diff options
author | Edward Thomson <ethomson@edwardthomson.com> | 2020-11-18 18:08:23 +0000 |
---|---|---|
committer | Edward Thomson <ethomson@edwardthomson.com> | 2020-11-18 18:08:23 +0000 |
commit | 3d6b90359d1307736c9fd4488b1703d934a69a1a (patch) | |
tree | d79828cc2ec1fbed4cb4c75076fc79352bbfd151 /ci | |
parent | 2a51679005285e4e5f8642dd86dc35b46de772c1 (diff) | |
download | libgit2-3d6b90359d1307736c9fd4488b1703d934a69a1a.tar.gz |
ci: stop using deprecated set-env in GitHub Actions
(And move the ci scripts into the `ci` directory.)
Diffstat (limited to 'ci')
-rwxr-xr-x | ci/build.sh | 67 | ||||
-rwxr-xr-x | ci/coverity.sh | 62 | ||||
-rw-r--r-- | ci/docker/bionic | 41 | ||||
-rw-r--r-- | ci/docker/docurium | 3 | ||||
-rw-r--r-- | ci/docker/entrypoint.sh | 4 | ||||
-rw-r--r-- | ci/docker/focal | 79 | ||||
-rw-r--r-- | ci/docker/xenial | 66 | ||||
-rwxr-xr-x | ci/getcontainer.sh | 45 | ||||
-rwxr-xr-x | ci/setup-mingw.sh | 25 | ||||
-rwxr-xr-x | ci/setup-osx.sh | 8 | ||||
-rwxr-xr-x | ci/test.sh | 325 |
11 files changed, 725 insertions, 0 deletions
diff --git a/ci/build.sh b/ci/build.sh new file mode 100755 index 000000000..c230e67d6 --- /dev/null +++ b/ci/build.sh @@ -0,0 +1,67 @@ +#!/usr/bin/env bash +# +# Environment variables: +# +# SOURCE_DIR: Set to the directory of the libgit2 source (optional) +# If not set, it will be derived relative to this script. + +set -e + +SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )} +BUILD_DIR=$(pwd) +BUILD_PATH=${BUILD_PATH:=$PATH} +CMAKE=$(which cmake) +CMAKE_GENERATOR=${CMAKE_GENERATOR:-Unix Makefiles} + +if [[ "$(uname -s)" == MINGW* ]]; then + BUILD_PATH=$(cygpath "$BUILD_PATH") +fi + +indent() { sed "s/^/ /"; } + +echo "Source directory: ${SOURCE_DIR}" +echo "Build directory: ${BUILD_DIR}" +echo "" + +if [ "$(uname -s)" = "Darwin" ]; then + echo "macOS version:" + sw_vers | indent +fi + +if [ -f "/etc/debian_version" ]; then + echo "Debian version:" + (source /etc/lsb-release && echo "${DISTRIB_DESCRIPTION}") | indent +fi + +echo "Kernel version:" +uname -a 2>&1 | indent + +echo "CMake version:" +env PATH="${BUILD_PATH}" "${CMAKE}" --version 2>&1 | indent + +if test -n "${CC}"; then + echo "Compiler version:" + "${CC}" --version 2>&1 | indent +fi +echo "Environment:" +if test -n "${CC}"; then + echo "CC=${CC}" | indent +fi +if test -n "${CFLAGS}"; then + echo "CFLAGS=${CFLAGS}" | indent +fi +echo "" + +echo "##############################################################################" +echo "## Configuring build environment" +echo "##############################################################################" + +echo cmake -DENABLE_WERROR=ON -DBUILD_EXAMPLES=ON -DBUILD_FUZZERS=ON -DUSE_STANDALONE_FUZZERS=ON -G \"${CMAKE_GENERATOR}\" ${CMAKE_OPTIONS} -S \"${SOURCE_DIR}\" +env PATH="${BUILD_PATH}" "${CMAKE}" -DENABLE_WERROR=ON -DBUILD_EXAMPLES=ON -DBUILD_FUZZERS=ON -DUSE_STANDALONE_FUZZERS=ON -G "${CMAKE_GENERATOR}" ${CMAKE_OPTIONS} -S "${SOURCE_DIR}" + +echo "" +echo "##############################################################################" +echo "## Building libgit2" +echo "##############################################################################" + +env PATH="${BUILD_PATH}" "${CMAKE}" --build . diff --git a/ci/coverity.sh b/ci/coverity.sh new file mode 100755 index 000000000..c68b6f8cc --- /dev/null +++ b/ci/coverity.sh @@ -0,0 +1,62 @@ +#!/bin/bash -e + +if test -z "$COVERITY_TOKEN" +then + echo "Need to set a coverity token" + exit 1 +fi + +case $(uname -m) in + i?86) + BITS=32;; + amd64|x86_64) + BITS=64;; + *) + echo "Unsupported arch '$(uname -m)'" + exit 1;; +esac + +SCAN_TOOL=https://scan.coverity.com/download/cxx/linux${BITS} +SOURCE_DIR=$(realpath "$(dirname "${BASH_SOURCE[0]}")"/..) +BUILD_DIR=${SOURCE_DIR}/coverity-build +TOOL_DIR=${BUILD_DIR}/coverity-tools + +# Install coverity tools +if ! test -d "$TOOL_DIR" +then + mkdir -p "$TOOL_DIR" + curl --silent --show-error --location --data "project=libgit2&token=$COVERITY_TOKEN" "$SCAN_TOOL" | + tar -xzC "$TOOL_DIR" + ln -s "$(find "$TOOL_DIR" -type d -name 'cov-analysis*')" "$TOOL_DIR"/cov-analysis +fi + +cp "${SOURCE_DIR}/script/user_nodefs.h" "$TOOL_DIR"/cov-analysis/config/ + +# Build libgit2 with Coverity +mkdir -p "$BUILD_DIR" +cd "$BUILD_DIR" +cmake "$SOURCE_DIR" +COVERITY_UNSUPPORTED=1 \ + "$TOOL_DIR/cov-analysis/bin/cov-build" --dir cov-int \ + cmake --build . + +# Upload results +tar -czf libgit2.tgz cov-int +REVISION=$(cd ${SOURCE_DIR} && git rev-parse --short HEAD) +HTML="$(curl \ + --silent --show-error \ + --write-out "\n%{http_code}" \ + --form token="$COVERITY_TOKEN" \ + --form email=libgit2@gmail.com \ + --form file=@libgit2.tgz \ + --form version="$REVISION" \ + --form description="libgit2 build" \ + https://scan.coverity.com/builds?project=libgit2)" + +# Status code is the last line +STATUS_CODE="$(echo "$HTML" | tail -n1)" +if test "${STATUS_CODE}" != 200 && test "${STATUS_CODE}" != 201 +then + echo "Received error code ${STATUS_CODE} from Coverity" + exit 1 +fi diff --git a/ci/docker/bionic b/ci/docker/bionic new file mode 100644 index 000000000..5918584dc --- /dev/null +++ b/ci/docker/bionic @@ -0,0 +1,41 @@ +FROM ubuntu:bionic AS apt +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + clang \ + cmake \ + curl \ + gcc \ + git \ + libcurl4-openssl-dev \ + libpcre3-dev \ + libssh2-1-dev \ + libssl-dev \ + libz-dev \ + ninja-build \ + openjdk-8-jre-headless \ + openssh-server \ + openssl \ + pkgconf \ + python \ + sudo \ + valgrind \ + && \ + rm -rf /var/lib/apt/lists/* + +FROM apt AS mbedtls +RUN cd /tmp && \ + curl --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz | \ + tar -xz && \ + cd mbedtls-2.16.2 && \ + scripts/config.pl set MBEDTLS_MD4_C 1 && \ + CFLAGS=-fPIC cmake -G Ninja -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF -DUSE_SHARED_MBEDTLS_LIBRARY=OFF -DUSE_STATIC_MBEDTLS_LIBRARY=ON . && \ + ninja install && \ + cd .. && \ + rm -rf mbedtls-2.16.2 + +FROM mbedtls AS configure +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod a+x /usr/local/bin/entrypoint.sh +RUN mkdir /var/run/sshd + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/ci/docker/docurium b/ci/docker/docurium new file mode 100644 index 000000000..54a4202b6 --- /dev/null +++ b/ci/docker/docurium @@ -0,0 +1,3 @@ +FROM ubuntu:bionic +RUN apt update && apt install -y cmake pkg-config ruby ruby-dev llvm libclang-dev libssl-dev python-pygments +RUN gem install docurium diff --git a/ci/docker/entrypoint.sh b/ci/docker/entrypoint.sh new file mode 100644 index 000000000..8d96e3acd --- /dev/null +++ b/ci/docker/entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/bash -e +useradd --shell /bin/bash libgit2 +chown --recursive libgit2:libgit2 /home/libgit2 +exec sudo --preserve-env --set-home --user=libgit2 "$@" diff --git a/ci/docker/focal b/ci/docker/focal new file mode 100644 index 000000000..c75e85a4c --- /dev/null +++ b/ci/docker/focal @@ -0,0 +1,79 @@ +FROM ubuntu:focal AS apt +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + bzip2 \ + clang-10 \ + cmake \ + curl \ + gcc-10 \ + git \ + krb5-user \ + libcurl4-gnutls-dev \ + libgcrypt20-dev \ + libkrb5-dev \ + libpcre3-dev \ + libssl-dev \ + libz-dev \ + llvm-10 \ + make \ + ninja-build \ + openjdk-8-jre-headless \ + openssh-server \ + openssl \ + pkgconf \ + python \ + sudo \ + valgrind \ + && \ + rm -rf /var/lib/apt/lists/* && \ + mkdir /usr/local/msan + +FROM apt AS mbedtls +RUN cd /tmp && \ + curl --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz | \ + tar -xz && \ + cd mbedtls-2.16.2 && \ + scripts/config.pl unset MBEDTLS_AESNI_C && \ + scripts/config.pl set MBEDTLS_MD4_C 1 && \ + mkdir build build-msan && \ + cd build && \ + CC=clang-10 CFLAGS="-fPIC" cmake -G Ninja -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF -DUSE_SHARED_MBEDTLS_LIBRARY=ON -DUSE_STATIC_MBEDTLS_LIBRARY=OFF -DCMAKE_BUILD_TYPE=Debug -DCMAKE_PREFIX_PATH=/usr/local -DCMAKE_INSTALL_PREFIX=/usr/local .. && \ + ninja install && \ + cd ../build-msan && \ + CC=clang-10 CFLAGS="-fPIC" cmake -G Ninja -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF -DUSE_SHARED_MBEDTLS_LIBRARY=ON -DUSE_STATIC_MBEDTLS_LIBRARY=OFF -DCMAKE_BUILD_TYPE=MemSanDbg -DCMAKE_INSTALL_PREFIX=/usr/local/msan .. && \ + ninja install && \ + cd .. && \ + rm -rf mbedtls-2.16.2 + +FROM mbedtls AS libssh2 +RUN cd /tmp && \ + curl --insecure --location --silent --show-error https://www.libssh2.org/download/libssh2-1.8.2.tar.gz | \ + tar -xz && \ + cd libssh2-1.8.2 && \ + mkdir build build-msan && \ + cd build && \ + CC=clang-10 CFLAGS="-fPIC" cmake -G Ninja -DBUILD_SHARED_LIBS=ON -DCRYPTO_BACKEND=Libgcrypt -DCMAKE_PREFIX_PATH=/usr/local -DCMAKE_INSTALL_PREFIX=/usr/local .. && \ + ninja install && \ + cd ../build-msan && \ + CC=clang-10 CFLAGS="-fPIC -fsanitize=memory -fno-optimize-sibling-calls -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer" LDFLAGS="-fsanitize=memory" cmake -G Ninja -DBUILD_SHARED_LIBS=ON -DCRYPTO_BACKEND=mbedTLS -DCMAKE_PREFIX_PATH=/usr/local/msan -DCMAKE_INSTALL_PREFIX=/usr/local/msan .. && \ + ninja install && \ + cd .. && \ + rm -rf libssh2-1.8.2 + +FROM libssh2 AS valgrind +RUN cd /tmp && \ + curl --insecure --location --silent --show-error https://sourceware.org/pub/valgrind/valgrind-3.15.0.tar.bz2 | \ + tar -xj && \ + cd valgrind-3.15.0 && \ + CC=clang-10 ./configure && \ + make MAKEFLAGS="-j -l$(grep -c ^processor /proc/cpuinfo)" && \ + make install && \ + cd .. && \ + rm -rf valgrind-3.15.0 + +FROM valgrind AS configure +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod a+x /usr/local/bin/entrypoint.sh +RUN mkdir /var/run/sshd + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/ci/docker/xenial b/ci/docker/xenial new file mode 100644 index 000000000..67867edc6 --- /dev/null +++ b/ci/docker/xenial @@ -0,0 +1,66 @@ +FROM ubuntu:xenial AS apt +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + bzip2 \ + clang \ + cmake \ + curl \ + gcc \ + git \ + krb5-user \ + libcurl4-gnutls-dev \ + libgcrypt20-dev \ + libkrb5-dev \ + libpcre3-dev \ + libssl-dev \ + libz-dev \ + make \ + ninja-build \ + openjdk-8-jre-headless \ + openssh-server \ + openssl \ + pkgconf \ + python \ + sudo \ + valgrind \ + && \ + rm -rf /var/lib/apt/lists/* + +FROM apt AS mbedtls +RUN cd /tmp && \ + curl --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz | \ + tar -xz && \ + cd mbedtls-2.16.2 && \ + scripts/config.pl set MBEDTLS_MD4_C 1 && \ + CFLAGS=-fPIC cmake -G Ninja -DENABLE_PROGRAMS=OFF -DENABLE_TESTING=OFF -DUSE_SHARED_MBEDTLS_LIBRARY=OFF -DUSE_STATIC_MBEDTLS_LIBRARY=ON . && \ + ninja install && \ + cd .. && \ + rm -rf mbedtls-2.16.2 + +FROM mbedtls AS libssh2 +RUN cd /tmp && \ + curl --insecure --location --silent --show-error https://www.libssh2.org/download/libssh2-1.8.2.tar.gz | \ + tar -xz && \ + cd libssh2-1.8.2 && \ + CFLAGS=-fPIC cmake -G Ninja -DBUILD_SHARED_LIBS=ON -DCRYPTO_BACKEND=Libgcrypt . && \ + ninja install && \ + cd .. && \ + rm -rf libssh2-1.8.2 + +FROM libssh2 AS valgrind +RUN cd /tmp && \ + curl --insecure --location --silent --show-error https://sourceware.org/pub/valgrind/valgrind-3.15.0.tar.bz2 | \ + tar -xj && \ + cd valgrind-3.15.0 && \ + ./configure && \ + make && \ + make install && \ + cd .. && \ + rm -rf valgrind-3.15.0 + +FROM valgrind AS configure +COPY entrypoint.sh /usr/local/bin/entrypoint.sh +RUN chmod a+x /usr/local/bin/entrypoint.sh +RUN mkdir /var/run/sshd + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] diff --git a/ci/getcontainer.sh b/ci/getcontainer.sh new file mode 100755 index 000000000..b259260f4 --- /dev/null +++ b/ci/getcontainer.sh @@ -0,0 +1,45 @@ +#!/bin/bash + +set -e + +DOCKERFILE_PATH=$1 + +if [ "${DOCKERFILE_PATH}" = "" ]; then + echo "usage: $0 dockerfile" + exit 1 +fi + +if [ "${DOCKER_REGISTRY}" = "" ]; then + echo "DOCKER_REGISTRY environment variable is unset." + echo "Not running inside GitHub Actions or misconfigured?" + exit 1 +fi + +DOCKER_CONTAINER="${GITHUB_REPOSITORY}/$(basename ${DOCKERFILE_PATH})" +DOCKER_REGISTRY_CONTAINER="${DOCKER_REGISTRY}/${DOCKER_CONTAINER}" + +echo "docker-container=${DOCKER_CONTAINER}" >> $GITHUB_ENV +echo "docker-registry-container=${DOCKER_REGISTRY_CONTAINER}" >> $GITHUB_ENV + +# Identify the last git commit that touched the Dockerfiles +# Use this as a hash to identify the resulting docker containers +DOCKER_SHA=$(git log -1 --pretty=format:"%h" -- "${DOCKERFILE_PATH}") +echo "docker-sha=${DOCKER_SHA}" >> $GITHUB_ENV + +DOCKER_REGISTRY_CONTAINER_SHA="${DOCKER_REGISTRY_CONTAINER}:${DOCKER_SHA}" + +echo "docker-registry-container-sha=${DOCKER_REGISTRY_CONTAINER_SHA}" >> $GITHUB_ENV +echo "docker-registry-container-latest=${DOCKER_REGISTRY_CONTAINER}:latest" >> $GITHUB_ENV + +exists="true" +docker login https://${DOCKER_REGISTRY} -u ${GITHUB_ACTOR} -p ${GITHUB_TOKEN} || exists="false" + +if [ "${exists}" != "false" ]; then + docker pull ${DOCKER_REGISTRY_CONTAINER_SHA} || exists="false" +fi + +if [ "${exists}" = "true" ]; then + echo "docker-container-exists=true" >> $GITHUB_ENV +else + echo "docker-container-exists=false" >> $GITHUB_ENV +fi diff --git a/ci/setup-mingw.sh b/ci/setup-mingw.sh new file mode 100755 index 000000000..d500da058 --- /dev/null +++ b/ci/setup-mingw.sh @@ -0,0 +1,25 @@ +#!/bin/sh -e + +echo "##############################################################################" +echo "## Downloading mingw" +echo "##############################################################################" + +BUILD_TEMP=${BUILD_TEMP:=$TEMP} +BUILD_TEMP=$(cygpath $BUILD_TEMP) + +case "$ARCH" in + amd64) + MINGW_URI="https://bintray.com/libgit2/build-dependencies/download_file?file_path=mingw-w64-x86_64-8.1.0-release-win32-seh-rt_v6-rev0.zip";; + x86) + MINGW_URI="https://bintray.com/libgit2/build-dependencies/download_file?file_path=mingw-w64-i686-8.1.0-release-win32-sjlj-rt_v6-rev0.zip";; +esac + +if [ -z "$MINGW_URI" ]; then + echo "No URL" + exit 1 +fi + +mkdir -p "$BUILD_TEMP" + +curl -s -L "$MINGW_URI" -o "$BUILD_TEMP"/mingw-"$ARCH".zip +unzip -q "$BUILD_TEMP"/mingw-"$ARCH".zip -d "$BUILD_TEMP" diff --git a/ci/setup-osx.sh b/ci/setup-osx.sh new file mode 100755 index 000000000..2e630eedb --- /dev/null +++ b/ci/setup-osx.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +set -x + +brew update +brew install pkgconfig zlib curl openssl libssh2 ninja + +ln -s /Applications/Xcode.app/Contents/Developer/usr/lib/libLeaksAtExit.dylib /usr/local/lib diff --git a/ci/test.sh b/ci/test.sh new file mode 100755 index 000000000..2b43ba198 --- /dev/null +++ b/ci/test.sh @@ -0,0 +1,325 @@ +#!/usr/bin/env bash + +set -e + +if [ -n "$SKIP_TESTS" ]; then + exit 0 +fi + +# Windows doesn't run the NTLM tests properly (yet) +if [[ "$(uname -s)" == MINGW* ]]; then + SKIP_NTLM_TESTS=1 +fi + +SOURCE_DIR=${SOURCE_DIR:-$( cd "$( dirname "${BASH_SOURCE[0]}" )" && dirname $( pwd ) )} +BUILD_DIR=$(pwd) +TMPDIR=${TMPDIR:-/tmp} +USER=${USER:-$(whoami)} + +SUCCESS=1 + +cleanup() { + echo "Cleaning up..." + + if [ ! -z "$GITDAEMON_PID" ]; then + echo "Stopping git daemon..." + kill $GITDAEMON_PID + fi + + if [ ! -z "$SSHD_DIR" -a -f "${SSHD_DIR}/pid" ]; then + echo "Stopping SSH..." + kill $(cat "${SSHD_DIR}/pid") + fi + + echo "Done." +} + +run_test() { + if [[ "$GITTEST_FLAKY_RETRY" > 0 ]]; then + ATTEMPTS_REMAIN=$GITTEST_FLAKY_RETRY + else + ATTEMPTS_REMAIN=1 + fi + + FAILED=0 + while [[ "$ATTEMPTS_REMAIN" > 0 ]]; do + if [ "$FAILED" -eq 1 ]; then + echo "" + echo "Re-running flaky ${1} tests..." + echo "" + fi + + RETURN_CODE=0 + + CLAR_SUMMARY="${BUILD_DIR}/results_${1}.xml" ctest -V -R "^${1}$" || RETURN_CODE=$? && true + + if [ "$RETURN_CODE" -eq 0 ]; then + FAILED=0 + break + fi + + echo "Test exited with code: $RETURN_CODE" + ATTEMPTS_REMAIN="$(($ATTEMPTS_REMAIN-1))" + FAILED=1 + done + + if [ "$FAILED" -ne 0 ]; then + SUCCESS=0 + fi +} + +# Configure the test environment; run them early so that we're certain +# that they're started by the time we need them. + +echo "##############################################################################" +echo "## Configuring test environment" +echo "##############################################################################" + +if [ -z "$SKIP_GITDAEMON_TESTS" ]; then + echo "Starting git daemon..." + GITDAEMON_DIR=`mktemp -d ${TMPDIR}/gitdaemon.XXXXXXXX` + git init --bare "${GITDAEMON_DIR}/test.git" + git daemon --listen=localhost --export-all --enable=receive-pack --base-path="${GITDAEMON_DIR}" "${GITDAEMON_DIR}" 2>/dev/null & + GITDAEMON_PID=$! + disown $GITDAEMON_PID +fi + +if [ -z "$SKIP_PROXY_TESTS" ]; then + curl --location --silent --show-error https://github.com/ethomson/poxyproxy/releases/download/v0.7.0/poxyproxy-0.7.0.jar >poxyproxy.jar + + echo "" + echo "Starting HTTP proxy (Basic)..." + java -jar poxyproxy.jar --address 127.0.0.1 --port 8080 --credentials foo:bar --auth-type basic --quiet & + + echo "" + echo "Starting HTTP proxy (NTLM)..." + java -jar poxyproxy.jar --address 127.0.0.1 --port 8090 --credentials foo:bar --auth-type ntlm --quiet & +fi + +if [ -z "$SKIP_NTLM_TESTS" ]; then + curl --location --silent --show-error https://github.com/ethomson/poxygit/releases/download/v0.4.0/poxygit-0.4.0.jar >poxygit.jar + + echo "" + echo "Starting HTTP server..." + NTLM_DIR=`mktemp -d ${TMPDIR}/ntlm.XXXXXXXX` + git init --bare "${NTLM_DIR}/test.git" + java -jar poxygit.jar --address 127.0.0.1 --port 9000 --credentials foo:baz --quiet "${NTLM_DIR}" & +fi + +if [ -z "$SKIP_SSH_TESTS" ]; then + echo "Starting ssh daemon..." + HOME=`mktemp -d ${TMPDIR}/home.XXXXXXXX` + SSHD_DIR=`mktemp -d ${TMPDIR}/sshd.XXXXXXXX` + git init --bare "${SSHD_DIR}/test.git" + cat >"${SSHD_DIR}/sshd_config" <<-EOF + Port 2222 + ListenAddress 0.0.0.0 + Protocol 2 + HostKey ${SSHD_DIR}/id_rsa + PidFile ${SSHD_DIR}/pid + AuthorizedKeysFile ${HOME}/.ssh/authorized_keys + LogLevel DEBUG + RSAAuthentication yes + PasswordAuthentication yes + PubkeyAuthentication yes + ChallengeResponseAuthentication no + StrictModes no + # Required here as sshd will simply close connection otherwise + UsePAM no + EOF + ssh-keygen -t rsa -f "${SSHD_DIR}/id_rsa" -N "" -q + /usr/sbin/sshd -f "${SSHD_DIR}/sshd_config" -E "${SSHD_DIR}/log" + + # Set up keys + mkdir "${HOME}/.ssh" + ssh-keygen -t rsa -f "${HOME}/.ssh/id_rsa" -N "" -q + cat "${HOME}/.ssh/id_rsa.pub" >>"${HOME}/.ssh/authorized_keys" + while read algorithm key comment; do + echo "[localhost]:2222 $algorithm $key" >>"${HOME}/.ssh/known_hosts" + done <"${SSHD_DIR}/id_rsa.pub" + + # Get the fingerprint for localhost and remove the colons so we can + # parse it as a hex number. Older versions have a different output + # format. + if [[ $(ssh -V 2>&1) == OpenSSH_6* ]]; then + SSH_FINGERPRINT=$(ssh-keygen -F '[localhost]:2222' -f "${HOME}/.ssh/known_hosts" -l | tail -n 1 | cut -d ' ' -f 2 | tr -d ':') + else + SSH_FINGERPRINT=$(ssh-keygen -E md5 -F '[localhost]:2222' -f "${HOME}/.ssh/known_hosts" -l | tail -n 1 | cut -d ' ' -f 3 | cut -d : -f2- | tr -d :) + fi +fi + +# Run the tests that do not require network connectivity. + +if [ -z "$SKIP_OFFLINE_TESTS" ]; then + echo "" + echo "##############################################################################" + echo "## Running (offline) tests" + echo "##############################################################################" + + run_test offline +fi + +if [ -n "$RUN_INVASIVE_TESTS" ]; then + echo "" + echo "Running invasive tests" + echo "" + + export GITTEST_INVASIVE_FS_SIZE=1 + export GITTEST_INVASIVE_MEMORY=1 + export GITTEST_INVASIVE_SPEED=1 + run_test invasive + unset GITTEST_INVASIVE_FS_SIZE + unset GITTEST_INVASIVE_MEMORY + unset GITTEST_INVASIVE_SPEED +fi + +if [ -z "$SKIP_ONLINE_TESTS" ]; then + # Run the various online tests. The "online" test suite only includes the + # default online tests that do not require additional configuration. The + # "proxy" and "ssh" test suites require further setup. + + echo "" + echo "##############################################################################" + echo "## Running (online) tests" + echo "##############################################################################" + + export GITTEST_FLAKY_RETRY=5 + run_test online + unset GITTEST_FLAKY_RETRY +fi + +if [ -z "$SKIP_GITDAEMON_TESTS" ]; then + echo "" + echo "Running gitdaemon tests" + echo "" + + export GITTEST_REMOTE_URL="git://localhost/test.git" + run_test gitdaemon + unset GITTEST_REMOTE_URL +fi + +if [ -z "$SKIP_PROXY_TESTS" ]; then + echo "" + echo "Running proxy tests (Basic authentication)" + echo "" + + export GITTEST_REMOTE_PROXY_HOST="localhost:8080" + export GITTEST_REMOTE_PROXY_USER="foo" + export GITTEST_REMOTE_PROXY_PASS="bar" + run_test proxy + unset GITTEST_REMOTE_PROXY_HOST + unset GITTEST_REMOTE_PROXY_USER + unset GITTEST_REMOTE_PROXY_PASS + + echo "" + echo "Running proxy tests (NTLM authentication)" + echo "" + + export GITTEST_REMOTE_PROXY_HOST="localhost:8090" + export GITTEST_REMOTE_PROXY_USER="foo" + export GITTEST_REMOTE_PROXY_PASS="bar" + export GITTEST_FLAKY_RETRY=5 + run_test proxy + unset GITTEST_FLAKY_RETRY + unset GITTEST_REMOTE_PROXY_HOST + unset GITTEST_REMOTE_PROXY_USER + unset GITTEST_REMOTE_PROXY_PASS +fi + +if [ -z "$SKIP_NTLM_TESTS" ]; then + echo "" + echo "Running NTLM tests (IIS emulation)" + echo "" + + export GITTEST_REMOTE_URL="http://localhost:9000/ntlm/test.git" + export GITTEST_REMOTE_USER="foo" + export GITTEST_REMOTE_PASS="baz" + run_test auth_clone_and_push + unset GITTEST_REMOTE_URL + unset GITTEST_REMOTE_USER + unset GITTEST_REMOTE_PASS + + echo "" + echo "Running NTLM tests (Apache emulation)" + echo "" + + export GITTEST_REMOTE_URL="http://localhost:9000/broken-ntlm/test.git" + export GITTEST_REMOTE_USER="foo" + export GITTEST_REMOTE_PASS="baz" + run_test auth_clone_and_push + unset GITTEST_REMOTE_URL + unset GITTEST_REMOTE_USER + unset GITTEST_REMOTE_PASS +fi + +if [ -z "$SKIP_NEGOTIATE_TESTS" -a -n "$GITTEST_NEGOTIATE_PASSWORD" ]; then + echo "" + echo "Running SPNEGO tests" + echo "" + + if [ "$(uname -s)" = "Darwin" ]; then + KINIT_FLAGS="--password-file=STDIN" + fi + + echo $GITTEST_NEGOTIATE_PASSWORD | kinit $KINIT_FLAGS test@LIBGIT2.ORG + klist -5f + + export GITTEST_REMOTE_URL="https://test.libgit2.org/kerberos/empty.git" + export GITTEST_REMOTE_DEFAULT="true" + run_test auth_clone + unset GITTEST_REMOTE_URL + unset GITTEST_REMOTE_DEFAULT + + echo "" + echo "Running SPNEGO tests (expect/continue)" + echo "" + + export GITTEST_REMOTE_URL="https://test.libgit2.org/kerberos/empty.git" + export GITTEST_REMOTE_DEFAULT="true" + export GITTEST_REMOTE_EXPECTCONTINUE="true" + run_test auth_clone + unset GITTEST_REMOTE_URL + unset GITTEST_REMOTE_DEFAULT + unset GITTEST_REMOTE_EXPECTCONTINUE + + kdestroy -A +fi + +if [ -z "$SKIP_SSH_TESTS" ]; then + echo "" + echo "Running ssh tests" + echo "" + + export GITTEST_REMOTE_URL="ssh://localhost:2222/$SSHD_DIR/test.git" + export GITTEST_REMOTE_USER=$USER + export GITTEST_REMOTE_SSH_KEY="${HOME}/.ssh/id_rsa" + export GITTEST_REMOTE_SSH_PUBKEY="${HOME}/.ssh/id_rsa.pub" + export GITTEST_REMOTE_SSH_PASSPHRASE="" + export GITTEST_REMOTE_SSH_FINGERPRINT="${SSH_FINGERPRINT}" + run_test ssh + unset GITTEST_REMOTE_URL + unset GITTEST_REMOTE_USER + unset GITTEST_REMOTE_SSH_KEY + unset GITTEST_REMOTE_SSH_PUBKEY + unset GITTEST_REMOTE_SSH_PASSPHRASE + unset GITTEST_REMOTE_SSH_FINGERPRINT +fi + +if [ -z "$SKIP_FUZZERS" ]; then + echo "" + echo "##############################################################################" + echo "## Running fuzzers" + echo "##############################################################################" + + ctest -V -R 'fuzzer' +fi + +cleanup + +if [ "$SUCCESS" -ne 1 ]; then + echo "Some tests failed." + exit 1 +fi + +echo "Success." +exit 0 |