summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.github/workflows/ci.yml119
-rw-r--r--.github/workflows/fuzzing.yml84
-rw-r--r--azure-pipelines.yml263
3 files changed, 203 insertions, 263 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..1bd13fd
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,119 @@
+# Used as inspiration: https://github.com/mvdan/github-actions-golang
+
+name: Cross-Platform
+
+on:
+ push:
+ branches:
+ - v2
+ pull_request:
+ branches:
+ - v2
+
+jobs:
+ test:
+ strategy:
+ # Default is true, cancels jobs for other platforms in the matrix if one fails
+ fail-fast: false
+ matrix:
+ os: [ ubuntu-latest, macos-latest, windows-latest ]
+ go-version: [ 1.14.x ]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - name: Install Go
+ uses: actions/setup-go@v1
+ with:
+ go-version: ${{ matrix.go-version }}
+
+ - name: Checkout code
+ uses: actions/checkout@v2
+
+ # These tools would be useful if we later decide to reinvestigate
+ # publishing test/coverage reports to some tool for easier consumption
+ # - name: Install test and coverage analysis tools
+ # run: |
+ # go get github.com/axw/gocov/gocov
+ # go get github.com/AlekSi/gocov-xml
+ # go get -u github.com/jstemmer/go-junit-report
+ # echo "::add-path::$(go env GOPATH)/bin"
+
+ - name: Print Go version and environment
+ run: |
+ printf "Using go at: $(which go)\n"
+ printf "Go version: $(go version)\n"
+ printf "\n\nGo environment:\n\n"
+ go env
+ printf "\n\nSystem environment:\n\n"
+ env
+
+ - name: Get dependencies
+ run: |
+ go get -v -t -d ./...
+ # mkdir test-results
+
+ - name: Build Caddy
+ working-directory: ./cmd/caddy
+ env:
+ CGO_ENABLED: 0
+ run: |
+ go build -trimpath -a -ldflags="-w -s" -v
+
+ - name: Publish Build Artifact (Windows)
+ if: matrix.os == 'windows-latest'
+ uses: actions/upload-artifact@v1
+ with:
+ name: caddy_v2_${{ matrix.os }}
+ path: ./cmd/caddy/caddy.exe
+
+ - name: Publish Build Artifact (Linux/Mac)
+ if: matrix.os != 'windows-latest'
+ uses: actions/upload-artifact@v1
+ with:
+ name: caddy_v2_${{ matrix.os }}
+ path: ./cmd/caddy/caddy
+
+ # Commented bits below were useful to allow the job to continue
+ # even if the tests fail, so we can publish the report separately
+ # For info about set-output, see https://stackoverflow.com/questions/57850553/github-actions-check-steps-status
+ - name: Run tests
+ # id: step_test
+ # continue-on-error: true
+ run: |
+ # (go test -v -coverprofile=cover-profile.out -race ./... 2>&1) > test-results/test-result.out
+ go test -v -coverprofile="cover-profile.out" -race ./...
+ # echo "::set-output name=status::$?"
+
+ # Relevant step if we reinvestigate publishing test/coverage reports
+ # - name: Prepare coverage reports
+ # run: |
+ # mkdir coverage
+ # gocov convert cover-profile.out > coverage/coverage.json
+ # # Because Windows doesn't work with input redirection like *nix, but output redirection works.
+ # (cat ./coverage/coverage.json | gocov-xml) > coverage/coverage.xml
+
+ # To return the correct result even though we set 'continue-on-error: true'
+ # - name: Coerce correct build result (Windows)
+ # if: matrix.os == 'windows-latest' && steps.step_test.outputs.status != 'True'
+ # run: |
+ # echo "step_test ${{ steps.step_test.outputs.status }}\n"
+ # exit 1
+ # - name: Coerce correct build result (Linux/Mac)
+ # if: matrix.os != 'windows-latest' && steps.step_test.outputs.status != 0
+ # run: |
+ # echo "step_test ${{ steps.step_test.outputs.status }}\n"
+ # exit 1
+
+ # From https://github.com/reviewdog/action-golangci-lint
+ golangci-lint:
+ name: runner / golangci-lint
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout code into the Go module directory
+ uses: actions/checkout@v2
+
+ - name: Run golangci-lint
+ uses: reviewdog/action-golangci-lint@v1
+ # uses: docker://reviewdog/action-golangci-lint:v1 # pre-build docker image
+ with:
+ github_token: ${{ secrets.github_token }} \ No newline at end of file
diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml
new file mode 100644
index 0000000..a0487c1
--- /dev/null
+++ b/.github/workflows/fuzzing.yml
@@ -0,0 +1,84 @@
+name: Fuzzing
+
+on:
+ # Regression testing
+ push:
+ branches:
+ - v2
+ pull_request:
+ branches:
+ - v2
+
+ # Daily midnight fuzzing
+ schedule:
+ - cron: '0 0 * * *'
+
+jobs:
+ fuzzing:
+ name: Fuzzing
+
+ strategy:
+ matrix:
+ os: [ ubuntu-latest ]
+ go-version: [ 1.14.x ]
+ runs-on: ${{ matrix.os }}
+
+ steps:
+ - name: Install Go
+ uses: actions/setup-go@v1
+ with:
+ go-version: ${{ matrix.go-version }}
+
+ - name: Checkout code
+ uses: actions/checkout@v2
+
+ - name: Download go-fuzz tools and the Fuzzit CLI, move Fuzzit CLI to GOBIN
+ # If we decide we need to prevent this from running on forks, we can use this line:
+ # if: github.repository == 'caddyserver/caddy'
+ run: |
+ # Install Clang-7.0 because other versions seem to be missing the file libclang_rt.fuzzer-x86_64.a
+ sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-7 main"
+ wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
+ sudo apt update && sudo apt install -y clang-7 lldb-7 lld-7
+
+ go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
+ wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.77/fuzzit_Linux_x86_64
+ chmod a+x fuzzit
+ mv fuzzit $(go env GOPATH)/bin
+ echo "::add-path::$(go env GOPATH)/bin"
+
+ - name: Generate fuzzers & submit them to Fuzzit
+ continue-on-error: true
+ env:
+ FUZZIT_API_KEY: ${{ secrets.FUZZIT_API_KEY }}
+ run: |
+ declare -A fuzzers_funcs=(\
+ ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \
+ ["./caddyconfig/caddyfile/parse_fuzz.go"]="FuzzParseCaddyfile" \
+ ["./listeners_fuzz.go"]="FuzzParseNetworkAddress" \
+ ["./replacer_fuzz.go"]="FuzzReplacer" \
+ )
+
+ declare -A fuzzers_targets=(\
+ ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="parse-address" \
+ ["./caddyconfig/caddyfile/parse_fuzz.go"]="parse-caddyfile" \
+ ["./listeners_fuzz.go"]="parse-network-address" \
+ ["./replacer_fuzz.go"]="replacer" \
+ )
+
+ fuzz_type="local-regression"
+ if [[ ${{ github.event_name }} == "schedule" ]]; then
+ fuzz_type="fuzzing"
+ fi
+ echo "Github event: ${{ github.event_name }}"
+ echo "Fuzzing type: $fuzz_type"
+
+ for f in $(find . -name \*_fuzz.go); do
+ FUZZER_DIRECTORY=$(dirname $f)
+ echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f"
+ go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY
+ echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f"
+ clang-7 -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}"
+ fuzzit create job caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]} --api-key ${FUZZIT_API_KEY} --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}"
+ echo "Completed $f"
+ done
diff --git a/azure-pipelines.yml b/azure-pipelines.yml
deleted file mode 100644
index 1829cde..0000000
--- a/azure-pipelines.yml
+++ /dev/null
@@ -1,263 +0,0 @@
-# Mutilated beyond recognition from the example at:
-# https://docs.microsoft.com/azure/devops/pipelines/languages/go
-
-trigger:
- - v2
-
-schedules:
-- cron: "0 0 * * *"
- displayName: Daily midnight fuzzing
- branches:
- include:
- - v2
- always: true
-
-variables:
- GOROOT: $(gorootDir)/go
- GOPATH: $(system.defaultWorkingDirectory)/gopath
- GOBIN: $(GOPATH)/bin
- modulePath: '$(GOPATH)/src/github.com/$(build.repository.name)'
-
-jobs:
-- job: crossPlatformTest
- displayName: "Cross-Platform Tests"
- strategy:
- matrix:
- linux:
- imageName: ubuntu-16.04
- gorootDir: /usr/local
- mac:
- imageName: macos-10.14
- gorootDir: /usr/local
- windows:
- imageName: windows-2019
- gorootDir: C:\
- pool:
- vmImage: $(imageName)
-
- steps:
- - bash: |
- latestGo=$(curl "https://golang.org/VERSION?m=text")
- echo "##vso[task.setvariable variable=LATEST_GO]$latestGo"
- echo "Latest Go version: $latestGo"
- displayName: "Get latest Go version"
-
- - bash: |
- sudo rm -f $(which go)
- echo '##vso[task.prependpath]$(GOBIN)'
- echo '##vso[task.prependpath]$(GOROOT)/bin'
- mkdir -p '$(modulePath)'
- shopt -s extglob
- shopt -s dotglob
- mv !(gopath) '$(modulePath)'
- displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH
-
- # Install Go (this varies by platform)
- - bash: |
- wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz"
- sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz"
- condition: eq( variables['Agent.OS'], 'Linux' )
- displayName: Install Go on Linux
-
- - bash: |
- wget "https://dl.google.com/go/$(LATEST_GO).darwin-amd64.tar.gz"
- sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).darwin-amd64.tar.gz"
- condition: eq( variables['Agent.OS'], 'Darwin' )
- displayName: Install Go on macOS
-
- # The low performance is partly due to PowerShell's attempt to update the progress bar. Disabling it speeds up the process.
- # Reference: https://github.com/PowerShell/PowerShell/issues/2138
- - powershell: |
- $ProgressPreference = 'SilentlyContinue'
- Write-Host "Downloading Go..."
- (New-Object System.Net.WebClient).DownloadFile("https://dl.google.com/go/$(LATEST_GO).windows-amd64.zip", "$(LATEST_GO).windows-amd64.zip")
- Write-Host "Extracting Go... (I'm slow too)"
- 7z x "$(LATEST_GO).windows-amd64.zip" -o"$(gorootDir)"
- condition: eq( variables['Agent.OS'], 'Windows_NT' )
- displayName: Install Go on Windows
-
- - bash: curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.23.6
- displayName: Install golangci-lint
-
- - script: |
- go get github.com/axw/gocov/gocov
- go get github.com/AlekSi/gocov-xml
- go get -u github.com/jstemmer/go-junit-report
- displayName: Install test and coverage analysis tools
-
- - bash: |
- printf "Using go at: $(which go)\n"
- printf "Go version: $(go version)\n"
- printf "\n\nGo environment:\n\n"
- go env
- printf "\n\nSystem environment:\n\n"
- env
- displayName: Print Go version and environment
-
- - script: |
- go get -v -t -d ./...
- mkdir test-results
- workingDirectory: '$(modulePath)'
- displayName: Get dependencies
-
- - bash: CGO_ENABLED=0 go build -trimpath -a -ldflags="-w -s" -v
- workingDirectory: '$(modulePath)/cmd/caddy'
- displayName: Build Caddy
-
- - task: PublishBuildArtifacts@1
- condition: eq( variables['Agent.OS'], 'Windows_NT' )
- inputs:
- pathtoPublish: '$(modulePath)/cmd/caddy/caddy.exe'
- artifactName: caddy_v2.exe
-
- - task: PublishBuildArtifacts@1
- condition: ne( variables['Agent.OS'], 'Windows_NT' )
- inputs:
- pathtoPublish: '$(modulePath)/cmd/caddy/caddy'
- artifactName: 'caddy_v2_$(Agent.OS)'
-
- # its behavior is governed by .golangci.yml
- - script: |
- (golangci-lint run --out-format junit-xml) > test-results/lint-result.xml
- exit 0
- workingDirectory: '$(modulePath)'
- continueOnError: true
- displayName: Run lint check
-
- - script: |
- (go test -v -coverprofile=cover-profile.out -race ./... 2>&1) > test-results/test-result.out
- workingDirectory: '$(modulePath)'
- continueOnError: true
- displayName: Run tests
-
- - script: |
- set -e
- cmd/caddy/caddy start
- go test -v -count=1 ./caddytest/...
- cmd/caddy/caddy stop
- workingDirectory: '$(modulePath)'
- continueOnError: false
- displayName: Run Integration tests
-
- - script: |
- mkdir coverage
- gocov convert cover-profile.out > coverage/coverage.json
- # Because Windows doesn't work with input redirection like *nix, but output redirection works.
- (cat ./coverage/coverage.json | gocov-xml) > coverage/coverage.xml
- workingDirectory: '$(modulePath)'
- displayName: Prepare coverage reports
-
- - script: |
- (cat ./test-results/test-result.out | go-junit-report) > test-results/test-result.xml
- workingDirectory: '$(modulePath)'
- displayName: Prepare test report
-
- - task: PublishCodeCoverageResults@1
- displayName: Publish test coverage report
- inputs:
- codeCoverageTool: Cobertura
- summaryFileLocation: $(modulePath)/coverage/coverage.xml
-
- - task: PublishTestResults@2
- displayName: Publish unit test
- inputs:
- testResultsFormat: 'JUnit'
- testResultsFiles: $(modulePath)/test-results/test-result.xml
- testRunTitle: $(agent.OS) Unit Test
- mergeTestResults: false
-
- - task: PublishTestResults@2
- displayName: Publish lint results
- inputs:
- testResultsFormat: 'JUnit'
- testResultsFiles: $(modulePath)/test-results/lint-result.xml
- testRunTitle: $(agent.OS) Lint
- mergeTestResults: false
-
- - bash: |
- exit 1
- condition: eq(variables['Agent.JobStatus'], 'SucceededWithIssues')
- displayName: Coerce correct build result
-
-- job: fuzzing
- displayName: 'Fuzzing'
- # Only run this job on schedules or PRs for non-forks.
- condition: or(eq(variables['System.PullRequest.IsFork'], 'False'), eq(variables['Build.Reason'], 'Schedule') )
- strategy:
- matrix:
- linux:
- imageName: ubuntu-16.04
- gorootDir: /usr/local
- pool:
- vmImage: $(imageName)
-
- steps:
- - bash: |
- latestGo=$(curl "https://golang.org/VERSION?m=text")
- echo "##vso[task.setvariable variable=LATEST_GO]$latestGo"
- echo "Latest Go version: $latestGo"
- displayName: "Get latest Go version"
-
- - bash: |
- sudo rm -f $(which go)
- echo '##vso[task.prependpath]$(GOBIN)'
- echo '##vso[task.prependpath]$(GOROOT)/bin'
- mkdir -p '$(modulePath)'
- shopt -s extglob
- shopt -s dotglob
- mv !(gopath) '$(modulePath)'
- displayName: Remove old Go, set GOBIN/GOROOT, and move project into GOPATH
-
- - bash: |
- wget "https://dl.google.com/go/$(LATEST_GO).linux-amd64.tar.gz"
- sudo tar -C $(gorootDir) -xzf "$(LATEST_GO).linux-amd64.tar.gz"
- condition: eq( variables['Agent.OS'], 'Linux' )
- displayName: Install Go on Linux
-
- - bash: |
- # Install Clang-7.0 because other versions seem to be missing the file libclang_rt.fuzzer-x86_64.a
- sudo add-apt-repository "deb http://apt.llvm.org/xenial/ llvm-toolchain-xenial-7 main"
- wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add -
- sudo apt update && sudo apt install -y clang-7 lldb-7 lld-7
-
- go get -v github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-build
- wget -q -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/download/v2.4.77/fuzzit_Linux_x86_64
- chmod a+x fuzzit
- mv fuzzit $(GOBIN)
- displayName: Download go-fuzz tools and the Fuzzit CLI, and move Fuzzit CLI to GOBIN
- condition: and(eq(variables['System.PullRequest.IsFork'], 'False') , eq( variables['Agent.OS'], 'Linux' ))
-
- - bash: |
- declare -A fuzzers_funcs=(\
- ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="FuzzParseAddress" \
- ["./caddyconfig/caddyfile/parse_fuzz.go"]="FuzzParseCaddyfile" \
- ["./listeners_fuzz.go"]="FuzzParseNetworkAddress" \
- ["./replacer_fuzz.go"]="FuzzReplacer" \
- )
-
- declare -A fuzzers_targets=(\
- ["./caddyconfig/httpcaddyfile/addresses_fuzz.go"]="parse-address" \
- ["./caddyconfig/caddyfile/parse_fuzz.go"]="parse-caddyfile" \
- ["./listeners_fuzz.go"]="parse-network-address" \
- ["./replacer_fuzz.go"]="replacer" \
- )
-
- fuzz_type="local-regression"
- if [[ $(Build.Reason) == "Schedule" ]]; then
- fuzz_type="fuzzing"
- fi
- echo "Fuzzing type: $fuzz_type"
-
- for f in $(find . -name \*_fuzz.go); do
- FUZZER_DIRECTORY=$(dirname $f)
- echo "go-fuzz-build func ${fuzzers_funcs[$f]} residing in $f"
- go-fuzz-build -func "${fuzzers_funcs[$f]}" -libfuzzer -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" $FUZZER_DIRECTORY
- echo "Generating fuzzer binary of func ${fuzzers_funcs[$f]} which resides in $f"
- clang-7 -fsanitize=fuzzer "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}.a" -o "$FUZZER_DIRECTORY/${fuzzers_targets[$f]}"
- fuzzit create job caddyserver/${fuzzers_targets[$f]} $FUZZER_DIRECTORY/${fuzzers_targets[$f]} --api-key ${FUZZIT_API_KEY} --type "${fuzz_type}" --branch "${SYSTEM_PULLREQUEST_SOURCEBRANCH}" --revision "${BUILD_SOURCEVERSION}"
- echo "Completed $f"
- done
- env:
- FUZZIT_API_KEY: $(FUZZIT_API_KEY)
- workingDirectory: '$(modulePath)'
- displayName: Generate fuzzers & submit them to Fuzzit