Skip to content

Merge pull request #882 from openzim/release_9.2.1 #1902

Merge pull request #882 from openzim/release_9.2.1

Merge pull request #882 from openzim/release_9.2.1 #1902

Workflow file for this run

name: CI
on:
pull_request:
push:
branches:
- main
jobs:
macOS:
strategy:
fail-fast: false
matrix:
os:
# x86
- macos-13
# arm
- macos-14
target:
- macos-aarch64-dyn
- macos-x86_64-dyn
- ios-arm64-dyn
- ios-x86_64-dyn
include:
- target: macos-aarch64-dyn
arch_name: arm64-apple-macos
run_test: true
- target: macos-x86_64-dyn
arch_name: x86_64-apple-darwin
run_test: true
- target: ios-arm64-dyn
arch_name: aarch64-apple-ios
run_test: false
- target: ios-x86_64-dyn
arch_name: x86-apple-ios-simulator
run_test: false
exclude:
- target: macos-x86_64-dyn
os: macos-14
runs-on: ${{ matrix.os }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Setup Python 3.10
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: '3.10'
- name: Install packages
run: |
brew update
brew install gcovr pkg-config ninja || brew link --overwrite python
- name: Install Python modules
run: pip3 install meson pytest
- name: Install dependencies
uses: kiwix/kiwix-build/actions/dl_deps_archive@804193835086c0bed79f55d4c373302ab729db3d # main
with:
target_platform: ${{ matrix.target }}
- name: Compile
shell: bash
run: |
MESON_OPTION="--default-library=shared"
MESON_CROSSFILE="$HOME/BUILD_${{matrix.arch_name}}/meson_cross_file.txt"
if [ -e $MESON_CROSSFILE ]; then
MESON_OPTION="$MESON_OPTION --cross-file $MESON_CROSSFILE -Dstatic-linkage=true"
cat $MESON_CROSSFILE
fi
export PKG_CONFIG_PATH=$HOME/BUILD_${{matrix.arch_name}}/INSTALL/lib/pkgconfig
meson . build ${MESON_OPTION}
cd build
ninja
- name: Test
if: matrix.run_test
shell: bash
run: |
export LD_LIBRARY_PATH=$HOME/BUILD_${{matrix.arch_name}}/INSTALL/lib:$HOME/BUILD_${{matrix.arch_name}}/INSTALL/lib64
cd build
ninja download_test_data
meson test --verbose
env:
SKIP_BIG_MEMORY_TEST: 1
WAIT_TIME_FACTOR_TEST: 10
Windows:
runs-on: windows-2019
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Checkout code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Setup python 3.10
uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
with:
python-version: '3.10'
- name: Install packages
run:
choco install ninja
- name: Install python modules
run: pip3 install meson
- name: Compile
shell: cmd
run: .github\script\build_libzim.cmd
- name: Test
shell: cmd
run: |
cd build
ninja download_test_data
meson test --verbose
env:
WAIT_TIME_FACTOR_TEST: 10
Linux:
strategy:
fail-fast: false
matrix:
target:
- linux-x86_64-static
- linux-x86_64-dyn
- linux-aarch64-musl-dyn
- linux-aarch64-dyn
- android-arm
- android-arm64
- win32-static
- win32-dyn
- wasm
with_xapian:
- true
- false
include:
- target: linux-x86_64-static
image_variant: focal
lib_postfix: '/x86_64-linux-gnu'
arch_name: linux-x86_64
run_test: true
coverage: true
- target: linux-x86_64-dyn
image_variant: focal
lib_postfix: '/x86_64-linux-gnu'
arch_name: linux-x86_64
run_test: true
coverage: true
- target: linux-aarch64-musl-dyn
image_variant: alpine
lib_postfix: '/x86_64-linux-musl'
arch_name: linux-aarch64-musl
run_test: true
coverage: false
- target: linux-aarch64-dyn
image_variant: focal
lib_postfix: '/aarch64-linux-gnu'
arch_name: aarch64-linux-gnu
run_test: false
coverage: false
- target: android-arm
image_variant: focal
lib_postfix: '/arm-linux-androideabi'
arch_name: arm-linux-androideabi
run_test: false
coverage: false
- target: android-arm64
image_variant: focal
lib_postfix: '/aarch64-linux-android'
arch_name: aarch64-linux-android
run_test: false
coverage: false
- target: win32-static
image_variant: f35
lib_postfix: '64'
arch_name: i686-w64-mingw32
run_test: false
coverage: false
- target: win32-dyn
image_variant: f35
lib_postfix: '64'
arch_name: i686-w64-mingw32
run_test: false
coverage: false
- target: wasm
image_variant: focal
lib_postfix: '/x86_64-linux-gnu'
arch_name: wasm64-emscripten
run_test: false
coverage: false
env:
HOME: /home/runner
runs-on: ubuntu-22.04
container:
image: "ghcr.io/kiwix/kiwix-build_ci_${{matrix.image_variant}}:2023-10-30"
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: Install dependencies
if: ${{ !contains(matrix.target, 'musl') }}
uses: kiwix/kiwix-build/actions/dl_deps_archive@804193835086c0bed79f55d4c373302ab729db3d # main
with:
target_platform: ${{ matrix.target }}
- name: Retrieve source code
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- name: Compile source code
shell: bash
env:
PKG_CONFIG_PATH: ${{env.HOME}}/BUILD_${{matrix.arch_name}}/INSTALL/lib/pkgconfig:${{env.HOME}}/BUILD_${{matrix.arch_name}}/INSTALL/lib${{matrix.lib_postfix}}/pkgconfig
run: |
if [[ "${{matrix.target}}" =~ .*-dyn ]]
then
MESON_OPTION="--default-library=shared"
else
MESON_OPTION="--default-library=static"
fi
if [ -e "${{ env.HOME }}/BUILD_${{ matrix.arch_name }}/meson_cross_file.txt" ]
then
MESON_OPTION="$MESON_OPTION --cross-file ${{ env.HOME }}/BUILD_${{ matrix.arch_name }}/meson_cross_file.txt"
else
MESON_OPTION="$MESON_OPTION -Db_coverage=true"
fi
if [[ "${{matrix.target}}" =~ android_.* ]]
then
MESON_OPTION="$MESON_OPTION -Dstatic-linkage=true -DUSE_BUFFER_HEADER=false"
fi
if [[ "${{matrix.target}}" == wasm ]]
then
MESON_OPTION="$MESON_OPTION -Dexamples=false"
fi
meson setup . build ${MESON_OPTION} -Dwith_xapian=${{matrix.with_xapian}}
cd build
ninja
- name: Run automated tests
shell: bash
if: matrix.run_test
env:
LD_LIBRARY_PATH: "${{env.HOME}}/BUILD_${{matrix.arch_name}}/INSTALL/lib:${{env.HOME}}/BUILD_${{matrix.arch_name}}/INSTALL/lib${{matrix.lib_postfix}}"
SKIP_BIG_MEMORY_TEST: 1
WAIT_TIME_FACTOR_TEST: 10
run: |
cd build
ninja download_test_data
meson test --verbose
if [[ "${{matrix.coverage}}" = "true" ]]; then
ninja coverage
fi
- name: Upload code coverage
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1
if: matrix.coverage
with:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
OSSF-Scorecard:
name: OSSF Scorecard
runs-on: ubuntu-22.04
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
# Uncomment the permissions below if installing in a private repository.
# contents: read
# actions: read
steps:
- name: Harden Runner
uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
with:
egress-policy: audit
- name: "Checkout code"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
with:
results_file: results.sarif
results_format: sarif
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecard on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action?tab=readme-ov-file#authentication-with-fine-grained-pat-optional.
# repo_token: ${{ secrets.SCORECARD_TOKEN }}
# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
publish_results: true
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard (optional).
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
with:
sarif_file: results.sarif