Slow Tests #909
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Slow Tests | |
env: | |
ANDROID_API_LEVEL: 21 | |
ANDROID_NDK_VERSION: 27.0.12077973 | |
LIBSIGNAL_TESTING_CDSI_ENCLAVE_SECRET: ${{secrets.CDSI_ENCLAVE_SECRET}} | |
LIBSIGNAL_TESTING_RUN_NONHERMETIC_TESTS: true | |
RUST_LOG: debug | |
on: | |
schedule: | |
# "High load times include the start of every hour. | |
# To decrease the chance of delay, schedule your workflow to run | |
# at a different time of the hour." | |
# We pick 8:25 UTC, aiming for "later than PST/UTC-8 night work" and | |
# "earlier than ADT/UTC-3 morning work". | |
- cron: '25 8 * * *' | |
workflow_dispatch: {} # no parameters | |
jobs: | |
check-up-to-date: | |
name: Already up to date? | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'schedule' && github.repository_owner == 'signalapp' && endsWith(github.repository, '-private') }} | |
outputs: | |
has-changes: ${{ steps.check.outputs.has-changes }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: git log --after '24 hours ago' --exit-code || echo 'has-changes=true' >> $GITHUB_OUTPUT | |
id: check | |
java-docker: | |
name: Java (Docker) | |
runs-on: ubuntu-latest-4-cores | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: make -C java | |
- name: Upload JNI libraries | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: jniLibs | |
path: java/android/src/main/jniLibs/* | |
retention-days: 2 | |
- name: Upload full JARs | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: jars | |
path: java/*/build/libs/* | |
retention-days: 2 | |
- name: Upload full AARs | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: aars | |
path: java/android/build/outputs/aar/* | |
retention-days: 2 | |
java-docker-secondary: | |
name: Java (Secondary Docker) | |
runs-on: ubuntu-latest-4-cores | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: make -C java | |
- name: Upload full JARs | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: jars-secondary | |
path: java/*/build/libs/* | |
retention-days: 2 | |
- name: Upload full AARs | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: aars-secondary | |
path: java/android/build/outputs/aar/* | |
retention-days: 2 | |
java-reproducibility: | |
name: Verify Java Reproducible Build | |
runs-on: ubuntu-latest | |
needs: [java-docker, java-docker-secondary] | |
if: ${{ always() && needs.java-docker.result == 'success' && needs.java-docker-secondary.result == 'success' }} | |
steps: | |
- name: Download jars | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: jars | |
path: a/jars/ | |
- name: Download jars (secondary) | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: jars-secondary | |
path: b/jars/ | |
- name: Download aars | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: aars | |
path: a/aars/ | |
- name: Download aars (secondary) | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: aars-secondary | |
path: b/aars/ | |
- run: diff -qr a/ b/ | |
android-emulator-tests: | |
name: Android Emulator Tests | |
# For hardware acceleration; see https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/ | |
runs-on: ubuntu-latest-4-cores | |
needs: [java-docker] | |
if: ${{ always() && needs.java-docker.result == 'success' }} | |
timeout-minutes: 45 | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: [x86, x86_64] | |
steps: | |
- run: 'echo "JAVA_HOME=$JAVA_HOME_17_X64" >> "$GITHUB_ENV"' | |
# For hardware acceleration; see https://github.blog/changelog/2023-02-23-hardware-accelerated-android-virtualization-on-actions-windows-and-linux-larger-hosted-runners/ | |
- name: Enable KVM group perms | |
run: | | |
echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules | |
sudo udevadm control --reload-rules | |
sudo udevadm trigger --name-match=kvm | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- name: Download JNI libraries | |
id: download | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: jniLibs | |
path: java/android/src/main/jniLibs/ | |
# From reactivecircus/android-emulator-runner | |
- name: AVD cache | |
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 | |
id: avd-cache | |
with: | |
path: | | |
~/.android/avd/* | |
~/.android/adb* | |
key: avd-${{ matrix.arch }}-21-linux | |
- name: Create AVD and generate snapshot for caching | |
if: steps.avd-cache.outputs.cache-hit != 'true' | |
uses: reactivecircus/android-emulator-runner@6b0df4b0efb23bb0ec63d881db79aefbc976e4b2 # v2.30.1 | |
with: | |
arch: ${{ matrix.arch }} | |
api-level: ${{ env.ANDROID_API_LEVEL }} | |
ndk: ${{ env.ANDROID_NDK_VERSION }} | |
force-avd-creation: false | |
emulator-options: -no-window -noaudio -no-boot-anim | |
script: echo "Generated AVD snapshot for caching." | |
- name: Run tests | |
uses: reactivecircus/android-emulator-runner@6b0df4b0efb23bb0ec63d881db79aefbc976e4b2 # v2.30.1 | |
with: | |
arch: ${{ matrix.arch }} | |
api-level: ${{ env.ANDROID_API_LEVEL }} | |
ndk: ${{ env.ANDROID_NDK_VERSION }} | |
force-avd-creation: false | |
emulator-options: -no-snapshot-save -no-window -noaudio -no-boot-anim | |
script: ./gradlew android:connectedCheck -x makeJniLibrariesDesktop -x android:makeJniLibraries | |
working-directory: java | |
aarch64: | |
name: AArch64 Linux Tests | |
runs-on: ubuntu-24.04-arm64-2-cores | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: sudo apt-get update && sudo apt-get install protobuf-compiler | |
- run: rustup toolchain install $(cat rust-toolchain) --profile minimal | |
# Skip building for Android; that's handled by the previous tests. | |
- run: ./gradlew build -PskipAndroid | tee ./gradle-output.txt | |
working-directory: java | |
shell: bash # Explicitly setting the shell turns on pipefail in GitHub Actions | |
# Check for -Xcheck:jni warnings manually; Gradle doesn't capture them for some reason. | |
- run: "! grep WARNING ./gradle-output.txt" | |
working-directory: java | |
node-docker: | |
name: Node (Ubuntu via Docker) | |
runs-on: ubuntu-latest | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: node/docker-prebuildify.sh | |
- run: npm run tsc && npm run test | |
working-directory: node | |
env: | |
PREBUILDS_ONLY: 1 | |
- name: Upload prebuilds | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: node-prebuilds | |
path: node/prebuilds | |
retention-days: 2 | |
node-docker-secondary: | |
name: Node (Secondary Ubuntu via Docker) | |
runs-on: ubuntu-latest | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: node/docker-prebuildify.sh | |
- name: Upload prebuilds | |
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
with: | |
name: node-prebuilds-secondary | |
path: node/prebuilds | |
retention-days: 2 | |
node-reproducibility: | |
name: Verify Desktop Linux Reproducible Build | |
runs-on: ubuntu-latest | |
needs: [node-docker, node-docker-secondary] | |
if: ${{ always() && needs.node-docker.result == 'success' && needs.node-docker-secondary.result == 'success' }} | |
steps: | |
- name: Download prebuilds | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: node-prebuilds | |
path: a/prebuilds/ | |
- name: Download prebuilds (secondary) | |
uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 | |
with: | |
name: node-prebuilds-secondary | |
path: b/prebuilds/ | |
- run: diff -qr a/ b/ | |
node-windows-arm64: | |
name: Node (Windows ARM64 cross-compile) | |
runs-on: windows-latest | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: rustup toolchain install $(cat rust-toolchain) --profile minimal --target aarch64-pc-windows-msvc | |
# install nasm compiler for boring | |
- name: Install nasm | |
run: choco install nasm | |
shell: cmd | |
- run: choco install protoc | |
- name: Get Node version from .nvmrc | |
id: get-nvm-version | |
shell: bash | |
run: echo "node-version=$(cat .nvmrc)" >> $GITHUB_OUTPUT | |
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 | |
with: | |
node-version-file: '.nvmrc' | |
- run: npm ci | |
working-directory: node | |
- name: Build for arm64 | |
run: npx prebuildify --napi -t '${{ steps.get-nvm-version.outputs.node-version }}' --arch arm64 | |
working-directory: node | |
swift-cocoapod: | |
name: Swift CocoaPod (all architectures) | |
runs-on: macOS-latest | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: rustup toolchain install $(cat rust-toolchain) --profile minimal --target x86_64-apple-ios,aarch64-apple-ios,aarch64-apple-ios-sim --component rust-src | |
- run: brew install protobuf | |
- name: Build for aarch64-apple-ios | |
run: swift/build_ffi.sh --release | |
env: | |
CARGO_BUILD_TARGET: aarch64-apple-ios | |
# Build the simulator architectures for completeness. | |
- name: Build for x86_64-apple-ios | |
run: swift/build_ffi.sh --release | |
env: | |
CARGO_BUILD_TARGET: x86_64-apple-ios | |
- name: Build for aarch64-apple-ios-sim | |
run: swift/build_ffi.sh --release | |
env: | |
CARGO_BUILD_TARGET: aarch64-apple-ios-sim | |
# The simulator build of the CocoaPod is already tested in regular CI as part of `pod lib lint`. | |
- name: Set up testing workspace | |
run: pod install | |
working-directory: swift/cocoapods-testing | |
- name: Manually build for device | |
run: xcodebuild -scheme LibSignalClient -sdk iphoneos build-for-testing | |
working-directory: swift/cocoapods-testing | |
- name: Build in Release for device as well | |
run: xcodebuild -scheme LibSignalClient -sdk iphoneos -configuration Release | |
working-directory: swift/cocoapods-testing | |
rust-stable-testing: | |
name: Rust tests (using latest stable) | |
runs-on: ubuntu-latest-4-cores | |
needs: [check-up-to-date] | |
if: ${{ always() && (needs.check-up-to-date.outputs.has-changes || github.event_name != 'schedule') }} | |
timeout-minutes: 45 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
with: | |
submodules: recursive | |
- run: sudo apt-get update && sudo apt-get install gcc-multilib g++-multilib protobuf-compiler | |
- run: rustup +stable target add i686-unknown-linux-gnu | |
- run: cargo audit -D warnings | |
- name: Run tests | |
run: cargo +stable test --workspace --all-features --verbose --no-fail-fast -- --include-ignored | |
- name: Test run benches | |
run: cargo +stable test --workspace --benches --all-features --no-fail-fast --verbose | |
- name: Build bins and examples | |
run: cargo +stable build --workspace --bins --examples --all-features --verbose --keep-going | |
- name: Run libsignal-net smoke tests | |
run: cargo +stable run --example chat_smoke_test -p libsignal-net --features="test-util" -- --try-all-routes staging | |
env: | |
RUST_LOG: debug | |
- name: Run tests (32-bit) | |
# Exclude signal-neon-futures because those tests run Node | |
run: cargo +stable test --workspace --all-features --verbose --target i686-unknown-linux-gnu --exclude signal-neon-futures --no-fail-fast -- --include-ignored | |
- name: Run libsignal-protocol cross-version tests | |
run: cargo +stable test --no-fail-fast | |
working-directory: rust/protocol/cross-version-testing | |
- name: Run libsignal-protocol cross-version tests (32-bit) | |
run: cargo +stable test --target i686-unknown-linux-gnu --no-fail-fast | |
working-directory: rust/protocol/cross-version-testing | |
# We don't run Clippy because GitHub silently updates `stable` and that can introduce new lints, | |
# and we don't have a guarantee that any particular pinned nightly can build older libsignals. | |
report_failures: | |
name: Report Failures | |
runs-on: ubuntu-latest | |
needs: [java-docker, java-reproducibility, android-emulator-tests, aarch64, node-docker, node-reproducibility, node-windows-arm64, swift-cocoapod, rust-stable-testing] | |
if: ${{ failure() && github.event_name == 'schedule' }} | |
permissions: | |
# createCommitComment is supposed to only need the default 'read' permissions... | |
# ...but maybe it's different for private repositories. | |
contents: write | |
steps: | |
- uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
with: | |
script: | | |
github.rest.repos.createCommitComment({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
commit_sha: context.sha, | |
body: 'Failed Slow Tests: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}>' | |
}) |