xref: /freebsd/crypto/openssh/.github/workflows/upstream.yml (revision 2574974648c68c738aec3ff96644d888d7913a37)

name: OpenBSD

on:
  push:
    branches: [ master ]
    paths: [ '**.c', '**.h', '**.sh', '.github/workflows/upstream.yml' ]

jobs:
  selfhosted:
    name: "upstream ${{ matrix.target }} ${{ matrix.config }}"
    if: github.repository == 'openssh/openssh-portable-selfhosted'
    runs-on: ${{ matrix.host }}
    env:
      EPHEMERAL: true
      HOST:  ${{ matrix.host }}
      TARGET_HOST: ${{ matrix.target }}
      TARGET_CONFIG: ${{ matrix.config }}
      TARGET_DOMAIN: ${{ format('{0}-{1}-{2}', matrix.target, matrix.config, github.run_id) || matrix.target }}
    strategy:
      fail-fast: false
      matrix:
        host:
          - libvirt
        target: [ obsdsnap, obsdsnap-i386 ]
        # TODO: restore 'ubsan' once fixed
        config: [ default, kerberos5, without-openssl ]
        include:
          - { host: libvirt-arm64, target: obsdsnap-arm64, config: default }
          - { host: libvirt-arm64, target: obsdsnap-arm64, config: kerberos5 }
          - { host: libvirt-arm64, target: obsdsnap-arm64, config: without-openssl }
          # - { host: libvirt-arm64, target: obsdsnap-arm64, config: ubsan }
    steps:
    - name: unmount stale workspace
      run: fusermount -u ${GITHUB_WORKSPACE} || true
      working-directory: ${{ runner.temp }}
    - name: shutdown VM if running
      run: vmshutdown
      working-directory: ${{ runner.temp }}
    - uses: actions/checkout@main
    - name: startup VM
      run: vmstartup
      working-directory: ${{ runner.temp }}
    - name: copy and mount workspace
      run: sshfs_mount
      working-directory: ${{ runner.temp }}
    - name: update source
      run: vmrun "cd /usr/src && if [ -d .git ]; then git pull && git log -n1; else cvs -q up -dPA usr.bin/ssh regress/usr.bin/ssh usr.bin/nc; fi"
    - name: update netcat
      run: vmrun "cd /usr/src/usr.bin/nc && make clean all && sudo make install"
    - name: make clean
      run: vmrun "cd /usr/src/usr.bin/ssh && make obj && make clean && cd /usr/src/regress/usr.bin/ssh && make obj && make clean && sudo chmod -R g-w /usr/src /usr/obj"
    - name: make
      run: vmrun "cd /usr/src/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; kerberos5) make KERBEROS5=yes;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
    - name: make install
      run: vmrun "cd /usr/src/usr.bin/ssh && sudo make install && sudo /etc/rc.d/sshd -f restart"
    - name: make tests`
      run: vmrun "cd /usr/src/regress/usr.bin/ssh && case ${{ matrix.config }} in without-openssl) make OPENSSL=no;; ubsan) make DEBUG='-fsanitize-minimal-runtime -fsanitize=undefined';; *) make; esac"
      env:
        SUDO: sudo
      timeout-minutes: 300
    - name: show logs
      if: failure()
      run: vmrun 'for i in /usr/src/regress/usr.bin/ssh/obj/*.log; do echo ====; echo logfile $i; echo =====; cat $i; done'
    - name: save logs
      if: failure()
      uses: actions/upload-artifact@main
      with:
        name: ${{ matrix.target }}-${{ matrix.config }}-logs
        path: |
          /usr/src/regress/usr.bin/ssh/obj/*.log
          /usr/src/regress/usr.bin/ssh/obj/log/*
    - name: unmount workspace
      if: always()
      run: |
        fusermount -u ${GITHUB_WORKSPACE} || true
        fusermount -z -u ${GITHUB_WORKSPACE} || true
      working-directory: ${{ runner.temp }}
    - name: shutdown VM
      if: always()
      run: vmshutdown
      working-directory: ${{ runner.temp }}