fix(s2n-quic): pin jobserver in more places and run cargo package in CI #6290
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| name: ci | |
| env: | |
| CARGO_INCREMENTAL: 0 | |
| CARGO_NET_RETRY: 10 | |
| RUSTUP_MAX_RETRIES: 10 | |
| RUST_BACKTRACE: 1 | |
| # Pin the nightly toolchain to prevent breakage. | |
| # This should be occasionally updated. | |
| RUST_NIGHTLY_TOOLCHAIN: nightly-2023-06-12 | |
| CDN: https://dnglbrstg7yg.cloudfront.net | |
| # enable unstable features for testing | |
| S2N_UNSTABLE_CRYPTO_OPT_TX: 100 | |
| S2N_UNSTABLE_CRYPTO_OPT_RX: 100 | |
| # By default depandabot only receives read permissions. Explicitly give it write | |
| # permissions which is needed by the ouzi-dev/commit-status-updater task. | |
| # | |
| # Updating status is relatively safe (doesnt modify source code) and caution | |
| # should we taken before adding more permissions. | |
| permissions: | |
| statuses: write | |
| jobs: | |
| env: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| rust-versions: ${{ steps.definitions.outputs.versions }} | |
| msrv: ${{ steps.definitions.outputs.msrv }} | |
| examples: ${{ steps.definitions.outputs.examples }} | |
| crates: ${{ steps.definitions.outputs.crates }} | |
| new-release: ${{ steps.definitions.outputs.new-release }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| # examples is populated by | |
| # find all child folders in the examples directory | |
| # jq -R - raw content is passed in (not json, just strings) | |
| # jq -s - slurp the content into an object | |
| # jq '. += ' adds the s2n-quic-xdp crate to the list of crates we build | |
| # Many of the xdp crates have much more complex build processes, so we | |
| # don't try to build all of them. | |
| # jq -c - output the object in (c)ompact mode on a single line, github | |
| # will fail to parse multi line output | |
| # | |
| # the output is echo'd to make debugging easier | |
| - name: Evaluate definitions | |
| id: definitions | |
| run: | | |
| export MSRV=$(rustup show | awk 'NF' | awk 'END{print $2}') | |
| echo "msrv=$MSRV" | |
| echo "msrv=$MSRV" >> $GITHUB_OUTPUT | |
| export RAW_VERSIONS="stable beta $RUST_NIGHTLY_TOOLCHAIN $MSRV" | |
| export VERSIONS=$(echo $RAW_VERSIONS | jq -scR 'rtrimstr("\n")|split(" ")|.') | |
| echo "versions=$VERSIONS" | |
| echo "versions=$VERSIONS" >> $GITHUB_OUTPUT | |
| export EXAMPLES=$(find examples/ -maxdepth 1 -mindepth 1 -type d | jq -R | jq -sc) | |
| echo "examples=$EXAMPLES" | |
| echo "examples=$EXAMPLES" >> $GITHUB_OUTPUT | |
| export CRATES=$(cargo metadata --no-deps --format-version 1 | jq --arg PWD "$PWD/" '.packages[] | select(.publish == null).manifest_path | sub($PWD; "")' | jq -s | jq '. += ["tools/xdp/s2n-quic-xdp/Cargo.toml"]' | jq -c) | |
| echo "crates=$CRATES" | |
| echo "crates=$CRATES" >> $GITHUB_OUTPUT | |
| export NEW_RELEASE=$(if $(./scripts/detect-new-release); then echo "true"; else echo "false"; fi) | |
| echo "new-release=$NEW_RELEASE" | |
| echo "new-release=$NEW_RELEASE" >> $GITHUB_OUTPUT | |
| rustfmt: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| profile: minimal | |
| override: true | |
| components: rustfmt | |
| - name: Run cargo fmt | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: fmt | |
| args: --all -- --check | |
| clippy: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - toolchain: stable | |
| # fail on stable warnings | |
| args: "-D warnings" | |
| - toolchain: beta | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ matrix.toolchain }} | |
| profile: minimal | |
| override: true | |
| components: clippy | |
| - uses: camshaft/rust-cache@v1 | |
| # TODO translate json reports to in-action warnings | |
| - name: Run cargo clippy | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: clippy | |
| # deriving Eq may break API compatibility so we disable it | |
| # See https://github.com/rust-lang/rust-clippy/issues/9063 | |
| # manual_clamp will panic when min > max | |
| # See https://github.com/rust-lang/rust-clippy/pull/10101 | |
| args: --all-features --all-targets -- -A clippy::derive_partial_eq_without_eq -A clippy::manual_clamp ${{ matrix.args }} | |
| udeps: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| - uses: camshaft/install@v1 | |
| with: | |
| crate: cargo-udeps | |
| - name: Run cargo udeps | |
| run: cargo udeps --workspace --all-targets | |
| env: | |
| RUSTC_WRAPPER: "" | |
| doc: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run cargo doc | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: doc | |
| args: --all-features --no-deps --workspace --exclude s2n-quic-qns | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload to S3 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| run: | | |
| TARGET="${{ github.sha }}/doc" | |
| aws s3 sync target/doc "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/$TARGET/s2n_quic/index.html" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "doc / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| test: | |
| runs-on: ${{ matrix.os }} | |
| needs: env | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| rust: ${{ fromJson(needs.env.outputs.rust-versions) }} | |
| os: [ubuntu-latest, macOS-latest, windows-latest] | |
| target: [native] | |
| env: [default] | |
| include: | |
| - os: windows-latest | |
| # s2n-tls doesn't currently build on windows | |
| exclude: --workspace --exclude s2n-quic-tls | |
| - rust: stable | |
| os: ubuntu-latest | |
| target: aarch64-unknown-linux-gnu | |
| - rust: stable | |
| os: ubuntu-latest | |
| target: i686-unknown-linux-gnu | |
| # test with different platform features | |
| - rust: stable | |
| os: ubuntu-latest | |
| target: native | |
| env: S2N_QUIC_PLATFORM_FEATURES_OVERRIDE="" | |
| - rust: stable | |
| os: ubuntu-latest | |
| target: native | |
| env: S2N_QUIC_PLATFORM_FEATURES_OVERRIDE="mtu_disc,pktinfo,tos,socket_msg" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ matrix.rust }} | |
| override: true | |
| target: ${{ matrix.target != 'native' && matrix.target || '' }} | |
| - name: Install cross | |
| if: ${{ matrix.target != 'native' }} | |
| uses: camshaft/install@v1 | |
| with: | |
| crate: cross | |
| - uses: camshaft/rust-cache@v1 | |
| with: | |
| key: ${{ matrix.target }} | |
| - name: Restore fuzz corpus | |
| shell: bash | |
| run: | | |
| find . -name 'corpus.tar.gz' -exec dirname {} ';' | xargs -L 1 bash -c 'cd "$0" && rm -rf corpus && tar xf corpus.tar.gz' | |
| - name: Set environment variables | |
| if: ${{ matrix.env != 'default' }} | |
| run: echo ${{ matrix.env }} >> $GITHUB_ENV | |
| # Build the tests before running to improve cross compilation speed | |
| - name: Run cargo build | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: build | |
| args: --tests ${{ matrix.exclude }} ${{ matrix.target != 'native' && format('--target {0}', matrix.target) || '' }} | |
| use-cross: ${{ matrix.target != 'native' }} | |
| - name: Run cargo test | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: test | |
| args: ${{ matrix.exclude }} ${{ matrix.target != 'native' && format('--target {0}', matrix.target) || '' }} | |
| use-cross: ${{ matrix.target != 'native' }} | |
| miri: | |
| # miri needs quite a bit of memory so use a larger instance | |
| runs-on: | |
| labels: s2n_ubuntu-20.04_8-core | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| crate: [quic/s2n-quic-core, quic/s2n-quic-platform] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| override: true | |
| components: miri, rust-src | |
| - uses: camshaft/rust-cache@v1 | |
| with: | |
| key: ${{ matrix.crate }} | |
| - name: ${{ matrix.crate }} | |
| # Disabling capture speeds up miri execution: https://github.com/rust-lang/miri/issues/1780#issuecomment-830664528 | |
| run: cd ${{ matrix.crate }} && cargo miri test -- --nocapture | |
| env: | |
| # needed to read corpus files from filesystem | |
| MIRIFLAGS: -Zmiri-disable-isolation | |
| no_std: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| override: true | |
| components: rust-src | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run cargo build | |
| run: ./scripts/test_no_std ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| compliance: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: ./.github/actions/duvet | |
| with: | |
| report-script: ./scripts/compliance | |
| report-path: ./target/compliance/report.html | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-s3-bucket-name: s2n-quic-ci-artifacts | |
| aws-s3-region: us-west-1 | |
| cdn: $CDN | |
| coverage: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| submodules: true | |
| - name: Restore fuzz corpus | |
| run: | | |
| find . -name 'corpus.tar.gz' -exec dirname {} ';' | xargs -L 1 bash -c 'cd "$0" && rm -rf corpus && tar xf corpus.tar.gz' | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| override: true | |
| components: llvm-tools-preview | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Install cargo-llvm-cov | |
| run: curl -LsSf https://github.com/taiki-e/cargo-llvm-cov/releases/latest/download/cargo-llvm-cov-x86_64-unknown-linux-gnu.tar.gz | tar xzf - -C ~/.cargo/bin | |
| - name: Run cargo test | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: llvm-cov | |
| args: --html --no-fail-fast --workspace --exclude s2n-quic-qns --exclude s2n-quic-events --all-features | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload results | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| run: | | |
| TARGET="${{ github.sha }}/coverage" | |
| aws s3 sync target/llvm-cov/html "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/$TARGET/index.html" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "coverage / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| # This CI step will directly build each published crate in common/ and quic/ which is | |
| # useful because it sidesteps the feature resolution that normally occurs in a | |
| # workspace build. We make sure that the crates build with default features, | |
| # otherwise release to crates.io will be blocked. If the current PR is not for a new | |
| # release, the cargo package command is used instead of cargo build, as this more closely | |
| # matches the verification command that cargo publish executes. | |
| crates: | |
| needs: env | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| crate: ${{ fromJson(needs.env.outputs.crates) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ needs.env.outputs.msrv }} | |
| profile: minimal | |
| override: true | |
| - name: build | |
| if: ${{ needs.env.outputs.new-release == 'true' }} | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: build | |
| args: --manifest-path ${{ matrix.crate }} | |
| - name: package | |
| if: ${{ needs.env.outputs.new-release == 'false' }} | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: package | |
| args: --manifest-path ${{ matrix.crate }} | |
| examples: | |
| needs: env | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| example: ${{ fromJson(needs.env.outputs.examples) }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| # nightly features are used for formatting | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: nightly-toolchain | |
| with: | |
| toolchain: nightly | |
| components: rustfmt | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: stable-toolchain | |
| with: | |
| toolchain: stable | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| with: | |
| key: ${{ matrix.example }} | |
| - name: format | |
| working-directory: ${{ matrix.example }} | |
| run: cargo +nightly fmt --all -- --check | |
| - name: lint | |
| working-directory: ${{ matrix.example }} | |
| run: cargo clippy --all-features --all-targets -- -A clippy::manual_clamp -A clippy::uninlined_format_args -D warnings | |
| # not all examples will build with the --manifest-path argument, since the | |
| # manifest-path argument will pull configuration from the current directory | |
| # instead of the directory with the Cargo.toml file | |
| - name: build | |
| working-directory: ${{ matrix.example }} | |
| # TODO make sure the example actually runs as well | |
| run: cargo build | |
| recovery-simulations: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run simulations | |
| run: | | |
| ./scripts/recovery-sim | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload to S3 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| run: | | |
| TARGET="${{ github.sha }}/recovery-simulations" | |
| aws s3 sync target/recovery-sim "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/$TARGET/index.html" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "recovery-simulations / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| sims: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run cargo build | |
| uses: actions-rs/cargo@v1.0.3 | |
| with: | |
| command: build | |
| args: --bin s2n-quic-sim --release | |
| - name: Run simulations | |
| run: | | |
| ./scripts/sim | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload to S3 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| run: | | |
| TARGET="${{ github.sha }}/sim" | |
| aws s3 sync target/s2n-quic-sim "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/$TARGET/index.html" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "sims / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| copyright: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check | |
| run: | | |
| ./scripts/copyright_check | |
| # ensures the event codegen is up to date | |
| events: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| profile: minimal | |
| override: true | |
| components: rustfmt | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run events codegen | |
| run: | | |
| cargo run --bin s2n-quic-events | |
| - name: Check to make sure the generated events are up-to-date | |
| run: | | |
| # If this fails you need to run `cargo run --bin s2n-quic-events` | |
| git diff --exit-code | |
| # ensures there are no unused snapshots | |
| snapshots: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - name: Install cargo-insta | |
| uses: camshaft/install@v1 | |
| with: | |
| crate: cargo-insta | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run cargo insta test | |
| run: | | |
| cargo insta test --delete-unreferenced-snapshots | |
| - name: Check to make sure there are no unused snapshots | |
| run: | | |
| # If this fails, a test that was asserting a snapshot is no longer being executed. | |
| git diff --exit-code | |
| # generates a report of time spent in compilation | |
| # https://doc.rust-lang.org/stable/cargo/reference/timings.html | |
| timing: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN }} | |
| profile: minimal | |
| override: true | |
| - name: Run cargo build | |
| run: | | |
| cd examples/echo | |
| cargo build --timings --release | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload to S3 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| run: | | |
| TARGET="${{ github.sha }}/timing/index.html" | |
| aws s3 cp examples/echo/target/cargo-timings/cargo-timing.html "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/$TARGET" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "timing / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| typos: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/install@v1 | |
| with: | |
| crate: typos-cli | |
| bins: typos | |
| - name: Run typos | |
| run: | | |
| ./scripts/typos --format json | tee /tmp/typos.json | jq -rs '.[] | "::error file=\(.path),line=\(.line_num),col=\(.byte_offset)::\(.typo) should be \"" + (.corrections // [] | join("\" or \"") + "\"")' | |
| cat /tmp/typos.json | |
| ! grep -q '[^[:space:]]' /tmp/typos.json | |
| kani: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| crate: [quic/s2n-quic-core, quic/s2n-quic-platform, tools/xdp/s2n-quic-xdp] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Kani run | |
| uses: model-checking/kani-github-action@v1.0 | |
| with: | |
| working-directory: ${{ matrix.crate }} | |
| args: --tests | |
| dhat: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run cargo build | |
| working-directory: tools/memory-report | |
| run: cargo build --release | |
| - name: Run server | |
| working-directory: tools/memory-report | |
| run: ./target/release/memory-report server & | |
| - name: Run client | |
| working-directory: tools/memory-report | |
| run: ./target/release/memory-report client > report.tsv | |
| - name: Prepare artifacts | |
| working-directory: tools/memory-report | |
| run: | | |
| mkdir -p target/report | |
| mv report.tsv target/report/ | |
| mv dhat-heap.json target/report/ | |
| - uses: aws-actions/configure-aws-credentials@v4.0.0 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Upload to S3 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| id: s3 | |
| working-directory: tools/memory-report | |
| run: | | |
| TARGET="${{ github.sha }}/dhat" | |
| aws s3 sync target/report "s3://s2n-quic-ci-artifacts/$TARGET" --acl private --follow-symlinks | |
| URL="$CDN/dhat/dh_view.html?url=/$TARGET/dhat-heap.json" | |
| echo "URL=$URL" >> $GITHUB_OUTPUT | |
| - uses: ouzi-dev/commit-status-updater@v2.0.1 | |
| if: github.event_name == 'push' || github.repository == github.event.pull_request.head.repo.full_name | |
| with: | |
| name: "dhat / report" | |
| status: "success" | |
| url: "${{ steps.s3.outputs.URL }}" | |
| loom: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| crate: [quic/s2n-quic-core] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: stable | |
| profile: minimal | |
| override: true | |
| - uses: camshaft/rust-cache@v1 | |
| with: | |
| key: ${{ matrix.crate }} | |
| - name: ${{ matrix.crate }} | |
| # run the tests with release mode since some of the loom models can be expensive | |
| run: cd ${{ matrix.crate }} && cargo test --release loom | |
| env: | |
| RUSTFLAGS: --cfg loom -Cdebug-assertions | |
| xdp: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| - uses: actions-rs/toolchain@v1.0.7 | |
| id: toolchain | |
| with: | |
| toolchain: 1.70.0 | |
| profile: minimal | |
| override: true | |
| components: clippy,rustfmt | |
| - uses: camshaft/install@v1 | |
| with: | |
| crate: bpf-linker | |
| - uses: camshaft/rust-cache@v1 | |
| - name: Run clippy | |
| working-directory: tools/xdp | |
| run: cargo clippy | |
| - name: Build ebpf | |
| working-directory: tools/xdp | |
| env: | |
| RUST_LOG: trace | |
| run: cargo xtask ci | |