Skip to content
.github/workflows/parallel_tests.yml

formatting #1813

Sign in to view logs

formatting

formatting #1813

Workflow file for this run

.github/workflows/parallel_tests.yml at fa9a610
name: Parallel Tests
# For PRs to dev or pushes that modify the root Dockerfile, build from scratch
# then run CI tests using that container in parallel
# For forked repos that can't use our panda-arc test suite, just build and run make check
on:
# Allow repo owner to manually run this workflow for external PRs once code is vetted
workflow_dispatch:
# Run automatically for internal PRs and pushes
pull_request:
branches:
- dev
- stable
- candidate_release_*
# push:
# paths: ['Dockerfile'] # If this file changed, we'd need to do a clean build (this action)
# otherwise we could speed this up by pulling the last container of 'dev', copying
# code into it, and then rebuilding
jobs:

Check failure on line 20 in .github/workflows/parallel_tests.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/parallel_tests.yml

Invalid workflow file 

You have an error in your yaml syntax on line 20
lint:
runs-on: panda-arc
steps:
- uses: actions/checkout@v4
if: github.event_name == 'pull_request'
- name: Set up Python
if: github.event_name == 'pull_request'
uses: actions/setup-python@v2
with:
python-version: "3.10"
- name: Install dependencies
if: github.event_name == 'pull_request'
run: pip install flake8 lintly markupsafe==2.0.1
- name: Lint with flake8
if: github.event_name == 'pull_request'
run: |
set -o pipefail
(flake8 $GITHUB_WORKSPACE/panda/python/core/pandare/ --count --select=E9,F63,F7,F82 --show-source --statistics | lintly) 2>lintly.err || {
if grep -q 'diff exceeded the maximum number of lines' lintly.err; then
echo "Bypassing lint failure due to large diff."
exit 0
else
cat lintly.err
exit 1
fi
}
env:
LINTLY_API_KEY: ${{ secrets.GITHUB_TOKEN }}
test_installer: # test install_ubuntu.sh
runs-on: panda-arc # Note 22.04 would work, but it requires docker > 20.10.7 which is not on our CI box (yet)
container:
image: ubuntu:22.04
steps:
- name: Update
run: apt-get -qq update -y
- name: Run install_ubuntu.sh
run: cd $GITHUB_WORKSPACE && ./panda/scripts/install_ubuntu.sh
build_container:
if: github.repository == 'panda-re/panda'
runs-on: panda-arc
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: |
image=moby/buildkit:master
network=host
buildkitd-config-inline: |
[registry."${{ secrets.PANDA_ARC_REGISTRY }}"]
insecure = true
http = true
- name: Trust Harbor's self-signed certificate
run: |
echo "Fetching certificate from registry"
openssl s_client -showcerts -connect ${{ secrets.PANDA_ARC_REGISTRY }}:443 < /dev/null 2>/dev/null | openssl x509 -outform PEM | sudo tee /usr/local/share/ca-certificates/harbor.crt > /dev/null
sudo update-ca-certificates
- name: Log in to Rehosting Arc Registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.PANDA_ARC_REGISTRY }}
username: ${{ secrets.PANDA_ARC_REGISTRY_USER }}
password: ${{ secrets.PANDA_ARC_REGISTRY_PASSWORD }}
- name: Build panda:latest
uses: docker/[email protected]
with:
push: true
load: true
context: ${{ github.workspace }}
target: developer
tags: |
${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}
cache-from: |
type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max
cache-to: |
type=registry,ref=${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:cache,mode=max
build-args: |
REGISTRY=${{ secrets.PANDA_ARC_REGISTRY }}/proxy
- name: Minimal test of built container # Just test to see if one of our binaries is built
run: docker run --rm "${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}" /bin/bash -c 'exit $(/panda/build/arm-softmmu/panda-system-arm -help | grep -q "usage. panda-system-arm")'
tests:
if: github.repository == 'panda-re/panda'
runs-on: panda-arc
needs: [build_container]
strategy:
matrix:
include:
- test_type: "taint"
target: "i386"
- test_type: "taint"
target: "x86_64"
- test_type: "pypanda"
test_script: "all"
- test_type: "make_check"
test_script: "all"
steps:
# Given a container with PANDA installed at /panda, run the taint tests
- name: Update
run: sudo apt-get -qq update -y
- name: Install ssl
run: sudo apt-get -qq install -y wget
- name: Run Taint Tests
if: matrix.test_type == 'taint'
run: >-
wget -q -O wheezy_panda2.qcow2 https://panda-re.mit.edu/qcows/linux/debian/7.3/x86/debian_7.3_x86.qcow;
wget -q https://panda-re.mit.edu/qcows/linux/ubuntu/1804/x86_64/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2;
docker run --name panda_test_${{ matrix.target }}_${GITHUB_RUN_ID}
--mount type=bind,source=$(pwd)/wheezy_panda2.qcow2,target=/home/panda/regdir/qcows/wheezy_panda2.qcow2
--mount type=bind,source=$(pwd)/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2,target=/home/panda/regdir/qcows/bionic-server-cloudimg-amd64-noaslr-nokaslr.qcow2
--rm -t "${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}" bash -c
"cd /tmp; git clone https://github.com/panda-re/panda_test;
cd ./panda_test/tests/taint2;
echo 'Running Record:';
python3 taint2_multi_arch_record_or_replay.py --arch ${{ matrix.target }} --mode record;
echo 'Running Replay:';
python3 taint2_multi_arch_record_or_replay.py --arch ${{ matrix.target }} --mode replay;
sed -i '/^\s*$/d' taint2_log;
if cat taint2_log; then echo 'Taint unit test log found!'; else echo 'Taint unit test log NOT found!' && exit 1; fi;
echo -e '\nFailures:';
if grep 'fail' taint2_log; then echo 'TEST FAILED!' && exit 1; else echo -e 'None.\nTEST PASSED!' && exit 0; fi"
- name: Run PyPanda Tests
if: matrix.test_type == 'pypanda'
run: >-
wget -q https://panda-re.mit.edu/qcows/linux/ubuntu/1604/x86/ubuntu_1604_x86.qcow;
docker run --name panda_test_${{ matrix.test_script }}_${GITHUB_RUN_ID}
--mount type=bind,source=$(pwd)/ubuntu_1604_x86.qcow,target=/root/.panda/ubuntu_1604_x86.qcow
-e PANDA_TEST=yes --cap-add SYS_NICE
--rm -t "${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}" bash -c
"cd /panda/panda/python/tests/ && make && pip3 install -r requirements.txt && chmod +x ./run_all_tests.sh && ./run_all_tests.sh";
docker run --name panda_sym_test_${{ matrix.target }}_${GITHUB_RUN_ID}
--rm -t "${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}" bash -c
"pip3 install capstone keystone-engine z3-solver; python3 /panda/panda/python/examples/unicorn/taint_sym_x86_64.py;
if [ $? -eq 0 ]; then echo -e 'TEST PASSED!' && exit 0; else echo 'TEST FAILED!' && exit 1; fi"
- name: Run make Tests
if: matrix.test_type == 'make_check'
run: >-
docker run --name panda_test_${{ matrix.test_script }}_${GITHUB_RUN_ID}
-e PANDA_TEST=yes --cap-add SYS_NICE
--rm -t "${{secrets.PANDA_ARC_REGISTRY}}/pandare/panda:${{ github.sha }}" bash -c
"cd /panda/build && make check"
build_and_check_fork: # Forked repos can't use panda-arc test suite - just checkout and run make check
if: github.repository != 'panda-re/panda'
runs-on: panda-arc
steps:
- uses: actions/checkout@v4 # Clones code into to /home/runner/work/panda
- name: Build docker container from project root
run: cd $GITHUB_WORKSPACE && docker build -t panda_local .
- name: Minimal test of built container # Just test to see if one of our binaries is installed
run: docker run --rm panda_local /bin/bash -c 'exit $(panda-system-arm -help | grep -q "usage. panda-system-arm")'
- name: Minimal test of built container # Run make check to check all architectures (in serial)
run: docker run --rm panda_local /bin/bash -c 'cd /panda/build && make check'