Reuse code and replace some manually handled memory management #208
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: [push, pull_request] | |
| permissions: | |
| contents: read | |
| env: | |
| BUILD_NUMBER: ${{ github.run_number }} | |
| CMAKE_BUILD_PARALLEL_LEVEL: 4 | |
| # Required dependencies (does not include packaging and optional dependencies) | |
| UBUNTU_DEPS: cmake libxml2-dev zlib1g-dev libssl-dev libflatbuffers-dev | |
| jobs: | |
| ubuntu: | |
| name: Build on Ubuntu ${{ matrix.container }} ${{ matrix.arch }} | |
| runs-on: ubuntu-24.04${{ matrix.arch == 'arm64' && '-arm' || '' }} | |
| container: ubuntu:${{ matrix.container }} | |
| strategy: | |
| matrix: | |
| container: ['22.04', '24.04', '24.10'] | |
| arch: ['amd64', 'arm64'] | |
| env: | |
| DEBIAN_FRONTEND: noninteractive | |
| DEBFULLNAME: github-actions | |
| DEBEMAIL: [email protected] | |
| steps: | |
| - name: Install dependencies | |
| run: apt update -qq && apt install --no-install-recommends -y lsb-release build-essential devscripts debhelper lintian pkg-config ${UBUNTU_DEPS} doxygen swig openjdk-17-jdk-headless libpython3-dev python3-setuptools libboost-test-dev | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup changelog | |
| run: | | |
| export VERSION=$(grep project CMakeLists.txt | egrep -o "([0-9]{1,}\.)+[0-9]{1,}") | |
| export VERSIONEX=${VERSION}.${BUILD_NUMBER}.$(lsb_release -rs) | |
| dch --distribution $(lsb_release -cs) -v ${VERSIONEX} "Release ${VERSIONEX}." | |
| - name: Build packages | |
| run: | | |
| JAVA_HOME=/usr/lib/jvm/java-17-openjdk-${{ matrix.arch }} dpkg-buildpackage -us -uc | |
| mv ../libcdoc*.* . | |
| - name: Lintian | |
| run: lintian *.deb; | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ubuntu_${{ matrix.container }}_${{ matrix.arch }} | |
| path: libcdoc*.* | |
| android: | |
| name: Build on Ubuntu for ${{ matrix.target }} | |
| runs-on: ubuntu-24.04 | |
| strategy: | |
| matrix: | |
| include: | |
| - target: androidarm | |
| triplet: arm-neon-android | |
| - target: androidarm64 | |
| triplet: arm64-android | |
| - target: androidx86_64 | |
| triplet: x64-android | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare vcpkg | |
| uses: lukka/run-vcpkg@v11 | |
| with: | |
| vcpkgGitCommitId: e4644bd15436d406bba71928d086c809e5c9ca45 | |
| vcpkgJsonGlob: ./vcpkg.json | |
| runVcpkgInstall: true | |
| env: | |
| VCPKG_DEFAULT_TRIPLET: ${{ matrix.triplet }} | |
| - name: Build | |
| run: | | |
| cmake --preset ${{ matrix.target }} "-GUnix Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=libcdoc.${{ matrix.target }} | |
| cmake --build --preset ${{ matrix.target }} | |
| cmake --build --preset ${{ matrix.target }} --target install/strip | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.target }} | |
| path: | | |
| libcdoc.${{ matrix.target }} | |
| macos: | |
| name: Build on macOS for ${{ matrix.target }} | |
| runs-on: macos-latest | |
| strategy: | |
| matrix: | |
| target: [macos, iphoneos, iphonesimulator] | |
| include: | |
| - target: iphoneos | |
| triplet: arm64-ios | |
| - target: iphonesimulator | |
| triplet: arm64-ios-simulator | |
| env: | |
| DEST: ${{ github.workspace }}/${{ matrix.target }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| brew update | |
| brew install --formula ninja flatbuffers swig doxygen boost [email protected] | |
| brew unlink [email protected] || true | |
| brew unlink [email protected] || true | |
| - name: Prepare vcpkg | |
| if: matrix.target != 'macos' | |
| uses: lukka/run-vcpkg@v11 | |
| with: | |
| vcpkgGitCommitId: e4644bd15436d406bba71928d086c809e5c9ca45 | |
| vcpkgJsonGlob: ./vcpkg.json | |
| runVcpkgInstall: true | |
| env: | |
| VCPKG_DEFAULT_TRIPLET: ${{ matrix.triplet }} | |
| - name: Build | |
| run: | | |
| cmake --preset ${{ matrix.target }} -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=${{ env.DEST }} | |
| cmake --build --preset ${{ matrix.target }} | |
| - name: Test | |
| if: matrix.target == 'macos' | |
| run: cmake --build --preset ${{ matrix.target }} --target test | |
| - name: Install | |
| run: cmake --build --preset ${{ matrix.target }} --target install/strip | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.target }} | |
| path: ${{ env.DEST }} | |
| windows: | |
| name: Build on Windows | |
| runs-on: ${{ matrix.image }} | |
| strategy: | |
| matrix: | |
| image: [windows-2022] | |
| platform: [x64, arm64] | |
| env: | |
| CXXFLAGS: '/D_DISABLE_CONSTEXPR_MUTEX_CONSTRUCTOR' # https://github.com/actions/runner-images/issues/10004 | |
| DEST: ${{ github.workspace }}/${{ matrix.image }}_${{ matrix.platform }} | |
| VCPKG_DEFAULT_TRIPLET: ${{ matrix.platform }}-windows-static-md | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Prepare vcpkg | |
| uses: lukka/run-vcpkg@v11 | |
| with: | |
| vcpkgGitCommitId: e4644bd15436d406bba71928d086c809e5c9ca45 | |
| vcpkgJsonGlob: ./vcpkg.json | |
| runVcpkgInstall: true | |
| runVcpkgFormatString: "[`install`, `--recurse`, `--clean-after-build`, `--x-install-root`, `$[env.VCPKG_INSTALLED_DIR]`, `--triplet`, `$[env.VCPKG_DEFAULT_TRIPLET]`, `--x-feature`, `tests`]" | |
| env: | |
| VCPKG_INSTALLED_DIR: ${{ github.workspace }}/build/vcpkg_installed | |
| - name: Install dependencies | |
| run: | | |
| choco install doxygen.install -y > $null | |
| Invoke-WebRequest -UserAgent "Wget" "https://sourceforge.net/projects/swig/files/swigwin/swigwin-4.3.0/swigwin-4.3.0.zip/download" -OutFile swig.zip | |
| tar xf swig.zip | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Build | |
| run: | | |
| cmake -A ${{ matrix.platform }} -S . -B build -DCMAKE_BUILD_TYPE=RelWithDebInfo ` | |
| "-DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_ROOT }}/scripts/buildsystems/vcpkg.cmake" ` | |
| "-DSWIG_EXECUTABLE=${{ github.workspace }}/swigwin-4.3.0/swig.exe" ` | |
| -DVCPKG_TARGET_TRIPLET=${{ env.VCPKG_DEFAULT_TRIPLET }} ` | |
| -DVCPKG_MANIFEST_FEATURES=tests ` | |
| -DCMAKE_INSTALL_LIBDIR=bin | |
| cmake --build build --config RelWithDebInfo | |
| cmake --install build --config RelWithDebInfo --prefix ${{ env.DEST }} | |
| - name: Archive artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.image }}_${{ matrix.platform }} | |
| path: ${{ env.DEST }} | |
| pages: | |
| name: Deploy pages | |
| if: github.repository == 'open-eid/libcdoc' && contains(github.ref, 'master') | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: sudo apt update -qq && sudo apt install --no-install-recommends -y doxygen ${UBUNTU_DEPS} | |
| - name: Build docs | |
| run: | | |
| cmake -B build -S . | |
| cmake --build build --target docs | |
| - name: Deploy | |
| uses: peaceiris/actions-gh-pages@v4 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_dir: ./build/doc | |
| force_orphan: true | |
| coverity: | |
| name: Run Coverity tests | |
| if: github.repository == 'open-eid/libcdoc' && contains(github.ref, 'coverity_scan') | |
| runs-on: ubuntu-24.04 | |
| env: | |
| TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
| PROJECTNAME: ${{ github.repository }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: sudo apt update -qq && sudo apt install --no-install-recommends -y curl ca-certificates ${UBUNTU_DEPS} | |
| - name: Download Coverity Build Tool | |
| run: | | |
| curl --silent --data "token=$TOKEN&project=$PROJECTNAME" -o cov-analysis-linux64.tar.gz https://scan.coverity.com/download/cxx/linux64 | |
| mkdir cov-analysis-linux64 | |
| tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 | |
| - name: Build | |
| run: | | |
| cmake -B build -S . \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_SWIG=YES \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_Boost=YES \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_Doxygen=YES | |
| export PATH=$PWD/cov-analysis-linux64/bin:$PATH | |
| cov-build --dir cov-int cmake --build build | |
| - name: Submit the result to Coverity Scan | |
| run: | | |
| tar czvf upload.tgz cov-int | |
| curl --silent \ | |
| --form project=$PROJECTNAME \ | |
| --form token=$TOKEN \ | |
| --form [email protected] \ | |
| --form [email protected] \ | |
| --form version=master \ | |
| --form description="Github Actions CI build" \ | |
| https://scan.coverity.com/builds?project=$PROJECTNAME | |
| codeql: | |
| name: Run CodeQL tests | |
| if: github.repository == 'lauris71/libcdoc' | |
| runs-on: ubuntu-24.04 | |
| permissions: | |
| security-events: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: sudo apt update -qq && sudo apt install --no-install-recommends -y ${UBUNTU_DEPS} | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v3 | |
| with: | |
| languages: cpp | |
| queries: +security-and-quality | |
| - name: Build | |
| run: | | |
| cmake -B build -S . \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_SWIG=YES \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_Boost=YES \ | |
| -DCMAKE_DISABLE_FIND_PACKAGE_Doxygen=YES \ | |
| -DBUILD_TOOLS=NO | |
| cmake --build build | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v3 | |
| with: | |
| upload: False | |
| output: sarif-results | |
| - name: Filter results | |
| uses: advanced-security/filter-sarif@develop | |
| with: | |
| patterns: | | |
| -cdoc/httplib.h | |
| -cdoc/fmt/* | |
| -**:cpp/poorly-documented-function | |
| -**:cpp/loop-variable-changed | |
| input: sarif-results/cpp.sarif | |
| output: sarif-results/cpp.sarif | |
| - name: Upload results | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: sarif-results/cpp.sarif |