-
Notifications
You must be signed in to change notification settings - Fork 29
104 lines (89 loc) · 3.33 KB
/
codeql.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# CodeQL static analysis
name: CodeQL
# Due to lower score on Scorecard we're running this separately from
# "PR/push" workflow. For some reason permissions weren't properly set
# or recognized (by Scorecard). If Scorecard changes its behavior we can
# go back to use 'workflow_call' trigger.
on:
push:
branches-ignore:
- 'dependabot/**'
pull_request:
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
env:
BUILD_DIR : "${{github.workspace}}/build"
INSTL_DIR : "${{github.workspace}}/../install-dir"
jobs:
analyze:
name: Analyze
permissions:
security-events: write
env:
VCPKG_PATH: "${{github.workspace}}/build/vcpkg/packages/hwloc_x64-windows;${{github.workspace}}/build/vcpkg/packages/tbb_x64-windows;${{github.workspace}}/build/vcpkg/packages/jemalloc_x64-windows"
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, windows-latest]
include:
- os: ubuntu-latest
# Windows doesn't recognize 'CMAKE_BUILD_TYPE', it uses '--config' param in build command
extra_build_option: '-DCMAKE_BUILD_TYPE=Release'
- os: windows-latest
runs-on: ${{matrix.os}}
steps:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
fetch-depth: 0
- name: Setup newer Python
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
with:
python-version: "3.10"
- name: Initialize CodeQL
uses: github/codeql-action/init@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3.23.2
with:
languages: cpp
- name: Initialize vcpkg
if: ${{ matrix.os == 'windows-latest' }}
uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5
with:
vcpkgGitCommitId: 3dd44b931481d7a8e9ba412621fa810232b66289
vcpkgDirectory: ${{env.BUILD_DIR}}/vcpkg
vcpkgJsonGlob: '**/vcpkg.json'
- name: Install dependencies
if: ${{ matrix.os == 'windows-latest' }}
run: vcpkg install
shell: pwsh # Specifies PowerShell as the shell for running the script.
- name: Install apt packages
if: matrix.os == 'ubuntu-latest'
run: |
sudo apt-get update
sudo apt-get install -y cmake clang libhwloc-dev libnuma-dev libjemalloc-dev libtbb-dev
# Latest distros do not allow global pip installation
- name: Install Python requirements in venv
run: |
python3 -m venv .venv
. .venv/bin/activate
echo "$PATH" >> $GITHUB_PATH
python3 -m pip install -r third_party/requirements.txt
- name: Configure CMake
run: >
cmake
-B ${{env.BUILD_DIR}}
${{matrix.extra_build_option}}
-DCMAKE_INSTALL_PREFIX="${{env.INSTL_DIR}}"
-DCMAKE_PREFIX_PATH="${{env.VCPKG_PATH}}"
-DUMF_FORMAT_CODE_STYLE=OFF
-DUMF_DEVELOPER_MODE=ON
-DUMF_BUILD_LIBUMF_POOL_JEMALLOC=ON
-DUMF_BUILD_LEVEL_ZERO_PROVIDER=ON
-DUMF_BUILD_CUDA_PROVIDER=ON
-DUMF_TESTS_FAIL_ON_SKIP=ON
- name: Build
run: cmake --build ${{env.BUILD_DIR}} --config Release -j
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3.23.2