58 analyzer stabilization const correctness cross tu robustness and appcli refactor #163
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| on: | |
| pull_request: | |
| branches: [main] | |
| push: | |
| branches: [main] | |
| workflow_dispatch: | |
| concurrency: | |
| group: ci-${{ github.workflow }}-${{ github.event.pull_request.head.repo.full_name || github.repository }}-${{ github.event.pull_request.head.ref || github.ref_name }} | |
| cancel-in-progress: true | |
| env: | |
| CCACHE_DIR: ${{ github.workspace }}/.ccache | |
| jobs: | |
| build: | |
| name: Build on ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| permissions: | |
| contents: read | |
| security-events: write | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| # Shallow clone is enough for building. Steps that need history | |
| # (changelog, merge-base) should override with their own fetch. | |
| fetch-depth: 1 | |
| # Linux: install toolchain + accelerators | |
| - name: Install dependencies (Linux) | |
| if: runner.os == 'Linux' | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y build-essential cmake python3 \ | |
| ninja-build ccache lld | |
| # Install LLVM and Clang 20 | |
| wget -O - https://apt.llvm.org/llvm-snapshot.gpg.key | sudo apt-key add - | |
| sudo apt-add-repository "deb http://apt.llvm.org/jammy/ llvm-toolchain-jammy-20 main" | |
| sudo apt-get update | |
| sudo apt-get install -y llvm-20 llvm-20-dev clang-20 libclang-20-dev | |
| echo "LLVM_DIR=/usr/lib/llvm-20/lib/cmake/llvm" >> $GITHUB_ENV | |
| echo "Clang_DIR=/usr/lib/llvm-20/lib/cmake/clang" >> $GITHUB_ENV | |
| # macOS: install toolchain | |
| - name: Install dependencies (macOS) | |
| if: runner.os == 'macOS' | |
| run: | | |
| brew install cmake python llvm@20 ninja ccache | |
| echo "LLVM_DIR=$(brew --prefix llvm@20)/lib/cmake/llvm" >> $GITHUB_ENV | |
| echo "Clang_DIR=$(brew --prefix llvm@20)/lib/cmake/clang" >> $GITHUB_ENV | |
| echo "$(brew --prefix llvm@20)/bin" >> $GITHUB_PATH | |
| # ccache: restore + configure | |
| - name: Restore ccache | |
| uses: actions/cache@v4 | |
| with: | |
| path: ${{ env.CCACHE_DIR }} | |
| key: ccache-${{ runner.os }}-${{ github.ref_name }}-${{ hashFiles('CMakeLists.txt', 'src/**', 'include/**') }} | |
| restore-keys: | | |
| ccache-${{ runner.os }}-${{ github.ref_name }}- | |
| ccache-${{ runner.os }}- | |
| - name: Configure ccache | |
| run: | | |
| ccache --set-config=cache_dir=${{ env.CCACHE_DIR }} | |
| ccache --set-config=max_size=500M | |
| ccache --set-config=compression=true | |
| ccache -z | |
| # FetchContent cache (sources only) | |
| - name: Restore FetchContent sources | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| build/_deps/cc-src | |
| build/_deps/coretrace-logger-src | |
| key: fetchcontent-${{ runner.os }}-llvm20-${{ hashFiles('CMakeLists.txt', 'cmake/**') }} | |
| restore-keys: | | |
| fetchcontent-${{ runner.os }}-llvm20- | |
| # Configure | |
| - name: Configure | |
| run: | | |
| cmake -S . -B build -G Ninja \ | |
| -DCMAKE_BUILD_TYPE=Release \ | |
| -DLLVM_DIR=${{ env.LLVM_DIR }} \ | |
| -DClang_DIR=${{ env.Clang_DIR }} \ | |
| -DCMAKE_C_COMPILER_LAUNCHER=ccache \ | |
| -DCMAKE_CXX_COMPILER_LAUNCHER=ccache \ | |
| -DUSE_SHARED_LIB=OFF \ | |
| -DBUILD_TESTS=OFF \ | |
| ${{ runner.os == 'Linux' && '-DCMAKE_EXE_LINKER_FLAGS=-fuse-ld=lld -DCMAKE_SHARED_LINKER_FLAGS=-fuse-ld=lld' || '' }} | |
| # Build | |
| - name: Build | |
| run: cmake --build build --config Release | |
| - name: Show ccache stats | |
| if: always() | |
| run: ccache -s | |
| # Tests | |
| - name: Test Stack Usage Analyzer | |
| timeout-minutes: 45 | |
| run: | | |
| TEST_JOBS="$(python3 -c 'import os; print(max(1, min(8, os.cpu_count() or 1)))')" | |
| echo "Running run_test.py with ${TEST_JOBS} job(s)" | |
| EXTRA_ANALYZER_ARGS="" | |
| CORETRACE_RUN_TEST_EXTRA_ANALYZER_ARGS="${EXTRA_ANALYZER_ARGS}" \ | |
| python3 -u run_test.py --jobs="${TEST_JOBS}" | |
| # Self-analysis (Linux only) | |
| - name: Self-analysis (analyze own source code) | |
| if: runner.os == 'Linux' | |
| run: | | |
| mkdir -p artifacts | |
| python3 scripts/ci/run_code_analysis.py \ | |
| --analyzer build/stack_usage_analyzer \ | |
| --compdb build/compile_commands.json \ | |
| --exclude build/_deps/ \ | |
| --base-dir ${{ github.workspace }} \ | |
| --sarif-out artifacts/self-analysis.sarif \ | |
| --json-out artifacts/self-analysis.json \ | |
| --fail-on error \ | |
| --analyzer-arg=--analysis-profile=fast \ | |
| --analyzer-arg=--resource-summary-cache-memory-only \ | |
| --analyzer-arg=--resource-model=models/resource-lifetime/generic.txt | |
| - name: Upload SARIF to Code Scanning | |
| if: runner.os == 'Linux' && always() && hashFiles('artifacts/self-analysis.sarif') != '' | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: artifacts/self-analysis.sarif | |
| category: coretrace-self-analysis |