aboutsummaryrefslogtreecommitdiff
path: root/.travis.yml
blob: 456b5abc56a9e4db8b7ef7bd026918d9f28a221e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
language: c

cache:
  ccache: true

compiler:
  - gcc
  - clang

os:
  - linux
  - osx

## The build matrix in the following stanza expands into builds for each
## OS and compiler.
env:
  global:
    ## The Travis CI environment allows us two cores, so let's use both.
    - MAKEFLAGS="-j 2"
    ## We turn on hardening by default
    ## Also known as --enable-fragile-hardening in 0.3.0.3-alpha and later
    - HARDENING_OPTIONS="--enable-expensive-hardening"
    ## We turn off asciidoc by default, because it's slow
    - ASCIIDOC_OPTIONS="--disable-asciidoc"
  matrix:
    ## We want to use each build option at least once
    ##
    ## We don't list default variable values, because we set the defaults
    ## in global (or the default is unset)
    -

matrix:
  ## include creates builds with gcc, linux, sudo: false
  include:
    ## We include a single coverage build with the best options for coverage
    - env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS=""
    ## We only want to check these build option combinations once
    ## (they shouldn't vary by compiler or OS)
    ## We run coverage with hardening off, which seems like enough
    # - env: HARDENING_OPTIONS=""
    ## We check asciidoc with distcheck, to make sure we remove doc products
    - env: DISTCHECK="yes" ASCIIDOC_OPTIONS=""

  ## Uncomment to allow the build to report success (with non-required
  ## sub-builds continuing to run) if all required sub-builds have
  ## succeeded.  This is somewhat buggy currently: it can cause
  ## duplicate notifications and prematurely report success if a
  ## single sub-build has succeeded.  See
  ## https://github.com/travis-ci/travis-ci/issues/1696
  # fast_finish: true

  ## Careful! We use global envs, which makes it hard to exclude or
  ## allow failures by env:
  ## https://docs.travis-ci.com/user/customizing-the-build#matching-jobs-with-allow_failures
  exclude:
    ## Clang doesn't work in containerized builds, see below.
    - compiler: clang
      sudo: false
    ## Non-containerized gcc are slow and redundant.
    - compiler: gcc
      sudo: required
    ## gcc on OSX is less useful, because the default compiler is clang.
    - compiler: gcc
      os: osx
    ## gcc on Linux with no env is redundant, because all the custom builds use
    ## gcc on Linux
    - compiler: gcc
      os: linux
      env:

## We don't need sudo. (The "apt:" stanza after this allows us to not need
## sudo; otherwise, we would need it for getting dependencies.)
##
## But we use "sudo: required" to force non-containerized builds, working
## around a Travis CI environment issue: clang LeakAnalyzer fails
## because it requires ptrace and the containerized environment no
## longer allows ptrace.
## https://github.com/travis-ci/travis-ci/issues/9033
##
## In the matrix above, we exclude redundant combinations.
sudo:
  - false
  - required

## (Linux only) Use the latest Linux image (Ubuntu Trusty)
dist: trusty

## Download our dependencies
addons:
  ## (Linux only)
  apt:
    packages:
      ## Required dependencies
      - libevent-dev
      ## Ubuntu comes with OpenSSL by default
      #- libssl-dev
      - zlib1g-dev
      ## Optional dependencies
      - libcap-dev
      - libscrypt-dev
      - libseccomp-dev
      ## Conditional build dependencies
      ## Always installed, so we don't need sudo
      - asciidoc
      - docbook-xsl
      - docbook-xml
      - xmlto
  ## (OSX only)
  homebrew:
    packages:
      ## Required dependencies
      - libevent
      ## The OSX version of OpenSSL is way too old
      - openssl
      ## OSX comes with zlib by default
      ## to use a newer zlib, pass the keg path to configure (like OpenSSL)
      #- zlib
      ## Optional dependencies
      - libscrypt
      ## Required build dependencies
      ## Tor needs pkg-config to find some dependencies at build time
      - pkg-config
      ## Optional build dependencies
      - ccache
      ## Conditional build dependencies
      ## Always installed, because manual brew installs are hard to get right
      - asciidoc
      - xmlto

## (OSX only) Use the default OSX image
## See https://docs.travis-ci.com/user/reference/osx#os-x-version
## Default is Xcode 9.4 on macOS 10.13 as of August 2018
#osx_image: xcode9.4

install:
  ## If we're on OSX, configure ccache (ccache is automatically installed and configured on Linux)
  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export PATH="/usr/local/opt/ccache/libexec:$PATH"; fi
  ## If we're on OSX, OpenSSL is keg-only, so tor 0.2.9 and later need to be configured --with-openssl-dir= to build
  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then OPENSSL_OPTIONS=--with-openssl-dir=`brew --prefix openssl`; fi
  ## Install conditional features
  ## Install coveralls
  - if [[ "$COVERAGE_OPTIONS" != "" ]]; then pip install --user cpp-coveralls; fi
  ## If we're on OSX, and using asciidoc, configure asciidoc
  - if [[ "$ASCIIDOC_OPTIONS" == "" ]] && [[ "$TRAVIS_OS_NAME" == "osx" ]]; then export XML_CATALOG_FILES="/usr/local/etc/xml/catalog"; fi
  ##
  ## Finally, list installed package versions
  - if [[ "$TRAVIS_OS_NAME" == "linux" ]]; then dpkg-query --show; fi
  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then brew list --versions; fi

script:
  - ./autogen.sh
  - CONFIGURE_FLAGS="$ASCIIDOC_OPTIONS $COVERAGE_OPTIONS $HARDENING_OPTIONS $OPENSSL_OPTIONS --enable-fatal-warnings --disable-silent-rules"
  - echo "Configure flags are $CONFIGURE_FLAGS"
  - ./configure $CONFIGURE_FLAGS
  ## We run `make check` because that's what https://jenkins.torproject.org does.
  - if [[ "$DISTCHECK" == "" ]]; then make check; fi
  - if [[ "$DISTCHECK" != "" ]]; then make distcheck DISTCHECK_CONFIGURE_FLAGS="$CONFIGURE_FLAGS"; fi
  ## If this build was one that produced coverage, upload it.
  - if [[ "$COVERAGE_OPTIONS" != "" ]]; then coveralls -b . --exclude src/test --exclude src/trunnel --gcov-options '\-p' || echo "Coverage failed"; fi

after_failure:
  ## configure will leave a log file with more details of config failures.
  ## But the log is too long for travis' rendered view, so tail it.
  - tail -1000 config.log || echo "tail failed"
  ## `make check` will leave a log file with more details of test failures.
  - if [[ "$DISTCHECK" == "" ]]; then cat test-suite.log || echo "cat failed"; fi
  ## `make distcheck` puts it somewhere different.
  - if [[ "$DISTCHECK" != "" ]]; then make show-distdir-testlog || echo "make failed"; fi

before_cache:
  ## Delete all gcov files.
  - if [[ "$COVERAGE_OPTIONS" != "" ]]; then make reset-gcov; fi

notifications:
  irc:
    channels:
      - "irc.oftc.net#tor-ci"
    template:
      - "%{repository} %{branch} %{commit} - %{author}: %{commit_subject}"
      - "Build #%{build_number} %{result}. Details: %{build_url}"
    on_success: change
    on_failure: change
  email:
    on_success: never
    on_failure: change