Skip to content

Create codeql.yml #1355

Create codeql.yml

Create codeql.yml #1355

Workflow file for this run

name: CI
on:
push:
branches: [ master ]
tags:
- 'v*'
pull_request:
branches: [ master ]
env:
QtVersion: 6.6.3
QtTools: 'tools_ifw'
QtKey: "6.6.3-ifw46"
BuildType: RelWithDebInfo
cmakeConfigure: "cmake -S. -Bbuild -DDEMOS=ON -DQT_DEFAULT_MAJOR_VERSION=6 -DCMAKE_BUILD_TYPE=RelWithDebInfo -G Ninja -DSBOM_LINT=ON"
debianRequirments: "build-essential git zlib1g-dev cmake doxygen graphviz qt6-tools-dev qt6-tools-dev-tools qt6-l10n-tools qt6-declarative-dev qt6-base-dev libqt6svg6-dev qt6-base-dev-tools qt6-translations-l10n libqt6core5compat6-dev libgl1-mesa-dev rename devscripts ninja-build clang"
jobs:
precheck:
name: Job Info
runs-on: ubuntu-latest
outputs:
version: ${{ steps.checkbuild.outputs.version }}
steps:
- name: Run Info
id: checkbuild
run: |
if [[ "$GITHUB_REF" == *"tags/v"* ]]; then
VER="$GITHUB_REF_NAME"
else
VER="continuous"
fi
echo "version=$VER" >> $GITHUB_OUTPUT
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v4
with:
args: spdx
deb_builder:
name: debianBuilder-${{matrix.config.name}}
runs-on: ${{matrix.config.os}}
strategy:
fail-fast: false
matrix:
config:
- {
name: jammy
, os: ubuntu-22.04
, debArch: amd64
}
steps:
- uses: sithlord48/[email protected]
- run: git fetch --tags --force
- name: Install Dependencies
run: |
sudo apt-get update -y > /dev/null
sudo apt-get install -qqq ${{env.debianRequirments}} > /dev/null
pip install --user ntia-conformance-checker
pip install --user spdx-tools
- name: Build
run: |
${{env.cmakeConfigure}} -DCMAKE_INSTALL_PREFIX=/usr -DCPACK_DEBIAN_PACKAGE_RELEASE=${{github.run_attempt}}~${{matrix.config.name}} -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++
cmake --build build
cpack -G DEB -C ${{env.BuildType}} --config build/CPackConfig.cmake
- name: Upload
uses: actions/upload-artifact@v4
with:
name: debian-artifacts-${{matrix.config.name}}
path: libff7tk*.deb
main_build:
name: ${{ matrix.config.name }}
runs-on: ${{ matrix.config.os }}
needs: precheck
strategy:
fail-fast: false
matrix:
config:
- {
name: "Linux-x86_64"
, os: ubuntu-20.04
, QT_INST_DIR: /opt, Qt_TOOL_PATH: "/opt/Qt/Tools/QtInstallerFramework/4.6"
, extraCmakeConfig: "-DCMAKE_INSTALL_LIBDIR=lib -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++"
}
- {
name: "MacOS"
, os: macos-latest
, QT_INST_DIR: /Users/runner, Qt_TOOL_PATH: "/Users/runner/Qt/Tools/QtInstallerFramework/4.6"
, extraCmakeConfig: "-DCMAKE_OSX_ARCHITECTURES=\"arm64;x86_64\""
}
- {
name: "Windows-x64"
, os: windows-2019
, QT_INST_DIR: "C:", Qt_TOOL_PATH: "C:/Qt/Tools/QtInstallerFramework/4.6"
, extraCmakeConfig: "-DZLIB_ROOT=C:/zlib"
}
steps:
- uses: sithlord48/[email protected]
- run: git fetch --tags --force
- name: Cache Zlib
id: cache-zlib
if: runner.os == 'Windows'
uses: actions/cache@v4
with:
path: C:/zlib
key: ${{ runner.os }}${{ matrix.config.WIN_ARCH }}-zlib-1.3
- name: Cache Chocolatey
id: cache-choco
if: (runner.os == 'Windows')
uses: actions/cache@v4
with:
path: |
C:/ProgramData/chocolatey/bin/
C:/ProgramData/chocolatey/lib/ninja
C:/ProgramData/chocolatey/lib/doxygen.install
C:/ProgramData/chocolatey/lib/Graphviz
C:/Program*/doxygen/
C:/Program*/Graphviz/
key: cache-chocolatey${{ matrix.config.WIN_ARCH }}-zlib-1-3
- name: Setup MSVC Shell For Windows
if: runner.os == 'Windows'
uses: ilammy/msvc-dev-cmd@v1
- name: Install Dependencies
if: ((runner.os == 'Windows') && (steps.cache-choco.outputs.cache-hit != 'true')) || (runner.os != 'Windows')
shell: bash
run: |
if [ "$RUNNER_OS" == "Linux" ]; then
sudo apt-get update > /dev/null && sudo apt-get install -qqq doxygen graphviz devscripts libxkbcommon-x11-0 ninja-build clang > /dev/null
elif [ "$RUNNER_OS" == "Windows" ]; then
choco install ninja doxygen.install graphviz
else
brew install doxygen graphviz ninja
fi
- name: Install Qt
uses: jurplel/install-qt-action@v4
with:
dir: ${{matrix.config.QT_INST_DIR}}
version: ${{ env.QtVersion }}
modules: qt5compat
cache: true
cache-key-prefix: ${{runner.os}}-${{env.WIN_ARCH}}-${{env.QtKey}}
tools: ${{env.QtTools}}
- name: Build Zlib For Windows
if: (runner.os == 'Windows') && (steps.cache-zlib.outputs.cache-hit != 'true')
run: |
git clone -q --branch=v1.3 https://github.com/madler/zlib ${{github.workspace}}\zlib-git
cmake -S${{github.workspace}}\zlib-git -B${{github.workspace}}\zlib-git\build -G Ninja -DCMAKE_BUILD_TYPE=Release -DCMAKE_INSTALL_PREFIX=C:/zlib
cmake --build ${{github.workspace}}\zlib-git\build --config Release
cmake --install ${{github.workspace}}\zlib-git\build --strip
- name: Update Windows Paths
if: (runner.os == 'Windows')
run: |
echo "C:\zlib\bin\" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
echo "C:\Program Files\doxygen\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
echo "C:\Program Files\Graphviz\bin" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
echo "C:\Python312" | Out-File -FilePath $env:GITHUB_PATH -Encoding utf8 -Append
- name: Install SPDX Tooling
shell: bash
run: |
pip install --user ntia-conformance-checker
pip install --user spdx-tools
pip install --user reuse
- name: Build ff7tk
run: |
${{env.cmakeConfigure}} -DCPACK_PACKAGE_VERSION="${{ needs.precheck.outputs.version }}" -DCPACK_IFW_ROOT=${{matrix.config.Qt_TOOL_PATH}} ${{matrix.config.extraCmakeConfig}}
cmake --build build --config ${{env.BuildType}} --target package
- name: Update Documentation
if: runner.os == 'Linux' && github.ref == 'refs/heads/master'
uses: JamesIves/[email protected]
with:
branch: gh-pages
folder: build/docs/html
- name: Upload
uses: actions/upload-artifact@v4
with:
name: artifact-${{matrix.config.name}}
path: |
${{ github.workspace }}/build/ff7tk[-_]*.*
${{ github.workspace }}/build/libff7tk[-_]*.*
container_build:
# The host should always be linux
runs-on: ubuntu-latest
name: Linux-${{matrix.config.arch}}-${{matrix.config.name}}
needs: precheck
strategy:
fail-fast: false
matrix:
config:
- {
name: "jammy"
, arch: aarch64, distro: ubuntu22.04, debArch : arm64
}
- {
name: "jammy"
, arch: armv7, distro: ubuntu22.04, debArch: armhf
}
steps:
- uses: sithlord48/[email protected]
- run: git fetch --tags --force
- uses: uraimo/[email protected]
name: Build artifact
with:
arch: ${{ matrix.config.arch }}
distro: ${{ matrix.config.distro }}
githubToken: ${{ github.token }}
setup: mkdir -p "${PWD}/artifacts"
dockerRunArgs: --volume "${PWD}/artifacts:/artifacts"
shell: /bin/sh
install: |
apt update -y > /dev/null
apt install -y -qqq ${{env.debianRequirments}} python3-pip > /dev/null
pip install --user ntia-conformance-checker
pip install --user spdx-tools
run: |
git config --global --add safe.directory /home/runner/work/ff7tk/ff7tk
${{env.cmakeConfigure}} -DCPACK_PACKAGE_VERSION="${{ needs.precheck.outputs.version }}" -DCPACK_DEBIAN_PACKAGE_RELEASE=${{github.run_attempt}}~${{matrix.config.name}} -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++
cmake --build build --config ${{env.BuildType}} --target package
mv build/ff7tk[-_]*.* .
cpack -G DEB -C ${{env.BuildType}} --config build/CPackConfig.cmake
- name: Upload
uses: actions/upload-artifact@v4
with:
name: container-artifact-${{matrix.config.name}}-${{matrix.config.arch}}
path: |
ff7tk[-_]*.*
libff7tk*.deb
release_assets:
name: Release
needs: [main_build, container_build, deb_builder]
runs-on: ubuntu-latest
steps:
- name: Download Files
uses: actions/download-artifact@v4
- name: Deploy Continuous
if: (github.ref == 'refs/heads/master') && !(contains(github.ref, '/tags/v'))
uses: crowbarmaster/GH-Automatic-Releases@latest
with:
repo_token: "${{ secrets.DEPLOYTOKEN }}"
automatic_release_tag: "continuous"
prerelease: false
title: "Continuous Build"
files: |
artifact-*/*
container-artifact-*/*
debian-artifacts-*/*
- name: Deploy Release
if: contains(github.ref, '/tags/v')
uses: crowbarmaster/GH-Automatic-Releases@latest
with:
repo_token: "${{ secrets.DEPLOYTOKEN }}"
prerelease: false
files: |
artifact-*/*
container-artifact-*/*
debian-artifacts-*/*