Skip to content

Reenabled key exchange connection limiter test for macos. #2089

Reenabled key exchange connection limiter test for macos.

Reenabled key exchange connection limiter test for macos. #2089

Workflow file for this run

name: checks
permissions:
contents: read
on:
push:
branches:
- 'release/**'
pull_request:
branches-ignore:
- 'release/**'
schedule:
- cron: '0 4 * * *'
merge_group:
types: [checks_requested]
workflow_call: {}
jobs:
build:
name: Build and test
runs-on: "${{ matrix.os }}"
strategy:
matrix:
include:
- rust: stable
os: ubuntu-latest
features: ""
target: "x86_64-unknown-linux-gnu"
- rust: beta
os: ubuntu-latest
features: ""
target: "x86_64-unknown-linux-gnu"
- rust: "msrv"
os: ubuntu-latest
features: ""
target: "x86_64-unknown-linux-gnu"
- rust: "stable"
os: ubuntu-latest
features: ""
target: "x86_64-unknown-linux-musl"
- rust: "stable"
os: macos-latest
features: ""
target: "aarch64-apple-darwin"
- rust: "stable"
os: ubuntu-latest
features: "--all-features"
target: "x86_64-unknown-linux-gnu"
- rust: "msrv"
os: ubuntu-latest
features: "--all-features"
target: "x86_64-unknown-linux-gnu"
- rust: "stable"
os: ubuntu-latest
features: "--all-features"
target: "x86_64-unknown-linux-musl"
- rust: "stable"
os: macos-latest
features: "--all-features"
target: "aarch64-apple-darwin"
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Set target rust version
run: echo "TARGET_RUST_VERSION=$(if [ "${{matrix.rust}}" = "msrv" ]; then grep rust-version Cargo.toml | grep MSRV | cut -d'"' -f2; else echo "${{matrix.rust}}"; fi)" >> $GITHUB_ENV
- name: Install nightly toolchain for direct-minimal-versions
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: nightly
targets: "${{ matrix.target }}"
if: ${{ matrix.rust == 'msrv' }}
- name: Install toolchain
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: "${TARGET_RUST_VERSION}"
targets: "${{ matrix.target }}"
- name: Downgrade direct dependencies to minimal versions
run: cargo +nightly update -Z direct-minimal-versions
if: ${{ matrix.rust == 'msrv' }}
- name: Install cross-compilation tools
uses: taiki-e/setup-cross-toolchain-action@92417c3484017b78b44195de2e0026e080f1e001
with:
target: ${{ matrix.target }}
- name: Install cargo-llvm-cov
uses: taiki-e/install-action@ec9269c9ddb8f79f082e226dcbb74bfb4c652ab1
with:
tool: cargo-llvm-cov
- name: Rust cache
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab
with:
shared-key: "${{matrix.rust}}-${{matrix.target}}"
- name: cargo build
run: cargo build ${{ matrix.features }}
- name: cargo test
run: cargo llvm-cov --target ${{matrix.target}} ${{ matrix.features }} --lcov --output-path lcov.info
env:
RUST_BACKTRACE: 1
- name: Upload coverage to Codecov
uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a
with:
files: lcov.info
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: false
unused:
name: Check unused dependencies
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install nightly toolchain
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: nightly
- name: Install udeps
uses: taiki-e/install-action@ec9269c9ddb8f79f082e226dcbb74bfb4c652ab1
with:
tool: cargo-udeps
- name: cargo udeps
run: cargo udeps --workspace --all-targets
- name: cargo udeps (fuzzer)
run: cargo udeps --manifest-path ./fuzz/Cargo.toml --all-targets
#note: can't validate config/nts.*.toml because of intentionally missing files
validate:
name: Validate configs
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: ./ntp.toml
run: cargo run --bin ntp-ctl -- -c ./ntp.toml validate
- name: ./ntp.server.toml
run: cargo run --bin ntp-ctl -- -c ./ntp.server.toml validate
- name: ./ntp-proto/test-keys/unsafe.nts.client.toml
run: cargo run --bin ntp-ctl -- -c ./ntp-proto/test-keys/unsafe.nts.client.toml validate
- name: ./ntp-proto/test-keys/unsafe.nts.server.toml
run: cargo run --bin ntp-ctl -- -c ./ntp-proto/test-keys/unsafe.nts.server.toml validate
- name: ./config/ntp.demobilize.toml
run: cargo run --bin ntp-ctl -- -c ./config/ntp.demobilize.toml validate
- name: ./pkg/common/ntp.toml.default
run: cargo run --bin ntp-ctl -- -c ./docs/examples/conf/ntp.toml.default validate
man-sync:
name: Validate man pages
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Build man pages
run: utils/generate-man.sh target/docs/man
- name: Compare generated pages with precompiled
run: diff -r -s --color "docs/precompiled/man" "target/docs/man"
format:
name: Format
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: stable
components: rustfmt
- name: Check formatting
run: cargo fmt --all --check
- name: Check formatting (fuzzers)
run: cargo fmt --manifest-path ./fuzz/Cargo.toml --all --check
- name: Check formatting (fuzz_rand_shim)
run: cargo fmt --manifest-path ./fuzz/fuzz_rand_shim/Cargo.toml --all --check
clippy:
name: Clippy
strategy:
matrix:
include:
- target: x86_64-unknown-linux-gnu
use_zig: false
fuzzer: true
zig_args: ""
- target: armv7-unknown-linux-gnueabihf
use_zig: true
fuzzer: false
zig_args: "-target arm-linux-gnueabihf -mcpu=generic+v7a+vfp3-d32+thumb2-neon -g"
- target: x86_64-unknown-linux-musl
use_zig: true
fuzzer: false
zig_args: "-target x86_64-linux-musl"
- target: x86_64-apple-darwin
use_zig: true
fuzzer: false
zig_args: "-target x86_64-macos-gnu -g"
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install rust toolchain
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: stable
components: clippy
targets: ${{matrix.target}}
# Use zig as our C compiler for convenient cross-compilation. We run into rustls having a dependency on `ring`.
# This crate uses C and assembly code, and because of its build scripts, `cargo clippy` needs to be able to compile
# that code for our target.
- uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406
with:
version: 0.9.0
if: ${{matrix.use_zig}}
- name: Install cargo-zigbuild
uses: taiki-e/install-action@ec9269c9ddb8f79f082e226dcbb74bfb4c652ab1
with:
tool: cargo-zigbuild
if: ${{matrix.use_zig}}
- name: Set TARGET_CC for zig
run: echo "TARGET_CC=/home/runner/.cargo/bin/cargo-zigbuild zig cc -- ${{matrix.zig_args}}" >> $GITHUB_ENV
if: ${{matrix.use_zig}}
- name: Rust cache
uses: Swatinem/rust-cache@82a92a6e8fbeee089604da2575dc567ae9ddeaab
with:
shared-key: "stable-${{matrix.target}}"
- name: Run clippy
run: cargo clippy --target ${{matrix.target}} --workspace --all-targets --all-features -- -D warnings
- name: Run clippy (fuzzers)
run: cargo clippy --target ${{matrix.target}} --manifest-path ./fuzz/Cargo.toml --all-targets -- -D warnings
if: ${{matrix.fuzzer}}
- name: Run clippy (fuzz_rand_shim)
run: cargo clippy --target ${{matrix.target}} --manifest-path ./fuzz/fuzz_rand_shim/Cargo.toml --all-targets -- -D warnings
if: ${{matrix.fuzzer}}
fuzz:
name: Smoke-test fuzzing targets
runs-on: ubuntu-20.04
strategy:
matrix:
features:
- ""
- "--all-features"
steps:
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install nightly toolchain
uses: dtolnay/rust-toolchain@315e265cd78dad1e1dcf3a5074f6d6c47029d5aa
with:
toolchain: nightly
- name: Install cargo fuzz
# We install cargo-fuzz directly as the prebuilt version of
# cargo fuzz is not compatible with our toolchain.
run: |
cargo install cargo-fuzz
- name: Smoke-test fuzz targets
run: |
cargo fuzz build ${{ matrix.features }}
for target in $(cargo fuzz list) ; do
cargo fuzz run ${{ matrix.features }} $target -- -max_total_time=10
done
audit-dependencies:
name: Audit dependencies
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: EmbarkStudios/cargo-deny-action@2d8c9929d8f9f42bedba73f1287cb0b479f07acb
with:
arguments: --workspace --all-features
- uses: EmbarkStudios/cargo-deny-action@2d8c9929d8f9f42bedba73f1287cb0b479f07acb
with:
manifest-path: ./fuzz/Cargo.toml
arguments: --all-features