[gentoo-commits] proj/pax-utils:master commit in: travis/, .github/workflows/, / - gentoo-commits

From:	Mike Frysinger <vapier@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/pax-utils:master commit in: travis/, .github/workflows/, /
Date:	Mon, 04 Oct 2021 22:26:55
Message-Id:	`1633386381.22e3de54dee0d4efa6c3d14753f847677f0e8d98.vapier@gentoo`

1

commit:     22e3de54dee0d4efa6c3d14753f847677f0e8d98

2

Author:     Mike Frysinger <vapier <AT> chromium <DOT> org>

3

AuthorDate: Mon Oct  4 17:31:53 2021 +0000

4

Commit:     Mike Frysinger <vapier <AT> gentoo <DOT> org>

5

CommitDate: Mon Oct  4 22:26:21 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=22e3de54

7

8

migrate from Travis to GH actions

9

10

Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>

11

12

 .github/workflows/build-test-ci.yml | 85 +++++++++++++++++++++++++++++++++++++

13

 .github/workflows/coverity.yml      | 52 +++++++++++++++++++++++

14

 .travis.yml                         | 33 --------------

15

 Makefile                            |  6 +--

16

 Makefile.am                         |  1 -

17

 README.md                           |  2 +-

18

 autogen.sh                          | 14 +++---

19

 travis/lib.sh                       | 38 -----------------

20

 travis/main.sh                      | 75 --------------------------------

21

 9 files changed, 147 insertions(+), 159 deletions(-)

22

23

diff --git a/.github/workflows/build-test-ci.yml b/.github/workflows/build-test-ci.yml

24

new file mode 100644

25

index 0000000..e23f0a3

26

--- /dev/null

27

+++ b/.github/workflows/build-test-ci.yml

28

@@ -0,0 +1,85 @@

29

+# GitHub actions workflow.

30

+# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions

31

+

32

+name: Build+Test CI

33

+

34

+on:

35

+  push:

36

+    branches: [master, gh-actions]

37

+    tags: [v*]

38

+  pull_request:

39

+    types: [opened]

40

+    branches: [master]

41

+

42

+jobs:

43

+  make:

44

+    strategy:

45

+      matrix:

46

+        os: [ubuntu-latest]

47

+        cc: [gcc, clang]

48

+    runs-on: ${{ matrix.os }}

49

+    env:

50

+      CC: ${{ matrix.cc }}

51

+    steps:

52

+    - name: Install dependencies

53

+      run: sudo apt-get install -y python3-pyelftools

54

+    - uses: actions/checkout@v2

55

+    # Hack up the man pages as installing xmlto is very expensive.

56

+    # We'll test this in the autotools builder instead.

57

+    - name: Hack man pages

58

+      run: echo man/*.docbook | sed s:docbook:1:g | xargs touch

59

+    - run: make

60

+    - run: make check

61

+    - run: make install DESTDIR="${PWD}/root/"

62

+    - run: make debug

63

+    - run: make check

64

+

65

+  autotools-distcheck-linux:

66

+    strategy:

67

+      matrix:

68

+        os: [ubuntu-latest]

69

+        cc: [gcc, clang]

70

+    runs-on: ${{ matrix.os }}

71

+    env:

72

+      CC: ${{ matrix.cc }}

73

+    steps:

74

+    - name: Install dependencies

75

+      run: sudo apt-get install -y python3-pyelftools xmlto

76

+    - name: Checkout gnulib

77

+      uses: actions/checkout@v2

78

+      with:

79

+        repository: coreutils/gnulib

80

+        path: gnulib

81

+    - run: mv gnulib ..

82

+    - uses: actions/checkout@v2

83

+    - run: make distcheck SHELL_TRACE=-x PV=git PATH="${PWD}/../gnulib:${PATH}"

84

+

85

+  autotools-build-macos:

86

+    strategy:

87

+      matrix:

88

+        os: [macos-latest]

89

+        cc: [clang]

90

+    runs-on: ${{ matrix.os }}

91

+    env:

92

+      CC: ${{ matrix.cc }}

93

+    steps:

94

+    - name: Install dependencies

95

+      run: brew install autoconf automake docbook libtool xmlto xz

96

+    - name: Checkout gnulib

97

+      uses: actions/checkout@v2

98

+      with:

99

+        repository: coreutils/gnulib

100

+        path: gnulib

101

+    - run: mv gnulib ..

102

+    - uses: actions/checkout@v2

103

+    # We don't run the whole distcheck flow because we don't want or need to

104

+    # rebuild the tarball, and that flow also runs the basic Linux+make which

105

+    # blows up wonderfully everywhere else.

106

+    - run: make autotools SHELL_TRACE=-x

107

+    - run: ./configure

108

+    - run: make

109

+    # The unittests generally assume a Linux ELF host, so don't bother making

110

+    # sure they pass on macOS.  Run them out of morbid curiosity I guess.

111

+    - run: |

112

+        make -k check || :

113

+    - run: make install DESTDIR="${PWD}/root/"

114

115

diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml

116

new file mode 100644

117

index 0000000..0cdfec2

118

--- /dev/null

119

+++ b/.github/workflows/coverity.yml

120

@@ -0,0 +1,52 @@

121

+# GitHub actions workflow.

122

+# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions

123

+

124

+# https://scan.coverity.com/projects/gentoo-pax-utils

125

+name: Coverity Scan

126

+

127

+on:

128

+  push:

129

+    branches: [master]

130

+

131

+jobs:

132

+  coverity:

133

+    strategy:

134

+      matrix:

135

+        os: [ubuntu-latest]

136

+        cc: [gcc]

137

+    runs-on: ${{ matrix.os }}

138

+    env:

139

+      COVERITY_EMAIL: vapier@g.o

140

+      COVERITY_PROJECT: gentoo%2Fpax-utils

141

+      CC: ${{ matrix.cc }}

142

+    steps:

143

+    - uses: actions/checkout@v2

144

+

145

+    - name: Download Coverity Build Tool

146

+      run: |

147

+        wget -nv https://scan.coverity.com/download/cxx/linux64 \

148

+          --post-data "token=${TOKEN}&project=${COVERITY_PROJECT}" \

149

+          -O cov-analysis-linux64.tar.gz

150

+        mkdir cov-analysis

151

+        tar -xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis

152

+      env:

153

+        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}

154

+

155

+    - name: Build with cov-build

156

+      run: |

157

+        export PATH="${PWD}/cov-analysis/bin:${PATH}"

158

+        cov-build --dir cov-int make

159

+

160

+    - name: Submit the result to Coverity Scan

161

+      run: |

162

+        tar -czvf cov-int.tgz cov-int

163

+        curl \

164

+          --form project="${COVERITY_PROJECT}" \

165

+          --form token="${TOKEN}" \

166

+          --form email="${COVERITY_EMAIL}" \

167

+          --form file=@cov-int.tgz \

168

+          --form version="${GITHUB_SHA}" \

169

+          --form description="pax-utils git" \

170

+          "https://scan.coverity.com/builds?project=${COVERITY_PROJECT}"

171

+      env:

172

+        TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}

173

174

diff --git a/.travis.yml b/.travis.yml

175

deleted file mode 100644

176

index f8b90cf..0000000

177

--- a/.travis.yml

178

+++ /dev/null

179

@@ -1,33 +0,0 @@

180

-# Travis build integration.

181

-# https://docs.travis-ci.com/

182

-

183

-language: c

184

-# Order here matters for implicit matrix generation and coverity scan.

185

-# See travis/main.sh for details.

186

-compiler:

187

-  - gcc

188

-  - clang

189

-

190

-sudo: false

191

-

192

-# Order here matters; see compiler comment above.

193

-os:

194

-  - linux

195

-  - osx

196

-

197

-# Travis currently uses Ubuntu 12.04 (Precise) which is too old: it does

198

-# not include pyelftools.  Disable until they update.

199

-env:

200

-  global:

201

-    - USE_PYTHON=no

202

-    - secure: "ePjz/xsdTlf0lhdZtANITiAk2lBAA9wwzB5PK/9aR5i1eBfjgXQgIJLY1y7Lqa4WU8TnSF2mwzd0pYgb320lQMC5rP7aEMAqxVZeG9WmFjet2G5vQ48tDhEJzzDhOpfvQyPehiWqLL6RUhNjE8+kpdK74P7oUFJVIuoQkUn2EuW9eUD9hV6z6tS60C0F4COdE/6DPnBySmqvjm9r9Sdfz1flCI2FXoV7MrrqrwLIx3OMtHmqmM9vGF1d2rGXRADVEGL+ldx9KvdfTLddXhWkCuHZil9YMvQLu0+gTK/g3V02Gh1/xrKmTa6v2RDqimCYDGKdHn0An+tQShYqk2JqJfzvPeysGS8lWfQePaEnHnf6niQN6h4078Ru5jH3D6AFjInrdPEOS3UZsbrJ//7hhUdiHONeQZcVcCVk7bvaJoanjjI9hJaPQXc72u81uyjlXaTOEj/znOAV92WyTaR62cT5r0GR+R7Jp214YR1IyAIB63zQVw2QCNi6W2HpyUEo3d2fOdJdaPwPQL52GxD/i3h4uGh1orYdRL4s/tdqwvYHklE2AGrEAboq2pIkmVirWH9+3+vRTnZ+fyoXD6dqDa0QvkN0pxEwmFy0IvbvTUA+0k6iplDVY21hqoid2OUpus+LjdXT2QALsY9OfMvMPdUaoFSTzWFm1jwZBPqlZN0="

203

-

204

-# Note: OS X deps are maintained in .travis.sh until Travis supports it here.

205

-addons:

206

-  apt:

207

-    packages:

208

-    - autoconf-archive

209

-    - gnulib

210

-    - xmlto

211

-

212

-script: ./travis/main.sh

213

214

diff --git a/Makefile b/Makefile

215

index bb6f167..2585933 100644

216

--- a/Makefile

217

+++ b/Makefile

218

@@ -184,7 +184,7 @@ endif

219

 PN = pax-utils

220

 P = $(PN)-$(PV)

221

 dist:

222

-	./make-tarball.sh $(DISTCHECK) $(PV)

223

+	./make-tarball.sh $(SHELL_TRACE) $(DISTCHECK) $(PV)

224

 distcheck:

225

 	$(MAKE) dist DISTCHECK=--check

226

227

@@ -200,7 +200,7 @@ check test:

228

#

229

 GEN_MARK_START = \# @@@ GEN START @@@ \#

230

 GEN_MARK_END   = \# @@@ GEN END @@@ \#

231

-EXTRA_DIST     = $(shell git ls-files | grep -v ^travis/)

232

+EXTRA_DIST     = $(shell git ls-files | grep -v -E '^(\.github|travis)/')

233

 autotools-update:

234

 	$(MAKE) -C man -j

235

 	sed -i.tmp '/^$(GEN_MARK_START)$$/,/^$(GEN_MARK_END)$$/d' Makefile.am

236

@@ -219,6 +219,6 @@ autotools:

237

 ifeq ($(SKIP_AUTOTOOLS_UPDATE),)

238

 	$(MAKE) autotools-update

239

 endif

240

-	./autogen.sh --from=make

241

+	./autogen.sh $(SHELL_TRACE) --from=make

242

243

 .PHONY: autotools autotools-update _autotools-update

244

245

diff --git a/Makefile.am b/Makefile.am

246

index 748a7ca..2626b37 100644

247

--- a/Makefile.am

248

+++ b/Makefile.am

249

@@ -54,7 +54,6 @@ EXTRA_DIST += \

250

 	.depend \

251

 	.gitignore \

252

 	.pylintrc \

253

-	.travis.yml \

254

 	BUGS \

255

 	COPYING \

256

 	Makefile \

257

258

diff --git a/README.md b/README.md

259

index 6f2a3e7..7696374 100644

260

--- a/README.md

261

+++ b/README.md

262

@@ -5,7 +5,7 @@

263

 | HOMEPAGE | https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities   |

264

 | GIT      | git clone git://anongit.gentoo.org/proj/pax-utils.git |

265

 | VIEWVCS  | https://gitweb.gentoo.org/proj/pax-utils.git/         |

266

-| STATUS   | [![Build Status](https://travis-ci.org/gentoo/pax-utils.svg?branch=master)](https://travis-ci.org/gentoo/pax-utils) [![Coverity Status](https://scan.coverity.com/projects/9213/badge.svg)](https://scan.coverity.com/projects/gentoo-pax-utils) |

267

+| STATUS   | [![Build Status](https://github.com/gentoo/pax-utils/actions/workflows/build-test-ci/badge.svg) [![Coverity Status](https://scan.coverity.com/projects/9213/badge.svg)](https://scan.coverity.com/projects/gentoo-pax-utils) |

268

269

 pax-utils is a small set of utilities for peforming Q/A (mostly security)

270

 checks on systems (most notably, `scanelf`).  It is focused on the ELF

271

272

diff --git a/autogen.sh b/autogen.sh

273

index a21b8e5..734596a 100755

274

--- a/autogen.sh

275

+++ b/autogen.sh

276

@@ -1,7 +1,5 @@

277

 #!/bin/bash -e

278

279

-. "${0%/*}"/travis/lib.sh

280

-

281

 # NB: This script is normally run in a GNU environment (e.g. Linux), but we also run it on other

282

 # systems (e.g. macOS) as part of our automated CI.  So a little care must be taken.

283

284

@@ -26,13 +24,13 @@ if [[ $# -ne 0 ]] ; then

285

 	exit 1

286

fi

287

288

-v rm -rf autotools

289

+rm -rf autotools

290

 if [[ ${FROM_TOOL} != "make" ]] ; then

291

-	v ${MAKE} autotools-update

292

+	${MAKE} autotools-update

293

fi

294

295

 # reload the gnulib code if possible

296

-PATH=/usr/local/src/gnu/gnulib:${PATH}

297

+PATH="${PWD}/gnulib:${PWD}/../gnulib:/usr/local/src/gnu/gnulib:${PATH}"

298

 mods="

299

 	alloca

300

 	euidaccess

301

@@ -57,13 +55,13 @@ mods="

302

 	utimensat

303

 	vasprintf-posix

304

"

305

-v --fold="gnulib-tool" gnulib-tool \

306

+gnulib-tool \

307

 	--source-base=autotools/gnulib --m4-base=autotools/m4 \

308

 	--import \

309

 	${mods}

310

311

 # not everyone has sys-devel/autoconf-archive installed

312

-v tar xf travis/autotools.tar.xz

313

+tar xf travis/autotools.tar.xz

314

 has() { [[ " ${*:2} " == *" $1 "* ]] ; }

315

 import_ax() {

316

 	local macro content m4 lm4s=()

317

@@ -89,7 +87,7 @@ while [[ ${curr} -ne ${new} ]] ; do

318

 done

319

320

 export AUTOMAKE="automake --foreign"

321

-v autoreconf -i -f

322

+autoreconf -i -f

323

324

 if [[ -x ./test.sh ]] ; then

325

 	exec ./test.sh "$@"

326

327

diff --git a/travis/lib.sh b/travis/lib.sh

328

deleted file mode 100644

329

index 687ed41..0000000

330

--- a/travis/lib.sh

331

+++ /dev/null

332

@@ -1,38 +0,0 @@

333

-#!/bin/bash

334

-# Common funcs for working w/Travis.

335

-

336

-travis_fold() {

337

-	if [[ -n ${TRAVIS_OS_NAME} ]] ; then

338

-		printf 'travis_fold:%s:%s\r\n' "$@" | sed 's: :_:g'

339

-	fi

340

-}

341

-

342

-if [[ -n ${TRAVIS_OS_NAME} ]] ; then

343

-	whitebg=$(tput setab 7)

344

-	blackfg=$(tput setaf 0)

345

-	normal=$(tput sgr0)

346

-else

347

-	whitebg=

348

-	blackbg=

349

-	normal=

350

-fi

351

-v() {

352

-	local fold=""

353

-	case $1 in

354

-	--fold=*) fold=${1:7}; shift;;

355

-	esac

356

-	if [[ -n ${fold} ]] ; then

357

-		travis_fold start "${fold}"

358

-		echo "\$ $*"

359

-		"$@"

360

-		travis_fold end "${fold}"

361

-	else

362

-		echo "${whitebg}${blackfg}\$ $*${normal}"

363

-		"$@"

364

-	fi

365

-}

366

-

367

-ncpus=$(getconf _NPROCESSORS_ONLN)

368

-m() {

369

-	v make -j${ncpus} "$@"

370

-}

371

372

diff --git a/travis/main.sh b/travis/main.sh

373

deleted file mode 100755

374

index 50e8a2f..0000000

375

--- a/travis/main.sh

376

+++ /dev/null

377

@@ -1,75 +0,0 @@

378

-#!/bin/bash -e

379

-

380

-. "${0%/*}"/lib.sh

381

-

382

-# We have to do this by hand rather than use the coverity addon because of

383

-# matrix explosion: https://github.com/travis-ci/travis-ci/issues/1975

384

-# We also do it by hand because when we're throttled, the addon will exit

385

-# the build immediately and skip the main script!

386

-coverity_scan() {

387

-	local reason

388

-	[[ ${TRAVIS_JOB_NUMBER} != *.1 ]] && reason="not first build job"

389

-	[[ -n ${TRAVIS_TAG} ]] && reason="git tag"

390

-	[[ ${TRAVIS_PULL_REQUEST} == "true" ]] && reason="pull request"

391

-	if [[ -n ${reason} ]] ; then

392

-		echo "Skipping coverity scan due to: ${reason}"

393

-		return

394

-	fi

395

-

396

-	export COVERITY_SCAN_PROJECT_NAME="${TRAVIS_REPO_SLUG}"

397

-	export COVERITY_SCAN_NOTIFICATION_EMAIL="vapier@g.o"

398

-	export COVERITY_SCAN_BUILD_COMMAND="make -j${ncpus}"

399

-	export COVERITY_SCAN_BUILD_COMMAND_PREPEND="git clean -q -x -d -f; git checkout -f"

400

-	export COVERITY_SCAN_BRANCH_PATTERN="master"

401

-

402

-	curl -s "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" | bash || :

403

-}

404

-

405

-main() {

406

-	if [[ ${TRAVIS_OS_NAME} == "osx" ]] ; then

407

-		# Note: Linux deps are maintained in .travis.yml.

408

-		v --fold="brew_update" brew update

409

-		v --fold="brew_install" brew install xmlto xz

410

-	fi

411

-

412

-	# See if we have to bootstrap gnulib.  This is the case on OS X, and on

413

-	# Linux until they whitelist the package:

414

-	# https://github.com/travis-ci/apt-package-whitelist/issues/727

415

-	if ! gnulib-tool --version >&/dev/null ; then

416

-		if [[ ! -d ../gnulib ]] ; then

417

-			v --fold="git_clone_gnulib" \

418

-				git clone --depth=1 https://github.com/coreutils/gnulib.git ../gnulib

419

-		else

420

-			pushd ../gnulib

421

-			v --fold="git_pull_gnulib" git pull

422

-			popd

423

-		fi

424

-		export PATH="${PATH}:${PWD}/../gnulib"

425

-	fi

426

-

427

-	if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then

428

-		# Standard optimized build.

429

-		m

430

-		m check

431

-

432

-		# Debug build w/ASAN and such enabled.

433

-		m debug

434

-		m check

435

-	fi

436

-

437

-	# Autotools based build.

438

-	v ./autogen.sh

439

-	if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then

440

-		v --fold="configure" ./configure

441

-		m V=1 distcheck

442

-	else

443

-		# ELF checks don't work on OS X -- no ELFs!

444

-		v ./configure

445

-		m V=1

446

-	fi

447

-

448

-	# Do scans last as they like to dirty the tree and some tests

449

-	# expect a clean tree (like code style checks).

450

-	v --fold="coverity_scan" coverity_scan

451

-}

452

-main "$@"

1	commit: 22e3de54dee0d4efa6c3d14753f847677f0e8d98
2	Author: Mike Frysinger <vapier <AT> chromium <DOT> org>
3	AuthorDate: Mon Oct 4 17:31:53 2021 +0000
4	Commit: Mike Frysinger <vapier <AT> gentoo <DOT> org>
5	CommitDate: Mon Oct 4 22:26:21 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=22e3de54
7
8	migrate from Travis to GH actions
9
10	Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org>
11
12	.github/workflows/build-test-ci.yml \| 85 +++++++++++++++++++++++++++++++++++++
13	.github/workflows/coverity.yml \| 52 +++++++++++++++++++++++
14	.travis.yml \| 33 --------------
15	Makefile \| 6 +--
16	Makefile.am \| 1 -
17	README.md \| 2 +-
18	autogen.sh \| 14 +++---
19	travis/lib.sh \| 38 -----------------
20	travis/main.sh \| 75 --------------------------------
21	9 files changed, 147 insertions(+), 159 deletions(-)
22
23	diff --git a/.github/workflows/build-test-ci.yml b/.github/workflows/build-test-ci.yml
24	new file mode 100644
25	index 0000000..e23f0a3
26	--- /dev/null
27	+++ b/.github/workflows/build-test-ci.yml
28	@@ -0,0 +1,85 @@
29	+# GitHub actions workflow.
30	+# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
31	+
32	+name: Build+Test CI
33	+
34	+on:
35	+ push:
36	+ branches: [master, gh-actions]
37	+ tags: [v*]
38	+ pull_request:
39	+ types: [opened]
40	+ branches: [master]
41	+
42	+jobs:
43	+ make:
44	+ strategy:
45	+ matrix:
46	+ os: [ubuntu-latest]
47	+ cc: [gcc, clang]
48	+ runs-on: ${{ matrix.os }}
49	+ env:
50	+ CC: ${{ matrix.cc }}
51	+ steps:
52	+ - name: Install dependencies
53	+ run: sudo apt-get install -y python3-pyelftools
54	+ - uses: actions/checkout@v2
55	+ # Hack up the man pages as installing xmlto is very expensive.
56	+ # We'll test this in the autotools builder instead.
57	+ - name: Hack man pages
58	+ run: echo man/*.docbook \| sed s:docbook:1:g \| xargs touch
59	+ - run: make
60	+ - run: make check
61	+ - run: make install DESTDIR="${PWD}/root/"
62	+ - run: make debug
63	+ - run: make check
64	+
65	+ autotools-distcheck-linux:
66	+ strategy:
67	+ matrix:
68	+ os: [ubuntu-latest]
69	+ cc: [gcc, clang]
70	+ runs-on: ${{ matrix.os }}
71	+ env:
72	+ CC: ${{ matrix.cc }}
73	+ steps:
74	+ - name: Install dependencies
75	+ run: sudo apt-get install -y python3-pyelftools xmlto
76	+ - name: Checkout gnulib
77	+ uses: actions/checkout@v2
78	+ with:
79	+ repository: coreutils/gnulib
80	+ path: gnulib
81	+ - run: mv gnulib ..
82	+ - uses: actions/checkout@v2
83	+ - run: make distcheck SHELL_TRACE=-x PV=git PATH="${PWD}/../gnulib:${PATH}"
84	+
85	+ autotools-build-macos:
86	+ strategy:
87	+ matrix:
88	+ os: [macos-latest]
89	+ cc: [clang]
90	+ runs-on: ${{ matrix.os }}
91	+ env:
92	+ CC: ${{ matrix.cc }}
93	+ steps:
94	+ - name: Install dependencies
95	+ run: brew install autoconf automake docbook libtool xmlto xz
96	+ - name: Checkout gnulib
97	+ uses: actions/checkout@v2
98	+ with:
99	+ repository: coreutils/gnulib
100	+ path: gnulib
101	+ - run: mv gnulib ..
102	+ - uses: actions/checkout@v2
103	+ # We don't run the whole distcheck flow because we don't want or need to
104	+ # rebuild the tarball, and that flow also runs the basic Linux+make which
105	+ # blows up wonderfully everywhere else.
106	+ - run: make autotools SHELL_TRACE=-x
107	+ - run: ./configure
108	+ - run: make
109	+ # The unittests generally assume a Linux ELF host, so don't bother making
110	+ # sure they pass on macOS. Run them out of morbid curiosity I guess.
111	+ - run: \|
112	+ make -k check \|\| :
113	+ - run: make install DESTDIR="${PWD}/root/"
114
115	diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml
116	new file mode 100644
117	index 0000000..0cdfec2
118	--- /dev/null
119	+++ b/.github/workflows/coverity.yml
120	@@ -0,0 +1,52 @@
121	+# GitHub actions workflow.
122	+# https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
123	+
124	+# https://scan.coverity.com/projects/gentoo-pax-utils
125	+name: Coverity Scan
126	+
127	+on:
128	+ push:
129	+ branches: [master]
130	+
131	+jobs:
132	+ coverity:
133	+ strategy:
134	+ matrix:
135	+ os: [ubuntu-latest]
136	+ cc: [gcc]
137	+ runs-on: ${{ matrix.os }}
138	+ env:
139	+ COVERITY_EMAIL: vapier@g.o
140	+ COVERITY_PROJECT: gentoo%2Fpax-utils
141	+ CC: ${{ matrix.cc }}
142	+ steps:
143	+ - uses: actions/checkout@v2
144	+
145	+ - name: Download Coverity Build Tool
146	+ run: \|
147	+ wget -nv https://scan.coverity.com/download/cxx/linux64 \
148	+ --post-data "token=${TOKEN}&project=${COVERITY_PROJECT}" \
149	+ -O cov-analysis-linux64.tar.gz
150	+ mkdir cov-analysis
151	+ tar -xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis
152	+ env:
153	+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
154	+
155	+ - name: Build with cov-build
156	+ run: \|
157	+ export PATH="${PWD}/cov-analysis/bin:${PATH}"
158	+ cov-build --dir cov-int make
159	+
160	+ - name: Submit the result to Coverity Scan
161	+ run: \|
162	+ tar -czvf cov-int.tgz cov-int
163	+ curl \
164	+ --form project="${COVERITY_PROJECT}" \
165	+ --form token="${TOKEN}" \
166	+ --form email="${COVERITY_EMAIL}" \
167	+ --form file=@cov-int.tgz \
168	+ --form version="${GITHUB_SHA}" \
169	+ --form description="pax-utils git" \
170	+ "https://scan.coverity.com/builds?project=${COVERITY_PROJECT}"
171	+ env:
172	+ TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }}
173
174	diff --git a/.travis.yml b/.travis.yml
175	deleted file mode 100644
176	index f8b90cf..0000000
177	--- a/.travis.yml
178	+++ /dev/null
179	@@ -1,33 +0,0 @@
180	-# Travis build integration.
181	-# https://docs.travis-ci.com/
182	-
183	-language: c
184	-# Order here matters for implicit matrix generation and coverity scan.
185	-# See travis/main.sh for details.
186	-compiler:
187	- - gcc
188	- - clang
189	-
190	-sudo: false
191	-
192	-# Order here matters; see compiler comment above.
193	-os:
194	- - linux
195	- - osx
196	-
197	-# Travis currently uses Ubuntu 12.04 (Precise) which is too old: it does
198	-# not include pyelftools. Disable until they update.
199	-env:
200	- global:
201	- - USE_PYTHON=no
202	- - secure: "ePjz/xsdTlf0lhdZtANITiAk2lBAA9wwzB5PK/9aR5i1eBfjgXQgIJLY1y7Lqa4WU8TnSF2mwzd0pYgb320lQMC5rP7aEMAqxVZeG9WmFjet2G5vQ48tDhEJzzDhOpfvQyPehiWqLL6RUhNjE8+kpdK74P7oUFJVIuoQkUn2EuW9eUD9hV6z6tS60C0F4COdE/6DPnBySmqvjm9r9Sdfz1flCI2FXoV7MrrqrwLIx3OMtHmqmM9vGF1d2rGXRADVEGL+ldx9KvdfTLddXhWkCuHZil9YMvQLu0+gTK/g3V02Gh1/xrKmTa6v2RDqimCYDGKdHn0An+tQShYqk2JqJfzvPeysGS8lWfQePaEnHnf6niQN6h4078Ru5jH3D6AFjInrdPEOS3UZsbrJ//7hhUdiHONeQZcVcCVk7bvaJoanjjI9hJaPQXc72u81uyjlXaTOEj/znOAV92WyTaR62cT5r0GR+R7Jp214YR1IyAIB63zQVw2QCNi6W2HpyUEo3d2fOdJdaPwPQL52GxD/i3h4uGh1orYdRL4s/tdqwvYHklE2AGrEAboq2pIkmVirWH9+3+vRTnZ+fyoXD6dqDa0QvkN0pxEwmFy0IvbvTUA+0k6iplDVY21hqoid2OUpus+LjdXT2QALsY9OfMvMPdUaoFSTzWFm1jwZBPqlZN0="
203	-
204	-# Note: OS X deps are maintained in .travis.sh until Travis supports it here.
205	-addons:
206	- apt:
207	- packages:
208	- - autoconf-archive
209	- - gnulib
210	- - xmlto
211	-
212	-script: ./travis/main.sh
213
214	diff --git a/Makefile b/Makefile
215	index bb6f167..2585933 100644
216	--- a/Makefile
217	+++ b/Makefile
218	@@ -184,7 +184,7 @@ endif
219	PN = pax-utils
220	P = $(PN)-$(PV)
221	dist:
222	- ./make-tarball.sh $(DISTCHECK) $(PV)
223	+ ./make-tarball.sh $(SHELL_TRACE) $(DISTCHECK) $(PV)
224	distcheck:
225	$(MAKE) dist DISTCHECK=--check
226
227	@@ -200,7 +200,7 @@ check test:
228	#
229	GEN_MARK_START = \# @@@ GEN START @@@ \#
230	GEN_MARK_END = \# @@@ GEN END @@@ \#
231	-EXTRA_DIST = $(shell git ls-files \| grep -v ^travis/)
232	+EXTRA_DIST = $(shell git ls-files \| grep -v -E '^(\.github\|travis)/')
233	autotools-update:
234	$(MAKE) -C man -j
235	sed -i.tmp '/^$(GEN_MARK_START)$$/,/^$(GEN_MARK_END)$$/d' Makefile.am
236	@@ -219,6 +219,6 @@ autotools:
237	ifeq ($(SKIP_AUTOTOOLS_UPDATE),)
238	$(MAKE) autotools-update
239	endif
240	- ./autogen.sh --from=make
241	+ ./autogen.sh $(SHELL_TRACE) --from=make
242
243	.PHONY: autotools autotools-update _autotools-update
244
245	diff --git a/Makefile.am b/Makefile.am
246	index 748a7ca..2626b37 100644
247	--- a/Makefile.am
248	+++ b/Makefile.am
249	@@ -54,7 +54,6 @@ EXTRA_DIST += \
250	.depend \
251	.gitignore \
252	.pylintrc \
253	- .travis.yml \
254	BUGS \
255	COPYING \
256	Makefile \
257
258	diff --git a/README.md b/README.md
259	index 6f2a3e7..7696374 100644
260	--- a/README.md
261	+++ b/README.md
262	@@ -5,7 +5,7 @@
263	\| HOMEPAGE \| https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities \|
264	\| GIT \| git clone git://anongit.gentoo.org/proj/pax-utils.git \|
265	\| VIEWVCS \| https://gitweb.gentoo.org/proj/pax-utils.git/ \|
266	-\| STATUS \| [![Build Status](https://travis-ci.org/gentoo/pax-utils.svg?branch=master)](https://travis-ci.org/gentoo/pax-utils) [![Coverity Status](https://scan.coverity.com/projects/9213/badge.svg)](https://scan.coverity.com/projects/gentoo-pax-utils) \|
267	+\| STATUS \| [![Build Status](https://github.com/gentoo/pax-utils/actions/workflows/build-test-ci/badge.svg) [![Coverity Status](https://scan.coverity.com/projects/9213/badge.svg)](https://scan.coverity.com/projects/gentoo-pax-utils) \|
268
269	pax-utils is a small set of utilities for peforming Q/A (mostly security)
270	checks on systems (most notably, `scanelf`). It is focused on the ELF
271
272	diff --git a/autogen.sh b/autogen.sh
273	index a21b8e5..734596a 100755
274	--- a/autogen.sh
275	+++ b/autogen.sh
276	@@ -1,7 +1,5 @@
277	#!/bin/bash -e
278
279	-. "${0%/*}"/travis/lib.sh
280	-
281	# NB: This script is normally run in a GNU environment (e.g. Linux), but we also run it on other
282	# systems (e.g. macOS) as part of our automated CI. So a little care must be taken.
283
284	@@ -26,13 +24,13 @@ if [[ $# -ne 0 ]] ; then
285	exit 1
286	fi
287
288	-v rm -rf autotools
289	+rm -rf autotools
290	if [[ ${FROM_TOOL} != "make" ]] ; then
291	- v ${MAKE} autotools-update
292	+ ${MAKE} autotools-update
293	fi
294
295	# reload the gnulib code if possible
296	-PATH=/usr/local/src/gnu/gnulib:${PATH}
297	+PATH="${PWD}/gnulib:${PWD}/../gnulib:/usr/local/src/gnu/gnulib:${PATH}"
298	mods="
299	alloca
300	euidaccess
301	@@ -57,13 +55,13 @@ mods="
302	utimensat
303	vasprintf-posix
304	"
305	-v --fold="gnulib-tool" gnulib-tool \
306	+gnulib-tool \
307	--source-base=autotools/gnulib --m4-base=autotools/m4 \
308	--import \
309	${mods}
310
311	# not everyone has sys-devel/autoconf-archive installed
312	-v tar xf travis/autotools.tar.xz
313	+tar xf travis/autotools.tar.xz
314	has() { [[ " ${:2} " == " $1 "* ]] ; }
315	import_ax() {
316	local macro content m4 lm4s=()
317	@@ -89,7 +87,7 @@ while [[ ${curr} -ne ${new} ]] ; do
318	done
319
320	export AUTOMAKE="automake --foreign"
321	-v autoreconf -i -f
322	+autoreconf -i -f
323
324	if [[ -x ./test.sh ]] ; then
325	exec ./test.sh "$@"
326
327	diff --git a/travis/lib.sh b/travis/lib.sh
328	deleted file mode 100644
329	index 687ed41..0000000
330	--- a/travis/lib.sh
331	+++ /dev/null
332	@@ -1,38 +0,0 @@
333	-#!/bin/bash
334	-# Common funcs for working w/Travis.
335	-
336	-travis_fold() {
337	- if [[ -n ${TRAVIS_OS_NAME} ]] ; then
338	- printf 'travis_fold:%s:%s\r\n' "$@" \| sed 's: :_:g'
339	- fi
340	-}
341	-
342	-if [[ -n ${TRAVIS_OS_NAME} ]] ; then
343	- whitebg=$(tput setab 7)
344	- blackfg=$(tput setaf 0)
345	- normal=$(tput sgr0)
346	-else
347	- whitebg=
348	- blackbg=
349	- normal=
350	-fi
351	-v() {
352	- local fold=""
353	- case $1 in
354	- --fold=*) fold=${1:7}; shift;;
355	- esac
356	- if [[ -n ${fold} ]] ; then
357	- travis_fold start "${fold}"
358	- echo "\$ $*"
359	- "$@"
360	- travis_fold end "${fold}"
361	- else
362	- echo "${whitebg}${blackfg}\$ $*${normal}"
363	- "$@"
364	- fi
365	-}
366	-
367	-ncpus=$(getconf _NPROCESSORS_ONLN)
368	-m() {
369	- v make -j${ncpus} "$@"
370	-}
371
372	diff --git a/travis/main.sh b/travis/main.sh
373	deleted file mode 100755
374	index 50e8a2f..0000000
375	--- a/travis/main.sh
376	+++ /dev/null
377	@@ -1,75 +0,0 @@
378	-#!/bin/bash -e
379	-
380	-. "${0%/*}"/lib.sh
381	-
382	-# We have to do this by hand rather than use the coverity addon because of
383	-# matrix explosion: https://github.com/travis-ci/travis-ci/issues/1975
384	-# We also do it by hand because when we're throttled, the addon will exit
385	-# the build immediately and skip the main script!
386	-coverity_scan() {
387	- local reason
388	- [[ ${TRAVIS_JOB_NUMBER} != *.1 ]] && reason="not first build job"
389	- [[ -n ${TRAVIS_TAG} ]] && reason="git tag"
390	- [[ ${TRAVIS_PULL_REQUEST} == "true" ]] && reason="pull request"
391	- if [[ -n ${reason} ]] ; then
392	- echo "Skipping coverity scan due to: ${reason}"
393	- return
394	- fi
395	-
396	- export COVERITY_SCAN_PROJECT_NAME="${TRAVIS_REPO_SLUG}"
397	- export COVERITY_SCAN_NOTIFICATION_EMAIL="vapier@g.o"
398	- export COVERITY_SCAN_BUILD_COMMAND="make -j${ncpus}"
399	- export COVERITY_SCAN_BUILD_COMMAND_PREPEND="git clean -q -x -d -f; git checkout -f"
400	- export COVERITY_SCAN_BRANCH_PATTERN="master"
401	-
402	- curl -s "https://scan.coverity.com/scripts/travisci_build_coverity_scan.sh" \| bash \|\| :
403	-}
404	-
405	-main() {
406	- if [[ ${TRAVIS_OS_NAME} == "osx" ]] ; then
407	- # Note: Linux deps are maintained in .travis.yml.
408	- v --fold="brew_update" brew update
409	- v --fold="brew_install" brew install xmlto xz
410	- fi
411	-
412	- # See if we have to bootstrap gnulib. This is the case on OS X, and on
413	- # Linux until they whitelist the package:
414	- # https://github.com/travis-ci/apt-package-whitelist/issues/727
415	- if ! gnulib-tool --version >&/dev/null ; then
416	- if [[ ! -d ../gnulib ]] ; then
417	- v --fold="git_clone_gnulib" \
418	- git clone --depth=1 https://github.com/coreutils/gnulib.git ../gnulib
419	- else
420	- pushd ../gnulib
421	- v --fold="git_pull_gnulib" git pull
422	- popd
423	- fi
424	- export PATH="${PATH}:${PWD}/../gnulib"
425	- fi
426	-
427	- if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then
428	- # Standard optimized build.
429	- m
430	- m check
431	-
432	- # Debug build w/ASAN and such enabled.
433	- m debug
434	- m check
435	- fi
436	-
437	- # Autotools based build.
438	- v ./autogen.sh
439	- if [[ ${TRAVIS_OS_NAME} == "linux" ]] ; then
440	- v --fold="configure" ./configure
441	- m V=1 distcheck
442	- else
443	- # ELF checks don't work on OS X -- no ELFs!
444	- v ./configure
445	- m V=1
446	- fi
447	-
448	- # Do scans last as they like to dirty the tree and some tests
449	- # expect a clean tree (like code style checks).
450	- v --fold="coverity_scan" coverity_scan
451	-}
452	-main "$@"

Gentoo Archives: gentoo-commits