1. 09 Jul, 2020 1 commit
    • Add CI support for Memory and UndefinedBehavior Sanitizers · 6a917c04
      This change adds two new build targets: MSan and UBSan. This is because
      even though OSS-Fuzz is great and adds a lot of coverage, it only does
      that for the fuzz targets, so the rest of the codebase is not
      necessarily run with the Sanitizers ever :( So this change makes sure
      that MSan/UBSan warnings don't make it into the codebase.
      
      As part of this change, the Ubuntu focal container is introduced. It
      builds mbedTLS and libssh2 as debug libraries into /usr/local and as
      MSan-enabled libraries into /usr/local/msan. This latter part is needed
      because MSan requires the binary and all its dependent libraries to be
      built with MSan support so that memory allocations and deallocations are
      tracked correctly to avoid false positives.
      lhchavez committed
  2. 11 Jun, 2020 1 commit
  3. 06 Jun, 2020 5 commits
  4. 17 Mar, 2020 1 commit
  5. 13 Mar, 2020 3 commits
    • azure: docker: use insecure flag to fix curl downloads · 8621bdda
      We currently hve some problems with our curl downloads when building
      Docker images. It's not quite obvious what the problem is and they seem
      to occur semi-randomly. To unblock our CI, let's add the "--insecure"
      flag to curl to ignore any certificate errors. This is intended as a
      temporary solution only.
      Patrick Steinhardt committed
    • azure: docurium: fix build failure due to bumped CMake requirements · 5ac33ced
      Our Docurium builds currently depend on Debian Jessie, which has CMake
      v3.0 available. As rugged has bumped its CMake requirements to need at
      least v3.5 now, the documentation build is thus failing.
      
      Fix this by converting our Docurium Docker image to be based on Ubuntu
      Bionic. We already do base all of our images on Ubuntu, so I don't see
      any sense in using Debian here. If this was only to speed up builds, we
      should just go all the way and use some minimal container like Alpine
      anyway.
      
      Also remove cache busters. As we're rebuilding the image every time,
      it's we really don't need them at all.
      Patrick Steinhardt committed
    • azure: docker: consistently silence curl but show errors · c76c1e87
      We currently pass the "--silent" flag to most invocations of curl, but
      in fact this does not only suppress the progress meter, but also any
      errors. So let's also pass "--show-error", too.
      Patrick Steinhardt committed
  6. 02 Mar, 2020 1 commit
  7. 01 Mar, 2020 1 commit
  8. 19 Feb, 2020 1 commit
    • azure: docker: set up HOME variable to fix Coverity builds · 6efe3d35
      In commit 01a83406 (azure: docker: fix ARM builds by replacing gosu(1),
      2020-02-18), we've switched our entrypoint from gosu(1) to use sudo(1)
      instead to fix our ARM builds. The switch introduced an incompatibility
      that now causes our Coverity builds to fail, as the "--preserve-env"
      switch will also keep HOME at its current value. As a result, Coverity
      now tries to set up its configuration directory in root's home
      directory, which it naturally can't write to.
      
      Fix the issue by adding the "--set-home" flag to sudo(1).
      Patrick Steinhardt committed
  9. 18 Feb, 2020 2 commits
  10. 07 Feb, 2020 2 commits
    • azure: docker: avoid re-creating libgit2 home directory · fb03f02a
      The Docker entrypoint currently creates the libgit2 user with "useradd
      --create-home". As we start the Docker container with two volumes
      pointing into "/home/libgit2/", the home directory will already exist.
      While useradd(1) copes with this just fine, it will print error messages
      to stderr which end up as failures in our Azure pipelines.
      
      Fix this by simply removing the "--create-home" parameter.
      Patrick Steinhardt committed
    • azure: docker: pipe downloaded archives into tar(1) directly · a3ec07d7
      When building dependencies for our Docker images, we first download the
      sources to disk first, unpack them and finally remove the archive again.
      This can be sped up by piping the downloading archive into tar(1)
      directly to parallelize both tasks. Furthermore, let's silence curl(1)
      to not print to status information to stderr, which tends to be
      interpreted as errors by Azure Pipelines.
      Patrick Steinhardt committed
  11. 24 Jan, 2020 1 commit
  12. 24 Nov, 2019 5 commits
  13. 21 Sep, 2019 1 commit
    • azure: avoid building and testing in Docker as root · 3c884cc3
      Right now, all tests in libgit2's CI are being executed as root
      user. As libgit2 will usually not run as a root user in "normal"
      usecases and furthermore as there are tests that rely on the
      ability to _not_ be able to create certain paths, let's instead
      create an unprivileged user "libgit2" and use that across all
      docker images.
      Patrick Steinhardt committed
  14. 13 Sep, 2019 8 commits