Issue 6739-Added custom DNS server for hostname resolution(Needs fixing) #5860

Workflow file for this run

	name: CI

	on:
	push:
	branches:
	- '**'
	- '!dependabot/**'
	pull_request:
	merge_group:
	workflow_dispatch:

	permissions:
	contents: read

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	lint:
	uses: mhils/workflows/.github/workflows/python-tox.yml@main
	with:
	cmd: tox -e lint

	filename-matching:
	uses: mhils/workflows/.github/workflows/python-tox.yml@main
	with:
	cmd: tox -e filename_matching

	mypy:
	uses: mhils/workflows/.github/workflows/python-tox.yml@main
	with:
	cmd: tox -e mypy

	individual-coverage:
	uses: mhils/workflows/.github/workflows/python-tox.yml@main
	with:
	cmd: tox -e individual_coverage

	test:
	strategy:
	fail-fast: false
	matrix:
	include:
	- os: ubuntu-latest
	py: "3.12"
	- os: windows-latest
	py: "3.12"
	- os: macos-latest
	py: "3.12"
	- os: ubuntu-latest
	py: "3.11"
	- os: ubuntu-latest
	py: "3.10"
	runs-on: ${{ matrix.os }}
	steps:
	- run: printenv
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	fetch-depth: 0
	- uses: actions/setup-python@v5
	with:
	python-version: ${{ matrix.py }}
	- run: pip install tox
	- run: tox -e py
	if: matrix.os != 'ubuntu-latest'
	- name: Run tox -e py (without internet)
	run: \|
	# install dependencies (requires internet connectivity)
	tox -e py --notest
	# run tests with loopback only. We need to sudo for unshare, which means we need an absolute path for tox.
	sudo unshare --net -- sh -c "ip link set lo up; $(which tox) -e py"
	if: matrix.os == 'ubuntu-latest'
	- uses: codecov/codecov-action@v4
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: ./coverage.xml

	build:
	strategy:
	fail-fast: false
	matrix:
	include:
	- image: macos-14
	platform: macos-arm64
	- image: macos-12
	platform: macos-x86_64
	- image: windows-2019
	platform: windows
	- image: ubuntu-20.04 # Oldest available version so we get oldest glibc possible.
	platform: linux
	runs-on: ${{ matrix.image }}
	env:
	CI_BUILD_KEY: ${{ secrets.CI_BUILD_KEY }}
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	fetch-depth: 0
	- uses: actions/setup-python@v5
	with:
	python-version-file: .github/python-version.txt
	- if: matrix.platform == 'windows'
	uses: actions/cache@v4
	with:
	path: release/installbuilder/setup
	key: installbuilder
	- run: pip install .[dev] # pyinstaller 5.9 does not like pyproject.toml + editable installs.

	- if: startsWith(matrix.platform, 'macos') && github.repository == 'mitmproxy/mitmproxy'
	&& (startsWith(github.ref, 'refs/heads/') \|\| startsWith(github.ref, 'refs/tags/'))
	id: keychain
	uses: apple-actions/import-codesign-certs@493007ed063995cf2d4fbca064704150548f8bb5
	with:
	keychain: ${{ runner.temp }}/temp
	p12-file-base64: ${{ secrets.APPLE_CERTIFICATE }}
	p12-password: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
	- if: startsWith(matrix.platform, 'macos') && github.repository == 'mitmproxy/mitmproxy'
	&& (startsWith(github.ref, 'refs/heads/') \|\| startsWith(github.ref, 'refs/tags/'))
	run: \|
	python -u release/build.py macos-app \
	--keychain "${{ runner.temp }}/temp.keychain" \
	--team-id "S8XHQB96PW" \
	--apple-id "${{ secrets.APPLE_ID }}" \
	--password "${{ secrets.APPLE_APP_PASSWORD }}"

	# Linux
	- if: matrix.platform == 'linux'
	run: python -u release/build.py standalone-binaries wheel

	# Windows
	- if: matrix.platform == 'windows'
	run: python -u release/build.py standalone-binaries
	- if: matrix.platform == 'windows' && github.repository == 'mitmproxy/mitmproxy' &&
	(github.ref == 'refs/heads/citest' \|\| startsWith(github.ref, 'refs/tags/'))
	run: python -u release/build.py --dirty installbuilder-installer msix-installer

	- uses: actions/upload-artifact@v4
	with:
	# artifacts must have different names, see https://github.com/actions/upload-artifact/issues/24
	name: binaries.${{ matrix.platform }}
	path: \|
	release/dist

	test-web-ui:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	- uses: actions/setup-node@v4
	with:
	node-version-file: .github/node-version.txt
	- name: Cache Node.js modules
	uses: actions/cache@v4
	with:
	# npm cache files are stored in `~/.npm` on Linux/macOS
	path: ~/.npm
	key: ${{ runner.OS }}-node-${{ hashFiles('**/package-lock.json') }}
	restore-keys: \|
	${{ runner.OS }}-node-
	${{ runner.OS }}-
	- working-directory: ./web
	run: npm ci
	- working-directory: ./web
	run: npm test
	- uses: codecov/codecov-action@v4
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	files: ./web/coverage/coverage-final.json

	docs:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	- uses: actions/setup-python@v5
	with:
	python-version-file: .github/python-version.txt
	- run: \|
	wget -q https://github.com/gohugoio/hugo/releases/download/v0.92.1/hugo_extended_0.92.1_Linux-64bit.deb
	echo "a9440adfd3ecce40089def287dee4e42ffae252ba08c77d1ac575b880a079ce6 hugo_extended_0.92.1_Linux-64bit.deb" \| sha256sum -c
	sudo dpkg -i hugo*.deb
	- run: pip install -e .[dev]
	- run: ./docs/build.py
	- uses: actions/upload-artifact@v4
	with:
	name: docs
	path: docs/public
	# For releases, also build the archive version of the docs.
	- if: startsWith(github.ref, 'refs/tags/')
	run: ./docs/build.py
	env:
	DOCS_ARCHIVE: true
	- if: startsWith(github.ref, 'refs/tags/')
	uses: actions/upload-artifact@v4
	with:
	name: docs-archive
	path: docs/public

	check:
	if: always()
	needs:
	- lint
	- filename-matching
	- mypy
	- individual-coverage
	- test
	- build
	- test-web-ui
	- docs
	uses: mhils/workflows/.github/workflows/alls-green.yml@main
	with:
	jobs: ${{ toJSON(needs) }}

	# Separate from everything else because slow.
	build-and-deploy-docker:
	if: github.repository == 'mitmproxy/mitmproxy' && (
	github.ref == 'refs/heads/main'
	\|\| github.ref == 'refs/heads/citest'
	\|\| startsWith(github.ref, 'refs/tags/')
	)
	environment: deploy-docker
	needs: check
	runs-on: ubuntu-latest
	env:
	DOCKER_USERNAME: mitmbot
	DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	- uses: actions/setup-python@v5
	with:
	python-version-file: .github/python-version.txt
	- uses: actions/download-artifact@v4
	with:
	name: binaries.linux
	path: release/dist
	- uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
	- uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v1.6.0
	- run: python release/build-and-deploy-docker.py

	deploy:
	# This action has access to our AWS keys, so we are extra careful here.
	# In particular, we don't blindly `pip install` anything to minimize the risk of supply chain attacks.
	if: github.repository == 'mitmproxy/mitmproxy' && (startsWith(github.ref, 'refs/heads/') \|\| startsWith(github.ref, 'refs/tags/'))
	environment: ${{ (github.ref == 'refs/heads/citest' \|\| startsWith(github.ref, 'refs/tags/')) && 'deploy-release' \|\| 'deploy-snapshot' }}
	needs: check
	runs-on: ubuntu-latest
	env:
	# PyPI and MSFT keys are only available for the deploy-release environment
	# The AWS access key for snapshots is scoped to branches/* as well.
	TWINE_USERNAME: __token__
	TWINE_PASSWORD: ${{ secrets.TWINE_PASSWORD }}
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: us-west-2
	MSFT_APP_ID: 9NWNDLQMNZD7
	MSFT_TENANT_ID: ${{ secrets.MSFT_TENANT_ID }}
	MSFT_CLIENT_ID: ${{ secrets.MSFT_CLIENT_ID }}
	MSFT_CLIENT_SECRET: ${{ secrets.MSFT_CLIENT_SECRET }}
	R2_ACCOUNT_ID: ${{ secrets.R2_ACCOUNT_ID }}
	R2_ACCESS_KEY_ID: ${{ secrets.R2_ACCESS_KEY_ID }}
	R2_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }}
	steps:
	- uses: actions/checkout@v4
	with:
	persist-credentials: false
	- uses: actions/setup-python@v5
	with:
	python-version-file: .github/python-version.txt
	- run: sudo apt-get update
	- run: sudo apt-get install -y awscli
	- if: startsWith(github.ref, 'refs/tags/')
	run: sudo apt-get install -y twine

	- uses: actions/download-artifact@v4
	with:
	name: docs
	path: docs/public
	- if: startsWith(github.ref, 'refs/tags/')
	uses: actions/download-artifact@v4
	with:
	name: docs-archive
	path: docs/archive
	- uses: actions/download-artifact@v4
	with:
	name: binaries.windows
	path: release/dist
	- uses: actions/download-artifact@v4
	with:
	name: binaries.linux
	path: release/dist
	- uses: actions/download-artifact@v4
	with:
	name: binaries.macos-x86_64
	path: release/dist
	- uses: actions/download-artifact@v4
	with:
	name: binaries.macos-arm64
	path: release/dist
	- run: ls docs/public
	- run: ls release/dist

	- run: ./release/deploy.py

	- name: Deploy to Microsoft Store (test flight)
	if: github.ref == 'refs/heads/citest'
	run: ./release/deploy-microsoft-store.py release/dist/*.msix
	env:
	MSFT_APP_FLIGHT: 174ca570-8cae-4444-9858-c07293f1f13a
	- name: Deploy to Microsoft Store
	if: startsWith(github.ref, 'refs/tags/')
	run: ./release/deploy-microsoft-store.py release/dist/*.msix

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Issue 6739-Added custom DNS server for hostname resolution(Needs fixing) #5860

Workflow file

Issue 6739-Added custom DNS server for hostname resolution(Needs fixing) #5860

Jobs

Run details

Workflow file for this run