andrew
3a82d90914
CI / build-image (arm64, ubuntu-latest-arm64) (push) Successful in 22s
CI / build-image (amd64, ubuntu-latest-amd64) (push) Successful in 42s
CI / pre-commit (push) Successful in 34s
CI / release (arm64, ubuntu-latest-arm64) (push) Failing after 1m7s
CI / test (-DCMAKE_BUILD_TYPE=Debug, debug) (push) Successful in 2m35s
CI / test (-DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1, 64-bit-versions) (push) Successful in 2m27s
CI / test (-DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++, gcc) (push) Successful in 2m35s
CI / test (-DUSE_SIMD_FALLBACK=ON, simd-fallback) (push) Successful in 2m27s
CI / release (amd64, ubuntu-latest-amd64) (push) Failing after 2m32s
CI / coverage (push) Failing after 2m20s
Disable preserve_none under ASan on aarch64: every clang tested (20, 21, trunk 22) miscompiles the continuation chains with that combination, crashing ~97% of fuzz corpus tests. The chains still work with the default calling convention. See #38. Mark the masked Node3 scan results defined for valgrind on aarch64: clang 21+ lowers the in-bounds tests through flags+csel, which memcheck models imprecisely, tainting bits the mask provably clears. See #39. Skip valgrind tests in the arm64 release job, since -DNVALGRIND compiles out the client requests the workaround relies on. Both issues track filing upstream bugs.
253 lines
8.5 KiB
YAML
253 lines
8.5 KiB
YAML
name: CI
|
|
|
|
on: [push, pull_request]
|
|
|
|
jobs:
|
|
build-image:
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- runner: ubuntu-latest-amd64
|
|
arch: amd64
|
|
- runner: ubuntu-latest-arm64
|
|
arch: arm64
|
|
runs-on: ${{ matrix.runner }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Log in to registry
|
|
env:
|
|
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
|
|
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
|
run: |
|
|
echo "$REGISTRY_TOKEN" \
|
|
| docker login -u "$REGISTRY_USER" --password-stdin git.weaselab.dev
|
|
|
|
- name: Build and push image if changed
|
|
run: |
|
|
image=git.weaselab.dev/weaselab/conflict-set-ci
|
|
hash="$(sha256sum Dockerfile .pre-commit-config.yaml | sha256sum | cut -c 1-16)"
|
|
latest="$image:latest-${{ matrix.arch }}"
|
|
current="$(docker buildx imagetools inspect "$latest" \
|
|
--format '{{index .Image.Config.Labels "dev.weaselab.ci-hash"}}' 2> /dev/null || true)"
|
|
if [ "$current" = "$hash" ]; then
|
|
echo "$latest is up to date"
|
|
else
|
|
docker build --push --label "dev.weaselab.ci-hash=$hash" -t "$latest" .
|
|
fi
|
|
|
|
pre-commit:
|
|
needs: build-image
|
|
runs-on: ubuntu-latest-amd64
|
|
container:
|
|
image: git.weaselab.dev/weaselab/conflict-set-ci:latest-amd64
|
|
credentials:
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Run pre-commit
|
|
env:
|
|
# use the hooks pre-installed in the image
|
|
HOME: /tmp
|
|
run: |
|
|
git config --global --add safe.directory "$PWD"
|
|
pre-commit run --all-files --show-diff-on-failure
|
|
|
|
test:
|
|
needs: build-image
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- name: 64-bit-versions
|
|
cmake_args: -DCMAKE_CXX_FLAGS=-DUSE_64_BIT=1
|
|
- name: debug
|
|
cmake_args: -DCMAKE_BUILD_TYPE=Debug
|
|
- name: simd-fallback
|
|
cmake_args: -DUSE_SIMD_FALLBACK=ON
|
|
- name: gcc
|
|
cmake_args: -DCMAKE_C_COMPILER=gcc -DCMAKE_CXX_COMPILER=g++
|
|
runs-on: ubuntu-latest-amd64
|
|
container:
|
|
image: git.weaselab.dev/weaselab/conflict-set-ci:latest-amd64
|
|
credentials:
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: .ccache
|
|
key: ccache-${{ matrix.name }}-${{ gitea.sha }}
|
|
restore-keys: |
|
|
ccache-${{ matrix.name }}-
|
|
|
|
- name: Build
|
|
run: |
|
|
export CCACHE_DIR="$GITHUB_WORKSPACE/.ccache"
|
|
rm -rf build
|
|
cmake -S . -B build -G Ninja -DCMAKE_CXX_COMPILER_LAUNCHER=ccache ${{ matrix.cmake_args }}
|
|
ninja -C build
|
|
ccache -s
|
|
|
|
- name: Test
|
|
run: |
|
|
cd build
|
|
ctest --no-compress-output --test-output-size-passed 100000 --test-output-size-failed 100000 -T Test -j "$(nproc)" --timeout 90 > /dev/null
|
|
|
|
- name: Upload test results to MinIO
|
|
if: always()
|
|
env:
|
|
MINIO_ACCESS_KEY: ${{ secrets.MINIO_ACCESS_KEY }}
|
|
MC_HOST_minio: https://${{ secrets.MINIO_ACCESS_KEY }}:${{ secrets.MINIO_SECRET_KEY }}@minio.weaselab.dev
|
|
run: |
|
|
if [ -z "$MINIO_ACCESS_KEY" ]; then
|
|
echo "MinIO credentials not configured; skipping upload"
|
|
exit 0
|
|
fi
|
|
zstd build/Testing/*/Test.xml
|
|
mc cp build/Testing/*/Test.xml.zst "minio/jenkins/conflict-set/${{ gitea.run_number }}/${{ matrix.name }}/"
|
|
|
|
release:
|
|
needs: build-image
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- runner: ubuntu-latest-amd64
|
|
arch: amd64
|
|
- runner: ubuntu-latest-arm64
|
|
arch: arm64
|
|
runs-on: ${{ matrix.runner }}
|
|
container:
|
|
image: git.weaselab.dev/weaselab/conflict-set-ci:latest-${{ matrix.arch }}
|
|
credentials:
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: .ccache
|
|
key: ccache-release-${{ matrix.arch }}-${{ gitea.sha }}
|
|
restore-keys: |
|
|
ccache-release-${{ matrix.arch }}-
|
|
|
|
- name: Build
|
|
run: |
|
|
export CCACHE_DIR="$GITHUB_WORKSPACE/.ccache"
|
|
rm -rf build
|
|
cmake -S . -B build -G Ninja -DCMAKE_CXX_COMPILER_LAUNCHER=ccache -DCMAKE_CXX_FLAGS=-DNVALGRIND
|
|
ninja -C build
|
|
ccache -s
|
|
|
|
- name: Test
|
|
run: |
|
|
cd build
|
|
# On arm64, valgrind needs the MAKE_MEM_DEFINED client requests for
|
|
# https://git.weaselab.dev/weaselab/conflict-set/issues/39, but this
|
|
# build has -DNVALGRIND, which compiles them out. Skip valgrind
|
|
# tests here; they run annotated in the test job.
|
|
ctest --no-compress-output --test-output-size-passed 100000 --test-output-size-failed 100000 ${{ matrix.arch == 'arm64' && '-E valgrind' || '' }} -T Test -j "$(nproc)" --timeout 90 > /dev/null
|
|
|
|
- name: Package
|
|
run: |
|
|
cd build
|
|
cpack -G DEB
|
|
cpack -G RPM
|
|
|
|
- name: Build paper
|
|
if: matrix.arch == 'amd64'
|
|
run: |
|
|
cd paper
|
|
make
|
|
|
|
- name: Upload artifacts to MinIO
|
|
if: always()
|
|
env:
|
|
MINIO_ACCESS_KEY: ${{ secrets.MINIO_ACCESS_KEY }}
|
|
MC_HOST_minio: https://${{ secrets.MINIO_ACCESS_KEY }}:${{ secrets.MINIO_SECRET_KEY }}@minio.weaselab.dev
|
|
run: |
|
|
if [ -z "$MINIO_ACCESS_KEY" ]; then
|
|
echo "MinIO credentials not configured; skipping upload"
|
|
exit 0
|
|
fi
|
|
dest="minio/jenkins/conflict-set/${{ gitea.run_number }}/release-${{ matrix.arch }}/"
|
|
zstd build/Testing/*/Test.xml
|
|
mc cp build/Testing/*/Test.xml.zst "$dest"
|
|
# This step runs even when a previous step failed, to upload test
|
|
# results. The packages may never have been built though, so skip
|
|
# them if they're missing.
|
|
if compgen -G "build/*.deb" > /dev/null; then
|
|
mc cp build/*.deb "$dest"
|
|
fi
|
|
if compgen -G "build/*.rpm" > /dev/null; then
|
|
mc cp build/*.rpm "$dest"
|
|
fi
|
|
if compgen -G "paper/*.pdf" > /dev/null; then
|
|
mc cp paper/*.pdf "$dest"
|
|
fi
|
|
|
|
coverage:
|
|
needs: build-image
|
|
runs-on: ubuntu-latest-amd64
|
|
container:
|
|
image: git.weaselab.dev/weaselab/conflict-set-ci:latest-amd64
|
|
credentials:
|
|
username: ${{ secrets.REGISTRY_USER }}
|
|
password: ${{ secrets.REGISTRY_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/cache@v4
|
|
with:
|
|
path: .ccache
|
|
key: ccache-coverage-${{ gitea.sha }}
|
|
restore-keys: |
|
|
ccache-coverage-
|
|
|
|
- name: Build
|
|
run: |
|
|
export CCACHE_DIR="$GITHUB_WORKSPACE/.ccache"
|
|
rm -rf build
|
|
cmake -S . -B build -G Ninja -DCMAKE_CXX_COMPILER_LAUNCHER=ccache \
|
|
-DCMAKE_C_FLAGS=--coverage -DCMAKE_CXX_FLAGS=--coverage \
|
|
-DCMAKE_BUILD_TYPE=Debug -DDISABLE_TSAN=ON
|
|
ninja -C build
|
|
ccache -s
|
|
|
|
- name: Test
|
|
run: |
|
|
cd build
|
|
ctest --no-compress-output --test-output-size-passed 100000 --test-output-size-failed 100000 -T Test -j "$(nproc)" --timeout 90 > /dev/null
|
|
|
|
- name: Coverage report
|
|
run: |
|
|
gcov_args=(-f ConflictSet.cpp -f LongestCommonPrefix.h -f Metrics.h
|
|
--gcov-executable "llvm-cov gcov" --exclude-noncode-lines)
|
|
gcovr "${gcov_args[@]}" --cobertura > build/coverage.xml
|
|
gcovr "${gcov_args[@]}"
|
|
gcovr "${gcov_args[@]}" --fail-under-line 100 > /dev/null
|
|
|
|
- name: Upload results to MinIO
|
|
if: always()
|
|
env:
|
|
MINIO_ACCESS_KEY: ${{ secrets.MINIO_ACCESS_KEY }}
|
|
MC_HOST_minio: https://${{ secrets.MINIO_ACCESS_KEY }}:${{ secrets.MINIO_SECRET_KEY }}@minio.weaselab.dev
|
|
run: |
|
|
if [ -z "$MINIO_ACCESS_KEY" ]; then
|
|
echo "MinIO credentials not configured; skipping upload"
|
|
exit 0
|
|
fi
|
|
dest="minio/jenkins/conflict-set/${{ gitea.run_number }}/coverage/"
|
|
zstd build/Testing/*/Test.xml
|
|
mc cp build/Testing/*/Test.xml.zst "$dest"
|
|
if [ -e build/coverage.xml ]; then
|
|
mc cp build/coverage.xml "$dest"
|
|
fi
|