CI: move over to OpenSSL 3; use apt to install deps on Linux #1457
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
pull_request: | |
types: [opened, reopened] | |
defaults: | |
run: | |
shell: bash | |
concurrency: quotient-ci | |
jobs: | |
CI: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
max-parallel: 1 | |
matrix: | |
os: [ ubuntu-22.04, macos-11, windows-2019 ] | |
qt-version: [ '6.4', '5.15' ] | |
override-compiler: [ '', GCC ] # Defaults: MSVC on Windows, Clang elsewhere | |
# Not using binary values here, to make the job captions more readable | |
e2ee: [ e2ee, '' ] | |
update-api: [ '' ] | |
exclude: # Drop less important combinations to lower the jobs number | |
- qt-version: '5.15' | |
e2ee: '' | |
- qt-version: '5.15' | |
override-compiler: GCC | |
- os: macos-11 | |
override-compiler: GCC | |
- os: windows-2019 | |
override-compiler: GCC | |
include: | |
- os: ubuntu-22.04 # Overrides the existing job | |
qt-version: '6.4' | |
e2ee: e2ee | |
override-compiler: GCC | |
static-analysis: sonar | |
- os: ubuntu-22.04 # Overrides the existing job | |
qt-version: '5.15' | |
e2ee: e2ee | |
update-api: update-api | |
static-analysis: codeql | |
# NB ^: Valgrind is enabled with GCC but doesn't like CodeQL | |
# instrumentation; so don't use CodeQL with GCC for now | |
- os: ubuntu-22.04 | |
qt-version: '5.15' | |
override-compiler: GCC | |
update-api: update-api | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
# Install on Linux via apt to get everything necessary in one go | |
- name: Install dependencies (Linux) | |
if: startsWith(matrix.os, 'ubuntu') | |
run: | | |
COMMON_PKGS="libolm-dev ninja-build valgrind gnome-keyring" | |
sudo apt-get -qq update | |
sudo apt-get -qq install $COMMON_PKGS \ | |
${{ startsWith(matrix.qt-version, '5') | |
&& 'qtmultimedia5-dev qttools5-dev qt5keychain-dev' | |
|| 'qt6-base-dev libgl1-mesa-dev qt6-l10n-tools qt6-tools-dev qt6-tools-dev-tools qtkeychain-qt6-dev' | |
}} | |
gnome-keyring-daemon -d --unlock <<<'' # Create a login keyring with no password | |
- name: Install dependencies (non-Linux) | |
if: "!startsWith(matrix.os, 'ubuntu')" | |
uses: jurplel/[email protected] | |
with: | |
version: '${{ matrix.qt-version }}.*' | |
cache: true | |
cache-key-prefix: Qt | |
tools: "tools_ninja${{ startsWith(matrix.os, 'windows') && ' tools_opensslv3_x64' || '' }}" | |
- name: Setup build environment | |
run: | | |
if [ '${{ matrix.override-compiler }}' == 'GCC' ]; then | |
echo "CC=gcc" >>$GITHUB_ENV | |
echo "CXX=g++" >>$GITHUB_ENV | |
if [ '${{ startsWith(matrix.qt-version, '5') }}' == 'true' ]; then | |
# Patch Qt to avoid GCC tumbling over QTBUG-90568/QTBUG-91909 | |
sed -i 's/ThreadEngineStarter<void>(ThreadEngine<void> \*_threadEngine)/ThreadEngineStarter(ThreadEngine<void> \*_threadEngine)/' \ | |
$Qt5_DIR/include/QtConcurrent/qtconcurrentthreadengine.h | |
fi | |
echo "VALGRIND=valgrind --tool=memcheck --leak-check=yes --gen-suppressions=all --suppressions=$GITHUB_WORKSPACE/quotest/.valgrind.supp" >>$GITHUB_ENV | |
elif [[ '${{ runner.os }}' != 'Windows' ]]; then | |
echo "CC=clang" >>$GITHUB_ENV | |
echo "CXX=clang++" >>$GITHUB_ENV | |
fi | |
if grep -q 'refs/tags' <<<'${{ github.ref }}'; then | |
VERSION="$(git describe --tags)" | |
elif [ '${{ github.ref }}' == 'refs/heads/master' ]; then | |
VERSION="ci${{ github.run_number }}-$(git rev-parse --short HEAD)" | |
else | |
VERSION="$(git describe --all --contains)-ci${{ github.run_number }}-$(git rev-parse --short HEAD)" | |
fi | |
QUOTEST_ORIGIN="$VERSION @ ${{ runner.os }}/Qt-${{ matrix.qt-version }}" | |
if [ -n '${{ matrix.override-compiler }}' ]; then | |
QUOTEST_ORIGIN="$QUOTEST_ORIGIN/${{ matrix.override-compiler }}" | |
fi | |
CMAKE_ARGS="-G Ninja -DCMAKE_BUILD_TYPE=RelWithDebInfo \ | |
${{ runner.os != 'Linux' && '-DCMAKE_MAKE_PROGRAM=$IQTA_TOOLS/Ninja/ninja' || '' }} \ | |
-DBUILD_SHARED_LIBS=${{ runner.os == 'Linux' }} \ | |
-DCMAKE_INSTALL_PREFIX=~/.local \ | |
-DCMAKE_PREFIX_PATH=~/.local \ | |
-DCMAKE_INSTALL_RPATH_USE_LINK_PATH=ON \ | |
-DBUILD_WITH_QT6=${{ startsWith(matrix.qt-version, '6') }}" | |
if [ -n '${{ matrix.e2ee }}' ]; then | |
QUOTEST_ORIGIN="$QUOTEST_ORIGIN/E2EE" | |
CMAKE_ARGS="$CMAKE_ARGS \ | |
${{ runner.os == 'macOS' && '-DOPENSSL_ROOT_DIR=`brew --prefix openssl`' || | |
runner.os == 'Windows' && '-DOPENSSL_ROOT_DIR=$IQTA_TOOLS/OpenSSLv3/Win_x64/' || '' }} \ | |
" | |
fi | |
if [ '${{ matrix.static-analysis }}' == 'sonar' ]; then | |
mkdir -p $HOME/.sonar | |
CMAKE_ARGS="$CMAKE_ARGS -DCMAKE_CXX_FLAGS=--coverage" | |
fi | |
echo "CMAKE_ARGS=$CMAKE_ARGS" >>$GITHUB_ENV | |
echo "QUOTEST_ORIGIN=$QUOTEST_ORIGIN" >>$GITHUB_ENV | |
if [[ '${{ runner.os }}' != 'Windows' ]]; then | |
BIN_DIR=/bin | |
echo "LIB_PATH=$HOME/.local/lib" >>$GITHUB_ENV | |
fi | |
echo "BIN_DIR=$BIN_DIR" >>$GITHUB_ENV | |
echo "~/.local$BIN_DIR" >>$GITHUB_PATH | |
cmake -E make_directory ${{ runner.workspace }}/build | |
echo "BUILD_PATH=${{ runner.workspace }}/build/libQuotient" >>$GITHUB_ENV | |
- name: Setup MSVC | |
uses: ilammy/msvc-dev-cmd@v1 | |
if: startsWith(matrix.os, 'windows') | |
with: | |
arch: x64 | |
- name: Set up Sonar Cloud tools | |
id: sonar | |
if: matrix.static-analysis == 'sonar' | |
uses: sonarsource/sonarcloud-github-c-cpp@v1 | |
- name: Build and install QtKeychain | |
run: | | |
cd .. | |
git clone -b v0.13.2 https://github.com/frankosterfeld/qtkeychain.git | |
cmake -S qtkeychain -B qtkeychain/build $CMAKE_ARGS | |
cmake --build qtkeychain/build --target install | |
- name: Build and install Olm | |
if: matrix.e2ee | |
run: | | |
cd .. | |
git clone https://gitlab.matrix.org/matrix-org/olm.git | |
cmake -S olm -B olm/build $CMAKE_ARGS | |
cmake --build olm/build --target install | |
- name: Get CS API definitions; clone and build GTAD | |
if: matrix.update-api | |
run: | | |
git clone --depth=1 https://github.com/quotient-im/matrix-spec.git ../matrix-spec | |
git submodule update --init --recursive --depth=1 | |
cmake -S gtad/gtad -B ../build/gtad $CMAKE_ARGS -DBUILD_SHARED_LIBS=OFF | |
cmake --build ../build/gtad | |
echo "CMAKE_ARGS=$CMAKE_ARGS -DMATRIX_SPEC_PATH=${{ runner.workspace }}/matrix-spec \ | |
-DGTAD_PATH=${{ runner.workspace }}/build/gtad/gtad" \ | |
>>$GITHUB_ENV | |
echo "QUOTEST_ORIGIN=$QUOTEST_ORIGIN with regenerated API files" >>$GITHUB_ENV | |
- name: Initialize CodeQL tools | |
if: matrix.static-analysis == 'codeql' | |
uses: github/codeql-action/init@v2 | |
with: | |
languages: cpp | |
# If you wish to specify custom queries, you can do so here or in a config file. | |
# By default, queries listed here will override any specified in a config file. | |
# Prefix the list here with "+" to use these queries and those in the config file. | |
# queries: ./path/to/local/query, your-org/your-repo/queries@main | |
- name: Configure libQuotient | |
run: | | |
cmake -S $GITHUB_WORKSPACE -B $BUILD_PATH $CMAKE_ARGS \ | |
-DQuotient_ENABLE_E2EE=${{ matrix.e2ee }} -DQuotient_INSTALL_TESTS=ON | |
- name: Regenerate API code | |
if: matrix.update-api | |
run: cmake --build ../build/libQuotient --target update-api | |
- name: Build and install libQuotient | |
run: | | |
if [[ '${{ matrix.static-analysis }}' == 'sonar' ]]; then | |
BUILD_WRAPPER="${{ steps.sonar.outputs.build-wrapper-binary }} --out-dir $BUILD_PATH/sonar" | |
fi | |
$BUILD_WRAPPER cmake --build $BUILD_PATH --target all | |
cmake --build $BUILD_PATH --target install | |
ls ~/.local$BIN_DIR/quotest | |
- name: Run tests | |
env: | |
TEST_USER: ${{ secrets.TEST_USER }} | |
TEST_PWD: ${{ secrets.TEST_PWD }} | |
QT_ASSUME_STDERR_HAS_CONSOLE: 1 # Windows needs this for meaningful debug output | |
QT_LOGGING_RULES: 'quotient.main.debug=true;quotient.jobs.debug=true;quotient.events.debug=true' | |
QT_MESSAGE_PATTERN: '%{time h:mm:ss.zzz}|%{category}|%{if-debug}D%{endif}%{if-info}I%{endif}%{if-warning}W%{endif}%{if-critical}C%{endif}%{if-fatal}F%{endif}|%{message}' | |
run: | | |
CTEST_ARGS="--test-dir $BUILD_PATH --output-on-failure" | |
if [[ -z '${{ matrix.e2ee }}' || '${{ runner.os }}' != 'Linux' ]]; then | |
CTEST_ARGS="$CTEST_ARGS -E testolmaccount" | |
else | |
. autotests/setup-tests.sh | |
fi | |
GTEST_COLOR=1 ctest $CTEST_ARGS | |
[[ -z "$TEST_USER" ]] || \ | |
LD_LIBRARY_PATH=$LIB_PATH \ | |
$VALGRIND quotest "$TEST_USER" "$TEST_PWD" quotest-gha '#quotest:matrix.org' "$QUOTEST_ORIGIN" | |
timeout-minutes: 4 # quotest is supposed to finish within 3 minutes, actually | |
- name: Perform CodeQL analysis | |
if: matrix.static-analysis == 'codeql' | |
uses: github/codeql-action/analyze@v2 | |
- name: Run sonar-scanner | |
if: matrix.static-analysis == 'sonar' | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_SERVER_URL: 'https://sonarcloud.io' | |
run: | | |
mkdir .coverage && pushd .coverage | |
find $BUILD_PATH -name '*.gcda' -print0 \ | |
| xargs -0 gcov -s $GITHUB_WORKSPACE -pr | |
# Coverage of the test source code is not tracked, as it is always 100% | |
# (if not, some tests failed and broke the build at an earlier stage) | |
rm -f quotest* autotests* | |
popd | |
${{ steps.sonar.outputs.sonar-scanner-binary }} \ | |
-Dsonar.host.url="$SONAR_SERVER_URL" \ | |
-Dsonar.cfamily.build-wrapper-output="$BUILD_PATH/sonar" \ | |
-Dsonar.cfamily.threads=2 \ | |
-Dsonar.cfamily.gcov.reportsPath=.coverage |