Skip to content

Bump github/codeql-action from 3.26.7 to 3.26.8 (#4552) #3027

Bump github/codeql-action from 3.26.7 to 3.26.8 (#4552)

Bump github/codeql-action from 3.26.7 to 3.26.8 (#4552) #3027

Workflow file for this run

name: BVT
on:
workflow_dispatch:
inputs:
ref:
required: false
default: ''
type: string
push:
branches:
- main
- release/*
pull_request:
branches:
- main
- release/*
concurrency:
# Cancel any workflow currently in progress for the same PR.
# Allow running concurrently with any other commits.
group: bvt-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: read-all
jobs:
build-windows-kernel:
name: Build WinKernel
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Debug", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Release", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" }
]
uses: ./.github/workflows/build-reuse-winkernel.yml
with:
config: ${{ matrix.vec.config }}
plat: ${{ matrix.vec.plat }}
os: ${{ matrix.vec.os }}
arch: ${{ matrix.vec.arch }}
tls: ${{ matrix.vec.tls }}
build: ${{ matrix.vec.build }}
ref: ${{ inputs.ref || '' }}
build-windows:
name: Build WinUser
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", build: "-Test" },
{ config: "Release", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" }
]
uses: ./.github/workflows/build-reuse-win.yml
with:
config: ${{ matrix.vec.config }}
plat: ${{ matrix.vec.plat }}
os: ${{ matrix.vec.os }}
arch: ${{ matrix.vec.arch }}
tls: ${{ matrix.vec.tls }}
sanitize: ${{ matrix.vec.sanitize }}
build: ${{ matrix.vec.build }}
ref: ${{ inputs.ref || '' }}
build-unix:
name: Build Unix
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", build: "-Test", xdp: "-UseXdp" },
]
uses: ./.github/workflows/build-reuse-unix.yml
with:
config: ${{ matrix.vec.config }}
plat: ${{ matrix.vec.plat }}
os: ${{ matrix.vec.os }}
arch: ${{ matrix.vec.arch }}
tls: ${{ matrix.vec.tls }}
systemcrypto: ${{ matrix.vec.systemcrypto }}
sanitize: ${{ matrix.vec.sanitize }}
build: ${{ matrix.vec.build }}
xdp: ${{ matrix.vec.xdp }}
ref: ${{ inputs.ref || '' }}
bvt:
name: BVT
needs: [build-windows, build-unix]
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-20.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-22.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "linux", os: "ubuntu-24.04", arch: "x64", tls: "openssl3", systemcrypto: "-UseSystemOpenSSLCrypto", build: "-Test", xdp: "-UseXdp" },
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2019", arch: "x64", tls: "openssl3", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", xdp: "-UseXdp", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", xdp: "-UseXdp", qtip: "-UseQtip", sanitize: "-Sanitize", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", xdp: "-UseXdp", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl", xdp: "-UseXdp", qtip: "-UseQtip", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", xdp: "-UseXdp", build: "-Test" },
{ config: "Debug", plat: "windows", os: "windows-2022", arch: "x64", tls: "openssl3", xdp: "-UseXdp", qtip: "-UseQtip", build: "-Test" },
{ config: "Debug", plat: "windows", os: "WinServerPrerelease", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Release", plat: "windows", os: "WinServerPrerelease", arch: "x64", tls: "schannel", build: "-Test" },
]
runs-on: ${{ matrix.vec.plat == 'windows' && matrix.vec.os == 'WinServerPrerelease' && fromJson('[''self-hosted'', ''1ES.Pool=1es-msquic-pool'', ''1ES.ImageOverride=WinServerPrerelease'']') || matrix.vec.os }}
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
ref: ${{ inputs.ref || '' }}
- name: Download Build Artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
if: matrix.vec.plat == 'windows'
with: # note we always use binaries built on windows-2022.
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-windows-2022-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.sanitize }}${{ matrix.vec.build }}
path: artifacts
- name: Download Build Artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
if: matrix.vec.plat == 'linux'
with:
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.systemcrypto }}${{ matrix.vec.sanitize }}${{ matrix.vec.xdp }}${{ matrix.vec.build }}
path: artifacts
- name: Fix permissions for Unix
if: matrix.vec.plat == 'linux' || matrix.vec.plat == 'macos'
run: |
sudo chmod -R 777 artifacts
- name: Prepare Machine
run: scripts/prepare-machine.ps1 -Tls ${{ matrix.vec.tls }} -ForTest ${{ matrix.vec.xdp }}
shell: pwsh
- name: Install ETW Manifest
if: matrix.vec.plat == 'windows'
shell: pwsh
run: |
$MsQuicDll = ".\artifacts\bin\windows\${{ matrix.vec.arch }}_${{ matrix.vec.config }}_${{ matrix.vec.tls }}\msquic.dll"
$ManifestPath = ".\src\manifest\MsQuicEtw.man"
wevtutil.exe um $ManifestPath
wevtutil.exe im $ManifestPath /rf:$($MsQuicDll) /mf:$($MsQuicDll)
- name: Test
if: matrix.vec.os == 'WinServerPrerelease'
shell: pwsh
timeout-minutes: 120
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -GHA -LogProfile Full.Light -GenerateXmlResults ${{ matrix.vec.xdp }} ${{ matrix.vec.qtip }}
- name: Test
if: matrix.vec.os != 'WinServerPrerelease'
shell: pwsh
timeout-minutes: 120
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -OsRunner ${{ matrix.vec.os }} -GHA -LogProfile Full.Light -GenerateXmlResults ${{ matrix.vec.xdp }} ${{ matrix.vec.qtip }}
- name: Fix log permissions for Linux XDP
if: failure() && matrix.vec.plat == 'linux' # (matrix.vec.plat == 'linux' && matrix.vec.xdp == '-UseXdp') doesn't work for some reason
run: |
sudo chmod -R 777 artifacts
- name: Upload on Failure
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
if: failure()
with:
name: BVT-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}${{ matrix.vec.qtip }}${{ matrix.vec.systemcrypto }}${{ matrix.vec.sanitize }}
path: artifacts
bvt-kernel:
name: BVT Kernel
needs: [build-windows, build-windows-kernel]
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Debug", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Release", plat: "winkernel", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Debug", plat: "winkernel", os: "WinServerPrerelease", arch: "x64", tls: "schannel", build: "-Test" },
{ config: "Release", plat: "winkernel", os: "WinServerPrerelease", arch: "x64", tls: "schannel", build: "-Test" },
]
runs-on: ${{ matrix.vec.plat == 'winkernel' && matrix.vec.os == 'WinServerPrerelease' && fromJson('[''self-hosted'', ''1ES.Pool=1es-msquic-pool'', ''1ES.ImageOverride=WinServerPrerelease'']') || matrix.vec.os }}
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
ref: ${{ inputs.ref || '' }}
- name: Download Build Artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with: # note we always use binaries built on windows-2022.
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-windows-2022-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.build }}
path: artifacts
- name: Download Build Artifacts for Testing From WinUser
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with: # note we always use binaries built on windows-2022.
name: ${{ matrix.vec.config }}-windows-windows-2022-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.build }}
path: artifacts
- name: Prepare Machine
shell: pwsh
run: scripts/prepare-machine.ps1 -ForTest -ForKernel
- name: Install ETW Manifest
shell: pwsh
run: |
$MsQuicDll = ".\artifacts\bin\windows\${{ matrix.vec.arch }}_${{ matrix.vec.config }}_${{ matrix.vec.tls }}\msquic.dll"
$ManifestPath = ".\src\manifest\MsQuicEtw.man"
wevtutil.exe um $ManifestPath
wevtutil.exe im $ManifestPath /rf:$($MsQuicDll) /mf:$($MsQuicDll)
- name: Test
shell: pwsh
timeout-minutes: 90
run: scripts/test.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -OsRunner ${{ matrix.vec.os }} -GHA -LogProfile Full.Light -GenerateXmlResults -Kernel -Filter -*ValidateConfiguration:*ValidAlpnLengths:*ResumeRejection*:*ClientCertificate*:*LoadBalanced*
- name: Upload on Failure
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
if: failure()
with:
name: BVT-Kernel-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}
path: artifacts
interop-winlatest:
name: Interop WinPrerelease
needs: [build-windows]
strategy:
fail-fast: false
matrix:
vec: [
{ config: "Release", plat: "windows", os: "windows-2022", arch: "x64", tls: "schannel", build: "-Test" },
]
runs-on:
- self-hosted
- "1ES.Pool=1es-msquic-pool"
- "1ES.ImageOverride=WinServerPrerelease"
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
with:
fetch-depth: 0
ref: ${{ inputs.ref || '' }}
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: ${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.sanitize }}${{ matrix.vec.build }}
path: artifacts
- name: Prepare Machine
run: scripts/prepare-machine.ps1 -ForTest ${{ matrix.vec.xdp }}
shell: pwsh
- name: Interop
shell: pwsh
run: scripts/interop.ps1 -Config ${{ matrix.vec.config }} -Arch ${{ matrix.vec.arch }} -Tls ${{ matrix.vec.tls }} -GHA -GenerateXmlResults
- name: Upload results
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
with:
name: InteropWinlatest-${{ matrix.vec.config }}-${{ matrix.vec.plat }}-${{ matrix.vec.os }}-${{ matrix.vec.arch }}-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}
path: artifacts