github: Rework test workflow

Introduce a main "tests" workflow which runs the LXC testsuite on both
x86_64 and aarch64, on a variety of compilers and OS as well as handling
the santizer runs.

Signed-off-by: Stéphane Graber <stgraber@stgraber.org>

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
deleted file mode 100644 (file)
index f5a3ccf..0000000
--- a/.github/workflows/build.yml
+++ /dev/null
@@ -1,62 +0,0 @@
-name: Simple test build
-on:
-  - push
-  - pull_request
-permissions:
-  contents: read
-
-jobs:
-  test:
-    strategy:
-      fail-fast: false
-      matrix:
-        compiler:
-          - gcc
-          - clang
-        os:
-          - ubuntu-22.04
-          - ubuntu-24.04
-        # temporary workaround for https://bugs.launchpad.net/ubuntu/+source/llvm-toolchain-18/+bug/2064187
-        exclude:
-          - compiler: clang
-            os: ubuntu-24.04
-    runs-on: ${{ matrix.os }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update -qq
-          sudo apt-get install -qq gcc clang meson llvm
-          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev libpam0g-dev docbook2x libdbus-1-dev
-
-      - name: Compiler version
-        env:
-          CC: ${{ matrix.compiler }}
-        run: |
-          ${CC} --version
-
-      - name: Kernel version
-        run: |
-          uname -a
-
-      - name: Mount table
-        run: |
-          findmnt
-
-      - name: Build
-        env:
-          CC: ${{ matrix.compiler }}
-        run: |
-          # Standard build
-          meson setup build \
-                -Dtests=true \
-                -Dpam-cgroup=true \
-                -Dtools-multicall=true \
-                -Dwerror=true \
-                -Db_lto_mode=default
-          ninja -C build
-          DESTDIR=build_install ninja -C build install

diff --git a/.github/workflows/sanitizers.sh b/.github/workflows/sanitizers.sh
deleted file mode 100755 (executable)
index cb8727e..0000000
--- a/.github/workflows/sanitizers.sh
+++ /dev/null
@@ -1,54 +0,0 @@
-#!/bin/bash
-set -eux
-set -o pipefail
-
-export ASAN_OPTIONS=detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1:strict_string_checks=1
-
-# https://github.com/lxc/lxc/issues/3757
-ASAN_OPTIONS="$ASAN_OPTIONS:detect_odr_violation=0"
-
-export UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1
-
-apt-get update -qq
-apt-get install --yes --no-install-recommends \
-    apparmor bash-completion bridge-utils build-essential \
-    busybox-static clang cloud-image-utils curl dbus debhelper debootstrap \
-    devscripts dnsmasq-base docbook2x doxygen ed fakeroot file gcc graphviz \
-    git iptables meson net-tools libapparmor-dev libcap-dev libgnutls28-dev liblua5.2-dev \
-    libpam0g-dev libseccomp-dev libselinux1-dev libtool linux-libc-dev \
-    llvm lsb-release make openssl pkg-config python3-all-dev \
-    python3-setuptools rsync squashfs-tools uidmap unzip uuid-runtime \
-    wget xz-utils systemd-coredump libdbus-1-dev
-apt-get remove --yes lxc-utils liblxc-common liblxc1 liblxc-dev
-
-ARGS="-Dprefix=/usr -Dtests=true -Dpam-cgroup=false -Dwerror=true -Dio-uring-event-loop=false -Db_lto_mode=default -Db_lundef=false"
-case "$CC" in clang*)
-       ARGS="$ARGS -Db_sanitize=address,undefined"
-esac
-meson setup san_build $ARGS
-ninja -C san_build
-ninja -C san_build install
-
-cat <<'EOF' >/usr/bin/lxc-test-share-ns
-#!/bin/bash
-printf "The test is skipped due to https://github.com/lxc/lxc/issues/3798.\n"
-EOF
-
-mv /usr/bin/{lxc-test-concurrent,test-concurrent.orig}
-cat <<EOF >/usr/bin/lxc-test-concurrent
-#!/bin/bash
-printf "Memory leaks are ignored due to https://github.com/lxc/lxc/issues/3788.\n"
-ASAN_OPTIONS=$ASAN_OPTIONS:detect_leaks=0 UBSAN_OPTIONS=$UBSAN_OPTIONS /usr/bin/test-concurrent.orig
-EOF
-chmod +x /usr/bin/lxc-test-concurrent
-
-sed -i 's/USE_LXC_BRIDGE="false"/USE_LXC_BRIDGE="true"/' /etc/default/lxc
-systemctl daemon-reload
-systemctl restart apparmor
-systemctl restart lxc-net
-
-# Undo default ACLs from Github
-setfacl -b -R /home
-
-git clone --depth=1 https://github.com/lxc/lxc-ci
-timeout 30m bash -x lxc-ci/deps/lxc-exercise

diff --git a/.github/workflows/sanitizers.yml b/.github/workflows/sanitizers.yml
deleted file mode 100644 (file)
index 1e607f2..0000000
--- a/.github/workflows/sanitizers.yml
+++ /dev/null
@@ -1,43 +0,0 @@
-name: Sanitizers build
-on:
-  - push
-  - pull_request
-permissions:
-  contents: read
-
-jobs:
-  sanitizers:
-    strategy:
-      fail-fast: false
-      matrix:
-        compiler:
-          - gcc
-          - clang
-    runs-on: ubuntu-22.04
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update -qq
-          sudo apt-get install -qq gcc clang meson llvm
-          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev libpam0g-dev docbook2x libdbus-1-dev
-
-      - name: Compiler version
-        env:
-          CC: ${{ matrix.compiler }}
-        run: |
-          ${CC} --version
-
-      - name: Kernel version
-        run: |
-          uname -a
-
-      - name: Mount table
-        run: |
-          findmnt
-
-      - name: Build
-        run: |
-          sudo CC=${{ matrix.compiler }} CXX=${{ matrix.compiler }}++ .github/workflows/sanitizers.sh

diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml
deleted file mode 100644 (file)
index 3ed6529..0000000
--- a/.github/workflows/static-analysis.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-name: Static analysis
-on:
-  - push
-  - pull_request
-permissions:
-  contents: read
-
-jobs:
-  test:
-    runs-on: ubuntu-24.04
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Install dependencies
-        run: |
-          sudo apt-get update -qq
-          sudo apt-get install -qq coccinelle
-
-      - name: Confirm coccinelle output is clean
-        run: |
-          ./coccinelle/run-coccinelle.sh -i
-          git diff --exit-code
-
-      - name: Confirm apparmor profile is up to date
-        run: |
-          cd config/apparmor/
-          ./lxc-generate-aa-rules.py container-rules.base > container-rules
-          cat abstractions/container-base.in container-rules > abstractions/container-base
-          git diff --exit-code

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
new file mode 100644 (file)
index 0000000..fb27c03
--- /dev/null
+++ b/.github/workflows/tests.yml
@@ -0,0 +1,90 @@
+name: Tests
+on:
+  - push
+  - pull_request
+
+permissions:
+  contents: read
+
+jobs:
+  code-tests:
+    name: Code
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq coccinelle
+
+      - name: Confirm coccinelle output is clean
+        run: |
+          ./coccinelle/run-coccinelle.sh -i
+          git diff --exit-code
+
+      - name: Confirm apparmor profile is up to date
+        run: |
+          cd config/apparmor/
+          ./lxc-generate-aa-rules.py container-rules.base > container-rules
+          cat abstractions/container-base.in container-rules > abstractions/container-base
+          git diff --exit-code
+
+  testsuite-hosted:
+    name: Test suite (x86_64)
+    strategy:
+      fail-fast: false
+      matrix:
+        compiler:
+          - gcc
+          - clang
+        os:
+          - ubuntu-22.04
+          - ubuntu-24.04
+        variant:
+          - default
+          - sanitizer
+        exclude:
+          - variant: sanitizer
+            compiler: gcc
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: ./.github/actions/testsuite
+        with:
+          compiler: ${{ matrix.compiler }}
+          os: ${{ matrix.os }}
+          variant: ${{ matrix.variant }}
+
+  testsuite-self-hosted:
+    name: Test suite (aarch64)
+    strategy:
+      fail-fast: false
+      matrix:
+        compiler:
+          - gcc
+          - clang
+        os:
+          - ubuntu-22.04
+          - ubuntu-24.04
+        variant:
+          - default
+    runs-on:
+      - self-hosted
+      - cpu-4
+      - mem-4G
+      - disk-50G
+      - arch-arm64
+      - image-${{ matrix.os }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - uses: ./.github/actions/testsuite
+        with:
+          compiler: ${{ matrix.compiler }}
+          os: ${{ matrix.os }}
+          variant: ${{ matrix.variant }}