-
Notifications
You must be signed in to change notification settings - Fork 259
198 lines (169 loc) · 7.22 KB
/
commit.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
name: Test
on:
pull_request:
branches: [main]
paths-ignore: # ignore docs as they are built with Netlify.
- '**/*.md'
- 'site/**'
- 'netlify.toml'
push:
branches: [main]
paths-ignore: # ignore docs as they are built with Netlify.
- '**/*.md'
- 'site/**'
- 'netlify.toml'
env: # Update this prior to requiring a higher minor version in go.mod
GO_VERSION: "1.23"
defaults:
run: # use bash for all operating systems unless overridden
shell: bash
concurrency:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-using-concurrency-to-cancel-any-in-progress-job-or-run
group: ${{ github.ref }}-${{ github.workflow }}-${{ github.actor }}
cancel-in-progress: true
jobs:
check:
name: Pre-commit check
# wabt requires a later version of libc than what's installed on ubuntu-22.04.
runs-on: ubuntu-latest
steps:
- name: Install latest wast2json
run: | # Needed for build.spectest. wabt includes wast2json.
wabt_version=1.0.34
wabt_url=https://github.com/WebAssembly/wabt/releases/download/${wabt_version}/wabt-${wabt_version}-ubuntu.tar.gz
curl -sSL ${wabt_url} | tar --strip-components 2 -C /usr/local/bin -xzf - wabt-${wabt_version}/bin/wast2json
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with: # not cache: true as we also need to cache golint
cache: false
go-version: ${{ env.GO_VERSION }}
- uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/.cache/golangci-lint
~/go/pkg/mod
~/go/bin
key: check-${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum', 'Makefile') }}
- run: make build.spectest
- run: make check
test:
name: ${{ matrix.platform.arch }}, ${{ matrix.platform.os }}, Go-${{ matrix.go-version }}
runs-on: ${{ matrix.platform.os }}
strategy:
fail-fast: false # don't fail fast as sometimes failures are arch/OS specific
matrix: # Use versions consistent with wazero's Go support policy.
platform:
- os: ubuntu-22.04
arch: amd64
- os: windows-2022
arch: amd64
- os: macos-14
arch: arm64
go-version:
- "1.23" # Current Go version
- "1.21" # Floor Go version of wazero (current - 2)
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
# Ensure the pagefile is large enough to execute tests like TestStore_hammer_close on Windows.
- name: configure Pagefile
uses: al-cheb/[email protected]
if: runner.os == 'Windows'
with:
minimum-size: 8GB
maximum-size: 16GB
disk-root: "D:"
# Run -race could be really slow without -short, so run them together on this workflow.
# Since -short is not added in the scratch tests, all the tests are run in CI in practice.
- run: make test go_test_options='-timeout 20m -race -short'
- name: "Generate coverage report" # only once (not per OS)
if: runner.os == 'Linux'
run: make coverage
- name: "Upload coverage report" # only on main push and only once (not per OS)
if: github.event_name == 'push' && github.ref == 'refs/heads/main' && runner.os == 'Linux'
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
run: bash <(curl -s https://codecov.io/bash)
test_scratch:
name: ${{ matrix.arch }}, Linux (scratch), Go-${{ matrix.go-version }}
runs-on: ubuntu-22.04
strategy:
fail-fast: false # don't fail fast as sometimes failures are arch/OS specific
matrix: # Use versions consistent with wazero's Go support policy.
go-version:
- "1.23" # Current Go version
- "1.21" # Floor Go version of wazero (current - 2)
arch:
- "amd64"
- "arm64"
- "riscv64"
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go-version }}
- name: Build test binaries
run: |
go list -f '{{.Dir}}' ./... | egrep -v 'spectest' | xargs -Ipkg go test pkg -c -o pkg.test
go build -o wazerocli ./cmd/wazero
env:
GOARCH: ${{ matrix.arch }}
CGO_ENABLED: 0
- name: Set up QEMU
if: ${{ matrix.arch != 'amd64' }}
uses: docker/setup-qemu-action@v2
with: # Avoid docker.io rate-limits; built with internal-images.yml
image: ghcr.io/tetratelabs/wazero/internal-binfmt
platforms: ${{ matrix.arch }}
- name: Build scratch container
run: |
echo 'FROM scratch' >> Dockerfile
echo 'CMD ["/test"]' >> Dockerfile
docker buildx build -t wazero:test --platform linux/${{ matrix.arch }} .
- name: Run built test binaries
# This runs all tests compiled above in sequence. Note: This mounts /tmp to allow t.TempDir() in tests.
run: find . -name "*.test" | xargs -Itestbin docker run --platform linux/${{ matrix.arch }} -v $(pwd)/testbin:/test -v $(pwd)/wazerocli:/wazero -e WAZEROCLI=/wazero --tmpfs /tmp --rm -t wazero:test
# This ensures that internal/integration_test/fuzz is runnable, and is not intended to
# run full-length fuzzing while trying to find low-hanging frontend bugs.
fuzz:
name: Minimal Fuzzing (${{ matrix.platform.os }}, ${{ matrix.platform.arch }})
runs-on: ${{ matrix.platform.os }}
strategy:
fail-fast: false # don't fail fast as sometimes failures are arch/OS specific
matrix: # Use versions consistent with wazero's Go support policy.
platform:
- os: ubuntu-22.04
arch: amd64
- os: macos-14
arch: arm64
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/cache@v3
id: cache
with:
# Cache corpus and artifacts so that we don't start from scratch but rather with a meaningful corpus
# in the subsequent CI jobs.
path: |
~/.cargo
~/.cache/go-build
~/go/pkg/mod
~/.rustup/toolchains/
internal/integration_test/fuzz/target
internal/integration_test/fuzz/fuzz/artifacts
internal/integration_test/fuzz/fuzz/corpus
key: build-fuzz-${{ matrix.platform.os }}-${{ matrix.platform.arch }}-go-${{ env.GO_VERSION }}-${{ hashFiles('**/go.sum', 'Makefile', '**/Cargo.lock', '**/Cargo.toml', '**/*.rs') }}
- run: cargo install cargo-fuzz
if: steps.cache.outputs.cache-hit != 'true'
# Run fuzzing only for a minute, not a full-length intensive one, but 60 seconds seems enough to find minor "front-end"
# bugs which might exist in binary parser, validation, or instantiation phase while not pressuring CI jobs.
- run: make fuzz fuzz_timeout_seconds=60
if: ${{ github.event_name == 'pull_request' }}
# Run a bit longer on main branch push!
- run: make fuzz fuzz_timeout_seconds=180
if: ${{ github.event_name == 'push' }}