Run sanitizers in docker on CI

Signed-off-by: Aleksandr Ivanov <[email protected]>
alexander-e1off · Jan 21, 2025 · 1f0c39a · 1f0c39a
1 parent 5b8e6bc
commit 1f0c39a
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 65 deletions.
diff --git a/.github/workflows/sanitize.yaml b/.github/workflows/sanitize.yaml
@@ -1,80 +1,33 @@
 name: Sanitize with AddressSanitizer, MemorySanitizer, ThreadSanitizer and UndefinedBehaviorSanitizer.
 
 on:
-  pull_request_review:
-    types: [submitted]
+  push:
+    branches:
+      - sanitizers-in-docker
+  # pull_request_review:
+  #   types: [submitted]
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
   cancel-in-progress: true
 
 jobs:
-  build_dependencies:
-    name: Build deps [ubuntu]
-    runs-on: ubuntu-latest
-    if: github.event.review.state == 'APPROVED'
-    steps:
-      - uses: actions/checkout@v4
-      - name: Get dependencies hash
-        id: get-hash
-        run: echo "deps_hash=`cat docker/build_deps.sh | shasum`" >> $GITHUB_OUTPUT
-      - name: Cache lookup
-        uses: actions/cache/restore@v4
-        id: cache-lookup
-        with:
-          path: deps
-          key: deps-${{ steps.get-hash.outputs.deps_hash }}
-          lookup-only: true
-      - name: Set up dependencies
-        if: steps.cache-lookup.outputs.cache-hit != 'true'
-        run: |
-          sudo apt-get update
-          sudo apt-get install -qy build-essential \
-            gdb \
-            curl \
-            python3.10 \
-            python3-pip \
-            cmake \
-            ninja-build \
-            pkg-config \
-            bison \
-            libfl-dev \
-            libbenchmark-dev \
-            libgmock-dev \
-            libz-dev
-      - name: Fetch & Build non packaged dependencies
-        if: steps.cache-lookup.outputs.cache-hit != 'true'
-        run: |
-          mkdir -p deps
-          cd deps
-          ../docker/build_deps.sh
-      - name: Cache save
-        if: steps.cache-lookup.outputs.cache-hit != 'true'
-        uses: actions/cache/save@v4
-        with:
-          path: deps
-          key: deps-${{ steps.get-hash.outputs.deps_hash }}
-
   run_asan:
-    needs: build_dependencies
     uses: ./.github/workflows/sanitizer-check.yaml
     with:
       sanitizer-name: 'asan'
 
   run_msan:
-    needs: build_dependencies
     uses: ./.github/workflows/sanitizer-check.yaml
     with:
       sanitizer-name: 'msan'
 
   run_tsan:
-    needs: build_dependencies
     uses: ./.github/workflows/sanitizer-check.yaml
     with:
       sanitizer-name: 'tsan'
 
   run_ubsan:
-    needs: build_dependencies
     uses: ./.github/workflows/sanitizer-check.yaml
     with:
       sanitizer-name: 'ubsan'
diff --git a/.github/workflows/sanitizer-check.yaml b/.github/workflows/sanitizer-check.yaml
@@ -11,17 +11,11 @@ on:
 jobs:
   build_and_run_sanitizer:
     name: Build and run Sanitizer
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Get dependencies hash
-        id: get-hash
-        run: echo "deps_hash=`cat docker/build_deps.sh | shasum`" >> $GITHUB_OUTPUT
-      - uses: actions/cache/restore@v4
-        with:
-          path: deps
-          key: deps-${{ steps.get-hash.outputs.deps_hash }}
-      - name: Build BlazingMQ and dependencies with sanitizer instrumentation
-        run: ${{ github.workspace }}/.github/workflows/sanitizers/build_sanitizer.sh ${{ inputs.sanitizer-name }}
-      - name: Run unit tests under sanitizer
-        run: ${{ github.workspace }}/cmake.bld/Linux/run-unittests.sh
+      - name: Create docker image with BlazingMQ and dependencies built with sanitizer instrumentation
+       run: docker build -f ${{ github.workspace }}/docker/sanitizers/Dockerfile --progress=plain --no-cache --build-arg SANITIZER_NAME=${{ inputs.sanitizer-name }} -t sanitizer-${{ inputs.sanitizer-name }} .
+
+      - name: Run docker container with unit tests under sanitizer
+        run: docker run sanitizer-${{ inputs.sanitizer-name }}
diff --git a/docker/sanitizers/build_sanitizer.sh b/docker/sanitizers/build_sanitizer.sh
@@ -51,7 +51,8 @@ apt-get install -qy --no-install-recommends \
     ninja-build \
     bison \
     libfl-dev \
-    pkg-config
+    pkg-config \
+    && rm -rf /var/lib/apt/lists/*
 
 # Install prerequisites for LLVM: latest cmake version, Ubuntu apt repository contains stale version
 wget -O - https://apt.kitware.com/keys/kitware-archive-latest.asc 2>/dev/null \