summaryrefslogtreecommitdiff
path: root/.github/workflows/check.yml
blob: ceb3b82d9f322e965536fdd3c67fe37b2bdee501 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

name: CI checks

on:
  push:
    branches:
    - main
  pull_request:
    branches:
    - main

jobs:
  check:
    name: Build with Autotools and gcc, and test
    runs-on: ubuntu-latest
    steps:
    - name: Check out
      uses: actions/checkout@v1
    - name: Install build-dependencies
      run: sudo ./ci/builddeps.sh
    - name: Create logs dir
      run: mkdir test-logs
    - name: autogen.sh
      run: NOCONFIGURE=1 ./autogen.sh
    - name: configure
      run: |
        mkdir _build
        pushd _build
        ../configure \
          --enable-man \
          --enable-selinux \
          ${NULL+}
        popd
      env:
        CFLAGS: >-
          -O2
          -Wp,-D_FORTIFY_SOURCE=2
          -fsanitize=address
          -fsanitize=undefined
    - name: make
      run: make -C _build -j $(getconf _NPROCESSORS_ONLN) V=1
    - name: smoke-test
      run: |
        set -x
        ./_build/bwrap --bind / / --tmpfs /tmp true
      env:
        ASAN_OPTIONS: detect_leaks=0
    - name: check
      run: |
        make -C _build -j $(getconf _NPROCESSORS_ONLN) check VERBOSE=1 BWRAP_MUST_WORK=1
      env:
        ASAN_OPTIONS: detect_leaks=0
    - name: Collect overall test logs on failure
      if: failure()
      run: mv _build/test-suite.log test-logs/ || true
    - name: Collect individual test logs on cancel
      if: failure() || cancelled()
      run: mv _build/tests/*.log test-logs/ || true
    - name: Upload test logs
      uses: actions/upload-artifact@v1
      if: failure() || cancelled()
      with:
        name: test logs
        path: test-logs
    - name: install
      run: |
        make -C _build install DESTDIR="$(pwd)/DESTDIR"
        ( cd DESTDIR && find -ls )
    - name: distcheck
      run: |
        make -C _build -j $(getconf _NPROCESSORS_ONLN) distcheck VERBOSE=1 BWRAP_MUST_WORK=1

  meson:
    name: Build with Meson and gcc, and test
    runs-on: ubuntu-latest
    steps:
    - name: Check out
      uses: actions/checkout@v1
    - name: Install build-dependencies
      run: sudo ./ci/builddeps.sh
    - name: Create logs dir
      run: mkdir test-logs
    - name: setup
      run: |
        meson _build
      env:
        CFLAGS: >-
          -O2
          -Wp,-D_FORTIFY_SOURCE=2
          -fsanitize=address
          -fsanitize=undefined
    - name: compile
      run: ninja -C _build -v
    - name: smoke-test
      run: |
        set -x
        ./_build/bwrap --bind / / --tmpfs /tmp true
      env:
        ASAN_OPTIONS: detect_leaks=0
    - name: test
      run: |
        BWRAP_MUST_WORK=1 meson test -C _build
      env:
        ASAN_OPTIONS: detect_leaks=0
    - name: Collect overall test logs on failure
      if: failure()
      run: mv _build/meson-logs/testlog.txt test-logs/ || true
    - name: install
      run: |
        DESTDIR="$(pwd)/DESTDIR" meson install -C _build
        ( cd DESTDIR && find -ls )
    - name: dist
      run: |
        BWRAP_MUST_WORK=1 meson dist -C _build
    - name: Collect dist test logs on failure
      if: failure()
      run: mv _build/meson-private/dist-build/meson-logs/testlog.txt test-logs/disttestlog.txt || true
    - name: use as subproject
      run: |
        mkdir tests/use-as-subproject/subprojects
        tar -C tests/use-as-subproject/subprojects -xf _build/meson-dist/bubblewrap-*.tar.xz
        mv tests/use-as-subproject/subprojects/bubblewrap-* tests/use-as-subproject/subprojects/bubblewrap
        ( cd tests/use-as-subproject && meson _build )
        ninja -C tests/use-as-subproject/_build -v
        meson test -C tests/use-as-subproject/_build
        DESTDIR="$(pwd)/DESTDIR-as-subproject" meson install -C tests/use-as-subproject/_build
        ( cd DESTDIR-as-subproject && find -ls )
        test -x DESTDIR-as-subproject/usr/local/libexec/not-flatpak-bwrap
        test ! -e DESTDIR-as-subproject/usr/local/bin/bwrap
        test ! -e DESTDIR-as-subproject/usr/local/libexec/bwrap
    - name: Upload test logs
      uses: actions/upload-artifact@v1
      if: failure() || cancelled()
      with:
        name: test logs
        path: test-logs

  clang:
    name: Build with clang and analyze
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        language:
          - cpp
    steps:
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v1
      with:
        languages: ${{ matrix.language }}
    - name: Check out
      uses: actions/checkout@v1
    - name: Install build-dependencies
      run: sudo ./ci/builddeps.sh --clang
    - name: autogen.sh
      run: NOCONFIGURE=1 ./autogen.sh
    - name: configure
      run: ./configure --enable-selinux
      env:
        CC: clang
        CFLAGS: >-
          -O2
          -Werror=unused-variable
    - name: make
      run: make -j $(getconf _NPROCESSORS_ONLN) V=1
    - name: CodeQL analysis
      uses: github/codeql-action/analyze@v1
View Lorry Controller Status