From 4bc1dabe069f85d0090e4d86382a72b3da904b0e Mon Sep 17 00:00:00 2001 From: =?utf8?q?St=C3=A9phane=20Graber?= Date: Wed, 17 Mar 2021 14:09:57 -0400 Subject: [PATCH] Switch to Github actions MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Travis-CI has been a disaster lately with us running out of credits or their system thinking we're out of credit anyway... So with Jenkins now covering arm64, let's move the rest of the CI to Github Actions instead. Signed-off-by: Stéphane Graber --- .github/workflows/build.yml | 58 +++++++++++++++++++++++++++ .github/workflows/coverity.yml | 56 ++++++++++++++++++++++++++ .github/workflows/static-analysis.yml | 27 +++++++++++++ .travis.yml | 42 ------------------- src/tests/Makefile.am | 3 +- src/tests/travis.sh | 22 ---------- 6 files changed, 142 insertions(+), 66 deletions(-) create mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/coverity.yml create mode 100644 .github/workflows/static-analysis.yml delete mode 100644 .travis.yml delete mode 100755 src/tests/travis.sh diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..c01275a1e --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,58 @@ +name: Test build +on: + - push + - pull_request + +jobs: + test: + strategy: + fail-fast: false + matrix: + compiler: + - gcc + - clang + os: + - ubuntu-16.04 + - ubuntu-18.04 + - ubuntu-20.04 + exclude: + - os: ubuntu-16.04 + compiler: gcc + runs-on: ${{ matrix.os }} + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Install dependencies + run: | + sudo apt-get update -qq + sudo apt-get install -qq gcc clang + sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x + + - name: Compiler version + env: + CC: ${{ matrix.compiler }} + run: | + ${CC} --version + + - name: Build + env: + CC: ${{ matrix.compiler }} + run: | + # Configure + export CFLAGS="-Wall -Werror" + export LDFLAGS="-pthread -lpthread" + ./autogen.sh + + BUILD="$(pwd)/build" + mkdir -p "${BUILD}" + cd "${BUILD}" + if [ "${{ matrix.compiler }}" = "gcc" ]; then + ../configure --enable-tests --enable-ubsan --with-distro=unknown + else + ../configure --enable-tests --with-distro=unknown + fi + + # Build + make -j4 + make DESTDIR="${BUILD}/install" install diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml new file mode 100644 index 000000000..f544928c8 --- /dev/null +++ b/.github/workflows/coverity.yml @@ -0,0 +1,56 @@ +name: Coverity +on: + - push: + branches: + - master + +jobs: + test: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Download Coverity Build Tool + run: | + wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=lxc/lxc" -O cov-analysis-linux64.tar.gz + mkdir cov-analysis-linux64 + tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + + - name: Install dependencies + run: | + sudo apt-get update -qq + sudo apt-get install -qq gcc clang + sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x + + - name: Run coverity + run: | + # Configure + export PATH="$(pwd)/cov-analysis-linux64/bin:${PATH}" + export CFLAGS="-Wall -Werror" + export LDFLAGS="-pthread -lpthread" + ./autogen.sh + + BUILD="$(pwd)/build" + mkdir -p "${BUILD}" + cd "${BUILD}" + + ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror + + # Build + cov-build --dir cov-int make -j4 + tar czvf lxc.tgz cov-int + + # Submit the results + curl \ + --form project=lxc/lxc \ + --form token=${TOKEN} \ + --form email=lxc-devel@lists.linuxcontainers.org \ + --form file=@lxc.tgz \ + --form version=master \ + --form description="${GITHUB_SHA}" \ + https://scan.coverity.com/builds?project=lxc/lxc + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml new file mode 100644 index 000000000..7ac48963e --- /dev/null +++ b/.github/workflows/static-analysis.yml @@ -0,0 +1,27 @@ +name: Static analysis +on: + - push + - pull_request + +jobs: + test: + runs-on: ubuntu-18.04 + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Install dependencies + run: | + sudo apt-get update -qq + sudo apt-get install -qq coccinelle + + - name: Confirm coccinelle output is clean + run: | + ./coccinelle/run-coccinelle.sh -i + git diff --exit-code + + - name: Confirm apparmor profile is up to date + run: | + cd config/apparmor/ + ./lxc-generate-aa-rules.py container-rules.base > container-rules + git diff --exit-code diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 800f646d4..000000000 --- a/.travis.yml +++ /dev/null @@ -1,42 +0,0 @@ -dist: bionic -sudo: required -language: c - -compiler: - - gcc - - clang - -arch: - - amd64 - - arm64 - - ppc64le - - s390x - -before_install: - - sudo add-apt-repository ppa:ubuntu-lxc/daily -y - - sudo apt-get update -qq - - sudo apt-get install -qq coccinelle parallel libapparmor-dev libcap-dev libseccomp-dev python3-dev python3-setuptools docbook2x libselinux1-dev linux-libc-dev -script: src/tests/travis.sh -notifications: - email: - recipients: - - lxc-devel@lists.linuxcontainers.org - webhooks: https://linuxcontainers.org/webhook-lxcbot/ - -env: - global: - - secure: "HlNoguS2Sjyj7Mbb644wrHZqdp/p7I7gX00XoUzLRcFosmVdYpHo6Ix8pt9ddC5tDfX05pl5x8OBwrccY+picb9NDNCt7C5TlNcuyyDROnMJW5q33j4EZRI91sBQdmn2uorMzi/CnHEtvUw20+sjBOqIqvpnUV2SMaZiWGC1Eec=" - -addons: - coverity_scan: - build_script_url: https://dl.stgraber.org/coverity_travis.sh - project: - name: lxc/lxc - description: "LXC - Linux Containers https://linuxcontainers.org/lxc" - - # Where email notification of build analysis results will be sent - notification_email: christian.brauner@ubuntu.com - - build_command_prepend: "./autogen.sh && mkdir build && cd build && ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror" - build_command: "make -j4" - branch_pattern: master diff --git a/src/tests/Makefile.am b/src/tests/Makefile.am index b04fed128..13ca512f6 100644 --- a/src/tests/Makefile.am +++ b/src/tests/Makefile.am @@ -788,8 +788,7 @@ EXTRA_DIST = basic.c \ snapshot.c \ startone.c \ state_server.c \ - share_ns.c \ - travis.sh + share_ns.c clean-local: rm -f lxc-test-utils-* diff --git a/src/tests/travis.sh b/src/tests/travis.sh deleted file mode 100755 index e57004e09..000000000 --- a/src/tests/travis.sh +++ /dev/null @@ -1,22 +0,0 @@ -#! /bin/bash - -set -e - -./coccinelle/run-coccinelle.sh -i -git diff --exit-code -export CFLAGS="-Wall -Werror" -export LDFLAGS="-pthread -lpthread" -./autogen.sh -rm -Rf build -mkdir build -cd build -if [ "$CC_FOR_BUILD" == "gcc" ]; then - ../configure --enable-tests --enable-ubsan --with-distro=unknown -else - ../configure --enable-tests --with-distro=unknown -fi -make -j4 -make DESTDIR="$TRAVIS_BUILD_DIR"/install install -cd ../config/apparmor -./lxc-generate-aa-rules.py container-rules.base > /tmp/output -diff /tmp/output container-rules -- 2.47.2