ci: update workflow config #138
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) and contributors | |
# SPDX-FileContributor: Sebastian Thomschke, Vegard IT GmbH | |
# SPDX-License-Identifier: Apache-2.0 | |
# | |
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
name: Build | |
on: | |
schedule: | |
- cron: '0 15 1 * *' | |
push: | |
branches-ignore: # build all branches except: | |
- 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR) | |
tags-ignore: # don't build tags | |
- '**' | |
paths-ignore: | |
- '**/*.adoc' | |
- '**/*.md' | |
- '.editorconfig' | |
- '.git*' | |
- '.github/*.yml' | |
- '.github/workflows/stale.yml' | |
- 'tools' | |
pull_request: | |
paths-ignore: | |
- '**/*.adoc' | |
- '**/*.md' | |
- '.editorconfig' | |
- '.git*' | |
- '.github/*.yml' | |
- '.github/workflows/stale.yml' | |
- 'tools' | |
workflow_dispatch: | |
# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ | |
inputs: | |
debug-with-ssh: | |
description: "Start an SSH session for debugging purposes at the end of the build:" | |
default: never | |
type: choice | |
options: [ always, on_failure, on_failure_or_cancelled, never ] | |
debug-with-ssh-only-for-actor: | |
description: "Limit access to the SSH session to the GitHub user that triggered the job." | |
default: true | |
type: boolean | |
debug-with-ssh-only-jobs-matching: | |
description: "Only start an SSH session for jobs matching this regex pattern:" | |
default: ".*" | |
type: string | |
test-target: | |
description: "If specified only the given target will be tested" | |
default: "" | |
type: choice | |
options: [ "", cpp, cs, eval, flash, hl, java, jvm, lua, neko, node, php, python ] | |
defaults: | |
run: | |
shell: bash | |
env: | |
# these env variables are also used by TestRunner.hx | |
TEST_SSH_HOST: 127.0.0.1 | |
TEST_SSH_PORT: 2222 | |
TEST_SSH_USER: testuser | |
TEST_SSH_PW: MySuperPW123 | |
TEST_SSH_PEMKEY_FILE: test/id_key.txt | |
TEST_SSH_PPKKEY_FILE: test/id_key.ppk | |
TEST_SSH_PUBKEY_FILE: test/id_pub.txt | |
JAVA_VERSION: 21 | |
jobs: | |
build: | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: # https://github.com/actions/runner-images#available-images | |
- ubuntu-latest | |
- macos-13 # Intel | |
- macos-latest # ARM | |
- windows-latest | |
haxe: | |
- nightly | |
- 4.3.6 | |
- 4.2.5 | |
exclude: | |
- os: macos-latest # ARM | |
haxe: 4.2.5 | |
steps: | |
- name: Show environment variables | |
run: env | sort | |
- name: Git Checkout | |
uses: actions/checkout@v4 #https://github.com/actions/checkout | |
################################################## | |
# Install software | |
################################################## | |
- name: "Linux: Configure fast APT mirror" | |
if: runner.os == 'Linux' | |
uses: vegardit/fast-apt-mirror.sh@v1 | |
- name: "Install: Putty plink" | |
run: | | |
set -eu | |
case "${{runner.os}}" in | |
macOS) brew install putty; plink -V ;; | |
Linux) sudo apt-get install -y putty-tools; plink -V ;; | |
Windows) | |
mkdir /tmp/kitty | |
curl -sSfL https://www.9bis.net/kitty/files/klink.exe -o /tmp/kitty/klink.exe | |
echo "$(cygpath -wa /tmp/kitty)" >> $GITHUB_PATH | |
/tmp/kitty/klink -V | |
;; | |
esac | |
- name: "Install: JDK ${{ env.JAVA_VERSION }} ☕" | |
uses: actions/setup-java@v4 # https://github.com/actions/setup-java | |
with: | |
distribution: temurin | |
java-version: ${{ env.JAVA_VERSION }} | |
- name: "Install: Maven" | |
uses: stCarolas/setup-maven@v5 # https://github.com/stCarolas/setup-maven | |
with: | |
maven-version: 3.9.9 | |
################################################## | |
# Build and run local SSH server | |
################################################## | |
- name: "Start local test SSH server" | |
run: | | |
set -euox pipefail | |
chmod 400 test/id_* | |
# Create a folder for dependencies and download Apache Mina SSHD library | |
mkdir -p test/sshd/src/main/java | |
mkdir -p test/sshd/src/main/resources | |
pushd test/sshd | |
cat << 'EOF' >pom.xml | |
<project xmlns="http://maven.apache.org/POM/4.0.0"> | |
<modelVersion>4.0.0</modelVersion> | |
<groupId>test</groupId> | |
<artifactId>sshd</artifactId> | |
<version>1.0-SNAPSHOT</version> | |
<properties> | |
<sshd.version>2.14.0</sshd.version> | |
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | |
<maven.compiler.source>21</maven.compiler.source> | |
<maven.compiler.target>21</maven.compiler.target> | |
</properties> | |
<dependencyManagement> | |
<dependencies> | |
<dependency> | |
<groupId>org.apache.sshd</groupId> | |
<artifactId>sshd-core</artifactId> | |
<version>${sshd.version}</version> | |
<type>pom</type> | |
<scope>import</scope> | |
</dependency> | |
</dependencies> | |
</dependencyManagement> | |
<dependencies> | |
<dependency> | |
<groupId>org.apache.sshd</groupId> | |
<artifactId>sshd-core</artifactId> | |
<version>${sshd.version}</version> | |
</dependency> | |
<dependency> | |
<groupId>org.slf4j</groupId> | |
<artifactId>slf4j-simple</artifactId> | |
</dependency> | |
<dependency> | |
<groupId>org.bouncycastle</groupId> | |
<artifactId>bcpkix-jdk18on</artifactId> | |
</dependency> | |
</dependencies> | |
</project> | |
EOF | |
# Write the Java SSH server code | |
cat << 'EOF' >src/main/java/TestSshServer.java | |
import org.apache.sshd.common.config.keys.KeyUtils; | |
public class TestSshServer { | |
public static void main(String[] args) throws Exception { | |
java.security.Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); | |
var sshd = org.apache.sshd.server.SshServer.setUpDefaultServer(); | |
sshd.setCommandFactory((channel, command) -> { | |
if ("whoami".equals(command)) | |
return new org.apache.sshd.server.command.AbstractCommandSupport(command, null) { | |
@Override | |
public void run() { | |
try { | |
getOutputStream().write("${{ env.TEST_SSH_USER}}\n".getBytes()); | |
getOutputStream().close(); | |
} catch (final java.io.IOException e) { | |
// ignored | |
} | |
if (getExitCallback() != null) { | |
getExitCallback().onExit(0); | |
} | |
} | |
}; | |
return new org.apache.sshd.server.shell.UnknownCommand(command); | |
}); | |
sshd.setHost("${{ env.TEST_SSH_HOST}}"); | |
sshd.setPort(${{ env.TEST_SSH_PORT }}); | |
sshd.setKeyPairProvider(new org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider()); | |
sshd.setPasswordAuthenticator((usr, pw, sess) | |
-> "${{ env.TEST_SSH_USER}}".equals(usr) && "${{ env.TEST_SSH_PW}}".equals(pw)); | |
final var authorizedKey = KeyUtils.loadPublicKey(java.nio.file.Paths.get("../../${{ env.TEST_SSH_PUBKEY_FILE}}")); | |
sshd.setPublickeyAuthenticator((usr, key, sess) | |
-> "${{ env.TEST_SSH_USER}}".equals(usr) && KeyUtils.compareKeys(key, authorizedKey)); | |
sshd.start(); | |
System.out.println("SSH server is running on port ${{ env.TEST_SSH_PORT }}..."); | |
Thread.sleep(Long.MAX_VALUE); // Keep the server running | |
} | |
} | |
EOF | |
mvn -B -ntp compile | |
nohup mvn -B -ntp org.codehaus.mojo:exec-maven-plugin:3.5.0:java -Dexec.mainClass=TestSshServer >/tmp/sshd.log 2>&1 & | |
popd | |
case "${{ runner.os }}" in | |
Windows) | |
# TODO for some reason on GitHub Actions under Windows accepting new host keys doesn't work | |
# when plink/klink is executed via the PuttySSHClient class, so for now we accept | |
# the key before the Windows tests run | |
success=0 | |
for i in {1..5}; do | |
sleep 1 | |
if klink -auto-store-sshkey -ssh -batch -v \ | |
-P "$TEST_SSH_PORT" \ | |
-pw "$TEST_SSH_PW" \ | |
"$TEST_SSH_USER@$TEST_SSH_HOST" \ | |
"whoami"; then | |
success=1 | |
break | |
fi | |
done | |
if [ $success -eq 0 ]; then | |
echo "Cannot contact SSH server." >&2 | |
exit 1 | |
fi | |
;; | |
esac | |
################################################## | |
# Run Haxe Tests | |
################################################## | |
- name: Test with Haxe | |
uses: vegardit/haxe-reusable-workflows/.github/actions/test-with-haxe@dev | |
with: | |
haxe-reusable-workflows-version: dev | |
haxe-version: ${{ matrix.haxe }} | |
haxe-libs: haxe-concurrent haxe-doctest haxe-files haxe-strings hx3compat | |
# Haxe targets to test with, by default all are set to false: | |
test-cpp: true | |
test-cs: ${{ (inputs.test-target == '' || inputs.test-target == 'cs') && matrix.haxe != 'nightly'}} # Haxe 5 drops C# Support | |
test-hl: true | |
test-java: ${{ (inputs.test-target == '' || inputs.test-target == 'java') && matrix.haxe != 'nightly' }} # Haxe 5 drops Java Support | |
test-jvm: true | |
test-neko: true | |
test-python: true | |
allow-failure: ${{ matrix.haxe == 'nightly' }} | |
# provide SSH access to the GitHub runner for manual debugging purposes | |
debug-with-ssh: ${{ inputs.debug-with-ssh || 'never' }} | |
debug-with-ssh-only-for-actor: ${{ inputs.debug-with-ssh-only-for-actor || false }} | |
debug-with-ssh-only-jobs-matching: ${{ inputs.debug-with-ssh-only-jobs-matching }} | |
################################################## | |
# Dipslay logs | |
################################################## | |
- name: Display SSHD logs | |
if: always() | |
run: cat /tmp/sshd.log || true |