version: 2.1 commands: checkout-shallow: description: "Do a shallow checkout of the repository" steps: - run: name: Install git and openssh command: apt-get update && apt-get -qq -y install openssh-client git - run: name: Store the keyid for the git repo command: mkdir -p $HOME/.ssh && ssh-keyscan $(echo ${CIRCLE_REPOSITORY_URL} | sed 's,.*@\([^:]*\):.*,\1,') > $HOME/.ssh/known_hosts - run: name: Clone the repo command: | mkdir -p /opt/project if [ -n "$CIRCLE_PR_NUMBER" ] then echo === Checking out PR "$CIRCLE_PR_NUMBER" from "$CIRCLE_REPOSITORY_URL" git clone --depth 1 $CIRCLE_REPOSITORY_URL /opt/project cd /opt/project git fetch --depth 1 origin +refs/pull/${CIRCLE_PR_NUMBER}/merge git checkout -qf FETCH_HEAD else echo === Checking out branch "${CIRCLE_BRANCH}" from "$CIRCLE_REPOSITORY_URL" git clone --depth 1 --branch $CIRCLE_BRANCH $CIRCLE_REPOSITORY_URL /opt/project fi cd /opt/project git --no-pager show -s get-workspace: description: "Attach workspace to /opt and symlink checkout into home" steps: - run: name: ensure ca-certificates is installed command: apt-get update && apt-get -qq -y install ca-certificates - attach_workspace: at: /opt - run: name: symlink checkout into home command: rmdir ~/project && ln -s /opt/project ~/project - run: name: include $BASH_ENV for both interactive and non-interactive shells command: echo '. $BASH_ENV' >> $HOME/.bashrc install-coverity-tools: description: Install the coverity tools to /usr/local steps: - run: name: Install Coverity tools command: curl -s https://scan.coverity.com/download/linux64 --data "token=${COVERITY_TOKEN}&project=${COVERITY_PROJECT}" | gunzip | tar xvf /dev/stdin --strip-components=1 --no-same-owner -C /usr/local add-docs-upload-ssh: description: Add ssh known_hosts fingerprints steps: - run: command: mkdir -p $HOME/.ssh && echo "${DOCS_HOST} ${DOCS_FINGERPRINT}" > $HOME/.ssh/known_hosts - add_ssh_keys: fingerprints: - "3e:0a:aa:2c:30:69:89:f3:eb:17:c1:3f:3b:78:40:7a" auth-regress-setup: description: Prepare the environment for auth regression tests steps: - get-workspace - install-auth-deps - run: name: Install test dependencies command: | apt-get -y -qq install \ bc \ bind9utils \ curl \ default-jre-headless \ dnsutils \ ldnsutils \ libnet-dns-perl \ pdns-recursor \ unbound-host - run: name: Install jdnssectools command: | if [ ! -e $HOME/bin/jdnssec-verifyzone ]; then apt-get install -qq -y wget wget https://github.com/dblacka/jdnssec-tools/releases/download/0.14/jdnssec-tools-0.14.tar.gz tar xfz jdnssec-tools-0.14.tar.gz -C $HOME rm jdnssec-tools-0.14.tar.gz fi echo 'export PATH=$HOME/jdnssec-tools-0.14/bin:$PATH' >> $BASH_ENV - run: name: Allow missing tools in verify-dnssec-zone command: touch regression-tests/tests/verify-dnssec-zone/allow-missing - run: name: Start PowerDNS Recursor in the background command: pdns_recursor background: true auth-regress: description: Run one auth regression context parameters: skip: type: string default: "" rootskip: type: string default: "" doroot: type: boolean default: true context: type: string default: "" prefix: type: string default: "/opt/pdns-auth/" steps: - run: workdir: ~/project/regression-tests name: Run << parameters.context >> tests command: | [ -e ./vars ] && . ./vars export rm -rf tests/*/skip for t in << parameters.skip >> do touch tests/$t/skip done PDNS=<< parameters.prefix >>sbin/pdns_server \ PDNS2=<< parameters.prefix >>sbin/pdns_server \ SDIG=<< parameters.prefix >>bin/sdig \ NOTIFY=<< parameters.prefix >>bin/pdns_notify \ NSEC3DIG=<< parameters.prefix >>bin/nsec3dig \ SAXFR=<< parameters.prefix >>bin/saxfr \ ZONE2SQL=<< parameters.prefix >>bin/zone2sql \ ZONE2LDAP=<< parameters.prefix >>bin/zone2ldap \ PDNSUTIL=<< parameters.prefix >>bin/pdnsutil \ PDNSCONTROL=<< parameters.prefix >>bin/pdns_control \ RESOLVERIP=127.0.0.1 \ ./start-test-stop 5300 << parameters.context >> - when: condition: << parameters.doroot >> steps: - run: workdir: ~/project/regression-tests.rootzone name: Run << parameters.context >> tests for the root zone command: | [ -e ../regression-tests/vars ] && . ../regression-tests/vars rm -rf tests/*/skip for t in << parameters.rootskip >> do touch tests/$t/skip done PDNS=<< parameters.prefix >>sbin/pdns_server \ PDNS2=<< parameters.prefix >>sbin/pdns_server \ SDIG=<< parameters.prefix >>bin/sdig \ NOTIFY=<< parameters.prefix >>bin/pdns_notify \ NSEC3DIG=<< parameters.prefix >>bin/nsec3dig \ SAXFR=<< parameters.prefix >>bin/saxfr \ ZONE2SQL=<< parameters.prefix >>bin/zone2sql \ ZONE2LDAP=<< parameters.prefix >>bin/zone2ldap \ PDNSUTIL=<< parameters.prefix >>bin/pdnsutil \ PDNSCONTROL=<< parameters.prefix >>bin/pdns_control \ RESOLVERIP=127.0.0.1 \ ./start-test-stop 5300 << parameters.context >> install-recursor-deps: description: "Install all libraries needed for the recursor" steps: - run: apt-get update - run: command: | apt-get install -qq -y \ libluajit-5.1 \ libboost-all-dev \ libcap2 \ libssl1.1 \ libsystemd0 \ libsodium23 \ libfstrm0 \ libprotobuf17 install-auth-deps: description: Install all libraries needed to run the auth steps: - run: | apt-get install -qq -y --no-install-recommends \ libboost-all-dev \ libcdb1 \ libcurl4 \ libkrb5-3 \ libldap-2.4-2 \ liblmdb0 \ libluajit-5.1-2 \ libpq5 \ libssl1.1 \ libsodium23 \ libsystemd0 \ default-libmysqlclient-dev \ unixodbc install-dnsdist-deps: description: "Install all libraries needed for testing dnsdist" steps: - run: apt-get update - run: command: | apt-get install -qq -y \ libluajit-5.1 \ libboost-all-dev \ libcap2 \ libcdb1 \ libcurl4-openssl-dev \ libfstrm0 \ libh2o-evloop0.13 \ liblmdb0 \ libprotobuf17 \ libre2-5 \ libssl-dev \ libsystemd0 \ libsodium23 \ protobuf-compiler \ virtualenv install-ixfrdist-deps: description: "Install all libraries needed for testing ixfrdist" steps: - run: apt-get update - run: command: | apt-get install -qq -y \ git \ libboost-all-dev \ libsystemd0 \ libyaml-cpp0.6 \ virtualenv install-auth-dev-deps: description: Install all packages needed to build the auth steps: - run: apt-get update - run: command: | apt-get install -qq -y --no-install-recommends \ autoconf \ automake \ bison \ bzip2 \ curl \ default-libmysqlclient-dev \ flex \ g++ \ git \ libboost-all-dev \ libcdb-dev \ libcurl4-openssl-dev \ libkrb5-dev \ libldap2-dev \ liblmdb-dev \ libluajit-5.1-dev \ libpq-dev \ libsodium-dev \ libsqlite3-dev \ libssl-dev \ libsystemd-dev \ libtool \ libyaml-cpp-dev \ make \ pkg-config \ ragel \ sqlite3 \ systemd \ unixodbc-dev \ virtualenv \ wget add-auth-repo: description: "Add the debian repo for the auth" parameters: version: type: string default: "42" distro: type: string default: "debian" release: type: string default: "buster" steps: - run: name: "Install dependencies" command: "apt-get update && apt-get install -qq -y curl gnupg2" - run: name: "Install apt-keys" command: | if [ "<< parameters.version >>" = "master" ]; then curl https://repo.powerdns.com/CBC8B383-pub.asc | apt-key add - else curl https://repo.powerdns.com/FD380FBB-pub.asc | apt-key add - fi - run: name: "Add repository" command: | echo 'deb [arch=amd64] http://repo.powerdns.com/<< parameters.distro >> << parameters.release >>-auth-<< parameters.version>> main' >> /etc/apt/sources.list.d/pdns.list - run: name: "add pinning" command: | echo 'Package: pdns-*' > /etc/apt/preferences.d/pdns echo 'Pin: origin repo.powerdns.com' >> /etc/apt/preferences.d/pdns echo 'Pin-Priority: 600' >> /etc/apt/preferences.d/pdns - run: name: update apt cache command: apt-get update setup-ccache: description: Install .ccache and set $PATH steps: - run: name: Install ccache command: apt-get update && apt-get -qq -y install ccache - run: name: Setup ccache in $PATH command: echo 'export PATH=/usr/lib/ccache:$PATH' >> $BASH_ENV save-ccache-cache: description: Store the .ccache directory parameters: product: type: string default: "" steps: - save_cache: key: ccache-cache-{{ arch }}-<< parameters.product >>-{{ .Branch }} paths: - ~/.ccache restore-cache-ccache: description: Restore the .ccache directory parameters: product: type: string default: "" steps: - setup-ccache - run: name: ensure ca-certificates is installed command: apt-get update && apt-get -qq -y install ca-certificates - restore_cache: keys: - ccache-cache-{{ arch }}-<< parameters.product >>-{{ .Branch }} - ccache-cache-{{ arch }}-<< parameters.product >>- install-doc-deps: description: Install dependencies needed to build the documentation steps: - run: name: Install dependencies command: | apt-get update && apt-get -qq -y install \ autoconf \ automake \ bison \ curl \ flex \ g++ \ git \ latexmk \ libboost-all-dev \ libedit-dev \ libluajit-5.1-dev \ libssl-dev \ make \ pkg-config \ ragel \ rsync \ virtualenv if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then apt-get update && apt-get -qq -y install \ texlive-full fi build-auth-docs: description: Build documentation steps: - run: name: autoconf command: | BUILDER_VERSION=0.0.0-git1 autoreconf -vfi - run: name: configure command: | ./configure \ --disable-lua-records \ --disable-unit-tests \ --without-dynmodules \ --without-modules - run: name: build docs command: | make -C docs html-docs if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then make -C docs all-docs fi upload-auth-docs: steps: - run: name: Upload documents command: | if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then rsync -crv --delete --no-p --chmod=g=rwX --exclude '*~' ./docs/html-docs/ docs_powerdns_com@${DOCS_HOST}:/authoritative/ rsync -crv --no-p --chmod=g=rwX --exclude '*~' ./docs/html-docs.tar.bz2 docs_powerdns_com@${DOCS_HOST}:/authoritative/ rsync -crv --no-p --chmod=g=rwX --exclude '*~' ./docs/PowerDNS-Authoritative.pdf docs_powerdns_com@${DOCS_HOST}:/authoritative/ fi build-recursor-docs: description: Build Recursor documentation steps: - run: name: autoconf command: | BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: ~/project/pdns/recursordist - run: name: configure command: | ./configure \ --disable-unit-tests \ --disable-protobuf working_directory: ~/project/pdns/recursordist - run: name: build docs command: | make html-docs if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then make all-docs fi working_directory: ~/project/pdns/recursordist upload-recursor-docs: steps: - run: name: Upload documents working_directory: ~/project/pdns/recursordist command: | if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then rsync -crv --delete --no-p --chmod=g=rwX --exclude '*~' html-docs/ docs_powerdns_com@${DOCS_HOST}:/recursor/ rsync -crv --no-p --chmod=g=rwX --exclude '*~' html-docs.tar.bz2 docs_powerdns_com@${DOCS_HOST}:/recursor/ rsync -crv --no-p --chmod=g=rwX --exclude '*~' PowerDNS-Recursor.pdf docs_powerdns_com@${DOCS_HOST}:/recursor/ fi build-dnsdist-docs: description: Build dnsdist documentation steps: - run: name: autoconf command: | BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: ~/project/pdns/dnsdistdist - run: name: configure command: | ./configure \ --disable-unit-tests \ --disable-protobuf working_directory: ~/project/pdns/dnsdistdist - run: name: build docs command: | make html-docs if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then make all-docs fi working_directory: ~/project/pdns/dnsdistdist upload-dnsdist-docs: steps: - run: name: Upload documents working_directory: ~/project/pdns/dnsdistdist command: | if [ "${CIRCLE_PROJECT_USERNAME}" = "PowerDNS" -a "${CIRCLE_PROJECT_REPONAME}" = "pdns" -a "${CIRCLE_BRANCH}" = "master" ]; then rsync -crv --delete --no-p --chmod=g=rwX --exclude '*~' html-docs/ dnsdist_org@${DOCS_HOST}: rsync -crv --no-p --chmod=g=rwX --exclude '*~' html-docs.tar.bz2 dnsdist_org@${DOCS_HOST}: rsync -crv --no-p --chmod=g=rwX --exclude '*~' dnsdist.pdf dnsdist_org@${DOCS_HOST}: fi jobs: checkout: resource_class: small docker: - image: debian:buster steps: - checkout-shallow - persist_to_workspace: root: /opt paths: - project check-formatting: docker: - image: debian:buster steps: - run: name: Install dependencies command: | echo 'deb http://deb.debian.org/debian buster-backports main' > /etc/apt/sources.list.d/backports.list apt-get update && apt-get -qq --no-install-recommends install git apt-get -qq -t buster-backports --no-install-recommends install clang-format-8 - get-workspace - run: name: Check formatting command: | ./build-scripts/format-code pdns/recursordist/*.[ch][ch] git --no-pager diff exit $(git diff | wc -l) working_directory: ~/project build-auth: docker: - image: debian:buster steps: - get-workspace - install-auth-dev-deps - restore-cache-ccache: product: auth - run: name: autoconf command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi - run: name: configure command: | CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --with-modules='bind lmdb ldap gmysql gsqlite3 gpgsql godbc random tinydns lua2' \ --enable-systemd \ --enable-tools \ --enable-unit-tests \ --enable-backend-unit-tests \ --enable-fuzz-targets \ --with-lmdb=/usr \ --with-libsodium \ --prefix=/opt/pdns-auth \ --enable-ixfrdist - run: name: build command: make -j3 -k - save-ccache-cache: product: auth - run: name: Run unit tests command: PDNS_TEST_NO_IPV6=1 make check || (cat pdns/test-suite.log; false) - run: name: Install the binaries command: make install - persist_to_workspace: root: /opt paths: - pdns-auth test-auth-regress-odbc-sqlite3: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - run: name: Configure ODBC for sqlite command: | cat >> ~/.odbc.ini \<<- __EOF__ [pdns-sqlite3-1] Driver = SQLite3 Database = ${PWD}/regression-tests/pdns.sqlite3 [pdns-sqlite3-2] Driver = SQLite3 Database = ${PWD}/regression-tests/pdns.sqlite32 __EOF__ - run: name: Install ODBC deps command: | apt-get install -qq -y \ unixodbc \ libsqliteodbc \ sqlite3 - run: name: Set up sqlite3 odbc testing command: echo 'export GODBC_SQLITE3_DSN=pdns-sqlite3-1' > ./vars workdir: ~/project/regression-tests - auth-regress: context: godbc_sqlite3-nsec3 doroot: false # Broken at the moment test-auth-regress-odbc-mssql: docker: - image: debian:buster - image: mcr.microsoft.com/mssql/server:2017-GA-ubuntu environment: - ACCEPT_EULA: Y - SA_PASSWORD: 'SAsa12%%' steps: - auth-regress-setup - run: name: Install ODBC deps command: | apt-get install -qq -y \ freetds-bin \ tdsodbc \ unixodbc - run: name: set up mssql odbc command: | cat >> ~/.odbc.ini \<<- __EOF__ [pdns-mssql-docker] Driver=FreeTDS Trace=No Server=127.0.0.1 Port=1433 Database=pdns TDS_Version=7.1 [pdns-mssql-docker-nodb] Driver=FreeTDS Trace=No Server=127.0.0.1 Port=1433 TDS_Version=7.1 __EOF__ - run: command: cat /usr/share/tdsodbc/odbcinst.ini <(echo Threading=1) >> /etc/odbcinst.ini - run: name: create database command: echo 'create database pdns' | isql -v pdns-mssql-docker-nodb sa SAsa12%% - run: name: Set up mssql odbc testing command: echo 'export GODBC_MSSQL_PASSWORD=SAsa12%% GODBC_MSSQL_USERNAME=sa GODBC_MSSQL_DSN=pdns-mssql-docker' > ./vars workdir: ~/project/regression-tests - auth-regress: context: godbc_mssql-nodnssec skip: 8bit-txt-unescaped - auth-regress: context: godbc_mssql skip: 8bit-txt-unescaped - auth-regress: context: godbc_mssql-nsec3 skip: 8bit-txt-unescaped - auth-regress: context: godbc_mssql-nsec3-optout skip: 8bit-txt-unescaped - auth-regress: context: godbc_mssql-nsec3-narrow skip: 8bit-txt-unescaped test-auth-regress-gsqlite3: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - run: command: apt-get install -qq -y sqlite3 - auth-regress: context: gsqlite3-nodnssec-both - auth-regress: context: gsqlite3-both - auth-regress: context: gsqlite3-nsec3-both - auth-regress: context: gsqlite3-nsec3-optout-both - auth-regress: context: gsqlite3-nsec3-narrow test-auth-regress-bind: resource_class: small docker: - image: debian:buster - image: circleci/mysql:5 # for the hybrid test steps: - auth-regress-setup - run: command: apt-get install -qq -y sqlite3 - auth-regress: context: bind-both - auth-regress: context: bind-dnssec-both - auth-regress: context: bind-dnssec-nsec3-both - auth-regress: context: bind-dnssec-nsec3-optout-both - auth-regress: context: bind-dnssec-nsec3-narrow - run: command: apt-get install -qq -y default-mysql-client - run: command: | cat >> ~/.my.cnf \<<- __EOF__ [client] protocol=TCP __EOF__ - run: name: Set up mysql client lib to force TCP command: echo 'export GMYSQLHOST=127.0.0.1' > ./vars workdir: ~/project/regression-tests - auth-regress: context: bind-hybrid-nsec3 test-auth-regress-gmysql: resource_class: small docker: - image: debian:buster - image: circleci/mysql:5 steps: - auth-regress-setup - run: command: apt-get install -qq -y default-mysql-client - run: command: | cat >> ~/.my.cnf \<<- __EOF__ [client] protocol=TCP default-character-set=latin1 __EOF__ - run: name: Set up mysql client lib to force TCP command: echo 'export GMYSQLHOST=127.0.0.1 export GMYSQL2HOST=127.0.0.1 ' > ./vars workdir: ~/project/regression-tests - auth-regress: context: gmysql-nodnssec-both - auth-regress: context: gmysql-both - auth-regress: context: gmysql-nsec3-both - auth-regress: context: gmysql-nsec3-optout-both - auth-regress: context: gmysql-nsec3-narrow test-auth-regress-gpgsql: resource_class: small docker: - image: debian:buster - image: circleci/postgres:9 environment: POSTGRES_USER: root POSTGRES_HOST_AUTH_METHOD: trust steps: - auth-regress-setup - run: command: apt-get install -qq -y postgresql-client - run: name: Use TCP for Postgresql connections command: | cat >> ./vars \<<- __EOF__ export PGHOST=127.0.0.1 export PGPORT=5432 __EOF__ workdir: ~/project/regression-tests - auth-regress: context: gpgsql-nodnssec-both - auth-regress: context: gpgsql-both - auth-regress: context: gpgsql-nsec3-both - auth-regress: context: gpgsql-nsec3-optout-both - auth-regress: context: gpgsql-nsec3-narrow test-auth-regress-ldap: resource_class: small docker: - image: debian:buster environment: LDAPHOST: ldap://ldapserver/ - image: powerdns/ldap-regress:1.2.4-0 # OpenLDAP 2.4.47 name: ldapserver command: '--loglevel debug' environment: LDAP_LOG_LEVEL: 0 steps: - auth-regress-setup - run: DEBIAN_FRONTEND=noninteractive apt-get install -qq -y ldap-utils - auth-regress: context: ldap-tree doroot: false - auth-regress: context: ldap-simple doroot: false - auth-regress: context: ldap-strict doroot: false test-auth-regress-tinydns: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - auth-regress: context: tinydns doroot: false test-auth-regress-lmdb: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - run: apt-get install -y -qq jq - auth-regress: context: lmdb-nodnssec-both - auth-regress: context: lmdb-both - auth-regress: context: lmdb-nsec3-both - auth-regress: context: lmdb-nsec3-optout-both - auth-regress: context: lmdb-nsec3-narrow test-auth-algorithms: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - run: name: Test all algorithms command: /opt/pdns-auth/bin/pdnsutil test-algorithms test-auth-api: resource_class: small docker: - image: debian:buster steps: - auth-regress-setup - run: apt-get -y -qq install virtualenv sqlite3 - run: name: Run API tests workdir: ~/project/regression-tests.api command: | PDNSSERVER="/opt/pdns-auth/sbin/pdns_server" \ PDNSUTIL="/opt/pdns-auth/bin/pdnsutil" \ SDIG="/opt/pdns-auth/bin/sdig" \ ZONE2SQL="/opt/pdns-auth/bin/zone2sql" \ ./runtests authoritative build-recursor: docker: - image: debian:buster steps: - restore-cache-ccache: product: recursor - run: name: Install dependencies command: | apt-get update && apt-get -qq --no-install-recommends install \ autoconf \ automake \ ca-certificates \ curl \ bison \ flex \ g++ \ git \ libboost-all-dev \ libcap-dev \ libluajit-5.1-dev \ libfstrm-dev \ libprotobuf-dev \ libsodium-dev \ libssl-dev \ libsystemd-dev \ libtool \ make \ pkg-config \ protobuf-compiler \ ragel \ systemd \ virtualenv - get-workspace - run: name: autoconf command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: ~/project/pdns/recursordist - run: name: configure command: | CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --enable-unit-tests \ --enable-nod \ --enable-systemd \ --prefix=/opt/pdns-recursor \ --with-libsodium \ --with-lua=luajit \ --with-libcap \ --with-protobuf=yes \ --without-net-snmp working_directory: ~/project/pdns/recursordist - run: name: build command: make -j3 -k working_directory: ~/project/pdns/recursordist - save-ccache-cache: product: recursor - run: name: Run unit tests command: make check || (cat test-suite.log; false) working_directory: ~/project/pdns/recursordist - run: name: Install resulting binaries command: make install working_directory: ~/project/pdns/recursordist - persist_to_workspace: root: /opt paths: - pdns-recursor test-recursor-regression: resource_class: small docker: - image: debian:buster steps: - add-auth-repo - run: apt-get --no-install-recommends install -qq -y pdns-server pdns-backend-bind pdns-tools daemontools authbind jq libfaketime lua-posix lua-socket moreutils bc virtualenv protobuf-compiler - install-recursor-deps - run: name: Set up authbind command: | touch /etc/authbind/byport/53 chmod 755 /etc/authbind/byport/53 - get-workspace - run: name: Run regression tests workdir: ~/project command: | PDNSRECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ ./build-scripts/test-recursor test-recursor-bulk: resource_class: medium docker: - image: debian:buster steps: - add-auth-repo - run: apt-get --no-install-recommends install -qq -y pdns-tools moreutils time - install-recursor-deps - get-workspace - run: name: Get the majestic million list workdir: ~/project/regression-tests command: | apt-get install -qq -y unzip && \ curl -LO http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip && \ unzip top-1m.csv.zip -d . - run: name: Run bulktest A command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 2 workdir: ~/project/regression-tests - run: name: Run bulktest B command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 4 workdir: ~/project/regression-tests - run: name: Run bulktest C command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 workdir: ~/project/regression-tests - run: name: Run bulktest D command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 16 workdir: ~/project/regression-tests - run: name: Run bulktest E command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 2 4096 workdir: ~/project/regression-tests - run: name: Run bulktest F command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 4 4096 workdir: ~/project/regression-tests - run: name: Run bulktest G command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 workdir: ~/project/regression-tests - run: name: Run bulktest H command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 16 4096 workdir: ~/project/regression-tests - run: name: Run bulktest I command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 1 workdir: ~/project/regression-tests - run: name: Run bulktest J command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 2 workdir: ~/project/regression-tests - run: name: Run bulktest K command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 4 workdir: ~/project/regression-tests - run: name: Run bulktest L command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 8 workdir: ~/project/regression-tests - run: name: Run bulktest M command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 16 workdir: ~/project/regression-tests - run: name: Run bulktest M command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 32 workdir: ~/project/regression-tests - run: name: Run bulktest N command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 64 workdir: ~/project/regression-tests - run: name: Run bulktest O command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 128 workdir: ~/project/regression-tests - run: name: Run bulktest P command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 256 workdir: ~/project/regression-tests - run: name: Run bulktest Q command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 512 workdir: ~/project/regression-tests - run: name: Run bulktest R command: | DNSBULKTEST=/usr/bin/dnsbulktest \ RECURSOR=/opt/pdns-recursor/sbin/pdns_recursor \ RECCONTROL=/opt/pdns-recursor/bin/rec_control \ THRESHOLD=95 \ TRACE=no \ ./timestamp ./recursor-test 5300 50000 8 4096 1024 workdir: ~/project/regression-tests test-recursor-api: resource_class: small docker: - image: debian:buster steps: - add-auth-repo - run: apt-get --no-install-recommends install -qq -y virtualenv pdns-tools - install-recursor-deps - get-workspace - run: name: Run API tests workdir: ~/project/regression-tests.api command: | PDNSRECURSOR="/opt/pdns-recursor/sbin/pdns_recursor" \ ./runtests recursor build-auth-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-auth-docs deploy-auth-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-auth-docs - add-docs-upload-ssh - upload-auth-docs build-recursor-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-recursor-docs deploy-recursor-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-recursor-docs - add-docs-upload-ssh - upload-recursor-docs build-dnsdist-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-dnsdist-docs deploy-dnsdist-docs: resource_class: small docker: - image: debian:buster steps: - get-workspace - install-doc-deps - build-dnsdist-docs - add-docs-upload-ssh - upload-dnsdist-docs coverity-auth: docker: - image: debian:buster steps: - install-auth-dev-deps - install-coverity-tools - checkout-shallow - run: name: autoconf working_directory: /opt/project/ command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi - run: name: configure working_directory: /opt/project/ command: | CFLAGS="-O1 -Werror=vla -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --disable-systemd \ --with-modules='bind lmdb ldap gmysql gsqlite3 gpgsql godbc random tinydns' \ --enable-tools \ --with-lmdb=/usr \ --with-libsodium \ --prefix=/opt/pdns-auth - run: name: build working_directory: /opt/project/ command: /usr/local/bin/cov-build --dir cov-int make -j2 -k - run: name: Create Coverity tarball working_directory: /opt/project/ command: tar caf auth.tar.bz2 cov-int - run: name: Upload tarball to coverity working_directory: /opt/project/ command: | curl --form token=${COVERITY_TOKEN} \ --form email="${COVERITY_EMAIL}" \ --form file=@auth.tar.bz2 \ --form version="$(./builder-support/gen-version)" \ --form description="master build" \ https://scan.coverity.com/builds?project=${COVERITY_PROJECT} coverity-dnsdist: docker: - image: debian:buster steps: - run: name: Install dependencies command: | apt-get update && apt-get -qq --no-install-recommends install \ autoconf \ automake \ bison \ bzip2 \ ca-certificates \ curl \ flex \ g++ \ git \ libboost-all-dev \ libcap-dev \ libcdb-dev \ libedit-dev \ libfstrm-dev \ liblmdb-dev \ libluajit-5.1-dev \ libprotobuf-dev \ libre2-dev \ libsnmp-dev \ libsodium-dev \ libssl-dev \ libsystemd-dev \ libtool \ make \ pkg-config \ protobuf-compiler \ ragel \ virtualenv - install-coverity-tools - checkout-shallow - run: name: autoconf command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: /opt/project/pdns/dnsdistdist - run: name: configure command: | CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --disable-systemd \ --disable-unit-tests \ --enable-dnstap \ --enable-dnscrypt \ --enable-dns-over-tls \ --prefix=/opt/dnsdist \ --with-libsodium \ --with-lua=luajit \ --with-libcap \ --with-protobuf=yes \ --with-re2 working_directory: /opt/project/pdns/dnsdistdist - run: name: build command: /usr/local/bin/cov-build --dir cov-int make -j2 -k working_directory: /opt/project/pdns/dnsdistdist - run: name: Create Coverity tarball command: tar caf dnsdist.tar.bz2 cov-int working_directory: /opt/project/pdns/dnsdistdist - run: name: Upload tarball to coverity working_directory: /opt/project/ command: | curl --form token=${COVERITY_TOKEN} \ --form email="${COVERITY_EMAIL}" \ --form file=@pdns/dnsdistdist/dnsdist.tar.bz2 \ --form version="$(./builder-support/gen-version)" \ --form description="master build" \ https://scan.coverity.com/builds?project=${COVERITY_PROJECT} coverity-recursor: docker: - image: debian:buster steps: - run: name: Install dependencies command: | apt-get update && apt-get -qq --no-install-recommends install \ autoconf \ automake \ ca-certificates \ curl \ bison \ bzip2 \ flex \ g++ \ git \ libboost-all-dev \ libcap-dev \ libluajit-5.1-dev \ libfstrm-dev \ libprotobuf-dev \ libsodium-dev \ libssl-dev \ libsystemd-dev \ libtool \ make \ pkg-config \ protobuf-compiler \ ragel \ virtualenv - install-coverity-tools - checkout-shallow - run: name: autoconf command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: /opt/project/pdns/recursordist - run: name: configure command: | CFLAGS="-O1 -Werror=vla -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --disable-systemd \ --disable-unit-tests \ --prefix=/opt/pdns-recursor \ --with-libsodium \ --with-lua=luajit \ --with-libcap \ --with-protobuf=yes \ --without-net-snmp working_directory: /opt/project/pdns/recursordist - run: name: build command: /usr/local/bin/cov-build --dir cov-int make -j2 -k working_directory: /opt/project/pdns/recursordist - run: name: Create Coverity tarball command: tar caf recursor.tar.bz2 cov-int working_directory: /opt/project/pdns/recursordist - run: name: Upload tarball to coverity working_directory: /opt/project/ command: | curl --form token=${COVERITY_TOKEN} \ --form email="${COVERITY_EMAIL}" \ --form file=@pdns/recursordist/recursor.tar.bz2 \ --form version="$(./builder-support/gen-version)" \ --form description="master build" \ https://scan.coverity.com/builds?project=${COVERITY_PROJECT} build-dnsdist: docker: - image: debian:buster environment: UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1' steps: - restore-cache-ccache: product: dnsdist - run: name: Install dependencies command: | apt-get update && apt-get -qq --no-install-recommends install \ autoconf \ automake \ g++ \ git \ libboost-all-dev \ libcap-dev \ libcdb-dev \ libedit-dev \ libfstrm-dev \ libh2o-evloop-dev \ liblmdb-dev \ libluajit-5.1-dev \ libprotobuf-dev \ libre2-dev \ libsnmp-dev \ libsodium-dev \ libssl-dev \ libsystemd-dev \ libtool \ make \ pkg-config \ protobuf-compiler \ ragel \ systemd \ virtualenv - get-workspace - run: name: autoconf command: BUILDER_VERSION=0.0.0-git1 autoreconf -vfi working_directory: ~/project/pdns/dnsdistdist - run: name: configure command: | CFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security" \ CXXFLAGS="-O1 -Werror=vla -Werror=shadow -Wformat=2 -Werror=format-security -Wp,-D_GLIBCXX_ASSERTIONS" \ ./configure \ --enable-unit-tests \ --enable-dnstap \ --enable-dnscrypt \ --enable-dns-over-tls \ --enable-dns-over-https \ --enable-systemd \ --prefix=/opt/dnsdist \ --with-libsodium \ --with-lua=luajit \ --with-libcap \ --with-protobuf=yes \ --with-re2 \ --enable-asan \ --enable-ubsan working_directory: ~/project/pdns/dnsdistdist - run: name: build command: make -j1 -k working_directory: ~/project/pdns/dnsdistdist - save-ccache-cache: product: dnsdist - run: name: Run unit tests command: make check || (cat test-suite.log; false) working_directory: ~/project/pdns/dnsdistdist - run: name: Install resulting binaries command: make install working_directory: ~/project/pdns/dnsdistdist - persist_to_workspace: root: /opt paths: - dnsdist test-dnsdist-regression: resource_class: small docker: - image: debian:buster environment: UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1' steps: - install-dnsdist-deps - get-workspace - run: name: setup snmp command: | apt-get -qq --no-install-recommends install snmpd sed "s/agentxperms 0700 0755 dnsdist/agentxperms 0700 0755/g" regression-tests.dnsdist/snmpd.conf > /etc/snmp/snmpd.conf /etc/init.d/snmpd start - run: name: install prometheus tools command: | apt-get -qq --no-install-recommends install prometheus - run: name: Run dnsdist tests workdir: ~/project/regression-tests.dnsdist command: | DNSDISTBIN="/opt/dnsdist/bin/dnsdist" \ ./runtests test-ixfrdist-regression: resource_class: small docker: - image: debian:buster environment: UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1' steps: - install-ixfrdist-deps - get-workspace - run: name: Run ixfrdist tests workdir: ~/project/regression-tests.ixfrdist command: | IXFRDISTBIN="/opt/pdns-auth/bin/ixfrdist" \ ./runtests workflows: version: 2 coverity: triggers: - schedule: cron: "0 0 * * *" filters: branches: only: master jobs: - coverity-auth: context: auth-coverity - coverity-dnsdist: context: dnsdist-coverity - coverity-recursor: context: recursor-coverity build-and-test-all: jobs: - checkout - build-auth: requires: - checkout - test-auth-api: requires: - build-auth - test-auth-algorithms: requires: - build-auth - test-auth-regress-odbc-sqlite3: requires: - build-auth - test-auth-regress-odbc-mssql: requires: - build-auth - test-auth-regress-gmysql: requires: - build-auth - test-auth-regress-bind: requires: - build-auth - test-auth-regress-gsqlite3: requires: - build-auth - test-auth-regress-gpgsql: requires: - build-auth - test-auth-regress-lmdb: requires: - build-auth - test-auth-regress-ldap: requires: - build-auth - test-auth-regress-tinydns: requires: - build-auth - check-formatting: requires: - checkout - build-recursor: requires: - checkout - test-recursor-regression: requires: - build-recursor - test-recursor-bulk: requires: - build-recursor - test-recursor-api: requires: - build-recursor - build-dnsdist: requires: - checkout - test-dnsdist-regression: requires: - build-dnsdist - test-ixfrdist-regression: requires: - build-auth build-docs: jobs: - checkout - build-auth-docs: filters: branches: ignore: master requires: - checkout - build-recursor-docs: filters: branches: ignore: master requires: - checkout - build-dnsdist-docs: filters: branches: ignore: master requires: - checkout # These actually deploy - deploy-auth-docs: context: docs filters: branches: only: master requires: - checkout - deploy-recursor-docs: context: docs filters: branches: only: master requires: - checkout - deploy-dnsdist-docs: context: docs filters: branches: only: master requires: - checkout