-
Notifications
You must be signed in to change notification settings - Fork 96
243 lines (232 loc) · 10.2 KB
/
maven_crosstest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Java Cross Test
# Builds native binaries for various Linux and Windows architectures using Linux and Docker
# These are then combined with a macOS build to produce a combined set of binaries and jars
# The resulting binaries are then tested
on:
# allow direct trigger
workflow_dispatch:
push:
paths:
- '**/native/**'
- 'Makefile*'
- '**/OpenSslNative.java'
- '**/OpenSslCryptoRandomNative.java'
- '**/OpenSslInfoNative.java'
- '**/workflows/maven_crosstest.yml'
- 'src/docker/*'
- '!src/docker/Dockerfile*'
# Don't trigger on docker change; will be started after build
workflow_run:
workflows: ['Docker images']
types: [completed]
permissions:
contents: read
env:
REGISTRY: ghcr.io
# Output from build-cross-linux
CACHE-LINUX: crypto-target-linux
# Output from package-macos
CACHE-ALL: crypto-target-all
jobs:
# Remove any existing caches
cleanup:
runs-on: ubuntu-latest
permissions:
# `actions:write` permission is required to delete caches
# See also: https://docs.github.com/en/rest/actions/cache?apiVersion=2022-11-28#delete-a-github-actions-cache-for-a-repository-using-a-cache-id
actions: write
contents: read
steps:
- name: clear cache
env:
GH_TOKEN: ${{ github.token }}
run: |
gh extension install actions/gh-actions-cache
gh actions-cache delete ${{ env.CACHE-LINUX }} -R ${{ github.repository }} -B ${{ github.ref_name }} --confirm || true
gh actions-cache delete ${{ env.CACHE-ALL }} -R ${{ github.repository }} -B ${{ github.ref_name }} --confirm || true
# Use Linux and Docker to build Linux and Windows binaries
build-cross-linux:
needs: cleanup
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Image prefix (lower case)
run: |
echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV
- name: Build 64 bit native code
run: |
time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh src/docker/build.sh
- name: Build 32 bit native code
run: |
time IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh src/docker/build_linux32.sh
ls -l target
- name: Save generated Linux binaries
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
key: ${{ env.CACHE-LINUX }}
path: target
# Use macOS to build its native binaries and package them with the Linux/Windows ones
package-macos:
needs: build-cross-linux
runs-on: macos-13 # macos-14 does not have Java 8
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: Set up JDK
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
with:
distribution: 'temurin'
java-version: 8
# these values cause the plugin to set up the Maven settings.xml file
server-id: apache.snapshots.https # Value of the distributionManagement/repository/id field of the pom.xml
server-username: NEXUS_USER # env variable for username in deploy
server-password: NEXUS_PW # env variable for token in deploy
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Build on macOS
run: |
mvn -V -B -ntp test -DskipTests
# build 64 bit macOS libraries
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=mac64
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=macArm64
mvn -V -B -ntp -DskipTests -Drat.skip process-classes -Dtarget.name=mac-aarch64
ls -l target
- name: Retrieve saved Linux binaries
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
key: ${{ env.CACHE-LINUX }}
path: target
- name: Package and deploy to Maven Central on macOS
if: github.repository == 'apache/commons-crypto' && github.ref_name == 'master'
env:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
NEXUS_PW: ${{ secrets.NEXUS_PW }}
# Speed up builds by disabling unnecessary plugins
# Note: spdx.skip requires version 0.7.1+
run: |
ls -l target
mvn -V -B -ntp deploy -DskipTests -Drat.skip -Djacoco.skip -DbuildNumber.skip -Danimal.sniffer.skip -Dcyclonedx.skip -Dspdx.skip
ls -l target
# At some point would like to run the cross tests using only the jars
# In the meantime, use the target class structure
- name: Save generated Linux + macOS binaries
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
key: ${{ env.CACHE-ALL }}
path: target
# This is only visible on the Workflow summary page
- name: Upload packaged jars for external testing
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: crypto-package
path: target/*.jar
retention-days: 7
# Test Jobs that don't use Docker
standalone:
needs: package-macos
runs-on: ${{ matrix.os }}
# continue-on-error: ${{ matrix.experimental }}
strategy:
matrix:
include:
- os: macos-13 # macos-14 does not have Java 8
java: 8
expectedPath: Mac/x86_64
- os: ubuntu-latest
java: 8
expectedPath: Linux/x86_64
- os: windows-latest
java: 8
expectedPath: Windows/x86_64
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: Retrieve saved target tree
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
key: ${{ env.CACHE-ALL }}
path: target
enableCrossOsArchive: true
fail-on-cache-miss: true
- name: Show files
run: ls -l target
- name: Cache Maven
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
- name: Set up JDK ${{ matrix.java }}
uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
with:
distribution: 'temurin'
java-version: ${{ matrix.java }}
- name: OpenSSL version (default)
run: openssl version -a
- name: OpenSSL engine (macOS)
# need to override the libarary path on macOS to avoid 'unsafe load' complaint
if: ${{ runner.os == 'macOS' }}
# set up ENGINESDIR from openssl
run: |
echo $(openssl version -e | sed -n -e 's/engines-.*//' -e 's/: "/=/p') >> "$GITHUB_ENV"
- name: Test on ${{ matrix.os }} ${{ matrix.expectedPath }} (Java ${{ matrix.java }})
run: >
mvn -V -B -ntp surefire:test -Ptest-with-jar -D"jni.library.path=$ENGINESDIR" -D"jna.library.path=$ENGINESDIR"
-D"OsInfoTest.expectedPath=${{ matrix.expectedPath }}"
# use Linux and Docker to test some additional OS arch combinations
test-cross-linux:
needs: package-macos
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- name: Docker setup QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Image prefix (lower case)
run: |
echo "IMAGE_PREFIX=$(echo ${{ env.REGISTRY }}/${{ github.repository }} | tr '[A-Z]' '[a-z]')" >>$GITHUB_ENV
- name: Retrieve saved target tree
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
key: ${{ env.CACHE-ALL }}
path: target
- name: Run on Linux/aarch64
run: |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-aarch64-gh \
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/aarch64
- name: Run on riscv64
# See https://github.com/java-native-access/jna/issues/1557
run: |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-riscv64-gh \
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/riscv64 -Djna.version=5.12.0
- name: Run on Linux/x86_64
run: |
IMAGE_PREFIX=${IMAGE_PREFIX} docker compose -f src/docker/docker-compose-gh.yaml run --quiet-pull crypto-gh \
src/docker/test_cross.sh -Ptest-with-jar -DOsInfoTest.expectedPath=Linux/x86_64