tracexec 0.8.2

Tracer for execve{,at} and pre-exec behavior, launcher for debuggers.
# The MIT License (MIT)

# Copyright (c) 2016-2022 Florian Dehau
# Copyright (c) 2023-2024 The Ratatui Developers
# Copyright (c) 2024      Levi Zim

# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:

# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.

# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.

name: Continuous Integration

on:
  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:
  push:
    branches:
      - main
  pull_request:
  merge_group:

# ensure that the workflow is only triggered once per PR,  subsequent pushes to the PR will cancel
# and restart the workflow. See https://docs.github.com/en/actions/using-jobs/using-concurrency
concurrency:
  group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  cancel-in-progress: true

env:
  CARGO_TERM_COLOR: always

jobs:
  lint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Install Rust stable
        uses: dtolnay/rust-toolchain@stable
        with:
          components: rustfmt
      - name: Cache Cargo dependencies
        uses: Swatinem/rust-cache@v2
      - name: Check typos
        uses: crate-ci/typos@master
      - name: Lint dependencies
        uses: EmbarkStudios/cargo-deny-action@v1
  clippy:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Install Rust stable
        uses: dtolnay/rust-toolchain@stable
        with:
          components: clippy,rustfmt
      - name: Install native dependencies
        run: |
          sudo apt-get update -y
          sudo apt-get install -y libelf-dev zlib1g-dev build-essential
      - name: Cache Cargo dependencies
        uses: Swatinem/rust-cache@v2
      - name: Run clippy
        run: cargo clippy -- -D warnings
  check_and_test:
    strategy:
      fail-fast: false
      matrix:
        include:
          - os: ubuntu-24.04
            os-arch: amd64
            target: x86_64-unknown-linux-gnu
            arch: x86_64
            libpath: usr/lib/x86_64-linux-gnu
            no-default-features: false
          # Test with eBPF feature disabled
          - os: ubuntu-24.04
            os-arch: amd64
            target: x86_64-unknown-linux-gnu
            arch: x86_64
            libpath: usr/lib/x86_64-linux-gnu
            no-default-features: true
            args: '-F seccomp-bpf'
          - os: ubuntu-24.04
            os-arch: amd64
            target: x86_64-unknown-linux-gnu
            arch: x86_64
            libpath: usr/lib/x86_64-linux-gnu
            no-default-features: false
            args: '-F static,vendored'
            rust_flags: -C target-feature=+crt-static
            static_libseccomp: true
          - os: ubuntu-24.04
            os-arch: arm64
            target: aarch64-unknown-linux-gnu
            arch: aarch64
            libpath: usr/lib/aarch64-linux-gnu
            no-default-features: false
          - os: ubuntu-24.04
            os-arch: arm64
            target: aarch64-unknown-linux-gnu
            arch: aarch64
            libpath: usr/lib/aarch64-linux-gnu
            no-default-features: false
            args: '-F static,vendored'
            rust_flags: -C target-feature=+crt-static
            static_libseccomp: true
          - os: ubuntu-24.04
            os-arch: riscv64
            target: riscv64gc-unknown-linux-gnu
            arch: riscv64
            libpath: usr/lib/riscv64-linux-gnu
            args: '-F ebpf,vendored-libbpf'
            no-default-features: true
          - os: ubuntu-24.04
            os-arch: riscv64
            target: riscv64gc-unknown-linux-gnu
            arch: riscv64
            libpath: usr/lib/riscv64-linux-gnu
            args: '-F ebpf,static,vendored'
            no-default-features: true
            rust_flags: -C target-feature=+crt-static
            static_libseccomp: true
    runs-on: ${{ matrix.os }}
    env:
      RUSTFLAGS: ${{ matrix.rust_flags }}
      LIBSECCOMP_LINK_TYPE: ${{ matrix.static_libseccomp && 'static' || 'dylib' }}
      LIBSECCOMP_LIB_PATH: ${{ matrix.static_libseccomp && format('/{0}', matrix.libpath) || '/this/path/does/not/exist' }}
    #   LIBBPF_SYS_LIBRARY_PATH: ${{ github.workspace }}/3rdparty/${{ matrix.arch }}/${{ matrix.libpath }}
    #   LIBBPF_SYS_EXTRA_CFLAGS: -I ${{ github.workspace }}/3rdparty/${{ matrix.arch }}/usr/include
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Install Rust
        uses: dtolnay/rust-toolchain@master
        with:
          toolchain: "1.82"
          targets: ${{ matrix.target }}
          components: rustfmt
      - name: Install cross-compilation tools
        uses: taiki-e/setup-cross-toolchain-action@v1
        with:
          target: ${{ matrix.target }}
      - name: Add apt sources for ${{ matrix.os-arch }}
        if: matrix.os-arch != 'amd64'
        run: |
          dpkg --add-architecture ${{ matrix.os-arch }}

          release=$(. /etc/os-release && echo "$UBUNTU_CODENAME")
          sed -i '/Types: deb/aArchitectures: amd64' /etc/apt/sources.list.d/ubuntu.sources
          printf 'deb [arch=${{ matrix.os-arch }}] http://ports.ubuntu.com/ %s main restricted\n' \
              $release $release-updates $release-security \
              >> /etc/apt/sources.list
        shell: sudo sh -e {0}
      - name: Install build dependencies
        run: |
          sudo apt-get update -y
          sudo apt-get install -y build-essential autopoint gettext libelf-dev zlib1g-dev \
            libelf-dev:${{ matrix.os-arch }} zlib1g-dev:${{ matrix.os-arch }}
          sudo apt-get install -y libseccomp-dev:${{ matrix.os-arch }}
          if ! [ "${{ matrix.static_libseccomp }}" = "true" ]; then
            sudo apt-get install -y libseccomp2:${{ matrix.os-arch }}
          fi
      # - name: Prepare libelf and zlib
      #   run: 3rdparty/prepare-native-dependencies.sh ${{ matrix.arch }}
      - name: Cache Cargo dependencies
        uses: Swatinem/rust-cache@v2
      - name: Run cargo build with default features
        run: cargo build --bins --tests --target ${{ matrix.target }} ${{ matrix.args }}
      - name: Run cargo check with default features
        run: cargo check --target ${{ matrix.target }} ${{ matrix.args }}
        env:
          RUST_BACKTRACE: full
      - name: Run cargo test with default features
        if: matrix.target == 'x86_64-unknown-linux-gnu' || matrix.target == 'x86_64-unknown-linux-musl'
        run: cargo test --target ${{ matrix.target }} ${{ matrix.args }}
        env:
          RUST_BACKTRACE: full