profile: Unset temporary variable #1
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Flatpak CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - flatpak-1.0.x | |
| - flatpak-1.2.x | |
| - flatpak-1.4.x | |
| - flatpak-1.6.x | |
| - flatpak-1.8.x | |
| - flatpak-1.10.x | |
| - flatpak-1.12.x | |
| - flatpak-1.14.x | |
| pull_request: | |
| paths-ignore: | |
| - README.md | |
| - CONTRIBUTING.md | |
| - NEWS | |
| - COPYING | |
| - CODE_OF_CONDUCT.md | |
| - uncrustify.cfg | |
| - uncrustify.sh | |
| branches: | |
| - main | |
| - flatpak-1.0.x | |
| - flatpak-1.2.x | |
| - flatpak-1.4.x | |
| - flatpak-1.6.x | |
| - flatpak-1.8.x | |
| - flatpak-1.10.x | |
| - flatpak-1.12.x | |
| - flatpak-1.14.x | |
| permissions: | |
| contents: read | |
| jobs: | |
| check: | |
| name: Build with gcc and test | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Install Dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libglib2.0-dev attr gettext bison dbus gtk-doc-tools \ | |
| libfuse3-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \ | |
| libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \ | |
| libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \ | |
| libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev e2fslibs-dev bubblewrap xdg-dbus-proxy \ | |
| python3-pip meson ninja-build libyaml-dev libstemmer-dev gperf itstool libmalcontent-0-dev | |
| # One of the tests wants this | |
| sudo mkdir /tmp/flatpak-com.example.App-OwnedByRoot | |
| - name: Check out flatpak | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Build appstream dependency # (We need at least 0.15.3 for the g_once fix) | |
| run: | | |
| sudo pip3 install 'meson~=0.62' | |
| git clone --branch v0.15.4 --depth 1 --no-tags https://github.com/ximion/appstream.git ./appstream | |
| pushd ./appstream | |
| meson setup --prefix=/usr _build | |
| meson compile -C _build | |
| sudo meson install -C _build | |
| popd | |
| - name: Create logs dir | |
| run: mkdir test-logs | |
| - name: configure | |
| # We don't do gtk-doc or GObject-Introspection here, because they can | |
| # clash with AddressSanitizer. Instead, the clang build enables those. | |
| run: | | |
| meson setup \ | |
| -Db_sanitize=address,undefined \ | |
| -Dgir=disabled \ | |
| -Dgtkdoc=disabled \ | |
| -Dhttp_backend=curl \ | |
| -Dinternal_checks=true \ | |
| -Dsystem_dbus_proxy=xdg-dbus-proxy \ | |
| _build | |
| env: | |
| CFLAGS: -O2 -Wp,-D_FORTIFY_SOURCE=2 | |
| - name: Build flatpak | |
| run: meson compile -C _build | |
| env: | |
| ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc | |
| - name: Run tests | |
| run: meson test -C _build | |
| env: | |
| ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc | |
| LC_ALL: en_US.UTF-8 | |
| - name: Collect logs on failure | |
| if: failure() || cancelled() | |
| run: mv _build/meson-logs/* test-logs/ || true | |
| - name: Upload test logs | |
| uses: actions/upload-artifact@v3 | |
| if: failure() || cancelled() | |
| with: | |
| name: test logs | |
| path: test-logs | |
| # This is similar to the above, but runs on an older OS with some different configuration: | |
| # * Soup instead of curl | |
| # * Use built in bubblewrap instead of external | |
| # * Use built in xdg-dbus-proxy instead of external | |
| # * Disable malcontent build-dependency | |
| check-alt2: | |
| name: Build with gcc and test (older) | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Install Dependencies | |
| run: | | |
| sudo add-apt-repository ppa:flatpak/stable | |
| sudo apt-get update | |
| sudo apt-get install -y libglib2.0-dev attr gettext bison dbus gtk-doc-tools \ | |
| libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \ | |
| libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \ | |
| libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \ | |
| libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev e2fslibs-dev | |
| # One of the tests wants this | |
| sudo mkdir /tmp/flatpak-com.example.App-OwnedByRoot | |
| - name: Check out flatpak | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Create logs dir | |
| run: mkdir test-logs | |
| - name: configure | |
| # We don't do gtk-doc or GObject-Introspection here, because they can | |
| # clash with AddressSanitizer. Instead, the clang build enables those. | |
| run: | | |
| meson setup \ | |
| -Db_sanitize=address,undefined \ | |
| -Dgir=disabled \ | |
| -Dgtkdoc=disabled \ | |
| -Dhttp_backend=soup \ | |
| -Dinternal_checks=true \ | |
| _build | |
| env: | |
| CFLAGS: -O2 -Wp,-D_FORTIFY_SOURCE=2 | |
| - name: Build flatpak | |
| # Can't use `meson compile` here because Ubuntu 20.04 is too old | |
| run: ninja -C _build | |
| - name: Run tests | |
| run: meson test -C _build | |
| env: | |
| ASAN_OPTIONS: detect_leaks=0 # Right now we're not fully clean, but this gets us use-after-free etc | |
| LC_ALL: en_US.UTF-8 | |
| - name: Collect overall test logs on failure | |
| if: failure() | |
| run: mv _build/test-suite.log test-logs/ || true | |
| - name: Collect individual test logs on cancel | |
| if: failure() || cancelled() | |
| run: mv _build/meson-logs/* test-logs/ || true | |
| - name: Upload test logs | |
| uses: actions/upload-artifact@v3 | |
| if: failure() || cancelled() | |
| with: | |
| name: test logs | |
| path: test-logs | |
| clang: | |
| permissions: | |
| security-events: write # for codeql | |
| name: Build with clang and analyze | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| language: [ 'cpp', 'python' ] | |
| # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] | |
| # Learn more: | |
| # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed | |
| steps: | |
| # Initializes the CodeQL tools for scanning. | |
| - name: Initialize CodeQL | |
| uses: github/codeql-action/init@v2 | |
| with: | |
| languages: ${{ matrix.language }} | |
| # If you wish to specify custom queries, you can do so here or in a config file. | |
| # By default, queries listed here will override any specified in a config file. | |
| # Prefix the list here with "+" to use these queries and those in the config file. | |
| # queries: ./path/to/local/query, your-org/your-repo/queries@main | |
| - name: Install Dependencies | |
| run: | | |
| sudo add-apt-repository ppa:flatpak/stable | |
| sudo apt-get update | |
| sudo apt-get install -y libglib2.0-dev attr gettext bison dbus gtk-doc-tools \ | |
| libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \ | |
| libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \ | |
| libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \ | |
| libgirepository1.0-dev libappstream-dev libdconf-dev clang e2fslibs-dev meson socat | |
| - name: Check out flatpak | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: configure | |
| run: | | |
| meson setup \ | |
| -Dgir=enabled \ | |
| -Dgtkdoc=enabled \ | |
| _build | |
| env: | |
| CC: clang | |
| CFLAGS: -Werror=unused-variable | |
| - name: Build flatpak | |
| # Can't use `meson compile` here because Ubuntu 20.04 is too old | |
| run: ninja -C _build | |
| - name: Perform CodeQL Analysis | |
| uses: github/codeql-action/analyze@v2 | |
| valgrind: | |
| name: Run tests in valgrind | |
| needs: check # Don't run expensive test if main check fails | |
| runs-on: ubuntu-22.04 # Might as well test with a different one too | |
| if: ${{ false }} # Currently Valgrind takes too long and always fails | |
| steps: | |
| - name: Install Dependencies | |
| run: | | |
| sudo add-apt-repository ppa:flatpak/stable | |
| sudo apt-get update | |
| sudo apt-get install -y libglib2.0-dev attr gettext bison dbus gtk-doc-tools \ | |
| libfuse-dev ostree libostree-dev libarchive-dev libzstd-dev libcap-dev libattr1-dev libdw-dev libelf-dev python3-pyparsing \ | |
| libjson-glib-dev shared-mime-info desktop-file-utils libpolkit-agent-1-dev libpolkit-gobject-1-dev \ | |
| libseccomp-dev libsoup2.4-dev libcurl4-openssl-dev libsystemd-dev libxml2-utils libgpgme11-dev gobject-introspection \ | |
| libgirepository1.0-dev libappstream-dev libdconf-dev clang socat meson libdbus-1-dev \ | |
| valgrind e2fslibs-dev meson | |
| - name: Check out flatpak | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Create logs dir | |
| run: mkdir test-logs | |
| - name: configure | |
| run: | | |
| meson setup \ | |
| -Dgir=enabled \ | |
| -Dgtkdoc=enabled \ | |
| _build | |
| env: | |
| CFLAGS: -O2 | |
| - name: Build flatpak | |
| run: meson compile -C _build | |
| - name: Run tests under valgrind | |
| run: meson test -C _build | |
| env: | |
| FLATPAK_TESTS_VALGRIND: true | |
| - name: Collect overall test logs on failure | |
| if: failure() | |
| run: mv _build/meson-logs/* test-logs/ || true | |
| - name: Collect individual test logs on cancel | |
| if: failure() || cancelled() | |
| run: mv _build/tests/*.log test-logs/ || true | |
| - name: Upload test logs | |
| uses: actions/upload-artifact@v3 | |
| if: failure() || cancelled() | |
| with: | |
| name: test logs | |
| path: test-logs |