[openssh-commits] [openssh] 01/01: Backport test workflow config changes.
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Dec 16 19:25:04 AEDT 2022
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch V_9_1
in repository openssh.
commit 50a6fec8015ee0f8afbd2f1c78f1ac3fccc3fc48
Author: Darren Tucker <dtucker at dtucker.net>
Date: Fri Dec 16 19:23:07 2022 +1100
Backport test workflow config changes.
The self-hosted runner setup has been changed recently and the configs
in the V_9_1 branch no longer work with the current runners. Backport
the changes from master so that the tests on this branch work again.
---
.github/configs | 16 ++++-
.github/workflows/c-cpp.yml | 144 +++++++++++++++++++--------------------
.github/workflows/selfhosted.yml | 82 +++++++++++-----------
.github/workflows/upstream.yml | 17 +++--
4 files changed, 140 insertions(+), 119 deletions(-)
diff --git a/.github/configs b/.github/configs
index b54ed3a9..49b53d43 100755
--- a/.github/configs
+++ b/.github/configs
@@ -9,10 +9,13 @@
# LTESTS
config=$1
+if [ "$config" = "" ]; then
+ config="default"
+fi
unset CC CFLAGS CPPFLAGS LDFLAGS LTESTS SUDO
-TEST_TARGET="tests"
+TEST_TARGET="tests compat-tests"
LTESTS=""
SKIP_LTESTS=""
SUDO=sudo # run with sudo by default
@@ -108,7 +111,7 @@ case "$config" in
kitchensink)
CONFIGFLAGS="--with-kerberos5 --with-libedit --with-pam"
CONFIGFLAGS="${CONFIGFLAGS} --with-security-key-builtin --with-selinux"
- CONFIGFLAGS="${CONFIGFLAGS} --with-cflags=-DSK_DEBUG"
+ CFLAGS="-DSK_DEBUG -DSANDBOX_SECCOMP_FILTER_DEBUG"
;;
hardenedmalloc)
CONFIGFLAGS="--with-ldflags=-lhardened_malloc"
@@ -141,6 +144,11 @@ case "$config" in
;;
openssl-*)
LIBCRYPTOFLAGS="--with-ssl-dir=/opt/openssl --with-rpath=-Wl,-rpath,"
+ # OpenSSL 1.1.1 specifically has a bug in its RNG that breaks reexec
+ # fallback. See https://bugzilla.mindrot.org/show_bug.cgi?id=3483
+ if [ "$config" = "openssl-1.1.1" ]; then
+ SKIP_LTESTS="reexec"
+ fi
;;
selinux)
CONFIGFLAGS="--with-selinux"
@@ -214,6 +222,10 @@ case "${TARGET_HOST}" in
TEST_TARGET="t-exec TEST_SHELL=bash"
SKIP_LTESTS="rekey sftp"
;;
+ debian-riscv64)
+ # This machine is fairly slow, so skip the unit tests.
+ TEST_TARGET="t-exec"
+ ;;
dfly58*|dfly60*)
# scp 3-way connection hangs on these so skip until sorted.
SKIP_LTESTS=scp3
diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml
index e1fbcdb8..a12f61e2 100644
--- a/.github/workflows/c-cpp.yml
+++ b/.github/workflows/c-cpp.yml
@@ -13,99 +13,99 @@ jobs:
fail-fast: false
matrix:
# First we test all OSes in the default configuration.
- os: [ubuntu-20.04, ubuntu-22.04, macos-11, macos-12, windows-2019, windows-2022]
- configs: [default]
+ target: [ubuntu-20.04, ubuntu-22.04, macos-11, macos-12, windows-2019, windows-2022]
+ config: [default]
# Then we include any extra configs we want to test for specific VMs.
# Valgrind slows things down quite a bit, so start them first.
include:
- - { os: windows-2019, configs: cygwin-release }
- - { os: windows-2022, configs: cygwin-release }
- - { os: ubuntu-20.04, configs: valgrind-1 }
- - { os: ubuntu-20.04, configs: valgrind-2 }
- - { os: ubuntu-20.04, configs: valgrind-3 }
- - { os: ubuntu-20.04, configs: valgrind-4 }
- - { os: ubuntu-20.04, configs: valgrind-5 }
- - { os: ubuntu-20.04, configs: valgrind-unit }
- - { os: ubuntu-20.04, configs: c89 }
- - { os: ubuntu-20.04, configs: clang-6.0 }
- - { os: ubuntu-20.04, configs: clang-8 }
- - { os: ubuntu-20.04, configs: clang-9 }
- - { os: ubuntu-20.04, configs: clang-10 }
- - { os: ubuntu-20.04, configs: clang-11 }
- - { os: ubuntu-20.04, configs: clang-12-Werror }
- - { os: ubuntu-20.04, configs: clang-sanitize-address }
- - { os: ubuntu-20.04, configs: clang-sanitize-undefined }
- - { os: ubuntu-20.04, configs: gcc-sanitize-address }
- - { os: ubuntu-20.04, configs: gcc-sanitize-undefined }
- - { os: ubuntu-20.04, configs: gcc-7 }
- - { os: ubuntu-20.04, configs: gcc-8 }
- - { os: ubuntu-20.04, configs: gcc-10 }
- - { os: ubuntu-20.04, configs: gcc-11-Werror }
- - { os: ubuntu-20.04, configs: pam }
- - { os: ubuntu-20.04, configs: kitchensink }
- - { os: ubuntu-20.04, configs: hardenedmalloc }
- - { os: ubuntu-20.04, configs: tcmalloc }
- - { os: ubuntu-20.04, configs: musl }
- - { os: ubuntu-latest, configs: libressl-master }
- - { os: ubuntu-latest, configs: libressl-2.2.9 }
- - { os: ubuntu-latest, configs: libressl-2.8.3 }
- - { os: ubuntu-latest, configs: libressl-3.0.2 }
- - { os: ubuntu-latest, configs: libressl-3.2.6 }
- - { os: ubuntu-latest, configs: libressl-3.3.6 }
- - { os: ubuntu-latest, configs: libressl-3.4.3 }
- - { os: ubuntu-latest, configs: libressl-3.5.3 }
- - { os: ubuntu-latest, configs: libressl-3.6.1 }
- - { os: ubuntu-latest, configs: openssl-master }
- - { os: ubuntu-latest, configs: openssl-noec }
- - { os: ubuntu-latest, configs: openssl-1.0.1 }
- - { os: ubuntu-latest, configs: openssl-1.0.1u }
- - { os: ubuntu-latest, configs: openssl-1.0.2u }
- - { os: ubuntu-latest, configs: openssl-1.1.0h }
- - { os: ubuntu-latest, configs: openssl-1.1.1 }
- - { os: ubuntu-latest, configs: openssl-1.1.1k }
- - { os: ubuntu-latest, configs: openssl-1.1.1n }
- - { os: ubuntu-latest, configs: openssl-1.1.1q }
- - { os: ubuntu-latest, configs: openssl-3.0.0 }
- - { os: ubuntu-latest, configs: openssl-3.0.5 }
- - { os: ubuntu-latest, configs: openssl-3.0.7 }
- - { os: ubuntu-latest, configs: openssl-1.1.1_stable } # stable branch
- - { os: ubuntu-latest, configs: openssl-3.0 } # stable branch
- - { os: ubuntu-22.04, configs: pam }
- - { os: ubuntu-22.04, configs: krb5 }
- - { os: ubuntu-22.04, configs: heimdal }
- - { os: ubuntu-22.04, configs: libedit }
- - { os: ubuntu-22.04, configs: sk }
- - { os: ubuntu-22.04, configs: selinux }
- - { os: ubuntu-22.04, configs: kitchensink }
- - { os: ubuntu-22.04, configs: without-openssl }
- - { os: macos-11, configs: pam }
- - { os: macos-12, configs: pam }
- runs-on: ${{ matrix.os }}
+ - { target: windows-2019, config: cygwin-release }
+ - { target: windows-2022, config: cygwin-release }
+ - { target: ubuntu-20.04, config: valgrind-1 }
+ - { target: ubuntu-20.04, config: valgrind-2 }
+ - { target: ubuntu-20.04, config: valgrind-3 }
+ - { target: ubuntu-20.04, config: valgrind-4 }
+ - { target: ubuntu-20.04, config: valgrind-5 }
+ - { target: ubuntu-20.04, config: valgrind-unit }
+ - { target: ubuntu-20.04, config: c89 }
+ - { target: ubuntu-20.04, config: clang-6.0 }
+ - { target: ubuntu-20.04, config: clang-8 }
+ - { target: ubuntu-20.04, config: clang-9 }
+ - { target: ubuntu-20.04, config: clang-10 }
+ - { target: ubuntu-20.04, config: clang-11 }
+ - { target: ubuntu-20.04, config: clang-12-Werror }
+ - { target: ubuntu-20.04, config: clang-sanitize-address }
+ - { target: ubuntu-20.04, config: clang-sanitize-undefined }
+ - { target: ubuntu-20.04, config: gcc-sanitize-address }
+ - { target: ubuntu-20.04, config: gcc-sanitize-undefined }
+ - { target: ubuntu-20.04, config: gcc-7 }
+ - { target: ubuntu-20.04, config: gcc-8 }
+ - { target: ubuntu-20.04, config: gcc-10 }
+ - { target: ubuntu-20.04, config: gcc-11-Werror }
+ - { target: ubuntu-20.04, config: pam }
+ - { target: ubuntu-20.04, config: kitchensink }
+ - { target: ubuntu-20.04, config: hardenedmalloc }
+ - { target: ubuntu-20.04, config: tcmalloc }
+ - { target: ubuntu-20.04, config: musl }
+ - { target: ubuntu-latest, config: libressl-master }
+ - { target: ubuntu-latest, config: libressl-2.2.9 }
+ - { target: ubuntu-latest, config: libressl-2.8.3 }
+ - { target: ubuntu-latest, config: libressl-3.0.2 }
+ - { target: ubuntu-latest, config: libressl-3.2.6 }
+ - { target: ubuntu-latest, config: libressl-3.3.6 }
+ - { target: ubuntu-latest, config: libressl-3.4.3 }
+ - { target: ubuntu-latest, config: libressl-3.5.3 }
+ - { target: ubuntu-latest, config: libressl-3.6.1 }
+ - { target: ubuntu-latest, config: openssl-master }
+ - { target: ubuntu-latest, config: openssl-noec }
+ - { target: ubuntu-latest, config: openssl-1.0.1 }
+ - { target: ubuntu-latest, config: openssl-1.0.1u }
+ - { target: ubuntu-latest, config: openssl-1.0.2u }
+ - { target: ubuntu-latest, config: openssl-1.1.0h }
+ - { target: ubuntu-latest, config: openssl-1.1.1 }
+ - { target: ubuntu-latest, config: openssl-1.1.1k }
+ - { target: ubuntu-latest, config: openssl-1.1.1n }
+ - { target: ubuntu-latest, config: openssl-1.1.1q }
+ - { target: ubuntu-latest, config: openssl-3.0.0 }
+ - { target: ubuntu-latest, config: openssl-3.0.5 }
+ - { target: ubuntu-latest, config: openssl-3.0.7 }
+ - { target: ubuntu-latest, config: openssl-1.1.1_stable }
+ - { target: ubuntu-latest, config: openssl-3.0 } # stable branch
+ - { target: ubuntu-22.04, config: pam }
+ - { target: ubuntu-22.04, config: krb5 }
+ - { target: ubuntu-22.04, config: heimdal }
+ - { target: ubuntu-22.04, config: libedit }
+ - { target: ubuntu-22.04, config: sk }
+ - { target: ubuntu-22.04, config: selinux }
+ - { target: ubuntu-22.04, config: kitchensink }
+ - { target: ubuntu-22.04, config: without-openssl }
+ - { target: macos-11, config: pam }
+ - { target: macos-12, config: pam }
+ runs-on: ${{ matrix.target }}
steps:
- name: set cygwin git params
- if: ${{ startsWith(matrix.os, 'windows') }}
+ if: ${{ startsWith(matrix.target, 'windows') }}
run: git config --global core.autocrlf input
- name: install cygwin
- if: ${{ startsWith(matrix.os, 'windows') }}
+ if: ${{ startsWith(matrix.target, 'windows') }}
uses: cygwin/cygwin-install-action at master
- uses: actions/checkout at main
- name: setup CI system
- run: sh ./.github/setup_ci.sh ${{ matrix.configs }}
+ run: sh ./.github/setup_ci.sh ${{ matrix.config }}
- name: autoreconf
run: sh -c autoreconf
- name: configure
- run: sh ./.github/configure.sh ${{ matrix.configs }}
+ run: sh ./.github/configure.sh ${{ matrix.config }}
- name: save config
uses: actions/upload-artifact at main
with:
- name: ${{ matrix.os }}-${{ matrix.configs }}-config
+ name: ${{ matrix.target }}-${{ matrix.config }}-config
path: config.h
- name: make clean
run: make clean
- name: make
run: make -j2
- name: make tests
- run: sh ./.github/run_test.sh ${{ matrix.configs }}
+ run: sh ./.github/run_test.sh ${{ matrix.config }}
env:
TEST_SSH_UNSAFE_PERMISSIONS: 1
TEST_SSH_HOSTBASED_AUTH: yes
@@ -113,7 +113,7 @@ jobs:
if: failure()
uses: actions/upload-artifact at main
with:
- name: ${{ matrix.os }}-${{ matrix.configs }}-logs
+ name: ${{ matrix.target }}-${{ matrix.config }}-logs
path: |
config.h
config.log
diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml
index 8044a2fb..50bc9fff 100644
--- a/.github/workflows/selfhosted.yml
+++ b/.github/workflows/selfhosted.yml
@@ -7,32 +7,30 @@ on:
jobs:
selfhosted:
if: github.repository == 'openssh/openssh-portable-selfhosted'
- runs-on: ${{ matrix.os }}
+ runs-on: ${{ matrix.host }}
timeout-minutes: 600
env:
- TARGET_HOST: ${{ matrix.os }}
+ HOST: ${{ matrix.host }}
+ TARGET_HOST: ${{ matrix.target }}
+ TARGET_CONFIG: ${{ matrix.config }}
strategy:
fail-fast: false
# We use a matrix in two parts: firstly all of the VMs are tested with the
- # default config. "os" corresponds to a label associated with the worker.
+ # default config. "target" corresponds to a label associated with the
+ # worker. The default is an ephemeral VM running under libvirt.
matrix:
- os:
- - aix51
- - ARM
- - ARM64
+ target:
- alpine
- debian-i386
- - debian-riscv64
- dfly30
- dfly48
- dfly58
- dfly60
+ - dfly62
- fbsd10
- fbsd12
- fbsd13
- # - hurd
- minix3
- # - nbsd2
- nbsd3
- nbsd4
- nbsd8
@@ -42,35 +40,42 @@ jobs:
- obsd69
- obsd70
- obsdsnap
+ - obsdsnap-i386
- openindiana
- - openwrt-mips
- - openwrt-mipsel
- # - rocky84
- sol10
- sol11
- - win10
- configs:
+ config:
- default
- # Then we include any extra configs we want to test for specific VMs.
+ host:
+ - libvirt
include:
- - { os: ARM64, configs: pam }
- - { os: debian-i386, configs: pam }
- - { os: dfly30, configs: without-openssl}
- - { os: dfly48, configs: pam }
- - { os: dfly58, configs: pam }
- - { os: dfly60, configs: pam }
- - { os: fbsd10, configs: pam }
- - { os: fbsd12, configs: pam }
- - { os: fbsd13, configs: pam }
- - { os: nbsd8, configs: pam }
- - { os: nbsd9, configs: pam }
- - { os: openindiana, configs: pam }
- # - { os: rocky84, configs: pam }
- - { os: sol10, configs: pam }
- - { os: sol11, configs: pam-krb5 }
- - { os: sol11, configs: sol64 }
- # - { os: sol11, configs: sol64-pam }
- - { os: win10, configs: cygwin-release }
+ # Then we include extra libvirt test configs.
+ - { target: aix51, config: default, host: libvirt }
+ - { target: debian-i386, config: pam, host: libvirt }
+ - { target: dfly30, config: without-openssl, host: libvirt}
+ - { target: dfly48, config: pam ,host: libvirt }
+ - { target: dfly58, config: pam, host: libvirt }
+ - { target: dfly60, config: pam, host: libvirt }
+ - { target: dfly62, config: pam, host: libvirt }
+ - { target: fbsd10, config: pam, host: libvirt }
+ - { target: fbsd12, config: pam, host: libvirt }
+ - { target: fbsd13, config: pam, host: libvirt }
+ - { target: nbsd8, config: pam, host: libvirt }
+ - { target: nbsd9, config: pam, host: libvirt }
+ - { target: openindiana, config: pam, host: libvirt }
+ - { target: sol10, config: pam, host: libvirt }
+ - { target: sol11, config: pam-krb5, host: libvirt }
+ - { target: sol11, config: sol64, host: libvirt }
+ # VMs with persistent disks that have their own runner.
+ - { target: win10, config: default, host: win10 }
+ - { target: win10, config: cygwin-release, host: win10 }
+ # Physical hosts, with either native runners or remote via ssh.
+ - { target: ARM, config: default, host: ARM }
+ - { target: ARM64, config: default, host: ARM64 }
+ - { target: ARM64, config: pam, host: ARM64 }
+ - { target: debian-riscv64, config: default, host: debian-riscv64 }
+ - { target: openwrt-mips, config: default, host: openwrt-mips }
+ - { target: openwrt-mipsel, config: default, host: openwrt-mipsel }
steps:
- name: shutdown VM if running
run: vmshutdown
@@ -80,25 +85,26 @@ jobs:
run: autoreconf
- name: startup VM
run: vmstartup
+ working-directory: ${{ runner.temp }}
- name: configure
- run: vmrun ./.github/configure.sh ${{ matrix.configs }}
+ run: vmrun ./.github/configure.sh ${{ matrix.config }}
- name: save config
uses: actions/upload-artifact at main
with:
- name: ${{ matrix.os }}-${{ matrix.configs }}-config
+ name: ${{ matrix.target }}-${{ matrix.config }}-config
path: config.h
- name: make clean
run: vmrun make clean
- name: make
run: vmrun make
- name: make tests
- run: vmrun ./.github/run_test.sh ${{ matrix.configs }}
+ run: vmrun ./.github/run_test.sh ${{ matrix.config }}
timeout-minutes: 600
- name: save logs
if: failure()
uses: actions/upload-artifact at main
with:
- name: ${{ matrix.os }}-${{ matrix.configs }}-logs
+ name: ${{ matrix.target }}-${{ matrix.config }}-logs
path: |
config.h
config.log
diff --git a/.github/workflows/upstream.yml b/.github/workflows/upstream.yml
index 26233e43..bc53206a 100644
--- a/.github/workflows/upstream.yml
+++ b/.github/workflows/upstream.yml
@@ -8,14 +8,16 @@ on:
jobs:
selfhosted:
if: github.repository == 'openssh/openssh-portable-selfhosted'
- runs-on: ${{ matrix.os }}
+ runs-on: 'libvirt'
env:
- TARGET_HOST: ${{ matrix.os }}
+ HOST: 'libvirt'
+ TARGET_HOST: ${{ matrix.target }}
+ TARGET_CONFIG: ${{ matrix.config }}
strategy:
fail-fast: false
matrix:
- os: [ obsdsnap, obsdsnap-i386 ]
- configs: [ default, without-openssl, ubsan ]
+ target: [ obsdsnap, obsdsnap-i386 ]
+ config: [ default, without-openssl, ubsan ]
steps:
- name: shutdown VM if running
run: vmshutdown
@@ -23,16 +25,17 @@ jobs:
- uses: actions/checkout at main
- name: startup VM
run: vmstartup
+ working-directory: ${{ runner.temp }}
- name: update source
run: vmrun "cd /usr/src && cvs up -dPA usr.bin/ssh regress/usr.bin/ssh"
- name: make clean
run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean"
- name: make
- run: vmrun "cd /usr/src/usr.bin/ssh && case ${{ matrix.configs }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
+ run: vmrun "cd /usr/src/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
- name: make install
run: vmrun "cd /usr/src/usr.bin/ssh && sudo make install"
- name: make tests`
- run: vmrun "cd /usr/src/regress/usr.bin/ssh && case ${{ matrix.configs }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
+ run: vmrun "cd /usr/src/regress/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
env:
SUDO: sudo
timeout-minutes: 300
@@ -40,7 +43,7 @@ jobs:
if: failure()
uses: actions/upload-artifact at main
with:
- name: ${{ matrix.os }}-${{ matrix.configs }}-logs
+ name: ${{ matrix.target }}-${{ matrix.config }}-logs
path: |
/usr/obj/regress/usr.bin/ssh/*.log
- name: shutdown VM
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list