From 5d8bb47dc31dfa43ba54dbe2906b533e67f27b12 Mon Sep 17 00:00:00 2001 From: thanhnguyen-aws <ntson@amazon.com> Date: Wed, 27 Nov 2024 13:47:06 -0800 Subject: [PATCH 1/5] build linux bundle on Ubuntu 20.04 --- .github/workflows/release.yml | 94 +++-------------------------------- 1 file changed, 7 insertions(+), 87 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 36aee463061a..da600486beae 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -75,63 +75,28 @@ jobs: build_bundle_linux: name: BuildBundle-Linux runs-on: ubuntu-20.04 + permissions: + contents: write outputs: - # The bundle version (latest or the version to be released) version: ${{ steps.bundle.outputs.version }} bundle: ${{ steps.bundle.outputs.bundle }} package: ${{ steps.bundle.outputs.package }} crate_version: ${{ steps.bundle.outputs.crate_version }} - container: - # Build using ubuntu 18 due to compatibility issues with older OS. - image: ubuntu:18.04 - volumes: - - /usr/local:/mnt/host-local steps: - - - name: Free up docker disk space - run: | - # inspired by https://github.com/easimon/maximize-build-space/blob/master/action.yml - df -h - rm -r /mnt/host-local/lib/android /mnt/host-local/.ghcup - df -h - - # This is required before checkout because the container does not - # have Git installed, so cannot run checkout action. - # The checkout action requires Git >=2.18 and python 3.7, so use the Git maintainers' PPA. - # and the "deadsnakes" PPA, as the default version of python on ubuntu 22.04 is Python 3.10 - - name: Install system dependencies - run: | - apt-get update - apt-get install -y software-properties-common apt-utils - add-apt-repository ppa:git-core/ppa - add-apt-repository ppa:deadsnakes/ppa - add-apt-repository ppa:ubuntu-toolchain-r/test - apt-get update - apt-get install -y \ - build-essential bash-completion curl lsb-release sudo g++-9 gcc-9 flex \ - bison make patch git python3.7 python3.7-dev python3.7-distutils - update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-9 110 \ - --slave /usr/bin/g++ g++ /usr/bin/g++-9 - ln -sf cpp-9 /usr/bin/cpp - update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.7 1 - curl -s https://bootstrap.pypa.io/pip/3.7/get-pip.py -o get-pip.py - python3 get-pip.py --force-reinstall - rm get-pip.py - - - name: Checkout Kani - uses: actions/checkout@v3 + - name: Checkout code + uses: actions/checkout@v4 - name: Setup Kani Dependencies uses: ./.github/actions/setup with: - os: ubuntu-18.04 + os: ubuntu-20.04 - name: Build bundle id: bundle uses: ./.github/actions/build-bundle with: os: linux - arch: x86_64-unknown-linux-gnu + arch: x86_64-unknown-linux-gnu test-use-local-toolchain: name: TestLocalToolchain @@ -279,56 +244,11 @@ jobs: popd done - # This job will run tests for platforms that don't have a respective GitHub worker. - # For now, we only test for Ubuntu-18.04 so we don't bother using matrix to configure the platform. - test_alt_platform: - name: TestAlternativePlatforms - needs: [build_bundle_linux] - runs-on: ubuntu-22.04 - env: - PKG: ${{ needs.build_bundle_linux.outputs.package }} - BUNDLE: ${{ needs.build_bundle_linux.outputs.bundle }} - VERSION: ${{ needs.build_bundle_linux.outputs.crate_version }} - KANI_SRC: ./kani_src - steps: - - name: Checkout Kani - uses: actions/checkout@v4 - with: - path: ${{ env.KANI_SRC }} - - - name: Download bundle - uses: actions/download-artifact@v3 - with: - name: ${{ env.BUNDLE }} - - - name: Download kani-verifier crate - uses: actions/download-artifact@v3 - with: - name: ${{ env.PKG }} - - - name: Build container test - run: | - docker build -t kani-18-04 -f ${{ env.KANI_SRC }}/scripts/ci/Dockerfile.bundle-test-ubuntu-18-04 . - - - name: Run installed tests - run: | - for dir in simple-lib build-rs-works simple-kissat; do - >&2 echo "Running test $dir" - docker run -v /var/run/docker.sock:/var/run/docker.sock \ - -w /tmp/kani/tests/cargo-kani/$dir kani-18-04 cargo kani - done - - # While the above test OS issues, now try testing with nightly as - # default: - docker run -v /var/run/docker.sock:/var/run/docker.sock \ - -w /tmp/kani/tests/cargo-kani/simple-lib kani-18-04 \ - bash -c "rustup default nightly && cargo kani" - kani_release: if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/kani-') }} name: Release runs-on: ubuntu-20.04 - needs: [build_bundle_macos, build_bundle_macos_aarch64, build_bundle_linux, test_bundle, test_alt_platform] + needs: [build_bundle_macos, build_bundle_macos_aarch64, build_bundle_linux, test_bundle] permissions: contents: write outputs: From 8382ee640e637dbc29688fedbd92bd9947930f03 Mon Sep 17 00:00:00 2001 From: thanhnguyen-aws <ntson@amazon.com> Date: Wed, 27 Nov 2024 13:49:00 -0800 Subject: [PATCH 2/5] delete Ubuntu 18.04 docker --- .../ci/Dockerfile.bundle-test-ubuntu-18-04 | 37 ------------------- 1 file changed, 37 deletions(-) delete mode 100644 scripts/ci/Dockerfile.bundle-test-ubuntu-18-04 diff --git a/scripts/ci/Dockerfile.bundle-test-ubuntu-18-04 b/scripts/ci/Dockerfile.bundle-test-ubuntu-18-04 deleted file mode 100644 index c3f89fec1259..000000000000 --- a/scripts/ci/Dockerfile.bundle-test-ubuntu-18-04 +++ /dev/null @@ -1,37 +0,0 @@ -# Copyright Kani Contributors -# SPDX-License-Identifier: Apache-2.0 OR MIT - -# Note: this file is intended only for testing the kani release bundle -# This docker assumes the following locations: -# - ./kani_src/: Kani source code -# - ./kani-*tar.gz/: The Kani release bundle. E.g. `kani-0.39.0-x86_64-unknown-linux-gnu.tar.gz` -# - ./linux-kani-verifier.crate: The kani-verifier package - -FROM ubuntu:18.04 -ENV DEBIAN_FRONTEND=noninteractive \ - DEBCONF_NONINTERACTIVE_SEEN=true - -RUN apt-get update && \ - apt-get install --no-install-recommends -y build-essential software-properties-common && \ - add-apt-repository -y ppa:deadsnakes/ppa && \ - apt install --no-install-recommends -y python3.7 python3.7-dev python3.7-distutils curl ctags - -RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.7 1 - -RUN curl -s https://bootstrap.pypa.io/pip/3.7/get-pip.py -o get-pip.py && \ - python3 get-pip.py --force-reinstall && \ - rm get-pip.py - -RUN curl -sSf https://sh.rustup.rs | sh -s -- -y -ENV PATH="/root/.cargo/bin:${PATH}" - -WORKDIR /tmp/kani -COPY ./kani_src/tests ./tests - -# This will extract things into kani-verifier-${VERSION} folder -COPY ./linux-kani-verifier.crate ./kani-verifier.crate -RUN tar zxvf ./kani-verifier.crate -RUN cargo install --path ./kani-verifier-* - -COPY ./kani-*.tar.gz ./ -RUN cargo-kani setup --use-local-bundle ./kani-*.tar.gz From 3c3f27c0e65e73fd6946aeb20b3e40a3ab1d7488 Mon Sep 17 00:00:00 2001 From: thanhnguyen-aws <ntson@amazon.com> Date: Wed, 27 Nov 2024 14:57:03 -0800 Subject: [PATCH 3/5] Update .github/workflows/release.yml Co-authored-by: Celina G. Val <celinval@amazon.com> --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index da600486beae..35b8680f2b0d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -96,7 +96,7 @@ jobs: uses: ./.github/actions/build-bundle with: os: linux - arch: x86_64-unknown-linux-gnu + arch: x86_64-unknown-linux-gnu test-use-local-toolchain: name: TestLocalToolchain From c02dac41410d0eb13407ee147fa3c10a8c69154f Mon Sep 17 00:00:00 2001 From: thanhnguyen-aws <ntson@amazon.com> Date: Wed, 27 Nov 2024 16:06:38 -0800 Subject: [PATCH 4/5] remove permission for build-bundle-linus --- .github/workflows/release.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index da600486beae..313ba132ec87 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -75,8 +75,6 @@ jobs: build_bundle_linux: name: BuildBundle-Linux runs-on: ubuntu-20.04 - permissions: - contents: write outputs: version: ${{ steps.bundle.outputs.version }} bundle: ${{ steps.bundle.outputs.bundle }} From e9bb55fb2428eb95902bd5dc0dea2e3747beaad6 Mon Sep 17 00:00:00 2001 From: thanhnguyen-aws <ntson@amazon.com> Date: Wed, 27 Nov 2024 16:29:51 -0800 Subject: [PATCH 5/5] remove permissions --- .github/workflows/release.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index dd34533b4f06..350ccc026633 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,8 +23,6 @@ jobs: build_bundle_macos: name: BuildBundle-MacOs runs-on: macos-13 - permissions: - contents: write outputs: version: ${{ steps.bundle.outputs.version }} bundle: ${{ steps.bundle.outputs.bundle }} @@ -49,8 +47,6 @@ jobs: build_bundle_macos_aarch64: name: BuildBundle-MacOs-ARM runs-on: macos-14 - permissions: - contents: write outputs: version: ${{ steps.bundle.outputs.version }} bundle: ${{ steps.bundle.outputs.bundle }} @@ -247,8 +243,6 @@ jobs: name: Release runs-on: ubuntu-20.04 needs: [build_bundle_macos, build_bundle_macos_aarch64, build_bundle_linux, test_bundle] - permissions: - contents: write outputs: version: ${{ steps.versioning.outputs.version }} upload_url: ${{ steps.create_release.outputs.upload_url }}