From patchwork Tue Aug 23 02:09:02 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Timo Rothenpieler X-Patchwork-Id: 2714 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id +HvcIrzDBGM5LgAAIUCqbw (envelope-from ) for ; Tue, 23 Aug 2022 08:10:36 -0400 Received: from proxy4.mail.iad3b.rsapps.net ([172.31.255.6]) by director12.mail.ord1d.rsapps.net with LMTP id sPH6IbzDBGOKIgAAIasKDg (envelope-from ) for ; Tue, 23 Aug 2022 08:10:36 -0400 Received: from smtp38.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.iad3b.rsapps.net with LMTPS id 0MG2G7zDBGOLAwAA9crAow (envelope-from ) for ; Tue, 23 Aug 2022 08:10:36 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp38.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=rothenpieler.org; dmarc=fail (p=none; dis=none) header.from=rothenpieler.org X-Suspicious-Flag: YES X-Classification-ID: 97ac4452-22dc-11ed-acb6-5254006f0979-1-1 Received: from [216.105.38.7] ([216.105.38.7:48458] helo=lists.sourceforge.net) by smtp38.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id A9/D3-01333-BB3C4036; Tue, 23 Aug 2022 08:10:35 -0400 Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1oQSiw-0004xH-Jf; Tue, 23 Aug 2022 12:09:38 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1oQSiv-0004xB-2Q for openvpn-devel@lists.sourceforge.net; Tue, 23 Aug 2022 12:09:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9AWgh4JiZ+5RztalFKjW7UFyZTL7rL5PqSsj3TZk/yg=; b=HZMr4mVTvDJt0SvW4hBN9YkxxT cnoeie+qGBXnjRzZH+V+NfOXFw7ceZcWpAeprjUSci1PG6KuoPwkB3HEclJWgqpqXTuFYlQkxEfWU 5S6V9YLaAerYdfCHlX7tLmLxD/qlYBTrlq6lIomMST+ULURFrIwc75uv9ssKfrkKESWg=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=9AWgh4JiZ+5RztalFKjW7UFyZTL7rL5PqSsj3TZk/yg=; b=C zsld833kH8vNbmQtUxVl+2eXXSaElNiRYYAM9cyX/9gezFm4rivFyGutpLL5gKQdSFSXgyGl3QMas SD5hcJ/JJjHjBmSfQqA+MC8P6ftoYonS5iZG4gf42AlmCdoFjP6ELXRGcR+/6+1JN4RGeXgT/63B+ sj+97waNfsUiO8PY=; Received: from btbn.de ([136.243.74.85]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1oQSis-00EGhv-JO for openvpn-devel@lists.sourceforge.net; Tue, 23 Aug 2022 12:09:37 +0000 Received: from [authenticated] by btbn.de (Postfix) with ESMTPSA id AE84A3A375E; Tue, 23 Aug 2022 14:09:24 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rothenpieler.org; s=mail; t=1661256564; bh=9AWgh4JiZ+5RztalFKjW7UFyZTL7rL5PqSsj3TZk/yg=; h=From:To:Cc:Subject:Date; b=XDqx+J8/+uw7jh76DDMYSrKJLWSrvs4MxUxO4EHbg0YQRsherauD0wb4moCQFynqQ EkC4MhD5AWlk3fRBA9MeY1z87xNwxeOa9RdOQKyHfZTk4idVg1J8O/isJ8b93eZvUM 2T6Yc6zmrsAPEXxf3RIvScsOPtgN8dpGwLvM5+K2rKFD8cOYZlwehvN4Jgj3Pl2hyg uMUpdXhgesmk3QCSQdF8bVD4+crq4o8hClPUrIYAevWf330w/RmqtHL9TEfn/xzSw+ /ly/uarYJPfbNjFV6/MiBbatb/6qryjWC9DW1N6O7QMnGLlr2p23GB4KlGbcTfD68G A8EWc8yLFkArg== From: Timo Rothenpieler To: openvpn-devel@lists.sourceforge.net Date: Tue, 23 Aug 2022 14:09:02 +0200 Message-Id: <20220823120902.738-1-timo@rothenpieler.org> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The ubuntu-18.04 base image is deprecated and in the process of being phased out: https://github.blog/changelog/2022-08-09-github-actions-the-ubuntu-18-04-actions-runner-image-is-being-deprecated-and- [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1oQSis-00EGhv-JO Subject: [Openvpn-devel] [PATCH] GitHub Actions: Use Docker Images for Ubuntu test runs X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The ubuntu-18.04 base image is deprecated and in the process of being phased out: https://github.blog/changelog/2022-08-09-github-actions-the-ubuntu-18-04-actions-runner-image-is-being-deprecated-and-will-be-removed-by-12-1-22/ It is already causing build failures during the scheduled periods mentioned in the blog post. This is the best alternative I found which does not drop any tests or test environments. Sadly GHAs build-in container-capabilities can't be used, since they don't allow specifying --network host. Without that, IPv6 related tests fail, since the Docker deployment on GHA does not support IPv6, even in 2022: https://github.com/actions/runner-images/issues/668 So instead this manually invokes docker to run the tests in the respective Ubuntu Docker-Image. Some dependencies had to be added since the Docker-Images are more barebones than the Github-Runner images. Otherwise, nothing about the test setup changed. --- .github/workflows/build.yaml | 43 ++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b0f67a78..b6b04ff2 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -162,79 +162,84 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-18.04, ubuntu-20.04, ubuntu-22.04] + img: ["ubuntu:18.04", "ubuntu:20.04", "ubuntu:22.04"] sslpkg: [libmbedtls-dev] ssllib: [mbedtls] libname: [mbed TLS] include: - - os: ubuntu-18.04 + - img: "ubuntu:18.04" sslpkg: "libssl1.0-dev" ssllib: openssl libname: OpenSSL 1.0.2 - - os: ubuntu-18.04 + - img: "ubuntu:18.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl - - os: ubuntu-22.04 + - img: "ubuntu:22.04" sslpkg: "libssl-dev" libname: OpenSSL 3.0.2 ssllib: openssl - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--enable-iproute2" - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--enable-async-push" - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--disable-management" - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--enable-small" - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--disable-lzo --disable-lz4" - - os: ubuntu-20.04 + - img: "ubuntu:20.04" sslpkg: "libssl-dev" libname: OpenSSL 1.1.1 ssllib: openssl extraconf: "--enable-dco" nlpkg: "libnl-genl-3-dev" - name: "gcc - ${{matrix.os}} - ${{matrix.libname}} ${{matrix.extraconf}}" + name: "gcc - ${{matrix.img}} - ${{matrix.libname}} ${{matrix.extraconf}}" env: SSLPKG: "${{matrix.sslpkg}}" NLPKG: "${{matrix.nlpkg}}" - runs-on: ${{matrix.os}} + runs-on: ubuntu-latest steps: - - name: Install dependencies - run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${NLPKG} - name: Checkout OpenVPN uses: actions/checkout@v3 + - name: Setup Container + run: docker run --name ovpn --detach --rm --cap-add NET_ADMIN --network host -v "$PWD:/wd" --workdir=/wd "${{matrix.img}}" sleep 3600 + - name: Install dependencies + run: docker exec ovpn sh -c "apt update && apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev linux-libc-dev man2html libcmocka-dev python3-docutils build-essential pkgconf libtool automake autoconf iproute2 git ${SSLPKG} ${NLPKG}" - name: autoconf - run: autoreconf -fvi + run: docker exec ovpn autoreconf -fvi - name: configure - run: ./configure --with-crypto-library=${{matrix.ssllib}} ${{matrix.extraconf}} --enable-werror + run: docker exec ovpn ./configure --with-crypto-library=${{matrix.ssllib}} ${{matrix.extraconf}} --enable-werror - name: make all - run: make -j3 + run: docker exec ovpn make -j3 - name: make check - run: make check + run: docker exec ovpn make check + - name: Docker Cleanup + if: always() + run: docker kill ovpn || true ubuntu-clang-asan: strategy: