Skip to content

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 #331

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3

build(deps): bump github/codeql-action from 3.24.9 to 3.25.3 #331

Workflow file for this run

name: Build CI
on: [push, pull_request]
jobs:
build-linux:
name: Build with ${{ matrix.cc }} on ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
cc: [ gcc, clang ]
os: [ ubuntu-20.04, ubuntu-22.04 ]
runs-on: ${{ matrix.os }}
env:
CC: ${{ matrix.cc }}
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install dependencies
run: sudo apt-get install -y acl automake libacl1-dev libpopt-dev libselinux1-dev rpm
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: ./configure --enable-werror --disable-silent-rules
- name: Build
run: make -k
- name: Testsuite
run: make -j9 check || ( cat test/test-suite.log; exit 1; )
- name: Install
run: sudo make install
- name: Installcheck
run: make installcheck
- name: Distcheck
run: make -j9 distcheck DISTCHECK_CONFIGURE_FLAGS="--enable-werror --disable-silent-rules"
- name: Build rpm
run: make rpm RPM_FLAGS="--nodeps"
build-macos:
name: Build with clang on macOS
runs-on: macOS-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install dependencies
run: brew install automake coreutils popt
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: ./configure --enable-werror --disable-silent-rules
- name: Build
run: make -k
- name: Testsuite
run: make -j9 check || ( cat test/test-suite.log; exit 1; )
- name: Install
run: sudo make install
- name: Installcheck
run: make installcheck
- name: Distcheck
run: make -j9 distcheck DISTCHECK_CONFIGURE_FLAGS="--enable-werror --disable-silent-rules"
build-clang-analyzer:
name: Clang Analyzer
runs-on: ubuntu-latest
env:
CC: clang-18
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install Clang repo
run: |
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/llvm-snapshot.gpg
echo 'deb [signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http:https://apt.llvm.org/focal/ llvm-toolchain-focal-18 main' | sudo tee /etc/apt/sources.list.d/llvm-snapshot.list
sudo apt-get update -q
- name: Install dependencies
run: sudo apt-get install -y automake clang-18 clang-tools-18 libacl1-dev libpopt-dev libselinux1-dev
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: scan-build-18 -analyze-headers --status-bugs ./configure --enable-werror --disable-silent-rules
- name: Analyze
run: scan-build-18 -analyze-headers --status-bugs make -j"$(nproc)"
build-clang-sanitizer:
name: Clang Sanitizer
runs-on: ubuntu-latest
env:
CC: clang-18
CFLAGS: '-O1 -g -fsanitize=address -fsanitize-address-use-after-scope -fno-omit-frame-pointer -fsanitize=undefined -fsanitize=nullability -fsanitize=implicit-conversion -fsanitize=integer -fsanitize=float-divide-by-zero -fsanitize=local-bounds'
ASAN_OPTIONS: strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1
UBSAN_OPTIONS: print_stacktrace=1:print_summary=1:halt_on_error=1
LSAN_OPTIONS: suppressions=test/leak_san_suppress.txt
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install Clang repo
run: |
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | gpg --yes --dearmor --output /usr/share/keyrings/llvm-snapshot.gpg
echo 'deb [signed-by=/usr/share/keyrings/llvm-snapshot.gpg] http:https://apt.llvm.org/focal/ llvm-toolchain-focal-18 main' | sudo tee /etc/apt/sources.list.d/llvm-snapshot.list
sudo apt-get update -q
- name: Install dependencies
run: sudo apt-get install -y acl automake clang-18 libacl1-dev libpopt-dev libselinux1-dev
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: ./configure --enable-werror --disable-silent-rules
- name: Build
run: make -j"$(nproc)"
- name: Testsuite
run: make -j9 check || ( cat test/test-suite.log; exit 1; )
- name: Scan for sanitizer issues
run: |
issues="$( grep -riE 'sanitizer|runtime error' test/*.log )" || true
if [ -n "$issues" ]; then
echo "Found sanitizer issues:"
echo "$issues"
exit 1;
fi
build-gcc-analyzer:
name: GCC Analyzer
runs-on: ubuntu-latest
env:
CC: gcc-12
CFLAGS: -O3 -flto=auto -finline-limit=1000 -fanalyzer
LDFLAGS: -O3 -flto=auto -finline-limit=1000 -fanalyzer
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install dependencies
run: sudo apt-get install -y automake gcc-12 libacl1-dev libpopt-dev libselinux1-dev
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: ./configure --enable-werror --disable-silent-rules
- name: Analyze
run: make -j"$(nproc)"
build-gcc-c89:
name: GCC C89
runs-on: ubuntu-latest
env:
CFLAGS: -O2 -g -std=c89
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Install dependencies
run: sudo apt-get install -y automake libacl1-dev libpopt-dev libselinux1-dev
- name: Bootstrap
run: ./autogen.sh
- name: Configure
run: ./configure --enable-werror --disable-silent-rules
- name: Build
run: make -j"$(nproc)"
space-check:
name: Space Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
- name: Spaces check
run: git diff-tree --check $(git hash-object -t tree /dev/null) HEAD
- name: Tab check
run: |
issues="$( grep "$(printf '\t')" config.c log.{c,h} logrotate.{c,h} )" || true
if [ -n "$issues" ]; then
echo "Found tab issues:"
echo "$issues"
exit 1;
fi