Use --debug with no-caching build as sanitizers need it

[openssl.git] / .github / workflows / ci.yml

name: GitHub CI

on: [pull_request, push]

# for some reason, this does not work:
# variables:
#   BUILDOPTS: "-j4"
#   HARNESS_JOBS: "${HARNESS_JOBS:-4}"

# for some reason, this does not work:
# before_script:
#     - make="make -s"

jobs:
  check_update:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings && perl configdata.pm --dump
    - name: make build_generated
      run: make -s build_generated
    - name: make update
      run: make -s update
    - name: git diff
      run: git diff --exit-code

  check_docs:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings && perl configdata.pm --dump
    - name: make build_generated
      run: make -s build_generated
    - name: make doc-nits
      run: make doc-nits

  basic_gcc:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  basic_clang:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: CC=clang ./config --strict-warnings && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  minimal:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings no-bulk no-pic no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  no-deprecated:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings no-deprecated && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  non-caching:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --debug enable-asan enable-ubsan no-cached-fetch no-dtls no-tls1 no-tls1-method no-tls1_1 no-tls1_1-method no-async && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0 TESTS="-test_fuzz* -test_ssl_* -test_evp -test_cmp_http -test_verify -test_cms -test_store -test_enc -[01][0-9]"

  sanitizers:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --debug enable-asan enable-ubsan enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4} OPENSSL_TEST_RAND_ORDER=0

  threads_sanitizer:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: CC=clang ./config --strict-warnings -fsanitize=thread && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make TESTS=test_threads test HARNESS_JOBS=${HARNESS_JOBS:-4}

  enable_non-default_options:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config --strict-warnings no-ec enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  legacy:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  buildtest:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: config
      run: ./config no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}

  out-of-source-and-install:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
    - name: extra preparations
      run: |
        mkdir ./build
        mkdir ./install
    - name: config
      run: ../config --strict-warnings --prefix=$(cd ../install; pwd) && perl configdata.pm --dump
      working-directory: ./build
    - name: make
      run: make -s -j4
      working-directory: ./build
    - name: make test
      run: make test HARNESS_JOBS=${HARNESS_JOBS:-4}
      working-directory: ./build
    - name: make install
      run: make install
      working-directory: ./build

  external-tests:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v2
      with:
        submodules: recursive
    - name: package installs
      run: |
        sudo apt-get update
        sudo apt-get -yq install bison dejagnu gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python3 python3-paste python3-pyrad slapd tcl-dev tcl-thread tcsh python3-virtualenv virtualenv
    - name: install cpanm and Test2::V0 for gost_engine testing
      uses: perl-actions/install-with-cpanm@v1
      with:
        install: Test2::V0
    - name: config
      run: ./config --strict-warnings --debug no-afalgeng enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-zlib enable-ec_nistp_64_gcc_128 enable-external-tests && perl configdata.pm --dump
    - name: make
      run: make -s -j4
    - name: test external gost-engine
      run: make test TESTS="test_external_gost_engine"
    - name: test external krb5
      run: make test TESTS="test_external_krb5"
#   - name: test external boringssl
#     run: BORING_RUNNER_DIR=$(pwd)/boringssl/ssl/test/runner make test TESTS="test_external_boringssl"
#   - name: test external pyca
#     run: make test TESTS="test_external_pyca"