Enable PR san checks on github runners #6265
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Copyright Quadrivium LLC | |
# All Rights Reserved | |
# SPDX-License-Identifier: Apache-2.0 | |
# | |
name: Build | |
on: | |
push: | |
branches: [ master ] | |
tags: [ '*' ] | |
pull_request: | |
env: | |
BUILD_DIR: build | |
KAGOME_IN_DOCKER: 1 | |
CTEST_OUTPUT_ON_FAILURE: 1 | |
GITHUB_HUNTER_USERNAME: ${{ secrets.HUNTER_USERNAME }} | |
GITHUB_HUNTER_TOKEN: ${{ secrets.HUNTER_TOKEN }} | |
# Change all container: values to this variable once this feature is available | |
# https://github.community/t/how-to-set-and-access-a-workflow-variable/17335/6 | |
CACHE_VERSION: v07 | |
CACHE_PATHS: | | |
~/Library/Caches/pip | |
~/.cargo | |
~/.ccache | |
~/.hunter | |
~/.rustup | |
jobs: | |
MacOS: | |
runs-on: macos-14 | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ env.CACHE_VERSION }} | |
- name: install | |
run: ./housekeeping/macos/dependency.sh | |
env: | |
KAGOME_MAC_CI: 1 | |
- name: build | |
run: ./housekeeping/make_build.sh -G Ninja -DCLEAR_OBJS=ON -DCOVERAGE=OFF -DWASM_COMPILER=WasmEdge -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/cxx20.cmake | |
env: | |
KAGOME_IN_DOCKER: 0 | |
KAGOME_MAC_CI: 1 | |
Linux: | |
if: ${{ !(github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/' )) }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Linux: clang-15 External Project" | |
run: ./housekeeping/make_external_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=../../cmake/toolchain/clang-15_cxx20.cmake | |
name: "${{ matrix.options.name }}" | |
runs-on: ubuntu-latest | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ matrix.options.name }}-${{ env.CACHE_VERSION }} | |
- name: df du | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
- name: Install mold | |
run: ./housekeeping/ci_install_mold.sh --make-default | |
- name: "${{ matrix.options.name }}" | |
run: "${{ matrix.options.run }}" | |
- name: df du | |
if: ${{ always() }} | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
Linux-self-hosted: | |
if: ${{ github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/' ) }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Self-hosted: Linux: gcc-12 ASAN" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/gcc-12_cxx20.cmake -DASAN=ON | |
- name: "Self-hosted: Linux: clang-15 TSAN WAVM" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/clang-15_cxx20.cmake -DTSAN=ON -DWASM_COMPILER=WAVM | |
- name: "Self-hosted: Linux: clang-15 UBSAN" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/clang-15_cxx20.cmake -DUBSAN=ON | |
- name: "Self-hosted: Linux: clang-15 External Project" | |
run: ./housekeeping/make_external_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=../../cmake/toolchain/clang-15_cxx20.cmake | |
name: "${{ matrix.options.name }}" | |
runs-on: [ self-hosted ] | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ matrix.options.name }}-${{ env.CACHE_VERSION }} | |
- name: df du | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
- name: Install mold | |
run: ./housekeeping/ci_install_mold.sh --make-default | |
- name: "${{ matrix.options.name }}" | |
run: "${{ matrix.options.run }}" | |
- name: df du | |
if: ${{ always() }} | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
Linux-PR: | |
if: ${{ github.ref != 'refs/heads/master' }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Linux: gcc-12 ASAN" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/gcc-12_cxx20.cmake -DASAN=ON | |
- name: "Linux: clang-15 TSAN WAVM" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/clang-15_cxx20.cmake -DTSAN=ON -DWASM_COMPILER=WAVM | |
- name: "Linux: clang-15 UBSAN" | |
run: ./housekeeping/make_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/clang-15_cxx20.cmake -DUBSAN=ON | |
- name: "Linux: clang-15 External Project" | |
run: ./housekeeping/make_external_build.sh -DCLEAR_OBJS=ON -DCMAKE_TOOLCHAIN_FILE=../../cmake/toolchain/clang-15_cxx20.cmake | |
name: "${{ matrix.options.name }}" | |
runs-on: ubuntu-latest | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ matrix.options.name }}-${{ env.CACHE_VERSION }} | |
- name: df du | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
- name: Install mold | |
run: ./housekeeping/ci_install_mold.sh --make-default | |
- name: "${{ matrix.options.name }}" | |
run: "${{ matrix.options.run }}" | |
- name: df du | |
if: ${{ always() }} | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
clang-tidy: | |
name: "Linux: clang-tidy" | |
runs-on: ubuntu-latest | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
with: | |
fetch-depth: 0 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ env.CACHE_VERSION }} | |
- name: clang-tidy | |
env: | |
# build only generated files, so clang-tidy will work correctly | |
BUILD_FINAL_TARGET: generated | |
run: | | |
./housekeeping/make_build.sh | |
./housekeeping/clang-tidy-diff.sh | |
coverage-self-hosted: | |
if: ${{ github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/') || contains( github.event.pull_request.labels.*.name, 'Non-master self-hosted') }} | |
name: "Self-hosted: Linux: gcc-12 coverage/sonar" | |
runs-on: [ self-hosted ] | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ env.CACHE_VERSION }} | |
- name: df du | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
- name: Install mold | |
run: ./housekeeping/ci_install_mold.sh --make-default | |
- name: makeBuild | |
env: | |
BUILD_FINAL_TARGET: ctest_coverage | |
run: ./housekeeping/make_build.sh -DCMAKE_TOOLCHAIN_FILE=cmake/toolchain/gcc-12_cxx20.cmake -DCOVERAGE=ON -DCLEAR_OBJS=ON | |
- name: df du | |
if: ${{ always() }} | |
run: | | |
df -m || true | |
du -hd1 /__w /github || true | |
- if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }} | |
name: Submit Coverage | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
run: if [ "CODECOV_TOKEN" != "null" ]; then ./housekeeping/codecov.sh; else echo "Some secret undefined. Step passed..."; fi | |
- if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository }} | |
name: Sonar | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
GITHUB_USERNAME: ${{ secrets.GITHUB_USERNAME }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
BRANCH_NAME: ${{ github.ref }} | |
run: if [ "$SONAR_TOKEN" != "null" -a "$GITHUB_USERNAME" != "null" -a "$GITHUB_TOKEN" != "null" ]; then ./housekeeping/sonar.sh; else echo "Some secret undefined. Step passed..."; fi | |
Minideb: | |
if: ${{ !(github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/' )) }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Minideb: Build Debug" | |
build-type: "Debug" | |
- name: "Minideb: Build Release" | |
build-type: "Release" | |
name: "${{ matrix.options.name }}" | |
runs-on: ubuntu-latest | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ matrix.options.name }}-${{ env.CACHE_VERSION }} | |
- name: "${{ matrix.options.name }}" | |
env: | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome-dev/make.sh | |
Minideb-self-hosted: | |
if: ${{ github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/') || contains( github.event.pull_request.labels.*.name, 'Non-master self-hosted') }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Self-hosted: Minideb: Build Debug" | |
build-type: "Debug" | |
- name: "Self-hosted: Minideb: Build Release" | |
build-type: "Release" | |
name: "${{ matrix.options.name }}" | |
runs-on: [ self-hosted ] | |
container: qdrvm/kagome-dev@sha256:2d70246c32418a3dd45c246d3f5c2dd99bdafde145b903271849affe476c4cfc | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ matrix.options.name }}-${{ env.CACHE_VERSION }} | |
- name: "${{ matrix.options.name }}" | |
env: | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome-dev/make.sh | |
Push-self-hosted: | |
if: ${{ github.ref == 'refs/heads/master' || startsWith( github.ref, 'refs/tags/' ) }} | |
needs: [clang-tidy, MacOS, Minideb-self-hosted] | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Self-hosted: Push Debug Docker image" | |
build-type: "Debug" | |
- name: "Self-hosted: Push Release Docker image" | |
build-type: "Release" | |
- name: "Self-hosted: Push RelWithDebInfo Docker image" | |
build-type: "RelWithDebInfo" | |
runs-on: [ self-hosted ] | |
container: qdrvm/kagome-dev@sha256:14d5aa92c971073e82ba9bbac9b615701e99c71f64e58bdd45e5b3dbc09944bd | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ env.CACHE_VERSION }} | |
- run: git config --global --add safe.directory /__w/kagome/kagome | |
- run: git fetch --prune --unshallow | |
- name: build | |
env: | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome-dev/make.sh | |
- uses: azure/docker-login@83efeb77770c98b620c73055fbb59b2847e17dc0 | |
with: | |
login-server: https://index.docker.io/v1/ | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: docker pack and push | |
env: | |
VERSION: ${{ github.ref }} | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome/build_and_push.sh | |
Push-self-hosted-PR: | |
if: ${{ contains( github.event.pull_request.labels.*.name, 'Non-master push') }} | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Self-hosted: Push Debug Docker image" | |
build-type: "Debug" | |
- name: "Self-hosted: Push Release Docker image" | |
build-type: "Release" | |
- name: "Self-hosted: Push RelWithDebInfo Docker image" | |
build-type: "RelWithDebInfo" | |
runs-on: [ self-hosted ] | |
container: qdrvm/kagome-dev@sha256:14d5aa92c971073e82ba9bbac9b615701e99c71f64e58bdd45e5b3dbc09944bd | |
steps: | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
- uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed | |
with: | |
path: ${{ env.CACHE_PATHS }} | |
key: ${{ github.job }}-${{ env.CACHE_VERSION }} | |
- run: git config --global --add safe.directory /__w/kagome/kagome | |
- run: git fetch --prune --unshallow | |
- name: build | |
env: | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome-dev/make.sh | |
- uses: azure/docker-login@83efeb77770c98b620c73055fbb59b2847e17dc0 | |
with: | |
login-server: https://index.docker.io/v1/ | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: docker pack and push | |
env: | |
VERSION: ${{ github.ref }} | |
BUILD_TYPE: "${{ matrix.options.build-type }}" | |
run: ./housekeeping/docker/kagome/build_and_push.sh | |
zombie-tests: | |
strategy: | |
fail-fast: false | |
matrix: | |
options: | |
- name: "Parachains smoke test" | |
test: "test0001" | |
- name: "Parachains smoke test kagome" | |
test: "test0001_kagome" | |
- name: "Parachains upgrade smoke test" | |
test: "test0002" | |
- name: "Parachains upgrade smoke test kagome" | |
test: "test0002_kagome" | |
- name: "Parachains smoke test cumulus" | |
test: "test0003" | |
- name: "Parachains smoke test cumulus kagome" | |
test: "test0003_kagome" | |
- name: "Runtime upgrade" | |
test: "test0004" | |
- name: "Runtime upgrade kagome" | |
test: "test0004_kagome" | |
- name: "Dispute valid block" | |
test: "test0005" | |
- name: "Parachains disputes" | |
test: "test0006" | |
- name: "Deregister register validator smoke" | |
test: "test0008" | |
- name: "Basic warp sync" | |
test: "test0009" | |
- name: "Validators warp sync" | |
test: "test0010" | |
- name: "Block building warp sync" | |
test: "test0011" | |
runs-on: [ self-hosted ] | |
needs: [Push-self-hosted] | |
steps: | |
- name: Set owner of working dir recurively | |
run: sudo chown -R $(whoami) . | |
- uses: actions/checkout@dc323e67f16fb5f7663d20ff7941f27f5809e9b6 | |
- name: build zombie-tester | |
working-directory: ./zombienet/docker | |
run: make tester | |
- name: Run test | |
working-directory: ./zombienet/docker | |
run: make ${{ matrix.options.test }} | |
Trigger_CD: | |
if: ${{ github.ref == 'refs/heads/master' }} | |
needs: [Push-self-hosted] | |
runs-on: ubuntu-latest | |
steps: | |
- name: trigger cd job | |
run: | | |
curl -fI "${{ secrets.JENKINS_URL }}kagome-test&token=${{ secrets.JENKINS_TOKEN }}" | |
curl -fI "${{ secrets.JENKINS_URL }}polkadot-test&token=${{ secrets.JENKINS_TOKEN }}" |