Skip to content

Rework build workflow and enhance unit test coverage #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Applone merged 13 commits into from
May 14, 2026
Merged

Rework build workflow and enhance unit test coverage #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
01c0c86
Reworked workflow
Applone May 10, 2026
c0a7fa4
Changed compiler to Clang
Applone May 10, 2026
0ae2fb4
Added missing flags in sanitizer builds
Applone May 10, 2026
8b7846e
Restored dev builds
Applone May 10, 2026
7d168af
Added more Unit-tests
Applone May 10, 2026
dc90504
Added more unit-tests
Applone May 10, 2026
1eb925d
Should be enough now
Applone May 11, 2026
d0df776
should fix sigsegv
Applone May 11, 2026
188a1c6
fixed sigsegv
Applone May 11, 2026
8a0da2e
Added more unit tests
Applone May 11, 2026
960d858
Added script for local build
Applone May 13, 2026
49bcda0
Small fixes
Applone May 14, 2026
3f21bb3
Fixed local build script
Applone May 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
394 changes: 5 additions & 389 deletions .github/workflows/build.yml
View file
Open in desktop

Large diffs are not rendered by default.

370 changes: 370 additions & 0 deletions .github/workflows/debug.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,370 @@
name: Debug CI

on:
push:
branches:
- '**'

permissions:
contents: read

env:
OPENSSL_VERSION: 3.3.2

jobs:
static-analysis:
name: Static Analysis (Linux)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install analysis dependencies
run: |
sudo apt-get update
sudo apt-get install -y cmake ninja-build libssl-dev clang lld llvm cppcheck clang-tidy

- name: Configure compile database
env:
CC: clang
CXX: clang++
run: |
cmake -S . -B build -G Ninja \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=OFF \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON

- name: Run cppcheck
run: |
cppcheck --std=c++20 --enable=warning,style,performance,portability \
--error-exitcode=1 --inline-suppr --quiet src

- name: Run clang-tidy
run: |
find src -name '*.cpp' -print0 | xargs -0 -r clang-tidy -p build -warnings-as-errors='*'

debug-build-artifacts:
name: Debug Build Artifacts (${{ matrix.os }})
needs: [static-analysis]
runs-on: ${{ matrix.os }}
strategy:
matrix:
include:
- os: ubuntu-latest
generator: Ninja
- os: windows-latest
generator: "Visual Studio 17 2022"
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install dependencies (Linux)
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install -y cmake ninja-build libssl-dev clang lld llvm

- name: Configure CMake (Linux Debug)
if: runner.os == 'Linux'
env:
CC: clang
CXX: clang++
run: |
cmake -S . -B build -G "${{ matrix.generator }}" \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=OFF \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON

- name: Build (Linux Debug)
if: runner.os == 'Linux'
run: cmake --build build --parallel

- name: Prepare artifacts (Linux)
if: runner.os == 'Linux'
run: |
mkdir -p staging
cp build/byebyevpn staging/

- name: Configure CMake (Windows Debug)
if: runner.os == 'Windows'
run: cmake -S . -B build -G "${{ matrix.generator }}" -DBYEBYEVPN_ENABLE_TESTS=OFF -DBYEBYEVPN_WARNINGS_AS_ERRORS=ON

- name: Build (Windows Debug)
if: runner.os == 'Windows'
run: cmake --build build --config Debug --parallel

- name: Prepare artifacts (Windows)
if: runner.os == 'Windows'
shell: cmd
run: |
if not exist staging mkdir staging
copy build\Debug\byebyevpn.exe staging\

- name: Upload debug artifacts
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: byebyevpn-debug-${{ matrix.os }}
path: staging/*
retention-days: 7

coverage:
name: Coverage (Linux)
needs: [static-analysis]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y cmake ninja-build libssl-dev clang lld llvm

- name: Configure CMake (coverage)
env:
CC: clang
CXX: clang++
run: |
cmake -S . -B build-cov -G Ninja \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=ON \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON \
-DCMAKE_CXX_FLAGS="-fprofile-instr-generate -fcoverage-mapping" \
-DCMAKE_EXE_LINKER_FLAGS="-fprofile-instr-generate"

- name: Build (coverage)
run: cmake --build build-cov --parallel

- name: Run unit tests (coverage)
run: |
mkdir -p build-cov/profiles
export LLVM_PROFILE_FILE="$GITHUB_WORKSPACE/build-cov/profiles/byebyevpn_tests-%p.profraw"
ctest --test-dir build-cov --output-on-failure

- name: Capture coverage
run: |
llvm-profdata merge -sparse build-cov/profiles/*.profraw -o build-cov/coverage.profdata
llvm-cov export -format=lcov \
-instr-profile=build-cov/coverage.profdata \
-ignore-filename-regex='.*/(_deps|tests|build-cov)/.*' \
build-cov/tests/byebyevpn_tests > coverage.info
llvm-cov show \
-format=html \
-output-dir=coverage-html \
-instr-profile=build-cov/coverage.profdata \
-ignore-filename-regex='.*/(_deps|tests|build-cov)/.*' \
build-cov/tests/byebyevpn_tests

- name: Upload coverage artifacts
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: coverage-linux
path: |
coverage.info
coverage-html
retention-days: 7

sanitizer-asan-ubsan:
name: Sanitizers ASan+UBSan (Linux)
needs: [static-analysis]
runs-on: ubuntu-latest
container:
image: ghcr.io/applone/sans:1.0.0
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install OpenSSL build tools
run: |
apt-get update
apt-get install -y perl make curl

- name: Restore OpenSSL cache (ASan+UBSan)
id: cache-openssl
uses: actions/cache@v4
with:
path: ${{ github.workspace }}/deps/openssl-asan-ubsan
key: openssl-${{ env.OPENSSL_VERSION }}-asan-ubsan-sans-1.0.0-${{ runner.os }}

- name: Build OpenSSL (ASan+UBSan)
if: steps.cache-openssl.outputs.cache-hit != 'true'
env:
CC: clang
CXX: clang++
run: |
set -euxo pipefail
OPENSSL_PREFIX="$GITHUB_WORKSPACE/deps/openssl-asan-ubsan"
SAN_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"

mkdir -p "$GITHUB_WORKSPACE/deps"
curl -fsSL "https://github.com/openssl/openssl/releases/download/openssl-${OPENSSL_VERSION}/openssl-${OPENSSL_VERSION}.tar.gz" -o "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz"
tar -xzf "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz" -C "$GITHUB_WORKSPACE/deps"

cd "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}"
export CFLAGS="$SAN_FLAGS"
export CXXFLAGS="$SAN_FLAGS"
export LDFLAGS="$SAN_FLAGS"
./Configure linux-x86_64 no-shared no-tests no-module no-asm \
--prefix="$OPENSSL_PREFIX" \
--openssldir="$OPENSSL_PREFIX/ssl"
make -j"$(nproc)"
make install_sw

- name: Configure CMake (ASan+UBSan)
env:
CC: clang
CXX: clang++
run: |
LIBCXX_ROOT="/opt/libcxx_asan_ubsan"
SAN_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer"
cmake -S . -B build-asan-ubsan -G Ninja \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=ON \
-DBYEBYEVPN_ENABLE_ASAN=ON \
-DBYEBYEVPN_ENABLE_UBSAN=ON \
-DOPENSSL_ROOT_DIR="$GITHUB_WORKSPACE/deps/openssl-asan-ubsan" \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON \
-DCMAKE_CXX_FLAGS="${SAN_FLAGS} -stdlib=libc++ -isystem ${LIBCXX_ROOT}/include/c++/v1" \
-DCMAKE_EXE_LINKER_FLAGS="${SAN_FLAGS} -stdlib=libc++ -L${LIBCXX_ROOT}/lib -Wl,-rpath,${LIBCXX_ROOT}/lib"

- name: Build (ASan+UBSan)
run: cmake --build build-asan-ubsan --parallel

- name: Run unit tests (ASan+UBSan)
run: |
export LD_LIBRARY_PATH="/opt/libcxx_asan_ubsan/lib:${LD_LIBRARY_PATH:-}"
ctest --test-dir build-asan-ubsan --output-on-failure

sanitizer-tsan:
name: Sanitizer TSan (Linux)
needs: [static-analysis]
runs-on: ubuntu-latest
container:
image: ghcr.io/applone/sans:1.0.0
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install OpenSSL build tools
run: |
apt-get update
apt-get install -y perl make curl

- name: Restore OpenSSL cache (TSan)
id: cache-openssl
uses: actions/cache@v4
with:
path: ${{ github.workspace }}/deps/openssl-tsan
key: openssl-${{ env.OPENSSL_VERSION }}-tsan-sans-1.0.0-${{ runner.os }}

- name: Build OpenSSL (TSan)
if: steps.cache-openssl.outputs.cache-hit != 'true'
env:
CC: clang
CXX: clang++
run: |
set -euxo pipefail
OPENSSL_PREFIX="$GITHUB_WORKSPACE/deps/openssl-tsan"
SAN_FLAGS="-fsanitize=thread -fno-omit-frame-pointer"

mkdir -p "$GITHUB_WORKSPACE/deps"
curl -fsSL "https://github.com/openssl/openssl/releases/download/openssl-${OPENSSL_VERSION}/openssl-${OPENSSL_VERSION}.tar.gz" -o "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz"
tar -xzf "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz" -C "$GITHUB_WORKSPACE/deps"

cd "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}"
export CFLAGS="$SAN_FLAGS"
export CXXFLAGS="$SAN_FLAGS"
export LDFLAGS="$SAN_FLAGS"
./Configure linux-x86_64 no-shared no-tests no-module no-asm \
--prefix="$OPENSSL_PREFIX" \
--openssldir="$OPENSSL_PREFIX/ssl"
make -j"$(nproc)"
make install_sw

- name: Configure CMake (TSan)
env:
CC: clang
CXX: clang++
run: |
LIBCXX_ROOT="/opt/libcxx_tsan"
SAN_FLAGS="-fsanitize=thread -fno-omit-frame-pointer"
cmake -S . -B build-tsan -G Ninja \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=ON \
-DBYEBYEVPN_ENABLE_TSAN=ON \
-DOPENSSL_ROOT_DIR="$GITHUB_WORKSPACE/deps/openssl-tsan" \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON \
-DCMAKE_CXX_FLAGS="${SAN_FLAGS} -stdlib=libc++ -isystem ${LIBCXX_ROOT}/include/c++/v1" \
-DCMAKE_EXE_LINKER_FLAGS="${SAN_FLAGS} -stdlib=libc++ -L${LIBCXX_ROOT}/lib -Wl,-rpath,${LIBCXX_ROOT}/lib"

- name: Build (TSan)
run: cmake --build build-tsan --parallel

- name: Run unit tests (TSan)
run: |
export LD_LIBRARY_PATH="/opt/libcxx_tsan/lib:${LD_LIBRARY_PATH:-}"
ctest --test-dir build-tsan --output-on-failure

sanitizer-msan:
name: Sanitizer MSan (Linux)
needs: [static-analysis]
runs-on: ubuntu-latest
container:
image: ghcr.io/applone/sans:1.0.0
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Install OpenSSL build tools
run: |
apt-get update
apt-get install -y perl make curl

- name: Restore OpenSSL cache (MSan)
id: cache-openssl
uses: actions/cache@v4
with:
path: ${{ github.workspace }}/deps/openssl-msan
key: openssl-${{ env.OPENSSL_VERSION }}-msan-sans-1.0.0-${{ runner.os }}

- name: Build OpenSSL (MSan)
if: steps.cache-openssl.outputs.cache-hit != 'true'
env:
CC: clang
CXX: clang++
run: |
set -euxo pipefail
OPENSSL_PREFIX="$GITHUB_WORKSPACE/deps/openssl-msan"
SAN_FLAGS="-fsanitize=memory -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer"

mkdir -p "$GITHUB_WORKSPACE/deps"
curl -fsSL "https://github.com/openssl/openssl/releases/download/openssl-${OPENSSL_VERSION}/openssl-${OPENSSL_VERSION}.tar.gz" -o "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz"
tar -xzf "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}.tar.gz" -C "$GITHUB_WORKSPACE/deps"

cd "$GITHUB_WORKSPACE/deps/openssl-${OPENSSL_VERSION}"
export CFLAGS="$SAN_FLAGS"
export CXXFLAGS="$SAN_FLAGS"
export LDFLAGS="$SAN_FLAGS"
./Configure linux-x86_64 no-shared no-tests no-module no-asm \
--prefix="$OPENSSL_PREFIX" \
--openssldir="$OPENSSL_PREFIX/ssl"
make -j"$(nproc)"
make install_sw

- name: Configure CMake (MSan)
env:
CC: clang
CXX: clang++
run: |
LIBCXX_ROOT="/opt/libcxx_msan"
SAN_FLAGS="-fsanitize=memory -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer"
cmake -S . -B build-msan -G Ninja \
-DCMAKE_BUILD_TYPE=Debug \
-DBYEBYEVPN_ENABLE_TESTS=ON \
-DBYEBYEVPN_ENABLE_MSAN=ON \
-DOPENSSL_ROOT_DIR="$GITHUB_WORKSPACE/deps/openssl-msan" \
-DBYEBYEVPN_WARNINGS_AS_ERRORS=ON \
-DCMAKE_CXX_FLAGS="${SAN_FLAGS} -stdlib=libc++ -isystem ${LIBCXX_ROOT}/include/c++/v1" \
-DCMAKE_EXE_LINKER_FLAGS="${SAN_FLAGS} -stdlib=libc++ -L${LIBCXX_ROOT}/lib -Wl,-rpath,${LIBCXX_ROOT}/lib"

- name: Build (MSan)
run: cmake --build build-msan --parallel

- name: Run unit tests (MSan)
run: |
export LD_LIBRARY_PATH="/opt/libcxx_msan/lib:${LD_LIBRARY_PATH:-}"
ctest --test-dir build-msan --output-on-failure
Loading
Loading