Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate CI to Github Actions #168

Merged
merged 2 commits into from
Aug 21, 2024
Merged

Migrate CI to Github Actions #168

merged 2 commits into from
Aug 21, 2024

Commits on Aug 21, 2024

  1. Migrate CI to Github Actions 

    We are hitting the 1 hour time limit of Circle CI (Issue open-quantum-safe#166). This migrates the existing CircleCI job completely to Github Actions which has a 5 hour time limit.

For the most part, this is pretty much a one-to-one migration. Since upstream OpenSSH provided its own set of Github Actions, I simply moved those to the `upstream-github` directory to avoid conflicts and preserve the source. I did run into two issues with getting the integration tests to pass. Beyond that, I ran into two issues that arose from migrating to Github Actions which need to be partched around.

agent-subprocess zombie process reaping

The combination of Github Actions' host with the OQS CI container results in a lazier reaping of zombie processes which breaks this test. In this test, ssh-agent is run as a subprocess to some arbitrary user command. This enables exclusive access to ssh-agent to that specific process. The way this works under the hood is that ssh-agent forks into a child process and the parent process exec's into the arbitrary command ([code ref](https://github.com/open-quantum-safe/openssh/blob/OQS-v9/ssh-agent.c#L2384)) which runs to completion. The child process than polls its parent process until it detects its own orphaned status and terminates itself. This, by design, results in a zombie process which must be reaped. The test's assertion uses `kill -0` to check for liveness, but that counts zombies as "alive". The workaround for this then is to add an additional check to assert that zombies are in fact "dead".

percent expansion is broken due to Github's HOME override

The `percent` test tests % expansions inside SSH config files (e.g. home directory, username, port number). The assertion for the home directory uses the `HOME` environmental variable. Unfortunately, when running a container on a Github Runner, they unconditionally override the value of `HOME` with `/github/home` ([issue ref](actions/runner#863)) and this breaks the test assertion. The fix here is to get a more reliable reference for the home directory and use that for the assertion.

Signed-off-by: Gerardo Ravago <gcr@amazon.com>
    @geedo0
    geedo0 committed Aug 21, 2024
    Configuration menu
    Copy the full SHA
    e9cd961 View commit details
    Browse the repository at this point in the history

  2. Update .github/workflows/ubuntu.yaml 

    Co-authored-by: Spencer Wilson <spencer.wilson@uwaterloo.ca>
Signed-off-by: Gerardo Ravago <gerardo@gcr.me>
    @geedo0 @SWilson4
    geedo0 and SWilson4 committed Aug 21, 2024
    Configuration menu
    Copy the full SHA
    d4fa2fb View commit details
    Browse the repository at this point in the history