diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..1a8de0b0 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,127 @@ +# +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may not +# use this file except in compliance with the License. You may obtain a copy of +# the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations under +# the License. +# + +name: CI +on: [pull_request, push] + +jobs: + build: + strategy: + matrix: + go: ['1.14', '1.13', '1.12', '1.11'] + name: Build (Go ${{ matrix.go }}) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + with: + go-version: ${{ matrix.go }} + - name: Install dependencies + run: sudo apt-get install -y libpam0g-dev + - name: Build + run: GO111MODULE=on make + + build-32bit: + name: Build (32-bit) + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + - name: Install dependencies + run: | + sudo dpkg --add-architecture i386 + sudo apt-get update + sudo apt-get install -y libpam0g-dev:i386 gcc-multilib + - name: Build + run: CGO_ENABLED=1 GOARCH=386 make + + run-integration-tests: + name: Run integration tests + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + - name: Install dependencies + run: sudo apt-get install -y libpam0g-dev e2fsprogs keyutils + - name: Run integration tests + run: | + make test-setup + keyctl link @u @s + make coverage.out + make test-teardown + - name: Report coverage + uses: shogo82148/actions-goveralls@v1 + with: + path-to-profile: coverage.out + + # This isn't working currently because qemu user-mode emulation doesn't + # support passing through the keyctl() system call and the fscrypt ioctls. + # Hopefully GitHub Actions will natively support other architectures soon... + # + # run-integration-tests-other-arch: + # name: Run integration tests (${{ matrix.arch }}) + # strategy: + # matrix: + # arch: [armv7, aarch64, ppc64le] + # runs-on: ubuntu-latest + # steps: + # - uses: actions/checkout@v2 + # - uses: uraimo/run-on-arch-action@v2.0.5 + # with: + # arch: ${{ matrix.arch }} + # distro: buster + # githubToken: ${{ github.token }} + # # Needed for 'make test-setup' to mount the test filesystem. + # dockerRunArgs: --privileged + # install: | + # apt-get update + # apt-get install -y build-essential git sudo golang-go \ + # libpam0g-dev e2fsprogs keyutils + # run: | + # export GO111MODULE=on + # make test-setup + # keyctl link @u @s + # make test + # make test-teardown + + run-cli-tests: + name: Run command-line interface tests + # The cli tests require kernel 5.4 or later, and thus Ubuntu 20.04 or later. + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + - name: Install dependencies + run: sudo apt-get install -y libpam0g-dev e2fsprogs expect keyutils + - name: Run command-line interface tests + run: make cli-test + + generate-format-and-lint: + name: Generate, format, and lint + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: actions/setup-go@v2 + - name: Install dependencies + run: | + sudo apt-get install -y libpam0g-dev shellcheck + make tools + - name: Generate + run: make gen && bin/files-changed proto + - name: Format + run: make format && bin/files-changed format + - name: Lint + run: make lint diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 62382395..00000000 --- a/.travis.yml +++ /dev/null @@ -1,93 +0,0 @@ -language: go -sudo: false -dist: focal -arch: - - amd64 - - ppc64le -go: 1.13.x - -notifications: - email: false - -stages: - - name: build - if: type = push - - name: presubmits - if: type = pr OR branch = master OR tag IS present - - name: deploy - if: type = push AND tag IS present - -jobs: - include: - - stage: build - install: skip - script: make - - - stage: presubmits - name: Generate, Format, and Lint - before_install: - - sudo apt-get -y install shellcheck - install: - - make tools - script: - - make gen - - bin/files-changed proto - - make format - - bin/files-changed format - - make lint - - - &build - name: Build and Unit Tests - install: skip - script: - - GO111MODULE=on go get github.com/google/fscrypt/cmd/fscrypt - - make - - - <<: *build - go: 1.12.x - - - <<: *build - go: 1.11.x - - - name: Build and Unit Tests (32-bit) - before_install: - - sudo apt-get -y install gcc-multilib libpam0g-dev:i386 - script: - - GO111MODULE=on go get github.com/google/fscrypt/cmd/fscrypt - - CGO_ENABLED=1 GOARCH=386 make - - - name: Integration Tests - sudo: required - before_install: sudo apt-get -y install e2fsprogs - install: - - go get -u github.com/mattn/goveralls - - make test-setup - script: - - make coverage.out - - goveralls -coverprofile=coverage.out -service=travis-ci - - - name: Command-line interface tests - sudo: required - before_install: - - sudo apt-get -y install e2fsprogs expect keyutils - script: - - GO111MODULE=on go get github.com/google/fscrypt/cmd/fscrypt - - make cli-test - - - stage: deploy - name: Release Binaries - install: skip - script: skip - before_deploy: make - deploy: - - provider: releases - api_key: - secure: BOmjKf9vIb9QwlhDTK09St+Wc9AfMBMBsUnCrjVCvvWwZoYWNIigXheTc5ZqgokqWcDEr3NbytOfKxc5RFxlTMaQoyyC/nABuLxpGocjEkHFQqrYGKfH1swRmvlQndjJr660hqCggPHIw1B2oXE/PD9wLmyno2J70Vp6slTjSbHq1WFHEwtSf6Vm6SMetIWY5Mv/fNIPXJ781Wmx2b1PhWA7HOPoIcMXRwew5aBY7vMIS6P2cDt11Of2kTdWKPpf6SLE6bETgsvJZDpWxb7WWJ0/6NUXtT7q3wkhfgqr3fFZazjInMaWT8VVadiV+gPRyELBYSDsGW8zkBe4NEO45eMOtF3z/1SpYhSFIfK0hGFp0Tt7U4x+dYNBLBZdcd6ZBQug+UYkHPBszmbhyTR9xv6+d4+8ZINsRhoCTXuYuyljuiukUegara8OS5kauAZadUbLeniUEqXal6GjbT//Gq/NidAlXE0U7G69aAlTC2l9PXUdvO1iOFGhkw2aGX5JEoFkRG+mCxqMRIRqDp6qYrvjgELbYabmRrk8zJ/+4ImNkyYoByvcKWP+ULoZlE/8iirZBSV+/z5BAXXaHkg4tmrY/rSejvuSeO122w3roAHPYFZeqhdLDrR0+HrVXtirLK03jU0SM1IOArB4oCOuGuPJndlt7lfVG2Toqvr9ScQ= - file: - - bin/fscrypt - - bin/pam_fscrypt.so - skip_cleanup: true - on: - repo: google/fscrypt - branch: master - tags: true diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index d5be7215..3e48137f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -55,9 +55,9 @@ use GitHub pull requests for this purpose. Consult [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more information on using pull requests. -On every pull request, [Travis CI](https://travis-ci.org/google/fscrypt) runs -unit tests, integration tests, code formatters, and linters. To pass these -checks you should make sure that in your submission: +On every pull request, [GitHub +Actions](https://github.com/google/fscrypt/actions) runs tests, code formatters, +and linters. To pass these checks you should make sure that in your submission: - `make` properly builds `fscrypt` and `pam_fscrypt.so`. - All tests, including [integration tests](#running-integration-tests) and [command-line interface (CLI) diff --git a/README.md b/README.md index 0fd6b24b..9abaedd3 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # fscrypt [![GitHub version](https://badge.fury.io/go/github.com%2Fgoogle%2Ffscrypt.svg)](https://github.com/google/fscrypt/releases) -[![Build Status](https://travis-ci.org/google/fscrypt.svg?branch=master)](https://travis-ci.org/google/fscrypt) +[![Build Status](https://github.com/google/fscrypt/workflows/ci/badge.svg)](https://github.com/google/fscrypt/actions?query=workflow%3ACI+branch%3Amaster) [![Coverage Status](https://coveralls.io/repos/github/google/fscrypt/badge.svg?branch=master)](https://coveralls.io/github/google/fscrypt?branch=master) [![GoDoc](https://godoc.org/github.com/google/fscrypt?status.svg)](https://godoc.org/github.com/google/fscrypt) [![Go Report Card](https://goreportcard.com/badge/github.com/google/fscrypt)](https://goreportcard.com/report/github.com/google/fscrypt)