name: CI on: push: branches: [main] tags-ignore: [dev] pull_request: branches: ['main', 'release-*'] defaults: run: shell: bash # Cancel any in-flight jobs for the same PR/branch so there's only one active # at a time concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: # Check Code style quickly by running `rustfmt` over all code rustfmt: name: Rustfmt runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: rustup component add rustfmt - run: cargo fmt --all -- --check # Lint dependency graph for security advisories, duplicate versions, and # incompatible licences cargo_deny: name: Cargo deny runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: | set -e curl -L https://github.com/EmbarkStudios/cargo-deny/releases/download/0.8.5/cargo-deny-0.8.5-x86_64-unknown-linux-musl.tar.gz | tar xzf - mv cargo-deny-*-x86_64-unknown-linux-musl/cargo-deny cargo-deny echo `pwd` >> $GITHUB_PATH - run: cargo deny check bans licenses # Ensure dependencies are vetted. See https://mozilla.github.io/cargo-vet/ cargo_vet: name: Cargo vet runs-on: ubuntu-latest env: CARGO_VET_VERSION: 0.3.0 steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - uses: actions/cache@v3 with: path: ${{ runner.tool_cache }}/cargo-vet key: cargo-vet-bin-${{ env.CARGO_VET_VERSION }} - run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH - run: cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet - run: cargo vet --locked doc: name: Doc build runs-on: ubuntu-latest env: CARGO_MDBOOK_VERSION: 0.4.21 RUSTDOCFLAGS: -Dbroken_intra_doc_links --cfg nightlydoc OPENVINO_SKIP_LINKING: 1 steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust with: toolchain: nightly-2022-09-07 # Build C API documentation - run: sudo apt-get update -y && sudo apt-get install -y libclang1-9 libclang-cpp9 - run: curl -L https://sourceforge.net/projects/doxygen/files/rel-1.9.3/doxygen-1.9.3.linux.bin.tar.gz/download | tar xzf - - run: echo "`pwd`/doxygen-1.9.3/bin" >> $GITHUB_PATH - run: cd crates/c-api && doxygen doxygen.conf # install mdbook, build the docs, and test the docs - uses: actions/cache@v3 with: path: ${{ runner.tool_cache }}/mdbook key: cargo-mdbook-bin-${{ env.CARGO_MDBOOK_VERSION }} - run: | echo "${{ runner.tool_cache }}/mdbook/bin" >> $GITHUB_PATH cargo install --root ${{ runner.tool_cache }}/mdbook --version ${{ env.CARGO_MDBOOK_VERSION }} mdbook - run: (cd docs && mdbook build) - run: cargo build -p wasmtime-wasi --features wasmtime/wat,wasmtime/cranelift - run: (cd docs/rust_wasi_markdown_parser && cargo build) - run: (cd docs && mdbook test -L ../target/debug/deps,./rust_wasi_markdown_parser/target/debug/deps) # Build Rust API documentation - run: | cargo doc --no-deps --workspace \ --exclude wasmtime-cli \ --exclude test-programs \ --exclude cranelift-codegen-meta - run: cargo doc --package cranelift-codegen-meta --document-private-items # Assemble the documentation, and always upload it as an artifact for # inspection on PRs and such. - run: | mv docs/book gh-pages mv crates/c-api/html gh-pages/c-api mv target/doc gh-pages/api tar czf gh-pages.tar.gz gh-pages - uses: actions/upload-artifact@v3 with: name: gh-pages path: gh-pages.tar.gz # If this is a push to the main branch push to the `gh-pages` using a # deploy key. Note that a deploy key is necessary for now because otherwise # using the default token for github actions doesn't actually trigger a page # rebuild. - name: Push to gh-pages run: curl -LsSf https://git.io/fhJ8n | rustc - && (cd gh-pages && ../rust_out) env: GITHUB_DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }} BUILD_REPOSITORY_ID: ${{ github.repository }} BUILD_SOURCEVERSION: ${{ github.sha }} if: github.event_name == 'push' && github.ref == 'refs/heads/main' && github.repository == 'bytecodealliance/wasmtime' # Quick checks of various feature combinations and whether things # compile. The goal here isn't to run tests, mostly just serve as a # double-check that Rust code compiles and is likely to work everywhere else. checks: name: Check runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust # Check some feature combinations of the `wasmtime` crate - run: cargo check -p wasmtime --no-default-features - run: cargo check -p wasmtime --no-default-features --features wat - run: cargo check -p wasmtime --no-default-features --features jitdump - run: cargo check -p wasmtime --no-default-features --features vtune - run: cargo check -p wasmtime --no-default-features --features cache - run: cargo check -p wasmtime --no-default-features --features async - run: cargo check -p wasmtime --no-default-features --features pooling-allocator - run: cargo check -p wasmtime --no-default-features --features cranelift - run: cargo check -p wasmtime --no-default-features --features component-model - run: cargo check -p wasmtime --no-default-features --features cranelift,wat,async,cache - run: cargo check --features component-model # Check that benchmarks of the cranelift project build - run: cargo check --benches -p cranelift-codegen # Check some feature combinations of the `wasmtime-c-api` crate - run: cargo check -p wasmtime-c-api --no-default-features - run: cargo check -p wasmtime-c-api --no-default-features --features wat - run: cargo check -p wasmtime-c-api --no-default-features --features wasi # Check a few builds of the cranelift backend # - only x86 backend support, # - only arm64 backend support, # - no debug_assertions. - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/arm64 - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/x86 - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util env: CARGO_PROFILE_DEV_DEBUG_ASSERTIONS: false # Check whether `wasmtime` cross-compiles to aarch64-pc-windows-msvc # We don't build nor test it because it lacks trap handling. # Tracking issue: https://github.com/bytecodealliance/wasmtime/issues/4992 checks_winarm64: name: Check Windows ARM64 runs-on: windows-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: rustup target add aarch64-pc-windows-msvc - run: cargo check -p wasmtime --target aarch64-pc-windows-msvc fuzz_targets: name: Fuzz Targets runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true # Note that building with fuzzers requires nightly since it uses unstable # flags to rustc. - uses: ./.github/actions/install-rust with: toolchain: nightly-2022-09-07 - run: cargo install cargo-fuzz --vers "^0.11" # Install the OCaml packages necessary for fuzz targets that use the # `wasm-spec-interpreter`. - run: sudo apt install -y ocaml-nox ocamlbuild ocaml-findlib libzarith-ocaml-dev - run: cargo fetch working-directory: ./fuzz - run: cargo fuzz build --dev # Check that the ISLE fuzz targets build too. - run: cargo fuzz build --dev --fuzz-dir ./cranelift/isle/fuzz # Perform all tests (debug mode) for `wasmtime`. This runs stable/beta/nightly # channels of Rust as well as macOS/Linux/Windows. test: name: Test runs-on: ${{ matrix.os }} env: QEMU_BUILD_VERSION: 6.1.0 strategy: matrix: include: - os: ubuntu-latest # defaults to x86_64-apple-darwin - os: macos-latest - os: windows-latest - os: windows-latest target: x86_64-pc-windows-gnu - os: ubuntu-latest target: aarch64-unknown-linux-gnu gcc_package: gcc-aarch64-linux-gnu gcc: aarch64-linux-gnu-gcc qemu: qemu-aarch64 -L /usr/aarch64-linux-gnu qemu_target: aarch64-linux-user - os: ubuntu-latest target: s390x-unknown-linux-gnu gcc_package: gcc-s390x-linux-gnu gcc: s390x-linux-gnu-gcc qemu: qemu-s390x -L /usr/s390x-linux-gnu qemu_target: s390x-linux-user - os: ubuntu-latest target: riscv64gc-unknown-linux-gnu gcc_package: gcc-riscv64-linux-gnu gcc: riscv64-linux-gnu-gcc qemu: qemu-riscv64 -L /usr/riscv64-linux-gnu qemu_target: riscv64-linux-user steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust # Install targets in order to build various tests throughout the repo - run: rustup target add wasm32-wasi wasm32-unknown-unknown ${{ matrix.target }} - run: echo CARGO_BUILD_TARGET=${{ matrix.target }} >> $GITHUB_ENV if: matrix.target != '' # Fix an ICE for now in gcc when compiling zstd with debuginfo (??) - run: echo CFLAGS=-g0 >> $GITHUB_ENV if: matrix.target == 'x86_64-pc-windows-gnu' - run: cargo fetch --locked - run: cargo fetch --locked --manifest-path crates/test-programs/wasi-tests/Cargo.toml - uses: actions/cache@v3 with: path: ${{ runner.tool_cache }}/qemu key: qemu-${{ matrix.target }}-${{ env.QEMU_BUILD_VERSION }}-patchmadvise2 if: matrix.target != '' && matrix.os == 'ubuntu-latest' - name: Install cross-compilation tools run: | set -ex sudo apt-get update sudo apt-get install -y ${{ matrix.gcc_package }} ninja-build # Configure Cargo for cross compilation and tell it how it can run # cross executables upcase=$(echo ${{ matrix.target }} | awk '{ print toupper($0) }' | sed 's/-/_/g') echo CARGO_TARGET_${upcase}_RUNNER=${{ runner.tool_cache }}/qemu/bin/${{ matrix.qemu }} >> $GITHUB_ENV echo CARGO_TARGET_${upcase}_LINKER=${{ matrix.gcc }} >> $GITHUB_ENV # QEMU emulation is not always the speediest, so total testing time # goes down if we build the libs in release mode when running tests. echo CARGO_PROFILE_DEV_OPT_LEVEL=2 >> $GITHUB_ENV # See comments in the source for why we enable this during QEMU # emulation. echo WASMTIME_TEST_NO_HOG_MEMORY=1 >> $GITHUB_ENV # See if qemu is already in the cache if [ -f ${{ runner.tool_cache }}/qemu/built ]; then exit 0 fi # Download and build qemu from source since the most recent release is # way faster at arm emulation than the current version github actions' # ubuntu image uses. Disable as much as we can to get it to build # quickly. curl https://download.qemu.org/qemu-$QEMU_BUILD_VERSION.tar.xz | tar xJf - cd qemu-$QEMU_BUILD_VERSION patch -p1 < $GITHUB_WORKSPACE/ci/qemu-madvise.patch ./configure --target-list=${{ matrix.qemu_target }} --prefix=${{ runner.tool_cache}}/qemu --disable-tools --disable-slirp --disable-fdt --disable-capstone --disable-docs ninja -C build install touch ${{ runner.tool_cache }}/qemu/built if: matrix.gcc != '' # Prepare tests in CMake - run: cmake -Sexamples -Bexamples/build -DBUILD_SHARED_LIBS=OFF if: matrix.target == '' # Build tests - run: cmake --build examples/build --config Debug if: matrix.target == '' # Run tests - run: cmake -E env CTEST_OUTPUT_ON_FAILURE=1 cmake --build examples/build --config Debug --target RUN_TESTS env: RUST_BACKTRACE: 1 if: matrix.target == '' && matrix.os == 'windows-latest' - run: cmake -E env CTEST_OUTPUT_ON_FAILURE=1 cmake --build examples/build --config Debug --target test env: RUST_BACKTRACE: 1 if: matrix.target == '' && matrix.os != 'windows-latest' # Build and test all features - run: ./ci/run-tests.sh --locked env: RUST_BACKTRACE: 1 # Test debug (DWARF) related functionality. - run: | sudo apt-get update && sudo apt-get install -y gdb lldb llvm cargo test test_debug_dwarf -- --ignored --test-threads 1 if: matrix.os == 'ubuntu-latest' && matrix.target == '' env: RUST_BACKTRACE: 1 # Build and test the wasi-nn module. test_wasi_nn: name: Test wasi-nn module runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: rustup target add wasm32-wasi - uses: abrown/install-openvino-action@v3 - run: ./ci/run-wasi-nn-example.sh env: RUST_BACKTRACE: 1 # Build and test the wasi-crypto module. test_wasi_crypto: name: Test wasi-crypto module runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - run: rustup update stable && rustup default stable - run: rustup target add wasm32-wasi - run: ./ci/run-wasi-crypto-example.sh env: RUST_BACKTRACE: 1 bench: name: Run benchmarks runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: rustup target add wasm32-wasi - run: cargo test --benches --release # Verify that cranelift's code generation is deterministic meta_determinist_check: name: Meta deterministic check runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust - run: cd cranelift/codegen && cargo build --features all-arch - run: ci/ensure_deterministic_build.sh # Perform release builds of `wasmtime` and `libwasmtime.so`. Builds on # Windows/Mac/Linux, and artifacts are uploaded after the build is finished. # Note that we also run tests here to test exactly what we're deploying. build: name: Build wasmtime runs-on: ${{ matrix.os }} strategy: matrix: include: - build: x86_64-linux os: ubuntu-latest - build: x86_64-macos os: macos-latest - build: aarch64-macos os: macos-latest target: aarch64-apple-darwin - build: x86_64-windows os: windows-latest - build: x86_64-mingw os: windows-latest target: x86_64-pc-windows-gnu - build: aarch64-linux os: ubuntu-latest target: aarch64-unknown-linux-gnu - build: s390x-linux os: ubuntu-latest target: s390x-unknown-linux-gnu - build: riscv64gc-linux os: ubuntu-latest target: riscv64gc-unknown-linux-gnu steps: - uses: actions/checkout@v3 with: submodules: true - uses: ./.github/actions/install-rust # On one builder produce the source tarball since there's no need to produce # it everywhere - run: ./ci/build-src-tarball.sh if: matrix.build == 'x86_64-linux' - uses: ./.github/actions/binary-compatible-builds with: name: ${{ matrix.build }} - run: | echo CARGO_BUILD_TARGET=${{ matrix.target }} >> $GITHUB_ENV rustup target add ${{ matrix.target }} if: matrix.target != '' # Build `wasmtime` and executables - run: $CENTOS cargo build --release --bin wasmtime # Build `libwasmtime.so` - run: $CENTOS cargo build --release --manifest-path crates/c-api/Cargo.toml # Assemble release artifats appropriate for this platform, then upload them # unconditionally to this workflow's files so we have a copy of them. - run: ./ci/build-tarballs.sh "${{ matrix.build }}" "${{ matrix.target }}" - uses: actions/upload-artifact@v3 with: name: bins-${{ matrix.build }} path: dist # ... and if this was an actual push (tag or `main`) then we publish a # new release. This'll automatically publish a tag release or update `dev` # with this `sha`. Note that `continue-on-error` is set here so if this hits # a bug we can go back and fetch and upload the release ourselves. - run: cd .github/actions/github-release && npm install --production - name: Publish Release uses: ./.github/actions/github-release if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) && github.repository == 'bytecodealliance/wasmtime' with: files: "dist/*" token: ${{ secrets.GITHUB_TOKEN }} continue-on-error: true verify-publish: if: github.repository == 'bytecodealliance/wasmtime' runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 with: submodules: true - run: rustup update stable && rustup default stable - run: | cd ${{ runner.tool_cache }} curl -L https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | tar xzf - echo "`pwd`/sccache-0.2.13-x86_64-unknown-linux-musl" >> $GITHUB_PATH echo RUSTC_WRAPPER=sccache >> $GITHUB_ENV - run: rustc scripts/publish.rs # Make sure the tree is publish-able as-is - run: ./publish verify # Make sure we can bump version numbers for the next release - run: ./publish bump