diff --git a/.github/jobs/configure-checks/all.bats b/.github/jobs/configure-checks/all.bats index 0ac60eae40..ff1b85db91 100755 --- a/.github/jobs/configure-checks/all.bats +++ b/.github/jobs/configure-checks/all.bats @@ -10,12 +10,24 @@ cmd="apt-get" if [ "$distro_id" = "ID=fedora" ]; then cmd=dnf fi +if [ "$distro_id" = "ID=arch" ]; then + cmd=pacman --non-interactive +fi +if [ "$distro_id" = 'ID="opensuse-leap"' ]; then + cmd=zypper +fi translate () { args="$@" - if [ "$distro_id" = "ID=fedora" ]; then + if [ "$distro_id" = 'ID="opensuse-leap"' ]; then + args=${args/g++/gcc-c++} + fi + if [ "$distro_id" = "ID=fedora" ] || [ "$distro_id" = 'ID="opensuse-leap"' ]; then args=${args/libcgroup-dev/libcgroup-devel} fi + if [ "$distro_id" = "ID=arch" ]; then + args=${args/libcgroup-dev/} + fi echo "$args" } @@ -37,6 +49,9 @@ setup() { if [ "$distro_id" = "ID=fedora" ]; then repo-install httpd fi + if [ "$distro_id" = 'ID="opensuse-leap"' ]; then + repo-install apache2 + fi repo-install gcc g++ libcgroup-dev composer } @@ -46,16 +61,36 @@ run_configure () { repo-install () { args=$(translate $@) - ${cmd} install $args -y >/dev/null + if [ "$distro_id" = "ID=arch" ]; then + ${cmd} $args -Sy --noconfirm >/dev/null + else + ${cmd} install -y $args >/dev/null + fi } + repo-remove () { args=$(translate $@) - ${cmd} remove $args -y #>/dev/null + if [ "$distro_id" = 'ID="opensuse-leap"' ]; then + ${cmd} remove -y $args >/dev/null || ret="$?" + if [ "$ret" -ne "104" ]; then + return $? + fi + else + ${cmd} remove -y $args #>/dev/null + fi if [ "$distro_id" != "ID=fedora" ]; then apt-get autoremove -y 2>/dev/null fi } +run_user_stderr () { + su $u -c "$*" 2>&1 +} + +run_stderr () { + run "$* 2>&1" +} + @test "Default empty configure" { # cleanup from earlier runs repo-remove gcc g++ clang @@ -111,7 +146,7 @@ compile_assertions_finished () { } @test "Install GNU C only" { - if [ "$distro_id" = "ID=fedora" ]; then + if [ "$distro_id" = "ID=fedora" ] || [ "$distro_id" = "ID=arch" ]; then # Fedora ships with a gcc with enough C++ support skip fi @@ -418,6 +453,7 @@ compile_assertions_finished () { assert_line " * judgehost...........: /opt/domjudge/judgehost" assert_line " * runguard group......: domjudge-run" run make domserver + assert_regex "^.*cp -a vendor/nelmio/api-doc-bundle/public/\* public/bundles/nelmioapidoc.*$" assert_success run make judgehost assert_success @@ -458,3 +494,84 @@ compile_assertions_finished () { run make judgehost assert_failure } + +#@test "'Make distclean' has all permissions" { +# +# +# +# if [ "$distro_id" = "ID=fedora" ]; then +# +# +# # Fails as libraries are not found +# +# +# skip +# +# +# fi +# +# +# setup +# +# +# run run_configure +# +# +# run_user_stderr make domserver +# +# +# make install-domserver +# +# +# run_user_stderr make distclean +# +# +# refute_partial "cannot remove" +# +# +# refute_partial "Permission denied" +# +# +# assert_success +# +# +#} +# +# +# +# +# +#@test "'Make distclean' has permission errors" { +# +# +# if [ "$distro_id" = "ID=fedora" ]; then +# +# +# # Fails as libraries are not found +# +# +# skip +# +# +# fi +# +# +# setup +# +# +# run run_configure +# +# +# run_stderr make install-domserver +# +# +# run_user_stderr make distclean +# +# +# assert_partial "cannot remove" +# +# +# assert_partial "Permission denied" +# +# +#} diff --git a/.github/jobs/configure-checks/setup_configure_image.sh b/.github/jobs/configure-checks/setup_configure_image.sh index b3bdcad686..10e84b6ed9 100755 --- a/.github/jobs/configure-checks/setup_configure_image.sh +++ b/.github/jobs/configure-checks/setup_configure_image.sh @@ -6,18 +6,19 @@ distro_id=$(grep "^ID=" /etc/os-release) # Install everything for configure and testing case $distro_id in + "ID=arch") + pacman -Sy --noconfirm make bats tar ;; "ID=fedora") - dnf install pkg-config make bats autoconf automake util-linux -y ;; + dnf install make bats -y ;; + 'ID="opensuse-leap"') + zypper install -y make bats ;; *) apt-get update; apt-get full-upgrade -y - apt-get install pkg-config make bats autoconf -y ;; + apt-get install make bats -y ;; esac -# Build the configure file -make configure - # Install extra assert statements for bots cp submit/assert.bash .github/jobs/configure-checks/ # Run the configure tests for this usecase -test_path="/__w/domjudge/domjudge" bats .github/jobs/configure-checks/all.bats +test_path="/__w/domjudge/domjudge/release" bats .github/jobs/configure-checks/all.bats diff --git a/.github/workflows/autoconf-check-different-distro.yml b/.github/workflows/autoconf-check-different-distro.yml deleted file mode 100644 index 76597171e4..0000000000 --- a/.github/workflows/autoconf-check-different-distro.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Check autoconf (Other distros) -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - redhat-family: - strategy: - matrix: - version: [latest] - os: [fedora] - runs-on: ubuntu-latest - container: - image: ${{ matrix.os }}:${{ matrix.version }} - steps: - - name: Install git so we get the .github directory - run: dnf install -y git - - uses: actions/checkout@v4 - - name: Setup image and run bats tests - run: .github/jobs/configure-checks/setup_configure_image.sh diff --git a/.github/workflows/autoconf-check.yml b/.github/workflows/autoconf-check.yml index dee59a67c6..a80c039f0f 100644 --- a/.github/workflows/autoconf-check.yml +++ b/.github/workflows/autoconf-check.yml @@ -7,7 +7,93 @@ on: - '[0-9]+.[0-9]+' jobs: + build: + runs-on: ubuntu-latest + container: + image: domjudge/gitlabci:24.04 + steps: + - name: Checkout Code + uses: actions/checkout@v3 + - name: Create the distribution tarball + run: | + make dist + cd .. + mv domjudge release + mkdir domjudge #Workdir for next steps + tar -cf release.tar release + gzip -9 release.tar + mv release.tar.gz domjudge/ + - name: Upload Artifact + uses: actions/upload-artifact@v4 + with: + compression-level: 0 + name: test-tarball + path: ${{ github.workspace }}/release.tar.gz + + suse-family: + needs: build + strategy: + matrix: + version: [latest] + os: [opensuse/leap] + runs-on: ubuntu-latest + container: + image: ${{ matrix.os }}:${{ matrix.version }} + steps: + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: test-tarball + - name: Install needed unpack tools + run: zypper install -y tar gzip + - name: Unpack the "Release" tarball + run: tar xvf release.tar.gz + - name: Setup image and run bats tests + working-directory: release + run: .github/jobs/configure-checks/setup_configure_image.sh + + arch-family: + needs: build + strategy: + matrix: + version: [latest] + os: [archlinux] + runs-on: ubuntu-latest + container: + image: ${{ matrix.os }}:${{ matrix.version }} + steps: + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: test-tarball + - name: Unpack the "Release" tarball + run: tar xvf release.tar.gz + - name: Setup image and run bats tests + working-directory: release + run: .github/jobs/configure-checks/setup_configure_image.sh + + redhat-family: + needs: build + strategy: + matrix: + version: [latest] + os: [fedora] + runs-on: ubuntu-latest + container: + image: ${{ matrix.os }}:${{ matrix.version }} + steps: + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: test-tarball + - name: Unpack the "Release" tarball + run: tar xvf release.tar.gz + - name: Setup image and run bats tests + working-directory: release + run: .github/jobs/configure-checks/setup_configure_image.sh + debian-family: + needs: build strategy: matrix: version: [jammy, focal, rolling] @@ -28,8 +114,21 @@ jobs: container: image: ${{ matrix.os }}:${{ matrix.version }} steps: - - name: Install git so we get the .github directory - run: apt-get update; apt-get install -y git - - uses: actions/checkout@v4 + - name: Download Artifact + uses: actions/download-artifact@v4 + with: + name: test-tarball + - name: Unpack the "Release" tarball + run: | + ls -atrl + tar xvf release.tar.gz - name: Setup image and run bats tests + working-directory: release run: .github/jobs/configure-checks/setup_configure_image.sh + +# +## Copy the fedora stuff here and use: +## if: github.event_name != 'merge_group' on the job level +##name: Build and Trigger Workflows +### Either just filter the fedora stuff in onther build step (and run on main but skip) or trigger 2 workflows. I don't work enough with GHA to see which one I prefer for now. +## diff --git a/.github/workflows/chroot-checks.yml b/.github/workflows/chroot-checks.yml index f3ebd6609c..e69de29bb2 100644 --- a/.github/workflows/chroot-checks.yml +++ b/.github/workflows/chroot-checks.yml @@ -1,30 +0,0 @@ -name: Chroot checks -on: - push: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - check-chroot-arch: - runs-on: ubuntu-24.04 - container: - image: domjudge/gitlabci:24.04 - options: --privileged --cgroupns=host --init - strategy: - matrix: - arch: [amd64, default] - steps: - - name: Checkout current code - uses: actions/checkout@v4 - - name: Install DOMjudge - run: | - .github/jobs/chroot_checks.sh ${{ matrix.arch }} - - name: Upload all logs/artifacts - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.arch }}-logs - path: | - /tmp/artifacts diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 77a7a5852c..e69de29bb2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -1,78 +0,0 @@ -name: "CodeQL" - -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - analyze: - container: - image: domjudge/gitlabci:24.04 - options: --user domjudge - name: Analyze - runs-on: ubuntu-latest - env: - COMPILED: "cpp" - USER: "domjudge" - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'cpp', 'java', 'javascript', 'python' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - - - name: Install composer files - if: ${{ contains(env.COMPILED, matrix.language) }} - run: | - cd webapp - composer install --no-scripts - - - name: Configure Makefile - if: ${{ contains(env.COMPILED, matrix.language) }} - run: | - DIR=$(pwd) - mkdir ./installdir - make configure - ./configure --enable-doc-build=no --prefix=$DIR/installdir - - - name: Compile domserver - if: ${{ contains(env.COMPILED, matrix.language) }} - run: | - make domserver - make install-domserver - - - name: Compile the build scripts for languages - run: | - make build-scripts - - - name: Compile judgehost - if: ${{ contains(env.COMPILED, matrix.language) }} - run: | - make judgehost - sudo make install-judgehost - - - name: Remove upstream code - run: | - rm -rf webapp/public/js/monaco doc/manual/_static - - - name: Chown everything to the current runner user - if: ${{ contains(env.COMPILED, matrix.language) }} - run: sudo chown -R ${USER} ./installdir - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 4e88d00c28..e69de29bb2 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -1,24 +0,0 @@ -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -name: Spell Check - -jobs: - codespell: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Rewrite Changelog to find new mistakes - run: awk '1;/Version 7.2.1 - 6 May 2020/{exit}' ChangeLog > latest_Changelog - - name: Get dirs to skip - id: list_to_csv - run: echo "::set-output name=SKIP::$(awk '{print $1}' .github/jobs/data/codespellignorefiles.txt | paste -s -d, -)" - - uses: codespell-project/actions-codespell@master - with: - check_filenames: true - ignore_words_file: .github/jobs/data/codespellignorewords.txt - skip: ${{ steps.list_to_csv.outputs.SKIP }} diff --git a/.github/workflows/codestyle.yml b/.github/workflows/codestyle.yml index 0dbddf8f72..e69de29bb2 100644 --- a/.github/workflows/codestyle.yml +++ b/.github/workflows/codestyle.yml @@ -1,89 +0,0 @@ -name: Codestandard -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - syntax-job: - runs-on: ubuntu-latest - container: - image: domjudge/gitlabci:24.04 - steps: - - uses: actions/checkout@v4 - - name: Run the syntax checks - run: .github/jobs/syntax.sh - - detect-dump: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: "Search for leftover dump( statements" - run: .github/jobs/detect_dump.sh - - php-linter: - runs-on: ubuntu-latest - container: - image: pipelinecomponents/php-linter:latest - steps: - - uses: actions/checkout@v4 - - name: Detect PHP linting issues - run: > - parallel-lint --colors - lib/lib.*.php - etc - judge - webapp/src - webapp/tests - webapp/public - webapp/config - - phpcs_compatibility: - runs-on: ubuntu-latest - container: - image: pipelinecomponents/php-codesniffer:latest - strategy: - matrix: - PHPVERSION: ["8.1", "8.2", "8.3", "8.4"] - steps: - - run: apk add git - - uses: actions/checkout@v4 - - name: Various fixes to this image - run: .github/jobs/fix_pipelinecomponents_image.sh - - name: Detect compatibility with supported PHP version - run: > - phpcs -s -p --colors - --standard=PHPCompatibility - --extensions=php - --runtime-set testVersion ${{ matrix.PHPVERSION }} - lib/lib.*.php - etc - judge - webapp/src - webapp/tests - webapp/public - webapp/config - - pycodestyle: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Download pycodestyle python file - run: > - curl -L -o /tmp/pycodestyle.py 'https://github.com/PyCQA/pycodestyle/raw/refs/tags/2.12.1/pycodestyle.py' - - name: Check codestyle in python files - run: > - python3 /tmp/pycodestyle.py \ - --exclude='./example_problems/,./doc/,./gitlab/,./webapp/vendor/' \ - --max-line-length 120 \ - --show-pep8 --show-source \ - . - - pyright: - runs-on: ubuntu-latest - steps: - - uses: jakebailey/pyright-action@v2 - with: - version: 1.1.311 diff --git a/.github/workflows/database-upgrade.yml b/.github/workflows/database-upgrade.yml index 47b6a14ed1..e69de29bb2 100644 --- a/.github/workflows/database-upgrade.yml +++ b/.github/workflows/database-upgrade.yml @@ -1,36 +0,0 @@ -name: Database Upgrade Test - -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - upgrade_test: - runs-on: ubuntu-latest - container: - image: domjudge/gitlabci:24.04 - services: - sqlserver: - image: mariadb - ports: - - 3306:3306 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_USER: domjudge - MYSQL_PASSWORD: domjudge - options: --health-cmd="healthcheck.sh --connect --innodb_initialized" --health-interval=10s --health-timeout=5s --health-retries=3 - steps: - - uses: actions/checkout@v4 - - name: Import Database - run: mysql -hsqlserver -uroot -proot < .github/jobs/data/dj733.sql - - name: Upgrade DOMjudge - run: .github/jobs/baseinstall.sh default upgrade - - name: Setting initial Admin Password - run: echo "pass" > /opt/domjudge/domserver/etc/initial_admin_password.secret - - name: Check for Errors in the Upgrade - run: mysql -hsqlserver -uroot -proot -e "SHOW TABLES FROM domjudge;" - - name: Check for Errors in DOMjudge Webinterface - run: .github/jobs/webstandard.sh none admin diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index e6921fa834..e69de29bb2 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -1,161 +0,0 @@ -name: Run integration tests -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - integration: - runs-on: ubuntu-24.04 - timeout-minutes: 20 - container: - image: domjudge/gitlabci:24.04 - options: --privileged --cgroupns=host --init - services: - sqlserver: - image: mariadb - ports: - - 3306:3306 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_USER: domjudge - MYSQL_PASSWORD: domjudge - options: --health-cmd="healthcheck.sh --connect --innodb_initialized" --health-interval=10s --health-timeout=5s --health-retries=3 - steps: - - uses: actions/checkout@v4 - - name: info - run: | - cat /proc/cmdline && echo && - cat /proc/mounts && echo && - ls -al /sys/fs/cgroup && echo && - uname -a && echo && - stat -fc %T /sys/fs/cgroup && echo && - cat /proc/self/cgroup && echo && - cat /proc/cpuinfo - - name: pstree - run: pstree -p - - name: Install DOMjudge - run: .github/jobs/baseinstall.sh all - - name: Set up chroot - run: sudo misc-tools/dj_make_chroot -a amd64 - - name: Check nginx - run: curl -v https://localhost/domjudge/ - - name: Configure print command - working-directory: submit - run: | - curl --fail -u 'admin:password' -X 'GET' 'http://localhost/domjudge/api/v4/config?strict=false' \ - | jq '.print_command |= "cp [file] /tmp/dj-printfile"' \ - | curl --fail -u 'admin:password' -X 'PUT' -T - 'http://localhost/domjudge/api/v4/config?strict=false' \ - - name: Testing submit client - working-directory: submit - run: make check-full - - name: Configure judgehost - run: sudo cp /opt/domjudge/judgehost/etc/sudoers-domjudge /etc/sudoers.d/ && sudo chmod 400 /etc/sudoers.d/sudoers-domjudge && cat /opt/domjudge/judgehost/etc/sudoers-domjudge - - name: Create user - run: sudo userdel -f -r domjudge-run-0 ; sudo useradd -d /nonexistent -g nogroup -s /bin/false -u 2222 domjudge-run-0 - - name: Start judging - run: sudo -u domjudge sh -c 'cd /opt/domjudge/judgehost/ && nohup bin/judgedaemon -n 0 &' - - name: Import Kattis example problems - run: | - cd /tmp - git clone --depth=1 https://github.com/Kattis/problemtools.git - cd problemtools/examples - mv hello hello_kattis - # Remove 2 submissions that will not pass validation. The first is because it is - # a Python 2 submission. The latter has a judgement type we do not understand. - rm different/submissions/accepted/different_py2.py different/submissions/slow_accepted/different_slow.py - for i in hello_kattis different guess; do - ( - cd "$i" - zip -r "../${i}.zip" -- * - ) - curl --fail -X POST -n -N -F zip=@${i}.zip http://localhost/domjudge/api/contests/demo/problems - done - - name: Monitor judgehost log and stop once all submissions are judged - run: | - tail -f /opt/domjudge/judgehost/log/judge*-0.log | while read line; do - echo "$line" - grep "No submissions in queue" /opt/domjudge/judgehost/log/judge*-0.log && break - done - - name: dump the db - if: ${{ !cancelled() }} - run: mysqldump -uroot -proot --quick --max_allowed_packet=1024M domjudge > /tmp/db.sql - - name: Upload database dump for debugging - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 - with: - name: DB-dump - path: /tmp/db.sql - - name: Get SQL logs - run: docker logs "${{ job.services.sqlserver.id }}" - - name: Collect docker logs on failure - if: ${{ !cancelled() }} - uses: jwalton/gh-docker-logs@v1 - with: - dest: '/tmp/docker-logs' - - name: Upload all logs/artifacts - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 - with: - name: Logs - path: | - /var/log/nginx - /opt/domjudge/domserver/webapp/var/log/*.log - /tmp/docker-logs - /tmp/artifacts - - name: Verifying submissions - shell: bash - run: | - set -x - export CURLOPTS="--fail -sq -m 30 -b /tmp/cookiejar" - # Make an initial request which will get us a session id, and grab the csrf token from it - CSRFTOKEN=$(curl $CURLOPTS -c /tmp/cookiejar "http://localhost/domjudge/login" | sed -n 's/.*_csrf_token.*value="\(.*\)".*/\1/p') - # Make a second request with our session + csrf token to actually log in - curl $CURLOPTS -c /tmp/cookiejar -F "_csrf_token=$CSRFTOKEN" -F "_username=admin" -F "_password=password" "http://localhost/domjudge/login" - # Send a general clarification to later test if we see the event. - curl $CURLOPTS -F "sendto=" -F "problem=1-" -F "bodytext=Testing" -F "submit=Send" \ - "http://localhost/domjudge/jury/clarifications/send" -o /dev/null - curl $CURLOPTS "http://localhost/domjudge/jury/judging-verifier?verify_multiple=1" -o /dev/null - NUMNOTVERIFIED=$(curl $CURLOPTS "http://localhost/domjudge/jury/judging-verifier" | grep "submissions checked" | sed -r 's/^.* ([0-9]+) submissions checked.*$/\1/') - NUMVERIFIED=$( curl $CURLOPTS "http://localhost/domjudge/jury/judging-verifier" | grep "submissions not checked" | sed -r 's/^.* ([0-9]+) submissions not checked.*$/\1/') - NUMNOMAGIC=$( curl $CURLOPTS "http://localhost/domjudge/jury/judging-verifier" | grep "without magic string" | sed -r 's/^.* ([0-9]+) without magic string.*$/\1/') - NUMSUBS=$(curl $CURLOPTS http://localhost/domjudge/api/contests/demo/submissions | python3 -mjson.tool | grep -c '"id":') - # We expect - # - two submissions with ambiguous outcome, - # - one submissions submitted through the submit client, and thus the magic string ignored, - # - and all submissions to be judged. - if [ $NUMNOTVERIFIED -ne 2 ] || [ $NUMNOMAGIC -ne 1 ] || [ $NUMSUBS -gt $((NUMVERIFIED+NUMNOTVERIFIED)) ]; then - echo "verified subs: $NUMVERIFIED, unverified subs: $NUMNOTVERIFIED, total subs: $NUMSUBS" - echo "(expected 2 submissions to be unverified, but all to be processed)" - echo "Of these $NUMNOMAGIC do not have the EXPECTED_RESULTS string (should be 1)." - curl $CURLOPTS "http://localhost/domjudge/jury/judging-verifier?verify_multiple=1" | w3m -dump -T text/html - exit 1 - fi - - name: Finalize contest so that awards appear in the feed - shell: bash - run: | - set -x - export CURLOPTS="--fail -m 30 -b $COOKIEJAR" - curl $CURLOPTS http://localhost/domjudge/jury/contests/1/freeze/doNow || true - curl $CURLOPTS http://localhost/domjudge/jury/contests/1/end/doNow || true - curl $CURLOPTS -X POST -d 'finalize_contest[b]=0&finalize_contest[finalizecomment]=gitlab&finalize_contest[finalize]=' http://localhost/domjudge/jury/contests/1/finalize - - name: Verify no errors in symfony {prod,test,dev}.log - shell: bash - run: | - if cat /opt/domjudge/domserver/webapp/var/log/*.log | egrep '(CRITICAL|ERROR):'; then - exit 1 - fi - - name: Download and perform API check - shell: bash - run: | - cd $HOME - curl -o yajsv https://github.com/neilpa/yajsv/releases/download/v1.4.1/yajsv.linux.amd64 - chmod a+x yajsv - echo -e "\033[0m" - git clone https://github.com/icpc/ccs-specs.git - export CCS_SPECS_PINNED_SHA1='a68aff54c4e60fc2bff2fc5c36c119bffa4d30f1' - ( cd ccs-specs && git reset --hard $CCS_SPECS_PINNED_SHA1 ) - export CHECK_API="${HOME}/ccs-specs/check-api.sh -j ${HOME}/yajsv" - $CHECK_API -n -C -e -a 'strict=1' http://admin:password@localhost/domjudge/api diff --git a/.github/workflows/phpcodesniffer.yml b/.github/workflows/phpcodesniffer.yml index 249b86ce63..e69de29bb2 100644 --- a/.github/workflows/phpcodesniffer.yml +++ b/.github/workflows/phpcodesniffer.yml @@ -1,29 +0,0 @@ -name: PHP CodeSniffer - -# Controls when the action will run. -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' -jobs: - phpcs: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 # important! - - name: Install PHP_CodeSniffer - run: | - curl -OL https://squizlabs.github.io/PHP_CodeSniffer/phpcs.phar - php phpcs.phar --version - - - uses: domjudge/action-php-codesniffer@master - with: - files: "**.php" # you may customize glob as needed - scope: files - phpcs_path: php phpcs.phar - standard: .github/jobs/data/phpruleset.xml - fail_on_errors: false - fail_on_warnings: false diff --git a/.github/workflows/phpstan.yml b/.github/workflows/phpstan.yml index 3d7b4fd952..e69de29bb2 100644 --- a/.github/workflows/phpstan.yml +++ b/.github/workflows/phpstan.yml @@ -1,28 +0,0 @@ -name: Run PHPStan -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - phpstan: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Setup composer dependencies - run: .github/jobs/composer_setup.sh - - name: Show the phpstan version - run: webapp/vendor/phpstan/phpstan/phpstan --version - - uses: php-actions/phpstan@v3.0.2 - with: - configuration: webapp/phpstan.dist.neon - path: webapp/src webapp/tests - php_extensions: gd intl mysqli pcntl zip - autoload_file: webapp/vendor/autoload.php - version: composer - - uses: actions/upload-artifact@v4 - if: always() - with: - path: /tmp/artifacts diff --git a/.github/workflows/runpipe.yml b/.github/workflows/runpipe.yml index b096a28141..e69de29bb2 100644 --- a/.github/workflows/runpipe.yml +++ b/.github/workflows/runpipe.yml @@ -1,39 +0,0 @@ -name: Run runpipe and runguard tests -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - runpipe: - runs-on: ubuntu-24.04 - timeout-minutes: 20 - container: - image: domjudge/gitlabci:24.04 - options: --privileged --cgroupns=host --init - steps: - - uses: actions/checkout@v4 - - name: info - run: cat /proc/cmdline && echo && cat /proc/mounts && echo && ls -al /sys/fs/cgroup && echo && uname -a && echo && stat -fc %T /sys/fs/cgroup && echo && cat /proc/self/cgroup - - name: Create the configure file - run: make configure - - name: Do the default configure - run: ./configure --with-baseurl='http://localhost/domjudge/' --with-domjudge-user=domjudge --with-judgehost_chrootdir=${DIR}/chroot/domjudge - - name: Prepare judgehost files - run: make judgehost - - name: Run the actual runpipe tests - working-directory: judge/runpipe_test - run: make test - - name: Add user/group - run: sudo addgroup domjudge-run-0 && sudo usermod -g domjudge-run-0 domjudge-run-0 - - name: Create dir - run: mkdir -p /opt/domjudge/judgehost/tmp/ - - name: Run the actual runguard tests - working-directory: judge/runguard_test - env: - judgehost_tmpdir: /tmp - judgehost_judgedir: /tmp - run: make test - diff --git a/.github/workflows/shiftleft.yml b/.github/workflows/shiftleft.yml index 3f89782341..e69de29bb2 100644 --- a/.github/workflows/shiftleft.yml +++ b/.github/workflows/shiftleft.yml @@ -1,26 +0,0 @@ -name: SL Scan - -on: - merge_group: - -jobs: - Scan-Build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Perform Scan - uses: ShiftLeftSecurity/scan-action@master - env: - WORKSPACE: "" - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SCAN_AUTO_BUILD: true - SCAN_ANNOTATE_PR: 0 - with: - output: reports - type: python,bash - - - name: Upload report - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: reports diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index d7fbb3bbc4..e69de29bb2 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -1,101 +0,0 @@ -name: Unit tests -# We can speedup with: https://github.com/actions/cache -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - check-static-codecov: - runs-on: ubuntu-24.04 - steps: - - uses: actions/checkout@v4 - - name: Download latest codecov upload script - run: | - exit=1 - while [ "$exit" -ne 0 ]; do - wget https://codecov.io/bash -O newcodecov - exit="$?" - if [ "$exit" -ne 0 ]; then - sleep 30 - fi - done - - name: Detect changes to manually verify - run: diff newcodecov .github/jobs/uploadcodecov.sh - - unit-tests: - permissions: - checks: write - runs-on: ubuntu-24.04 - timeout-minutes: 20 - container: - image: domjudge/gitlabci:24.04 - services: - sqlserver: - image: mariadb - ports: - - 3306:3306 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_USER: domjudge - MYSQL_PASSWORD: domjudge - options: --health-cmd="healthcheck.sh --connect --innodb_initialized" --health-interval=10s --health-timeout=5s --health-retries=3 - strategy: - matrix: - PHPVERSION: [8.1, 8.4] - TEST: [Unit, E2E] - steps: - - uses: actions/checkout@v4 - - name: info - run: | - cat /proc/cmdline && echo && - cat /proc/mounts && echo && - ls -al /sys/fs/cgroup && echo && - uname -a && echo && - stat -fc %T /sys/fs/cgroup && echo && - cat /proc/self/cgroup && echo && - cat /proc/cpuinfo - - name: pstree - run: pstree -p - - name: Install DOMjudge - run: .github/jobs/baseinstall.sh unit install ${{ matrix.PHPVERSION }} test - - name: Check nginx - run: curl -v https://localhost/domjudge/ - - name: Run the unit-tests - run: .github/jobs/unit-tests.sh ${{ matrix.PHPVERSION }} ${{ matrix.TEST }} - - name: Publish Test Results - uses: EnricoMi/publish-unit-test-result-action@v2 - if: ${{ !cancelled() }} - with: - comment_mode: changes in failures - check_name: unit-tests-${{ matrix.PHPVERSION }}-${{ matrix.TEST }}.xml - files: unit-tests-${{ matrix.PHPVERSION }}-${{ matrix.TEST }}.xml - - name: Get SQL logs - run: docker logs "${{ job.services.sqlserver.id }}" - - name: Collect docker logs on failure - if: ${{ !cancelled() }} - uses: jwalton/gh-docker-logs@v1 - with: - dest: '/tmp/docker-logs' - - name: Upload all logs/artifacts - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 - with: - name: Logs-${{ matrix.PHPVERSION }}-${{ matrix.TEST }} - path: | - /var/log/nginx - /opt/domjudge/domserver/webapp/var/log/*.log - /tmp/docker-logs - /tmp/artifacts - - event_file: - name: "Post results assuming forks" - runs-on: ubuntu-latest - steps: - - name: Upload - uses: actions/upload-artifact@v4 - with: - name: Event File - path: ${{ github.event_path }} diff --git a/.github/workflows/upload-unit-tests.yml b/.github/workflows/upload-unit-tests.yml index 7e21b4942a..e69de29bb2 100644 --- a/.github/workflows/upload-unit-tests.yml +++ b/.github/workflows/upload-unit-tests.yml @@ -1,34 +0,0 @@ -name: Publish unit test results - -on: - workflow_run: - workflows: ["Unit tests"] - types: - - completed - permissions: {} - -jobs: - test-results: - name: Process test results - runs-on: ubuntu-latest - if: github.event.workflow_run.conclusion != 'skipped' - permissions: - # required by download step to access artifacts API - actions: read - # write the actual check-run - checks: write - # needed unless run with comment_mode: off - pull-requests: write - steps: - - name: Download and Extract Artifacts - uses: dawidd6/action-download-artifact@e7466d1a7587ed14867642c2ca74b5bcc1e19a2d - with: - run_id: ${{ github.event.workflow_run.id }} - path: artifacts - #- name: Publish Test Results - # uses: EnricoMi/publish-unit-test-result-action@v2 - # with: - # commit: ${{ github.event.workflow_run.head_sha }} - # event_file: artifacts/Event File/event.json - # event_name: ${{ github.event.workflow_run.event }} - # files: "tmp/artifacts/**/*.xml" diff --git a/.github/workflows/webstandard.yml b/.github/workflows/webstandard.yml index 23e0760cab..e69de29bb2 100644 --- a/.github/workflows/webstandard.yml +++ b/.github/workflows/webstandard.yml @@ -1,65 +0,0 @@ -name: Webstandard (WCAG, W3C) -on: - merge_group: - pull_request: - branches: - - main - - '[0-9]+.[0-9]+' - -jobs: - standards: - runs-on: ubuntu-latest - container: - image: domjudge/gitlabci:24.04 - services: - sqlserver: - image: mariadb - ports: - - 3306:3306 - env: - MYSQL_ROOT_PASSWORD: root - MYSQL_USER: domjudge - MYSQL_PASSWORD: domjudge - options: --health-cmd="healthcheck.sh --connect --innodb_initialized" --health-interval=10s --health-timeout=5s --health-retries=3 - strategy: - matrix: - role: [public, team, balloon, jury, admin] - test: [w3cval, WCAG2A, WCAG2AA] - db: [bare-install, install] - releaseBranch: - - ${{ contains(github.ref, 'gh-readonly-queue') }} - exclude: - - releaseBranch: false - - role: jury - test: WCAG2AA - - role: jury - test: WCAG2A - - role: admin - test: WCAG2AA - - role: admin - test: WCAG2A - include: - - role: public - test: WCAG2AA - db: install - - role: public - test: w3cval - db: install - - role: admin - test: w3cval - db: install - steps: - - uses: actions/checkout@v4 - - name: Install DOMjudge - run: .github/jobs/baseinstall.sh ${{ matrix.role }} - - name: Run webstandard tests (W3C, WCAG) - run: .github/jobs/webstandard.sh ${{ matrix.test }} ${{ matrix.role }} - - name: Upload all logs/artifacts - if: ${{ !cancelled() }} - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.role }}-${{ matrix.test }}-${{ matrix.db }}-logs - path: | - /tmp/artifacts - /var/log/nginx - /opt/domjudge/domserver/webapp/var/log/*.log diff --git a/doc/Makefile b/doc/Makefile index 5410e16de7..f86e10a5d4 100644 --- a/doc/Makefile +++ b/doc/Makefile @@ -9,6 +9,7 @@ include $(TOPDIR)/Makefile.global # Subdirectories to recurse into for REC_TARGETS SUBDIRS = manual examples inplace-install inplace-uninstall: SUBDIRS=manual +distclean: SUBDIRS=examples install-docs-l: $(INSTALL_DATA) -t $(DESTDIR)$(domjudge_docdir)/logos logos/DOMjudgelogo.pdf diff --git a/webapp/Makefile b/webapp/Makefile index 5eac62ea13..1eae41c953 100644 --- a/webapp/Makefile +++ b/webapp/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/Makefile.global # Subdirectories to recurse into for REC_TARGETS SUBDIRS = config -domserver: composer-dump-autoload +domserver: composer-dump-autoload public/bundles/nelmioapidoc # Install PHP dependencies composer-dependencies: @@ -43,20 +43,17 @@ composer-dump-autoload-dev: @echo "# the DOMjudge Symfony application in developer mode. Adjust as needed." >> $@ @echo "APP_ENV=dev" >> $@ -copy-bundle-assets: +public/bundles/nelmioapidoc: # We can not use bin/console here, as when using a fakeroot, # the include paths are broken. We just copy in the data we need - -rm -rf public/bundles/nelmioapidoc - mkdir -p public/bundles/nelmioapidoc - cp -R vendor/nelmio/api-doc-bundle/public/* public/bundles/nelmioapidoc/ + mkdir -p $@ + cp -a vendor/nelmio/api-doc-bundle/public/* $@ clean-l: -rm -rf public/bundles/nelmioapidoc -rm -f vendor/autoload_runtime.php install-domserver: -# This must be done first to install with the rest. - $(MAKE) copy-bundle-assets $(INSTALL_DIR) $(DESTDIR)$(domserver_webappdir); for d in bin config migrations public resources src templates tests vendor; do \ $(call install_tree,$(DESTDIR)$(domserver_webappdir),$$d) ; \ @@ -71,6 +68,11 @@ maintainer-conf: .env.local maintainer-install: composer-dump-autoload-dev +maintainer-install-l: +# This must be done first to install with the rest. + -rm -rf public/bundles/nelmioapidoc + $(MAKE) public/bundles/nelmioapidoc + maintainer-clean-l: -for d in cache log ; do \ for t in dev prod ; do \ @@ -78,5 +80,4 @@ maintainer-clean-l: done ; \ done -.PHONY: composer-dump-autoload composer-dump-autoload-dev \ - copy-bundle-assets +.PHONY: composer-dump-autoload composer-dump-autoload-dev