Skip to content

Add CodeQL Workflow for Code Security Analysis #3

Add CodeQL Workflow for Code Security Analysis

Add CodeQL Workflow for Code Security Analysis #3

Workflow file for this run

name: Build
on: [push, pull_request]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}
cancel-in-progress: true
jobs:
Build:
name: ${{ matrix.platform.name }}
runs-on: ${{ matrix.platform.os }}
defaults:
run:
shell: ${{ matrix.platform.shell }}
strategy:
fail-fast: false
matrix:
platform:
- { name: Windows (mingw32), os: windows-latest, shell: 'msys2 {0}', msystem: mingw32, msys-env: mingw-w64-i686, artifact: 'SDL-mingw32' }
- { name: Windows (mingw64), os: windows-latest, shell: 'msys2 {0}', msystem: mingw64, msys-env: mingw-w64-x86_64, artifact: 'SDL-mingw64' }
- { name: Windows (clang32), os: windows-latest, shell: 'msys2 {0}', msystem: clang32, msys-env: mingw-w64-clang-i686, artifact: 'SDL-msys2-clang32' }
- { name: Windows (clang64), os: windows-latest, shell: 'msys2 {0}', msystem: clang64, msys-env: mingw-w64-clang-x86_64, artifact: 'SDL-msys2-clang64' }
- { name: Windows (ucrt64), os: windows-latest, shell: 'msys2 {0}', msystem: ucrt64, msys-env: mingw-w64-ucrt-x86_64, artifact: 'SDL-msys2-ucrt64' }
- { name: Ubuntu 20.04, os: ubuntu-20.04, shell: sh, artifact: 'SDL-ubuntu20.04' }
- { name: Intel oneAPI (Ubuntu 20.04), os: ubuntu-20.04, shell: bash, artifact: 'SDL-ubuntu20.04-oneapi', intel: true,
source_cmd: 'source /opt/intel/oneapi/setvars.sh; export CC=icx; export CXX=icx;'}
- { name: Intel Compiler (Ubuntu 20.04), os: ubuntu-20.04, shell: bash, artifact: 'SDL-ubuntu20.04-icc', intel: true, cmake: '-DSDL_CLANG_TIDY=OFF',
source_cmd: 'source /opt/intel/oneapi/setvars.sh; export CC=icc; export CXX=icpc; export CFLAGS=-diag-disable=10441; export CXXFLAGS=-diag-disable=10441; '}
- { name: Ubuntu 22.04, os: ubuntu-22.04, shell: sh, artifact: 'SDL-ubuntu22.04' }
- { name: MacOS (Framework), os: macos-latest, shell: sh, cmake: '-DCMAKE_OSX_ARCHITECTURES="x86_64;arm64" -DSDL_FRAMEWORK=ON -DSDL_CLANG_TIDY=OFF', skip_test_pkgconfig: true, artifact: 'SDL-macos-framework' }
- { name: MacOS (GNU prefix), os: macos-latest, shell: sh, cmake: '-DCMAKE_OSX_ARCHITECTURES="x86_64" -DCLANG_TIDY_BINARY="$(brew --prefix llvm)/bin/clang-tidy"', artifact: 'SDL-macos-gnu' }
steps:
- name: Set up MSYS2
if: matrix.platform.shell == 'msys2 {0}'
uses: msys2/setup-msys2@v2
with:
msystem: ${{ matrix.platform.msystem }}
install: >-
${{ matrix.platform.msys-env }}-cc
${{ matrix.platform.msys-env }}-cmake
${{ matrix.platform.msys-env }}-ninja
${{ matrix.platform.msys-env }}-pkg-config
${{ matrix.platform.msys-env }}-clang-tools-extra
- name: Setup Linux dependencies
if: runner.os == 'Linux'
run: |
sudo apt-get update
sudo apt-get install build-essential git \
pkg-config cmake ninja-build gnome-desktop-testing libasound2-dev libpulse-dev \
libaudio-dev libjack-dev libsndio-dev libsamplerate0-dev libx11-dev libxext-dev \
libxrandr-dev libxcursor-dev libxfixes-dev libxi-dev libxss-dev libwayland-dev \
libxkbcommon-dev libdrm-dev libgbm-dev libgl1-mesa-dev libgles2-mesa-dev \
libegl1-mesa-dev libdbus-1-dev libibus-1.0-dev libudev-dev fcitx-libs-dev
- name: Setup extra Ubuntu 22.04 dependencies
if: matrix.platform.os == 'ubuntu-22.04'
run: |
sudo apt-get install libpipewire-0.3-dev libdecor-0-dev
- name: Setup Macos dependencies
if: runner.os == 'macOS'
run: |
brew install \
ninja \
pkg-config \
llvm
- name: Setup Intel oneAPI
if: matrix.platform.intel
run: |
# Setup oneAPI repo
wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS-2023.PUB
sudo apt-key add GPG-PUB-KEY-INTEL-SW-PRODUCTS-2023.PUB
sudo echo "deb https://apt.repos.intel.com/oneapi all main" | sudo tee /etc/apt/sources.list.d/oneAPI.list
sudo apt-get update -y
# Install oneAPI
sudo apt-get install -y intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic
- uses: actions/checkout@v3
- name: Check that versioning is consistent
# We only need to run this once: arbitrarily use the Linux/CMake build
if: "runner.os == 'Linux'"
run: ./build-scripts/test-versioning.sh
- name: Configure (CMake)
run: |
${{ matrix.platform.source_cmd }}
cmake -S . -B build -G Ninja \
-Wdeprecated -Wdev -Werror \
-DSDL_SHARED=ON \
-DSDL_STATIC=ON \
-DSDL_TESTS=ON \
-DSDL_WERROR=ON \
-DSDL_INSTALL_TESTS=ON \
-DSDL_VENDOR_INFO="Github Workflow" \
-DSDL_CLANG_TIDY=ON \
-DCMAKE_INSTALL_PREFIX=cmake_prefix \
-DCMAKE_BUILD_TYPE=Release \
${{ matrix.platform.cmake }}
- name: Build (CMake)
run: |
${{ matrix.platform.source_cmd }}
cmake --build build/ --config Release --verbose --parallel
- name: Run build-time tests (CMake)
run: |
set -eu
${{ matrix.platform.source_cmd }}
export SDL_TESTS_QUICK=1
ctest -VV --test-dir build/
if test "${{ runner.os }}" = "Linux"; then
# This should show us the SDL_REVISION
strings build/libSDL3.so.0 | grep SDL-
fi
- name: Install (CMake)
run: |
set -eu
${{ matrix.platform.source_cmd }}
cmake --install build/ --config Release
( cd cmake_prefix; find . ) | LC_ALL=C sort -u
- name: Package (CPack)
run: |
cmake --build build/ --config Release --target package
- name: Verify CMake configuration files
run: |
${{ matrix.platform.source_cmd }}
cmake -S cmake/test -B cmake_config_build -G Ninja \
-DTEST_SHARED=ON \
-DTEST_STATIC=ON \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_PREFIX_PATH=$(echo "${{ github.workspace }}/cmake_prefix" | sed -e 's#\\#/#g')
cmake --build cmake_config_build --verbose
- name: Verify sdl3.pc
if: ${{ !matrix.platform.skip_test_pkgconfig }}
run: |
${{ matrix.platform.source_cmd }}
export PKG_CONFIG_PATH=$(echo "${{ github.workspace }}/cmake_prefix/lib/pkgconfig" | sed -e 's#\\#/#g')
cmake/test/test_pkgconfig.sh
- uses: actions/upload-artifact@v3
with:
if-no-files-found: error
name: ${{ matrix.platform.artifact }}
path: build/dist/SDL3*