@@ -307,6 +307,105 @@ jobs:
307307 doas -u builder env SUDO=doas make tests
308308
309309
310+ openbsd-current-upstream :
311+ # This job is special, and tests OpenBSD -current, both the underlying
312+ # plaform (the latest snapshot) and most recent upstream code (or at least
313+ # the most recent code in the github mirror) instead of OpenSSH Portable.
314+ name : " openbsd-current-upstream"
315+ if : github.repository != 'openssh/openssh-portable-selfhosted'
316+ strategy :
317+ fail-fast : false
318+ runs-on : ubuntu-latest
319+ steps :
320+ - name : start OpenBSD VM
321+ uses : vmactions/openbsd-vm@v1
322+ with :
323+ copyback : false
324+ nat : |
325+ "20022": "22"
326+ usesh : true
327+ prepare : |
328+ useradd -g wobj -m builder
329+ echo "permit nopass keepenv root" >/etc/doas.conf
330+ echo "permit nopass keepenv builder" >>/etc/doas.conf
331+ ls -l /etc/doas.conf
332+ chown root:wheel /etc/doas.conf
333+ chmod 644 /etc/doas.conf
334+ touch /etc/ssh/ssh_known_hosts
335+ pkg_add git
336+
337+ name : Fetch sysupgrade version
338+ run : |
339+ ver=$(curl -s https://cdn.openbsd.org/pub/OpenBSD/snapshots/amd64/BUILDINFO)
340+ echo "SNAPSHOT_VERSION=${ver}" >> $GITHUB_ENV
341+ name : check for cached sysupgrade
342+ id : cache-sysupgrade
343+ uses : actions/cache@v4
344+ with :
345+ key : openbsd-sysupgrade ${{ env.SNAPSHOT_VERSION }}
346+ path : /tmp/_sysupgrade/
347+ - name : push sysupgrade from cache to VM
348+ if : steps.cache-sysupgrade.outputs.cache-hit == 'true'
349+ run : rsync -av /tmp/_sysupgrade/ openbsd:/home/_sysupgrade/
350+ - name : upgrade to latest snapshot
351+ run : ssh -q openbsd sysupgrade -s -k || true
352+ - name : wait for upgrade
353+ run : |
354+ SECONDS=0; sleep 10; while ! ssh -q -oConnectTimeout=1 openbsd true; do sleep 10; echo waited ${SECONDS}s; done
355+ ssh -q openbsd uname -a
356+ name : retrieve sysupgrade from VM to cache
357+ if : steps.cache-sysupgrade.outputs.cache-hit != 'true'
358+ run : |
359+ mkdir -p /tmp/_sysupgrade/
360+ rsync -av openbsd:/home/_sysupgrade/ /tmp/_sysupgrade/
361+ name : save sysupgrade to cache
362+ if : steps.cache-sysupgrade.outputs.cache-hit != 'true'
363+ uses : actions/cache/save@v4
364+ with :
365+ key : openbsd-sysupgrade ${{ env.SNAPSHOT_VERSION }}
366+ path : /tmp/_sysupgrade/
367+
368+ - name : checkout upstream source
369+ shell : openbsd {0}
370+ run : |
371+ umask 022
372+ cd /usr
373+ rm -rf src/*
374+ git clone --no-checkout --depth=1 --filter=tree:0 https://github.com/openbsd/src.git
375+ cd /usr/src
376+ git sparse-checkout set --no-cone Makefile usr.bin/Makefile usr.bin/Makefile.inc usr.bin/ssh usr.bin/nc regress/usr.bin/ssh
377+ git checkout
378+ git log -n1
379+ chown -R builder /usr/src
380+ chmod -R go-w /usr/src/ /usr/obj/
381+ name : make ssh
382+ shell : openbsd {0}
383+ run : |
384+ cd /usr/src/usr.bin/ssh && make -j4 || make
385+ make install
386+ /etc/rc.d/sshd restart
387+ name : make nc
388+ shell : openbsd {0}
389+ run : cd /usr/src/usr.bin/nc && make && make install
390+ - name : make tests
391+ shell : openbsd {0}
392+ run : |
393+ cd /usr/src/regress/usr.bin/ssh
394+ make obj
395+ doas -u builder env SUDO=doas TEST_SSH_UNSAFE_PERMISSIONS=yes TEST_SSH_FAIL_FATAL=yes TEST_SSH_HOSTBASED_AUTH=setupandrun make
396+ name : retrieve logs
397+ if : failure()
398+ run : |
399+ rsync -a openbsd:/usr/obj/regress/usr.bin/ssh/ regress-logs/
400+ for i in regress-logs/failed*.log; do echo ===; echo LOGFILE: $i; echo ===; cat $i; echo; done
401+ name : save logs
402+ if : failure()
403+ uses : actions/upload-artifact@main
404+ with :
405+ name : openbsd-current-upstream-logs
406+ path : regress-logs/*.log
407+
408+
310409 solaris :
311410 name : " solaris-${{ matrix.target }}"
312411 if : github.repository != 'openssh/openssh-portable-selfhosted'
@@ -368,3 +467,4 @@ jobs:
368467 run : |
369468 cd $GITHUB_WORKSPACE
370469 sudo -u builder make tests
470+
0 commit comments