build: add missing makefile dep & syntax improvements #1501

Workflow file for this run

.github/workflows/build-extra.yml at 204c45a

	name: Build-extra CI

	on:
	push:
	paths-ignore:
	- '.github/ISSUE_TEMPLATE/*'
	- 'contrib/syntax/**'
	- 'contrib/vim/**'
	- 'etc/**'
	- 'src/man/*.in'
	- .git-blame-ignore-revs
	- .github/dependabot.yml
	- .github/pull_request_template.md
	- .github/workflows/build.yml
	- .github/workflows/codeql-analysis.yml
	- .github/workflows/profile-checks.yml
	- .gitignore
	- .gitlab-ci.yml
	- CONTRIBUTING.md
	- COPYING
	- README
	- README.md
	- RELNOTES
	- SECURITY.md
	- src/firecfg/firecfg.config
	pull_request:
	paths-ignore:
	- '.github/ISSUE_TEMPLATE/*'
	- 'contrib/syntax/**'
	- 'contrib/vim/**'
	- 'etc/**'
	- 'src/man/*.in'
	- .git-blame-ignore-revs
	- .github/dependabot.yml
	- .github/pull_request_template.md
	- .github/workflows/build.yml
	- .github/workflows/codeql-analysis.yml
	- .github/workflows/profile-checks.yml
	- .gitignore
	- .gitlab-ci.yml
	- CONTRIBUTING.md
	- COPYING
	- README
	- README.md
	- RELNOTES
	- SECURITY.md
	- src/firecfg/firecfg.config

	permissions: # added using https://github.com/step-security/secure-workflows
	contents: read

	jobs:
	build-clang:
	runs-on: ubuntu-22.04
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
	with:
	egress-policy: block
	allowed-endpoints: >
	archive.ubuntu.com:80
	azure.archive.ubuntu.com:80
	github.com:443
	packages.microsoft.com:443
	ppa.launchpadcontent.net:443
	security.ubuntu.com:80
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
	- name: update package information
	run: sudo apt-get update -qy
	- name: install dependencies
	run: >
	sudo apt-get install -qy
	libapparmor-dev libselinux1-dev
	- name: print env
	run: ./ci/printenv.sh
	- name: configure
	run: >
	CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor
	--enable-selinux
	\|\| (cat config.log; exit 1)
	- name: make
	run: make
	- name: make install
	run: sudo make install
	- name: print version
	run: command -V firejail && firejail --version
	scan-build:
	runs-on: ubuntu-22.04
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
	with:
	egress-policy: block
	allowed-endpoints: >
	archive.ubuntu.com:80
	azure.archive.ubuntu.com:80
	github.com:443
	packages.microsoft.com:443
	ppa.launchpadcontent.net:443
	security.ubuntu.com:80
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
	- name: update package information
	run: sudo apt-get update -qy
	- name: install clang-tools-14 and dependencies
	run: >
	sudo apt-get install -qy
	clang-tools-14 libapparmor-dev libselinux1-dev
	- name: print env
	run: ./ci/printenv.sh
	- name: configure
	run: >
	CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor
	--enable-selinux
	\|\| (cat config.log; exit 1)
	- name: scan-build
	run: scan-build-14 --status-bugs make
	cppcheck:
	runs-on: ubuntu-22.04
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
	with:
	egress-policy: block
	allowed-endpoints: >
	archive.ubuntu.com:80
	azure.archive.ubuntu.com:80
	github.com:443
	packages.microsoft.com:443
	ppa.launchpadcontent.net:443
	security.ubuntu.com:80
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
	- name: update package information
	run: sudo apt-get update -qy
	- name: install cppcheck
	run: sudo apt-get install -qy cppcheck
	- run: cppcheck --version
	- name: cppcheck
	run: >
	cppcheck -q --force --error-exitcode=1 --enable=warning,performance
	-i src/firejail/checkcfg.c -i src/firejail/main.c .
	# new cppcheck version currently chokes on checkcfg.c and main.c, therefore
	# scan all files also with older cppcheck version from ubuntu 20.04.
	cppcheck_old:
	runs-on: ubuntu-20.04
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
	with:
	egress-policy: block
	allowed-endpoints: >
	archive.ubuntu.com:80
	azure.archive.ubuntu.com:80
	github.com:443
	packages.microsoft.com:443
	ppa.launchpad.net:80
	ppa.launchpadcontent.net:443
	security.ubuntu.com:80
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
	- name: update package information
	run: sudo apt-get update -qy
	- name: install cppcheck
	run: sudo apt-get install -qy cppcheck
	- run: cppcheck --version
	- name: cppcheck
	run: cppcheck -q --force --error-exitcode=1 --enable=warning,performance .
	codespell:
	runs-on: ubuntu-22.04
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
	with:
	egress-policy: block
	allowed-endpoints: >
	archive.ubuntu.com:80
	azure.archive.ubuntu.com:80
	github.com:443
	packages.microsoft.com:443
	ppa.launchpadcontent.net:443
	security.ubuntu.com:80
	- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
	- name: update package information
	run: sudo apt-get update -qy
	- name: install dependencies
	run: sudo apt-get install -qy codespell
	- run: codespell --version
	- name: codespell
	run: make codespell

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build: add missing makefile dep & syntax improvements #1501

Workflow file

build: add missing makefile dep & syntax improvements #1501

Jobs

Run details

Workflow file for this run