diff options
Diffstat (limited to '.github/workflows')
-rw-r--r-- | .github/workflows/build-extra.yml | 16 | ||||
-rw-r--r-- | .github/workflows/build.yml | 9 | ||||
-rw-r--r-- | .github/workflows/profile-checks.yml | 18 |
3 files changed, 31 insertions, 12 deletions
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 9db2ec41f..13c575c8b 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml | |||
@@ -68,7 +68,9 @@ jobs: | |||
68 | - name: install dependencies | 68 | - name: install dependencies |
69 | run: sudo apt-get install libapparmor-dev libselinux1-dev | 69 | run: sudo apt-get install libapparmor-dev libselinux1-dev |
70 | - name: configure | 70 | - name: configure |
71 | run: CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor --enable-selinux | 71 | run: > |
72 | CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor | ||
73 | --enable-selinux | ||
72 | - name: make | 74 | - name: make |
73 | run: make | 75 | run: make |
74 | - name: make install | 76 | - name: make install |
@@ -91,7 +93,9 @@ jobs: | |||
91 | - name: install clang-tools-14 and dependencies | 93 | - name: install clang-tools-14 and dependencies |
92 | run: sudo apt-get install clang-tools-14 libapparmor-dev libselinux1-dev | 94 | run: sudo apt-get install clang-tools-14 libapparmor-dev libselinux1-dev |
93 | - name: configure | 95 | - name: configure |
94 | run: CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor --enable-selinux | 96 | run: > |
97 | CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor | ||
98 | --enable-selinux | ||
95 | - name: scan-build | 99 | - name: scan-build |
96 | run: NO_EXTRA_CFLAGS="yes" scan-build-14 --status-bugs make | 100 | run: NO_EXTRA_CFLAGS="yes" scan-build-14 --status-bugs make |
97 | cppcheck: | 101 | cppcheck: |
@@ -110,9 +114,11 @@ jobs: | |||
110 | - name: install cppcheck | 114 | - name: install cppcheck |
111 | run: sudo apt-get install cppcheck | 115 | run: sudo apt-get install cppcheck |
112 | - name: cppcheck | 116 | - name: cppcheck |
113 | run: cppcheck -q --force --error-exitcode=1 --enable=warning,performance -i src/firejail/checkcfg.c -i src/firejail/main.c . | 117 | run: > |
114 | # new cppcheck version currently chokes on checkcfg.c and main.c, therefore scan all files also | 118 | cppcheck -q --force --error-exitcode=1 --enable=warning,performance |
115 | # with older cppcheck version from ubuntu 20.04. | 119 | -i src/firejail/checkcfg.c -i src/firejail/main.c . |
120 | # new cppcheck version currently chokes on checkcfg.c and main.c, therefore | ||
121 | # scan all files also with older cppcheck version from ubuntu 20.04. | ||
116 | cppcheck_old: | 122 | cppcheck_old: |
117 | runs-on: ubuntu-20.04 | 123 | runs-on: ubuntu-20.04 |
118 | steps: | 124 | steps: |
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 429fb5807..4af788044 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml | |||
@@ -64,9 +64,14 @@ jobs: | |||
64 | - name: update package information | 64 | - name: update package information |
65 | run: sudo apt-get update | 65 | run: sudo apt-get update |
66 | - name: install dependencies | 66 | - name: install dependencies |
67 | run: sudo apt-get install gcc-12 libapparmor-dev libselinux1-dev expect xzdec whois bridge-utils | 67 | run: > |
68 | sudo apt-get install | ||
69 | gcc-12 libapparmor-dev libselinux1-dev expect xzdec whois | ||
70 | bridge-utils | ||
68 | - name: configure | 71 | - name: configure |
69 | run: CC=gcc-12 ./configure --prefix=/usr --enable-fatal-warnings --enable-analyzer --enable-apparmor --enable-selinux | 72 | run: > |
73 | CC=gcc-12 ./configure --prefix=/usr --enable-fatal-warnings | ||
74 | --enable-analyzer --enable-apparmor --enable-selinux | ||
70 | - name: make | 75 | - name: make |
71 | run: make | 76 | run: make |
72 | - name: make install | 77 | - name: make install |
diff --git a/.github/workflows/profile-checks.yml b/.github/workflows/profile-checks.yml index 64069f917..4981b3c69 100644 --- a/.github/workflows/profile-checks.yml +++ b/.github/workflows/profile-checks.yml | |||
@@ -35,11 +35,19 @@ jobs: | |||
35 | 35 | ||
36 | - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab | 36 | - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab |
37 | # - name: sort.py | 37 | # - name: sort.py |
38 | # run: ./ci/check/profiles/sort.py etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile | 38 | # run: > |
39 | # ./ci/check/profiles/sort.py | ||
40 | # etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile | ||
39 | # Currently broken (see #5610) | 41 | # Currently broken (see #5610) |
40 | # - name: private-etc-always-required.sh | 42 | # - name: private-etc-always-required.sh |
41 | # run: ./ci/check/profiles/private-etc-always-required.sh etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile | 43 | # run: > |
44 | # ./ci/check/profiles/private-etc-always-required.sh | ||
45 | # etc/inc/*.inc etc/{profile-a-l,profile-m-z}/*.profile | ||
42 | - name: sort-disable-programs.sh | 46 | - name: sort-disable-programs.sh |
43 | run: ./ci/check/profiles/sort-disable-programs.sh etc/inc/disable-programs.inc | 47 | run: > |
48 | ./ci/check/profiles/sort-disable-programs.sh | ||
49 | etc/inc/disable-programs.inc | ||
44 | - name: sort-firecfg.config.sh | 50 | - name: sort-firecfg.config.sh |
45 | run: ./ci/check/profiles/sort-firecfg.config.sh src/firecfg/firecfg.config | 51 | run: > |
52 | ./ci/check/profiles/sort-firecfg.config.sh | ||
53 | src/firecfg/firecfg.config | ||