Workflow optimization (8) #13
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: time-machine | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - maxirmx-timemachine-2183 | |
| paths-ignore: | |
| - '/*.sh' | |
| - '/.*' | |
| - '/_*' | |
| - 'Brewfile' | |
| - 'docs/**' | |
| - '**.adoc' | |
| - '**.md' | |
| - '**.nix' | |
| - 'flake.lock' | |
| - '.github/workflows/*.yml' | |
| - '!.github/workflows/time-machine.yml' | |
| pull_request: | |
| paths-ignore: | |
| - '/*.sh' | |
| - '/.*' | |
| - '/_*' | |
| - 'Brewfile' | |
| - 'docs/**' | |
| - '**.adoc' | |
| - '**.md' | |
| - '**.nix' | |
| - 'flake.lock' | |
| - '.github/workflows/*.yml' | |
| - '!.github/workflows/time-machine.yml' | |
| workflow_dispatch: | |
| concurrency: | |
| group: '${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.ref_name }}' | |
| cancel-in-progress: true | |
| env: | |
| RNP_LOG_CONSOLE: 1 | |
| jobs: | |
| build: | |
| name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}] | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 120 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| env: | |
| - { CC: clang, CXX: clang++ } | |
| # Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details | |
| image: | |
| - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'Botan' } | |
| - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'OpenSSL' } | |
| container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} | |
| env: ${{ matrix.env }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: true | |
| - name: Setup environment | |
| run: | | |
| set -o errexit -o pipefail -o noclobber -o nounset | |
| /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} | |
| /opt/tools/tools.sh select_gpg_version_for_gha 'system' | |
| /opt/tools/tools.sh select_botan_version_for_gha 'system' | |
| echo CORES="$(nproc --all)" >> $GITHUB_ENV | |
| useradd rnpuser | |
| printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser | |
| printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf | |
| - name: Configure | |
| run: | | |
| cmake -B build \ | |
| -DBUILD_SHARED_LIBS=ON \ | |
| -DDOWNLOAD_GTEST=ON \ | |
| -DCMAKE_BUILD_TYPE=Release \ | |
| -DCRYPTO_BACKEND=${{ matrix.image.backend }} | |
| - name: Build | |
| run: cmake --build build --parallel ${{ env.CORES }} | |
| - name: Archive build files | |
| run: tar -czvf build.tar.gz build | |
| - name: Upload build files | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' | |
| path: 'build.tar.gz' | |
| retention-days: 5 | |
| test: | |
| name: ${{ matrix.image.name }} [CC ${{ matrix.env.CC }}; backend ${{ matrix.image.backend }}; date offset ${{ matrix.date-offset }}] | |
| runs-on: ubuntu-latest | |
| needs: build | |
| timeout-minutes: 120 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| env: | |
| - { CC: clang, CXX: clang++ } | |
| # Pls refer to https://github.com/rnpgp/rnp-ci-containers#readme for image details | |
| image: | |
| - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'Botan' } | |
| - { name: 'Fedora 36', container: 'fedora-36-amd64', backend: 'OpenSSL' } | |
| date-offset: | |
| - '0 years' | |
| - '1 year' | |
| - '5 years' | |
| container: ghcr.io/rnpgp/ci-rnp-${{ matrix.image.container }} | |
| env: ${{ matrix.env }} | |
| steps: | |
| - name: Install tools | |
| run: dnf -y install libfaketime | |
| - name: Checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| submodules: true | |
| - name: Setup environment | |
| run: | | |
| set -o errexit -o pipefail -o noclobber -o nounset | |
| /opt/tools/tools.sh select_crypto_backend_for_gha ${{ matrix.image.backend }} | |
| /opt/tools/tools.sh select_gpg_version_for_gha 'system' | |
| /opt/tools/tools.sh select_botan_version_for_gha 'system' | |
| echo CORES="$(nproc --all)" >> $GITHUB_ENV | |
| useradd rnpuser | |
| printf "\nrnpuser\tALL=(ALL)\tNOPASSWD:\tALL" > /etc/sudoers.d/rnpuser | |
| printf "\nrnpuser\tsoft\tnproc\tunlimited\n" > /etc/security/limits.d/30-rnpuser.conf | |
| - name: Download build files | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: 'build-${{ matrix.env.CC }}-${{ matrix.image.backend }}' | |
| - name: Extract build files | |
| run: tar -xzvf build.tar.gz | |
| - name: Configure fake time | |
| if: matrix.date-offset != '0 years' | |
| run: | | |
| set -o errexit -o pipefail -o noclobber -o nounset | |
| adjusted_date=$(date -d '${{ matrix.date-offset }}' '+%Y-%m-%d') | |
| echo FAKETIME="@$adjusted_date 00:00:00" >> $GITHUB_ENV | |
| - name: Test | |
| run: | | |
| set -o errexit -o pipefail -o noclobber -o nounset | |
| mkdir -p "build/Testing/Temporary" | |
| cp "cmake/CTestCostData.txt" "build/Testing/Temporary" | |
| export PATH="$PWD/build/src/lib:$PATH" | |
| chown -R rnpuser:rnpuser $PWD | |
| echo Running tests for "$(LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 date)" | |
| exec su rnpuser -c "LD_PRELOAD=/usr/lib64/faketime/libfaketime.so.1 ctest --parallel ${{ env.CORES }} --test-dir build --output-on-failure" |