.github/workflows/build.yaml

   1 # The name of our workflow
   2 name: Build
   3 on:
   4   push:
   5   pull_request:
   6
   7 jobs:
   8   checkuncrustify:
   9     name: "Check code style with Uncrustify"
  10     # Ubuntu 22.04 has uncrustify 0.72_f
  11     runs-on: ubuntu-22.04
  12     steps:
  13       - name: Install dependencies
  14         run: sudo apt update && sudo apt install -y uncrustify
  15       - name: Checkout OpenVPN
  16         uses: actions/checkout@v3
  17         with:
  18           path: openvpn
  19       - name: Show uncrustify version
  20         run: uncrustify --version
  21       - name: Run uncrustify
  22         run: ./dev-tools/reformat-all.sh
  23         working-directory: openvpn
  24       - name: Check for changes
  25         run: git diff --output=uncrustify-changes.patch
  26         working-directory: openvpn
  27       - name: Show changes on standard output
  28         run: git diff
  29         working-directory: openvpn
  30       - uses: actions/upload-artifact@v3
  31         with:
  32           name: uncrustify-changes.patch
  33           path: 'openvpn/uncrustify-changes.patch'
  34       - name: Set job status
  35         run: test ! -s uncrustify-changes.patch
  36         working-directory: openvpn
  37
  38   mingw:
  39     strategy:
  40       fail-fast: false
  41       matrix:
  42         arch: [x86, x64]
  43
  44     name: "gcc-mingw - ${{ matrix.arch }} - OSSL"
  45     runs-on: ubuntu-22.04
  46     env:
  47       VCPKG_ROOT: ${{ github.workspace }}/vcpkg
  48     steps:
  49       - name: Install dependencies
  50         run: sudo apt update && sudo apt install -y mingw-w64 unzip cmake ninja-build build-essential wget python3-docutils man2html-base
  51       - name: Checkout OpenVPN
  52         uses: actions/checkout@v3
  53
  54       - name: Restore from cache and install vcpkg
  55         uses: lukka/run-vcpkg@v11
  56         with:
  57           vcpkgGitCommitId: '1ba9a2591f15af5900f2ce2b3e2bf31771e3ac48'
  58           vcpkgJsonGlob: '**/mingw/vcpkg.json'
  59
  60       - name: Run CMake with vcpkg.json manifest
  61         uses: lukka/run-cmake@v10
  62         with:
  63           configurePreset: mingw-${{ matrix.arch }}
  64           buildPreset: mingw-${{ matrix.arch }}
  65           buildPresetAdditionalArgs: "['--config Debug']"
  66
  67       - uses: actions/upload-artifact@v3
  68         with:
  69           name: openvpn-mingw-${{ matrix.arch }}
  70           path: |
  71             ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.exe
  72             ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.dll
  73             !${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/test_*.exe
  74
  75       - uses: actions/upload-artifact@v3
  76         with:
  77           name: openvpn-mingw-${{ matrix.arch }}-tests
  78           path: |
  79             ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/test_*.exe
  80             ${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.dll
  81
  82   mingw-unittest:
  83     needs: [ mingw ]
  84     strategy:
  85       fail-fast: false
  86       matrix:
  87         arch: [x86, x64]
  88         test: [argv, auth_token, buffer, cryptoapi, crypto, misc, ncp, packet_id, pkt, provider, tls_crypt]
  89
  90     runs-on: windows-latest
  91     name: "mingw unittest ${{ matrix.test }} - ${{ matrix.arch }} - OSSL"
  92     steps:
  93       - name: Retrieve mingw unittest
  94         uses: actions/download-artifact@v3
  95         with:
  96           name: openvpn-mingw-${{ matrix.arch }}-tests
  97           path: unittests
  98       - name: Run ${{ matrix.test }} unit test
  99         run: ./unittests/test_${{ matrix.test }}.exe
 100
 101   ubuntu:
 102     strategy:
 103       fail-fast: false
 104       matrix:
 105         os: [ubuntu-20.04, ubuntu-22.04]
 106         sslpkg: [libmbedtls-dev]
 107         ssllib: [mbedtls]
 108         libname: [mbed TLS]
 109
 110         include:
 111           - os: ubuntu-20.04
 112             sslpkg: "libssl-dev"
 113             libname: OpenSSL 1.1.1
 114             ssllib: openssl
 115           - os: ubuntu-22.04
 116             sslpkg: "libssl-dev"
 117             libname: OpenSSL 3.0.2
 118             ssllib: openssl
 119             pkcs11pkg: "libpkcs11-helper1-dev softhsm2 gnutls-bin"
 120             extraconf: --enable-pkcs11
 121           - os: ubuntu-20.04
 122             sslpkg: "libssl-dev"
 123             libname: OpenSSL 1.1.1
 124             ssllib: openssl
 125             pkcs11pkg: "libpkcs11-helper1-dev softhsm2 gnutls-bin"
 126             extraconf: "--enable-iproute2 --enable-pkcs11"
 127           - os: ubuntu-20.04
 128             sslpkg: "libssl-dev"
 129             libname: OpenSSL 1.1.1
 130             ssllib: openssl
 131             extraconf: "--enable-async-push"
 132           - os: ubuntu-20.04
 133             sslpkg: "libssl-dev"
 134             libname: OpenSSL 1.1.1
 135             ssllib: openssl
 136             extraconf: "--disable-management"
 137           - os: ubuntu-20.04
 138             sslpkg: "libssl-dev"
 139             libname: OpenSSL 1.1.1
 140             ssllib: openssl
 141             extraconf: "--enable-small"
 142           - os: ubuntu-20.04
 143             sslpkg: "libssl-dev"
 144             libname: OpenSSL 1.1.1
 145             ssllib: openssl
 146             extraconf: "--disable-lzo --disable-lz4"
 147
 148     name: "gcc - ${{matrix.os}} - ${{matrix.libname}} ${{matrix.extraconf}}"
 149     env:
 150       SSLPKG: "${{matrix.sslpkg}}"
 151       PKCS11PKG: "${{matrix.pkcs11pkg}}"
 152
 153     runs-on: ${{matrix.os}}
 154     steps:
 155       - name: Install dependencies
 156         run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${PKCS11PKG}
 157       - name: Checkout OpenVPN
 158         uses: actions/checkout@v3
 159       - name: autoconf
 160         run: autoreconf -fvi
 161       - name: configure
 162         run: ./configure --with-crypto-library=${{matrix.ssllib}} ${{matrix.extraconf}} --enable-werror
 163       - name: make all
 164         run: make -j3
 165       - name: make check
 166         run: make check VERBOSE=1
 167
 168   ubuntu-clang-asan:
 169     strategy:
 170       fail-fast: false
 171       matrix:
 172         os: [ubuntu-20.04]
 173         ssllib: [mbedtls, openssl]
 174
 175     name: "clang-asan - ${{matrix.os}} - ${{matrix.ssllib}}"
 176
 177     env:
 178       UBSAN_OPTIONS: print_stacktrace=1
 179
 180     runs-on: ${{matrix.os}}
 181     steps:
 182       - name: Install dependencies
 183         run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev
 184       - name: Checkout OpenVPN
 185         uses: actions/checkout@v3
 186       - name: autoconf
 187         run: autoreconf -fvi
 188       - name: configure
 189         run: CFLAGS="-fsanitize=address,undefined -fno-sanitize-recover=all  -fno-omit-frame-pointer -O2" CC=clang ./configure --with-crypto-library=${{matrix.ssllib}} --enable-werror
 190       - name: make all
 191         run: make -j3
 192       - name: make check
 193         run: make check VERBOSE=1
 194
 195   macos:
 196     strategy:
 197       fail-fast: false
 198       matrix:
 199         ssllib: [ openssl11, openssl3, libressl]
 200         build: [ normal, asan ]
 201         os: [macos-11, macos-12, macos-13]
 202         include:
 203           - build: asan
 204             cflags: "-fsanitize=address,undefined -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
 205             ldflags: -fsanitize=address,undefined -fno-sanitize-recover=all
 206             # Our build system ignores LDFLAGS for plugins
 207             configureflags: --disable-plugin-auth-pam  --disable-plugin-down-root
 208           - build: normal
 209             cflags: "-O2 -g"
 210             ldflags: ""
 211             configureflags: ""
 212           - ssllib: openssl11
 213             libdir: openssl@1.1
 214             configuressllib: ""
 215           - ssllib: openssl3
 216             libdir: openssl@3
 217             configuressllib: ""
 218           - ssllib: libressl
 219             libdir: libressl
 220             configuressllib: "--with-openssl-engine=no"
 221
 222     runs-on: ${{matrix.os}}
 223     name: "${{matrix.os}} - ${{matrix.libdir}} - ${{matrix.build}}"
 224     env:
 225       CFLAGS: ${{ matrix.cflags }}
 226       LDFLAGS: ${{ matrix.ldflags }}
 227       OPENSSL_CFLAGS: "-I/usr/local/opt/${{matrix.libdir}}/include"
 228       OPENSSL_LIBS: "-L/usr/local/opt/${{matrix.libdir}}/lib -lcrypto -lssl"
 229       UBSAN_OPTIONS: print_stacktrace=1
 230     steps:
 231       - name: Install dependencies
 232         run: brew install openssl@1.1 openssl@3 lzo lz4 man2html cmocka libtool automake autoconf libressl
 233       - name: Checkout OpenVPN
 234         uses: actions/checkout@v3
 235       - name: autoconf
 236         run: autoreconf -fvi
 237       - name: configure
 238         run: ./configure --enable-werror ${{matrix.configureflags}} ${{matrix.configuressllib}}
 239       - name: make all
 240         run: make -j4
 241       - name: make check
 242         run: make check VERBOSE=1
 243
 244   msvc:
 245       strategy:
 246         fail-fast: false
 247         matrix:
 248           arch: [amd64, x86, arm64]
 249
 250       name: "msbuild - ${{ matrix.arch }} - openssl"
 251       env:
 252         BUILD_CONFIGURATION: Release
 253
 254       runs-on: windows-latest
 255       steps:
 256       - uses: actions/checkout@v3
 257       - uses: lukka/get-cmake@latest
 258
 259       - name: Install rst2html
 260         run: python -m pip install --upgrade pip docutils
 261
 262       - name: Restore artifacts, or setup vcpkg (do not install any package)
 263         uses: lukka/run-vcpkg@v11
 264         with:
 265           vcpkgGitCommitId: '1ba9a2591f15af5900f2ce2b3e2bf31771e3ac48'
 266           vcpkgJsonGlob: '**/windows/vcpkg.json'
 267
 268       - name: Run CMake with vcpkg.json manifest (NO TESTS)
 269         uses: lukka/run-cmake@v10
 270         if: ${{ matrix.arch == 'arm64' }}
 271         with:
 272           configurePreset: win-${{ matrix.arch }}-release
 273           buildPreset: win-${{ matrix.arch }}-release
 274
 275       - name: Run CMake with vcpkg.json manifest
 276         uses: lukka/run-cmake@v10
 277         if: ${{ matrix.arch != 'arm64' }}
 278         with:
 279           configurePreset: win-${{ matrix.arch }}-release
 280           buildPreset: win-${{ matrix.arch }}-release
 281           testPreset: win-${{ matrix.arch }}-release
 282
 283       - uses: actions/upload-artifact@v3
 284         with:
 285           name: openvpn-msvc-${{ matrix.arch }}
 286           path: |
 287             ${{ github.workspace }}/out/**/*.exe
 288             ${{ github.workspace }}/out/**/*.dll
 289             !${{ github.workspace }}/out/**/test_*.exe
 290             !${{ github.workspace }}/out/**/CMakeFiles/**
 291             !${{ github.workspace }}/out/**/vcpkg_installed/**
 292
 293   libressl:
 294     strategy:
 295       fail-fast: false
 296       matrix:
 297         os: [ubuntu-22.04]
 298         ssllib: [libressl]
 299         build: [ normal, asan ]
 300         configureflags: ["--with-openssl-engine=no"]
 301         include:
 302           - build: asan
 303             cflags: "-fsanitize=address -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
 304             ldflags: -fsanitize=address -fno-sanitize-recover=all
 305             cc: clang
 306           - build: normal
 307             cflags: "-O2 -g"
 308             ldflags: ""
 309             cc: gcc
 310
 311     name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
 312     runs-on: ${{matrix.os}}
 313     env:
 314       CFLAGS: ${{ matrix.cflags }}
 315       LDFLAGS: ${{ matrix.ldflags }}
 316       CC: ${{matrix.cc}}
 317       UBSAN_OPTIONS: print_stacktrace=1
 318
 319     steps:
 320       - name: Install dependencies
 321         run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
 322       - name: "libressl: checkout"
 323         uses: actions/checkout@v3
 324         with:
 325           path: libressl
 326           repository: libressl/portable
 327           ref: v3.8.2
 328       - name: "libressl: autogen.sh"
 329         run: ./autogen.sh
 330         working-directory: libressl
 331       - name: "libressl: configure"
 332         run: ./configure
 333         working-directory: libressl
 334       - name: "libressl: make all"
 335         run: make -j3
 336         working-directory: libressl
 337       - name: "libressl: make install"
 338         run: sudo make install
 339         working-directory: libressl
 340       - name: "ldconfig"
 341         run: sudo ldconfig
 342       - name: Checkout OpenVPN
 343         uses: actions/checkout@v3
 344       - name: autoconf
 345         run: autoreconf -fvi
 346       - name: configure
 347         run: ./configure --with-crypto-library=openssl ${{matrix.configureflags}} --enable-werror
 348       - name: make all
 349         run: make -j3
 350       - name: make check
 351         run: make check VERBOSE=1
 352
 353   mbedtls3:
 354     strategy:
 355       fail-fast: false
 356       matrix:
 357         os: [ubuntu-22.04]
 358         ssllib: [mbedtls3]
 359         build: [ normal, asan ]
 360         include:
 361           - build: asan
 362             cflags: "-fsanitize=address -fno-sanitize-recover=all  -fno-optimize-sibling-calls -fsanitize-address-use-after-scope -fno-omit-frame-pointer -g -O1"
 363             ldflags: -fsanitize=address -fno-sanitize-recover=all
 364             cc: clang
 365           - build: normal
 366             cflags: "-O2 -g"
 367             ldflags: ""
 368             cc: gcc
 369
 370     name: "${{matrix.cc}} ${{matrix.build}} - ${{matrix.os}} - ${{matrix.ssllib}}"
 371     runs-on: ${{matrix.os}}
 372     env:
 373       CFLAGS: ${{ matrix.cflags }}
 374       LDFLAGS: ${{ matrix.ldflags }}
 375       CC: ${{matrix.cc}}
 376       UBSAN_OPTIONS: print_stacktrace=1
 377
 378     steps:
 379       - name: Install dependencies
 380         run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
 381       - name: "mbedtls: checkout"
 382         uses: actions/checkout@v3
 383         with:
 384           path: mbedtls
 385           repository: Mbed-TLS/mbedtls
 386           ref: v3.5.0
 387       - name: "mbedtls: make no_test"
 388         run: make -j3 no_test SHARED=1
 389         working-directory: mbedtls
 390       - name: "mbedtls: make install"
 391         run: sudo make install DESTDIR=/usr
 392         working-directory: mbedtls
 393       - name: Checkout OpenVPN
 394         uses: actions/checkout@v3
 395       - name: autoconf
 396         run: autoreconf -fvi
 397       - name: configure
 398         run: ./configure --with-crypto-library=mbedtls
 399       - name: make all
 400         run: make -j3
 401       - name: make check
 402         run: make check VERBOSE=1