mirror of
https://git.tukaani.org/xz.git
synced 2024-04-04 12:36:23 +02:00
5e3d890f88
The sandboxing on Linux now supports Landlock, which restricts all supported filesystem actions after xz opens the files it needs. The sandbox is only enabled when one file is input and we are writing to standard out. With fsanitize=address,undefined, the instrumentation needs to read additional files after the sandbox is in place. This forces all xz based test to fail, so the sandbox must instead be disabled.
146 lines
6.2 KiB
YAML
146 lines
6.2 KiB
YAML
#############################################################################
|
|
#
|
|
# Author: Jia Tan
|
|
#
|
|
# This file has been put into the public domain.
|
|
# You can do whatever you want with this file.
|
|
#
|
|
#############################################################################
|
|
|
|
name: CI
|
|
|
|
on:
|
|
# Triggers the workflow on push or pull request events but only for the master branch
|
|
push:
|
|
branches: [ master ]
|
|
pull_request:
|
|
branches: [ master ]
|
|
|
|
# Allows running workflow manually
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
POSIX:
|
|
strategy:
|
|
matrix:
|
|
os: [ubuntu-latest, macos-latest]
|
|
build_system: [autotools, cmake]
|
|
runs-on: ${{ matrix.os }}
|
|
steps:
|
|
- uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 #v4.1.0
|
|
|
|
########################
|
|
# Install Dependencies #
|
|
########################
|
|
|
|
# Install Autotools on Linux
|
|
- name: Install Dependencies
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }}
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y autoconf automake build-essential po4a autopoint gcc-multilib doxygen
|
|
|
|
# Install Autotools on Mac
|
|
- name: Install Dependencies
|
|
if: ${{ matrix.os == 'macos-latest' && matrix.build_system == 'autotools' }}
|
|
run: brew install autoconf automake libtool po4a doxygen
|
|
|
|
# Install CMake on Linux
|
|
- name: Install Dependencies
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'cmake' }}
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y build-essential cmake
|
|
|
|
# Install CMake on Mac
|
|
- name: Install Dependencies
|
|
if: ${{ matrix.os == 'macos-latest' && matrix.build_system == 'cmake' }}
|
|
run: brew install cmake
|
|
|
|
##################
|
|
# Build and Test #
|
|
##################
|
|
|
|
# -b specifies the build system to use.
|
|
# -p specifies the phase (build or test) to help narrow down an error
|
|
# if one occurs.
|
|
#
|
|
# The first two builds/tests are only run on Autotools Linux and
|
|
# affect the CFLAGS. Resetting the CFLAGS requires clearing the
|
|
# config cache between runs, so the tests that require CFLAGS are
|
|
# done first.
|
|
- name: Build 32-bit
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }}
|
|
run: ./build-aux/ci_build.sh -b autotools -p build -f "-m32"
|
|
- name: Test 32-bit
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }}
|
|
run: |
|
|
./build-aux/ci_build.sh -b autotools -p test -f "-m32" -n 32_bit
|
|
cd ../xz_build && make distclean
|
|
|
|
# ifunc must be disabled for this test because __attribute__ ifunc is
|
|
# incompatible with -fsanitize=address.
|
|
#
|
|
# The sandbox must also be disabled because it will prevent access to
|
|
# the /proc/ filesystem on Linux, which is used by the sanitizer's
|
|
# instrumentation.
|
|
- name: Build with -fsanitize=address,undefined
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }}
|
|
run: ./build-aux/ci_build.sh -b autotools -p build -f "-fsanitize=address,undefined" -d ifunc,sandbox
|
|
- name: Test with -fsanitize=address,undefined
|
|
if: ${{ matrix.os == 'ubuntu-latest' && matrix.build_system == 'autotools' }}
|
|
run: |
|
|
./build-aux/ci_build.sh -b autotools -p test -f "-fsanitize=address,undefined" -d ifunc,sandbox
|
|
cd ../xz_build && make distclean
|
|
|
|
- name: Build with full features
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -p build
|
|
- name: Test with full features
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -p test -n full_features
|
|
|
|
- name: Build without encoders
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d encoders,shared -p build
|
|
- name: Test without encoders
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d encoders,shared -p test -n no_encoders
|
|
|
|
- name: Build without decoders
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d decoders,shared -p build
|
|
- name: Test without decoders
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d decoders,shared -p test -n no_decoders
|
|
|
|
- name: Build without threads
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d threads,shared -p build
|
|
- name: Test without threads
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d threads,shared -p test -n no_threads
|
|
|
|
- name: Build without BCJ filters
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d bcj,shared,nls -p build
|
|
- name: Test without BCJ filters
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d bcj,shared,nls -p test -n no_bcj
|
|
|
|
- name: Build without Delta filters
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d delta,shared,nls -p build
|
|
- name: Test without Delta filters
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d delta,shared,nls -p test -n no_delta
|
|
|
|
- name: Build without sha256 check
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -c crc32,crc64 -d shared,nls -p build
|
|
- name: Test without sha256 check
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -c crc32,crc64 -d shared,nls -p test -n no_sha256
|
|
|
|
- name: Build without crc64 check
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -c crc32,sha256 -d shared,nls -p build
|
|
- name: Test without crc64 check
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -c crc32,sha256 -d shared,nls -p test -n no_crc64
|
|
|
|
- name: Build small
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d small -p build
|
|
- name: Test small
|
|
run: ./build-aux/ci_build.sh -b ${{ matrix.build_system }} -d small -p test -n small
|
|
|
|
# Attempt to upload the test logs as artifacts if any step has failed
|
|
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 #v3.1.3
|
|
if: ${{ failure() }}
|
|
with:
|
|
name: ${{ matrix.os }} ${{ matrix.build_system }} Test Logs
|
|
path: build-aux/artifacts
|