Travis build matrix adjustments

[openssl.git] / .travis.yml

diff --git a/.travis.yml b/.travis.yml
index 7092953402bbc562aad02c7db6c8a4254b99fecd..a75cdd2036fe7a8cfc43b4895fea0463d049ef1d 100644 (file)
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,4 @@
-dist: trusty
-sudo: required
+dist: bionic
 
 osx_image: xcode9.3
 
@@ -7,14 +6,19 @@ language: c
 cache: ccache
 git:
     submodules: false
+    quiet: true
 
 before_install:
     - if [ -n "$COVERALLS" ]; then
-          pip install --user cpp-coveralls;
+          travis_retry pip install --user cpp-coveralls;
       fi;
     - if expr "$CONFIG_OPTS" ":" ".*enable-external-tests" > /dev/null; then
-          git submodule update --init --recursive;
+          travis_retry git submodule update --init --recursive;
       fi;
+    - eval "${MATRIX_EVAL}"
+
+arch:
+    - amd64
 
 os:
     - linux
@@ -25,29 +29,50 @@ compiler:
     - gcc
 
 env:
+    # Note: env entry here must exactly match the value in the exclude: table below that contains env:, otherwise it will not find a match.
     - CONFIG_OPTS="" DESTDIR="_install"
-    - CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-crypto-mdebug enable-rc5 enable-md2"
-    - CONFIG_OPTS="no-asm no-makedepend --strict-warnings" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes"
+    - CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-rc5 enable-md2 -fsanitize=address" LSAN_OPTIONS="report_objects=1"
+    - CONFIG_OPTS="no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" CPPFLAGS="-ansi"
 
-matrix:
+jobs:
+    exclude:
+        - os: linux
+          compiler: clang
+          env: CONFIG_OPTS="" DESTDIR="_install"
+        - os: linux
+          compiler: clang
+          env: CONFIG_OPTS="no-asm no-makedepend enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" GENERATE="yes" CPPFLAGS="-ansi"
+        - os: osx
+          compiler: gcc
+        - os: osx
+          env: CONFIG_OPTS="no-asm -Werror --debug no-afalgeng no-shared enable-rc5 enable-md2 -fsanitize=address" LSAN_OPTIONS="report_objects=1"
     include:
+        - os: linux
+          arch: arm64
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings" MAKEVERBOSE="yes"
+        - os: linux
+          arch: arm64
+          compiler: gcc
+          env: CONFIG_OPTS="no-asm no-deprecated enable-buildtest-c++ --strict-warnings -D_DEFAULT_SOURCE" BUILDONLY="yes" CHECKDOCS="yes" CPPFLAGS="-ansi"
+        - os: linux
+          arch: s390x
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings"
         - os: linux-ppc64le
-          sudo: false
-          compiler: clang
-          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES"
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings"
         - os: linux
-          addons:
-              apt:
-                  packages:
-                      - gcc-5
-                      - g++-5
-                  sources:
-                      - ubuntu-toolchain-r-test
-          compiler: gcc-5
-          env: CONFIG_OPTS="--strict-warnings" COMMENT="Move to the BORINGTEST build when interoperable"
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings no-ec enable-trace enable-ssl-trace enable-zlib enable-zlib-dynamic enable-crypto-mdebug enable-crypto-mdebug-backtrace enable-egd" COMMENT="Move to the BORINGTEST build when interoperable"
         - os: linux
+          dist: trusty
           compiler: clang
-          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES no-deprecated" BUILDONLY="yes"
+          env: CONFIG_OPTS="--strict-warnings -D__NO_STRING_INLINES"
+        - os: linux
+          dist: xenial
+          compiler: gcc
+          env: CONFIG_OPTS="--strict-warnings no-deprecated enable-rc5 enable-md2"
         - os: linux
           addons:
               apt:
@@ -56,54 +81,32 @@ matrix:
                       - gcc-mingw-w64
           compiler: i686-w64-mingw32-gcc
           env: CONFIG_OPTS="no-stdio" BUILDONLY="yes"
-        # Uncomment if there is reason to believe that PPC-specific problem
-        # can be diagnosed with this possibly >30 mins sanitizer build...
-        #- os: linux-ppc64le
-        #  sudo: false
-        #  compiler: gcc
-        #  env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-asan enable-ubsan no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES"
         - os: linux
           addons:
               apt:
                   packages:
-                      - gcc-5
-                      - g++-5
-                      - golang-1.6
-                  sources:
-                      - ubuntu-toolchain-r-test
-          compiler: gcc-5
-          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug --coverage no-asm enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-weak-ssl-ciphers no-shared -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" COVERALLS="yes" BORINGSSL_TESTS="yes" CXX="g++-5"
+                      - golang-1.10
+          compiler: gcc
+          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug --coverage no-asm enable-rc5 enable-md2 enable-ec_nistp_64_gcc_128 enable-ssl3 enable-ssl3-method enable-nextprotoneg enable-weak-ssl-ciphers no-shared enable-buildtest-c++ -DPEDANTIC -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION" COVERALLS="yes" BORINGSSL_TESTS="yes" CXX="g++"
         - os: linux
           addons:
               apt:
                   packages:
-                      - gcc-5
-                      - g++-5
-                      - golang-1.6
-                  sources:
-                      - ubuntu-toolchain-r-test
-          compiler: gcc-5
-          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-external-tests" BORINGSSL_TESTS="yes" CXX="g++-5" TESTS=95
-        - os: linux
-          compiler: clang
-          env: EXTENDED_TEST="yes" CONFIG_OPTS="enable-msan -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
+                      - golang-1.10
+          compiler: gcc
+          # External test pyca-cryptography temporarily disabled due to long term travis failures
+          env:  EXTENDED_TEST="yes" CONFIG_OPTS="--debug enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-external-tests enable-buildtest-c++" BORINGSSL_TESTS="yes" CXX="g++" TESTS="test_external_boringssl test_external_krb5"
         - os: linux
           compiler: clang
-          env:  EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg no-shared -fno-sanitize=alignment -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="enable-msan disable-afalgeng -Wno-unused-command-line-argument"
         - os: linux
           compiler: clang
-          env: EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-asan enable-rc5 enable-md2 no-shared -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -D__NO_STRING_INLINES -Wno-unused-command-line-argument"
+          env:  EXTENDED_TEST="yes" CONFIG_OPTS="no-asm enable-ubsan enable-rc5 enable-md2 enable-ssl3 enable-ssl3-method enable-nextprotoneg no-shared enable-buildtest-c++ -fno-sanitize=alignment -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -Wno-unused-command-line-argument" CXX="clang++"
         - os: linux
-          addons:
-              apt:
-                  packages:
-                      - gcc-5
-                      - g++-5
-                  sources:
-                      - ubuntu-toolchain-r-test
-          compiler: gcc-5
-          env: UBUNTU_GCC_HACK="yes" EXTENDED_TEST="yes" CONFIG_OPTS="--debug no-asm enable-ubsan enable-rc5 enable-md2 -DPEDANTIC" OPENSSL_TEST_RAND_ORDER=0
+          compiler: gcc
+          env: EXTENDED_TEST="yes" CONFIG_OPTS="--debug no-asm enable-ubsan enable-rc5 enable-md2 enable-buildtest-c++ -DPEDANTIC" OPENSSL_TEST_RAND_ORDER=0
         - os: linux
+          dist: xenial
           addons:
               apt:
                   packages:
@@ -112,6 +115,7 @@ matrix:
           compiler: i686-w64-mingw32-gcc
           env: EXTENDED_TEST="yes" CONFIG_OPTS="no-pic"
         - os: linux
+          dist: xenial
           addons:
               apt:
                   packages:
@@ -119,32 +123,37 @@ matrix:
                       - gcc-mingw-w64
           compiler: x86_64-w64-mingw32-gcc
           env: EXTENDED_TEST="yes" CONFIG_OPTS="no-pic"
-    exclude:
         - os: linux
-          compiler: clang
-        - os: osx
+          language: python
+          python: 3.7
+          install: pip install flake8
+          before_script:
+            # stop the build if there are Python syntax errors or undefined names
+            - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics
+            # exit-zero treats all errors as warnings.  The GitHub editor is 127 chars wide
+            - flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+          script: true
+        - os: linux
           compiler: gcc
+          env: CONFIGURE_TARGET="linux-generic32" CONFIG_OPTS="--strict-warnings no-shared no-dso no-pic no-aria no-async no-autoload-config no-blake2 no-bf no-camellia no-cast no-chacha no-cmac no-cms no-cmp no-comp no-ct no-des no-dgram no-dh no-dsa no-dtls no-ec2m no-engine no-filenames no-gost no-idea no-ktls no-mdc2 no-md4 no-multiblock no-nextprotoneg no-ocsp no-ocb no-poly1305 no-psk no-rc2 no-rc4 no-rmd160 no-seed no-siphash no-siv no-sm2 no-sm3 no-sm4 no-srp no-srtp no-ssl3 no-ssl3-method no-ts no-ui-console no-whirlpool no-asm -DOPENSSL_NO_SECURE_MEMORY -DOPENSSL_SMALL_FOOTPRINT"
+
 
 before_script:
     - env
     - if [ "$TRAVIS_PULL_REQUEST" != "false" -a -n "$EXTENDED_TEST" ]; then
-          (git log -1 $TRAVIS_COMMIT_RANGE | grep '\[extended tests\]' > /dev/null) || exit 0;
+          (git log -1 $TRAVIS_COMMIT_RANGE | grep '\[extended tests\]' > /dev/null) || travis_terminate 0;
       fi
     - if [ -n "$DESTDIR" ]; then
           sh .travis-create-release.sh $TRAVIS_OS_NAME;
           tar -xzf _srcdist.tar.gz;
-          mkdir _build;
-          cd _build;
-          srcdir=../_srcdist;
-          top=..;
+          mkdir -p _build/tree;
+          cd _build/tree;
+          srcdir=../../_srcdist;
+          top=../..;
       else
           srcdir=.;
           top=.;
       fi
-    - if [ -n "$UBUNTU_GCC_HACK" ]; then
-          $CC -dumpspecs | sed "s/--push-state//g; s/--pop-state/--as-needed/g" > gcc-specs.txt;
-          CC="$CC -specs=gcc-specs.txt";
-      fi
     - if [ "$CC" = i686-w64-mingw32-gcc ]; then
           export CROSS_COMPILE=${CC%%gcc}; unset CC;
           $srcdir/Configure mingw $CONFIG_OPTS -Wno-pedantic-ms-format;
@@ -152,23 +161,20 @@ before_script:
           export CROSS_COMPILE=${CC%%gcc}; unset CC;
           $srcdir/Configure mingw64 $CONFIG_OPTS -Wno-pedantic-ms-format;
       else
-          if [ "$CC" = clang-3.9 ]; then
-              sudo cp .travis-apt-pin.preferences /etc/apt/preferences.d/no-ubuntu-clang;
-              curl -sSL "http://apt.llvm.org/llvm-snapshot.gpg.key" | sudo -E apt-key add -;
-              echo "deb http://apt.llvm.org/trusty/ llvm-toolchain-trusty-3.9 main" | sudo tee -a /etc/apt/sources.list > /dev/null;
-              sudo -E apt-add-repository -y "ppa:ubuntu-toolchain-r/test";
-              sudo -E apt-get -yq update;
-              sudo -E apt-get -yq --no-install-suggests --no-install-recommends --force-yes install clang-3.9;
-          elif which ccache >/dev/null; then
+          if which ccache >/dev/null && test "$BORINGSSL_TESTS" != yes; then
               CC="ccache $CC";
           fi;
-          $srcdir/config -v $CONFIG_OPTS;
+          if [ -n "$CONFIGURE_TARGET" ]; then
+              $srcdir/Configure $CONFIGURE_TARGET $CONFIG_OPTS;
+          else
+              $srcdir/config -v $CONFIG_OPTS;
+          fi;
       fi
     - ./configdata.pm --dump
     - cd $top
 
 script:
-    - if [ -z "$BUILDONLY" ]; then
+    - if [ -z "$BUILDONLY" ] && [ -z "$MAKEVERBOSE" ] ; then
           make="make -s";
       else
           make="make";
@@ -180,33 +186,32 @@ script:
       fi
     - top=${PWD}
     - if [ -n "$DESTDIR" ]; then
-          cd _build;
+          cd _build/tree;
       fi
-    - if $make update; then
-          echo -e '+\057 MAKE UPDATE OK';
-      else
-          echo -e '+\057 MAKE UPDATE FAILED'; false;
-      fi;
-      git diff --exit-code
-    - if [ -n "$CHECKDOCS" ]; then
-          if $make doc-nits; then
-              echo -e '+\057\057 MAKE DOC-NITS OK';
-          else
-              echo -e '+\057\057 MAKE DOC-NITS FAILED'; false;
-          fi;
+    - if ! $make update; then
+          echo -e '\052\052 FAILED -- MAKE UPDATE';
+          travis_terminate 1;
       fi
-    - if [ -n "$GENERATE" ]; then
-          if $make build_all_generated; then
-              echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED OK';
-          else
-              echo -e '+\057\057\057 MAKE BUILD_ALL_GENERATED FAILED'; false;
-          fi;
+    - if ! git diff --exit-code; then
+          echo -e '\052\052 FAILED -- UPDATED FILES NOT COMMITTED';
+          travis_terminate 1;
       fi
-    - if $make2; then
-          echo -e '+\057\057\057\057 MAKE OK';
-      else
-          echo -e '+\057\057\057\057 MAKE FAILED'; false;
+    - if test -n "$GENERATE" && ! $make build_all_generated; then
+          echo -e '\052\052 FAILED -- MAKE BUILD_ALL_GENERATED';
+          travis_terminate 1;
+      fi
+    - if test -n "$CHECKDOCS" && ! $make doc-nits; then
+          echo -e '\052\052 FAILED -- MAKE DOC-NITS';
+          travis_terminate 1;
+      fi
+    - if ! $make2; then
+          echo -e '\052\052 FAILED -- MAKE';
+          travis_terminate 1;
       fi;
+    - if test -n "$CHECKDOCS" && ! $make cmd-nits; then
+          echo -e '\052\052 FAILED -- MAKE CMD-NITS';
+          travis_terminate 1;
+      fi
     - if [ -z "$BUILDONLY" ]; then
           if [ -n "$CROSS_COMPILE" ]; then
               sudo dpkg --add-architecture i386;
@@ -217,35 +222,31 @@ script:
           if [ -e krb5/src ]; then
               sudo apt-get -yq install bison dejagnu gettext keyutils ldap-utils libldap2-dev libkeyutils-dev python-cjson python-paste python-pyrad slapd tcl-dev tcsh;
           fi;
-          if HARNESS_VERBOSE=yes BORING_RUNNER_DIR=$top/boringssl/ssl/test/runner make test; then
-              echo -e '+\057\057\057\057\057 MAKE TEST OK';
-          else
-              echo -e '+\057\057\057\057\057 MAKE TEST FAILED'; false;
+          if ! HARNESS_VERBOSE_FAILURE=yes BORING_RUNNER_DIR=$top/boringssl/ssl/test/runner travis_wait 60 make _tests; then
+              echo -e '\052\052 FAILED -- MAKE TEST';
+              travis_terminate 1;
           fi;
       else
-          if $make build_tests >~/build.log 2>&1; then
-              echo -e '+\057\057\057\057\057\057 MAKE BUILD_TESTS OK';
-          else
-              echo -e '+\057\057\057\057\057\057 MAKE BUILD_TESTS FAILED';
+          if ! $make build_tests >~/build.log 2>&1; then
+              echo -e '\052\052 FAILED -- MAKE BUILD_TESTS';
               cat ~/build.log
-              false;
+              travis_terminate 1;
           fi;
       fi
     - if [ -n "$DESTDIR" ]; then
           mkdir "$top/$DESTDIR";
-          if $make install DESTDIR="$top/$DESTDIR" >~/install.log 2>&1 ; then
-              echo -e '+\057\057\057\057\057\057\057 MAKE INSTALL OK';
-          else
-              echo -e '+\057\057\057\057\057\057\057 MAKE INSTALL FAILED';
+          if ! $make install DESTDIR="$top/$DESTDIR" >~/install.log 2>&1 ; then
+              echo -e '\052\052 FAILED -- MAKE INSTALL';
               cat ~/install.log;
-              false;
+              travis_terminate 1;
           fi;
       fi
     - cd $top
+    - echo -e '\052\052 DONE'
 
 after_success:
     - if [ -n "$COVERALLS" ]; then
-          coveralls -b . --gcov gcov-5 --gcov-options '\-lpbc';
+          coveralls -b . --gcov gcov --gcov-options '\-lpbc';
       fi;
 
 notifications: