Fix security issues with ci/cd (#66) #233
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This starter workflow is for a CMake project running on multiple platforms. There is a different starter workflow if you just want a single platform. | |
# See: https://github.com/actions/starter-workflows/blob/main/ci/cmake-single-platform.yml | |
name: CMake on multiple platforms | |
on: | |
push: | |
branches: ["main"] | |
pull_request: | |
branches: ["main"] | |
jobs: | |
build: | |
runs-on: ${{ matrix.os }} | |
env: | |
VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite" | |
strategy: | |
# Set fail-fast to false to ensure that feedback is delivered for all matrix combinations. Consider changing this to true when your workflow is stable. | |
fail-fast: false | |
# Set up a matrix to run the following 3 configurations: | |
# 1. <Windows, Release, latest MSVC compiler toolchain on the default runner image, default generator> | |
# 2. <Linux, Release, latest GCC compiler toolchain on the default runner image, default generator> | |
# 3. <Linux, Release, latest Clang compiler toolchain on the default runner image, default generator> | |
# | |
# To add more build types (Release, Debug, RelWithDebInfo, etc.) customize the build_type list. | |
matrix: | |
os: [ubuntu-24.04, ubuntu-22.04, ubuntu-20.04] | |
build_type: [Release] | |
c_compiler: [clang] | |
include: | |
- os: ubuntu-24.04 | |
c_compiler: gcc-12 | |
cpp_compiler: g++-12 | |
arm_c_compiler: aarch64-linux-gnu-gcc-12 | |
arm_cpp_compiler: aarch64-linux-gnu-g++-12 | |
- os: ubuntu-24.04 | |
c_compiler: clang | |
cpp_compiler: clang++ | |
arm_c_compiler: clang | |
arm_cpp_compiler: clang++ | |
- os: ubuntu-22.04 | |
c_compiler: gcc | |
cpp_compiler: g++ | |
arm_c_compiler: aarch64-linux-gnu-gcc | |
arm_cpp_compiler: aarch64-linux-gnu-g++ | |
- os: ubuntu-22.04 | |
c_compiler: clang | |
cpp_compiler: clang++ | |
arm_c_compiler: clang | |
arm_cpp_compiler: clang++ | |
- os: ubuntu-20.04 | |
c_compiler: gcc | |
cpp_compiler: g++ | |
arm_c_compiler: aarch64-linux-gnu-gcc | |
arm_cpp_compiler: aarch64-linux-gnu-g++ | |
- os: ubuntu-20.04 | |
c_compiler: clang | |
cpp_compiler: clang++ | |
arm_c_compiler: aarch64-linux-gnu-gcc | |
arm_cpp_compiler: aarch64-linux-gnu-g++ | |
- os: windows-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
persist-credentials: false | |
- name: Install cross compiler | |
if: ${{ Contains(matrix.os, 'ubuntu-22.04') || Contains(matrix.os, 'ubuntu-20.04')}} | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y g++-aarch64-linux-gnu gcc-aarch64-linux-gnu libstdc++6-arm64-cross linux-libc-dev-arm64-cross | |
- name: Install gcc-12 | |
if: ${{ Contains(matrix.os, 'ubuntu-24.04') }} | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y g++-12-aarch64-linux-gnu gcc-12-aarch64-linux-gnu gcc-12 g++-12 g++-aarch64-linux-gnu gcc-aarch64-linux-gnu libstdc++6-arm64-cross linux-libc-dev-arm64-cross | |
- name: Setup vcpkg | |
uses: lukka/run-vcpkg@v11 | |
id: runvcpkg | |
with: | |
# The vcpkg.json file, which will be part of cache key computation. | |
vcpkgJsonGlob: "**/src/vcpkg.json" | |
- name: Build using CMake on Linux for amd64 | |
if: ${{ Contains(matrix.os, 'ubuntu') }} | |
run: > | |
./build_plugin_x64.sh | |
-DCMAKE_CXX_COMPILER=${{ matrix.cpp_compiler }} | |
-DCMAKE_C_COMPILER=${{ matrix.c_compiler }} | |
- name: Cleanup Build | |
if: ${{ Contains(matrix.os, 'ubuntu') }} | |
run: > | |
rm -r ../nx-lyve-cloud-plugin-build/ | |
- name: Build using CMake on Linux for arm64 | |
if: ${{ Contains(matrix.os, 'ubuntu') }} | |
run: > | |
./build_plugin_arm64.sh | |
-DCMAKE_CXX_COMPILER=${{ matrix.arm_cpp_compiler }} | |
-DCMAKE_C_COMPILER=${{ matrix.arm_c_compiler }} | |
- name: Build using CMake on Windows | |
shell: powershell | |
if: ${{ Contains(matrix.os, 'windows') }} | |
run: > | |
./build_plugin.bat | |
--no-tests |