DragonOS-Community
/
aya
mirror de https://github.com/aya-rs/aya


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306
							name: aya-ci

on:
  push:
    branches:
      - main

  pull_request:
    branches:
      - main

  schedule:
    - cron: 00 4 * * *

env:
  CARGO_TERM_COLOR: always
  LLVM_VERSION: 18

jobs:
  lint:
    runs-on: ubuntu-22.04

    steps:
      - uses: actions/checkout@v4

      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: nightly
          components: rustfmt, clippy, miri, rust-src

      - uses: Swatinem/rust-cache@v2

      - uses: taiki-e/install-action@v2
        with:
          tool: cargo-hack,taplo-cli

      - name: Check C formatting
        run: git ls-files -- '*.c' '*.h' | xargs clang-format --dry-run --Werror

      - name: Check Markdown
        uses: DavidAnson/markdownlint-cli2-action@v16

      - name: Check TOML formatting
        run: taplo fmt --check

      - name: Check formatting
        run: cargo fmt --all -- --check

      - name: Run clippy
        run: cargo hack clippy --all-targets --feature-powerset --workspace -- --deny warnings

      - name: Check public API
        run: cargo xtask public-api

      - name: Run miri
        run: |
          set -euxo pipefail
          cargo hack miri test --all-targets --feature-powerset \
            --exclude aya-ebpf \
            --exclude aya-ebpf-bindings \
            --exclude aya-log-ebpf \
            --exclude integration-ebpf \
            --exclude integration-test \
            --workspace

  build-test-aya:
    strategy:
      fail-fast: false
      matrix:
        arch:
          - x86_64-unknown-linux-gnu
          - aarch64-unknown-linux-gnu
          - armv7-unknown-linux-gnueabi
          - riscv64gc-unknown-linux-gnu
    runs-on: ubuntu-22.04
    steps:
      - uses: actions/checkout@v4

      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: stable
          targets: ${{ matrix.arch }}

      - uses: Swatinem/rust-cache@v2

      - uses: taiki-e/install-action@cargo-hack

      - uses: taiki-e/setup-cross-toolchain-action@v1
        with:
          target: ${{ matrix.arch }}

      - name: Build
        run: |
          set -euxo pipefail
          cargo hack build --all-targets --feature-powerset \
            --exclude aya-ebpf \
            --exclude aya-ebpf-bindings \
            --exclude aya-log-ebpf \
            --exclude integration-ebpf \
            --workspace

      - name: Test
        env:
          RUST_BACKTRACE: full
        run: |
          set -euxo pipefail
          cargo hack test --all-targets --feature-powerset \
            --exclude aya-ebpf \
            --exclude aya-ebpf-bindings \
            --exclude aya-log-ebpf \
            --exclude integration-ebpf \
            --exclude integration-test \
            --workspace

      - name: Doctests
        env:
          RUST_BACKTRACE: full
        run: |
          set -euxo pipefail
          cargo hack test --doc --feature-powerset \
            --exclude aya-ebpf \
            --exclude aya-ebpf-bindings \
            --exclude aya-log-ebpf \
            --exclude init \
            --exclude integration-ebpf \
            --exclude integration-test \
            --workspace

  build-test-aya-ebpf:
    strategy:
      fail-fast: false
      matrix:
        arch:
          - x86_64
          - aarch64
          - arm
          - riscv64
        target:
          - bpfel-unknown-none
          - bpfeb-unknown-none
    runs-on: ubuntu-22.04

    steps:
      - uses: actions/checkout@v4

      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: nightly
          components: rust-src

      - uses: Swatinem/rust-cache@v2

      - name: bpf-linker
        run: cargo install bpf-linker --git https://github.com/aya-rs/bpf-linker.git

      - uses: taiki-e/install-action@cargo-hack
      - name: Build
        env:
          CARGO_CFG_BPF_TARGET_ARCH: ${{ matrix.arch }}
        run: |
          set -euxo pipefail
          cargo hack build --package aya-ebpf --package aya-log-ebpf \
            --feature-powerset \
            --target ${{ matrix.target }} \
            -Z build-std=core

      - name: Test
        env:
          CARGO_CFG_BPF_TARGET_ARCH: ${{ matrix.arch }}
          RUST_BACKTRACE: full
        run: |
          set -euxo pipefail
          cargo hack test --doc \
            --package aya-ebpf \
            --package aya-log-ebpf \
            --feature-powerset

  run-integration-test:
    strategy:
      fail-fast: false
      matrix:
        runner:
          # macos-14 is arm64 per
          # https://github.com/actions/runner-images#available-images which
          # doesn't support nested virtualization per
          # https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners#limitations-for-arm64-macos-runners
          - macos-13
          - ubuntu-22.04
    runs-on: ${{ matrix.runner }}
    steps:
      - uses: actions/checkout@v4
        with:
          submodules: recursive

      - name: Install prerequisites
        if: runner.os == 'Linux'
        # ubuntu-22.04 comes with clang 14[0] which doesn't include support for signed and 64bit
        # enum values which was added in clang 15[1].
        #
        # gcc-multilib provides at least <asm/types.h> which is referenced by libbpf.
        #
        # llvm provides llvm-objcopy which is used to build the BTF relocation tests.
        #
        # [0] https://github.com/actions/runner-images/blob/ubuntu22/20230724.1/images/linux/Ubuntu2204-Readme.md
        #
        # [1] https://github.com/llvm/llvm-project/commit/dc1c43d
        run: |
          set -euxo pipefail
          wget -qO- https://apt.llvm.org/llvm-snapshot.gpg.key | sudo tee /etc/apt/trusted.gpg.d/apt.llvm.org.asc
          echo deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-${{ env.LLVM_VERSION }} main | sudo tee /etc/apt/sources.list.d/llvm.list
          sudo apt update
          sudo apt -y install clang-${{ env.LLVM_VERSION }} gcc-multilib llvm-${{ env.LLVM_VERSION }} locate qemu-system-{arm,x86}
          echo /usr/lib/llvm-${{ env.LLVM_VERSION }}/bin >> $GITHUB_PATH

      - name: bpf-linker
        if: runner.os == 'Linux'
        run: cargo install bpf-linker --git https://github.com/aya-rs/bpf-linker.git

      - name: Install prerequisites
        if: runner.os == 'macOS'
        # The xargs shipped on macOS always exits 0 with -P0, so we need GNU findutils.
        #
        # The tar shipped on macOS doesn't support --wildcards, so we need GNU tar.
        #
        # The clang shipped on macOS doesn't support BPF, so we need LLVM from brew.
        #
        # We also need LLVM for bpf-linker, see comment below.
        run: |
          set -euxo pipefail
          brew update
          # https://github.com/actions/setup-python/issues/577
          find /usr/local/bin -type l -exec sh -c 'readlink -f "$1" \
          | grep -q ^/Library/Frameworks/Python.framework/Versions/' _ {} \; -exec rm -v {} \;
          HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 \
          brew install dpkg findutils gnu-tar llvm pkg-config qemu
          echo $(brew --prefix)/opt/findutils/libexec/gnubin >> $GITHUB_PATH
          echo $(brew --prefix)/opt/gnu-tar/libexec/gnubin >> $GITHUB_PATH
          echo $(brew --prefix)/opt/llvm/bin >> $GITHUB_PATH

      - uses: dtolnay/rust-toolchain@master
        with:
          toolchain: nightly
          components: rust-src
          targets: aarch64-unknown-linux-musl,x86_64-unknown-linux-musl

      - uses: Swatinem/rust-cache@v2

      - name: bpf-linker
        if: runner.os == 'macOS'
        # NB: rustc doesn't ship libLLVM.so on macOS, so disable proxying (default feature). We also
        # --force so that bpf-linker gets always relinked against the latest LLVM installed by brew.
        run: cargo install --force bpf-linker --git https://github.com/aya-rs/bpf-linker.git --no-default-features

      - name: Download debian kernels
        if: runner.arch == 'ARM64'
        run: |
          set -euxo pipefail
          mkdir -p test/.tmp/debian-kernels/arm64
          # NB: a 4.19 kernel image for arm64 was not available.
          # TODO: enable tests on kernels before 6.0.
          # linux-image-5.10.0-23-cloud-arm64-unsigned_5.10.179-3_arm64.deb \
          printf '%s\0' \
            linux-image-6.1.0-16-cloud-arm64-unsigned_6.1.67-1_arm64.deb \
            linux-image-6.10.4-cloud-arm64-unsigned_6.10.4-1_arm64.deb \
          | xargs -0 -t -P0 -I {} wget -nd -nv -P test/.tmp/debian-kernels/arm64 ftp://ftp.us.debian.org/debian/pool/main/l/linux/{}

      - name: Download debian kernels
        if: runner.arch == 'X64'
        run: |
          set -euxo pipefail
          mkdir -p test/.tmp/debian-kernels/amd64
          # TODO: enable tests on kernels before 6.0.
          # linux-image-4.19.0-21-cloud-amd64-unsigned_4.19.249-2_amd64.deb \
          # linux-image-5.10.0-23-cloud-amd64-unsigned_5.10.179-3_amd64.deb \
          printf '%s\0' \
            linux-image-6.1.0-16-cloud-amd64-unsigned_6.1.67-1_amd64.deb \
            linux-image-6.10.4-cloud-amd64-unsigned_6.10.4-1_amd64.deb \
          | xargs -0 -t -P0 -I {} wget -nd -nv -P test/.tmp/debian-kernels/amd64 ftp://ftp.us.debian.org/debian/pool/main/l/linux/{}

      - name: Extract debian kernels
        run: |
          set -euxo pipefail
          find test/.tmp -name '*.deb' -print0 | xargs -t -0 -I {} \
            sh -c "dpkg --fsys-tarfile {} | tar -C test/.tmp --wildcards --extract '*vmlinuz*' --file -"

      - name: Run local integration tests
        if: runner.os == 'Linux'
        run: cargo xtask integration-test local

      - name: Run virtualized integration tests
        run: find test/.tmp -name 'vmlinuz-*' | xargs -t cargo xtask integration-test vm

  # Provides a single status check for the entire build workflow.
  # This is used for merge automation, like Mergify, since GH actions
  # has no concept of "when all status checks pass".
  # https://docs.mergify.com/conditions/#validating-all-status-checks
  build-workflow-complete:
    needs:
      - lint
      - build-test-aya
      - build-test-aya-ebpf
      - run-integration-test
    runs-on: ubuntu-latest
    steps:
      - name: Build Complete
        run: echo "Build Complete"