name: CI on: push: branches: [main] tags-ignore: [dev] pull_request: branches: [main] defaults: run: shell: bash jobs: # Check Code style quickly by running `rustfmt` over all code rustfmt: name: Rustfmt runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust - run: rustup component add rustfmt - run: cargo fmt --all -- --check # Lint dependency graph for security advisories, duplicate versions, and # incompatible licences cargo_deny: name: Cargo deny runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust - run: | set -e curl -L https://github.com/EmbarkStudios/cargo-deny/releases/download/0.8.5/cargo-deny-0.8.5-x86_64-unknown-linux-musl.tar.gz | tar xzf - mv cargo-deny-*-x86_64-unknown-linux-musl/cargo-deny cargo-deny echo `pwd` >> $GITHUB_PATH - run: cargo deny check # Build `mdBook` documentation for `wasmtime`, and upload it as a temporary # build artifact doc_book: name: Doc - build the book runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - run: | set -e curl -L https://github.com/rust-lang-nursery/mdBook/releases/download/v0.4.4/mdbook-v0.4.4-x86_64-unknown-linux-gnu.tar.gz | tar xzf - echo `pwd` >> $GITHUB_PATH - run: (cd docs && mdbook build) - run: cargo build -p wasmtime - run: (cd docs && mdbook test -L ../target/debug/deps) - uses: actions/upload-artifact@v1 with: name: doc-book path: docs/book # Build rustdoc API documentation for `wasmtime*` crates. Note that we don't # want to document all our transitive dependencies, hence `--no-deps`. This is # a temporary build artifact we upload to consume later. doc_api: name: Doc - build the API documentation runs-on: ubuntu-latest env: RUSTDOCFLAGS: -Dbroken_intra_doc_links OPENVINO_SKIP_LINKING: 1 steps: - uses: actions/checkout@v2 with: submodules: true # Note that we use nightly Rust here to get intra-doc links which are a # nightly-only feature right now. - uses: ./.github/actions/install-rust with: # TODO (rust-lang/rust#79661): We are seeing an internal compiler error when # building with the latest (2020-12-06) nightly; pin on a slightly older # version for now. toolchain: nightly-2020-11-29 - run: cargo doc --no-deps --all --exclude wasmtime-cli --exclude test-programs --exclude cranelift-codegen-meta - run: cargo doc --package cranelift-codegen-meta --document-private-items - uses: actions/upload-artifact@v1 with: name: doc-api path: target/doc doc_capi: name: Doc - build the C API documentation runs-on: ubuntu-latest container: ubuntu:20.04 steps: - run: apt-get update && apt-get install -y doxygen git - uses: actions/checkout@v2 with: submodules: true - run: cd crates/c-api && doxygen doxygen.conf - uses: actions/upload-artifact@v1 with: name: doc-c-api path: crates/c-api/html # Quick checks of various feature combinations and whether things # compile. The goal here isn't to run tests, mostly just serve as a # double-check that Rust code compiles and is likely to work everywhere else. checks: name: Check runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust # Check some feature combinations of the `wasmtime` crate - run: cargo check --manifest-path crates/wasmtime/Cargo.toml --no-default-features - run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features wat - run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features lightbeam - run: cargo check --manifest-path crates/wasmtime/Cargo.toml --features jitdump # Check some feature combinations of the `wasmtime-c-api` crate - run: cargo check --manifest-path crates/c-api/Cargo.toml --no-default-features - run: cargo check --manifest-path crates/c-api/Cargo.toml --features wat - run: cargo check --manifest-path crates/c-api/Cargo.toml --features wasi # Check a few builds of the cranelift backend # - only x86 backend support, # - only arm64 backend support, # - experimental arm32 support, # - no debug_assertions. - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/arm64 - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/x86 - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util --no-default-features --features=cranelift-codegen/arm32 - run: cargo check --manifest-path=./cranelift/Cargo.toml --bin clif-util env: CARGO_PROFILE_DEV_DEBUG_ASSERTIONS: false # Check whether `crates/wasi-common` cross-compiles to the following targets: # * wasm32-unknown-emscripten # * armv7-unknown-linux-gnueabihf - run: | rustup target add wasm32-unknown-emscripten rustup target add armv7-unknown-linux-gnueabihf - run: cargo check --target wasm32-unknown-emscripten -p wasi-common - run: cargo check --target armv7-unknown-linux-gnueabihf -p wasi-common # Check that codegen and wasm crates typecheck on 1.43.0; this is required # for Firefox. - run: rustup install 1.43.0 - run: cargo +1.43.0 check -p cranelift-codegen - run: cargo +1.43.0 check -p cranelift-wasm fuzz_targets: name: Fuzz Targets runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true # Note that building with fuzzers requires nightly since it uses unstable # flags to rustc. - uses: ./.github/actions/install-rust with: toolchain: nightly-2020-11-29 - run: cargo install cargo-fuzz --vers "^0.8" - run: cargo fetch working-directory: ./fuzz - run: cargo fuzz build --dev rebuild_peephole_optimizers: name: Rebuild Peephole Optimizers runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - name: Test `peepmatic` run: | cargo test \ --package peepmatic \ --package peepmatic-automata \ --package peepmatic-fuzzing \ --package peepmatic-macro \ --package peepmatic-runtime \ --package peepmatic-test \ --package peepmatic-souper - name: Rebuild Peepmatic-based peephole optimizers run: | cargo test \ --features 'enable-peepmatic rebuild-peephole-optimizers' \ peepmatic working-directory: ./cranelift/codegen - name: Upload rebuilt peephole optimizers uses: actions/upload-artifact@v2 with: name: peephole-optimizers path: cranelift/codegen/src/preopt.serialized - name: Check that built peephole optimizers are up to date run: git diff --exit-code - name: Test with Peepmatic-based peephole optimizers run: cargo test --features 'enable-peepmatic' working-directory: ./cranelift # Perform all tests (debug mode) for `wasmtime`. This runs stable/beta/nightly # channels of Rust as well as macOS/Linux/Windows. test: name: Test runs-on: ${{ matrix.os }} strategy: matrix: build: [stable, beta, nightly, windows, macos] include: - build: stable os: ubuntu-latest rust: stable - build: beta os: ubuntu-latest rust: beta - build: nightly os: ubuntu-latest rust: nightly-2020-11-29 - build: macos os: macos-latest rust: stable - build: windows os: windows-latest rust: stable steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust with: toolchain: ${{ matrix.rust }} - uses: ./.github/actions/define-llvm-env - name: Install libclang # Note: libclang is pre-installed on the macOS and linux images. if: matrix.os == 'windows-latest' run: | curl https://releases.llvm.org/9.0.0/LLVM-9.0.0-win64.exe -o llvm-installer.exe 7z x llvm-installer.exe -oC:/llvm-binary echo LIBCLANG_PATH=C:/llvm-binary/bin/libclang.dll >> $GITHUB_ENV echo C:/llvm-binary/bin >> $GITHUB_PATH - name: Query Clang Version if: matrix.os == 'windows-latest' run: | where clang.exe clang.exe --version # Install wasm32 targets in order to build various tests throughout the # repo - run: rustup target add wasm32-wasi - run: rustup target add wasm32-unknown-unknown - run: cargo fetch --locked - run: cargo fetch --locked --manifest-path crates/test-programs/wasi-tests/Cargo.toml # Ensure all our examples build and execute - run: cargo run -p run-examples env: RUST_BACKTRACE: 1 # Build and test all features except for lightbeam - run: | cargo test \ --features test-programs/test_programs \ --all \ --exclude lightbeam \ --exclude wasmtime-lightbeam \ --exclude wasmtime-wasi-nn \ --exclude peepmatic \ --exclude peepmatic-automata \ --exclude peepmatic-fuzzing \ --exclude peepmatic-macro \ --exclude peepmatic-runtime \ --exclude peepmatic-test \ --exclude peepmatic-souper env: RUST_BACKTRACE: 1 # Test debug (DWARF) related functionality. - run: | sudo apt-get install -y gdb cargo test test_debug_dwarf -- --ignored --test-threads 1 if: matrix.os == 'ubuntu-latest' env: RUST_BACKTRACE: 1 # Build and test lightbeam. Note that # Lightbeam tests fail right now, but we don't want to block on that. - run: cargo build --package lightbeam - run: cargo test --package lightbeam continue-on-error: true env: RUST_BACKTRACE: 1 # Perform all tests (debug mode) for `wasmtime` with the experimental x64 # backend. This runs on the nightly channel of Rust (because of issues with # unifying Cargo features on stable) on Ubuntu. test_x64: name: Test x64 new backend runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust with: toolchain: nightly-2020-11-29 - uses: ./.github/actions/define-llvm-env # Install wasm32 targets in order to build various tests throughout the # repo. - run: rustup target add wasm32-wasi - run: rustup target add wasm32-unknown-unknown # Run the x64 CI script. - run: ./ci/run-experimental-x64-ci.sh env: CARGO_VERSION: "+nightly-2020-11-29" RUST_BACKTRACE: 1 # Build and test the wasi-nn module. test_wasi_nn: name: Test wasi-nn module runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust with: toolchain: nightly-2020-08-25 - run: rustup target add wasm32-wasi - uses: ./.github/actions/install-openvino - run: ./ci/run-wasi-nn-example.sh env: RUST_BACKTRACE: 1 # Verify that cranelift's code generation is deterministic meta_determinist_check: name: Meta deterministic check runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - name: Install Rust run: rustup update stable && rustup default stable - run: cd cranelift/codegen && cargo build --features all-arch - run: ci/ensure_deterministic_build.sh # Perform release builds of `wasmtime` and `libwasmtime.so`. Builds on # Windows/Mac/Linux, and artifacts are uploaded after the build is finished. # Note that we also run tests here to test exactly what we're deploying. build: name: Build wasmtime runs-on: ${{ matrix.os }} strategy: matrix: include: - build: x86_64-linux os: ubuntu-latest rust: stable - build: x86_64-macos os: macos-latest rust: stable - build: x86_64-windows os: windows-latest rust: stable - build: x86_64-mingw os: windows-latest target: x86_64-pc-windows-gnu rust: beta # needs rust-lang/rust#69351 to ride to stable - build: aarch64-linux os: ubuntu-latest rust: stable target: aarch64-unknown-linux-gnu gcc_package: gcc-aarch64-linux-gnu gcc: aarch64-linux-gnu-gcc qemu: qemu-aarch64 -L /usr/aarch64-linux-gnu qemu_target: aarch64-linux-user steps: - uses: actions/checkout@v2 with: submodules: true - uses: ./.github/actions/install-rust with: toolchain: ${{ matrix.rust }} - uses: ./.github/actions/binary-compatible-builds if: matrix.target == '' - name: Configure Cargo target run: | echo CARGO_BUILD_TARGET=${{ matrix.target }} >> $GITHUB_ENV rustup target add ${{ matrix.target }} if: matrix.target != '' - name: Install cross-compilation tools run: | set -ex sudo apt-get update sudo apt-get install -y ${{ matrix.gcc_package }} # Download and build qemu from source since the most recent release is # way faster at arm emulation than the current version github actions' # ubuntu image uses. Disable as much as we can to get it to build # quickly. curl https://download.qemu.org/qemu-5.0.0.tar.xz | tar xJf - cd qemu-5.0.0 ./configure --target-list=${{ matrix.qemu_target }} --prefix=$HOME/qemu --disable-tools --disable-slirp --disable-fdt --disable-capstone --disable-docs make -j$(nproc) install # Configure Cargo for cross compilation and tell it how it can run # cross executables upcase=$(echo ${{ matrix.target }} | awk '{ print toupper($0) }' | sed 's/-/_/g') echo CARGO_TARGET_${upcase}_RUNNER=$HOME/qemu/bin/${{ matrix.qemu }} >> $GITHUB_ENV echo CARGO_TARGET_${upcase}_LINKER=${{ matrix.gcc }} >> $GITHUB_ENV # See comments in the source for why we enable this during QEMU # emulation. echo WASMTIME_TEST_NO_HOG_MEMORY=1 >> $GITHUB_ENV if: matrix.target != '' && matrix.os == 'ubuntu-latest' # Install wasm32-wasi target in order to build wasi-common's integration # tests - run: rustup target add wasm32-wasi # Build `wasmtime` and executables - run: $CENTOS cargo build --release --bin wasmtime # Build `libwasmtime.so` - run: $CENTOS cargo build --release --manifest-path crates/c-api/Cargo.toml # Test what we just built. # # Ignore some optional dependencies that are used by features that aren't # enabled by default, are tested in other, dedicated CI jobs, and which # would increase build times here. - run: | $CENTOS cargo test \ --features test-programs/test_programs \ --release \ --all \ --exclude lightbeam \ --exclude wasmtime-lightbeam \ --exclude wasmtime-wasi-nn \ --exclude peepmatic \ --exclude peepmatic-automata \ --exclude peepmatic-fuzzing \ --exclude peepmatic-macro \ --exclude peepmatic-runtime \ --exclude peepmatic-test \ --exclude peepmatic-souper \ --exclude wasmtime-fuzz env: RUST_BACKTRACE: 1 # Postprocess the macOS dylib a bit to have a more reasonable `LC_ID_DYLIB` # directive than the default one that comes out of the linker when typically # doing `cargo build`. For more info see #984 - run: install_name_tool -id "@rpath/libwasmtime.dylib" target/release/libwasmtime.dylib if: matrix.os == 'macos-latest' # ... and now perform some goop to move all the relevant artifacts into # something that we'll upload from this action. - run: mkdir dist # Move binaries to dist folder - run: cp target/release/wasmtime dist if: matrix.os != 'windows-latest' && matrix.target == '' - run: cp target/${{ matrix.target }}/release/wasmtime dist if: matrix.os != 'windows-latest' && matrix.target != '' - run: cp target/release/wasmtime.exe dist if: matrix.build == 'x86_64-windows' - run: cp target/x86_64-pc-windows-gnu/release/wasmtime.exe dist if: matrix.build == 'x86_64-mingw' # Move libwasmtime dylib to dist folder - run: cp target/release/libwasmtime.{so,a} dist if: matrix.os == 'ubuntu-latest' && matrix.target == '' - run: cp target/${{ matrix.target }}/release/libwasmtime.{so,a} dist if: matrix.os == 'ubuntu-latest' && matrix.target != '' - run: cp target/release/libwasmtime.{dylib,a} dist if: matrix.os == 'macos-latest' - run: cp target/release/wasmtime.{dll,lib,dll.lib} dist if: matrix.build == 'x86_64-windows' - run: cp target/x86_64-pc-windows-gnu/release/{wasmtime.dll,libwasmtime.a} dist if: matrix.build == 'x86_64-mingw' # Make a Windows MSI installer if we're on Windows - run: | export WT_VERSION=`cat Cargo.toml | sed -n 's/^version = "\([^"]*\)".*/\1/p'` "$WIX/bin/candle" -arch x64 -out target/wasmtime.wixobj ci/wasmtime.wxs "$WIX/bin/light" -out dist/installer.msi target/wasmtime.wixobj -ext WixUtilExtension rm dist/installer.wixpdb if: matrix.build == 'x86_64-windows' - uses: actions/upload-artifact@v1 with: name: bins-${{ matrix.build }} path: dist # Consumes all published artifacts from all the previous build steps, creates # a bunch of tarballs for all of them, and then publishes the tarballs # themselves as an artifact (for inspection) and then optionally creates # github releases and/or tags for pushes. publish: name: Publish needs: [doc_book, doc_api, build] runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - run: rustup update stable && rustup default stable # Download all the artifacts that we'll be publishing. Should keep an eye on # the `download-artifact` repository to see if we can ever get something # like "download all artifacts" or "download this list of artifacts" - name: Download book uses: actions/download-artifact@v1 with: name: doc-book - name: Download API docs uses: actions/download-artifact@v1 with: name: doc-api - name: Download C API docs uses: actions/download-artifact@v1 with: name: doc-c-api - name: Download x86_64 macOS binaries uses: actions/download-artifact@v1 with: name: bins-x86_64-macos - name: Download x86_64 Linux binaries uses: actions/download-artifact@v1 with: name: bins-x86_64-linux - name: Download AArch64 Linux binaries uses: actions/download-artifact@v1 with: name: bins-aarch64-linux - name: Download x86_64 Windows binaries uses: actions/download-artifact@v1 with: name: bins-x86_64-windows - name: Download x86_64 Windows MinGW binaries uses: actions/download-artifact@v1 with: name: bins-x86_64-mingw - name: Assemble gh-pages run: | mv doc-book gh-pages mv doc-api gh-pages/api mv doc-c-api gh-pages/c-api # If this is a push to the main branch push to the `gh-pages` using a # deploy key. Note that a deploy key is necessary for now because otherwise # using the default token for github actions doesn't actually trigger a page # rebuild. - name: Push to gh-pages run: curl -LsSf https://git.io/fhJ8n | rustc - && (cd gh-pages && ../rust_out) env: GITHUB_DEPLOY_KEY: ${{ secrets.DEPLOY_KEY }} BUILD_REPOSITORY_ID: ${{ github.repository }} BUILD_SOURCEVERSION: ${{ github.sha }} if: github.event_name == 'push' && github.ref == 'refs/heads/main' - name: Calculate tag name run: | name=dev if [[ $GITHUB_REF == refs/tags/v* ]]; then name=${GITHUB_REF:10} fi echo ::set-output name=val::$name echo TAG=$name >> $GITHUB_ENV id: tagname # Assemble all the build artifacts into tarballs and zip archives. - name: Assemble tarballs run: | ./ci/build-tarballs.sh x86_64-linux ./ci/build-tarballs.sh x86_64-windows .exe ./ci/build-tarballs.sh x86_64-mingw .exe ./ci/build-tarballs.sh x86_64-macos ./ci/build-tarballs.sh aarch64-linux # Upload all assembled tarballs as an artifact of the github action run, so # that way even PRs can inspect the output. - uses: actions/upload-artifact@v1 with: name: tarballs path: dist # The action 'pypa/gh-action-pypi-publish' will try to upload all files in the # dist/ folder. This folder also contains non-package files, and therefore the # action fails. # # To prevent the action from failing all .whl files are copied into a new # directory. - run: | mkdir -p tmp/whl find dist/ -name '*.whl' -type f -exec cp '{}' tmp/whl -v \; # ... and if this was an actual push (tag or `main`) then we publish a # new release. This'll automatically publish a tag release or update `dev` # with this `sha` - name: Publish Release uses: ./.github/actions/github-release if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/v')) with: files: "dist/*" name: ${{ steps.tagname.outputs.val }} token: ${{ secrets.GITHUB_TOKEN }} cargo-audit: env: CARGO_AUDIT_VERSION: 0.11.2 runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - uses: actions/cache@v1 with: path: ${{ runner.tool_cache }}/cargo-audit key: cargo-audit-bin-${{ env.CARGO_AUDIT_VERSION }} - run: echo "${{ runner.tool_cache }}/cargo-audit/bin" >> $GITHUB_PATH - run: | cargo install --root ${{ runner.tool_cache }}/cargo-audit --version ${{ env.CARGO_AUDIT_VERSION }} cargo-audit cargo audit verify-publish: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 with: submodules: true - run: rustup update stable && rustup default stable - run: | cd ${{ runner.tool_cache }} curl -L https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz | tar xzf - echo "`pwd`/sccache-0.2.13-x86_64-unknown-linux-musl" >> $GITHUB_PATH echo RUSTC_WRAPPER=sccache >> $GITHUB_ENV - run: | rustc scripts/publish.rs ./publish verify