diff --git a/.github/actions/configure/action.yml b/.github/actions/configure/action.yml new file mode 100644 index 0000000000000..5c4c29437a528 --- /dev/null +++ b/.github/actions/configure/action.yml @@ -0,0 +1,207 @@ +name: ./configure +inputs: + configurationParameters: + default: '' + required: false +runs: + using: composite + steps: + - shell: bash + run: | + if [ "$ARCH" == "linux-x64" ]; then + ./buildconf --force + ./configure \ + --enable-option-checking=fatal \ + --prefix=/usr \ + --enable-phpdbg \ + --enable-fpm \ + --with-pdo-mysql=mysqlnd \ + --with-mysqli=mysqlnd \ + --with-pgsql \ + --with-pdo-pgsql \ + --with-pdo-sqlite \ + --enable-intl \ + --without-pear \ + --enable-gd \ + --with-jpeg \ + --with-webp \ + --with-freetype \ + --with-xpm \ + --enable-exif \ + --with-zip \ + --with-zlib \ + --with-zlib-dir=/usr \ + --enable-soap \ + --enable-xmlreader \ + --with-xsl \ + --with-tidy \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-shmop \ + --enable-pcntl \ + --with-readline \ + --enable-mbstring \ + --with-curl \ + --with-gettext \ + --enable-sockets \ + --with-bz2 \ + --with-openssl \ + --with-gmp \ + --enable-bcmath \ + --enable-calendar \ + --enable-ftp \ + --with-pspell=/usr \ + --with-enchant=/usr \ + --with-kerberos \ + --enable-sysvmsg \ + --with-ffi \ + --enable-zend-test \ + --with-ldap \ + --with-ldap-sasl \ + --with-password-argon2 \ + --with-mhash \ + --with-sodium \ + --enable-dba \ + --with-cdb \ + --enable-flatfile \ + --enable-inifile \ + --with-tcadb \ + --with-lmdb \ + --with-qdbm \ + --with-snmp \ + --with-unixODBC \ + --with-imap \ + --with-kerberos \ + --with-imap-ssl \ + --with-pdo-odbc=unixODBC,/usr \ + --with-pdo-firebird \ + --with-pdo-dblib \ + --with-pdo-oci=shared,instantclient,/opt/oracle/instantclient \ + --with-oci8=shared,instantclient,/opt/oracle/instantclient \ + --enable-werror \ + --with-config-file-path=/etc \ + --with-config-file-scan-dir=/etc/php.d \ + ${{ inputs.configurationParameters }} + fi + if [ "$ARCH" == "linux-i386" ]; then + ./buildconf --force + export CFLAGS="-m32 -msse2" + export CXXFLAGS="-m32 -msse2" + export LDFLAGS=-L/usr/lib/i386-linux-gnu + export PKG_CONFIG=/usr/bin/i686-linux-gnu-pkg-config + ./configure \ + --enable-option-checking=fatal \ + --build=i686-pc-linux-gnu \ + --prefix=/usr \ + --enable-phpdbg \ + --enable-fpm \ + --enable-intl \ + --with-pdo-mysql=mysqlnd \ + --with-mysqli=mysqlnd \ + --with-pgsql \ + --with-pdo-pgsql \ + --with-pdo-sqlite \ + --without-pear \ + --enable-gd \ + --with-jpeg \ + --with-webp \ + --with-freetype \ + --with-xpm \ + --enable-exif \ + --with-zip \ + --with-zlib \ + --with-zlib-dir=/usr \ + --enable-soap \ + --enable-xmlreader \ + --with-xsl \ + --with-tidy \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-shmop \ + --enable-pcntl \ + --with-readline \ + --enable-mbstring \ + --with-curl \ + --with-gettext \ + --enable-sockets \ + --with-bz2 \ + --with-openssl \ + --with-gmp \ + --enable-bcmath \ + --enable-calendar \ + --enable-ftp \ + --with-pspell=/usr \ + --with-kerberos \ + --enable-sysvmsg \ + --with-ffi \ + --enable-zend-test \ + --with-mhash \ + --with-sodium \ + --enable-dba \ + --enable-werror \ + --with-config-file-path=/etc \ + --with-config-file-scan-dir=/etc/php.d \ + ${{ inputs.configurationParameters }} + fi + if [ "$ARCH" == "macos" ]; then + export PATH="/usr/local/opt/bison/bin:$PATH" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/openssl@1.1/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/krb5/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/libffi/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/libxml2/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/libxslt/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/zlib/lib/pkgconfig" + export PKG_CONFIG_PATH="$PKG_CONFIG_PATH:/usr/local/opt/icu4c/lib/pkgconfig" + ./buildconf --force + ./configure \ + --enable-option-checking=fatal \ + --prefix=/usr/local \ + --enable-fpm \ + --with-pdo-mysql=mysqlnd \ + --with-mysqli=mysqlnd \ + --with-pgsql=/usr/local/opt/libpq \ + --with-pdo-pgsql=/usr/local/opt/libpq \ + --with-pdo-sqlite \ + --without-pear \ + --enable-gd \ + --with-jpeg \ + --with-webp \ + --with-freetype \ + --enable-exif \ + --with-zip \ + --with-zlib \ + --enable-soap \ + --enable-xmlreader \ + --with-xsl \ + --with-tidy=/usr/local/opt/tidyp \ + --with-libxml \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-shmop \ + --enable-pcntl \ + --with-readline=/usr/local/opt/readline \ + --enable-mbstring \ + --with-curl \ + --with-gettext=/usr/local/opt/gettext \ + --enable-sockets \ + --with-bz2=/usr/local/opt/bzip2 \ + --with-openssl \ + --with-gmp=/usr/local/opt/gmp \ + --with-iconv=/usr/local/opt/libiconv \ + --enable-bcmath \ + --enable-calendar \ + --enable-ftp \ + --with-pspell=/usr/local/opt/aspell \ + --with-kerberos \ + --enable-sysvmsg \ + --with-ffi \ + --enable-zend-test \ + --enable-intl \ + --with-mhash \ + --with-sodium \ + --enable-dba \ + --enable-werror \ + --with-config-file-path=/etc \ + --with-config-file-scan-dir=/etc/php.d \ + ${{ inputs.configurationParameters }} + fi diff --git a/.github/actions/deps/action.yml b/.github/actions/deps/action.yml new file mode 100644 index 0000000000000..fc1b10d17ddcb --- /dev/null +++ b/.github/actions/deps/action.yml @@ -0,0 +1,135 @@ +name: Install dependencies +runs: + using: composite + steps: + - shell: bash + run: | + if [ "$ARCH" == "linux-x64" ]; then + sudo apt install bison \ + re2c \ + locales \ + ldap-utils \ + openssl \ + slapd \ + language-pack-de \ + libgmp-dev \ + libicu-dev \ + libtidy-dev \ + libenchant-dev \ + libaspell-dev \ + libpspell-dev \ + libsasl2-dev \ + libxpm-dev \ + libzip-dev \ + libsqlite3-dev \ + libwebp-dev \ + libonig-dev \ + libkrb5-dev \ + libgssapi-krb5-2 \ + libcurl4-openssl-dev \ + libxml2-dev \ + libxslt1-dev \ + libpq-dev \ + libreadline-dev \ + libldap2-dev \ + libsodium-dev \ + libargon2-0-dev \ + libmm-dev \ + libsnmp-dev \ + postgresql \ + postgresql-contrib \ + snmpd \ + snmp-mibs-downloader \ + freetds-dev \ + unixodbc-dev \ + llvm \ + libc-client-dev \ + dovecot-core \ + dovecot-pop3d \ + dovecot-imapd \ + sendmail \ + firebird-dev \ + liblmdb-dev \ + libtokyocabinet-dev \ + libdb-dev \ + libqdbm-dev \ + libjpeg-dev \ + libpng-dev \ + libfreetype6-dev + mkdir /opt/oracle + wget https://download.oracle.com/otn_software/linux/instantclient/instantclient-basiclite-linuxx64.zip + unzip instantclient-basiclite-linuxx64.zip + wget https://download.oracle.com/otn_software/linux/instantclient/instantclient-sdk-linuxx64.zip + unzip instantclient-sdk-linuxx64.zip + mv instantclient_*_* /opt/oracle/instantclient + # Interferes with libldap2 headers. + rm /opt/oracle/instantclient/sdk/include/ldap.h + fi + if [ "$ARCH" == "linux-i386" ]; then + sudo dpkg --add-architecture i386 + sudo apt-get update -y | true + sudo apt-get install -y gcc-multilib + sudo apt-get install -y g++-multilib + sudo apt-get purge -y libxml2 + # TODO: Reenable postgresql + postgresql-contrib packages once they work again. + sudo apt-get purge -y libpq5 + sudo apt-get install -y libc6:i386 + sudo apt-get install -y bison \ + re2c \ + locales \ + language-pack-de \ + libssl-dev:i386 \ + zlib1g-dev:i386 \ + libxml2-dev:i386 \ + libgmp-dev:i386 \ + libicu-dev:i386 \ + libtidy-dev:i386 \ + libaspell-dev:i386 \ + libpspell-dev:i386 \ + libsasl2-dev:i386 \ + libxpm-dev:i386 \ + libjpeg-dev:i386 \ + libpng-dev:i386 \ + libzip-dev:i386 \ + libbz2-dev:i386 \ + libsqlite3-dev:i386 \ + libwebp-dev:i386 \ + libonig-dev:i386 \ + libkrb5-dev:i386 \ + libgssapi-krb5-2:i386 \ + libcurl4-openssl-dev:i386 \ + libxml2-dev:i386 \ + libxslt1-dev:i386 \ + libpq-dev:i386 \ + libreadline-dev:i386 \ + libffi-dev:i386 \ + libfreetype6-dev:i386 \ + libsodium-dev:i386 + fi + if [ "$ARCH" == "macos" ]; then + brew install pkg-config \ + autoconf \ + bison \ + re2c + brew install openssl@1.1 \ + krb5 \ + bzip2 \ + enchant \ + libffi \ + libpng \ + webp \ + freetype \ + intltool \ + icu4c \ + libiconv \ + zlib \ + t1lib \ + gd \ + libzip \ + gmp \ + tidyp \ + libxml2 \ + libxslt \ + postgresql + brew link icu4c gettext --force + fi diff --git a/.github/actions/install/action.yml b/.github/actions/install/action.yml new file mode 100644 index 0000000000000..9413ce195e191 --- /dev/null +++ b/.github/actions/install/action.yml @@ -0,0 +1,18 @@ +name: Install +runs: + using: composite + steps: + - shell: bash + run: | + if [ "$ARCH" != "macos" ]; then + set -e + sudo make install + sudo mkdir /etc/php.d + sudo chmod 777 /etc/php.d + echo mysqli.default_socket=/var/run/mysqld/mysqld.sock > /etc/php.d/mysqli.ini + echo pdo_mysql.default_socket=/var/run/mysqld/mysqld.sock > /etc/php.d/pdo_mysql.ini + echo opcache.enable_cli=1 >> /etc/php.d/opcache.ini + echo opcache.protect_memory=1 >> /etc/php.d/opcache.ini + else + sudo make install + fi diff --git a/.github/actions/libmysql-test/action.yml b/.github/actions/libmysql-test/action.yml new file mode 100644 index 0000000000000..c84d544bd5ca8 --- /dev/null +++ b/.github/actions/libmysql-test/action.yml @@ -0,0 +1,64 @@ +name: libmysqlclient test +inputs: + configurationName: + default: '' + required: false + configurationParameters: + default: '' + required: false + libmysql: + default: '' + required: false +runs: + using: composite + steps: + - name: Build ${{ inputs.configurationName }} + if: always() + shell: bash + run: | + set -e + LIBMYSQL=${{ inputs.libmysql }} + MYSQL_BASE=${LIBMYSQL%%-linux-*} + MYSQL_VERSION=${MYSQL_BASE#*-} + MYSQL_DIR=$HOME/$MYSQL_BASE + mkdir -p $MYSQL_DIR + URL=https://cdn.mysql.com/Downloads/MySQL-${MYSQL_VERSION%.*}/$LIBMYSQL + wget -nv $URL + tar -xf $LIBMYSQL --strip-components=1 -C $MYSQL_DIR + PDO_MYSQL=${MYSQL_DIR} + MYSQLI=${MYSQL_DIR}/bin/mysql_config + ./buildconf --force + ./configure ${{ inputs.configurationParameters }} \ + --enable-option-checking=fatal \ + --disable-all \ + --enable-pdo \ + --with-pdo-mysql=${PDO_MYSQL} \ + --with-mysqli=${MYSQLI} + make clean + make -j$(/usr/bin/nproc) >/dev/null + - name: Test ${{ inputs.configurationName }} + if: always() + shell: bash + run: | + export MYSQL_TEST_USER=root + export MYSQL_TEST_PASSWD=root + export PDO_MYSQL_TEST_DSN="mysql:host=127.0.0.1;dbname=test" + export PDO_MYSQL_TEST_HOST=127.0.0.1 + export PDO_MYSQL_TEST_USER=root + export PDO_MYSQL_TEST_PASS=root + export TEST_PHP_JUNIT=junit.xml + export REPORT_EXIT_STATUS=no + rm -rf junit.xml | true + sapi/cli/php run-tests.php -P -q \ + -g FAIL,XFAIL,BORK,WARN,LEAK,XLEAK,SKIP \ + --offline --show-diff --show-slow 1000 --set-timeout 120 \ + ext/pdo_mysql + # FIXME + # - task: PublishTestResults@2 + # inputs: + # testResultsFormat: 'JUnit' + # testResultsFiles: junit.xml + # testRunTitle: '${{ inputs.configurationName }}' + # failTaskOnFailedTests: true + # displayName: 'Export ${{ inputs.configurationName }} Results' + # condition: or(succeeded(), failed()) diff --git a/.github/actions/mssql/action.yml b/.github/actions/mssql/action.yml new file mode 100644 index 0000000000000..0d03b6dc4bce0 --- /dev/null +++ b/.github/actions/mssql/action.yml @@ -0,0 +1,13 @@ +name: Create mssql container +runs: + using: composite + steps: + - shell: bash + run: | + docker run \ + -e "ACCEPT_EULA=Y" \ + -e "SA_PASSWORD=" \ + -p 1433:1433 \ + --name sql1 \ + -h sql1 \ + -d mcr.microsoft.com/mssql/server:2019-CU8-ubuntu-16.04 diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml new file mode 100644 index 0000000000000..227b105464d94 --- /dev/null +++ b/.github/actions/setup/action.yml @@ -0,0 +1,34 @@ +name: Setup +runs: + using: composite + steps: + - shell: bash + run: | + set -e + sudo service mysql start + mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS test" + + if [ "$ARCH" == "linux-x64" ]; then + sudo service postgresql start + sudo service slapd start + # Ensure local_infile tests can run. + mysql -uroot -proot -e "SET GLOBAL local_infile = true" + sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';" + sudo -u postgres psql -c "CREATE DATABASE test;" + docker exec sql1 /opt/mssql-tools/bin/sqlcmd -S 127.0.0.1 -U SA -P "" -Q "create login pdo_test with password='password', check_policy=off; create user pdo_test for login pdo_test; grant alter, control to pdo_test;" + sudo locale-gen de_DE + + ./.github/scripts/setup-slapd.sh + + set -e + sudo cp ext/snmp/tests/snmpd.conf /etc/snmp + sudo cp ext/snmp/tests/bigtest /etc/snmp + sudo service snmpd restart + + set -e + sudo groupadd -g 5000 vmail + sudo useradd -m -d /var/vmail -s /bin/false -u 5000 -g vmail vmail + sudo cp ext/imap/tests/setup/dovecot.conf /etc/dovecot/dovecot.conf + sudo cp ext/imap/tests/setup/dovecotpass /etc/dovecot/dovecotpass + sudo service dovecot restart + fi diff --git a/.github/actions/test/action.yml b/.github/actions/test/action.yml new file mode 100644 index 0000000000000..87607116a8900 --- /dev/null +++ b/.github/actions/test/action.yml @@ -0,0 +1,32 @@ +name: Test +inputs: + runTestsParameters: + default: '' + required: false +runs: + using: composite + steps: + - shell: bash + run: | + if [ "$ARCH" != "macos" ]; then + export MYSQL_TEST_USER=root + export MYSQL_TEST_PASSWD=root + export PDO_MYSQL_TEST_DSN="mysql:host=localhost;dbname=test" + export PDO_MYSQL_TEST_USER=root + export PDO_MYSQL_TEST_PASS=root + export PDO_DBLIB_TEST_DSN="dblib:host=127.0.0.1;dbname=master;version=7.0" + export PDO_DBLIB_TEST_USER="pdo_test" + export PDO_DBLIB_TEST_PASS="password" + fi + if [ "$ARCH" == "macos" ]; then + export CI_NO_IPV6=1 + fi + export REPORT_EXIT_STATUS=no + export SKIP_IO_CAPTURE_TESTS=1 + sapi/cli/php run-tests.php -P -q ${{ inputs.runTestsParameters }} \ + -j$(${{ env.ARCH != 'macos' && '/usr/bin/nproc' || 'sysctl -n hw.logicalcpu' }}) \ + -g FAIL,XFAIL,BORK,WARN,LEAK,XLEAK,SKIP \ + --offline \ + --show-diff \ + --show-slow 1000 \ + --set-timeout 120 diff --git a/.github/actions/tests/action.yml b/.github/actions/tests/action.yml new file mode 100644 index 0000000000000..56d57738d13b5 --- /dev/null +++ b/.github/actions/tests/action.yml @@ -0,0 +1,27 @@ +name: Tests +inputs: + extended: + required: true + runTestsParameters: + default: '' + required: false +runs: + using: composite + steps: + - uses: ./.github/actions/test + with: + runTestsParameters: ${{ inputs.runTestsParameters }} + - name: Tracing JIT + uses: ./.github/actions/test + with: + runTestsParameters: "${{ inputs.runTestsParameters }} -d zend_extension=opcache.so ${{ env.ARCH == 'macos' && '-d opcache.protect_memory=1' }} -d opcache.jit_buffer_size=16M" + - name: OpCache + if: ${{ inputs.extended }} + uses: ./.github/actions/test + with: + runTestsParameters: "${{ inputs.runTestsParameters }} -d zend_extension=opcache.so ${{ env.ARCH == 'macos' && '-d opcache.protect_memory=1' }}" + - name: Function JIT + if: ${{ inputs.extended }} + uses: ./.github/actions/test + with: + runTestsParameters: "${{ inputs.runTestsParameters }} -d zend_extension=opcache.so ${{ env.ARCH == 'macos' && '-d opcache.protect_memory=1' }} -d opcache.jit_buffer_size=16M -d opcache.jit=1205" diff --git a/.github/nightly_matrix.php b/.github/nightly_matrix.php new file mode 100644 index 0000000000000..08f153716da02 --- /dev/null +++ b/.github/nightly_matrix.php @@ -0,0 +1,85 @@ + $name, + 'branch' => $branch, + 'arch' => $arch, + 'configurationParameters' => $configuration_parameters, + ]; + } + } + } + + $result[] = [ + 'name' => $branch_key . '_LINUX_X64_DEBUG_ZTS_ASAN_UBSAN', + 'branch' => $branch, + 'arch' => 'linux-x64', + 'configurationParameters' => '--enable-debug --enable-zts --enable-address-sanitizer --enable-undefined-sanitizer', + 'runTestsParameters' => '--asan', + ]; + + $result[] = [ + 'name' => $branch_key . '_LINUX_X64_DEBUG_NTS_REPEAT', + 'branch' => $branch, + 'arch' => 'linux-x64', + 'configurationParameters' => '--enable-debug --disable-zts', + 'runTestsParameters' => '--repeat 2', + ]; + + $result[] = [ + 'name' => $branch_key . '_LINUX_X64_VARIATION_DEBUG_ZTS', + 'branch' => $branch, + 'arch' => 'linux-x64', + 'configurationParameters' => '--enable-debug --enable-zts CFLAGS="-DZEND_RC_DEBUG=1 -DPROFITABILITY_CHECKS=0 -DZEND_VERIFY_FUNC_INFO=1"', + ]; + } + + return ['include' => $result]; +} + +function get_branch_matrix($branches) { + $result = array_map(function ($branch) { + $branch_key = strtoupper(str_replace('.', '', $branch)); + return [ + 'name' => $branch_key, + 'ref' => $branch, + ]; + }, $branches); + + return ['branch' => $result]; +} + +$branches = get_branches(); +echo '::set-output name=branch_matrix::' . json_encode(get_branch_matrix($branches), JSON_UNESCAPED_SLASHES) . "\n"; +echo '::set-output name=test_matrix::' . json_encode(get_test_matrix($branches), JSON_UNESCAPED_SLASHES) . "\n"; diff --git a/.github/scripts/setup-slapd.sh b/.github/scripts/setup-slapd.sh new file mode 100755 index 0000000000000..7ea3cb33b3d0e --- /dev/null +++ b/.github/scripts/setup-slapd.sh @@ -0,0 +1,185 @@ +#!/bin/sh +set -ev + +# Create TLS certificate +sudo mkdir -p /etc/ldap/ssl + +alt_names() { + ( + ( + (hostname && hostname -a && hostname -A && hostname -f) | + xargs -n 1 | + sort -u | + sed -e 's/\(\S\+\)/DNS:\1/g' + ) && ( + (hostname -i && hostname -I && echo "127.0.0.1 ::1") | + xargs -n 1 | + sort -u | + sed -e 's/\(\S\+\)/IP:\1/g' + ) + ) | paste -d, -s +} + +sudo openssl req -newkey rsa:4096 -x509 -nodes -days 3650 \ + -out /etc/ldap/ssl/server.crt -keyout /etc/ldap/ssl/server.key \ + -subj "/C=US/ST=Arizona/L=Localhost/O=localhost/CN=localhost" \ + -addext "subjectAltName = `alt_names`" + +sudo chown -R openldap:openldap /etc/ldap/ssl + +# Display the TLS certificate (should be world readable) +openssl x509 -noout -text -in /etc/ldap/ssl/server.crt + +# Point to the certificate generated +if ! grep -q 'TLS_CACERT \/etc\/ldap\/ssl\/server.crt' /etc/ldap/ldap.conf; then + sudo sed -e 's|^\s*TLS_CACERT|# TLS_CACERT|' -i /etc/ldap/ldap.conf + echo 'TLS_CACERT /etc/ldap/ssl/server.crt' | sudo tee -a /etc/ldap/ldap.conf +fi + +# Configure LDAP protocols to serve. +sudo sed -e 's|^\s*SLAPD_SERVICES\s*=.*$|SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"|' -i /etc/default/slapd + +# Configure LDAP database. +DBDN=`sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config '(&(olcRootDN=*)(olcSuffix=*))' dn | grep -i '^dn:' | sed -e 's/^dn:\s*//'`; + +sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/ppolicy.ldif + +sudo service slapd restart + +sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// << EOF +dn: $DBDN +changetype: modify +replace: olcSuffix +olcSuffix: dc=my-domain,dc=com +- +replace: olcRootDN +olcRootDN: cn=Manager,dc=my-domain,dc=com +- +replace: olcRootPW +olcRootPW: secret + +dn: cn=config +changetype: modify +add: olcTLSCACertificateFile +olcTLSCACertificateFile: /etc/ldap/ssl/server.crt +- +add: olcTLSCertificateFile +olcTLSCertificateFile: /etc/ldap/ssl/server.crt +- +add: olcTLSCertificateKeyFile +olcTLSCertificateKeyFile: /etc/ldap/ssl/server.key +- +add: olcTLSVerifyClient +olcTLSVerifyClient: never +- +add: olcAuthzRegexp +olcAuthzRegexp: uid=usera,cn=digest-md5,cn=auth cn=usera,dc=my-domain,dc=com +- +replace: olcLogLevel +olcLogLevel: -1 + +dn: cn=module{0},cn=config +changetype: modify +add: olcModuleLoad +olcModuleLoad: sssvlv +- +add: olcModuleLoad +olcModuleLoad: ppolicy +- +add: olcModuleLoad +olcModuleLoad: dds +EOF + +sudo service slapd restart + +sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// << EOF +dn: olcOverlay=sssvlv,$DBDN +objectClass: olcOverlayConfig +objectClass: olcSssVlvConfig +olcOverlay: sssvlv +olcSssVlvMax: 10 +olcSssVlvMaxKeys: 5 + +dn: olcOverlay=ppolicy,$DBDN +objectClass: olcOverlayConfig +objectClass: olcPPolicyConfig +olcOverlay: ppolicy +### This would clutter our DIT and make tests to fail, while ppolicy does not +### seem to work as we expect (it does not seem to provide expected controls) +## olcPPolicyDefault: cn=default,ou=pwpolicies,dc=my-domain,dc=com +## olcPPolicyHashCleartext: FALSE +## olcPPolicyUseLockout: TRUE + +dn: olcOverlay=dds,$DBDN +objectClass: olcOverlayConfig +objectClass: olcDdsConfig +olcOverlay: dds +EOF + +sudo service slapd restart + +sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// << EOF +dn: $DBDN +changetype: modify +add: olcDbIndex +olcDbIndex: entryExpireTimestamp eq +EOF + +sudo service slapd restart + +ldapadd -H ldapi:/// -D cn=Manager,dc=my-domain,dc=com -w secret </dev/null + # - name: make install + # uses: ./.github/actions/install + # - name: Setup + # if: ${{ env.ARCH != 'macos' }} + # uses: ./.github/actions/setup + # - name: Test + # uses: ./.github/actions/tests + # with: + # extended: ${{ inputs.extendedTests }} + # runTestsParameters: ${{ inputs.runTestsParameters }} + # debug_zts_msan: + # # needs: generate_matrix + # # strategy: + # # matrix: ${{ fromJson(needs.generate_matrix.outputs.branch_matrix) }} + # # fail-fast: false + # # name: ${{ matrix.branch.name }} + # runs-on: ubuntu-20.04 + # env: + # ARCH: linux-x64 + # steps: + # - name: git checkout + # uses: actions/checkout@v2 + # # Only test on current branch until merged + # # with: + # # ref: ${{ matrix.branch.ref }} + # - name: Install dependencies + # uses: ./.github/actions/deps + # - name: ./configure + # run: | + # export CC=clang + # export CXX=clang++ + # export CFLAGS="-DZEND_TRACK_ARENA_ALLOC" + # ./buildconf --force + # # msan requires all used libraries to be instrumented, + # # so we should avoiding linking against anything but libc here + # ./configure \ + # --enable-debug \ + # --enable-zts \ + # --enable-option-checking=fatal \ + # --prefix=/usr \ + # --without-sqlite3 \ + # --without-pdo-sqlite \ + # --without-libxml \ + # --disable-dom \ + # --disable-simplexml \ + # --disable-xml \ + # --disable-xmlreader \ + # --disable-xmlwriter \ + # --without-pcre-jit \ + # --disable-opcache-jit \ + # --enable-phpdbg \ + # --enable-fpm \ + # --with-pdo-mysql=mysqlnd \ + # --with-mysqli=mysqlnd \ + # --disable-mysqlnd-compression-support \ + # --without-pear \ + # --enable-exif \ + # --enable-sysvsem \ + # --enable-sysvshm \ + # --enable-shmop \ + # --enable-pcntl \ + # --enable-mbstring \ + # --disable-mbregex \ + # --enable-sockets \ + # --enable-bcmath \ + # --enable-calendar \ + # --enable-ftp \ + # --enable-zend-test \ + # --enable-werror \ + # --enable-memory-sanitizer \ + # --with-config-file-path=/etc \ + # --with-config-file-scan-dir=/etc/php.d + # - name: make + # run: make -j$(/usr/bin/nproc) >/dev/null + # - name: make install + # uses: ./.github/actions/install + # - name: Setup + # # FIXME: Can we reuse the setup action? + # run: | + # sudo service mysql start + # mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS test" + # - name: Test + # uses: ./.github/actions/tests + # with: + # extended: false + # runTestsParameters: '--msan' + # community: + # # needs: generate_matrix + # # strategy: + # # matrix: ${{ fromJson(needs.generate_matrix.outputs.branch_matrix) }} + # # fail-fast: false + # # name: ${{ matrix.branch.name }} + # runs-on: ubuntu-20.04 + # env: + # ARCH: linux-x64 + # steps: + # - name: git checkout + # uses: actions/checkout@v2 + # # Only test on current branch until merged + # # with: + # # ref: ${{ matrix.branch.ref }} + # - name: Install dependencies + # uses: ./.github/actions/deps + # - name: ./configure + # uses: ./.github/actions/configure + # with: + # configurationParameters: >- + # --enable-debug --enable-zts --enable-address-sanitizer --enable-undefined-sanitizer + # CFLAGS="-fno-sanitize-recover" + # - name: make + # run: make -j$(/usr/bin/nproc) >/dev/null + # - name: make install + # uses: ./.github/actions/install + # - name: Enable OpCache and JIT + # run: | + # # Run with opcache to also catch optimizer bugs. + # echo zend_extension=opcache.so > /etc/php.d/opcache.ini + # echo opcache.jit_buffer_size=1G >> /etc/php.d/opcache.ini + # - name: mysql + # # FIXME: Can we reuse the setup action? + # run: | + # sudo service mysql start + # mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS test" + # - name: Test Laravel + # run: | + # git clone https://github.com/laravel/framework.git --branch=master --depth=1 + # cd framework + # git rev-parse HEAD + # php8.0 /usr/bin/composer install --no-progress + # # Hack to disable a test that hangs on azure + # sed -i 's/PHP_OS/"Darwin"/' tests/Filesystem/FilesystemTest.php + # export USE_ZEND_ALLOC=0 + # export ASAN_OPTIONS=exitcode=139 + # php vendor/bin/phpunit + # if [ $? -gt 128 ]; then + # exit 1 + # fi + # - name: Test Symfony + # if: always() + # run: | + # git clone https://github.com/symfony/symfony.git --depth=1 + # cd symfony + # git rev-parse HEAD + # php8.0 /usr/bin/composer install --no-progress + # php8.0 ./phpunit install + # export USE_ZEND_ALLOC=0 + # export USE_TRACKED_ALLOC=1 + # export ASAN_OPTIONS=exitcode=139 + # export SYMFONY_DEPRECATIONS_HELPER=max[total]=999 + # X=0 + # for component in $(find src/Symfony -mindepth 2 -type f -name phpunit.xml.dist -printf '%h\n'); do + # php ./phpunit $component --exclude-group tty,benchmark,intl-data,transient; + # if [ $? -gt 128 ]; then + # X=1; + # fi + # done + # exit $X + # - name: Test Amphp + # if: always() + # run: | + # git clone https://github.com/amphp/amp.git --branch=master --depth=1 + # cd amp + # git rev-parse HEAD + # php /usr/bin/composer install --no-progress --ignore-platform-reqs + # export USE_ZEND_ALLOC=0 + # sed -i 's/$exit = true/$exit = false/g' vendor/phpunit/phpunit/src/TextUI/Command.php + # php vendor/bin/phpunit + # - name: Test PHPUnit + # if: always() + # run: | + # git clone https://github.com/sebastianbergmann/phpunit.git --branch=master --depth=1 + # cd phpunit + # git rev-parse HEAD + # export USE_ZEND_ALLOC=0 + # export USE_TRACKED_ALLOC=1 + # export ASAN_OPTIONS=exitcode=139 + # php8.0 /usr/bin/composer install --no-progress + # php ./phpunit + # if [ $? -gt 128 ]; then + # exit 1 + # fi + # - name: Symfony Preloading + # if: always() + # run: | + # php8.0 /usr/bin/composer create-project symfony/symfony-demo symfony_demo --no-progress + # cd symfony_demo + # git rev-parse HEAD + # export USE_ZEND_ALLOC=0 + # export USE_TRACKED_ALLOC=1 + # sed -i 's/PHP_SAPI/"cli-server"/g' var/cache/dev/App_KernelDevDebugContainer.preload.php + # php -d opcache.preload=var/cache/dev/App_KernelDevDebugContainer.preload.php public/index.php + coverage: + # needs: generate_matrix + # strategy: + # matrix: ${{ fromJson(needs.generate_matrix.outputs.branch_matrix) }} + # fail-fast: false + # name: ${{ matrix.branch.name }} + runs-on: ubuntu-20.04 + env: + ARCH: linux-x64 + steps: + - name: git checkout + uses: actions/checkout@v2 + # Only test on current branch until merged + # with: + # ref: ${{ matrix.branch.ref }} + - name: Create mssql container + uses: ./.github/actions/mssql + - name: Install dependencies + uses: ./.github/actions/deps + - name: Install gcovr + run: sudo -H pip install gcovr + - name: ./configure + uses: ./.github/actions/configure + with: + configurationParameters: --enable-debug --disable-zts --enable-gcov + - name: make + run: make -j$(/usr/bin/nproc) >/dev/null + - name: make install + uses: ./.github/actions/install + - name: Setup + uses: ./.github/actions/setup + - name: Test + uses: ./.github/actions/test + with: + runTestsParameters: -d zend_extension=opcache.so + - name: 'Upload Test Coverage to Codecov.io' + if: always() + run: bash <(curl -s https://codecov.io/bash) + - name: 'Generate Test Coverage Cobertura XML Report' + if: always() + run: | + make gcovr-xml + mv gcovr.xml coverage.xml + # FIXME: What's the equivalent for GitHub actions? + # - name: 'Publish Test Coverage' + # if: always() + # task: PublishCodeCoverageResults@1 + # inputs: + # codeCoverageTool: 'Cobertura' + # summaryFileLocation: coverage.xml + # opcache_variation: + # # needs: generate_matrix + # # strategy: + # # matrix: ${{ fromJson(needs.generate_matrix.outputs.branch_matrix) }} + # # fail-fast: false + # # name: ${{ matrix.branch.name }} + # runs-on: ubuntu-20.04 + # env: + # ARCH: linux-x64 + # steps: + # - name: git checkout + # uses: actions/checkout@v2 + # # Only test on current branch until merged + # # with: + # # ref: ${{ matrix.branch.ref }} + # - name: Create mssql container + # uses: ./.github/actions/mssql + # - name: Install dependencies + # uses: ./.github/actions/deps + # - name: ./configure + # uses: ./.github/actions/configure + # with: + # configurationParameters: --enable-debug --disable-zts + # - name: make + # run: make -j$(/usr/bin/nproc) >/dev/null + # - name: make install + # uses: ./.github/actions/install + # - name: Setup + # uses: ./.github/actions/setup + # - name: Test File Cache (prime shm) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-prime + # - name: Test File Cache (prime shm, use shm) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-use + # - name: Test File Cache (prime shm, use file) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-use -d opcache.file_cache_only=1 + # - name: Test File Cache (prime file) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-prime -d opcache.file_cache_only=1 + # - name: Test File Cache (prime file, use file) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-use -d opcache.file_cache_only=1 + # - name: Test File Cache (prime file, use shm) + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --file-cache-use + # - name: Test Without interned strings + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so -d opcache.interned_strings_buffer=0 + # - name: Test Preload + # uses: ./.github/actions/test + # with: + # runTestsParameters: -d zend_extension=opcache.so --preload + # libmysqlclient_debug_nts: + # # needs: generate_matrix + # # strategy: + # # matrix: ${{ fromJson(needs.generate_matrix.outputs.branch_matrix) }} + # # fail-fast: false + # # name: ${{ matrix.branch.name }} + # runs-on: ubuntu-20.04 + # env: + # ARCH: linux-x64 + # steps: + # - name: git checkout + # uses: actions/checkout@v2 + # # Only test on current branch until merged + # # with: + # # ref: ${{ matrix.branch.ref }} + # - name: Install dependencies + # run: | + # sudo apt-get update -y | true + # sudo apt install bison re2c + # - name: Setup MySQL server + # run: | + # set -o + # sudo service mysql start + # mysql -uroot -proot -e "CREATE DATABASE IF NOT EXISTS test" + # # Ensure local_infile tests can run. + # mysql -uroot -proot -e "SET GLOBAL local_infile = true" + # # Does not support caching_sha2_auth :( + # # - uses: ./.github/actions/libmysql-test + # # with: + # # configurationName: LIBMYSQLCLIENT_DEBUG_NTS - MySQL 5.6.49 + # # libmysql: mysql-5.6.49-linux-glibc2.12-x86_64.tar.gz + # - uses: ./.github/actions/libmysql-test + # with: + # configurationName: LIBMYSQLCLIENT_DEBUG_NTS - MySQL 5.7.35 + # libmysql: mysql-5.7.35-linux-glibc2.12-x86_64.tar.gz + # configurationParameters: --enable-debug --disable-zts + # - uses: ./.github/actions/libmysql-test + # with: + # configurationName: LIBMYSQLCLIENT_DEBUG_NTS - MySQL 8.0.27 + # libmysql: mysql-8.0.27-linux-glibc2.12-x86_64.tar.xz + # configurationParameters: --enable-debug --disable-zts --enable-werror diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000000000..c40d7f371eb3a --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,65 @@ +name: Push +on: + push: + ignore-paths: + - docs/* + - NEWS + - UPGRADING + - UPGRADING.INTERNALS + - README.md + - CONTRIBUTING.md + - CODING_STANDARDS.md + # Ignore while testing nightly + branches-ignore: + - '**' +jobs: + test: + strategy: + matrix: + include: + - name: LINUX_X64_DEBUG_NTS + arch: linux-x64 + configurationParameters: --enable-debug --disable-zts + - name: LINUX_X64_RELEASE_ZTS + arch: linux-x64 + configurationParameters: --disable-debug --enable-zts + # apt broken, not sure why + # - name: LINUX_I386_DEBUG_ZTS + # arch: linux-i386 + # configurationParameters: --enable-debug --disable-zts + - name: MACOS_DEBUG_NTS + arch: macos + configurationParameters: --enable-debug --disable-zts + fail-fast: false + name: ${{ matrix.name }} + runs-on: ${{ startsWith(matrix['arch'], 'linux-') && 'ubuntu-20.04' || 'macOS-10.15' }} + env: + ARCH: ${{ matrix.arch }} + steps: + - name: git checkout + uses: actions/checkout@v2 + - name: Create mssql container + if: ${{ env.ARCH != 'macos' }} + uses: ./.github/actions/mssql + - name: Install dependencies + uses: ./.github/actions/deps + - name: ./configure + uses: ./.github/actions/configure + with: + configurationParameters: ${{ matrix.configurationParameters }} + - name: make + shell: bash + run: | + if [ "$ARCH" == "macos" ]; then + export PATH="/usr/local/opt/bison/bin:$PATH" + fi + make ${{ env.ARCH != 'macos' && '-j$(/usr/bin/nproc)' || '-j$(sysctl -n hw.logicalcpu)' }} >/dev/null + - name: make install + uses: ./.github/actions/install + - name: Setup + if: ${{ env.ARCH != 'macos' }} + uses: ./.github/actions/setup + - name: Test + uses: ./.github/actions/tests + with: + extended: ${{ inputs.extendedTests }}