Bump step-security/harden-runner from 2.5.1 to 2.6.0 #812
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: BVT | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
- release/* | |
pull_request: | |
branches: | |
- main | |
- release/* | |
concurrency: | |
# Cancel any workflow currently in progress for the same PR. | |
# Allow running concurrently with any other commits. | |
group: bvt-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
permissions: read-all | |
jobs: | |
build-windows-kernel: | |
name: Build WinKernel | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Debug", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Release", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" } | |
] | |
uses: ./.github/workflows/build-reuse-winkernel.yml | |
with: | |
config: ${{ matrix.vec.config }} | |
plat: ${{ matrix.vec.plat }} | |
os: ${{ matrix.vec.os }} | |
arch: ${{ matrix.vec.arch }} | |
tls: ${{ matrix.vec.tls }} | |
test: ${{ matrix.vec.test }} | |
build-windows: | |
name: Build WinUser | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl3", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", test: "-Test" }, | |
{ config: "Release", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" } | |
] | |
uses: ./.github/workflows/build-reuse-win.yml | |
with: | |
config: ${{ matrix.vec.config }} | |
plat: ${{ matrix.vec.plat }} | |
os: ${{ matrix.vec.os }} | |
arch: ${{ matrix.vec.arch }} | |
tls: ${{ matrix.vec.tls }} | |
sanitize: ${{ matrix.vec.sanitize }} | |
test: ${{ matrix.vec.test }} | |
build-unix: | |
name: Build Unix | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", test: "-Test" }, | |
] | |
uses: ./.github/workflows/build-reuse-unix.yml | |
with: | |
config: ${{ matrix.vec.config }} | |
plat: ${{ matrix.vec.plat }} | |
os: ${{ matrix.vec.os }} | |
arch: ${{ matrix.vec.arch }} | |
tls: ${{ matrix.vec.tls }} | |
systemcrypto: ${{ matrix.vec.systemcrypto }} | |
sanitize: ${{ matrix.vec.sanitize }} | |
test: ${{ matrix.vec.test }} | |
bvt: | |
name: BVT | |
needs: [build-windows, build-unix] | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl3", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", xdp: "-UseXdp", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", xdp: "-UseXdp", useqtip: "-UseQtip", sanitize: "-Sanitize", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", xdp: "-UseXdp", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", xdp: "-UseXdp", useqtip: "-UseQtip", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", xdp: "-UseXdp", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", xdp: "-UseXdp", useqtip: "-UseQtip", test: "-Test" }, | |
{ config: "Debug", plat: "windows", os: "WSPrerelease", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Release", plat: "windows", os: "WSPrerelease", arch: "x64", tls: "schannel", test: "-Test" }, | |
] | |
runs-on: ${{ matrix.vec.plat == 'windows' && matrix.vec.os == 'WSPrerelease' && fromJson('[''self-hosted'', ''1ES.Pool=1es-msquic-pool'', ''1ES.ImageOverride=WSPrerelease'']') || matrix.vec.os }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
- name: Download Build Artifacts | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | |
if: matrix.vec.plat == 'windows' | |
with: # note that BVT for WSPrerelease uses binaries built on windows-2022. | |
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os == 'WSPrerelease' && 'windows-2022' || matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.sanitize }}${{ matrix.vec.test }} | |
path: artifacts | |
- name: Download Build Artifacts | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | |
if: matrix.vec.plat == 'linux' | |
with: | |
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.systemcrypto }}${{ matrix.vec.sanitize }}${{ matrix.vec.test }} | |
path: artifacts | |
- name: Fix permissions for Unix | |
if: matrix.vec.plat == 'linux' || matrix.vec.plat == 'macos' | |
run: | | |
sudo chmod -R 777 artifacts | |
- name: Prepare Machine | |
run: scripts/prepare-machine.ps1 -Tls ${{ matrix.vec.tls }} -ForTest ${{ matrix.vec.xdp }} | |
shell: pwsh | |
- name: Install ETW Manifest | |
if: matrix.vec.plat == 'windows' | |
shell: pwsh | |
run: | | |
$MsQuicDll = ".\artifacts\bin\windows\${{ matrix.vec.arch }}_${{ matrix.vec.config }}_${{ matrix.vec.tls }}\msquic.dll" | |
$ManifestPath = ".\src\manifest\MsQuicEtw.man" | |
wevtutil.exe um $ManifestPath | |
wevtutil.exe im $ManifestPath /rf:$($MsQuicDll) /mf:$($MsQuicDll) | |
- name: Test | |
if: matrix.vec.os == 'WSPrerelease' | |
shell: pwsh | |
timeout-minutes: 120 | |
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -GHA -LogProfile Full.Light -GenerateXmlResults ${{ matrix.vec.xdp }} ${{ matrix.vec.qtip }} | |
- name: Test | |
if: matrix.vec.os != 'WSPrerelease' | |
shell: pwsh | |
timeout-minutes: 120 | |
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -OsRunner ${{ matrix.vec.os }} -GHA -LogProfile Full.Light -GenerateXmlResults ${{ matrix.vec.xdp }} ${{ matrix.vec.qtip }} | |
- name: Upload on Failure | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 | |
if: failure() | |
with: | |
name: BVT-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}${{ matrix.vec.qtip }}${{ matrix.vec.systemcrypto }}${{ matrix.vec.sanitize }} | |
path: artifacts | |
bvt-kernel: | |
name: BVT Kernel | |
needs: [build-windows, build-windows-kernel] | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Debug", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Release", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Debug", plat: "winkernel", os: "WSPrerelease", arch: "x64", tls: "schannel", test: "-Test" }, | |
{ config: "Release", plat: "winkernel", os: "WSPrerelease", arch: "x64", tls: "schannel", test: "-Test" }, | |
] | |
runs-on: ${{ matrix.vec.plat == 'winkernel' && matrix.vec.os == 'WSPrerelease' && fromJson('[''self-hosted'', ''1ES.Pool=1es-msquic-pool'', ''1ES.ImageOverride=WSPrerelease'']') || matrix.vec.os }} | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
- name: Download Build Artifacts | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | |
with: # note that BVT for WSPrerelease uses binaries built on windows-2022. | |
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os == 'WSPrerelease' && 'windows-2022' || matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.test }} | |
path: artifacts | |
- name: Download Build Artifacts for Testing From WinUser | |
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | |
with: # note that BVT for WSPrerelease uses binaries built on windows-2022. | |
name: ${{ matrix.vec.config }}-windows-${{ matrix.vec.os == 'WSPrerelease' && 'windows-2022' || matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.test }} | |
path: artifacts | |
- name: Prepare Machine | |
shell: pwsh | |
run: scripts/prepare-machine.ps1 -ForTest -ForKernel | |
- name: Install ETW Manifest | |
shell: pwsh | |
run: | | |
$MsQuicDll = ".\artifacts\bin\windows\${{ matrix.vec.arch }}_${{ matrix.vec.config }}_${{ matrix.vec.tls }}\msquic.dll" | |
$ManifestPath = ".\src\manifest\MsQuicEtw.man" | |
wevtutil.exe um $ManifestPath | |
wevtutil.exe im $ManifestPath /rf:$($MsQuicDll) /mf:$($MsQuicDll) | |
- name: Test | |
shell: pwsh | |
timeout-minutes: 90 | |
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -GHA -LogProfile Full.Light -GenerateXmlResults -Kernel -Filter -*ValidateConfiguration:*ValidAlpnLengths:*ResumeRejection*:*ClientCertificate*:*LoadBalanced* | |
- name: Upload on Failure | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 | |
if: failure() | |
with: | |
name: BVT-Kernel-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }} | |
path: artifacts | |
interop-winlatest: | |
name: Interop WinPrerelease | |
needs: [build-windows] | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ config: "Release", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", test: "-Test" }, | |
] | |
runs-on: | |
- self-hosted | |
- "1ES.Pool=1es-msquic-pool" | |
- "1ES.ImageOverride=WSPrerelease" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 | |
with: | |
fetch-depth: 0 | |
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a | |
with: | |
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.sanitize }}${{ matrix.vec.test }} | |
path: artifacts | |
- name: Prepare Machine | |
run: scripts/prepare-machine.ps1 -ForTest ${{ matrix.vec.xdp }} | |
shell: pwsh | |
- name: Interop | |
shell: pwsh | |
run: scripts/interop.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -GHA -GenerateXmlResults | |
- name: Upload results | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 | |
with: | |
name: InteropWinlatest-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.xdp }} | |
path: artifacts |