Added GitHub Actions for build and security analysis (#196)

microsoft · Jul 30, 2024 · ca317b6 · ca317b6
1 parent 6433b53
commit ca317b6
Show file tree

Hide file tree

Showing 14 changed files with 524 additions and 59 deletions.
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,63 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.nuget/*'
+      - build/*.yml
+  schedule:
+    - cron: '34 18 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze (C/C++)
+    runs-on: windows-latest
+    timeout-minutes: 360
+    permissions:
+      security-events: write
+      packages: read
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Clone test repository
+      uses: actions/checkout@v4
+      with:
+        repository: walbourn/directxmathtest
+        path: Tests
+        ref: main
+
+    - name: 'Install Ninja'
+      run: choco install ninja
+
+    - uses: ilammy/msvc-dev-cmd@v1
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: c-cpp
+        build-mode: manual
+
+    - name: 'Configure CMake'
+      working-directory: ./Tests/headertest
+      run: cmake --preset=x64-Debug
+
+    - name: 'Build'
+      working-directory: ./Tests/headertest
+      run: cmake --build out\build\x64-Debug
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:c-cpp"
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,91 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+name: 'CMake (Windows)'
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.nuget/*'
+      - build/*.yml
+
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      fail-fast: false
+
+      matrix:
+        os: [windows-2019, windows-2022]
+        build_type: [x64-Debug, x64-Release, x64-Debug-Clang, x64-Release-Clang]
+        arch: [amd64]
+        include:
+          - os: windows-2019
+            build_type: x86-Debug
+            arch: amd64_x86
+          - os: windows-2019
+            build_type: x86-Release
+            arch: amd64_x86
+          - os: windows-2019
+            build_type: x86-Debug-Clang
+            arch: amd64_x86
+          - os: windows-2019
+            build_type: x86-Release-Clang
+            arch: amd64_x86
+          - os: windows-2022
+            build_type: x86-Debug
+            arch: amd64_x86
+          - os: windows-2022
+            build_type: x86-Release
+            arch: amd64_x86
+          - os: windows-2022
+            build_type: x86-Debug-Clang
+            arch: amd64_x86
+          - os: windows-2022
+            build_type: x86-Release-Clang
+            arch: amd64_x86
+          - os: windows-2022
+            build_type: arm64-Debug
+            arch: amd64_arm64
+          - os: windows-2022
+            build_type: arm64-Release
+            arch: amd64_arm64
+          - os: windows-2022
+            build_type: arm64ec-Debug
+            arch: amd64_arm64
+          - os: windows-2022
+            build_type: arm64ec-Release
+            arch: amd64_arm64
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Clone test repository
+      uses: actions/checkout@v4
+      with:
+        repository: walbourn/directxmathtest
+        path: Tests
+        ref: main
+
+    - name: 'Install Ninja'
+      run: choco install ninja
+
+    - uses: ilammy/msvc-dev-cmd@v1
+      with:
+        arch: ${{ matrix.arch }}
+
+    - name: 'Configure CMake'
+      working-directory: ${{ github.workspace }}
+      run: cmake --preset=${{ matrix.build_type }}
+
+    - name: 'Build'
+      working-directory: ${{ github.workspace }}
+      run: cmake --build out\build\${{ matrix.build_type }}
diff --git a/.github/workflows/msbuild.yml b/.github/workflows/msbuild.yml
@@ -0,0 +1,62 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+name: MSBuild
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.nuget/*'
+      - build/*
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: windows-${{ matrix.vs }}
+
+    strategy:
+      fail-fast: false
+
+      matrix:
+        vs: [2019, 2022]
+        build_type: [Debug, Release, 'NI Debug', 'NI Release']
+        platform: [x86, x64, ARM64]
+        exclude:
+        - vs: 2019
+          platform: ARM64
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Clone test repository
+      uses: actions/checkout@v4
+      with:
+        repository: walbourn/directxmathtest
+        path: Tests
+        ref: main
+
+    - name: Add MSBuild to PATH
+      uses: microsoft/setup-msbuild@v2
+
+    - name: Build math3
+      working-directory: ${{ github.workspace }}/Tests/math3
+      run: msbuild /m /p:Configuration="${{ matrix.build_type }}" /p:Platform=${{ matrix.platform }} ./math3_${{ matrix.vs }}.sln
+
+    - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release')
+      name: Build shmath
+      working-directory: ${{ github.workspace }}/Tests/shmath
+      run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./shmath_${{ matrix.vs }}.sln
+
+    - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release')
+      name: Build xdsp
+      working-directory: ${{ github.workspace }}/Tests/xdsp
+      run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./XDSPTest_${{ matrix.vs }}.sln
diff --git a/.github/workflows/msbuildex.yml b/.github/workflows/msbuildex.yml
@@ -0,0 +1,117 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+name: 'MSBuild (Extended)'
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.nuget/*'
+      - build/*
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: windows-${{ matrix.vs }}
+
+    strategy:
+      fail-fast: false
+
+      matrix:
+        include:
+        - vs: 2019
+          platform: x86
+          build_type: 'AVX Debug'
+        - vs: 2019
+          platform: x64
+          build_type: 'AVX Debug'
+        - vs: 2022
+          platform: x86
+          build_type: 'AVX Debug'
+        - vs: 2022
+          platform: x64
+          build_type: 'AVX Debug'
+        - vs: 2019
+          platform: x86
+          build_type: 'AVX2 Debug'
+        - vs: 2019
+          platform: x64
+          build_type: 'AVX2 Debug'
+        - vs: 2022
+          platform: x86
+          build_type: 'AVX2 Debug'
+        - vs: 2022
+          platform: x64
+          build_type: 'AVX2 Debug'
+        - vs: 2019
+          platform: x86
+          build_type: 'x87 Debug'
+        - vs: 2022
+          platform: x86
+          build_type: 'x87 Debug'
+        - vs: 2019
+          platform: x86
+          build_type: 'AVX Release'
+        - vs: 2019
+          platform: x64
+          build_type: 'AVX Release'
+        - vs: 2022
+          platform: x86
+          build_type: 'AVX Release'
+        - vs: 2022
+          platform: x64
+          build_type: 'AVX Release'
+        - vs: 2019
+          platform: x86
+          build_type: 'AVX2 Release'
+        - vs: 2019
+          platform: x64
+          build_type: 'AVX2 Release'
+        - vs: 2022
+          platform: x86
+          build_type: 'AVX2 Release'
+        - vs: 2022
+          platform: x64
+          build_type: 'AVX2 Release'
+        - vs: 2019
+          platform: x86
+          build_type: 'x87 Release'
+        - vs: 2022
+          platform: x86
+          build_type: 'x87 Release'
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Clone test repository
+      uses: actions/checkout@v4
+      with:
+        repository: walbourn/directxmathtest
+        path: Tests
+        ref: main
+
+    - name: Add MSBuild to PATH
+      uses: microsoft/setup-msbuild@v2
+
+    - name: Build math3
+      working-directory: ${{ github.workspace }}/Tests/math3
+      run: msbuild /m /p:Configuration="${{ matrix.build_type }}" /p:Platform=${{ matrix.platform }} ./math3_${{ matrix.vs }}.sln
+
+    - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release')
+      name: Build shmath
+      working-directory: ${{ github.workspace }}/Tests/shmath
+      run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./shmath_${{ matrix.vs }}.sln
+
+    - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release')
+      name: Build xdsp
+      working-directory: ${{ github.workspace }}/Tests/xdsp
+      run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./XDSPTest_${{ matrix.vs }}.sln
diff --git a/.github/workflows/msvc.yml b/.github/workflows/msvc.yml
@@ -0,0 +1,60 @@
+# Copyright (c) Microsoft Corporation.
+# Licensed under the MIT License.
+#
+# http://go.microsoft.com/fwlink/?LinkID=615560
+
+name: Microsoft C++ Code Analysis
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+    paths-ignore:
+      - '*.md'
+      - LICENSE
+      - '.nuget/*'
+      - build/*.yml
+  schedule:
+    - cron: '34 20 * * 6'
+
+permissions:
+  contents: read
+
+jobs:
+  analyze:
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+    name: Analyze
+    runs-on: windows-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Clone test repository
+        uses: actions/checkout@v4
+        with:
+          repository: walbourn/directxmathtest
+          path: Tests
+          ref: main
+
+      - name: Configure CMake
+        working-directory: ./Tests/headertest
+        run: cmake -B out
+
+      - name: Initialize MSVC Code Analysis
+        uses: microsoft/[email protected]
+        id: run-analysis
+        with:
+          cmakeBuildDirectory: ./Tests/headertest/out
+          buildConfiguration: Debug
+          ruleset: NativeRecommendedRules.ruleset
+
+      # Upload SARIF file to GitHub Code Scanning Alerts
+      - name: Upload SARIF to GitHub
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: ${{ steps.run-analysis.outputs.sarif }}