test

roshkhatri · Apr 12, 2024 · 3f7295e · 3f7295e
1 parent 78a9a24
commit 3f7295e
Show file tree

Hide file tree

Showing 12 changed files with 1,369 additions and 130 deletions.
diff --git a/.github/workflows/build-release-packages.yml b/.github/workflows/build-release-packages.yml
@@ -26,7 +26,6 @@ jobs:
 
       # This step is to consolidate the three different triggers into a single "version"
       # 1. If manual dispatch - use the version provided.
-      # 2. If cron/regular build - use master.
       # 3. If tag trigger, use that tag.
       - name: Get the version
         id: get_version
@@ -40,7 +39,7 @@ jobs:
         shell: bash
         env:
           # Use the dispatch variable in preference, if empty use the context ref_name which should
-          # only ever be a tag or the master branch for cron builds.
+          # only ever be a tag
           INPUT_VERSION: ${{ inputs.version || github.ref_name }}
 
   generate-build-matrix:
@@ -89,17 +88,17 @@ jobs:
       access_key_id: ${{ secrets.AWS_S3_ACCESS_KEY_ID }}
       secret_access_key: ${{ secrets.AWS_S3_ACCESS_KEY }}
 
-  release-build-linux-macos-packages:
-    needs:
-      - release-build-get-meta
-      - generate-build-matrix
-    uses: ./.github/workflows/call-build-macos-packages.yml
-    with:
-      version: ${{ needs.release-build-get-meta.outputs.version }}
-      ref: ${{ inputs.version || github.ref_name }}
-      build_matrix: ${{ needs.generate-build-matrix.outputs.macos-build-matrix }}
-    secrets:
-      token: ${{ secrets.GITHUB_TOKEN }}
-      bucket: ${{ secrets.AWS_S3_BUCKET }}
-      access_key_id: ${{ secrets.AWS_S3_ACCESS_KEY_ID }}
-      secret_access_key: ${{ secrets.AWS_S3_ACCESS_KEY }}
+  # release-build-linux-macos-packages:
+  #   needs:
+  #     - release-build-get-meta
+  #     - generate-build-matrix
+  #   uses: ./.github/workflows/call-build-macos-packages.yml
+  #   with:
+  #     version: ${{ needs.release-build-get-meta.outputs.version }}
+  #     ref: ${{ inputs.version || github.ref_name }}
+  #     build_matrix: ${{ needs.generate-build-matrix.outputs.macos-build-matrix }}
+  #   secrets:
+  #     token: ${{ secrets.GITHUB_TOKEN }}
+  #     bucket: ${{ secrets.AWS_S3_BUCKET }}
+  #     access_key_id: ${{ secrets.AWS_S3_ACCESS_KEY_ID }}
+  #     secret_access_key: ${{ secrets.AWS_S3_ACCESS_KEY }}
diff --git a/.github/workflows/call-build-linux-arm-packages.yml b/.github/workflows/call-build-linux-arm-packages.yml
@@ -4,11 +4,11 @@ on:
   workflow_call:
     inputs:
       version:
-        description: The version of Fluent Bit to create.
+        description: The version of Valkey to create.
         type: string
         required: true
       ref:
-        description: The commit, tag or branch of Fluent Bit to checkout for building that creates the version above.
+        description: The commit, tag or branch of Valkey to checkout for building that creates the version above.
         type: string
         required: true
       build_matrix:
@@ -20,7 +20,7 @@ on:
         description: The Github token or similar to authenticate with.
         required: true
       bucket:
-        description: The name of the S3 (US-East) bucket to push packages into.
+        description: The name of the S3 bucket to push packages into.
         required: false
       access_key_id:
         description: The S3 access key id for the bucket.
@@ -51,12 +51,11 @@ jobs:
           arch: aarch64
           distro: ${{matrix.distro.target}}
           install: apt-get update && apt-get install -y build-essential libssl-dev
-          run: |
-            make -C src all BUILD_TLS=yes MALLOC=libc
+          run: make -C src all BUILD_TLS=yes MALLOC=libc
 
       - name: Create Tarball and SHA256sums
         run: |
-          TAR_FILE_NAME=valkey-server-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
+          TAR_FILE_NAME=valkey-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
           mkdir -p $TAR_FILE_NAME/bin $TAR_FILE_NAME/share
           cp -rfv src/valkey-* $TAR_FILE_NAME/bin
           cp -v /home/runner/work/valkey/valkey/COPYING $TAR_FILE_NAME/share/LICENSE
@@ -75,9 +74,5 @@ jobs:
           aws configure set aws_access_key_id ${{ secrets.access_key_id }}
           aws configure set aws_secret_access_key ${{ secrets.secret_access_key }}
 
-      - name: List files in S3 bucket
-        run: aws s3 ls "s3://valkey-test/latest/"
-
       - name: Sync to S3
-        run: aws s3 sync "packages-files/" "s3://valkey-test/latest/"
-
+        run: aws s3 sync packages-files s3://${{secrets.bucket}}/releases/
diff --git a/.github/workflows/call-build-linux-x86-packages.yml b/.github/workflows/call-build-linux-x86-packages.yml
@@ -4,11 +4,11 @@ on:
   workflow_call:
     inputs:
       version:
-        description: The version of Fluent Bit to create.
+        description: The version of Valkey to create.
         type: string
         required: true
       ref:
-        description: The commit, tag or branch of Fluent Bit to checkout for building that creates the version above.
+        description: The commit, tag or branch of Valkey to checkout for building that creates the version above.
         type: string
         required: true
       build_matrix:
@@ -56,7 +56,7 @@ jobs:
 
       - name: Create Tarball and SHA256sums
         run: |
-          TAR_FILE_NAME=valkey-server-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
+          TAR_FILE_NAME=valkey-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
           mkdir -p $TAR_FILE_NAME/bin $TAR_FILE_NAME/share
           cp -rfv src/valkey-* $TAR_FILE_NAME/bin
           cp -v /home/runner/work/valkey/valkey/COPYING $TAR_FILE_NAME/share/LICENSE
@@ -75,8 +75,5 @@ jobs:
           aws configure set aws_access_key_id ${{ secrets.access_key_id }}
           aws configure set aws_secret_access_key ${{ secrets.secret_access_key }}
 
-      - name: List files in S3 bucket
-        run: aws s3 ls "s3://valkey-test/latest/"
-
       - name: Sync to S3
-        run: aws s3 sync "packages-files/" "s3://valkey-test/latest/"
+        run: aws s3 sync packages-files s3://${{secrets.bucket}}/releases/
diff --git a/.github/workflows/call-build-macos-packages.yml b/.github/workflows/call-build-macos-packages.yml
@@ -4,11 +4,11 @@ on:
   workflow_call:
     inputs:
       version:
-        description: The version of Fluent Bit to create.
+        description: The version of Valkey to create.
         type: string
         required: true
       ref:
-        description: The commit, tag or branch of Fluent Bit to checkout for building that creates the version above.
+        description: The commit, tag or branch of Valkey to checkout for building that creates the version above.
         type: string
         required: true
       build_matrix:
@@ -31,7 +31,6 @@ on:
 
 jobs:
   build-valkey:
-    # Capture source tarball and generate checksum for it
     name: Build  package ${{ matrix.distro.target }} ${{ matrix.distro.arch }}
     runs-on: 'macos-latest'
     permissions:
@@ -53,7 +52,7 @@ jobs:
 
       - name: Create Tarball and SHA256sums
         run: |
-          TAR_FILE_NAME=valkey-server-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
+          TAR_FILE_NAME=valkey-${{inputs.version}}-${{matrix.distro.platform}}-${{ matrix.distro.arch}}
           mkdir -p $TAR_FILE_NAME/bin $TAR_FILE_NAME/share
           cp -rfv src/valkey-* $TAR_FILE_NAME/bin
           cp -v COPYING $TAR_FILE_NAME/share/LICENSE
@@ -68,8 +67,5 @@ jobs:
           aws configure set aws_access_key_id ${{ secrets.access_key_id }}
           aws configure set aws_secret_access_key ${{ secrets.secret_access_key }}
 
-      - name: List files in S3 bucket
-        run: aws s3 ls "s3://valkey-test/latest/"
-
       - name: Sync to S3
-        run: aws s3 sync "packages-files/" "s3://valkey-test/latest/"
+        run: aws s3 sync packages-files s3://${{secrets.bucket}}/releases/
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,90 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+
+  test-ubuntu-latest:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: make
+      # Fail build if there are warnings
+      # build with TLS just for compilation coverage
+      run: make SERVER_CFLAGS='-Werror' BUILD_TLS=yes
+    - name: test
+      run: |
+        sudo apt-get install tcl8.6 tclx
+        ./runtest --verbose --tags -slow --dump-logs
+    - name: module api test
+      run: CFLAGS='-Werror' ./runtest-moduleapi --verbose --dump-logs
+    - name: validate commands.def up to date
+      run: |
+        touch src/commands/ping.json
+        make commands.def
+        dirty=$(git diff)
+        if [[ ! -z  $dirty ]]; then echo $dirty; exit 1; fi
+
+  test-sanitizer-address:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: make
+        # build with TLS module just for compilation coverage
+        run: make SANITIZER=address SERVER_CFLAGS='-Werror -DDEBUG_ASSERTIONS' BUILD_TLS=module
+      - name: testprep
+        # Work around ASAN issue, see https://github.com/google/sanitizers/issues/1716
+        run: |
+          sudo apt-get install tcl8.6 tclx -y
+          sudo sysctl vm.mmap_rnd_bits=28
+      - name: test
+        run: ./runtest --verbose --tags -slow --dump-logs
+      - name: module api test
+        run: CFLAGS='-Werror' ./runtest-moduleapi --verbose --dump-logs
+
+  build-debian-old:
+    runs-on: ubuntu-latest
+    container: debian:buster
+    steps:
+    - uses: actions/checkout@v4
+    - name: make
+      run: |
+        apt-get update && apt-get install -y build-essential
+        make SERVER_CFLAGS='-Werror'
+
+  build-macos-latest:
+    runs-on: macos-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: make
+      run: make SERVER_CFLAGS='-Werror'
+
+  build-32bit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: make
+      run: |
+        sudo apt-get update && sudo apt-get install libc6-dev-i386
+        make SERVER_CFLAGS='-Werror' 32bit
+
+  build-libc-malloc:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: make
+      run: make SERVER_CFLAGS='-Werror' MALLOC=libc
+
+  build-centos7-jemalloc:
+    runs-on: ubuntu-latest
+    container: centos:7
+    steps:
+    # on centos7, actions/checkout@v4 does not work, so we use v3
+    # ref. https://github.com/actions/checkout/issues/1487
+    - uses: actions/checkout@v3
+
+    - name: make
+      run: |
+        yum -y install gcc make
+        make SERVER_CFLAGS='-Werror'
+
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,33 @@
+name: "CodeQL"
+
+on:
+  pull_request:
+  schedule:
+    # run weekly new vulnerability was added to the database
+    - cron: '0 0 * * 0'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    if: github.event_name != 'schedule' || github.repository == 'valkey-io/valkey'
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'cpp' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
@@ -0,0 +1,31 @@
+# Creates and uploads a Coverity build on a schedule
+name: Coverity Scan
+on:
+  schedule:
+  # Run once daily, since below 500k LOC can have 21 builds per week, per https://scan.coverity.com/faq#frequency
+  - cron: '0 0 * * *'
+  # Support manual execution
+  workflow_dispatch:
+jobs:
+  coverity:
+    if: github.repository == 'valkey-io/valkey'
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@main
+    - name: Download and extract the Coverity Build Tool
+      run: |
+          wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=${{ secrets.COVERITY_SCAN_TOKEN }}&project=valkey-io%2Fvalkey" -O cov-analysis-linux64.tar.gz
+          mkdir cov-analysis-linux64
+          tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64
+    - name: Install Valkey dependencies
+      run: sudo apt install -y gcc procps libssl-dev
+    - name: Build with cov-build
+      run: cov-analysis-linux64/bin/cov-build --dir cov-int make
+    - name: Upload the result
+      run: |
+          tar czvf cov-int.tgz cov-int
+          curl \
+            --form email=${{ secrets.COVERITY_SCAN_EMAIL }} \
+            --form token=${{ secrets.COVERITY_SCAN_TOKEN }} \
+            --form [email protected] \
+            https://scan.coverity.com/builds?project=valkey-io%2Fvalkey