Add CodeQL Workflow for Code Security Analysis #3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: [push, pull_request] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
Build: | |
name: ${{ matrix.platform.name }} | |
runs-on: ${{ matrix.platform.os }} | |
defaults: | |
run: | |
shell: ${{ matrix.platform.shell }} | |
strategy: | |
fail-fast: false | |
matrix: | |
platform: | |
- { name: Windows (mingw32), os: windows-latest, shell: 'msys2 {0}', msystem: mingw32, msys-env: mingw-w64-i686, artifact: 'SDL-mingw32' } | |
- { name: Windows (mingw64), os: windows-latest, shell: 'msys2 {0}', msystem: mingw64, msys-env: mingw-w64-x86_64, artifact: 'SDL-mingw64' } | |
- { name: Windows (clang32), os: windows-latest, shell: 'msys2 {0}', msystem: clang32, msys-env: mingw-w64-clang-i686, artifact: 'SDL-msys2-clang32' } | |
- { name: Windows (clang64), os: windows-latest, shell: 'msys2 {0}', msystem: clang64, msys-env: mingw-w64-clang-x86_64, artifact: 'SDL-msys2-clang64' } | |
- { name: Windows (ucrt64), os: windows-latest, shell: 'msys2 {0}', msystem: ucrt64, msys-env: mingw-w64-ucrt-x86_64, artifact: 'SDL-msys2-ucrt64' } | |
- { name: Ubuntu 20.04, os: ubuntu-20.04, shell: sh, artifact: 'SDL-ubuntu20.04' } | |
- { name: Intel oneAPI (Ubuntu 20.04), os: ubuntu-20.04, shell: bash, artifact: 'SDL-ubuntu20.04-oneapi', intel: true, | |
source_cmd: 'source /opt/intel/oneapi/setvars.sh; export CC=icx; export CXX=icx;'} | |
- { name: Intel Compiler (Ubuntu 20.04), os: ubuntu-20.04, shell: bash, artifact: 'SDL-ubuntu20.04-icc', intel: true, cmake: '-DSDL_CLANG_TIDY=OFF', | |
source_cmd: 'source /opt/intel/oneapi/setvars.sh; export CC=icc; export CXX=icpc; export CFLAGS=-diag-disable=10441; export CXXFLAGS=-diag-disable=10441; '} | |
- { name: Ubuntu 22.04, os: ubuntu-22.04, shell: sh, artifact: 'SDL-ubuntu22.04' } | |
- { name: MacOS (Framework), os: macos-latest, shell: sh, cmake: '-DCMAKE_OSX_ARCHITECTURES="x86_64;arm64" -DSDL_FRAMEWORK=ON -DSDL_CLANG_TIDY=OFF', skip_test_pkgconfig: true, artifact: 'SDL-macos-framework' } | |
- { name: MacOS (GNU prefix), os: macos-latest, shell: sh, cmake: '-DCMAKE_OSX_ARCHITECTURES="x86_64" -DCLANG_TIDY_BINARY="$(brew --prefix llvm)/bin/clang-tidy"', artifact: 'SDL-macos-gnu' } | |
steps: | |
- name: Set up MSYS2 | |
if: matrix.platform.shell == 'msys2 {0}' | |
uses: msys2/setup-msys2@v2 | |
with: | |
msystem: ${{ matrix.platform.msystem }} | |
install: >- | |
${{ matrix.platform.msys-env }}-cc | |
${{ matrix.platform.msys-env }}-cmake | |
${{ matrix.platform.msys-env }}-ninja | |
${{ matrix.platform.msys-env }}-pkg-config | |
${{ matrix.platform.msys-env }}-clang-tools-extra | |
- name: Setup Linux dependencies | |
if: runner.os == 'Linux' | |
run: | | |
sudo apt-get update | |
sudo apt-get install build-essential git \ | |
pkg-config cmake ninja-build gnome-desktop-testing libasound2-dev libpulse-dev \ | |
libaudio-dev libjack-dev libsndio-dev libsamplerate0-dev libx11-dev libxext-dev \ | |
libxrandr-dev libxcursor-dev libxfixes-dev libxi-dev libxss-dev libwayland-dev \ | |
libxkbcommon-dev libdrm-dev libgbm-dev libgl1-mesa-dev libgles2-mesa-dev \ | |
libegl1-mesa-dev libdbus-1-dev libibus-1.0-dev libudev-dev fcitx-libs-dev | |
- name: Setup extra Ubuntu 22.04 dependencies | |
if: matrix.platform.os == 'ubuntu-22.04' | |
run: | | |
sudo apt-get install libpipewire-0.3-dev libdecor-0-dev | |
- name: Setup Macos dependencies | |
if: runner.os == 'macOS' | |
run: | | |
brew install \ | |
ninja \ | |
pkg-config \ | |
llvm | |
- name: Setup Intel oneAPI | |
if: matrix.platform.intel | |
run: | | |
# Setup oneAPI repo | |
wget https://apt.repos.intel.com/intel-gpg-keys/GPG-PUB-KEY-INTEL-SW-PRODUCTS-2023.PUB | |
sudo apt-key add GPG-PUB-KEY-INTEL-SW-PRODUCTS-2023.PUB | |
sudo echo "deb https://apt.repos.intel.com/oneapi all main" | sudo tee /etc/apt/sources.list.d/oneAPI.list | |
sudo apt-get update -y | |
# Install oneAPI | |
sudo apt-get install -y intel-oneapi-compiler-dpcpp-cpp-and-cpp-classic | |
- uses: actions/checkout@v3 | |
- name: Check that versioning is consistent | |
# We only need to run this once: arbitrarily use the Linux/CMake build | |
if: "runner.os == 'Linux'" | |
run: ./build-scripts/test-versioning.sh | |
- name: Configure (CMake) | |
run: | | |
${{ matrix.platform.source_cmd }} | |
cmake -S . -B build -G Ninja \ | |
-Wdeprecated -Wdev -Werror \ | |
-DSDL_SHARED=ON \ | |
-DSDL_STATIC=ON \ | |
-DSDL_TESTS=ON \ | |
-DSDL_WERROR=ON \ | |
-DSDL_INSTALL_TESTS=ON \ | |
-DSDL_VENDOR_INFO="Github Workflow" \ | |
-DSDL_CLANG_TIDY=ON \ | |
-DCMAKE_INSTALL_PREFIX=cmake_prefix \ | |
-DCMAKE_BUILD_TYPE=Release \ | |
${{ matrix.platform.cmake }} | |
- name: Build (CMake) | |
run: | | |
${{ matrix.platform.source_cmd }} | |
cmake --build build/ --config Release --verbose --parallel | |
- name: Run build-time tests (CMake) | |
run: | | |
set -eu | |
${{ matrix.platform.source_cmd }} | |
export SDL_TESTS_QUICK=1 | |
ctest -VV --test-dir build/ | |
if test "${{ runner.os }}" = "Linux"; then | |
# This should show us the SDL_REVISION | |
strings build/libSDL3.so.0 | grep SDL- | |
fi | |
- name: Install (CMake) | |
run: | | |
set -eu | |
${{ matrix.platform.source_cmd }} | |
cmake --install build/ --config Release | |
( cd cmake_prefix; find . ) | LC_ALL=C sort -u | |
- name: Package (CPack) | |
run: | | |
cmake --build build/ --config Release --target package | |
- name: Verify CMake configuration files | |
run: | | |
${{ matrix.platform.source_cmd }} | |
cmake -S cmake/test -B cmake_config_build -G Ninja \ | |
-DTEST_SHARED=ON \ | |
-DTEST_STATIC=ON \ | |
-DCMAKE_BUILD_TYPE=Release \ | |
-DCMAKE_PREFIX_PATH=$(echo "${{ github.workspace }}/cmake_prefix" | sed -e 's#\\#/#g') | |
cmake --build cmake_config_build --verbose | |
- name: Verify sdl3.pc | |
if: ${{ !matrix.platform.skip_test_pkgconfig }} | |
run: | | |
${{ matrix.platform.source_cmd }} | |
export PKG_CONFIG_PATH=$(echo "${{ github.workspace }}/cmake_prefix/lib/pkgconfig" | sed -e 's#\\#/#g') | |
cmake/test/test_pkgconfig.sh | |
- uses: actions/upload-artifact@v3 | |
with: | |
if-no-files-found: error | |
name: ${{ matrix.platform.artifact }} | |
path: build/dist/SDL3* |