summaryrefslogtreecommitdiff
path: root/.github/workflows/check.yml
diff options
context:
space:
mode:
Diffstat (limited to '.github/workflows/check.yml')
-rw-r--r--.github/workflows/check.yml116
1 files changed, 95 insertions, 21 deletions
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
index 6792c478..455a88a5 100644
--- a/.github/workflows/check.yml
+++ b/.github/workflows/check.yml
@@ -11,6 +11,7 @@ on:
- flatpak-1.8.x
- flatpak-1.10.x
- flatpak-1.12.x
+ - flatpak-1.14.x
pull_request:
paths-ignore:
- README.md
@@ -29,39 +30,102 @@ on:
- flatpak-1.8.x
- flatpak-1.10.x
- flatpak-1.12.x
+ - flatpak-1.14.x
+
+permissions:
+ contents: read
jobs:
check:
name: Build with gcc and test
- runs-on: ubuntu-18.04
+ runs-on: ubuntu-22.04
steps:
- name: Install Dependencies
run: |
- sudo add-apt-repository ppa:flatpak/stable
- sudo add-apt-repository ppa:alexlarsson/glib260
- sudo add-apt-repository 'deb https://download.mono-project.com/repo/ubuntu stable-bionic main' # Needed for updates to work
sudo apt-get update
- sudo apt-get install -y libglib2.0 attr automake gettext autopoint bison dbus gtk-doc-tools \
- libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
+ sudo apt-get install -y libglib2.0-dev attr automake gettext autopoint bison dbus gtk-doc-tools \
+ libfuse3-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \
- libseccomp-dev libsoup2.4-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
- libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev e2fslibs-dev
+ libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
+ libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev e2fslibs-dev bubblewrap xdg-dbus-proxy \
+ python3-pip meson ninja-build libyaml-dev libstemmer-dev gperf itstool libmalcontent-0-dev
# One of the tests wants this
sudo mkdir /tmp/flatpak-com.example.App-OwnedByRoot
- name: Check out flatpak
uses: actions/checkout@v1
with:
submodules: true
- - name: Build malcontent dependency
+ - name: Build appstream dependency # (We need at least 0.15.3 for the g_once fix)
run: |
- git clone --branch 0.4.0 --depth 1 --no-tags https://gitlab.freedesktop.org/pwithnall/malcontent.git ./malcontent
- pushd ./malcontent
+ sudo pip3 install 'meson~=0.62'
+ git clone --branch v0.15.4 --depth 1 --no-tags https://github.com/ximion/appstream.git ./appstream
+ pushd ./appstream
meson setup --prefix=/usr _build
ninja -C _build
sudo ninja -C _build install
popd
- name: Create logs dir
run: mkdir test-logs
+ - name: configure
+ # We don't do gtk-doc or GObject-Introspection here, because they can
+ # clash with AddressSanitizer. Instead, the clang build enables those.
+ run: |
+ meson _build \
+ -Db_sanitize=address,undefined \
+ -Dgir=disabled \
+ -Dgtkdoc=disabled \
+ -Dhttp_backend=curl \
+ -Dinternal_checks=true \
+ -Dsystem_bubblewrap=bwrap \
+ -Dsystem_dbus_proxy=xdg-dbus-proxy \
+ ${NULL+}
+ env:
+ CFLAGS: -O2 -Wp,-D_FORTIFY_SOURCE=2
+ - name: Build flatpak
+ run: ninja -C _build
+ env:
+ ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc
+ - name: Run tests
+ run: meson test -C _build
+ env:
+ ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc
+ - name: Collect logs on failure
+ if: failure() || cancelled()
+ run: mv _build/meson-logs/* test-logs/ || true
+ - name: Upload test logs
+ uses: actions/upload-artifact@v1
+ if: failure() || cancelled()
+ with:
+ name: test logs
+ path: test-logs
+
+ # This is similar to the above, but runs on an older OS with some different configuration:
+ # * Soup instead of curl
+ # * Use built in bubblewrap instead of external
+ # * Use built in xdg-dbus-proxy instead of external
+ # * Disable malcontent build-dependency
+ check-alt2:
+ name: Build with gcc and test (older)
+ runs-on: ubuntu-18.04
+ steps:
+ - name: Install Dependencies
+ run: |
+ sudo add-apt-repository ppa:flatpak/stable
+ sudo add-apt-repository 'deb https://download.mono-project.com/repo/ubuntu stable-bionic main' # Needed for updates to work
+ sudo apt-get update
+ sudo apt-get install -y libglib2.0-dev attr automake gettext autopoint bison dbus gtk-doc-tools \
+ libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
+ libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \
+ libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
+ libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev e2fslibs-dev
+ # One of the tests wants this
+ sudo mkdir /tmp/flatpak-com.example.App-OwnedByRoot
+ - name: Check out flatpak
+ uses: actions/checkout@v1
+ with:
+ submodules: true
+ - name: Create logs dir
+ run: mkdir test-logs
- name: autogen.sh
run: NOCONFIGURE=1 ./autogen.sh
- name: configure
@@ -70,15 +134,23 @@ jobs:
run: |
mkdir _build
pushd _build
- ../configure --enable-internal-checks --enable-asan --disable-introspection
+ ../configure --enable-internal-checks --enable-asan --disable-introspection --without-curl
popd
env:
CFLAGS: -O2 -Wp,-D_FORTIFY_SOURCE=2
- name: Build flatpak
run: make -C _build -j $(getconf _NPROCESSORS_ONLN)
+ # We build with Ubuntu 18.04's GLib to prove that we can, but there's a
+ # race condition that makes it fail tests, so upgrade to a version from
+ # a PPA before running the tests: see
+ # https://github.com/flatpak/flatpak/pull/3121,
+ # https://gitlab.gnome.org/GNOME/glib/-/issues/1014
+ - name: Upgrade GLib before running tests
+ run: |
+ sudo add-apt-repository ppa:alexlarsson/glib260
+ sudo apt-get install -y libglib2.0-dev
- name: Run tests
- # TODO: Build with -j (currently ends up with hangs in the tests)
- run: make -C _build check
+ run: make -C _build check -j $(getconf _NPROCESSORS_ONLN)
env:
ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc
- name: Collect overall test logs on failure
@@ -95,6 +167,8 @@ jobs:
path: test-logs
clang:
+ permissions:
+ security-events: write # for codeql
name: Build with clang and analyze
runs-on: ubuntu-18.04
strategy:
@@ -107,7 +181,7 @@ jobs:
steps:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@v1
+ uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -117,13 +191,12 @@ jobs:
- name: Install Dependencies
run: |
sudo add-apt-repository ppa:flatpak/stable
- sudo add-apt-repository ppa:alexlarsson/glib260
sudo add-apt-repository 'deb https://download.mono-project.com/repo/ubuntu stable-bionic main' # Needed for updates to work
sudo apt-get update
- sudo apt-get install -y libglib2.0 attr automake gettext autopoint bison dbus gtk-doc-tools \
+ sudo apt-get install -y libglib2.0-dev attr automake gettext autopoint bison dbus gtk-doc-tools \
libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \
- libseccomp-dev libsoup2.4-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
+ libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
libgirepository1.0-dev libappstream-dev libdconf-dev clang e2fslibs-dev
- name: Check out flatpak
uses: actions/checkout@v1
@@ -137,22 +210,23 @@ jobs:
- name: Build flatpak
run: make -j $(getconf _NPROCESSORS_ONLN)
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v1
+ uses: github/codeql-action/analyze@v2
valgrind:
name: Run tests in valgrind
needs: check # Don't run expensive test if main check fails
runs-on: ubuntu-20.04 # Might as well test with a different one too
+ if: ${{ false }} # Currently Valgrind takes too long and always fails
steps:
- name: Install Dependencies
run: |
sudo add-apt-repository ppa:flatpak/stable
sudo apt-get update
sudo add-apt-repository 'deb https://download.mono-project.com/repo/ubuntu stable-focal main' # Needed for updates to work
- sudo apt-get install -y libglib2.0 attr automake gettext autopoint bison dbus gtk-doc-tools \
+ sudo apt-get install -y libglib2.0-dev attr automake gettext autopoint bison dbus gtk-doc-tools \
libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \
libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \
- libseccomp-dev libsoup2.4-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
+ libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \
libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev \
valgrind e2fslibs-dev
- name: Check out flatpak
View Lorry Controller Status