shut_down() the service if TLS negotiation fails #4057
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Cyrus IMAP CI | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- master | |
- main | |
- 'cyrus-imapd-*' | |
pull_request: | |
branches: | |
- master | |
- main | |
- 'cyrus-imapd-*' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
container: | |
image: cyrusimapdocker/cyrus-buster:latest | |
options: --sysctl net.ipv6.conf.all.disable_ipv6=0 --init | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: install missing or frequently-updated deps | |
shell: bash | |
run: | | |
cpanm IO::File::fcntl | |
cpanm Digest::CRC | |
cpanm XML::Simple # XXX could be grabbed from apt by docker image | |
cpanm Mail::IMAPTalk # in image, but fetch latest! | |
- name: setup git safe directory | |
shell: bash | |
run: git config --global --add safe.directory /__w/cyrus-imapd/cyrus-imapd | |
- name: fetch upstream release tags | |
if: ${{ github.repository != 'cyrusimap/cyrus-imapd' }} | |
shell: bash | |
run: | | |
git remote add upstream https://github.com/cyrusimap/cyrus-imapd.git | |
# n.b. --no-tags does not mean "no tags", it means "no automatic tag | |
# following". we're explicitly fetching the tags we want, we do not | |
# need every other tag that's reachable from them | |
git fetch --no-tags upstream 'refs/tags/cyrus-imapd-*:refs/tags/cyrus-imapd-*' | |
- name: configure and build | |
shell: bash | |
run: | | |
echo "building cyrus version" $(./tools/git-version.sh) | |
./tools/build-with-cyruslibs.sh | |
- name: report version information | |
shell: bash | |
run: | | |
echo "debian" $(cat /etc/debian_version) | |
echo "Mail::IMAPTalk" $(cpanm --info Mail::IMAPTalk) | |
/usr/cyrus/libexec/master -V | |
/usr/cyrus/sbin/cyr_buildinfo | |
- name: update jmap test suite | |
working-directory: /srv/JMAP-TestSuite.git | |
shell: bash | |
run: | | |
git fetch | |
git checkout origin/master | |
git clean -f -x -d | |
cpanm --installdeps . | |
- name: set up cassandane | |
working-directory: cassandane | |
shell: bash | |
run: | | |
cp -af cassandane.ini.dockertests cassandane.ini | |
chown cyrus:mail cassandane.ini | |
make -j8 | |
- name: run cassandane quietly | |
id: cass1 | |
continue-on-error: true | |
working-directory: cassandane | |
run: setpriv --reuid=cyrus --regid=mail --clear-groups --inh-caps='-chown,-dac_override,-dac_read_search,-fowner,-fsetid,-kill,-setgid,-setuid,-setpcap,-linux_immutable,-net_bind_service,-net_broadcast,-net_admin,-net_raw,-ipc_lock,-ipc_owner,-sys_module,-sys_rawio,-sys_chroot,-sys_ptrace,-sys_pacct,-sys_admin,-sys_boot,-sys_nice,-sys_resource,-sys_time,-sys_tty_config,-mknod,-lease,-audit_write,-audit_control,-setfcap,-mac_override,-mac_admin,-syslog,-wake_alarm,-block_suspend,-audit_read,-cap_38,-cap_39,-cap_40' ./testrunner.pl --slow -f prettier -j 8 !Test::Core | |
- name: rerun cassandane failures noisily | |
if: ${{ steps.cass1.outcome == 'failure' }} | |
working-directory: cassandane | |
run: setpriv --reuid=cyrus --regid=mail --clear-groups --inh-caps='-chown,-dac_override,-dac_read_search,-fowner,-fsetid,-kill,-setgid,-setuid,-setpcap,-linux_immutable,-net_bind_service,-net_broadcast,-net_admin,-net_raw,-ipc_lock,-ipc_owner,-sys_module,-sys_rawio,-sys_chroot,-sys_ptrace,-sys_pacct,-sys_admin,-sys_boot,-sys_nice,-sys_resource,-sys_time,-sys_tty_config,-mknod,-lease,-audit_write,-audit_control,-setfcap,-mac_override,-mac_admin,-syslog,-wake_alarm,-block_suspend,-audit_read,-cap_38,-cap_39,-cap_40' ./testrunner.pl -f pretty -j 8 --rerun | |
- name: collect logs | |
if: always() | |
run: cat /tmp/cass/*/conf/log/syslog |