-
Notifications
You must be signed in to change notification settings - Fork 271
190 lines (169 loc) · 9.84 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
name: CI
on:
workflow_dispatch:
push:
branches:
- master
- staging-client
- staging-server
jobs:
run_tests:
strategy:
fail-fast: false
matrix:
os: [ "ubuntu" ]
go: [ "1.22.4" ]
test-type: [ "detector", "coverage", "memory", "custom-build-tags", "code-vetting" ]
runs-on: ${{ matrix.os }}-latest
name: psiphon-tunnel-core ${{ matrix.test-type }} tests on ${{ matrix.os}}, Go ${{ matrix.go }}
permissions:
checks: write
contents: read
env:
GOPATH: ${{ github.workspace }}/go
steps:
- name: Clone repository
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ matrix.go }}
- name: Install networking components
run: |
sudo apt-get update
sudo apt-get install libnetfilter-queue-dev
sudo apt-get install conntrack
- name: Install coverage tools
if: ${{ matrix.test-type == 'coverage' }}
run: |
go install github.com/axw/gocov/gocov@latest
go install github.com/modocache/gover@latest
go install github.com/mattn/goveralls@latest
go install golang.org/x/tools/cmd/cover@latest
- name: Check environment
run: |
echo "GitHub workspace: $GITHUB_WORKSPACE"
echo "Working directory: `pwd`"
echo "GOROOT: $GOROOT"
echo "GOPATH: $GOPATH"
echo "Go version: `go version`"
- name: Pave config files
env:
CONTROLLER_TEST_CONFIG: ${{ secrets.CONTROLLER_TEST_CONFIG }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
echo "$CONTROLLER_TEST_CONFIG" > ./psiphon/controller_test.config
# TODO: fix and re-enable test
# sudo -E env "PATH=$PATH" go test -v -race ./psiphon/common/tun
- name: Run tests with data race detector
if: ${{ matrix.test-type == 'detector' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
go test -v -race ./psiphon/common
go test -v -race ./psiphon/common/accesscontrol
go test -v -race ./psiphon/common/crypto/ssh
go test -v -race ./psiphon/common/fragmentor
go test -v -timeout 20m -race -tags "PSIPHON_ENABLE_INPROXY" ./psiphon/common/inproxy
go test -v -race ./psiphon/common/regen
go test -v -race ./psiphon/common/monotime
go test -v -race ./psiphon/common/obfuscator
go test -v -race ./psiphon/common/osl
sudo -E env "PATH=$PATH" go test -v -race -tags "PSIPHON_RUN_PACKET_MANIPULATOR_TEST" ./psiphon/common/packetman
go test -v -race ./psiphon/common/parameters
go test -v -race ./psiphon/common/protocol
go test -v -race ./psiphon/common/quic
go test -v -race ./psiphon/common/resolver
go test -v -race ./psiphon/common/tactics
go test -v -race ./psiphon/common/transforms
go test -v -race ./psiphon/common/values
go test -v -race ./psiphon/common/wildcard
go test -v -race ./psiphon/transferstats
sudo -E env "PATH=$PATH" go test -v -timeout 20m -race -tags "PSIPHON_ENABLE_INPROXY PSIPHON_RUN_PACKET_MANIPULATOR_TEST" ./psiphon/server
go test -v -race ./psiphon/server/psinet
go test -v -timeout 20m -race ./psiphon
go test -v -race ./ClientLibrary/clientlib
go test -v -race ./Server/logging/analysis
# TODO: fix and re-enable test
# sudo -E env "PATH=$PATH" go test -v -covermode=count -coverprofile=tun.coverprofile ./psiphon/common/tun
- name: Run tests with coverage
env:
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: ${{ matrix.test-type == 'coverage' && github.repository == 'Psiphon-Labs/psiphon-tunnel-core' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
go test -v -covermode=count -coverprofile=common.coverprofile ./psiphon/common
go test -v -covermode=count -coverprofile=accesscontrol.coverprofile ./psiphon/common/accesscontrol
go test -v -covermode=count -coverprofile=ssh.coverprofile ./psiphon/common/crypto/ssh
go test -v -covermode=count -coverprofile=fragmentor.coverprofile ./psiphon/common/fragmentor
go test -v -timeout 20m -covermode=count -tags "PSIPHON_ENABLE_INPROXY" -coverprofile=inproxy.coverprofile ./psiphon/common/inproxy
go test -v -covermode=count -coverprofile=regen.coverprofile ./psiphon/common/regen
go test -v -covermode=count -coverprofile=monotime.coverprofile ./psiphon/common/monotime
go test -v -covermode=count -coverprofile=obfuscator.coverprofile ./psiphon/common/obfuscator
go test -v -covermode=count -coverprofile=osl.coverprofile ./psiphon/common/osl
sudo -E env "PATH=$PATH" go test -v -covermode=count -coverprofile=packetman.coverprofile -tags "PSIPHON_RUN_PACKET_MANIPULATOR_TEST" ./psiphon/common/packetman
go test -v -covermode=count -coverprofile=parameters.coverprofile ./psiphon/common/parameters
go test -v -covermode=count -coverprofile=protocol.coverprofile ./psiphon/common/protocol
go test -v -covermode=count -coverprofile=quic.coverprofile ./psiphon/common/quic
go test -v -covermode=count -coverprofile=resolver.coverprofile ./psiphon/common/resolver
go test -v -covermode=count -coverprofile=tactics.coverprofile ./psiphon/common/tactics
go test -v -covermode=count -coverprofile=transforms.coverprofile ./psiphon/common/transforms
go test -v -covermode=count -coverprofile=values.coverprofile ./psiphon/common/values
go test -v -covermode=count -coverprofile=wildcard.coverprofile ./psiphon/common/wildcard
go test -v -covermode=count -coverprofile=transferstats.coverprofile ./psiphon/transferstats
sudo -E env "PATH=$PATH" go test -v -timeout 20m -covermode=count -coverprofile=server.coverprofile -tags "PSIPHON_ENABLE_INPROXY PSIPHON_RUN_PACKET_MANIPULATOR_TEST" ./psiphon/server
go test -v -covermode=count -coverprofile=psinet.coverprofile ./psiphon/server/psinet
go test -v -timeout 20m -covermode=count -coverprofile=psiphon.coverprofile ./psiphon
go test -v -covermode=count -coverprofile=clientlib.coverprofile ./ClientLibrary/clientlib
go test -v -covermode=count -coverprofile=analysis.coverprofile ./Server/logging/analysis
$GOPATH/bin/gover
$GOPATH/bin/goveralls -coverprofile=gover.coverprofile -service=github -repotoken "$COVERALLS_TOKEN"
- name: Run memory tests
if: ${{ matrix.test-type == 'memory' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
go test -v ./psiphon/memory_test -run TestReconnectTunnel
go test -v ./psiphon/memory_test -run TestRestartController
- name: Compile with custom build tags
if: ${{ matrix.test-type == 'custom-build-tags' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core/ConsoleClient
go build -a -v -tags ""
go build -a -v -tags "PSIPHON_ENABLE_INPROXY"
go build -a -v -tags "PSIPHON_DISABLE_QUIC"
go build -a -v -tags "PSIPHON_DISABLE_GQUIC"
go build -a -v -tags "PSIPHON_ENABLE_REFRACTION_NETWORKING"
- name: Check Go fmt
if: ${{ matrix.test-type == 'code-vetting' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
if [ "$(gofmt -s -l ./psiphon ./ClientLibrary ./ConsoleClient ./MobileLibrary/psi ./Server | wc -l)" -gt 0 ]; then
gofmt -s -l ./psiphon ./ClientLibrary ./ConsoleClient ./MobileLibrary/psi ./Server
exit 1
fi
- name: Check Go vet
if: ${{ matrix.test-type == 'code-vetting' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
go vet -tags "PSIPHON_ENABLE_INPROXY PSIPHON_ENABLE_REFRACTION_NETWORKING" ./psiphon/... ./ClientLibrary/... ./ConsoleClient/... ./MobileLibrary/psi ./Server/...
# License check ignore cases:
#
# - github.com/Psiphon-Labs,github.com/Psiphon-Inc: Psiphon code with
# GPL 3 license; any dependencies within (subtree or copy) must be
# manually vetted
#
# - golang.org/x,filippo.io/edwards25519,github.com/klauspost/compress:
# fail with "contains non-Go code that can't be inspected for further
# dependencies"; manually vetted
#
# - github.com/oschwald/maxminddb-golang,github.com/shoenig/go-m1cpu:
# ISC and MPL-2.0 respectively; allowed for server only (there is an
# extra pass, without this exclusion, over the main client packages)
#
- name: Check licenses
if: ${{ matrix.test-type == 'code-vetting' }}
run: |
cd ${{ github.workspace }}/go/src/github.com/Psiphon-Labs/psiphon-tunnel-core
go run github.com/google/go-licenses@latest check --ignore=github.com/Psiphon-Labs,github.com/Psiphon-Inc,golang.org/x,filippo.io/edwards25519,github.com/klauspost/compress,github.com/oschwald/maxminddb-golang,github.com/shoenig/go-m1cpu --allowed_licenses=Apache-2.0,Apache-3,BSD-2-Clause,BSD-3-Clause,BSD-4-Clause,CC0-1.0,MIT ./...
go run github.com/google/go-licenses@latest check --ignore=github.com/Psiphon-Labs,github.com/Psiphon-Inc,golang.org/x,filippo.io/edwards25519,github.com/klauspost/compress --allowed_licenses=Apache-2.0,Apache-3,BSD-2-Clause,BSD-3-Clause,BSD-4-Clause,CC0-1.0,MIT ./psiphon ./psiphon/common/... ./ClientLibrary/... ./ConsoleClient/... ./MobileLibrary/psi