build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 #331

Workflow file for this run

.github/workflows/build-ci.yml at 550b07c

	name: Build CI

	on: [push, pull_request]

	jobs:

	build-linux:
	name: Build with ${{ matrix.cc }} on ${{ matrix.os }}
	strategy:
	fail-fast: false
	matrix:
	cc: [ gcc, clang ]
	os: [ ubuntu-20.04, ubuntu-22.04 ]
	runs-on: ${{ matrix.os }}
	env:
	CC: ${{ matrix.cc }}
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install dependencies
	run: sudo apt-get install -y acl automake libacl1-dev libpopt-dev libselinux1-dev rpm

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: ./configure --enable-werror --disable-silent-rules

	- name: Build
	run: make -k

	- name: Testsuite
	run: make -j9 check \|\| ( cat test/test-suite.log; exit 1; )

	- name: Install
	run: sudo make install

	- name: Installcheck
	run: make installcheck

	- name: Distcheck
	run: make -j9 distcheck DISTCHECK_CONFIGURE_FLAGS="--enable-werror --disable-silent-rules"

	- name: Build rpm
	run: make rpm RPM_FLAGS="--nodeps"


	build-macos:
	name: Build with clang on macOS
	runs-on: macOS-latest
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install dependencies
	run: brew install automake coreutils popt

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: ./configure --enable-werror --disable-silent-rules

	- name: Build
	run: make -k

	- name: Testsuite
	run: make -j9 check \|\| ( cat test/test-suite.log; exit 1; )

	- name: Install
	run: sudo make install

	- name: Installcheck
	run: make installcheck

	- name: Distcheck
	run: make -j9 distcheck DISTCHECK_CONFIGURE_FLAGS="--enable-werror --disable-silent-rules"


	build-clang-analyzer:
	name: Clang Analyzer
	runs-on: ubuntu-latest
	env:
	CC: clang-18
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install Clang repo
	run: \|
	wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key \| gpg --yes --dearmor --output /usr/share/keyrings/llvm-snapshot.gpg
	echo 'deb [signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http:https://apt.llvm.org/focal/ llvm-toolchain-focal-18 main' \| sudo tee /etc/apt/sources.list.d/llvm-snapshot.list
	sudo apt-get update -q

	- name: Install dependencies
	run: sudo apt-get install -y automake clang-18 clang-tools-18 libacl1-dev libpopt-dev libselinux1-dev

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: scan-build-18 -analyze-headers --status-bugs ./configure --enable-werror --disable-silent-rules

	- name: Analyze
	run: scan-build-18 -analyze-headers --status-bugs make -j"$(nproc)"


	build-clang-sanitizer:
	name: Clang Sanitizer
	runs-on: ubuntu-latest
	env:
	CC: clang-18
	CFLAGS: '-O1 -g -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer -fsanitize=undefined -fsanitize=nullability -fsanitize=implicit-conversion -fsanitize=integer -fsanitize=float-divide-by-zero -fsanitize=local-bounds'
	ASAN_OPTIONS: strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1
	UBSAN_OPTIONS: print_stacktrace=1:print_summary=1:halt_on_error=1
	LSAN_OPTIONS: suppressions=test/leak_san_suppress.txt
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install Clang repo
	run: \|
	wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key \| gpg --yes --dearmor --output /usr/share/keyrings/llvm-snapshot.gpg
	echo 'deb [signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http:https://apt.llvm.org/focal/ llvm-toolchain-focal-18 main' \| sudo tee /etc/apt/sources.list.d/llvm-snapshot.list
	sudo apt-get update -q

	- name: Install dependencies
	run: sudo apt-get install -y acl automake clang-18 libacl1-dev libpopt-dev libselinux1-dev

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: ./configure --enable-werror --disable-silent-rules

	- name: Build
	run: make -j"$(nproc)"

	- name: Testsuite
	run: make -j9 check \|\| ( cat test/test-suite.log; exit 1; )

	- name: Scan for sanitizer issues
	run: \|
	issues="$( grep -riE 'sanitizer\|runtime error' test/*.log )" \|\| true
	if [ -n "$issues" ]; then
	echo "Found sanitizer issues:"
	echo "$issues"
	exit 1;
	fi


	build-gcc-analyzer:
	name: GCC Analyzer
	runs-on: ubuntu-latest
	env:
	CC: gcc-12
	CFLAGS: -O3 -flto=auto -finline-limit=1000 -fanalyzer
	LDFLAGS: -O3 -flto=auto -finline-limit=1000 -fanalyzer
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install dependencies
	run: sudo apt-get install -y automake gcc-12 libacl1-dev libpopt-dev libselinux1-dev

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: ./configure --enable-werror --disable-silent-rules

	- name: Analyze
	run: make -j"$(nproc)"


	build-gcc-c89:
	name: GCC C89
	runs-on: ubuntu-latest
	env:
	CFLAGS: -O2 -g -std=c89
	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Install dependencies
	run: sudo apt-get install -y automake libacl1-dev libpopt-dev libselinux1-dev

	- name: Bootstrap
	run: ./autogen.sh

	- name: Configure
	run: ./configure --enable-werror --disable-silent-rules

	- name: Build
	run: make -j"$(nproc)"


	space-check:
	name: Space Check
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633

	- name: Spaces check
	run: git diff-tree --check $(git hash-object -t tree /dev/null) HEAD

	- name: Tab check
	run: \|
	issues="$( grep "$(printf '\t')" config.c log.{c,h} logrotate.{c,h} )" \|\| true
	if [ -n "$issues" ]; then
	echo "Found tab issues:"
	echo "$issues"
	exit 1;
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 #331

Workflow file

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 #331

Jobs

Run details

Workflow file for this run