Build

NO-ISSUE: Add Clang Thread Safety Annotations for `_CT` functions #1772

Workflow file for this run

	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#

	name: Build

	on:
	push:
	pull_request:
	workflow_dispatch:
	inputs:
	protonRepository:
	description: GitHub repository where to fetch Qpid Proton from
	type: string
	default: 'apache/qpid-proton'
	required: false
	protonBranch:
	description: Branch in the protonRepository to check out (in addition to hardcoded branches)
	type: string
	default: main
	required: false

	# known limitation https://github.com/actions/runner/issues/480
	env:
	protonRepository: "${{ github.event.inputs.protonRepository \|\| 'apache/qpid-proton' }}"
	protonBranch: "${{ github.event.inputs.protonBranch \|\| 'main' }}"

	jobs:
	compile:
	name: "Compile (${{matrix.os}}, ${{matrix.runtimeCheck}}, proton ${{matrix.protonGitRef}})"
	runs-on: ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-22.04]
	buildType: [Debug]
	runtimeCheck: [asan]
	protonGitRef:
	- ${{ github.event.inputs.protonBranch \|\| 'main' }}
	- 0.39.0
	env:
	CC: 'gcc-12'
	CXX: 'g++-12'
	BuildType: ${{matrix.buildType}}
	ProtonBuildDir: ${{github.workspace}}/qpid-proton/build
	RouterBuildDir: ${{github.workspace}}/skupper-router/build
	InstallPrefix: ${{github.workspace}}/install
	VERBOSE: 1

	ProtonCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DBUILD_BINDINGS=python
	-DBUILD_TOOLS=OFF
	-DBUILD_EXAMPLES=OFF
	-DBUILD_TESTING=OFF
	-DENABLE_FUZZ_TESTING=OFF
	-DRUNTIME_CHECK=${{matrix.runtimeCheck}}
	-DBUILD_TLS=ON
	RouterCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DCMAKE_C_FLAGS=-DQD_MEMORY_DEBUG
	-DRUNTIME_CHECK=${{matrix.runtimeCheck}}
	-DSANITIZE_PYTHON=OFF
	-DBUILD_BENCHMARKS=ON

	CCACHE_BASEDIR: ${{github.workspace}}
	CCACHE_DIR: ${{github.workspace}}/.ccache
	CCACHE_COMPRESS: 'true'
	CCACHE_MAXSIZE: '400MB'
	SKUPPER_SYSTEM_TEST_SKIP_POLICY: True
	SKUPPER_SYSTEM_TEST_SKIP_DELIVERY_ABORT: True
	steps:

	# The option to enable + in sed regexps differs by OS so we avoid it, https://github.com/actions/upload-artifact/issues/22
	- name: Escape job identifier for artifact naming
	run: \|
	_jobIdentifierRaw="${{matrix.os}}_${{matrix.buildType}}_${{matrix.runtimeCheck}}_${{matrix.protonGitRef}}"
	jobIdentifier=$(echo -n "${_jobIdentifierRaw}" \| sed -e 's/[ \t:\/\\"<>\|?]/-/g' -e 's/--/-/g')
	echo "JOB_IDENTIFIER=${jobIdentifier}" >> $GITHUB_ENV

	- name: Show environment (Linux)
	if: ${{ always() && runner.os == 'Linux' }}
	run: env -0 \| sort -z \| tr '\0' '\n'

	- uses: actions/checkout@v4
	with:
	repository: ${{ env.protonRepository }}
	ref: ${{ matrix.protonGitRef }}
	path: 'qpid-proton'

	- uses: actions/checkout@v4
	with:
	path: 'skupper-router'

	# https://cristianadam.eu/20200113/speeding-up-c-plus-plus-github-actions-using-ccache/
	# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#environment-files
	- name: Prepare ccache timestamp
	id: ccache_cache_timestamp
	shell: cmake -P {0}
	run: \|
	string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
	file(APPEND "$ENV{GITHUB_OUTPUT}" "timestamp=${current_date}")

	- uses: actions/cache@v3
	env:
	cache-name: cache-ccache
	with:
	path: .ccache
	key: ${{ github.workflow }}-${{ matrix.os }}-${{ matrix.runtimeCheck }}-${{ matrix.protonGitRef }}-${{ env.cache-name }}-${{ steps.ccache_cache_timestamp.outputs.timestamp }}
	restore-keys: \|
	${{ github.workflow }}-${{ matrix.os }}-${{ matrix.runtimeCheck }}-${{ matrix.protonGitRef }}-${{ env.cache-name }}

	- name: Create Build and Install directories
	run: mkdir -p "${ProtonBuildDir}" "${RouterBuildDir}" "${InstallPrefix}"

	- name: Setup python
	uses: actions/setup-python@v5
	with:
	python-version: 3.9
	architecture: x64

	- name: Install Python build dependencies
	run: python -m pip install setuptools wheel cffi

	- name: Install Linux build dependencies
	run: \|
	sudo apt update; sudo apt install -y libdw-dev swig libpython3-dev libsasl2-dev libjsoncpp-dev libwebsockets-dev libnghttp2-dev ccache ninja-build pixz libbenchmark-dev nginx

	- name: Zero ccache stats
	run: ccache -z

	- name: qpid-proton cmake configure
	working-directory: ${{env.ProtonBuildDir}}
	run: >
	cmake "${{github.workspace}}/qpid-proton" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	"-GNinja" \
	${ProtonCMakeExtraArgs}

	- name: qpid-proton cmake build/install
	run: cmake --build "${ProtonBuildDir}" --config ${BuildType} -t install --parallel 6

	- name: Display ccache stats
	run: ccache -s

	- name: skupper-router cmake configure
	working-directory: ${{env.RouterBuildDir}}
	run: >
	cmake "${{github.workspace}}/skupper-router" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	"-DPYTHON_TEST_COMMAND='-m;pytest;-vs;--timeout=400;--junit-prefix=pytest.\${py_test_module};--junit-xml=junitxmls/\${py_test_module}.xml;--pyargs;\${py_test_module}'" \
	"-GNinja" \
	${RouterCMakeExtraArgs}

	- name: skupper-router cmake build/install
	run: cmake --build "${RouterBuildDir}" --config ${BuildType} -t install --parallel 6

	- name: Display ccache stats
	run: ccache -s

	# github actions/upload-artifact@v2 does not preserve executable permission on binaries
	- name: Compress build
	working-directory: ${{github.workspace}}
	run: >
	tar \
	-I pixz \
	-cf /tmp/archive.tar.xz \
	--exclude '*.o' \
	--exclude '*.pyc' \
	--exclude '.git' \
	skupper-router \
	install \
	qpid-proton/build/python

	- name: Upload archive
	uses: actions/upload-artifact@v4
	with:
	name: skupper_router_wrk_${{env.JOB_IDENTIFIER}}
	path: /tmp/archive.tar.xz

	test:
	name: 'Test (${{matrix.os}}, ${{matrix.runtimeCheck}}, proton ${{matrix.protonGitRef}}, shard ${{matrix.shard}} of ${{matrix.shards}})'
	runs-on: ${{ matrix.os }}
	needs: [compile]
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-22.04]
	buildType: [Debug]
	runtimeCheck: [asan]
	protonGitRef:
	- ${{ github.event.inputs.protonBranch \|\| 'main' }}
	- 0.39.0
	shard: [1, 2]
	shards: [2]
	env:
	CC: 'gcc-12'
	CXX: 'g++-12'
	BuildType: ${{matrix.buildType}}
	ProtonBuildDir: ${{github.workspace}}/qpid-proton/build
	RouterBuildDir: ${{github.workspace}}/skupper-router/build
	InstallPrefix: ${{github.workspace}}/install
	RouterCTestExtraArgs: ""
	LD_LIBRARY_PATH: ${{github.workspace}}/install/lib
	QPID_SYSTEM_TEST_TIMEOUT: 300
	QPID_SYSTEM_TEST_SKIP_FALLBACK_SWITCHOVER_TEST: True
	# this enables colored output
	FORCE_COLOR: 1
	COLUMNS: 160

	steps:

	# The option to enable + in sed regexps differs by OS so we avoid it, https://github.com/actions/upload-artifact/issues/22
	- name: Escape job identifier for artifact naming
	run: \|
	_jobIdentifierRaw="${{matrix.os}}_${{matrix.buildType}}_${{matrix.runtimeCheck}}_${{matrix.protonGitRef}}"
	jobIdentifier=$(echo -n "${_jobIdentifierRaw}" \| sed -e 's/[ \t:\/\\"<>\|?]/-/g' -e 's/--/-/g')
	echo "JOB_IDENTIFIER=${jobIdentifier}" >> $GITHUB_ENV

	- name: Show environment (Linux)
	if: ${{ always() && runner.os == 'Linux' }}
	run: env -0 \| sort -z \| tr '\0' '\n'

	- name: Download Build
	uses: actions/download-artifact@v4
	with:
	name: skupper_router_wrk_${{env.JOB_IDENTIFIER}}

	- name: Setup python
	uses: actions/setup-python@v5
	with:
	python-version: 3.9
	architecture: x64

	- name: Install Linux runtime/test dependencies
	run: \|
	sudo apt update; sudo apt install -y libdw1 libsasl2-2 libsasl2-modules sasl2-bin libjsoncpp25 libwebsockets16 libbenchmark1 pixz curl ncat gdb elfutils findutils file python3-dbg

	- name: Unpack archive
	run: tar -I pixz -xf archive.tar.xz

	- name: Install Python runtime/test dependencies
	run: python -m pip install -r ${{github.workspace}}/skupper-router/requirements-dev.txt

	- name: install qpid-proton python wheel
	run: python -m pip install $(find ${ProtonBuildDir}/python/ -name 'python_qpid_proton*.whl')

	- name: CTest
	working-directory: ${{env.RouterBuildDir}}
	run: \|
	sudo sysctl -w kernel.core_pattern="coredump.%e.%p"
	ulimit -c unlimited

	ctest --timeout 1200 -V --output-junit=Testing/Test.xml --no-compress-output -I ${{matrix.shard}},,${{matrix.shards}} -j12 ${{env.RouterCTestExtraArgs}}

	- name: Report coredump stacktraces (if any tests failed)
	if: ${{ failure() }}
	run: \|
	find -name 'coredump*' -exec ${{github.workspace}}/skupper-router/scripts/gha_analyze_coredump.sh {} \;

	- name: Upload test results
	uses: actions/upload-artifact@v4
	if: ${{ ! cancelled() }}
	with:
	name: Test_Results_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: ${{env.RouterBuildDir}}/tests/junitxmls/*.xml

	- name: Delete logs from passing tests
	if: ${{ failure() }}
	continue-on-error: true
	run: python3 ${{github.workspace}}/skupper-router/scripts/gha_purge_successful_test_logs.py --build-dir=${{env.RouterBuildDir}} --no-dry-run

	- name: Upload log files (if any tests failed)
	uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: testLogs_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: \|
	${{env.RouterBuildDir}}/tests

	- name: Upload core files (if any)
	uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: cores_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: \|
	*/coredump

	compile_and_test:
	name: "Compile and Test (${{matrix.container}}:${{matrix.containerTag}}, ${{matrix.runtimeCheck}}, ${{matrix.cc}}, proton ${{matrix.protonGitRef}}, shard ${{matrix.shard}} of ${{matrix.shards}})"
	runs-on: ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-22.04]
	container: ['fedora']
	containerTag: ['37']
	cc: [gcc]
	cxx: [g++]
	buildType: [RelWithDebInfo]
	runtimeCheck: [asan, tsan]
	protonGitRef:
	- ${{ github.event.inputs.protonBranch \|\| 'main' }}
	- 0.39.0
	shard: [ 1, 2 ]
	shards: [ 2 ]
	include:
	# CentOS 9
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream9
	cc: gcc
	cxx: g++
	buildType: Coverage
	covType: system
	runtimeCheck: OFF
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 1
	shards: 2
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream9
	cc: gcc
	cxx: g++
	buildType: Coverage
	covType: system
	runtimeCheck: OFF
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 2
	shards: 2
	# CentOS 8
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream8
	cc: gcc
	cxx: g++
	buildType: RelWithDebInfo
	runtimeCheck: OFF
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 1
	shards: 2
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream8
	cc: gcc
	cxx: g++
	buildType: RelWithDebInfo
	runtimeCheck: OFF
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 2
	shards: 2
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream8
	cc: gcc
	cxx: g++
	buildType: RelWithDebInfo
	runtimeCheck: OFF
	protonGitRef: 0.39.0
	shard: 1
	shards: 2
	- os: ubuntu-22.04
	container: 'centos'
	containerTag: stream8
	cc: gcc
	cxx: g++
	buildType: RelWithDebInfo
	runtimeCheck: OFF
	protonGitRef: 0.39.0
	shard: 2
	shards: 2
	# unittest coverage
	- os: ubuntu-22.04
	container: 'fedora'
	containerTag: 37
	cc: gcc
	cxx: g++
	buildType: Coverage
	covType: unit
	runtimeCheck: OFF
	protonGitRef: 0.39.0
	routerCTestExtraArgs: "-R 'unittests\|unit_tests\|threaded_timer_test\|adaptor_buffer_test\|router_engine_test\|management_test\|router_policy_test\|test_command'"
	shard: 1
	shards: 1
	# clang
	- os: ubuntu-22.04
	container: 'fedora'
	containerTag: 37
	cc: clang
	cxx: clang++
	buildType: RelWithDebInfo
	runtimeCheck: asan
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 1
	shards: 2
	- os: ubuntu-22.04
	container: 'fedora'
	containerTag: 37
	cc: clang
	cxx: clang++
	buildType: RelWithDebInfo
	runtimeCheck: asan
	protonGitRef: ${{ github.event.inputs.protonBranch \|\| 'main' }}
	shard: 2
	shards: 2

	container:
	image: 'quay.io/${{ matrix.container }}/${{ matrix.container }}:${{ matrix.containerTag }}'
	volumes:
	- ${{github.workspace}}:${{github.workspace}}
	options: --privileged --ulimit core=-1 --security-opt apparmor:unconfined --security-opt seccomp=unconfined --sysctl net.ipv6.conf.all.disable_ipv6=0

	env:
	BuildType: ${{matrix.buildType}}
	CC: ${{matrix.cc}}
	CXX: ${{matrix.cxx}}
	ProtonBuildDir: ${{github.workspace}}/qpid-proton/build
	RouterBuildDir: ${{github.workspace}}/skupper-router/build
	InstallPrefix: ${{github.workspace}}/install
	RouterCTestExtraArgs: ${{matrix.routerCTestExtraArgs}}
	# this enables colored output
	FORCE_COLOR: 1
	COLUMNS: 160

	# TODO(DISPATCH-2144) use -DPython_EXECUTABLE=/usr/bin/python3-debug when issue is fixed,
	# as that allows for -DSANITIZE_3RD_PARTY=ON on Fedora
	# TODO(https://github.com/google/sanitizers/issues/1385) some targeted asan suppressions don't work on Fedora
	ProtonCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DBUILD_BINDINGS=python
	-DPython_EXECUTABLE=/usr/bin/python3
	-DBUILD_TOOLS=OFF
	-DBUILD_EXAMPLES=OFF
	-DBUILD_TESTING=OFF
	-DENABLE_FUZZ_TESTING=OFF
	-DRUNTIME_CHECK=${{matrix.runtimeCheck}}
	-DBUILD_TLS=ON
	RouterCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DPython_EXECUTABLE=/usr/bin/python3
	-DRUNTIME_CHECK=${{matrix.runtimeCheck}}

	CCACHE_BASEDIR: ${{github.workspace}}
	CCACHE_DIR: ${{github.workspace}}/.ccache
	CCACHE_COMPRESS: 'true'
	CCACHE_MAXSIZE: '400MB'
	QPID_SYSTEM_TEST_TIMEOUT: 300
	QPID_SYSTEM_TEST_SKIP_FALLBACK_SWITCHOVER_TEST: True
	SKUPPER_SYSTEM_TEST_SKIP_POLICY: True
	SKUPPER_SYSTEM_TEST_SKIP_DELIVERY_ABORT: True
	VERBOSE: 1

	steps:

	# The option to enable + in sed regexps differs by OS so we avoid it, https://github.com/actions/upload-artifact/issues/22
	- name: Escape job identifier for artifact naming
	run: \|
	_jobIdentifierRaw="${{matrix.os}}_${{matrix.container}}_${{matrix.buildType}}_${{matrix.runtimeCheck}}_${{matrix.cc}}_${{matrix.protonGitRef}}"
	jobIdentifier=$(echo -n "${_jobIdentifierRaw}" \| sed -e 's/[ \t:\/\\"<>\|?]/-/g' -e 's/--/-/g')
	echo "JOB_IDENTIFIER=${jobIdentifier}" >> $GITHUB_ENV

	- name: Show environment (Linux)
	if: ${{ always() && runner.os == 'Linux' }}
	run: env -0 \| sort -z \| tr '\0' '\n'

	- uses: actions/checkout@v4
	with:
	repository: ${{ env.protonRepository }}
	ref: ${{ matrix.protonGitRef }}
	path: 'qpid-proton'

	- uses: actions/checkout@v4
	with:
	path: 'skupper-router'

	- name: Enable additional package repositories for CentOS 8
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream8' }}
	run: \|
	dnf -y install epel-release 'dnf-command(config-manager)'
	dnf config-manager --set-enabled powertools

	- name: Enable additional package repositories for CentOS 9
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream9' }}
	run: \|
	dnf -y install epel-release 'dnf-command(config-manager)'
	dnf config-manager --set-enabled crb

	# also sets LD_LIBRARY_PATH to find libclang_rt.asan-x86_64.so for asan'd proton
	- name: Install Linux compiler (clang)
	if: ${{ matrix.cc == 'clang' }}
	run: \|
	dnf install -y clang compiler-rt llvm
	echo "LD_LIBRARY_PATH=$(dirname $(clang --print-file-name libclang_rt.asan-x86_64.so))" >> $GITHUB_ENV

	- name: Install Linux compiler (gcc)
	if: ${{ matrix.cc == 'gcc' }}
	run: dnf install -y gcc gcc-c++

	- name: Install Linux build dependencies
	run: \|
	dnf install -y elfutils-devel cmake libuuid-devel openssl openssl-devel cyrus-sasl-devel cyrus-sasl-plain swig make libwebsockets-devel libnghttp2-devel ccache libasan libubsan libtsan libunwind-devel

	- name: Install Linux build dependencies (Fedora)
	if: ${{ matrix.container == 'fedora' }}
	run: dnf install -y python3-devel python3-pip

	- name: Install Linux build dependencies (CentOS 8)
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream8' }}
	run: dnf install -y python39-devel python39-pip

	# util-linux-core provides dmesg
	- name: Install Linux build dependencies (CentOS 9)
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream9' }}
	run: dnf install -y util-linux-core python3-devel python3-pip

	- name: Install Python build dependencies
	run: python3 -m pip install setuptools wheel cffi

	# https://cristianadam.eu/20200113/speeding-up-c-plus-plus-github-actions-using-ccache/
	# https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#environment-files
	- name: Prepare ccache timestamp
	id: ccache_cache_timestamp
	shell: cmake -P {0}
	run: \|
	string(TIMESTAMP current_date "%Y-%m-%d-%H;%M;%S" UTC)
	file(APPEND "$ENV{GITHUB_OUTPUT}" "timestamp=${current_date}")

	- uses: actions/cache@v3
	env:
	cache-name: cache-ccache
	with:
	path: .ccache
	key: ${{ github.workflow }}-${{ matrix.container }}-${{ matrix.containerTag }}-${{ matrix.runtimeCheck }}-${{ matrix.protonGitRef }}-${{ env.cache-name }}-${{ steps.ccache_cache_timestamp.outputs.timestamp }}
	restore-keys: \|
	${{ github.workflow }}-${{ matrix.container }}-${{ matrix.containerTag }}-${{ matrix.runtimeCheck }}-${{ matrix.protonGitRef }}-${{ env.cache-name }}

	- name: Create Build and Install directories
	run: mkdir -p "${ProtonBuildDir}" "${RouterBuildDir}" "{InstallPrefix}"

	- name: Zero ccache stats
	run: ccache -z

	- name: qpid-proton cmake configure
	working-directory: ${{env.ProtonBuildDir}}
	run: >
	cmake "${{github.workspace}}/qpid-proton" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	${ProtonCMakeExtraArgs}

	- name: qpid-proton cmake build/install
	run: cmake --build "${ProtonBuildDir}" --config ${BuildType} --target install --parallel 6

	- name: Display ccache stats
	run: ccache -s

	- name: enable asserts on asan build
	if: matrix.runtimeCheck == 'asan' \|\| matrix.runtimeCheck == 'OFF'
	run: echo "RouterCMakeAsserts=ON" >> $GITHUB_ENV

	- name: disable asserts on tsan build
	if: matrix.runtimeCheck == 'tsan'
	run: echo "RouterCMakeAsserts=OFF" >> $GITHUB_ENV

	- name: disable Python leak checking on CentOS build
	if: matrix.container == 'centos'
	run: echo "RouterCMakeSanitizePython=OFF" >> $GITHUB_ENV

	- name: skupper-router cmake configure
	working-directory: ${{env.RouterBuildDir}}
	run: \|
	if [[ ${BuildType} == "Coverage" ]]; then CoverageOpts="-m;coverage;run"; fi
	cmake "${{github.workspace}}/skupper-router" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	"-DPYTHON_TEST_COMMAND='${CoverageOpts};-m;pytest;-vs;--timeout=400;--junit-prefix=pytest.\${py_test_module};--junit-xml=junitxmls/\${py_test_module}.xml;--pyargs;\${py_test_module}'" \
	${RouterCMakeExtraArgs} -DQD_ENABLE_ASSERTIONS=${RouterCMakeAsserts} -DSANITIZE_PYTHON=${RouterCMakeSanitizePython:-ON}

	- name: skupper-router cmake build/install
	run: cmake --build "${RouterBuildDir}" --config ${BuildType} --target install --parallel 6

	- name: Display ccache stats
	run: ccache -s

	- name: Show environment (Linux)
	if: ${{ always() && runner.os == 'Linux' }}
	run: env -0 \| sort -z \| tr '\0' '\n'

	- name: Upgrade pip
	run: python3 -m pip install --upgrade pip

	- name: Install Python runtime/test dependencies
	run: python3 -m pip install -r ${{github.workspace}}/skupper-router/requirements-dev.txt

	- name: Install Linux runtime/test dependencies
	run: \|
	dnf install -y nmap-ncat gdb binutils elfutils elfutils-debuginfod-client findutils file nginx
	command -v curl \|\| dnf install -y curl
	dnf debuginfo-install -y python3

	- name: install qpid-proton python wheel
	run: python3 -m pip install $(find ${ProtonBuildDir}/python/ -name 'python_qpid_proton*.whl')

	- name: CTest
	working-directory: ${{env.RouterBuildDir}}
	run: \|
	echo "coredump.%e.%p" > /proc/sys/kernel/core_pattern
	ulimit -c unlimited

	threads=12
	if [[ "${{ matrix.runtimeCheck }}" == "tsan" ]]; then
	threads=6
	fi

	ctest --timeout 1200 -V --output-junit=Testing/Test.xml --output-on-failure --no-compress-output -I ${{matrix.shard}},,${{matrix.shards}} -j${threads} ${{env.RouterCTestExtraArgs}}

	- name: Process C Coverage
	if: ${{ !cancelled() && matrix.buildType == 'Coverage' }}
	working-directory: ${{env.RouterBuildDir}}
	run: \|
	dnf install -y lcov
	cmake --build . --target coverage

	# https://github.com/codecov/codecov-action
	- name: Upload C Coverage
	if: ${{ !cancelled() && matrix.buildType == 'Coverage' }}
	uses: codecov/codecov-action@v3
	with:
	flags: ${{matrix.covType}}tests
	verbose: true
	gcov: true
	name: skupper-router
	root_dir: .
	working-directory: ${{github.workspace}}/skupper-router

	- name: Process Python coverage
	if: ${{ !cancelled() && matrix.buildType == 'Coverage' }}
	run: \|
	coverage combine
	coverage xml
	working-directory: ${{env.RouterBuildDir}}/tests

	- name: Upload Python Coverage
	if: ${{ !cancelled() && matrix.buildType == 'Coverage' }}
	uses: codecov/codecov-action@v3
	with:
	flags: py${{matrix.covType}}tests
	verbose: true
	directory: ${{env.RouterBuildDir}}/tests
	name: skupper-router
	root_dir: .
	working-directory: ${{github.workspace}}/skupper-router

	- name: Report coredump stacktraces (if any tests failed)
	if: ${{ failure() }}
	run: \|
	find -name 'coredump*' -exec ${{github.workspace}}/skupper-router/scripts/gha_analyze_coredump.sh {} \;

	- name: Dump dmesg (on failure)
	if: ${{ failure() }}
	run: dmesg

	- name: Upload test results
	uses: actions/upload-artifact@v4
	if: ${{ ! cancelled() }}
	with:
	name: Test_Results_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: ${{env.RouterBuildDir}}/tests/junitxmls/*.xml

	- name: Delete logs from passing tests
	if: ${{ failure() }}
	continue-on-error: true
	run: python3 ${{github.workspace}}/skupper-router/scripts/gha_purge_successful_test_logs.py --build-dir=${{env.RouterBuildDir}} --no-dry-run

	- name: Upload log files (if any tests failed)
	uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: testLogs_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: \|
	${{env.RouterBuildDir}}/tests

	- name: Upload core files (if any)
	uses: actions/upload-artifact@v4
	if: failure()
	with:
	name: cores_${{env.JOB_IDENTIFIER}}_${{matrix.shard}}
	path: \|
	*/coredump

	python:
	name: 'Python Checker (${{ matrix.os }})'
	runs-on: '${{ matrix.os }}'
	strategy:
	matrix:
	os: [ 'ubuntu-22.04' ]

	env:
	DispatchBuildDir: ${{github.workspace}}/build
	InstallPrefix: ${{github.workspace}}/install
	DispatchCMakeExtraArgs: >
	-GNinja
	# this enables colored output
	FORCE_COLOR: 1
	COLUMNS: 160

	steps:

	- uses: actions/checkout@v4
	with:
	repository: ${{ env.protonRepository }}
	ref: ${{ env.protonBranch }}
	path: 'qpid-proton'

	- name: Setup python
	uses: actions/setup-python@v5
	with:
	python-version: 3.9
	architecture: x64

	- name: Install Linux build dependencies
	run: \|
	sudo apt update; sudo apt install -y flake8 mypy pylint python3-qpid-proton libpython3-dev ninja-build libwebsockets-dev libnghttp2-dev nginx

	- name: Install qpid-proton
	run: \|
	cmake -S qpid-proton -B qpid-proton -GNinja -DCMAKE_INSTALL_PREFIX=/usr -DBUILD_BINDINGS=OFF -DBUILD_TOOLS=OFF -DBUILD_TESTING=OFF -DBUILD_EXAMPLES=OFF -DBUILD_TLS=ON
	cmake --build qpid-proton
	sudo cmake --install qpid-proton

	- uses: actions/checkout@v4

	- name: Create Build and Install directories
	run: mkdir -p "${DispatchBuildDir}" "{InstallPrefix}"

	- name: skupper-router cmake configure
	working-directory: ${{env.DispatchBuildDir}}
	run: >
	cmake "${{github.workspace}}" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	${DispatchCMakeExtraArgs}

	- name: CTest -R python-checker
	working-directory: ${{env.DispatchBuildDir}}
	run: ctest -VV -R python-checker

	pgo:
	name: Profile Guided Optimization
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	os: [ubuntu-20.04]
	container: ['fedora']
	containerTag: ['37']
	buildType: [RelWithDebInfo]
	protonGitRef:
	- ${{ github.event.inputs.protonBranch \|\| 'main' }}
	container:
	image: 'quay.io/${{ matrix.container }}/${{ matrix.container }}:${{ matrix.containerTag }}'
	volumes:
	- ${{github.workspace}}:${{github.workspace}}
	options: --privileged --ulimit core=-1 --security-opt apparmor:unconfined --security-opt seccomp=unconfined --sysctl net.ipv6.conf.all.disable_ipv6=0
	env:
	BuildType: ${{matrix.buildType}}
	ProtonBuildDir: ${{github.workspace}}/qpid-proton/build
	RouterBuildDir: ${{github.workspace}}/skupper-router/build
	InstallPrefix: ${{github.workspace}}/install
	# this enables colored output
	FORCE_COLOR: 1
	COLUMNS: 160
	ProtonCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DBUILD_BINDINGS=python
	-DPython_EXECUTABLE=/usr/bin/python3
	-DBUILD_TOOLS=OFF
	-DBUILD_EXAMPLES=OFF
	-DBUILD_TESTING=OFF
	-DENABLE_FUZZ_TESTING=OFF
	-DRUNTIME_CHECK=OFF
	-DBUILD_TLS=ON
	RouterCMakeExtraArgs: >
	-DCMAKE_C_COMPILER_LAUNCHER=ccache
	-DCMAKE_CXX_COMPILER_LAUNCHER=ccache
	-DPython_EXECUTABLE=/usr/bin/python3
	-DRUNTIME_CHECK=OFF
	-DENABLE_PROFILE_GUIDED_OPTIMIZATION=ON
	CCACHE_BASEDIR: ${{github.workspace}}
	CCACHE_DIR: ${{github.workspace}}/.ccache
	CCACHE_COMPRESS: 'true'
	CCACHE_MAXSIZE: '400MB'
	QPID_SYSTEM_TEST_TIMEOUT: 400
	VERBOSE: 1

	steps:
	- name: Show environment (Linux)
	if: ${{ always() && runner.os == 'Linux' }}
	run: env -0 \| sort -z \| tr '\0' '\n'

	- uses: actions/checkout@v4
	with:
	repository: ${{ env.protonRepository }}
	ref: ${{ matrix.protonGitRef }}
	path: 'qpid-proton'

	- uses: actions/checkout@v4
	with:
	path: 'skupper-router'

	- name: Install Linux build dependencies
	run: \|
	dnf install -y gcc gcc-c++ elfutils-devel cmake libuuid-devel openssl openssl-devel cyrus-sasl-devel cyrus-sasl-plain swig make libwebsockets-devel libnghttp2-devel ccache

	- name: Install Linux build dependencies (Python)
	run: dnf install -y python3-devel python3-pip

	- name: Install Linux runtime/test dependencies
	run: \|
	dnf install -y curl nmap-ncat gdb binutils elfutils elfutils-debuginfod-client findutils file nginx
	dnf debuginfo-install -y python3

	- name: Install Python build dependencies
	run: python3 -m pip install setuptools wheel cffi

	- name: Install Python runtime/test dependencies
	run: python3 -m pip install -r ${{github.workspace}}/skupper-router/requirements-dev.txt

	- name: Create Build and Install directories
	run: mkdir -p "${ProtonBuildDir}" "${RouterBuildDir}" "${InstallPrefix}"

	- name: qpid-proton cmake configure
	working-directory: ${{env.ProtonBuildDir}}
	run: >
	cmake "${{github.workspace}}/qpid-proton" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	${ProtonCMakeExtraArgs}
	- name: qpid-proton cmake build/install
	run: cmake --build "${ProtonBuildDir}" --config ${BuildType} --target install --parallel 6

	- name: install qpid-proton python wheel
	run: python3 -m pip install $(find ${ProtonBuildDir}/python/ -name 'python_qpid_proton*.whl')

	- name: skupper-router cmake configure
	working-directory: ${{env.RouterBuildDir}}
	run: >
	cmake "${{github.workspace}}/skupper-router" \
	"-DCMAKE_INSTALL_PREFIX=${InstallPrefix}" \
	"-DCMAKE_BUILD_TYPE=${BuildType}" \
	"-DPYTHON_TEST_COMMAND='-m;pytest;-vs;--timeout=400;--junit-prefix=pytest.\${py_test_module};--junit-xml=junitxmls/\${py_test_module}.xml;--pyargs;\${py_test_module}'" \
	${RouterCMakeExtraArgs} -DSANITIZE_PYTHON=${RouterCMakeSanitizePython:-ON}

	- name: skupper-router cmake build/install
	run: cmake --build "${RouterBuildDir}" --config ${BuildType} --target install --parallel 6

	container:
	name: Container image
	runs-on: ubuntu-latest
	env:
	ImageName: local/skupper-router:local

	steps:

	- uses: actions/checkout@v4

	- name: Install brew
	run: \|
	/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
	echo "PATH=/home/linuxbrew/.linuxbrew/bin:${PATH}" >> "${GITHUB_ENV}"

	- name: Install podman
	run: \|
	brew install podman
	brew services start podman
	echo "PODMAN_SOCK=/run/user/${UID}/podman/podman.sock" >> $GITHUB_ENV
	echo "DOCKER_HOST=unix:///run/user/${UID}/podman/podman.sock" >> $GITHUB_ENV
	env:
	HOMEBREW_NO_INSTALL_CLEANUP: 1

	- name: Build Containerfile
	run: \|
	podman build -t ${{ env.ImageName }} -f ./Containerfile .

	# When rustup is updated, it tries to replace its binary, which on Windows is somehow locked.
	# This can result in a CI failure, see: https://github.com/rust-lang/rustup/issues/3029
	- name: Install rust with rustup
	run: \|
	rustup set auto-self-update disable
	rustup toolchain install stable --profile minimal

	- uses: Swatinem/rust-cache@v2

	- name: Compile and run .rs tests
	run: \|
	cargo check
	cargo test -- --test-threads=1 --nocapture
	env:
	QDROUTERD_IMAGE: ${{ env.ImageName }}
	CARGO_INCREMENTAL: 0
	RUST_LOG: info
	RUST_BACKTRACE: 1

	# Trivy and Grype are the scanners that GitLab integrates with (at the time of writing)

	- name: Run Trivy security scan on the image
	if: ${{ ! cancelled() }}
	# https://aquasecurity.github.io/trivy/v0.43/getting-started/installation/#use-container-image
	run: \|
	podman run --rm \
	-v ${PODMAN_SOCK}:/var/run/docker.sock \
	-v ${{github.workspace}}:${{github.workspace}} \
	docker.io/aquasec/trivy:latest \
	image \
	--scanners vuln,secret --ignore-unfixed --exit-code=1 \
	--secret-config=${{github.workspace}}/.github/trivy-secret.yaml \
	${{ env.ImageName }}

	- name: Run Grype security scan on the image
	if: ${{ ! cancelled() }}
	# https://github.com/anchore/grype#getting-started
	run: \|
	podman run --rm --volume ${PODMAN_SOCK}:/var/run/docker.sock docker.io/anchore/grype:latest \
	--only-fixed --fail-on low ${{ env.ImageName }}

	rpm:
	name: 'Build and test RPM (${{ matrix.container }}:${{ matrix.containerTag }})'
	runs-on: '${{ matrix.os }}'
	strategy:
	matrix:
	os: [ 'ubuntu-22.04' ]
	container: [ 'centos' ]
	containerTag: [ 'stream9' ]

	container:
	image: 'quay.io/${{ matrix.container }}/${{ matrix.container }}:${{ matrix.containerTag }}'
	volumes:
	- ${{github.workspace}}:${{github.workspace}}

	env:
	DNF: ${{github.workspace}}/build

	steps:

	- name: Enable additional package repositories for CentOS 8
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream8' }}
	run: \|
	dnf -y install epel-release 'dnf-command(config-manager)'
	dnf config-manager --set-enabled powertools

	- name: Enable additional package repositories for CentOS 9
	if: ${{ matrix.container == 'centos' && matrix.containerTag == 'stream9' }}
	run: \|
	dnf -y install epel-release 'dnf-command(config-manager)'
	dnf config-manager --set-enabled crb

	- name: Install packit
	run: \|
	dnf install --setopt=tsflags=nodocs --setopt=install_weak_deps=False -y epel-release
	dnf install --setopt=tsflags=nodocs --setopt=install_weak_deps=False -y git packit

	- uses: actions/checkout@v4

	- name: Take ownership of the checkout directory (Git CVE-2022-24765)
	run: chown --recursive --reference=/ .

	- name: Install srpm build dependencies
	run: \|
	dnf install --setopt=tsflags=nodocs --setopt=install_weak_deps=False -y 'dnf-command(builddep)'
	dnf builddep --setopt=tsflags=nodocs --setopt=install_weak_deps=False -y packaging/skupper-router.spec

	- name: Build skupper-router src.rpm and the rpm packages
	run: \|
	mkdir /tmp/skupper-rpms

	packit srpm
	rpmbuild --rebuild skupper-router*.src.rpm --nocheck --define '_rpmdir /tmp/skupper-rpms' --define 'debug_package %{nil}'

	- name: List package content
	run: \|
	rpm -qlp /tmp/skupper-rpms//.rpm

	- name: Install built packages
	run: \|
	dnf install -y /tmp/skupper-rpms//.rpm

	- name: Check skrouterd version
	run: \|
	skrouterd --version

	- name: Check that skrouterd works
	run: \|
	skrouterd -c /dev/empty \|& grep "Configuration file could not be opened"

	- name: Check that skmanage works
	run: \|
	skmanage --help

	- name: Check that skstat works
	run: \|
	skstat --help

	- name: Check that manpages work
	run: \|
	dnf install -y man

	man skrouterd
	man skrouterd.conf
	man skstat
	man skmanage

	rat_check:
	name: RAT Check
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: actions/cache@v3
	with:
	path: ~/.m2/repository
	key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
	restore-keys: \|
	${{ runner.os }}-maven-

	- name: Install JDK ${{ matrix.java }}
	uses: actions/setup-java@v4
	with:
	distribution: 'adopt'
	java-version: 11

	- name: RAT Check
	run: mvn apache-rat:check

	- name: Output
	if: ${{ ! cancelled() }}
	run: cat target/rat.txt \|\| echo "Unable to print output"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

NO-ISSUE: Add Clang Thread Safety Annotations for `_CT` functions #1772

Workflow file

NO-ISSUE: Add Clang Thread Safety Annotations for `_CT` functions #1772

Jobs

Run details

Workflow file for this run

NO-ISSUE: Add Clang Thread Safety Annotations for _CT functions #1772

Workflow file

Workflow file for this run

NO-ISSUE: Add Clang Thread Safety Annotations for `_CT` functions #1772