Skip to content

Run CI whitespace check only on changes introduced in latest PR #743

Run CI whitespace check only on changes introduced in latest PR

Run CI whitespace check only on changes introduced in latest PR #743

Workflow file for this run

# Copyright 2020 Tresys Technology, LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: C/C++ CI
on: [push, pull_request]
jobs:
build:
name: build (${{ matrix.cc }})
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
cc: [ 'gcc', 'clang' ]
include:
- is_release_job: false
- is_release_job: true
cc: 'gcc'
env:
CC: ${{ matrix.cc }}
steps:
- uses: actions/checkout@v4
# Prevent Clang from using DWARF5, not supported by the valgrind version in runners
- name: Set environment for Clang
run: |
echo "CC=clang-17" >> $GITHUB_ENV
echo "CFLAGS=-gdwarf-4 -O2" >> $GITHUB_ENV
if: ${{ matrix.cc == 'clang' }}
- name: install clang repo
run: |
wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key 2>/dev/null | sudo apt-key add -
sudo add-apt-repository 'deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-17 main' -y
sudo apt-get update -q
sudo apt-get install -y clang-17
if: ${{ matrix.cc == 'clang' }}
- name: install dependencies
run: |
sudo apt-get update -q
sudo apt-get install -y check uthash-dev libconfuse-dev autoconf-archive bison byacc flex valgrind help2man bats
- name: autogen
run: ./autogen.sh
- name: configure
run: |
if [[ ${{ matrix.cc }} == 'gcc' ]]
then
./configure --enable-werror CFLAGS=--coverage || (cat config.log; exit 1;)
else
./configure --enable-werror || (cat config.log; exit 1;)
fi
- name: make
run: make
- name: make check
run: make check || (cat tests/test-suite.log; exit 1;)
- name: make check-valgrind
run: make check-valgrind || (cat tests/test-suite-memcheck.log; exit 1;)
- name: make distcheck
run: make distcheck DISTCHECK_CONFIGURE_FLAGS=--enable-werror
- name: functional tests
run : |
cd ./tests/functional
BATS_TIME_EXPENSIVE=1 bats end-to-end.bats
- name: Test distribution
run : |
make VERSION=pipeline-test dist
tar xvzf selint-pipeline-test.tar.gz
cd selint-pipeline-test
./configure --enable-werror
make
cd tests/functional
BATS_TIME_EXPENSIVE=1 bats end-to-end.bats
- name: checkout refpolicy
uses: actions/checkout@v4
with:
repository: SELinuxProject/refpolicy
path: refpolicy
- name: refpolicy parse test
run : |
cd refpolicy/
make conf
../src/selint -c ../selint.conf -s -r -e C-001 --summary-only .
- name: Release Info
id: release_info
run: |
if [[ '${{ github.ref }}' == refs/tags/v* && ${{ matrix.is_release_job }} == 'true' ]]
then
echo is_release=true >> $GITHUB_OUTPUT
echo tag=$(echo ${{ github.ref }} | cut -dv -f2) >> $GITHUB_OUTPUT
else
echo is_release=false >> $GITHUB_OUTPUT
fi
shell: bash
- name: Create Release
id: create_release
if: steps.release_info.outputs.is_release == 'true'
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref }}
release_name: v${{ steps.release_info.outputs.tag }}
draft: false
prerelease: false
- name: Upload Release Artifact
if: steps.release_info.outputs.is_release == 'true'
uses: actions/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
# This pulls from the CREATE RELEASE step above, referencing it's ID to
# get its outputs object, which include a `upload_url`
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./selint-${{ steps.release_info.outputs.tag }}.tar.gz
asset_name: selint-${{ steps.release_info.outputs.tag }}.tar.gz
asset_content_type: application/tar+gzip
whitespace_check:
name: Whitespace Check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: check-whitespaces
run: git diff-tree --check origin/main HEAD