diff options
| -rwxr-xr-x | .github/configs | 65 | ||||
| -rwxr-xr-x | .github/configure.sh | 6 | ||||
| -rwxr-xr-x | .github/run_test.sh | 23 | ||||
| -rwxr-xr-x | .github/setup_ci.sh | 2 | ||||
| -rw-r--r-- | .github/workflows/c-cpp.yml | 4 | ||||
| -rw-r--r-- | .github/workflows/selfhosted.yml | 67 |
6 files changed, 153 insertions, 14 deletions
diff --git a/.github/configs b/.github/configs new file mode 100755 index 00000000..1cf80027 --- /dev/null +++ b/.github/configs @@ -0,0 +1,65 @@ +#!/bin/sh +# +# usage: configs vmname test_config (or '' for default) +# +# Sets the following variables: +# CONFIGFLAGS options to ./configure +# SSHD_CONFOPTS sshd_config options +# TEST_TARGET make target used when testing. defaults to "tests". +# LTESTS + +config=$1 + +TEST_TARGET="tests" +LTESTS="" +SUDO=sudo # run with sudo by default +TEST_SSH_UNSAFE_PERMISSIONS=1 + +CONFIGFLAGS="" +LIBCRYPTOFLAGS="" + +case "$config" in + default|sol64) + ;; + *pam) + CONFIGFLAGS="--with-pam" + SSHD_CONFOPTS="UsePam yes" + ;; + without-openssl) + LIBCRYPTOFLAGS="--without-openssl" + TEST_TARGET=t-exec + ;; + *) + echo "Unknown configuration $config" + exit 1 + ;; +esac + +# The Solaris 64bit targets are special since they need a non-flag arg. +case "$config" in + sol64*) + CONFIGFLAGS="x86_64 --with-cflags=-m64 --with-ldflags=-m64 ${CONFIGFLAGS}" + LIBCRYPTOFLAGS="--with-ssl-dir=/usr/local/ssl64" + ;; +esac + +case "${TARGET_HOST}" in + sol10) + # This VM is 32bit and the unit tests are slow. + TEST_TARGET="tests SKIP_UNIT=1" + ;; +esac + +# If we have a local openssl/libressl, use that. +if [ -z "${LIBCRYPTOFLAGS}" ]; then + # last-match + for i in /usr/local /usr/local/ssl; do + if [ -x ${i}/bin/openssl ]; then + LIBCRYPTOFLAGS="--with-ssl-dir=${i}" + fi + done +fi + +CONFIGFLAGS="${CONFIGFLAGS} ${LIBCRYPTOFLAGS}" + +export LTESTS SUDO TEST_TARGET TEST_SSH_UNSAFE_PERMISSIONS diff --git a/.github/configure.sh b/.github/configure.sh new file mode 100755 index 00000000..869dc824 --- /dev/null +++ b/.github/configure.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +. .github/configs $1 $2 + +set -x +./configure ${CONFIGFLAGS} diff --git a/.github/run_test.sh b/.github/run_test.sh index 5a0e6538..c2173020 100755 --- a/.github/run_test.sh +++ b/.github/run_test.sh @@ -1,23 +1,11 @@ #!/usr/bin/env bash -TARGETS=$@ - -TEST_TARGET="tests" -LTESTS="" # all tests by default +. .github/configs $1 $2 [ -z "${SUDO}" ] || ${SUDO} mkdir -p /var/empty set -ex -for TARGET in $TARGETS; do - case $TARGET in - --without-openssl) - # When built without OpenSSL we can't do the file-based RSA key tests. - TEST_TARGET=t-exec - ;; - esac -done - if [ -z "$LTESTS" ]; then make $TEST_TARGET result=$? @@ -26,6 +14,15 @@ else result=$? fi +if [ ! -z ${SSHD_CONFOPTS} ]; then + echo "rerunning tests with TEST_SSH_SSHD_CONFOPTS='${SSHD_CONFOPTS}'" + make t-exec TEST_SSH_SSHD_CONFOPTS="${SSHD_CONFOPTS}" + result2=$? + if [ "${result2}" -ne 0 ]; then + result="${result2}" + fi +fi + if [ "$result" -ne "0" ]; then for i in regress/failed*; do echo ------------------------------------------------------------------------- diff --git a/.github/setup_ci.sh b/.github/setup_ci.sh index 67a76a5d..187a4fad 100755 --- a/.github/setup_ci.sh +++ b/.github/setup_ci.sh @@ -20,7 +20,7 @@ lsb_release -a for TARGET in $TARGETS; do case $TARGET in - ""|--without-openssl|--without-zlib|--with-Werror|--with-rpath*) + ""|--without-openssl|--without-zlib|--with-Werror|--with-rpath*|--with-ssl-dir=*|--with-zlib=*) # nothing to do ;; "--with-kerberos5") diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index e546a9c5..7d02bc31 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -8,6 +8,7 @@ on: jobs: ubuntu-20_04: + if: github.repository != 'openssh/openssh-portable-selfhosted' runs-on: ubuntu-20.04 strategy: matrix: @@ -37,6 +38,7 @@ jobs: ubuntu-18_04: + if: github.repository != 'openssh/openssh-portable-selfhosted' runs-on: ubuntu-18.04 strategy: matrix: @@ -69,6 +71,7 @@ jobs: ubuntu-16_04: + if: github.repository != 'openssh/openssh-portable-selfhosted' runs-on: ubuntu-16.04 strategy: matrix: @@ -95,6 +98,7 @@ jobs: macos: + if: github.repository != 'openssh/openssh-portable-selfhosted' strategy: matrix: os: [ macos-10.15, macos-11.0 ] diff --git a/.github/workflows/selfhosted.yml b/.github/workflows/selfhosted.yml new file mode 100644 index 00000000..835bfb32 --- /dev/null +++ b/.github/workflows/selfhosted.yml @@ -0,0 +1,67 @@ +name: C/C++ CI self-hosted + +on: + push: + branches: [ master, ci ] + +jobs: + selfhosted: + runs-on: ${{ matrix.vm }} + env: + TARGET_HOST: ${{ matrix.vm }} + SUDO: sudo + strategy: + fail-fast: false + # We use a matrix in two parts: firstly all of the VMs are tested with the + # default config. "vm" corresponds to a label associated with the worker. + matrix: + vm: [dfly30, dfly48, dfly58, sol10, sol11] + configs: + - default + # Then we include any extra configs we want to test for specific VMs. + include: + - vm: dfly30 + configs: without-openssl + - vm: dfly48 + configs: pam + - vm: dfly58 + configs: pam + - vm: sol10 + configs: pam + - vm: sol11 + configs: pam + - vm: sol11 + configs: sol64 + - vm: sol11 + configs: sol64-pam + steps: + - uses: actions/checkout@v2 + - name: autoreconf + run: autoreconf + - name: shutdown VM if running + run: vmshutdown + - name: startup VM + run: vmstartup + - name: configure + run: vmrun ./.github/configure.sh ${{ matrix.configs }} + - name: save config files + if: always() + uses: actions/upload-artifact@v2 + with: + name: ${{ matrix.vm }}-${{ matrix.configs }}-config-files + path: | + config.h + config.log + - name: make + run: vmrun make + - name: make tests + run: vmrun ./.github/run_test.sh ${{ matrix.configs }} + - name: save regress logs + if: failure() + uses: actions/upload-artifact@v2 + with: + name: ${{ matrix.vm }}-${{ matrix.configs }}-regress-logs + path: regress/*.log + - name: shutdown VM + if: always() + run: vmshutdown |