name: Annocheck on: push: paths-ignore: - 'doc/**' - '**/man' - '**.md' - '**.rdoc' - '**/.document' pull_request: paths-ignore: - 'doc/**' - '**/man' - '**.md' - '**.rdoc' - '**/.document' merge_group: paths-ignore: - 'doc/**' - '**/man' - '**.md' - '**.rdoc' - '**/.document' concurrency: group: ${{ github.workflow }} / ${{ startsWith(github.event_name, 'pull') && github.ref_name || github.sha }} cancel-in-progress: ${{ startsWith(github.event_name, 'pull') }} # GitHub actions does not support YAML anchors. This creative use of # environment variables (plus the "echo $GITHUB_ENV" hack) is to reroute that # restriction. env: default_cc: clang-15 append_cc: '' # -O1 is faster than -O3 in our tests... Majority of time are consumed trying # to optimize binaries. Also GitHub Actions run on relatively modern CPUs # compared to, say, GCC 4 or Clang 3. We don't specify `-march=native` # because compilers tend not understand what the CPU is. optflags: '-O1' # -g0 disables backtraces when SEGV. Do not set that. debugflags: '-ggdb3' default_configure: >- --enable-debug-env --disable-install-doc --with-ext=-test-/cxxanyargs,+ append_configure: >- --without-valgrind --without-jemalloc --without-gmp CONFIGURE_TTY: never GITPULLOPTIONS: --no-tags origin ${{github.ref}} RUBY_DEBUG: ci rgengc RUBY_TESTOPTS: >- -q --color=always --tty=no permissions: contents: read jobs: compile: strategy: fail-fast: false matrix: env: - {} entry: - name: 'gcc-11 annocheck' container: gcc-11 env: # Minimal flags to pass the check. default_cc: 'gcc-11 -fcf-protection -Wa,--generate-missing-build-notes=yes' optflags: '-O2' LDFLAGS: '-Wl,-z,now' # FIXME: Drop skipping options # https://bugs.ruby-lang.org/issues/18061 # https://sourceware.org/annobin/annobin.html/Test-pie.html TEST_ANNOCHECK_OPTS: "--skip-pie --skip-gaps" check: true name: ${{ matrix.entry.name }} runs-on: ubuntu-latest container: image: ghcr.io/ruby/ruby-ci-image:${{ matrix.entry.container || matrix.entry.env.default_cc || 'clang-15' }} options: --user root if: ${{ !contains(github.event.head_commit.message, '[DOC]') && !contains(github.event.pull_request.labels.*.name, 'Documentation') }} env: ${{ matrix.entry.env || matrix.env }} steps: - run: id working-directory: - run: mkdir build working-directory: - name: setenv run: | echo "GNUMAKEFLAGS=-sj$((1 + $(nproc --all)))" >> $GITHUB_ENV - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: path: src - uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 with: path: src/.downloaded-cache key: downloaded-cache - name: autogen run: | if [ ! -f ./autogen.sh ]; then ls -la fi ./autogen.sh working-directory: src - name: Run configure run: > ../src/configure -C ${default_configure} ${append_configure} --${{ matrix.entry.crosshost && 'host' || 'with-gcc' }}=${{ matrix.entry.crosshost || '"${default_cc}${append_cc:+ $append_cc}"' }} --${{ matrix.entry.shared || 'enable' }}-shared - run: make extract-extlibs - run: make incs - run: make showflags - run: make - run: make test - run: make install if: ${{ matrix.entry.check }} - run: make test-tool if: ${{ matrix.entry.check }} ### test-all doesn't work: https://github.com/ruby/ruby/actions/runs/4340112185/jobs/7578344307 # - run: make test-all TESTS='-- ruby -ext-' # if: ${{ matrix.entry.check }} ### test-spec doesn't work: https://github.com/ruby/ruby/actions/runs/4340193212/jobs/7578505652 # - run: make test-spec # env: # CHECK_LEAKS: true # if: ${{ matrix.entry.check }} - run: make test-annocheck if: ${{ matrix.entry.check && endsWith(matrix.entry.name, 'annocheck') }} - uses: ruby/action-slack@0bd85c72233cdbb6a0fe01d37aaeff1d21b5fce1 # v3.2.1 with: payload: | { "ci": "GitHub Actions", "env": "${{ github.workflow }} / ${{ matrix.entry.name }}", "url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}", "commit": "${{ github.sha }}", "branch": "${{ github.ref_name }}" } env: SLACK_WEBHOOK_URL: ${{ secrets.SIMPLER_ALERTS_URL }} # ruby-lang slack: ruby/simpler-alerts-bot if: ${{ failure() && github.event_name == 'push' }} defaults: run: working-directory: build