rec: Backport 14400 to rec 4.9.x: switch el7 builds to Oracle Linux 7 #9372
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: 'Build and test everything' | |
on: | |
push: | |
pull_request: | |
workflow_call: | |
inputs: | |
branch-name: | |
description: 'Checkout to a specific branch' | |
required: true | |
default: '' | |
type: string | |
schedule: | |
- cron: '0 22 * * 3' | |
permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions | |
contents: read | |
env: | |
CLANG_VERSION: '13' | |
# github.workspace variable points to the Runner home folder. Container home folder defined below. | |
REPO_HOME: '/__w/pdns/pdns' | |
jobs: | |
build-recursor: | |
name: build recursor | |
if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }} | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
sanitizers: [ubsan+asan, tsan] | |
container: | |
image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master | |
env: | |
ASAN_OPTIONS: detect_leaks=0 | |
SANITIZERS: ${{ matrix.sanitizers }} | |
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" | |
UNIT_TESTS: yes | |
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 | |
defaults: | |
run: | |
working-directory: ./pdns/recursordist/ | |
outputs: | |
clang-tidy-failed: ${{ steps.clang-tidy-annotations.outputs.failed }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 5 | |
submodules: recursive | |
ref: ${{ inputs.branch-name }} | |
- name: get timestamp for cache | |
id: get-stamp | |
run: | | |
echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT" | |
shell: bash | |
- run: mkdir -p ~/.ccache | |
- name: let GitHub cache our ccache data | |
uses: actions/cache@v3 | |
with: | |
path: ~/.ccache | |
key: recursor-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }} | |
restore-keys: recursor-${{ matrix.sanitizers }}-ccache- | |
- run: inv ci-autoconf | |
- run: inv ci-rec-configure | |
- run: inv ci-rec-make-bear | |
- run: ln -s ../../.clang-tidy.full .clang-tidy | |
- name: Run clang-tidy | |
run: git diff -U0 HEAD^..HEAD | /usr/bin/python3 ../../.github/scripts/git-filter.py | /usr/bin/python3 /usr/bin/clang-tidy-diff-${CLANG_VERSION}.py -clang-tidy-binary /usr/bin/clang-tidy-${CLANG_VERSION} -extra-arg=-ferror-limit=0 -p3 -export-fixes clang-tidy-rec.yml | |
- name: Print clang-tidy fixes YAML | |
shell: bash | |
run: | | |
if [ -f clang-tidy-rec.yml ]; then | |
cat clang-tidy-rec.yml | |
fi | |
- name: Result annotations | |
id: clang-tidy-annotations | |
shell: bash | |
run: | | |
if [ -f clang-tidy-rec.yml ]; then | |
set +e | |
python ../../.github/scripts/clang-tidy.py --fixes-file clang-tidy-rec.yml | |
echo "failed=$?" >> $GITHUB_OUTPUT | |
fi | |
- run: inv ci-rec-run-unit-tests | |
- run: inv ci-make-install | |
- run: ccache -s | |
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV" | |
- name: Store the binaries | |
uses: actions/upload-artifact@v3 # this takes 30 seconds, maybe we want to tar | |
with: | |
name: pdns-recursor-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }} | |
path: /opt/pdns-recursor | |
retention-days: 1 | |
test-recursor-api: | |
needs: build-recursor | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
sanitizers: [ubsan+asan, tsan] | |
dist_name: [debian] | |
dist_release_name: [bullseye] | |
pdns_repo_version: ['45'] | |
container: | |
image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master | |
env: | |
UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp" | |
ASAN_OPTIONS: detect_leaks=0 | |
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp" | |
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 5 | |
submodules: recursive | |
ref: ${{ inputs.branch-name }} | |
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV" | |
- name: Fetch the binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: pdns-recursor-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }} | |
path: /opt/pdns-recursor | |
- run: inv apt-fresh | |
- run: inv add-auth-repo ${{ matrix.dist_name }} ${{ matrix.dist_release_name }} ${{ matrix.pdns_repo_version }} | |
- run: inv install-clang-runtime | |
- run: inv install-rec-test-deps | |
- run: inv test-api recursor | |
test-recursor-regression: | |
needs: build-recursor | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
sanitizers: [ubsan+asan, tsan] | |
dist_name: [debian] | |
dist_release_name: [bullseye] | |
pdns_repo_version: ['45'] | |
container: | |
image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master | |
env: | |
UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp' | |
ASAN_OPTIONS: detect_leaks=0 | |
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp" | |
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 | |
steps: | |
# - uses: PowerDNS/pdns/set-ubuntu-mirror@meta | |
- uses: actions/[email protected] | |
with: | |
fetch-depth: 5 | |
submodules: recursive | |
ref: ${{ inputs.branch-name }} | |
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV" | |
- name: Fetch the binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: pdns-recursor-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }} | |
path: /opt/pdns-recursor | |
- run: inv apt-fresh | |
- run: inv add-auth-repo ${{ matrix.dist_name }} ${{ matrix.dist_release_name }} ${{ matrix.pdns_repo_version }} | |
- run: inv install-clang-runtime | |
- run: inv install-rec-test-deps | |
- run: inv test-regression-recursor | |
test-recursor-bulk: | |
name: 'test rec *mini* bulk' | |
needs: build-recursor | |
runs-on: ubuntu-22.04 | |
strategy: | |
matrix: | |
sanitizers: [ubsan+asan, tsan] | |
threads: [1, 2, 3, 4, 8] | |
mthreads: [2048] | |
shards: [1, 2, 1024] | |
container: | |
image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master | |
env: | |
UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp' | |
ASAN_OPTIONS: detect_leaks=0 | |
TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp" | |
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 5 | |
submodules: recursive | |
ref: ${{ inputs.branch-name }} | |
- run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV" | |
- name: Fetch the binaries | |
uses: actions/download-artifact@v3 | |
with: | |
name: pdns-recursor-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }} | |
path: /opt/pdns-recursor | |
- run: inv install-clang-runtime | |
- run: inv install-rec-bulk-deps | |
- run: inv test-bulk-recursor ${{ matrix.threads }} ${{ matrix.mthreads }} ${{ matrix.shards }} | |
check-clang-tidy: | |
needs: [build-recursor] | |
runs-on: ubuntu-22.04 | |
name: Check whether clang-tidy succeeded | |
steps: | |
- run: | | |
if [ "x${{needs.build-recursor.outputs.clang-tidy-failed}}" != "x" -a "${{needs.build-recursor.outputs.clang-tidy-failed}}" != "0" ]; then | |
exit 1 | |
fi | |
collect: | |
needs: | |
- build-recursor | |
- test-recursor-api | |
- test-recursor-regression | |
- test-recursor-bulk | |
- check-clang-tidy | |
if: success() || failure() | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Install jq and jc | |
run: "sudo apt-get update && sudo apt-get install jq jc" | |
- name: Fail job if any of the previous jobs failed | |
run: "for i in `echo '${{ toJSON(needs) }}' | jq -r '.[].result'`; do if [[ $i == 'failure' ]]; then echo '${{ toJSON(needs) }}'; exit 1; fi; done;" | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 5 | |
submodules: recursive | |
ref: ${{ inputs.branch-name }} | |
- name: Get list of jobs in the workflow | |
run: "cat .github/workflows/build-and-test-all.yml | jc --yaml | jq -rS '.[].jobs | keys | .[]' | grep -v collect | tee /tmp/workflow-jobs-list.yml" | |
- name: Get list of prerequisite jobs | |
run: "echo '${{ toJSON(needs) }}' | jq -rS 'keys | .[]' | tee /tmp/workflow-needs-list.yml" | |
- name: Fail if there is a job missing on the needs list | |
run: "if ! diff -q /tmp/workflow-jobs-list.yml /tmp/workflow-needs-list.yml; then exit 1; fi" | |
# FIXME: if we can make upload/download-artifact fasts, running unit tests outside of build can let regression tests start earlier |