From: Stéphane Graber <stgraber@ubuntu.com>
Date: Wed, 17 Mar 2021 18:09:57 +0000 (-0400)
Subject: Switch to Github actions
X-Git-Tag: lxc-5.0.0~257^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F3711%2Fhead;p=thirdparty%2Flxc.git

Switch to Github actions

Travis-CI has been a disaster lately with us running out of credits or
their system thinking we're out of credit anyway...

So with Jenkins now covering arm64, let's move the rest of the CI to
Github Actions instead.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
---

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 000000000..c01275a1e
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,58 @@
+name: Test build
+on:
+  - push
+  - pull_request
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        compiler:
+          - gcc
+          - clang
+        os:
+          - ubuntu-16.04
+          - ubuntu-18.04
+          - ubuntu-20.04
+        exclude:
+          - os: ubuntu-16.04
+            compiler: gcc
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq gcc clang
+          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x
+
+      - name: Compiler version
+        env:
+          CC: ${{ matrix.compiler }}
+        run: |
+          ${CC} --version
+
+      - name: Build
+        env:
+          CC: ${{ matrix.compiler }}
+        run: |
+          # Configure
+          export CFLAGS="-Wall -Werror"
+          export LDFLAGS="-pthread -lpthread"
+          ./autogen.sh
+
+          BUILD="$(pwd)/build"
+          mkdir -p "${BUILD}"
+          cd "${BUILD}"
+          if [ "${{ matrix.compiler }}" = "gcc" ]; then
+            ../configure --enable-tests --enable-ubsan --with-distro=unknown
+          else
+            ../configure --enable-tests --with-distro=unknown
+          fi
+
+          # Build
+          make -j4
+          make DESTDIR="${BUILD}/install" install
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
new file mode 100644
index 000000000..f544928c8
--- /dev/null
+++ b/.github/workflows/coverity.yml
@@ -0,0 +1,56 @@
+name: Coverity
+on:
+  - push:
+      branches:
+        - master
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Download Coverity Build Tool
+        run: |
+          wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=lxc/lxc" -O cov-analysis-linux64.tar.gz
+          mkdir cov-analysis-linux64
+          tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq gcc clang
+          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x
+
+      - name: Run coverity
+        run: |
+          # Configure
+          export PATH="$(pwd)/cov-analysis-linux64/bin:${PATH}"
+          export CFLAGS="-Wall -Werror"
+          export LDFLAGS="-pthread -lpthread"
+          ./autogen.sh
+
+          BUILD="$(pwd)/build"
+          mkdir -p "${BUILD}"
+          cd "${BUILD}"
+
+          ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror
+
+          # Build
+          cov-build --dir cov-int make -j4
+          tar czvf lxc.tgz cov-int
+
+          # Submit the results
+          curl \
+            --form project=lxc/lxc \
+            --form token=${TOKEN} \
+            --form email=lxc-devel@lists.linuxcontainers.org \
+            --form file=@lxc.tgz \
+            --form version=master \
+            --form description="${GITHUB_SHA}" \
+            https://scan.coverity.com/builds?project=lxc/lxc
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml
new file mode 100644
index 000000000..7ac48963e
--- /dev/null
+++ b/.github/workflows/static-analysis.yml
@@ -0,0 +1,27 @@
+name: Static analysis
+on:
+  - push
+  - pull_request
+
+jobs:
+  test:
+    runs-on: ubuntu-18.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq coccinelle
+
+      - name: Confirm coccinelle output is clean
+        run: |
+          ./coccinelle/run-coccinelle.sh -i
+          git diff --exit-code
+
+      - name: Confirm apparmor profile is up to date
+        run: |
+          cd config/apparmor/
+          ./lxc-generate-aa-rules.py container-rules.base > container-rules
+          git diff --exit-code
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 800f646d4..000000000
--- a/.travis.yml
+++ /dev/null
@@ -1,42 +0,0 @@
-dist: bionic
-sudo: required
-language: c
-
-compiler:
- - gcc
- - clang
-
-arch:
- - amd64
- - arm64
- - ppc64le
- - s390x
-
-before_install:
- - sudo add-apt-repository ppa:ubuntu-lxc/daily -y
- - sudo apt-get update -qq
- - sudo apt-get install -qq coccinelle parallel libapparmor-dev libcap-dev libseccomp-dev python3-dev python3-setuptools docbook2x libselinux1-dev linux-libc-dev
-script: src/tests/travis.sh
-notifications:
-  email:
-    recipients:
-      - lxc-devel@lists.linuxcontainers.org
-  webhooks: https://linuxcontainers.org/webhook-lxcbot/
-
-env:
- global:
-   - secure: "HlNoguS2Sjyj7Mbb644wrHZqdp/p7I7gX00XoUzLRcFosmVdYpHo6Ix8pt9ddC5tDfX05pl5x8OBwrccY+picb9NDNCt7C5TlNcuyyDROnMJW5q33j4EZRI91sBQdmn2uorMzi/CnHEtvUw20+sjBOqIqvpnUV2SMaZiWGC1Eec="
-
-addons:
-  coverity_scan:
-    build_script_url: https://dl.stgraber.org/coverity_travis.sh
-    project:
-      name: lxc/lxc
-      description: "LXC - Linux Containers https://linuxcontainers.org/lxc"
-
-    # Where email notification of build analysis results will be sent
-    notification_email: christian.brauner@ubuntu.com
-
-    build_command_prepend: "./autogen.sh && mkdir build && cd build && ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror"
-    build_command: "make -j4"
-    branch_pattern: master
diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am
index b04fed128..13ca512f6 100644
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -788,8 +788,7 @@ EXTRA_DIST = basic.c \
 	     snapshot.c \
 	     startone.c \
 	     state_server.c \
-	     share_ns.c \
-	     travis.sh
+	     share_ns.c
 
 clean-local:
 	rm -f lxc-test-utils-*
diff --git a/src/tests/travis.sh b/src/tests/travis.sh
deleted file mode 100755
index e57004e09..000000000
--- a/src/tests/travis.sh
+++ /dev/null
@@ -1,22 +0,0 @@
-#! /bin/bash
-
-set -e
-
-./coccinelle/run-coccinelle.sh -i
-git diff --exit-code
-export CFLAGS="-Wall -Werror"
-export LDFLAGS="-pthread -lpthread"
-./autogen.sh
-rm -Rf build
-mkdir build
-cd build
-if [ "$CC_FOR_BUILD" == "gcc" ]; then
-  ../configure --enable-tests --enable-ubsan --with-distro=unknown
-else
-  ../configure --enable-tests --with-distro=unknown
-fi
-make -j4
-make DESTDIR="$TRAVIS_BUILD_DIR"/install install
-cd ../config/apparmor
-./lxc-generate-aa-rules.py container-rules.base > /tmp/output
-diff /tmp/output container-rules