang-tidy-diff-${CLANG_VERSION}.py -clang-tidy-binary /usr/bin/clang-tidy-${CLANG_VERSION} -extra-arg=-ferror-limit=0 -p3 -export-fixes clang-tidy-dnsdist.yml - - name: Print clang-tidy fixes YAML - shell: bash - run: | - if [ -f clang-tidy-dnsdist.yml ]; then - cat clang-tidy-dnsdist.yml - fi - - name: Result annotations - id: clang-tidy-annotations - shell: bash - run: | - if [ -f clang-tidy-dnsdist.yml ]; then - set +e - python ../../.github/scripts/clang-tidy.py --fixes-file clang-tidy-dnsdist.yml - echo "failed=$?" >> $GITHUB_OUTPUT - fi - - run: inv ci-dnsdist-run-unit-tests - - run: inv ci-make-install - - run: ccache -s - - name: Store the binaries - uses: actions/upload-artifact@v3 # this takes 30 seconds, maybe we want to tar - with: - name: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }} - path: /opt/dnsdist - retention-days: 1 - - test-auth-api: - needs: build-auth - runs-on: ubuntu-20.04 - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-tsan.supp" - AUTH_BACKEND_IP_ADDR: "172.17.0.1" - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - strategy: - matrix: - include: - - backend: gsqlite3 - image: coscale/docker-sleep - - backend: gmysql - image: mysql:5 - - backend: gpgsql - image: postgres:9 - - backend: lmdb - image: coscale/docker-sleep - fail-fast: false - services: - database: - image: ${{ matrix.image }} - env: - POSTGRES_USER: runner - POSTGRES_HOST_AUTH_METHOD: trust - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - 5432:5432 - # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too. - options: >- - --restart always - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - - run: inv apt-fresh - - run: inv install-clang-runtime - - run: inv install-auth-test-deps -b ${{ matrix.backend }} - - run: inv test-api auth -b ${{ matrix.backend }} - - test-auth-backend: - needs: build-auth - runs-on: ubuntu-20.04 - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - LDAPHOST: ldap://ldapserver/ - ODBCINI: /github/home/.odbc.ini - AUTH_BACKEND_IP_ADDR: "172.17.0.1" - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - strategy: - matrix: - include: - - backend: remote - image: coscale/docker-sleep - env: {} - ports: [] - - backend: gmysql - image: mysql:5 - env: - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - backend: gmysql - image: mariadb:10 - env: - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - backend: gpgsql - image: postgres:9 - env: - POSTGRES_USER: runner - POSTGRES_HOST_AUTH_METHOD: trust - ports: - - 5432:5432 - - backend: gsqlite3 # this also runs regression-tests.nobackend and pdnsutil test-algorithms - image: coscale/docker-sleep - env: {} - ports: [] - - backend: lmdb - image: coscale/docker-sleep - env: {} - ports: [] - - backend: bind - image: coscale/docker-sleep - env: {} - ports: [] - - backend: geoip - image: coscale/docker-sleep - env: {} - ports: [] - - backend: lua2 - image: coscale/docker-sleep - env: {} - ports: [] - - backend: tinydns - image: coscale/docker-sleep - env: {} - ports: [] - - backend: authpy - image: coscale/docker-sleep - env: {} - ports: [] - - backend: godbc_sqlite3 - image: coscale/docker-sleep - env: {} - ports: [] - - backend: godbc_mssql - image: mcr.microsoft.com/mssql/server:2017-GA-ubuntu - env: - ACCEPT_EULA: Y - SA_PASSWORD: 'SAsa12%%' - ports: - - 1433:1433 - - backend: ldap - image: powerdns/ldap-regress:1.2.4-1 - env: - LDAP_LOG_LEVEL: 0 - CONTAINER_LOG_LEVEL: 4 - ports: - - 389:389 - - backend: geoip_mmdb - image: coscale/docker-sleep - env: {} - ports: [] - fail-fast: false - services: - database: - image: ${{ matrix.image }} - env: ${{ matrix.env }} - ports: ${{ matrix.ports }} - # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too. - options: >- - --restart always - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - # FIXME: install recursor for backends that have ALIAS - - run: inv install-clang-runtime - - run: inv install-auth-test-deps -b ${{ matrix.backend }} - - run: inv test-auth-backend -b ${{ matrix.backend }} - - test-ixfrdist: - needs: build-auth - runs-on: ubuntu-20.04 - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - - run: inv install-clang-runtime - - run: inv install-auth-test-deps - - run: inv test-ixfrdist - test-recursor-api: needs: build-recursor runs-on: ubuntu-20.04 @@ -505,79 +180,19 @@ jobs: - run: inv install-rec-bulk-deps - run: inv test-bulk-recursor ${{ matrix.threads }} ${{ matrix.mthreads }} ${{ matrix.shards }} - test-dnsdist-regression: - needs: build-dnsdist - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - container: - image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" - # Disabling (intercept_send=0) the custom send wrappers for ASAN and TSAN because they cause the tools to report a race that doesn't exist on actual implementations of send(), see https://github.com/google/sanitizers/issues/1498 - ASAN_OPTIONS: detect_leaks=0:intercept_send=0 - TSAN_OPTIONS: "halt_on_error=1:intercept_send=0:suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-tsan.supp" - # IncludeDir tests are disabled because of a weird interaction between TSAN and these tests which ever only happens on GH actions - SKIP_INCLUDEDIR_TESTS: yes - options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: dnsdist-full-${{ matrix.sanitizers }} - path: /opt/dnsdist - - run: inv install-clang-runtime - - run: inv install-dnsdist-test-deps - - run: inv test-dnsdist - - swagger-syntax-check: - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - # FIXME: https://github.com/PowerDNS/pdns/pull/12880 - # container: - # image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master - # options: --sysctl net.ipv6.conf.all.disable_ipv6=0 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-swagger-tools - - run: inv swagger-syntax-check - check-clang-tidy: - needs: [build-auth, build-dnsdist, build-recursor] + needs: [build-recursor] runs-on: ubuntu-20.04 name: Check whether clang-tidy succeeded steps: - run: | - if [ "x${{ needs.build-auth.outputs.clang-tidy-failed }}" != "x" -a "${{ needs.build-auth.outputs.clang-tidy-failed }}" != "0" ]; then - exit 1 - fi - if [ "x${{ needs.build-dnsdist.outputs.clang-tidy-failed }}" != "x" -a "${{ needs.build-dnsdist.outputs.clang-tidy-failed }}" != "0" ]; then - exit 1 - fi if [ "x${{needs.build-recursor.outputs.clang-tidy-failed}}" != "x" -a "${{needs.build-recursor.outputs.clang-tidy-failed}}" != "0" ]; then exit 1 fi collect: needs: - - build-auth - - build-dnsdist - build-recursor - - swagger-syntax-check - - test-auth-api - - test-auth-backend - - test-dnsdist-regression - - test-ixfrdist - test-recursor-api - test-recursor-regression - test-recursor-bulk diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml index f0edb1afc0..cf180ee90c 100644 --- a/.github/workflows/builder.yml +++ b/.github/workflows/builder.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-20.04 strategy: matrix: - product: ['authoritative', 'recursor', 'dnsdist'] + product: ['recursor'] os: - centos-7 - el-8 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c37001a7e5..d708ef8d0b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -26,7 +26,7 @@ jobs: # Override automatic language detection by changing the below list # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] language: ['cpp'] - product: ['auth', 'rec', 'dnsdist'] + product: ['rec'] # Learn more... # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 82221b5dd8..1346a15daa 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-20.04 strategy: matrix: - product: ['auth', 'recursor', 'dnsdist'] + product: ['recursor'] steps: - uses: actions/checkout@v3 with: diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml deleted file mode 100644 index c02b266a22..0000000000 --- a/.github/workflows/documentation.yml +++ /dev/null @@ -1,111 +0,0 @@ ---- -name: 'Documentation' - -on: - push: - branches: [master] - pull_request: - branches: [master] - -permissions: - contents: read - -jobs: - build-upload-docs: - name: Build and upload docs - runs-on: ubuntu-20.04 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade # this runs apt update - - run: inv install-doc-deps - - run: inv install-doc-deps-pdf - - - id: get-version - run: echo "pdns_version=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - - id: setup-ssh - run: |- - inv ci-docs-add-ssh --ssh-key="$SSH_KEY" --host-key="$HOST_KEY" - echo "have_ssh_key=yes" >> $GITHUB_OUTPUT - env: - SSH_KEY: ${{secrets.WEB1_DOCS_SECRET}} - HOST_KEY: ${{vars.WEB1_HOSTKEY}} - if: ${{github.ref_name == 'master' && env.SSH_KEY != ''}} - - # Auth - - run: inv ci-docs-build - - run: mv html auth-html-docs - working-directory: ./docs/_build - - run: tar cf auth-html-docs.tar auth-html-docs - working-directory: ./docs/_build - - uses: actions/upload-artifact@v3 - with: - name: authoritative-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./docs/_build/auth-html-docs.tar - - run: bzip2 auth-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./docs/_build - - run: inv ci-docs-build-pdf - - uses: actions/upload-artifact@v3 - with: - name: PowerDNS-Authoritative-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./docs/_build/latex/PowerDNS-Authoritative.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Authoritative.pdf" --username="docs_powerdns_com" --product="auth" --directory="/${AUTH_DOCS_DIR}/" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - AUTH_DOCS_DIR: ${{vars.AUTH_DOCS_DIR}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - - # Rec - - run: inv ci-docs-build - working-directory: ./pdns/recursordist - - run: mv html rec-html-docs - working-directory: ./pdns/recursordist/docs/_build - - run: tar cf rec-html-docs.tar rec-html-docs - working-directory: ./pdns/recursordist/docs/_build - - uses: actions/upload-artifact@v3 - with: - name: recursor-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./pdns/recursordist/docs/_build/rec-html-docs.tar - - run: bzip2 rec-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./pdns/recursordist/docs/_build - - run: inv ci-docs-build-pdf - working-directory: ./pdns/recursordist - - uses: actions/upload-artifact@v3 - with: - name: PowerDNS-Recursor-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./pdns/recursordist/docs/_build/latex/PowerDNS-Recursor.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Recursor.pdf" --username="docs_powerdns_com" --product="rec" --directory="/${REC_DOCS_DIR}/" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - REC_DOCS_DIR: ${{vars.REC_DOCS_DIR}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - working-directory: ./pdns/recursordist - - # DNSdist - - run: inv ci-docs-build - working-directory: ./pdns/dnsdistdist - - run: mv html dnsdist-html-docs - working-directory: ./pdns/dnsdistdist/docs/_build - - run: tar cf dnsdist-html-docs.tar dnsdist-html-docs - working-directory: ./pdns/dnsdistdist/docs/_build - - uses: actions/upload-artifact@v3 - with: - name: dnsdist-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./pdns/dnsdistdist/docs/_build/dnsdist-html-docs.tar - - run: bzip2 dnsdist-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./pdns/dnsdistdist/docs/_build - - run: inv ci-docs-build-pdf - working-directory: ./pdns/dnsdistdist - - uses: actions/upload-artifact@v3 - with: - name: dnsdist-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./pdns/dnsdistdist/docs/_build/latex/dnsdist.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="dnsdist.pdf" --username="dnsdist_org" --product="dnsdist" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - working-directory: ./pdns/dnsdistdist diff --git a/.github/workflows/secpoll.yml b/.github/workflows/secpoll.yml deleted file mode 100644 index e1e4463f9e..0000000000 --- a/.github/workflows/secpoll.yml +++ /dev/null @@ -1,32 +0,0 @@ ---- -name: 'Verify secpoll zone syntax' - -on: - push: - pull_request: - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - build: - name: check secpoll zone - # on a ubuntu-20.04 VM - runs-on: ubuntu-20.04 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: sh docs/secpoll-check.sh docs/secpoll.zone - - run: echo 'deb [arch=amd64] http://repo.powerdns.com/ubuntu focal-auth-master main' | sudo tee /etc/apt/sources.list.d/pdns.list - - run: "echo -ne 'Package: pdns-*\nPin: origin repo.powerdns.com\nPin-Priority: 600\n' | sudo tee /etc/apt/preferences.d/pdns" - - run: sudo curl https://repo.powerdns.com/CBC8B383-pub.asc -o /etc/apt/trusted.gpg.d/CBC8B383-pub.asc - - run: sudo apt-get update - - run: sudo systemctl mask pdns - - run: sudo apt-get install -y pdns-server pdns-backend-sqlite3 - - run: "echo -ne 'launch=gsqlite3\ngsqlite3-database=/var/lib/powerdns/pdns.sqlite3\n' | sudo tee /etc/powerdns/pdns.conf" - - run: sudo sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql - - run: sudo pdnsutil load-zone secpoll.powerdns.com docs/secpoll.zone - - run: sudo pdnsutil check-zone secpoll.powerdns.com diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml deleted file mode 100644 index c250cd1046..0000000000 --- a/.github/workflows/spelling.yml +++ /dev/null @@ -1,19 +0,0 @@ -# spelling.yml is disabled per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p -name: Workflow should not run! -on: - push: - branches: '' - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - placeholder: - name: Should be disabled - runs-on: ubuntu-latest - if: false - steps: - - name: Task - run: | - echo 'Running this task would be bad' - exit 1 diff --git a/.github/workflows/spelling2.yml b/.github/workflows/spelling2.yml deleted file mode 100644 index 055dd17304..0000000000 --- a/.github/workflows/spelling2.yml +++ /dev/null @@ -1,16 +0,0 @@ -# spelling2.yml is disabled per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-p8r9-69g4-jwqq -name: Workflow should not run! -on: - push: - branches: '' - -jobs: - placeholder: - name: Should be disabled - runs-on: ubuntu-latest - if: false - steps: - - name: Task - run: | - echo 'Running this task would be bad' - exit 1 diff --git a/.github/workflows/spelling3.yml b/.github/workflows/spelling3.yml deleted file mode 100644 index 5888f89a12..0000000000 --- a/.github/workflows/spelling3.yml +++ /dev/null @@ -1,64 +0,0 @@ -# spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p -# spelling2.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-p8r9-69g4-jwqq -name: Spell checking - -on: - push: - branches: - - "**" - tags-ignore: - - "**" - pull_request: - branches: - - "**" - tags-ignore: - - "**" - types: - - 'opened' - - 'reopened' - - 'synchronize' - -jobs: - spelling: - name: Spell checking - permissions: - # contents-read is needed to checkout in private repositories - contents: read - # actions-read is needed (possibly only for private repositories) - # to identify the workflow's filename until - # https://github.com/actions/runner/issues/853 is fixed - actions: read - # security-events-write is needed according to the documentation: - # https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions - security-events: write - outputs: - followup: ${{ steps.spelling.outputs.followup }} - runs-on: ubuntu-latest - if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'" - concurrency: - group: spelling-${{ github.event.pull_request.number || github.ref }} - # note: If you use only_check_changed_files, you do not want cancel-in-progress - cancel-in-progress: true - steps: - - name: check-spelling - id: spelling - uses: check-spelling/check-spelling@v0.0.21 - with: - config: .github/actions/spell-check - checkout: true - spell_check_this: check-spelling/spell-check-this@prerelease - post_comment: 0 - use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }} - extra_dictionaries: - cspell:software-terms/src/software-terms.txt - cspell:python/src/python/python-lib.txt - cspell:node/node.txt - cspell:python/src/common/extra.txt - cspell:fullstack/fullstack.txt - cspell:html/html.txt - cspell:aws/aws.txt - cspell:npm/npm.txt - cspell:cpp/src/stdlib-cpp.txt - cspell:python/src/python/python.txt - cspell:django/django.txt - check_extra_dictionaries: ''