Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

act doesn't support expression lists for ports and expression mapping for env #2529

Open
jsoref opened this issue Nov 12, 2024 · 1 comment
Labels
area/workflow Relating to workflow definitions backlog Those issues are on the roadmap kind/bug Something isn't working needs-work Extra attention is needed

Comments

@jsoref
Copy link
Contributor

jsoref commented Nov 12, 2024

Bug report info

act version:            0.2.69
GOOS:                   darwin
GOARCH:                 arm64
NumCPU:                 10
Docker host:            DOCKER_HOST environment variable is not set
Sockets found:
	/var/run/docker.sock
Config files:           
	/Users/jsoref/.actrc:
		#-P ubuntu-latest=node:12.20.1-buster-slim
		#-P ubuntu-20.04=node:12.20.1-buster-slim
		#-P ubuntu-18.04=node:12.20.1-buster-slim
		-P ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
		-P ubuntu-24.04=ghcr.io/catthehacker/ubuntu:act-latest
		-P ubuntu-22.04=ghcr.io/catthehacker/ubuntu:act-22.04
		-P ubuntu-20.04=ghcr.io/catthehacker/ubuntu:act-20.04
		-P self-hosted=catthehacker/ubuntu:act-latest
		-P ubuntu-latest-4cpu=ubuntu:act-latest
		-P ubuntu-latest-8cpu=ubuntu:act-latest
		--use-new-action-cache
Build info:
	Go version:            go1.23.2
	Module path:           command-line-arguments
	Main version:          
	Main path:             
	Main checksum:         
	Build settings:
		-buildmode:           exe
		-compiler:            gc
		-ldflags:             -X main.version=0.2.69
		DefaultGODEBUG:       asynctimerchan=1,gotypesalias=0,httplaxcontentlength=1,httpmuxgo121=1,httpservecontentkeepheaders=1,tls10server=1,tls3des=1,tlskyber=0,tlsrsakex=1,tlsunsafeekm=1,winreadlinkvolume=0,winsymlink=0,x509keypairleaf=0,x509negativeserial=1
		CGO_ENABLED:          1
		CGO_CFLAGS:           
		CGO_CPPFLAGS:         
		CGO_CXXFLAGS:         
		CGO_LDFLAGS:          
		GOARCH:               arm64
		GOOS:                 darwin
		GOARM64:              v8.0
Docker Engine:
	Engine version:        26.1.5
	Engine runtime:        runc
	Cgroup version:        2
	Cgroup driver:         cgroupfs
	Storage driver:        overlay2
	Registry URI:          https://index.docker.io/v1/
	OS:                    Alpine Linux v3.20
	OS type:               linux
	OS version:            3.20.3
	OS arch:               aarch64
	OS kernel:             6.6.51-0-virt
	OS CPU:                2
	OS memory:             1906 MB
	Security options:
		name=seccomp,profile=builtin
		name=cgroupns

Command used with act

act -l

Describe issue

I expected to get a list of workflows

Link to GitHub repository

https://github.com/PowerDNS/pdns/blob/4b81e7f615fbe0bb0c65c2811716726ce0228d70/.github/workflows/build-and-test-all.yml#L367-L447

Workflow content

---
name: 'Build and test everything'

on:
  push:
  pull_request:
  workflow_call:
    inputs:
      branch-name:
        description: 'Checkout to a specific branch'
        required: true
        default: ''
        type: string
      runner-docker-image-name:
        description: 'Image name to be used for running all jobs'
        required: false
        default: ''
        type: string
  schedule:
    - cron: '0 22 * * 3'

permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
  contents: read

env:
  COMPILER: clang
  CLANG_VERSION: '13'
  # github.workspace variable points to the Runner home folder. Container home folder defined below.
  REPO_HOME: '/__w/${{ github.event.repository.name }}/${{ github.event.repository.name }}'
  BUILDER_VERSION: '0.0.0-git1'
  COVERAGE: ${{ github.repository == 'PowerDNS/pdns' && 'yes' || 'no' }}
  LLVM_PROFILE_FILE: "/tmp/code-%p.profraw"
  OPTIMIZATIONS: yes
  DECAF_SUPPORT: yes

jobs:
  get-runner-container-image:
    name: generate docker runner image name
    runs-on: ubuntu-22.04
    outputs:
      id: ${{ steps.get-runner-image.outputs.image-id }}
      tag: ${{ steps.get-runner-image.outputs.tag }}
    env:
      DEFAULT_RUNNER_DOCKER_IMAGE: base-pdns-ci-image/debian-12-pdns-base
      DEFAULT_IMAGE_TAG: master # update when backporting, e.g. auth-4.9.x
    steps:
      - id: get-runner-image
        run: |
          echo "image-id=ghcr.io/powerdns/${{ inputs.runner-docker-image-name || env.DEFAULT_RUNNER_DOCKER_IMAGE }}" >> "$GITHUB_OUTPUT"
          echo "tag=${{ env.DEFAULT_IMAGE_TAG }}" >> "$GITHUB_OUTPUT"

  build-auth:
    name: build auth (${{ matrix.builder }})
    if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }}
    runs-on: ubuntu-22.04
    needs: get-runner-container-image
    container:
      image: "${{ matrix.container_image }}"
      env:
        FUZZING_TARGETS: yes
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        UNIT_TESTS: yes
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    strategy:
      matrix:
        container_image: ["${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"]
        builder: [autotools, meson]
        exclude:
          - container_image: "ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:${{ needs.get-runner-container-image.outputs.tag }}"
            builder: meson
      fail-fast: false
    defaults:
      run:
        working-directory: ./pdns-${{ env.BUILDER_VERSION }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - name: get timestamp for cache
        id: get-stamp
        run: |
          echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
        shell: bash
        working-directory: .
      - run: mkdir -p ~/.ccache
        working-directory: .
      - name: let GitHub cache our ccache data
        uses: actions/cache@v4
        with:
          path: ~/.ccache
          key: auth-ccache-${{ matrix.builder }}-${{ steps.get-stamp.outputs.stamp }}
          restore-keys: auth-ccache-${{ matrix.builder }}
      - name: set sanitizers
        run: echo "SANITIZERS=${{ matrix.builder == 'meson' && 'address,undefined' || 'asan+ubsan' }}" >> "$GITHUB_ENV"
        working-directory: .
      - run: inv install-auth-build-deps
        working-directory: .
      - run: inv ci-autoconf ${{ matrix.builder == 'meson' && '--meson' || '' }}
        working-directory: .
      - run: inv ci-auth-configure ${{ matrix.builder == 'meson' && '--meson' || '' }} -b pdns-${{ env.BUILDER_VERSION }}
        working-directory: .
      - run: inv ci-auth-build ${{ matrix.builder == 'meson' && '--meson' || '' }} # This runs under pdns-$BUILDER_VERSION/pdns/ for make bear
      - run: inv ci-auth-install-remotebackend-test-deps
      - if: ${{ matrix.builder == 'meson' }}
        run: inv install-auth-test-deps-only -b geoip
      - run: inv ci-auth-run-unit-tests ${{ matrix.builder == 'meson' && '--meson' || '' }}
        env:
          PDNS_BUILD_PATH: ../pdns-${{ env.BUILDER_VERSION }}
      - run: inv generate-coverage-info ./testrunner $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.builder != 'meson' }}
        working-directory: ./pdns-${{ env.BUILDER_VERSION }}/pdns
      - name: Coveralls Parallel auth unit
        if: ${{ env.COVERAGE == 'yes' && matrix.builder != 'meson' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: auth-unit-${{ env.SANITIZERS }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false
      - run: inv ci-auth-install ${{ matrix.builder == 'meson' && '--meson' || '' }}
      - run: ccache -s
      - if: ${{ matrix.builder != 'meson' }}
        run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - if: ${{ matrix.builder != 'meson' }}
        name: Store the binaries
        uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
        with:
          name: pdns-auth-${{ env.normalized-branch-name }}
          path: /opt/pdns-auth
          retention-days: 1

  build-recursor:
    name: build recursor
    if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }}
    runs-on: ubuntu-22.04
    needs: get-runner-container-image
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
        features: [least, full]
        exclude:
          - sanitizers: tsan
            features: least
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        SANITIZERS: ${{ matrix.sanitizers }}
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        UNIT_TESTS: yes
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    defaults:
      run:
        working-directory: ./pdns/recursordist/pdns-recursor-${{ env.BUILDER_VERSION }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - name: get timestamp for cache
        id: get-stamp
        run: |
          echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
        shell: bash
        working-directory: .
      - run: mkdir -p ~/.ccache
        working-directory: .
      - name: let GitHub cache our ccache data
        uses: actions/cache@v4
        with:
          path: ~/.ccache
          key: recursor-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }}
          restore-keys: recursor-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-
      - run: inv ci-install-rust ${{ env.REPO_HOME }}
        working-directory: ./pdns/recursordist/
      - run: inv ci-autoconf
        working-directory: ./pdns/recursordist/
      - run: inv ci-rec-configure ${{ matrix.features }}
        working-directory: ./pdns/recursordist/
      - run: inv ci-make-distdir
        working-directory: ./pdns/recursordist/
      - run: inv ci-rec-configure ${{ matrix.features }}
      - run: inv ci-rec-make-bear
      - run: inv ci-rec-run-unit-tests
      - run: inv generate-coverage-info ./testrunner $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel rec unit
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: rec-unit-${{ matrix.features }}-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false
      - run: inv ci-make-install
      - run: ccache -s
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Store the binaries
        uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
        with:
          name: pdns-recursor-${{ matrix.features }}-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/pdns-recursor
          retention-days: 1

  build-dnsdist:
    name: build dnsdist
    if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }}
    runs-on: ubuntu-22.04
    needs: get-runner-container-image
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
        features: [least, full]
        exclude:
          - sanitizers: tsan
            features: least
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        SANITIZERS: ${{ matrix.sanitizers }}
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        UNIT_TESTS: yes
        FUZZING_TARGETS: yes
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    defaults:
      run:
        working-directory: ./pdns/dnsdistdist/dnsdist-${{ env.BUILDER_VERSION }}
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - name: get timestamp for cache
        id: get-stamp
        run: |
          echo "stamp=$(/bin/date +%s)" >> "$GITHUB_OUTPUT"
        shell: bash
        working-directory: .
      - run: mkdir -p ~/.ccache
        working-directory: .
      - name: let GitHub cache our ccache data
        uses: actions/cache@v4
        with:
          path: ~/.ccache
          key: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-${{ steps.get-stamp.outputs.stamp }}
          restore-keys: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-ccache-
      - run: inv ci-install-rust ${{ env.REPO_HOME }}
        working-directory: ./pdns/dnsdistdist/
      - run: inv ci-build-and-install-quiche ${{ env.REPO_HOME }}
        working-directory: ./pdns/dnsdistdist/
      - run: inv ci-autoconf
        working-directory: ./pdns/dnsdistdist/
      - run: inv ci-dnsdist-configure ${{ matrix.features }}
        working-directory: ./pdns/dnsdistdist/
      - run: inv ci-make-distdir
        working-directory: ./pdns/dnsdistdist/
      - run: inv ci-dnsdist-configure ${{ matrix.features }}
      - run: inv ci-dnsdist-make-bear
      - run: inv ci-dnsdist-run-unit-tests
      - run: inv generate-coverage-info ./testrunner $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel dnsdist unit
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: dnsdist-unit-${{ matrix.features }}-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false
      - run: inv ci-make-install
      - run: ccache -s
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Store the binaries
        uses: actions/upload-artifact@v4 # this takes 30 seconds, maybe we want to tar
        with:
          name: dnsdist-${{ matrix.features }}-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/dnsdist
          retention-days: 1

  test-auth-api:
    needs:
      - build-auth
      - get-runner-container-image
    runs-on: ubuntu-22.04
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        ASAN_OPTIONS: detect_leaks=0
        TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-tsan.supp"
        AUTH_BACKEND_IP_ADDR: "172.17.0.1"
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    strategy:
      matrix:
        include:
          - backend: gsqlite3
            image: coscale/docker-sleep
          - backend: gmysql
            image: mysql:5
          - backend: gpgsql
            image: postgres:9
          - backend: lmdb
            image: coscale/docker-sleep
      fail-fast: false
    services:
      database:
        image: ${{ matrix.image }}
        env:
          POSTGRES_USER: runner
          POSTGRES_HOST_AUTH_METHOD: trust
          MYSQL_ALLOW_EMPTY_PASSWORD: 1
        ports:
          - 3306:3306
          - 5432:5432
        # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too.
        options: >-
          --restart always
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-auth-${{ env.normalized-branch-name }}
          path: /opt/pdns-auth
      - run: inv apt-fresh
      - run: inv install-clang-runtime
      - run: inv install-auth-test-deps -b ${{ matrix.backend }}
      - run: inv test-api auth -b ${{ matrix.backend }}
      - run: inv generate-coverage-info /opt/pdns-auth/sbin/pdns_server $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' }}
      - name: Coveralls Parallel auth API ${{ matrix.backend }}
        if: ${{ env.COVERAGE == 'yes' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: auth-api-${{ matrix.backend }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-auth-backend:
    needs:
      - build-auth
      - get-runner-container-image
    runs-on: ubuntu-22.04
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        ASAN_OPTIONS: detect_leaks=0
        LDAPHOST: ldap://ldapserver/
        ODBCINI: /github/home/.odbc.ini
        AUTH_BACKEND_IP_ADDR: "172.17.0.1"
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    strategy:
      matrix:
        include:
          - backend: remote
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: gmysql
            image: mysql:5
            env:
              MYSQL_ALLOW_EMPTY_PASSWORD: 1
            ports:
            - 3306:3306
          - backend: gmysql
            image: mariadb:10
            env:
              MYSQL_ALLOW_EMPTY_PASSWORD: 1
            ports:
            - 3306:3306
          - backend: gpgsql
            image: postgres:9
            env:
              POSTGRES_USER: runner
              POSTGRES_HOST_AUTH_METHOD: trust
            ports:
            - 5432:5432
          - backend: gsqlite3  # this also runs regression-tests.nobackend and pdnsutil test-algorithms
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: lmdb
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: bind
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: geoip
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: lua2
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: tinydns
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: authpy
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: godbc_sqlite3
            image: coscale/docker-sleep
            env: {}
            ports: []
          - backend: godbc_mssql
            image: mcr.microsoft.com/mssql/server:2022-CU12-ubuntu-22.04
            env:
              ACCEPT_EULA: Y
              SA_PASSWORD: 'SAsa12%%-not-a-secret-password'
            ports:
              - 1433:1433
          - backend: ldap
            image: powerdns/ldap-regress:1.2.4-1
            env:
              LDAP_LOG_LEVEL: 0
              CONTAINER_LOG_LEVEL: 4
            ports:
              - 389:389
          - backend: geoip_mmdb
            image: coscale/docker-sleep
            env: {}
            ports: []
      fail-fast: false
    services:
      database:
        image: ${{ matrix.image }}
        env: ${{ matrix.env }}
        ports: ${{ matrix.ports }}
        # FIXME: this works around dist-upgrade stopping all docker containers. dist-upgrade is huge on these images anyway. Perhaps we do want to run our tasks in a Docker container too.
        options: >-
          --restart always
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-auth-${{ env.normalized-branch-name }}
          path: /opt/pdns-auth
      # FIXME: install recursor for backends that have ALIAS
      - run: inv install-clang-runtime
      - run: inv install-auth-test-deps -b ${{ matrix.backend }}
      - run: inv test-auth-backend -b ${{ matrix.backend }}
      - run: inv generate-coverage-info /opt/pdns-auth/sbin/pdns_server $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' }}
      - name: Coveralls Parallel auth backend ${{ matrix.backend }}
        if: ${{ env.COVERAGE == 'yes' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: auth-backend-${{ matrix.backend }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-ixfrdist:
    needs:
      - build-auth
      - get-runner-container-image
    runs-on: ubuntu-22.04
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        ASAN_OPTIONS: detect_leaks=0
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-auth-${{ env.normalized-branch-name }}
          path: /opt/pdns-auth
      - run: inv install-clang-runtime
      - run: inv install-auth-test-deps
      - run: inv test-ixfrdist
      - run: inv generate-coverage-info /opt/pdns-auth/bin/ixfrdist $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' }}
      - name: Coveralls Parallel ixfrdist
        if: ${{ env.COVERAGE == 'yes' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: ixfrdist
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-recursor-api:
    needs:
      - build-recursor
      - get-runner-container-image
    runs-on: ubuntu-22.04
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
        dist_name: [debian]
        pdns_repo_version: ['48']
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        ASAN_OPTIONS: detect_leaks=0
        TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-recursor-full-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/pdns-recursor
      - run: inv apt-fresh
      - run: inv add-auth-repo ${{ matrix.dist_name }} $(. /etc/os-release && echo $VERSION_CODENAME) ${{ matrix.pdns_repo_version }}
      - run: inv install-clang-runtime
      - run: inv install-rec-test-deps
      - run: inv test-api recursor
      - run: inv generate-coverage-info /opt/pdns-recursor/sbin/pdns_recursor $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel recursor API
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: rec-api-full-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-recursor-regression:
    needs:
      - build-recursor
      - get-runner-container-image
    runs-on: ubuntu-22.04
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
        dist_name: [debian]
        pdns_repo_version: ['48']
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp'
        ASAN_OPTIONS: ""
        LSAN_OPTIONS: "suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-lsan.supp"
        TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    steps:
      # - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-recursor-full-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/pdns-recursor
      - run: inv apt-fresh
      - run: inv add-auth-repo ${{ matrix.dist_name }} $(. /etc/os-release && echo $VERSION_CODENAME) ${{ matrix.pdns_repo_version }}
      - run: inv install-clang-runtime
      - run: inv install-rec-test-deps
      - run: inv test-regression-recursor
      - run: inv generate-coverage-info /opt/pdns-recursor/sbin/pdns_recursor $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel recursor regression
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: rec-regression-full-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-recursor-bulk:
    name: 'test rec *mini* bulk'
    needs:
      - build-recursor
      - get-runner-container-image
    runs-on: ubuntu-22.04
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
        threads: [1, 2, 3, 4, 8]
        mthreads: [2048]
        shards: [1, 2, 1024]
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: 'print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp'
        ASAN_OPTIONS: detect_leaks=0
        TSAN_OPTIONS: "halt_on_error=1:suppressions=${{ env.REPO_HOME }}/pdns/recursordist/recursor-tsan.supp"
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: pdns-recursor-full-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/pdns-recursor
      - run: inv install-clang-runtime
      - run: inv install-rec-bulk-deps
      - run: inv test-bulk-recursor ${{ matrix.threads }} ${{ matrix.mthreads }} ${{ matrix.shards }}
      - run: inv generate-coverage-info /opt/pdns-recursor/sbin/pdns_recursor $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel recursor bulk
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: rec-regression-bulk-full-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  test-dnsdist-regression:
    needs:
      - build-dnsdist
      - get-runner-container-image
    runs-on: ubuntu-22.04
    strategy:
      matrix:
        sanitizers: [ubsan+asan, tsan]
    container:
      image: "${{ needs.get-runner-container-image.outputs.id }}:${{ needs.get-runner-container-image.outputs.tag }}"
      env:
        UBSAN_OPTIONS: "print_stacktrace=1:halt_on_error=1:suppressions=${{ env.REPO_HOME }}/build-scripts/UBSan.supp"
        # Disabling (intercept_send=0) the custom send wrappers for ASAN and TSAN because they cause the tools to report a race that doesn't exist on actual implementations of send(), see https://github.com/google/sanitizers/issues/1498
        ASAN_OPTIONS: intercept_send=0
        LSAN_OPTIONS: "suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-lsan.supp"
        TSAN_OPTIONS: "halt_on_error=1:intercept_send=0:suppressions=${{ env.REPO_HOME }}/pdns/dnsdistdist/dnsdist-tsan.supp"
        # IncludeDir tests are disabled because of a weird interaction between TSAN and these tests which ever only happens on GH actions
        SKIP_INCLUDEDIR_TESTS: yes
        SANITIZERS: ${{ matrix.sanitizers }}
        COVERAGE: yes
      options: --sysctl net.ipv6.conf.all.disable_ipv6=0 --privileged
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: echo "normalized-branch-name=${{ inputs.branch-name || github.ref_name }}" | tr "/" "-" >> "$GITHUB_ENV"
      - name: Fetch the binaries
        uses: actions/download-artifact@v4
        with:
          name: dnsdist-full-${{ matrix.sanitizers }}-${{ env.normalized-branch-name }}
          path: /opt/dnsdist
      - run: inv install-clang-runtime
      - run: inv install-dnsdist-test-deps $([ "$(. /etc/os-release && echo $VERSION_CODENAME)" = "bullseye" ] && echo "--skipXDP=True")
      - run: inv test-dnsdist
      - run: inv generate-coverage-info /opt/dnsdist/bin/dnsdist $GITHUB_WORKSPACE
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
      - name: Coveralls Parallel dnsdist regression
        if: ${{ env.COVERAGE == 'yes' && matrix.sanitizers != 'tsan' }}
        uses: coverallsapp/github-action@v2
        with:
          flag-name: dnsdist-regression-full-${{ matrix.sanitizers }}
          path-to-lcov: $GITHUB_WORKSPACE/coverage.lcov
          parallel: true
          allow-empty: true
          fail-on-error: false

  swagger-syntax-check:
    if: ${{ !github.event.schedule || vars.SCHEDULED_JOBS_BUILD_AND_TEST_ALL }}
    runs-on: ubuntu-22.04
    # FIXME: https://github.com/PowerDNS/pdns/pull/12880
    # container:
    #   image: ghcr.io/powerdns/base-pdns-ci-image/debian-11-pdns-base:master
    #   options: --sysctl net.ipv6.conf.all.disable_ipv6=0
    steps:
      - uses: PowerDNS/pdns/set-ubuntu-mirror@meta
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - run: build-scripts/gh-actions-setup-inv  # this runs apt update+upgrade
      - run: inv install-swagger-tools
      - run: inv swagger-syntax-check

  collect:
    needs:
      - build-auth
      - build-dnsdist
      - build-recursor
      - swagger-syntax-check
      - test-auth-api
      - test-auth-backend
      - test-dnsdist-regression
      - test-ixfrdist
      - test-recursor-api
      - test-recursor-regression
      - test-recursor-bulk
    if: success() || failure()
    runs-on: ubuntu-22.04
    steps:
      - name: Coveralls Parallel Finished
        if: ${{ env.COVERAGE == 'yes' }}
        uses: coverallsapp/github-action@v2
        with:
          parallel-finished: true
          fail-on-error: false
      - name: Install jq and jc
        run: "sudo apt-get update && sudo apt-get install jq jc"
      - name: Fail job if any of the previous jobs failed
        run: "for i in `echo '${{ toJSON(needs) }}' | jq -r '.[].result'`; do if [[ $i == 'failure' ]]; then echo '${{ toJSON(needs) }}'; exit 1; fi; done;"
      - uses: actions/checkout@v4
        with:
          fetch-depth: 5
          submodules: recursive
          ref: ${{ inputs.branch-name }}
      - name: Get list of jobs in the workflow
        run: "cat .github/workflows/build-and-test-all.yml | jc --yaml | jq -rS '.[].jobs | keys | .[]' | grep -vE 'collect|get-runner-container-image' | tee /tmp/workflow-jobs-list.yml"
      - name: Get list of prerequisite jobs
        run: "echo '${{ toJSON(needs) }}' | jq -rS 'keys | .[]' | tee /tmp/workflow-needs-list.yml"
      - name: Fail if there is a job missing on the needs list
        run: "if ! diff -q /tmp/workflow-jobs-list.yml /tmp/workflow-needs-list.yml; then exit 1; fi"

# FIXME: if we can make upload/download-artifact fasts, running unit tests outside of build can let regression tests start earlier

Relevant log output

DEBU[0000] Reading workflow '/Users/jsoref/code/powerdns/pdns/.github/workflows/build-and-test-all.yml'
Error: workflow is not valid. 'build-and-test-all.yml': yaml: unmarshal errors:
  line 446: cannot unmarshal !!str `${{ mat...` into map[string]string
  line 447: cannot unmarshal !!str `${{ mat...` into []string


### Additional information

_No response_
@jsoref jsoref added the kind/bug Something isn't working label Nov 12, 2024
@jsoref jsoref changed the title error listing workflows when workflow has matrix in services/.../env+ports act doesn't support expression lists for ports and expression mapping for env Nov 12, 2024
@ChristopherHX ChristopherHX added needs-work Extra attention is needed area/workflow Relating to workflow definitions backlog Those issues are on the roadmap labels Nov 13, 2024
@ChristopherHX
Copy link
Contributor

I plan this for next year, as enhancement for github-act-runner including a patch for act cli

Features of both act-cli (full workflow) and github-act-runner (single job worker only) gain higher priority from my side

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/workflow Relating to workflow definitions backlog Those issues are on the roadmap kind/bug Something isn't working needs-work Extra attention is needed
Projects
None yet
Development

No branches or pull requests

2 participants