Switch to Github actions

Travis-CI has been a disaster lately with us running out of credits or their system thinking we're out of credit anyway... So with Jenkins now covering arm64, let's move the rest of the CI to Github Actions instead. Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>

Switch to Github actions
4bc1dabe · Stéphane Graber · 4fece28f · 4bc1dabe · 4bc1dabe · 4bc1dabe
Unverified Commit 4bc1dabe authored Mar 17, 2021 by Stéphane Graber
6 changed files
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
+name: Test build
+on:
+  - push
+  - pull_request
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        compiler:
+          - gcc
+          - clang
+        os:
+          - ubuntu-16.04
+          - ubuntu-18.04
+          - ubuntu-20.04
+        exclude:
+          - os: ubuntu-16.04
+            compiler: gcc
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq gcc clang
+          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x
+      - name: Compiler version
+        env:
+          CC: ${{ matrix.compiler }}
+        run: |
+          ${CC} --version
+      - name: Build
+        env:
+          CC: ${{ matrix.compiler }}
+        run: |
+          # Configure
+          export CFLAGS="-Wall -Werror"
+          export LDFLAGS="-pthread -lpthread"
+          ./autogen.sh
+          BUILD="$(pwd)/build"
+          mkdir -p "${BUILD}"
+          cd "${BUILD}"
+          if [ "${{ matrix.compiler }}" = "gcc" ]; then
+            ../configure --enable-tests --enable-ubsan --with-distro=unknown
+          else
+            ../configure --enable-tests --with-distro=unknown
+          fi
+          # Build
+          make -j4
+          make DESTDIR="${BUILD}/install" install
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
+name: Coverity
+on:
+  - push:
+      branches:
+        - master
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Download Coverity Build Tool
+        run: |
+          wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=lxc/lxc" -O cov-analysis-linux64.tar.gz
+          mkdir cov-analysis-linux64
+          tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq gcc clang
+          sudo apt-get install -qq libapparmor-dev libcap-dev libseccomp-dev libselinux1-dev linux-libc-dev docbook2x
+      - name: Run coverity
+        run: |
+          # Configure
+          export PATH="$(pwd)/cov-analysis-linux64/bin:${PATH}"
+          export CFLAGS="-Wall -Werror"
+          export LDFLAGS="-pthread -lpthread"
+          ./autogen.sh
+          BUILD="$(pwd)/build"
+          mkdir -p "${BUILD}"
+          cd "${BUILD}"
+          ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror
+          # Build
+          cov-build --dir cov-int make -j4
+          tar czvf lxc.tgz cov-int
+          # Submit the results
+          curl \
+            --form project=lxc/lxc \
+            --form token=${TOKEN} \
+            --form email=lxc-devel@lists.linuxcontainers.org \
+            --form file=@lxc.tgz \
+            --form version=master \
+            --form description="${GITHUB_SHA}" \
+            https://scan.coverity.com/builds?project=lxc/lxc
+        env:
+          TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
--- a/.github/workflows/static-analysis.yml
+++ b/.github/workflows/static-analysis.yml
+name: Static analysis
+on:
+  - push
+  - pull_request
+jobs:
+  test:
+    runs-on: ubuntu-18.04
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+      - name: Install dependencies
+        run: |
+          sudo apt-get update -qq
+          sudo apt-get install -qq coccinelle
+      - name: Confirm coccinelle output is clean
+        run: |
+          ./coccinelle/run-coccinelle.sh -i
+          git diff --exit-code
+      - name: Confirm apparmor profile is up to date
+        run: |
+          cd config/apparmor/
+          ./lxc-generate-aa-rules.py container-rules.base > container-rules
+          git diff --exit-code
--- a/.travis.yml
+++ b/.travis.yml
-dist: bionic
-sudo: required
-language: c
-compiler:
- - gcc
- - clang
-arch:
- - amd64
- - arm64
- - ppc64le
- - s390x
-before_install:
- - sudo add-apt-repository ppa:ubuntu-lxc/daily -y
- - sudo apt-get update -qq
- - sudo apt-get install -qq coccinelle parallel libapparmor-dev libcap-dev libseccomp-dev python3-dev python3-setuptools docbook2x libselinux1-dev linux-libc-dev
-script: src/tests/travis.sh
-notifications:
-  email:
-    recipients:
-      - lxc-devel@lists.linuxcontainers.org
-  webhooks: https://linuxcontainers.org/webhook-lxcbot/
-env:
- global:
-   - secure: "HlNoguS2Sjyj7Mbb644wrHZqdp/p7I7gX00XoUzLRcFosmVdYpHo6Ix8pt9ddC5tDfX05pl5x8OBwrccY+picb9NDNCt7C5TlNcuyyDROnMJW5q33j4EZRI91sBQdmn2uorMzi/CnHEtvUw20+sjBOqIqvpnUV2SMaZiWGC1Eec="
-addons:
-  coverity_scan:
-    build_script_url: https://dl.stgraber.org/coverity_travis.sh
-    project:
-      name: lxc/lxc
-      description: "LXC - Linux Containers https://linuxcontainers.org/lxc"
-    # Where email notification of build analysis results will be sent
-    notification_email: christian.brauner@ubuntu.com
-    build_command_prepend: "./autogen.sh && mkdir build && cd build && ../configure --enable-coverity-build --enable-tests --with-distro=unknown --disable-rpath --enable-tests --enable-memfd-rexec --enable-seccomp --enable-static --enable-werror"
-    build_command: "make -j4"
-    branch_pattern: master
--- a/src/tests/Makefile.am
+++ b/src/tests/Makefile.am
@@ -788,8 +788,7 @@ EXTRA_DIST = basic.c \
 	     snapshot.c \
 	     startone.c \
 	     state_server.c \
-	     share_ns.c \
+	     share_ns.c
-	     travis.sh
 clean-local:
 	rm -f lxc-test-utils-*

--- a/src/tests/travis.sh
+++ b/src/tests/travis.sh
-#! /bin/bash
-set -e
-./coccinelle/run-coccinelle.sh -i
-git diff --exit-code
-export CFLAGS="-Wall -Werror"
-export LDFLAGS="-pthread -lpthread"
-./autogen.sh
-rm -Rf build
-mkdir build
-cd build
-if [ "$CC_FOR_BUILD" == "gcc" ]; then
-  ../configure --enable-tests --enable-ubsan --with-distro=unknown
-else
-  ../configure --enable-tests --with-distro=unknown
-fi
-make -j4
-make DESTDIR="$TRAVIS_BUILD_DIR"/install install
-cd ../config/apparmor
-./lxc-generate-aa-rules.py container-rules.base > /tmp/output
-diff /tmp/output container-rules