From: Remi Gacogne Date: Tue, 9 May 2023 14:43:45 +0000 (+0200) Subject: dnsdist-1.8.x: Remove the workflows that are not relevant to dnsdist 1.8.x X-Git-Tag: dnsdist-1.8.1~27^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0814f7dee56c8be24bc3f2bafb46b53ab43d27c5;p=thirdparty%2Fpdns.git dnsdist-1.8.x: Remove the workflows that are not relevant to dnsdist 1.8.x --- diff --git a/.github/workflows/build-and-test-all.yml b/.github/workflows/build-and-test-all.yml index 642e34c11e..62477f8bd6 100644 --- a/.github/workflows/build-and-test-all.yml +++ b/.github/workflows/build-and-test-all.yml @@ -11,99 +11,6 @@ permissions: # least privileges, see https://docs.github.com/en/actions/using-wo contents: read jobs: - build-auth: - name: build auth - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - env: - ASAN_OPTIONS: detect_leaks=0 - FUZZING_TARGETS: yes - SANITIZERS: asan+ubsan - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - UNIT_TESTS: yes - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: get timestamp for cache - id: get-stamp - run: | - echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT" - shell: bash - - name: let GitHub cache our ccache data - uses: actions/cache@v3 - with: - path: ~/.ccache - key: auth-ccache-${{ steps.get-stamp.outputs.stamp }} - restore-keys: auth-ccache- - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang - - run: inv install-auth-build-deps - - run: inv ci-autoconf - - run: inv ci-auth-configure - - run: inv ci-auth-make - - run: inv ci-auth-install-remotebackend-test-deps - - run: inv ci-auth-run-unit-tests - - run: inv ci-make-install - - run: ccache -s - - name: Store the binaries - uses: actions/upload-artifact@v3 # this takes 30 seconds, maybe we want to tar - with: - name: pdns-auth - path: /opt/pdns-auth - retention-days: 1 - - build-recursor: - name: build recursor - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - env: - ASAN_OPTIONS: detect_leaks=0 - SANITIZERS: ${{ matrix.sanitizers }} - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - UNIT_TESTS: yes - defaults: - run: - working-directory: ./pdns/recursordist/ - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: get timestamp for cache - id: get-stamp - run: | - echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT" - shell: bash - - name: let GitHub cache our ccache data - uses: actions/cache@v3 - with: - path: ~/.ccache - key: recursor-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }} - restore-keys: recursor-${{ matrix.sanitizers }}-ccache- - - run: ../../build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv apt-fresh - - run: inv install-clang - - run: inv install-rec-build-deps - - run: inv ci-autoconf - - run: inv ci-rec-configure - - run: inv ci-rec-make - - run: inv ci-rec-run-unit-tests - - run: inv ci-make-install - - run: ccache -s - - name: Store the binaries - uses: actions/upload-artifact@v3 # this takes 30 seconds, maybe we want to tar - with: - name: pdns-recursor-${{ matrix.sanitizers }} - path: /opt/pdns-recursor - retention-days: 1 - build-dnsdist: name: build dnsdist if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} @@ -157,273 +64,6 @@ jobs: path: /opt/dnsdist retention-days: 1 - test-auth-api: - needs: build-auth - runs-on: ubuntu-20.04 - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ github.workspace }}/pdns/dnsdistdist/dnsdist-tsan.supp" - strategy: - matrix: - include: - - backend: gsqlite3 - image: coscale/docker-sleep - - backend: gmysql - image: mysql:5 - - backend: gpgsql - image: postgres:9 - - backend: lmdb - image: coscale/docker-sleep - fail-fast: false - services: - database: - image: ${{ matrix.image }} - env: - POSTGRES_USER: runner - POSTGRES_HOST_AUTH_METHOD: trust - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - 5432:5432 - # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too. - options: >- - --restart always - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - # - name: Setup upterm session - # uses: lhotari/action-upterm@v1 - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang-runtime - - run: inv install-auth-test-deps -b ${{ matrix.backend }} - - run: inv test-api auth -b ${{ matrix.backend }} - - test-auth-backend: - needs: build-auth - runs-on: ubuntu-20.04 - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - LDAPHOST: ldap://ldapserver/ - strategy: - matrix: - include: - - backend: remote - image: coscale/docker-sleep - env: {} - ports: [] - - backend: gmysql - image: mysql:5 - env: - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - backend: gmysql - image: mariadb:10 - env: - MYSQL_ALLOW_EMPTY_PASSWORD: 1 - ports: - - 3306:3306 - - backend: gpgsql - image: postgres:9 - env: - POSTGRES_USER: runner - POSTGRES_HOST_AUTH_METHOD: trust - ports: - - 5432:5432 - - backend: gsqlite3 # this also runs regression-tests.nobackend and pdnsutil test-algorithms - image: coscale/docker-sleep - env: {} - ports: [] - - backend: lmdb - image: coscale/docker-sleep - env: {} - ports: [] - - backend: bind - image: coscale/docker-sleep - env: {} - ports: [] - - backend: geoip - image: coscale/docker-sleep - env: {} - ports: [] - - backend: lua2 - image: coscale/docker-sleep - env: {} - ports: [] - - backend: tinydns - image: coscale/docker-sleep - env: {} - ports: [] - - backend: authpy - image: coscale/docker-sleep - env: {} - ports: [] - - backend: godbc_sqlite3 - image: coscale/docker-sleep - env: {} - ports: [] - - backend: godbc_mssql - image: mcr.microsoft.com/mssql/server:2017-GA-ubuntu - env: - ACCEPT_EULA: Y - SA_PASSWORD: 'SAsa12%%' - ports: - - 1433:1433 - - backend: ldap - image: powerdns/ldap-regress:1.2.4-1 - env: - LDAP_LOG_LEVEL: 0 - CONTAINER_LOG_LEVEL: 4 - ports: - - 389:389 - - backend: geoip_mmdb - image: coscale/docker-sleep - env: {} - ports: [] - fail-fast: false - services: - database: - image: ${{ matrix.image }} - env: ${{ matrix.env }} - ports: ${{ matrix.ports }} - # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too. - options: >- - --restart always - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - # - name: Setup upterm session - # uses: lhotari/action-upterm@v1 - # FIXME: install recursor for backends that have ALIAS - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang-runtime - - run: inv install-auth-test-deps -b ${{ matrix.backend }} - - run: inv test-auth-backend -b ${{ matrix.backend }} - - test-ixfrdist: - needs: build-auth - runs-on: ubuntu-20.04 - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-auth - path: /opt/pdns-auth - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang-runtime - - run: inv install-auth-test-deps - - run: inv test-ixfrdist - - test-recursor-api: - needs: build-recursor - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - env: - UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp" - ASAN_OPTIONS: detect_leaks=0 - TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ github.workspace }}/pdns/recursordist/recursor-tsan.supp" - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-recursor-${{ matrix.sanitizers }} - path: /opt/pdns-recursor - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv add-auth-repo # FIXME: do we need this for rec API testing? - - run: inv install-clang-runtime - - run: inv install-rec-test-deps - - run: inv test-api recursor - - test-recursor-regression: - needs: build-recursor - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - env: - UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp' - ASAN_OPTIONS: detect_leaks=0 - TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ github.workspace }}/pdns/recursordist/recursor-tsan.supp" - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-recursor-${{ matrix.sanitizers }} - path: /opt/pdns-recursor - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv add-auth-repo - - run: inv install-clang-runtime - - run: inv install-rec-test-deps - - run: inv test-regression-recursor - - test-recursor-bulk: - name: 'test rec *mini* bulk' - needs: build-recursor - runs-on: ubuntu-20.04 - strategy: - matrix: - sanitizers: [ubsan+asan, tsan] - threads: [1, 2, 3, 4, 8] - mthreads: [2048] - shards: [1, 2, 1024] - env: - UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ github.workspace }}/build-scripts/UBSan.supp' - ASAN_OPTIONS: detect_leaks=0 - TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ github.workspace }}/pdns/recursordist/recursor-tsan.supp" - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - name: Fetch the binaries - uses: actions/download-artifact@v3 - with: - name: pdns-recursor-${{ matrix.sanitizers }} - path: /opt/pdns-recursor - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang-runtime - - run: inv install-rec-bulk-deps - - run: inv test-bulk-recursor ${{ matrix.threads }} ${{ matrix.mthreads }} ${{ matrix.shards }} - test-dnsdist-regression: needs: build-dnsdist runs-on: ubuntu-20.04 @@ -453,32 +93,10 @@ jobs: - run: inv install-dnsdist-test-deps - run: inv test-dnsdist - swagger-syntax-check: - if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} - runs-on: ubuntu-20.04 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-swagger-tools - - run: inv swagger-syntax-check - collect: needs: - - build-auth - build-dnsdist - - build-recursor - - swagger-syntax-check - - test-auth-api - - test-auth-backend - test-dnsdist-regression - - test-ixfrdist - - test-recursor-api - - test-recursor-regression - - test-recursor-bulk if: success() || failure() runs-on: ubuntu-20.04 steps: diff --git a/.github/workflows/builder-dispatch.yml b/.github/workflows/builder-dispatch.yml deleted file mode 100644 index ca000c31fd..0000000000 --- a/.github/workflows/builder-dispatch.yml +++ /dev/null @@ -1,92 +0,0 @@ ---- -name: Trigger specific package build - -on: - workflow_dispatch: - inputs: - product: - description: Product to build - type: choice - options: - - authoritative - - recursor - - dnsdist - os: - description: OSes to build for, space separated - type: string - default: > - el-7 - el-8 - el-9 - debian-buster - debian-bullseye - ubuntu-bionic - ubuntu-focal - ubuntu-jammy - ref: - description: git ref to checkout - type: string - default: master - is_release: - description: is this a release build? - type: choice - options: - - 'NO' - - 'YES' - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - prepare: - name: generate OS list - runs-on: ubuntu-20.04 - outputs: - oslist: ${{ steps.get-oslist.outputs.oslist }} - steps: - # instead of jo, we could use jq here, which avoids running apt, and thus would be faster. - # but, as this whole workflow needs at least 30 minutes to run, I prefer spending a few seconds here - # so that the command remains readable, because jo is simpler to use. - - run: sudo apt-get update && sudo apt-get -y install jo - - id: get-oslist - run: echo "oslist=$(jo -a ${{ github.event.inputs.os }})" >> "$GITHUB_OUTPUT" - - build: - needs: prepare - name: build ${{ github.event.inputs.product }} (${{ github.event.inputs.ref }}) for ${{ matrix.os }} - # on a ubuntu-20.04 VM - runs-on: ubuntu-20.04 - strategy: - matrix: - os: ${{fromJson(needs.prepare.outputs.oslist)}} - fail-fast: false - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 # for correct version numbers - submodules: recursive - ref: ${{ github.event.inputs.ref }} - # this builds packages and runs our unit tests (make check) - - run: IS_RELEASE=${{ github.event.inputs.is_release}} builder/build.sh -v -m ${{ github.event.inputs.product }} ${{ matrix.os }} - - name: Get version number - run: 'echo ::set-output name=version::$(readlink builder/tmp/latest)' - id: getversion - - name: Upload packages as GH artifacts - uses: actions/upload-artifact@v3 - with: - name: ${{ github.event.inputs.product }}-${{ matrix.os }}-${{ steps.getversion.outputs.version }} - path: built_pkgs/ - retention-days: 7 - - name: Upload packages to downloads.powerdns.com - env: - SSHKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} - RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} - HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} - if: - "${{ env.SSHKEY != '' }}" - run: | - mkdir -m 700 -p ~/.ssh - echo "$SSHKEY" > ~/.ssh/id_ed25519 - chmod 600 ~/.ssh/id_ed25519 - echo "$HOSTKEY" > ~/.ssh/known_hosts - rsync -4rlptD built_pkgs/* "$RSYNCTARGET" diff --git a/.github/workflows/builder.yml b/.github/workflows/builder.yml index 8823b25c22..3b9484da1e 100644 --- a/.github/workflows/builder.yml +++ b/.github/workflows/builder.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-20.04 strategy: matrix: - product: ['authoritative', 'recursor', 'dnsdist'] + product: ['dnsdist'] os: - centos-7 - ubuntu-bionic diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c37001a7e5..b39c983a8f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -26,7 +26,7 @@ jobs: # Override automatic language detection by changing the below list # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] language: ['cpp'] - product: ['auth', 'rec', 'dnsdist'] + product: ['dnsdist'] # Learn more... # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection @@ -106,15 +106,6 @@ jobs: ragel \ unixodbc-dev - - name: Build auth - if: matrix.product == 'auth' - run: | - autoreconf -vfi - ./configure --with-modules='bind geoip gmysql godbc gpgsql gsqlite3 ldap lmdb lua2 pipe remote tinydns' --enable-tools --enable-ixfrdist --enable-dns-over-tls --enable-experimental-pkcs11 --with-libsodium --enable-lua-records CFLAGS='-O0' CXXFLAGS='-O0' - make -j8 -C ext - make -j8 -C modules - make -j8 -C pdns - - name: Build dnsdist if: matrix.product == 'dnsdist' run: | @@ -125,15 +116,5 @@ jobs: make -j8 -C ext/yahttp make -j4 dnsdist - - name: Build recursor - if: matrix.product == 'rec' - run: | - cd pdns/recursordist - autoreconf -vfi - ./configure --enable-unit-tests --enable-nod --enable-dnstap CFLAGS='-O0' CXXFLAGS='-O0' - make -j8 -C ext - make htmlfiles.h - make -j4 pdns_recursor rec_control - - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 82221b5dd8..1d53125ce9 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-20.04 strategy: matrix: - product: ['auth', 'recursor', 'dnsdist'] + product: ['dnsdist'] steps: - uses: actions/checkout@v3 with: diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml deleted file mode 100644 index c02b266a22..0000000000 --- a/.github/workflows/documentation.yml +++ /dev/null @@ -1,111 +0,0 @@ ---- -name: 'Documentation' - -on: - push: - branches: [master] - pull_request: - branches: [master] - -permissions: - contents: read - -jobs: - build-upload-docs: - name: Build and upload docs - runs-on: ubuntu-20.04 - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - - run: build-scripts/gh-actions-setup-inv-no-dist-upgrade # this runs apt update - - run: inv install-doc-deps - - run: inv install-doc-deps-pdf - - - id: get-version - run: echo "pdns_version=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - - id: setup-ssh - run: |- - inv ci-docs-add-ssh --ssh-key="$SSH_KEY" --host-key="$HOST_KEY" - echo "have_ssh_key=yes" >> $GITHUB_OUTPUT - env: - SSH_KEY: ${{secrets.WEB1_DOCS_SECRET}} - HOST_KEY: ${{vars.WEB1_HOSTKEY}} - if: ${{github.ref_name == 'master' && env.SSH_KEY != ''}} - - # Auth - - run: inv ci-docs-build - - run: mv html auth-html-docs - working-directory: ./docs/_build - - run: tar cf auth-html-docs.tar auth-html-docs - working-directory: ./docs/_build - - uses: actions/upload-artifact@v3 - with: - name: authoritative-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./docs/_build/auth-html-docs.tar - - run: bzip2 auth-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./docs/_build - - run: inv ci-docs-build-pdf - - uses: actions/upload-artifact@v3 - with: - name: PowerDNS-Authoritative-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./docs/_build/latex/PowerDNS-Authoritative.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Authoritative.pdf" --username="docs_powerdns_com" --product="auth" --directory="/${AUTH_DOCS_DIR}/" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - AUTH_DOCS_DIR: ${{vars.AUTH_DOCS_DIR}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - - # Rec - - run: inv ci-docs-build - working-directory: ./pdns/recursordist - - run: mv html rec-html-docs - working-directory: ./pdns/recursordist/docs/_build - - run: tar cf rec-html-docs.tar rec-html-docs - working-directory: ./pdns/recursordist/docs/_build - - uses: actions/upload-artifact@v3 - with: - name: recursor-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./pdns/recursordist/docs/_build/rec-html-docs.tar - - run: bzip2 rec-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./pdns/recursordist/docs/_build - - run: inv ci-docs-build-pdf - working-directory: ./pdns/recursordist - - uses: actions/upload-artifact@v3 - with: - name: PowerDNS-Recursor-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./pdns/recursordist/docs/_build/latex/PowerDNS-Recursor.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="PowerDNS-Recursor.pdf" --username="docs_powerdns_com" --product="rec" --directory="/${REC_DOCS_DIR}/" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - REC_DOCS_DIR: ${{vars.REC_DOCS_DIR}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - working-directory: ./pdns/recursordist - - # DNSdist - - run: inv ci-docs-build - working-directory: ./pdns/dnsdistdist - - run: mv html dnsdist-html-docs - working-directory: ./pdns/dnsdistdist/docs/_build - - run: tar cf dnsdist-html-docs.tar dnsdist-html-docs - working-directory: ./pdns/dnsdistdist/docs/_build - - uses: actions/upload-artifact@v3 - with: - name: dnsdist-html-docs-${{steps.get-version.outputs.pdns_version}} - path: ./pdns/dnsdistdist/docs/_build/dnsdist-html-docs.tar - - run: bzip2 dnsdist-html-docs.tar - if: ${{github.ref_name == 'master'}} - working-directory: ./pdns/dnsdistdist/docs/_build - - run: inv ci-docs-build-pdf - working-directory: ./pdns/dnsdistdist - - uses: actions/upload-artifact@v3 - with: - name: dnsdist-${{steps.get-version.outputs.pdns_version}}.pdf - path: ./pdns/dnsdistdist/docs/_build/latex/dnsdist.pdf - - run: inv ci-docs-upload-master --docs-host="${DOCS_HOST}" --pdf="dnsdist.pdf" --username="dnsdist_org" --product="dnsdist" - env: - DOCS_HOST: ${{vars.DOCS_HOST}} - if: ${{github.ref_name == 'master' && steps.setup-ssh.outputs.have_ssh_key != ''}} - working-directory: ./pdns/dnsdistdist diff --git a/.github/workflows/misc-dailies.yml b/.github/workflows/misc-dailies.yml deleted file mode 100644 index a7d0db59b6..0000000000 --- a/.github/workflows/misc-dailies.yml +++ /dev/null @@ -1,123 +0,0 @@ -name: "Various daily checks" - -on: - schedule: - - cron: '34 4 * * *' - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - el7-devtoolset: - if: ${{ vars.SCHEDULED_MISC_DAILIES }} - runs-on: ubuntu-22.04 - - steps: - - name: Check whether a newer devtoolset exists - run: | - if docker run --rm centos:7 bash -c 'yum install -y centos-release-scl-rh && yum info devtoolset-12-gcc-c++' - then - echo "::warning file=builder-support/dockerfiles/Dockerfile.rpmbuild::A newer devtoolset exists. Please edit builder-support/dockerfiles/Dockerfile.rpmbuild, builder-support/dockerfiles/Dockerfile.rpmbuild, and .github/workflows/dailies.yml" - exit 1 - else - echo "::notice ::No newer devtoolset exists (good)" - exit 0 - fi - - check-debian-autoremovals: - if: ${{ vars.SCHEDULED_MISC_DAILIES }} - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - - name: Check if Debian is about to toss us off a balcony - run: ./build-scripts/check-debian-autoremovals.py - - coverity-auth: - name: coverity scan of the auth - if: ${{ vars.SCHEDULED_MISC_DAILIES }} - runs-on: ubuntu-20.04 - env: - COVERITY_TOKEN: ${{ secrets.coverity_auth_token }} - FUZZING_TARGETS: no - SANITIZERS: - UNIT_TESTS: no - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang - - run: inv install-auth-build-deps - - run: inv install-coverity-tools PowerDNS - - run: inv coverity-clang-configure - - run: inv ci-autoconf - - run: inv ci-auth-configure - - run: inv coverity-make - - run: inv coverity-tarball auth.tar.bz2 - - run: inv coverity-upload ${{ secrets.coverity_email }} PowerDNS auth.tar.bz2 - - coverity-dnsdist: - name: coverity scan of dnsdist - if: ${{ vars.SCHEDULED_MISC_DAILIES }} - runs-on: ubuntu-20.04 - env: - COVERITY_TOKEN: ${{ secrets.coverity_dnsdist_token }} - SANITIZERS: - UNIT_TESTS: no - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang - - run: inv install-dnsdist-build-deps - - run: inv install-coverity-tools dnsdist - - run: inv coverity-clang-configure - - run: inv ci-autoconf - working-directory: ./pdns/dnsdistdist/ - - run: inv ci-dnsdist-configure full - working-directory: ./pdns/dnsdistdist/ - - run: inv coverity-make - working-directory: ./pdns/dnsdistdist/ - - run: inv coverity-tarball dnsdist.tar.bz2 - working-directory: ./pdns/dnsdistdist/ - - run: inv coverity-upload ${{ secrets.coverity_email }} dnsdist dnsdist.tar.bz2 - working-directory: ./pdns/dnsdistdist/ - - coverity-rec: - name: coverity scan of the rec - if: ${{ vars.SCHEDULED_MISC_DAILIES }} - runs-on: ubuntu-20.04 - env: - COVERITY_TOKEN: ${{ secrets.coverity_rec_token }} - SANITIZERS: - UNIT_TESTS: no - steps: - - uses: PowerDNS/pdns/set-ubuntu-mirror@meta - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: build-scripts/gh-actions-setup-inv # this runs apt update+upgrade - - run: inv install-clang - - run: inv install-rec-build-deps - - run: inv install-coverity-tools 'PowerDNS+Recursor' - - run: inv coverity-clang-configure - - run: inv ci-autoconf - working-directory: ./pdns/recursordist/ - - run: inv ci-rec-configure - working-directory: ./pdns/recursordist/ - - run: inv coverity-make - working-directory: ./pdns/recursordist/ - - run: inv coverity-tarball recursor.tar.bz2 - working-directory: ./pdns/recursordist/ - - run: inv coverity-upload ${{ secrets.coverity_email }} 'PowerDNS+Recursor' recursor.tar.bz2 - working-directory: ./pdns/recursordist/ diff --git a/.github/workflows/secpoll.yml b/.github/workflows/secpoll.yml deleted file mode 100644 index b7b52ea7a1..0000000000 --- a/.github/workflows/secpoll.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -name: 'Verify secpoll zone syntax' - -on: - push: - pull_request: - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - build: - name: check secpoll zone - # on a ubuntu-20.04 VM - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 5 - submodules: recursive - - run: sh docs/secpoll-check.sh docs/secpoll.zone - - run: echo 'deb [arch=amd64] http://repo.powerdns.com/ubuntu focal-auth-master main' | sudo tee /etc/apt/sources.list.d/pdns.list - - run: "echo -ne 'Package: pdns-*\nPin: origin repo.powerdns.com\nPin-Priority: 600\n' | sudo tee /etc/apt/preferences.d/pdns" - - run: sudo curl https://repo.powerdns.com/CBC8B383-pub.asc -o /etc/apt/trusted.gpg.d/CBC8B383-pub.asc - - run: sudo apt-get update - - run: sudo systemctl mask pdns - - run: sudo apt-get install -y pdns-server pdns-backend-sqlite3 - - run: "echo -ne 'launch=gsqlite3\ngsqlite3-database=/var/lib/powerdns/pdns.sqlite3\n' | sudo tee /etc/powerdns/pdns.conf" - - run: sudo sqlite3 /var/lib/powerdns/pdns.sqlite3 < /usr/share/doc/pdns-backend-sqlite3/schema.sqlite3.sql - - run: sudo pdnsutil load-zone secpoll.powerdns.com docs/secpoll.zone - - run: sudo pdnsutil check-zone secpoll.powerdns.com diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml deleted file mode 100644 index c250cd1046..0000000000 --- a/.github/workflows/spelling.yml +++ /dev/null @@ -1,19 +0,0 @@ -# spelling.yml is disabled per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p -name: Workflow should not run! -on: - push: - branches: '' - -permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions - contents: read - -jobs: - placeholder: - name: Should be disabled - runs-on: ubuntu-latest - if: false - steps: - - name: Task - run: | - echo 'Running this task would be bad' - exit 1 diff --git a/.github/workflows/spelling2.yml b/.github/workflows/spelling2.yml deleted file mode 100644 index 055dd17304..0000000000 --- a/.github/workflows/spelling2.yml +++ /dev/null @@ -1,16 +0,0 @@ -# spelling2.yml is disabled per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-p8r9-69g4-jwqq -name: Workflow should not run! -on: - push: - branches: '' - -jobs: - placeholder: - name: Should be disabled - runs-on: ubuntu-latest - if: false - steps: - - name: Task - run: | - echo 'Running this task would be bad' - exit 1 diff --git a/.github/workflows/spelling3.yml b/.github/workflows/spelling3.yml deleted file mode 100644 index 5888f89a12..0000000000 --- a/.github/workflows/spelling3.yml +++ /dev/null @@ -1,64 +0,0 @@ -# spelling.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-g86g-chm8-7r2p -# spelling2.yml is blocked per https://github.com/check-spelling/check-spelling/security/advisories/GHSA-p8r9-69g4-jwqq -name: Spell checking - -on: - push: - branches: - - "**" - tags-ignore: - - "**" - pull_request: - branches: - - "**" - tags-ignore: - - "**" - types: - - 'opened' - - 'reopened' - - 'synchronize' - -jobs: - spelling: - name: Spell checking - permissions: - # contents-read is needed to checkout in private repositories - contents: read - # actions-read is needed (possibly only for private repositories) - # to identify the workflow's filename until - # https://github.com/actions/runner/issues/853 is fixed - actions: read - # security-events-write is needed according to the documentation: - # https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions - security-events: write - outputs: - followup: ${{ steps.spelling.outputs.followup }} - runs-on: ubuntu-latest - if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'" - concurrency: - group: spelling-${{ github.event.pull_request.number || github.ref }} - # note: If you use only_check_changed_files, you do not want cancel-in-progress - cancel-in-progress: true - steps: - - name: check-spelling - id: spelling - uses: check-spelling/check-spelling@v0.0.21 - with: - config: .github/actions/spell-check - checkout: true - spell_check_this: check-spelling/spell-check-this@prerelease - post_comment: 0 - use_sarif: ${{ (!github.event.pull_request || (github.event.pull_request.head.repo.full_name == github.repository)) && 1 }} - extra_dictionaries: - cspell:software-terms/src/software-terms.txt - cspell:python/src/python/python-lib.txt - cspell:node/node.txt - cspell:python/src/common/extra.txt - cspell:fullstack/fullstack.txt - cspell:html/html.txt - cspell:aws/aws.txt - cspell:npm/npm.txt - cspell:cpp/src/stdlib-cpp.txt - cspell:python/src/python/python.txt - cspell:django/django.txt - check_extra_dictionaries: ''