Skip to content

added codeql config

added codeql config #1

Workflow file for this run

name: CI
on:
pull_request:
push:
branches:
- auto
jobs:
complete:
if: always()
needs: [fmt, cackle, cargo-deny, rust-check-git-rev-deps, build]
runs-on: ubuntu-latest
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: exit 1
fmt:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: rustup component add rustfmt
- run: rustup update
- run: cargo fmt --all --check
cackle:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: cackle-rs/cackle-action@997327f77e59d9cda7b0b6217f0fbdbd3f3ca904
- run: cargo acl -n test
cargo-deny:
runs-on: ubuntu-latest
strategy:
matrix:
checks:
- advisories
- bans licenses sources
# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}
steps:
- uses: actions/checkout@v3
- uses: EmbarkStudios/cargo-deny-action@1e59595bed8fc55c969333d08d7817b36888f0c5
with:
command: check ${{ matrix.checks }}
# leave arguments empty so we don't test --all-features
# which will see conflicting env versions
arguments:
rust-check-git-rev-deps:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: stellar/actions/rust-check-git-rev-deps@main
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
toolchain: [ "gcc", "clang"]
protocol: ["current", "next"]
scenario: ["", "--check-test-tx-meta"]
steps:
- name: Fix kernel mmap rnd bits
# Asan in llvm provided in ubuntu 22.04 is incompatible with
# high-entropy ASLR in much newer kernels that GitHub runners are
# using leading to random crashes: https://reviews.llvm.org/D148280
run: sudo sysctl vm.mmap_rnd_bits=28
- name: Compute cache key
# this step works around a limitation in actions/cache
# that does not allow updating a cache
# so what we do here instead is
# 1. generate a new id that gets refreshed every hour
# the limit is to reduce the chance of hitting the
# global 5GB limit per repo
# 2. use that id as part of the cache identifier
# 3. fallback (restore-keys) to the most recent cache
id: cache_extra_id
run: |
echo "id=$(( $(date +'%s') / 60 / 60 ))" >> $GITHUB_OUTPUT
- name: Cache
uses: actions/[email protected]
with:
path: |
/home/runner/.ccache
key: ${{ runner.os }}-${{ matrix.toolchain }}-${{ matrix.protocol }}-cacheID-${{ steps.cache_extra_id.outputs.id }}
restore-keys: |
${{ runner.os }}-${{ matrix.toolchain }}-${{ matrix.protocol }}-cacheID-
- uses: actions/[email protected]
with:
fetch-depth: 200
submodules: true
- name: install core packages
run: |
sudo apt-get update
sudo apt-get -y install --no-install-recommends apt-utils dialog git iproute2 procps lsb-release
- name: install tool chain
run: |
sudo apt-get -y install libstdc++-10-dev clang-format-12 ccache lldb
if test "${{ matrix.toolchain }}" = "gcc" ; then
sudo apt-get -y install cpp-10 gcc-10 g++-10
else
sudo apt-get -y install clang-12 llvm-12
fi
- name: install rustup components
run: rustup component add rustfmt
- name: install dependencies
run: sudo apt-get -y install postgresql git build-essential pkg-config autoconf automake libtool bison flex libpq-dev parallel libunwind-dev sed perl
- name: Build
run: |
if test "${{ matrix.toolchain }}" = "gcc" ; then
export CC='gcc'
export CXX='g++'
else
export CC='clang'
export CXX='clang++'
fi
echo Build with $CC and $CXX
./ci-build.sh --use-temp-db --protocol ${{ matrix.protocol }} ${{ matrix.scenario }}