Abandon travis-ci for jenkins

.ci/Jenkinsfile

@@ -0,0 +1,42 @@
+properties(
+    [
+        disableConcurrentBuilds()
+    ]
+)
+
+node('linux && docker') {
+    try {
+    stage('Checkout') {
+        //branch name from Jenkins environment variables
+        echo "My branch is: ${env.BRANCH_NAME}"
+
+        // this doesn't grab tags pointing to this branch
+        //checkout scm
+        // this hack does... https://issues.jenkins.io/browse/JENKINS-45164
+        checkout([
+            $class: 'GitSCM',
+            branches: [[name: 'refs/heads/'+env.BRANCH_NAME]],
+            extensions: [[$class: 'CloneOption', noTags: false, shallow: false, depth: 0, reference: '']],
+            userRemoteConfigs: scm.userRemoteConfigs,
+        ])
+        sh '''
+        set -euxo pipefail
+        git checkout "$BRANCH_NAME" --
+        git reset --hard "origin/$BRANCH_NAME"
+        '''
+    }
+
+    stage('Build + Deploy') {
+        sh 'curl --compressed -sL https://code.moparisthebest.com/moparisthebest/self-ci/raw/branch/master/build-ci.sh | bash'
+    }
+
+        currentBuild.result = 'SUCCESS'
+    } catch (Exception err) {
+        currentBuild.result = 'FAILURE'
+    } finally {
+        stage('Email') {
+            step([$class: 'Mailer', notifyEveryUnstableBuild: true, recipients: '[email protected]', sendToIndividuals: true])
+        }
+        deleteDir()
+    }
+}

.ci/build.sh

@@ -0,0 +1,64 @@
+#!/bin/bash
+set -exo pipefail
+
+echo "starting build for TARGET $TARGET"
+
+export CRATE_NAME=wireguard-proxy
+export OPENSSL_STATIC=1
+export CARGO_FEATURES=async
+
+DISABLE_TESTS=${DISABLE_TESTS:-0}
+
+SUFFIX=""
+
+# wine blows up in testing with async build
+echo "$TARGET" | grep -E '^x86_64-pc-windows-gnu$' >/dev/null && DISABLE_TESTS=1 && SUFFIX=".exe"
+
+# these only support openssl_vendored, not async
+if echo "$TARGET" | grep -E '^(s390x|powerpc|mips)' >/dev/null
+then
+    CARGO_FEATURES=openssl_vendored
+fi
+
+# these don't support any TLS at all
+if echo "$TARGET" | grep -E '(^riscv64gc|solaris$)' >/dev/null
+then
+    CARGO_FEATURES=verbose
+fi
+
+cross rustc --bin wireguard-proxy --target $TARGET --release --no-default-features --features $CARGO_FEATURES
+cross rustc --bin udp-test --target $TARGET --release --no-default-features --features $CARGO_FEATURES
+
+# to check how they are built
+file "target/$TARGET/release/wireguard-proxy$SUFFIX" "target/$TARGET/release/udp-test$SUFFIX"
+
+if [ $DISABLE_TESTS -ne 1 ]
+then
+
+    # first make sure udp-test succeeds running against itself
+    cross run --target $TARGET --release --no-default-features --features $CARGO_FEATURES --bin udp-test
+
+    # now run udp-test through proxy/proxyd
+    cross run --target $TARGET --release --no-default-features --features $CARGO_FEATURES --bin udp-test -- -is
+
+    if [ $CARGO_FEATURES != "verbose" ]; then
+        # run TLS tests then too
+        cross run --target $TARGET --release --no-default-features --features $CARGO_FEATURES --bin udp-test -- -is --tls-key ci/cert.key --tls-cert ci/cert.pem
+
+        # now pubkey tests
+
+        # one that should fail (wrong pinnedpubkey lowercase e at end instead of uppercase E)
+        cross run --target $TARGET --release --no-default-features --features $CARGO_FEATURES --bin udp-test -- -is --tls-key ci/cert.key --tls-cert ci/cert.pem --pinnedpubkey sha256//BEyQeSjwwUBLXXNuCILHRWyV1gLmY31CdMHNA4VH4de= && exit 1 || true
+
+        # and one that should pass
+        cross run --target $TARGET --release --no-default-features --features $CARGO_FEATURES --bin udp-test -- -is --tls-key ci/cert.key --tls-cert ci/cert.pem --pinnedpubkey sha256//BEyQeSjwwUBLXXNuCILHRWyV1gLmY31CdMHNA4VH4dE=
+    fi
+fi
+
+# if this commit has a tag, upload artifact to release
+strip "target/$TARGET/release/wireguard-proxy$SUFFIX" || true # if strip fails, it's fine
+mkdir -p release
+mv "target/$TARGET/release/wireguard-proxy$SUFFIX" "release/wireguard-proxy-$TARGET$SUFFIX"
+
+echo 'build success!'
+exit 0

README.md

@@ -1,6 +1,6 @@
 # wireguard-proxy
 
-[![Travis-CI Build Status](https://api.travis-ci.org/moparisthebest/wireguard-proxy.svg?branch=master)](https://travis-ci.org/moparisthebest/wireguard-proxy)
+[![Build Status](https://ci.moparisthe.best/job/moparisthebest/job/wireguard-proxy/job/master/badge/icon%3Fstyle=plastic)](https://ci.moparisthe.best/job/moparisthebest/job/wireguard-proxy/job/master/)
 [![Build status](https://ci.appveyor.com/api/projects/status/vl8c9xdhvgn997d2/branch/master?svg=true)](https://ci.appveyor.com/project/moparisthebest/wireguard-proxy)
 [![crates.io](https://img.shields.io/crates/v/wireguard-proxy.svg)](https://crates.io/crates/wireguard-proxy)
 
@@ -70,7 +70,7 @@ usage: wireguard-proxy [options...]
 
 Binaries:
 
-- [releases](https://github.com/moparisthebest/wireguard-proxy/releases) has static builds for most platforms performed by travis-ci and appveyor courtesy of [trust](https://github.com/japaric/trust)
+- [releases](https://github.com/moparisthebest/wireguard-proxy/releases) has static builds for most platforms performed by [self-ci](https://github.com/moparisthebest/self-ci) and appveyor courtesy of [trust](https://github.com/japaric/trust)
 - Arch Linux AUR [wireguard-proxy](https://aur.archlinux.org/packages/wireguard-proxy/) and [wireguard-proxy-git](https://aur.archlinux.org/packages/wireguard-proxy-git/)
 
 Building:

benchmark.sh

@@ -0,0 +1,85 @@
+#!/bin/sh
+#set -x
+
+# cert created with:
+# cd ci && echo -e '\n\n\n\n\n\n\n' | openssl req -new -x509 -days 3650 -nodes -out cert.pem -keyout cert.key
+
+export PATH="$(pwd)/target/release:$PATH"
+
+run_tests() {
+client_arg="$1"
+shift
+
+# now run proxyd pointing to nc
+wireguard-proxy -th 127.0.0.1:5555 -ut 127.0.0.1:51822 "$@" &
+proxyd_pid=$!
+# wait for ports to be set up, this is fragile...
+sleep 5
+# proxy pointing to proxyd
+wireguard-proxy -tt 127.0.0.1:5555 "$client_arg" &
+proxy_pid=$!
+# wait for ports to be set up, this is fragile...
+sleep 1
+
+# nc running through wireguard-proxy's above
+nc -lup 51822 >/dev/null &
+nc_listen_pid=$!
+
+wireguard-proxy -V
+
+dd if=/dev/zero bs=128M count=10 | nc -u 127.0.0.1 51820 &
+nc_connect_pid=$!
+
+sleep 5
+
+kill $nc_listen_pid $nc_connect_pid $proxyd_pid $proxy_pid
+
+}
+
+
+# first no-network baseline
+dd if=/dev/zero bs=128M count=10 | cat >/dev/null
+
+# now openbsd netcat for network baseline
+nc -lup 51822 >/dev/null &
+nc_listen_pid=$!
+
+dd if=/dev/zero bs=128M count=10 | nc -u 127.0.0.1 51822 &
+nc_connect_pid=$!
+
+sleep 5
+
+kill $nc_listen_pid $nc_connect_pid
+
+# first run without TLS
+#cargo clean
+cargo build --release --no-default-features 2>/dev/null || exit 1
+run_tests || exit 1
+
+# third run with async+rustls
+#cargo clean
+cargo build --release --no-default-features --features async 2>/dev/null || exit 1
+# first plaintext tests
+run_tests || exit 1
+# then TLS tests
+run_tests --tls --tls-key ci/cert.key --tls-cert ci/cert.pem || exit 1
+
+exit 0
+
+# first run with non-vendored tls
+#cargo clean
+cargo build --release --no-default-features --features tls 2>/dev/null || exit 1
+# first plaintext tests
+run_tests || exit 1
+# then TLS tests
+run_tests --tls --tls-key ci/cert.key --tls-cert ci/cert.pem || exit 1
+
+# second run with vendored tls
+#cargo clean
+cargo build --release --no-default-features --features openssl_vendored 2>/dev/null || exit 1
+# first plaintext tests
+run_tests || exit 1
+# then TLS tests
+run_tests --tls --tls-key ci/cert.key --tls-cert ci/cert.pem || exit 1
+
+exit 0