diff options
| author |   Mike Frysinger <vapier@chromium.org> | 2021-10-04 13:31:53 -0400 |
|---|---|---|
| committer |   Mike Frysinger <vapier@gentoo.org> | 2021-10-04 18:26:21 -0400 |
| commit | 22e3de54dee0d4efa6c3d14753f847677f0e8d98 (patch) | |
| tree | 9e00ec3337805430efc5c3bb04a95fda2180a79d | |
| parent | build: drop external function.sh use (diff) | |
| download | pax-utils-22e3de54dee0d4efa6c3d14753f847677f0e8d98.tar.gz pax-utils-22e3de54dee0d4efa6c3d14753f847677f0e8d98.tar.bz2 pax-utils-22e3de54dee0d4efa6c3d14753f847677f0e8d98.zip | |
migrate from Travis to GH actions
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
| -rw-r--r-- | .github/workflows/build-test-ci.yml | 85 | ||||
| -rw-r--r-- | .github/workflows/coverity.yml | 52 | ||||
| -rw-r--r-- | .travis.yml | 33 | ||||
| -rw-r--r-- | Makefile | 6 | ||||
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rw-r--r-- | README.md | 2 | ||||
| -rwxr-xr-x | autogen.sh | 14 | ||||
| -rw-r--r-- | travis/lib.sh | 38 | ||||
| -rwxr-xr-x | travis/main.sh | 75 |
9 files changed, 147 insertions, 159 deletions
diff --git a/.github/workflows/build-test-ci.yml b/.github/workflows/build-test-ci.yml new file mode 100644 index 0000000..e23f0a3 --- /dev/null +++ b/.github/workflows/build-test-ci.yml @@ -0,0 +1,85 @@ +# GitHub actions workflow. +# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions + +name: Build+Test CI + +on: + push: + branches: [master, gh-actions] + tags: [v*] + pull_request: + types: [opened] + branches: [master] + +jobs: + make: + strategy: + matrix: + os: [ubuntu-latest] + cc: [gcc, clang] + runs-on: ${{ matrix.os }} + env: + CC: ${{ matrix.cc }} + steps: + - name: Install dependencies + run: sudo apt-get install -y python3-pyelftools + - uses: actions/checkout@v2 + # Hack up the man pages as installing xmlto is very expensive. + # We'll test this in the autotools builder instead. + - name: Hack man pages + run: echo man/*.docbook | sed s:docbook:1:g | xargs touch + - run: make + - run: make check + - run: make install DESTDIR="${PWD}/root/" + - run: make debug + - run: make check + + autotools-distcheck-linux: + strategy: + matrix: + os: [ubuntu-latest] + cc: [gcc, clang] + runs-on: ${{ matrix.os }} + env: + CC: ${{ matrix.cc }} + steps: + - name: Install dependencies + run: sudo apt-get install -y python3-pyelftools xmlto + - name: Checkout gnulib + uses: actions/checkout@v2 + with: + repository: coreutils/gnulib + path: gnulib + - run: mv gnulib .. + - uses: actions/checkout@v2 + - run: make distcheck SHELL_TRACE=-x PV=git PATH="${PWD}/../gnulib:${PATH}" + + autotools-build-macos: + strategy: + matrix: + os: [macos-latest] + cc: [clang] + runs-on: ${{ matrix.os }} + env: + CC: ${{ matrix.cc }} + steps: + - name: Install dependencies + run: brew install autoconf automake docbook libtool xmlto xz + - name: Checkout gnulib + uses: actions/checkout@v2 + with: + repository: coreutils/gnulib + path: gnulib + - run: mv gnulib .. + - uses: actions/checkout@v2 + # We don't run the whole distcheck flow because we don't want or need to + # rebuild the tarball, and that flow also runs the basic Linux+make which + # blows up wonderfully everywhere else. + - run: make autotools SHELL_TRACE=-x + - run: ./configure + - run: make + # The unittests generally assume a Linux ELF host, so don't bother making + # sure they pass on macOS. Run them out of morbid curiosity I guess. + - run: | + make -k check || : + - run: make install DESTDIR="${PWD}/root/" diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml new file mode 100644 index 0000000..0cdfec2 --- /dev/null +++ b/.github/workflows/coverity.yml @@ -0,0 +1,52 @@ +# GitHub actions workflow. +# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions + +# https://scan.coverity.com/projects/gentoo-pax-utils +name: Coverity Scan + +on: + push: + branches: [master] + +jobs: + coverity: + strategy: + matrix: + os: [ubuntu-latest] + cc: [gcc] + runs-on: ${{ matrix.os }} + env: + COVERITY_EMAIL: vapier@gentoo.org + COVERITY_PROJECT: gentoo%2Fpax-utils + CC: ${{ matrix.cc }} + steps: + - uses: actions/checkout@v2 + + - name: Download Coverity Build Tool + run: | + wget -nv https://scan.coverity.com/download/cxx/linux64 \ + --post-data "token=${TOKEN}&project=${COVERITY_PROJECT}" \ + -O cov-analysis-linux64.tar.gz + mkdir cov-analysis + tar -xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} + + - name: Build with cov-build + run: | + export PATH="${PWD}/cov-analysis/bin:${PATH}" + cov-build --dir cov-int make + + - name: Submit the result to Coverity Scan + run: | + tar -czvf cov-int.tgz cov-int + curl \ + --form project="${COVERITY_PROJECT}" \ + --form token="${TOKEN}" \ + --form email="${COVERITY_EMAIL}" \ + --form file=@cov-int.tgz \ + --form version="${GITHUB_SHA}" \ + --form description="pax-utils git" \ + "https://scan.coverity.com/builds?project=${COVERITY_PROJECT}" + env: + TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index f8b90cf..0000000 --- a/.travis.yml +++ /dev/null @@ -1,33 +0,0 @@ -# Travis build integration. -# https://docs.travis-ci.com/ - -language: c -# Order here matters for implicit matrix generation and coverity scan. -# See travis/main.sh for details. -compiler: - - gcc - - clang - -sudo: false - -# Order here matters; see compiler comment above. -os: - - linux - - osx - -# Travis currently uses Ubuntu 12.04 (Precise) which is too old: it does -# not include pyelftools. Disable until they update. -env: - global: - - USE_PYTHON=no - - secure: "ePjz/xsdTlf0lhdZtANITiAk2lBAA9wwzB5PK/9aR5i1eBfjgXQgIJLY1y7Lqa4WU8TnSF2mwzd0pYgb320lQMC5rP7aEMAqxVZeG9WmFjet2G5vQ48tDhEJzzDhOpfvQyPehiWqLL6RUhNjE8+kpdK74P7oUFJVIuoQkUn2EuW9eUD9hV6z6tS60C0F4COdE/6DPnBySmqvjm9r9Sdfz1flCI2FXoV7MrrqrwLIx3OMtHmqmM9vGF1d2rGXRADVEGL+ldx9KvdfTLddXhWkCuHZil9YMvQLu0+gTK/g3V02Gh1/xrKmTa6v2RDqimCYDGKdHn0An+tQShYqk2JqJfzvPeysGS8lWfQePaEnHnf6niQN6h4078Ru5jH3D6AFjInrdPEOS3UZsbrJ//7hhUdiHONeQZcVcCVk7bvaJoanjjI9hJaPQXc72u81uyjlXaTOEj/znOAV92WyTaR62cT5r0GR+R7Jp214YR1IyAIB63zQVw2QCNi6W2HpyUEo3d2fOdJdaPwPQL52GxD/i3h4uGh1orYdRL4s/tdqwvYHklE2AGrEAboq2pIkmVirWH9+3+vRTnZ+fyoXD6dqDa0QvkN0pxEwmFy0IvbvTUA+0k6iplDVY21hqoid2OUpus+LjdXT2QALsY9OfMvMPdUaoFSTzWFm1jwZBPqlZN0=" - -# Note: OS X deps are maintained in .travis.sh until Travis supports it here. -addons: - apt: - packages: - - autoconf-archive - - gnulib - - xmlto - -script: ./travis/main.sh @@ -184,7 +184,7 @@ endif PN = pax-utils P = $(PN)-$(PV) dist: - ./make-tarball.sh $(DISTCHECK) $(PV) + ./make-tarball.sh $(SHELL_TRACE) $(DISTCHECK) $(PV) distcheck: $(MAKE) dist DISTCHECK=--check @@ -200,7 +200,7 @@ check test: # GEN_MARK_START = \# @@@ GEN START @@@ \# GEN_MARK_END = \# @@@ GEN END @@@ \# -EXTRA_DIST = $(shell git ls-files | grep -v ^travis/) +EXTRA_DIST = $(shell git ls-files | grep -v -E '^(\.github|travis)/') autotools-update: $(MAKE) -C man -j sed -i.tmp '/^$(GEN_MARK_START)$$/,/^$(GEN_MARK_END)$$/d' Makefile.am @@ -219,6 +219,6 @@ autotools: ifeq ($(SKIP_AUTOTOOLS_UPDATE),) $(MAKE) autotools-update endif - ./autogen.sh --from=make + ./autogen.sh $(SHELL_TRACE) --from=make .PHONY: autotools autotools-update _autotools-update diff --git a/Makefile.am b/Makefile.am index 748a7ca..2626b37 100644 --- a/Makefile.am +++ b/Makefile.am @@ -54,7 +54,6 @@ EXTRA_DIST += \ .depend \ .gitignore \ .pylintrc \ - .travis.yml \ BUGS \ COPYING \ Makefile \ @@ -5,7 +5,7 @@ | HOMEPAGE | https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities | | GIT | git clone git://anongit.gentoo.org/proj/pax-utils.git | | VIEWVCS | https://gitweb.gentoo.org/proj/pax-utils.git/ | -| STATUS | [](https://travis-ci.org/gentoo/pax-utils) [](https://scan.coverity.com/projects/gentoo-pax-utils) | +| STATUS | [ [](https://scan.coverity.com/projects/gentoo-pax-utils) | pax-utils is a small set of utilities for peforming Q/A (mostly security) checks on systems (most notably, `scanelf`). It is focused on the ELF @@ -1,7 +1,5 @@ #!/bin/bash -e -. "${0%/*}"/travis/lib.sh - # NB: This script is normally run in a GNU environment (e.g. Linux), but we also run it on other # systems (e.g. macOS) as part of our automated CI. So a little care must be taken. @@ -26,13 +24,13 @@ if [[ $# -ne 0 ]] ; then exit 1 fi -v rm -rf autotools +rm -rf autotools if [[ ${FROM_TOOL} != "make" ]] ; then - v ${MAKE} autotools-update + ${MAKE} autotools-update fi # reload the gnulib code if possible -PATH=/usr/local/src/gnu/gnulib:${PATH} +PATH="${PWD}/gnulib:${PWD}/../gnulib:/usr/local/src/gnu/gnulib:${PATH}" mods=" alloca euidaccess @@ -57,13 +55,13 @@ mods=" utimensat vasprintf-posix " -v --fold="gnulib-tool" gnulib-tool \ +gnulib-tool \ --source-base=autotools/gnulib --m4-base=autotools/m4 \ --import \ ${mods} # not everyone has sys-devel/autoconf-archive installed -v tar xf travis/autotools.tar.xz +tar xf travis/autotools.tar.xz has() { [[ " ${*:2} " == *" $1 "* ]] ; } import_ax() { local macro content m4 lm4s=() @@ -89,7 +87,7 @@ while [[ ${curr} -ne ${new} ]] ; do done export AUTOMAKE="automake --foreign" -v autoreconf -i -f +autoreconf -i -f if [[ -x ./test.sh ]] ; then exec ./test.sh "$@" diff --git a/travis/lib.sh b/travis/lib.sh deleted file mode 100644 index 687ed41..0000000 --- a/travis/lib.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# Common funcs for working w/Travis. - -travis_fold() { - if [[ -n ${TRAVIS_OS_NAME} ]] ; then - printf 'travis_fold:%s:%s\r\n' "$@" | sed 's: :_:g' - fi -} - -if [[ -n ${TRAVIS_OS_NAME} ]] ; then - whitebg=$(tput setab 7) - blackfg=$(tput setaf 0) - normal=$(tput sgr0) -else - whitebg= - blackbg= - normal= -fi -v() { - local fold="" - case $1 in - --fold=*) fold=${1:7}; shift;; - esac - if [[ -n ${fold} ]] ; then - travis_fold start "${fold}" - echo "\$ $*" - "$@" - travis_fold end "${fold}" - else - echo "${whitebg}${blackfg}\$ $*${normal}" - "$@" - fi -} - -ncpus=$(getconf _NPROCESSORS_ONLN) -m() { - v make -j${ncpus} "$@" -} diff --git a/travis/main.sh b/travis/main.sh deleted file mode 100755 index 50e8a2f..0000000 --- a/travis/main.sh +++ /dev/null @@ -1,75 +0,0 @@ -#!/bin/bash -e - -. "${0%/*}"/lib.sh - -# We have to do this by hand rather than use the coverity addon because of -# matrix explosion: https://github.com/travis-ci/travis-ci/issues/1975 -# We also do it by hand because when we're throttled, the addon will exit -# the build immediately and skip the main script! -coverity_scan() { - local reason - [[ ${TRAVIS_JOB_NUMBER} != *.1 ]] && reason="not first build job" - [[ -n ${TRAVIS_TAG} ]] && reason="git tag" - [[ ${TRAVIS_PULL_REQUEST} == "true" ]] && reason="pull request" - if [[ -n ${reason} ]] ; then - echo "Skipping coverity scan due to: ${reason}" - return - fi - - export COVERITY_SCAN_PROJECT_NAME="${TRAVIS_REPO_SLUG}" - export COVERITY_SCAN_NOTIFICATION_EMAIL="vapier@gentoo.org" - export COVERITY_SCAN_BUILD_COMMAND="make -j${ncpus}" - export COVERITY_SCAN_BUILD_COMMAND_PREPEND="git clean -q -x -d -f; git checkout -f" - export COVERITY_SCAN_BRANCH_PATTERN="master" - - curl -s "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || : -} - -main() { - if [[ ${TRAVIS_OS_NAME} == "osx" ]] ; then - # Note: Linux deps are maintained in .travis.yml. - v --fold="brew_update" brew update - v --fold="brew_install" brew install xmlto xz - fi - - # See if we have to bootstrap gnulib. This is the case on OS X, and on - # Linux until they whitelist the package: - # https://github.com/travis-ci/apt-package-whitelist/issues/727 - if ! gnulib-tool --version >&/dev/null ; then - if [[ ! -d ../gnulib ]] ; then - v --fold="git_clone_gnulib" \ - git clone --depth=1 https://github.com/coreutils/gnulib.git ../gnulib - else - pushd ../gnulib - v --fold="git_pull_gnulib" git pull - popd - fi - export PATH="${PATH}:${PWD}/../gnulib" - fi - - if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then - # Standard optimized build. - m - m check - - # Debug build w/ASAN and such enabled. - m debug - m check - fi - - # Autotools based build. - v ./autogen.sh - if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then - v --fold="configure" ./configure - m V=1 distcheck - else - # ELF checks don't work on OS X -- no ELFs! - v ./configure - m V=1 - fi - - # Do scans last as they like to dirty the tree and some tests - # expect a clean tree (like code style checks). - v --fold="coverity_scan" coverity_scan -} -main "$@" |