Skip to content

ci: update workflow config #138

ci: update workflow config

ci: update workflow config #138

Workflow file for this run

# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) and contributors
# SPDX-FileContributor: Sebastian Thomschke, Vegard IT GmbH
# SPDX-License-Identifier: Apache-2.0
#
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: Build
on:
schedule:
- cron: '0 15 1 * *'
push:
branches-ignore: # build all branches except:
- 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR)
tags-ignore: # don't build tags
- '**'
paths-ignore:
- '**/*.adoc'
- '**/*.md'
- '.editorconfig'
- '.git*'
- '.github/*.yml'
- '.github/workflows/stale.yml'
- 'tools'
pull_request:
paths-ignore:
- '**/*.adoc'
- '**/*.md'
- '.editorconfig'
- '.git*'
- '.github/*.yml'
- '.github/workflows/stale.yml'
- 'tools'
workflow_dispatch:
# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/
inputs:
debug-with-ssh:
description: "Start an SSH session for debugging purposes at the end of the build:"
default: never
type: choice
options: [ always, on_failure, on_failure_or_cancelled, never ]
debug-with-ssh-only-for-actor:
description: "Limit access to the SSH session to the GitHub user that triggered the job."
default: true
type: boolean
debug-with-ssh-only-jobs-matching:
description: "Only start an SSH session for jobs matching this regex pattern:"
default: ".*"
type: string
test-target:
description: "If specified only the given target will be tested"
default: ""
type: choice
options: [ "", cpp, cs, eval, flash, hl, java, jvm, lua, neko, node, php, python ]
defaults:
run:
shell: bash
env:
# these env variables are also used by TestRunner.hx
TEST_SSH_HOST: 127.0.0.1
TEST_SSH_PORT: 2222
TEST_SSH_USER: testuser
TEST_SSH_PW: MySuperPW123
TEST_SSH_PEMKEY_FILE: test/id_key.txt
TEST_SSH_PPKKEY_FILE: test/id_key.ppk
TEST_SSH_PUBKEY_FILE: test/id_pub.txt
JAVA_VERSION: 21
jobs:
build:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: # https://github.com/actions/runner-images#available-images
- ubuntu-latest
- macos-13 # Intel
- macos-latest # ARM
- windows-latest
haxe:
- nightly
- 4.3.6
- 4.2.5
exclude:
- os: macos-latest # ARM
haxe: 4.2.5
steps:
- name: Show environment variables
run: env | sort
- name: Git Checkout
uses: actions/checkout@v4 #https://github.com/actions/checkout
##################################################
# Install software
##################################################
- name: "Linux: Configure fast APT mirror"
if: runner.os == 'Linux'
uses: vegardit/fast-apt-mirror.sh@v1
- name: "Install: Putty plink"
run: |
set -eu
case "${{runner.os}}" in
macOS) brew install putty; plink -V ;;
Linux) sudo apt-get install -y putty-tools; plink -V ;;
Windows)
mkdir /tmp/kitty
curl -sSfL https://www.9bis.net/kitty/files/klink.exe -o /tmp/kitty/klink.exe
echo "$(cygpath -wa /tmp/kitty)" >> $GITHUB_PATH
/tmp/kitty/klink -V
;;
esac
- name: "Install: JDK ${{ env.JAVA_VERSION }} ☕"
uses: actions/setup-java@v4 # https://github.com/actions/setup-java
with:
distribution: temurin
java-version: ${{ env.JAVA_VERSION }}
- name: "Install: Maven"
uses: stCarolas/setup-maven@v5 # https://github.com/stCarolas/setup-maven
with:
maven-version: 3.9.9
##################################################
# Build and run local SSH server
##################################################
- name: "Start local test SSH server"
run: |
set -euox pipefail
chmod 400 test/id_*
# Create a folder for dependencies and download Apache Mina SSHD library
mkdir -p test/sshd/src/main/java
mkdir -p test/sshd/src/main/resources
pushd test/sshd
cat << 'EOF' >pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>sshd</artifactId>
<version>1.0-SNAPSHOT</version>
<properties>
<sshd.version>2.14.0</sshd.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>21</maven.compiler.source>
<maven.compiler.target>21</maven.compiler.target>
</properties>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
<version>${sshd.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.sshd</groupId>
<artifactId>sshd-core</artifactId>
<version>${sshd.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-simple</artifactId>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk18on</artifactId>
</dependency>
</dependencies>
</project>
EOF
# Write the Java SSH server code
cat << 'EOF' >src/main/java/TestSshServer.java
import org.apache.sshd.common.config.keys.KeyUtils;
public class TestSshServer {
public static void main(String[] args) throws Exception {
java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
var sshd = org.apache.sshd.server.SshServer.setUpDefaultServer();
sshd.setCommandFactory((channel, command) -> {
if ("whoami".equals(command))
return new org.apache.sshd.server.command.AbstractCommandSupport(command, null) {
@Override
public void run() {
try {
getOutputStream().write("${{ env.TEST_SSH_USER}}\n".getBytes());
getOutputStream().close();
} catch (final java.io.IOException e) {
// ignored
}
if (getExitCallback() != null) {
getExitCallback().onExit(0);
}
}
};
return new org.apache.sshd.server.shell.UnknownCommand(command);
});
sshd.setHost("${{ env.TEST_SSH_HOST}}");
sshd.setPort(${{ env.TEST_SSH_PORT }});
sshd.setKeyPairProvider(new org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider());
sshd.setPasswordAuthenticator((usr, pw, sess)
-> "${{ env.TEST_SSH_USER}}".equals(usr) && "${{ env.TEST_SSH_PW}}".equals(pw));
final var authorizedKey = KeyUtils.loadPublicKey(java.nio.file.Paths.get("../../${{ env.TEST_SSH_PUBKEY_FILE}}"));
sshd.setPublickeyAuthenticator((usr, key, sess)
-> "${{ env.TEST_SSH_USER}}".equals(usr) && KeyUtils.compareKeys(key, authorizedKey));
sshd.start();
System.out.println("SSH server is running on port ${{ env.TEST_SSH_PORT }}...");
Thread.sleep(Long.MAX_VALUE); // Keep the server running
}
}
EOF
mvn -B -ntp compile
nohup mvn -B -ntp org.codehaus.mojo:exec-maven-plugin:3.5.0:java -Dexec.mainClass=TestSshServer >/tmp/sshd.log 2>&1 &
popd
case "${{ runner.os }}" in
Windows)
# TODO for some reason on GitHub Actions under Windows accepting new host keys doesn't work
# when plink/klink is executed via the PuttySSHClient class, so for now we accept
# the key before the Windows tests run
success=0
for i in {1..5}; do
sleep 1
if klink -auto-store-sshkey -ssh -batch -v \
-P "$TEST_SSH_PORT" \
-pw "$TEST_SSH_PW" \
"$TEST_SSH_USER@$TEST_SSH_HOST" \
"whoami"; then
success=1
break
fi
done
if [ $success -eq 0 ]; then
echo "Cannot contact SSH server." >&2
exit 1
fi
;;
esac
##################################################
# Run Haxe Tests
##################################################
- name: Test with Haxe
uses: vegardit/haxe-reusable-workflows/.github/actions/test-with-haxe@dev
with:
haxe-reusable-workflows-version: dev
haxe-version: ${{ matrix.haxe }}
haxe-libs: haxe-concurrent haxe-doctest haxe-files haxe-strings hx3compat
# Haxe targets to test with, by default all are set to false:
test-cpp: true
test-cs: ${{ (inputs.test-target == '' || inputs.test-target == 'cs') && matrix.haxe != 'nightly'}} # Haxe 5 drops C# Support
test-hl: true
test-java: ${{ (inputs.test-target == '' || inputs.test-target == 'java') && matrix.haxe != 'nightly' }} # Haxe 5 drops Java Support
test-jvm: true
test-neko: true
test-python: true
allow-failure: ${{ matrix.haxe == 'nightly' }}
# provide SSH access to the GitHub runner for manual debugging purposes
debug-with-ssh: ${{ inputs.debug-with-ssh || 'never' }}
debug-with-ssh-only-for-actor: ${{ inputs.debug-with-ssh-only-for-actor || false }}
debug-with-ssh-only-jobs-matching: ${{ inputs.debug-with-ssh-only-jobs-matching }}
##################################################
# Dipslay logs
##################################################
- name: Display SSHD logs
if: always()
run: cat /tmp/sshd.log || true