diff options
Diffstat (limited to '.github')
| -rwxr-xr-x | .github/workflows/cibuild-setup-ubuntu.sh | 2 | ||||
| -rw-r--r-- | .github/workflows/cibuild.yml | 2 | ||||
| -rw-r--r-- | .github/workflows/codeql.yml | 50 | ||||
| -rw-r--r-- | .github/workflows/coverity.yml | 2 |
4 files changed, 53 insertions, 3 deletions
diff --git a/.github/workflows/cibuild-setup-ubuntu.sh b/.github/workflows/cibuild-setup-ubuntu.sh index 2c0adb2..e689084 100755 --- a/.github/workflows/cibuild-setup-ubuntu.sh +++ b/.github/workflows/cibuild-setup-ubuntu.sh @@ -7,7 +7,7 @@ PACKAGES=( gettext libssl-dev libdevmapper-dev libpopt-dev uuid-dev libsepol-dev libjson-c-dev libssh-dev libblkid-dev tar libargon2-0-dev libpwquality-dev sharutils dmsetup jq xxd expect keyutils netcat passwd openssh-client sshpass - asciidoctor + asciidoctor meson ninja-build ) COMPILER="${COMPILER:?}" diff --git a/.github/workflows/cibuild.yml b/.github/workflows/cibuild.yml index 2698389..b97bae1 100644 --- a/.github/workflows/cibuild.yml +++ b/.github/workflows/cibuild.yml @@ -17,7 +17,7 @@ jobs: fail-fast: false matrix: env: - - { COMPILER: "gcc", COMPILER_VERSION: "11", RUN_SSH_PLUGIN_TEST: "1" } + - { COMPILER: "gcc", COMPILER_VERSION: "13", RUN_SSH_PLUGIN_TEST: "1" } env: ${{ matrix.env }} steps: - name: Repository checkout diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..f1e22ce --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,50 @@ +name: "CodeQL" + +on: + push: + branches: + - 'main' + - 'wip-luks2' + - 'v2.3.x' + - 'v2.4.x' + +permissions: + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + if: github.repository == 'mbroz/cryptsetup' + concurrency: + group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }} + cancel-in-progress: true + permissions: + actions: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'cpp' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v2 + with: + languages: ${{ matrix.language }} + queries: +security-extended,security-and-quality + config-file: .codeql-config.yml + + - name: Install dependencies + run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh + env: { COMPILER: "gcc", COMPILER_VERSION: "13", RUN_SSH_PLUGIN_TEST: "1" } + + - name: Autobuild + uses: github/codeql-action/autobuild@v2 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v2 diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index edc88e8..eace134 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -17,7 +17,7 @@ jobs: run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh env: COMPILER: "gcc" - COMPILER_VERSION: "11" + COMPILER_VERSION: "13" - name: Install Coverity run: | wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=mbroz/cryptsetup" -O cov-analysis-linux64.tar.gz |