forked from wolfSSL/wolfssl
-
Notifications
You must be signed in to change notification settings - Fork 0
121 lines (112 loc) · 5.91 KB
/
Copy pathtrackmemory.yml
File metadata and controls
121 lines (112 loc) · 5.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: WOLFSSL_TRACK_MEMORY Tests
# START OF COMMON SECTION
on:
push:
branches: [ 'release/**' ]
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
branches: [ '*' ]
# Weekday-morning cron (10:00 UTC) seeds the master-scoped ccache that PR runs
# restore: re-runs --build-only (compile only, no tests) on the
# default branch. PR runs are read-only (see ccache-setup).
schedule:
- cron: '44 10 * * 1-5'
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# END OF COMMON SECTION
jobs:
# All former runner-per-config matrix entries build on one runner via
# .github/scripts/parallel-make-check.py (see os-check.yml for the full
# pattern): each config in its own out-of-tree ("VPATH") build directory
# off one checkout/autogen, checks on a pool of one-per-CPU worker
# threads, longest first. bubblewrap gives every test script its own
# network namespace so concurrent checks cannot collide on TCP/UDP ports
# (do not set AM_BWRAPPED here - that would disable it).
make_check:
name: make check
if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }}
runs-on: ubuntu-24.04
# Typical runs finish in 13-16 min, but the wolfEntropy configs gather
# entropy from CPU timing jitter, whose runtime varies severalfold with
# runner contention (a 20-min limit was hit with one config left).
timeout-minutes: 40
steps:
- uses: actions/checkout@v5
name: Checkout wolfSSL
- name: Install dependencies
uses: ./.github/actions/install-apt-deps
with:
packages: autoconf automake libtool build-essential bubblewrap
ghcr-debs-tag: ubuntu-24.04-minimal
# ccache via the cross-platform composite; the script passes the
# compiler to configure as CC="ccache gcc" (or a per-config "cc").
- name: Set up ccache
uses: ./.github/actions/ccache-setup
with:
workflow-id: trackmemory
read-only: ${{ github.event_name == 'pull_request' }}
max-size: 250M
# Ubuntu 24.04 can restrict unprivileged user namespaces via AppArmor,
# which would stop the test scripts from re-execing under
# bwrap --unshare-net (their port-isolation mechanism).
- name: Allow unprivileged user namespaces (for bwrap)
run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0 || true
# The JSON list below is the former runner-per-config matrix; add new
# configs as new entries (a "comment" key is allowed for notes).
# "minutes" is the expected duration driving longest-first scheduling:
# take it from the Minutes column of a previous run's step summary, or
# omit it for a new config (defaults to 1) and refresh later. The list
# is kept sorted by minutes for readability, but the schedule sorts by
# the values, not list order.
- name: Build and make check all configs (parallel, out-of-tree)
run: |
cat > "$RUNNER_TEMP/trackmemory-configs.json" <<'EOF'
[
{"name": "all-noasm-wolfentropy", "minutes": 3,
"configure": ["--disable-asm", "--enable-wolfEntropy",
"--enable-smallstackcache", "--enable-smallstack", "--enable-all",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"]},
{"name": "all-trace-errcodes", "minutes": 2.5,
"configure": ["--enable-all", "--enable-debug-trace-errcodes",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"]},
{"name": "all-smallstack", "minutes": 2.5,
"configure": ["--enable-smallstack", "--enable-all",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"]},
{"name": "all-smallstack-cache-trace", "minutes": 2.5,
"configure": ["--enable-smallstackcache", "--enable-smallstack",
"--enable-all", "--enable-debug-trace-errcodes",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY"]},
{"name": "all-wolfentropy", "minutes": 2.5,
"comment": "smallstackcache coverage here is crucial for the Linux kernel module when targeting a kernel with the randomness patch (linuxkm/patches/) applied. Don't combine wolfEntropy with the full TLS cipher suite test - the implicit wc_InitRng()s in each suite have an enormous CPU footprint.",
"configure": ["--enable-wolfEntropy", "--enable-smallstackcache",
"--enable-smallstack", "--enable-all",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"]},
{"name": "all-intelrdseed", "minutes": 2.5,
"configure": ["--enable-intelrdseed", "--enable-smallstackcache",
"--enable-smallstack", "--enable-all",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"]},
{"name": "all-amdrand", "minutes": 2.5,
"configure": ["--enable-amdrand", "--enable-smallstackcache",
"--enable-smallstack", "--enable-all",
"CFLAGS=-DWC_RNG_SEED_CB -DWOLFSSL_TRACK_MEMORY -DWOLFSSL_DEBUG_MEMORY -DNO_WOLFSSL_CIPHER_SUITE_TEST"]}
]
EOF
.github/scripts/parallel-make-check.py \
${{ github.event_name == 'schedule' && '--build-only' || '' }} \
--private-dir=certs \
"$RUNNER_TEMP/trackmemory-configs.json"
- name: ccache stats
if: always()
run: ccache -s || true
- name: Upload logs on failure
if: failure()
uses: actions/upload-artifact@v6
with:
retention-days: 7
name: trackmemory-logs
path: |
build-*/make-check.log
build-*/test-suite.log
build-*/config.log
if-no-files-found: ignore