# Builds the project with alternative tools.

name: Build-extra

on:
  push:
    paths:
      - 'm4/**'
      - 'src/**.c'
      - 'src/**.h'
      - 'src/**.mk'
      - 'src/**Makefile'
      - .github/workflows/build-extra.yml
      - Makefile
      - ci/printenv.sh
      - config.mk.in
      - config.sh.in
      - configure
      - configure.ac
  pull_request:
    paths:
      - 'm4/**'
      - 'src/**.c'
      - 'src/**.h'
      - 'src/**.mk'
      - 'src/**Makefile'
      - .github/workflows/build-extra.yml
      - Makefile
      - ci/printenv.sh
      - config.mk.in
      - config.sh.in
      - configure
      - configure.ac

permissions:  # added using https://github.com/step-security/secure-workflows
  contents: read

jobs:
  build-clang:
    runs-on: ubuntu-22.04
    steps:
    - name: Harden Runner
      uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09
      with:
        egress-policy: block
        allowed-endpoints: >
          archive.ubuntu.com:80
          azure.archive.ubuntu.com:80
          github.com:443
          packages.microsoft.com:443
          ppa.launchpadcontent.net:443
          security.ubuntu.com:80
    - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
    - name: update package information
      run: sudo apt-get update -qy
    - name: install dependencies
      run: >
        sudo apt-get install -qy
        libapparmor-dev libselinux1-dev
    - name: print env
      run: ./ci/printenv.sh
    - name: configure
      run: >
        CC=clang-14 ./configure --enable-fatal-warnings --enable-apparmor
        --enable-selinux
        || (cat config.log; exit 1)
    - name: make
      run: make
    - name: make install
      run: sudo make install
    - name: print version
      run: command -V firejail && firejail --version