Skip to content
CI

chore: untrack conversation transcript files from initial commit #3

Sign in to view logs

chore: untrack conversation transcript files from initial commit

chore: untrack conversation transcript files from initial commit #3

Workflow file for this run

.github/workflows/ci.yml at 072c6db
name: CI
on:
push:
branches: [ main, dev ]
pull_request:
branches: [ main ]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# ---------------------------------------------------------------------------
# Standard build + test (Linux + macOS)
# ---------------------------------------------------------------------------
build-test:
name: Build & Test (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os: [ ubuntu-24.04, macos-14 ]
steps:
- uses: actions/checkout@v4
- name: Install Ninja (Ubuntu)
if: startsWith(matrix.os, 'ubuntu')
run: sudo apt-get install -y ninja-build
- name: Install Ninja (macOS)
if: startsWith(matrix.os, 'macos')
run: brew install ninja
- name: Configure
run: cmake --preset ci
- name: Build
run: cmake --build --preset ci --parallel
- name: Test
run: ctest --preset ci
# ---------------------------------------------------------------------------
# AddressSanitizer + UndefinedBehaviorSanitizer (Ubuntu only)
# ---------------------------------------------------------------------------
asan:
name: ASan + UBSan (Ubuntu)
runs-on: ubuntu-24.04
env:
CC: clang-18
CXX: clang++-18
steps:
- uses: actions/checkout@v4
- name: Install Clang 18 + Ninja
run: |
sudo apt-get install -y ninja-build clang-18
- name: Configure
run: cmake --preset asan
- name: Build
run: cmake --build --preset asan --parallel
- name: Test
run: ctest --preset asan
env:
ASAN_OPTIONS: detect_leaks=1:halt_on_error=1
UBSAN_OPTIONS: halt_on_error=1:print_stacktrace=1
# ---------------------------------------------------------------------------
# ThreadSanitizer (Ubuntu only — TSan + macOS is unreliable)
# ---------------------------------------------------------------------------
tsan:
name: TSan (Ubuntu)
runs-on: ubuntu-24.04
env:
CC: clang-18
CXX: clang++-18
steps:
- uses: actions/checkout@v4
- name: Install Clang 18 + Ninja
run: |
sudo apt-get install -y ninja-build clang-18
- name: Configure
run: cmake --preset tsan
- name: Build
run: cmake --build --preset tsan --parallel
- name: Test
run: ctest --preset tsan
env:
TSAN_OPTIONS: halt_on_error=1
# ---------------------------------------------------------------------------
# UBSan standalone — stricter flags, all-recover=no (Ubuntu)
# ---------------------------------------------------------------------------
ubsan:
name: UBSan (Ubuntu)
runs-on: ubuntu-24.04
env:
CC: clang-18
CXX: clang++-18
steps:
- uses: actions/checkout@v4
- name: Install Clang 18 + Ninja
run: |
sudo apt-get install -y ninja-build clang-18
- name: Configure
run: cmake --preset ubsan
- name: Build
run: cmake --build --preset ubsan --parallel
- name: Test
run: ctest --preset ubsan
env:
UBSAN_OPTIONS: halt_on_error=1:print_stacktrace=1
# ---------------------------------------------------------------------------
# Windows (MSVC) — header-only core only, no sanitizers
# ---------------------------------------------------------------------------
windows:
name: Build & Test (Windows / MSVC)
runs-on: windows-2022
steps:
- uses: actions/checkout@v4
- name: Configure
run: cmake -B build-win -G "Visual Studio 17 2022" -A x64
-DSIGNET_BUILD_TESTS=ON -DSIGNET_BUILD_EXAMPLES=ON
- name: Build
run: cmake --build build-win --config Debug --parallel
- name: Test
run: ctest --test-dir build-win -C Debug --output-on-failure
# ---------------------------------------------------------------------------
# Server codecs: ZSTD + LZ4 + Gzip enabled (Ubuntu)
# ---------------------------------------------------------------------------
server-codecs:
name: Server Codecs (Ubuntu)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install Ninja + codec libraries
run: |
sudo apt-get update -q
sudo apt-get install -y ninja-build libzstd-dev liblz4-dev zlib1g-dev
- name: Configure
run: |
cmake -S . -B build-server -G Ninja \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DSIGNET_BUILD_TESTS=ON \
-DSIGNET_BUILD_EXAMPLES=ON \
-DSIGNET_ENABLE_ZSTD=ON \
-DSIGNET_ENABLE_LZ4=ON \
-DSIGNET_ENABLE_GZIP=ON \
-DSIGNET_BUILD_AI_AUDIT=ON
- name: Build
run: cmake --build build-server --parallel
- name: Test
run: ctest --test-dir build-server --output-on-failure
# ---------------------------------------------------------------------------
# Post-quantum: real Kyber-768 + Dilithium-3 via liboqs (Ubuntu)
# ---------------------------------------------------------------------------
post-quantum:
name: Post-Quantum PQ (Ubuntu)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
- name: Install Ninja + build deps
run: |
sudo apt-get update -q
sudo apt-get install -y ninja-build cmake
- name: Build + install liboqs (minimal Kyber-768 + Dilithium-3)
run: |
git clone --depth 1 https://github.com/open-quantum-safe/liboqs.git /tmp/liboqs
cmake -S /tmp/liboqs -B /tmp/liboqs-build \
-G Ninja \
-DCMAKE_BUILD_TYPE=Release \
-DOQS_BUILD_ONLY_LIB=ON \
-DOQS_MINIMAL_BUILD="KEM_kyber_768;SIG_dilithium_3" \
-DOQS_USE_OPENSSL=OFF
cmake --build /tmp/liboqs-build --parallel
sudo cmake --install /tmp/liboqs-build
- name: Configure (PQ enabled)
run: |
cmake -S . -B build-pq -G Ninja \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
-DSIGNET_BUILD_TESTS=ON \
-DSIGNET_ENABLE_PQ=ON \
-DSIGNET_BUILD_AI_AUDIT=ON
- name: Build
run: cmake --build build-pq --parallel
- name: Test (PQ tag first, then full suite)
run: |
ctest --test-dir build-pq --output-on-failure -L "pq"
ctest --test-dir build-pq --output-on-failure