Omitting an entrypoint.sh to configure the container and instead
depending on docker primitives allows us to be more portable. (If a
distribution uses a different mechanism for adding users, we need not
have multiple entrypoint.sh files or invariants within it; instead we
can configure that in the dockerfile itself along with all the other
distribution specific components.)
Ninja is not installed by default on the macOS machines; stop trying to
use it. Instead use `make -j` which should be roughly equivalent in
performance but supported everywhere.
This change adds two new build targets: MSan and UBSan. This is because
even though OSS-Fuzz is great and adds a lot of coverage, it only does
that for the fuzz targets, so the rest of the codebase is not
necessarily run with the Sanitizers ever :( So this change makes sure
that MSan/UBSan warnings don't make it into the codebase.
As part of this change, the Ubuntu focal container is introduced. It
builds mbedTLS and libssh2 as debug libraries into /usr/local and as
MSan-enabled libraries into /usr/local/msan. This latter part is needed
because MSan requires the binary and all its dependent libraries to be
built with MSan support so that memory allocations and deallocations are
tracked correctly to avoid false positives.
Add CI using GitHub Actions and GitHub Packages:
* This moves our Linux build containers into GitHub Packages; we will
identify the most recent commit that updated the docker descriptions,
and then look for a docker image in libgit2's GitHub Packages registry
for a container with the tag corresponding to that description. If
there is not one, we will build the container and then push it to
GitHub Packages.
* We no longer need to manage authentication with our own credentials or
PAT tokens. GitHub Actions provides a GITHUB_TOKEN that can publish
artifacts, packages and commits to our repository within a workflow
run.
* We will use a matrix to build our various CI steps. This allows us
to keep configuration in a single place without multiple YAML files.
