Skip to content

github-actions: bump ossf/scorecard-action from 2.1.2 to 2.3.1 #391

github-actions: bump ossf/scorecard-action from 2.1.2 to 2.3.1

github-actions: bump ossf/scorecard-action from 2.1.2 to 2.3.1 #391

Workflow file for this run

name: commit-check
on:
- pull_request
permissions: read-all
env:
DEBIAN_FRONTEND: "noninteractive"
jobs:
check-commits:
name: Commit Check
runs-on: ubuntu-latest
container: ubuntu:20.04
steps:
- name: Caching ~/.cargo
uses: actions/cache@v3.3.1
with:
path: ~/.cargo
key: commit-check-cargo
- name: Install dependencies
run: |
apt update
apt -y install \
libpcre2-dev \
build-essential \
autoconf \
automake \
cargo \
curl \
git \
jq \
libtool \
libpcap-dev \
libnet1-dev \
libyaml-0-2 \
libyaml-dev \
libcap-ng-dev \
libcap-ng0 \
libmagic-dev \
libnetfilter-queue-dev \
libnetfilter-queue1 \
libnfnetlink-dev \
libnfnetlink0 \
libhiredis-dev \
libjansson-dev \
libevent-dev \
libevent-pthreads-2.1-7 \
libjansson-dev \
libpython2.7 \
libssl-dev \
make \
parallel \
pkg-config \
python3-yaml \
rustc \
software-properties-common \
zlib1g \
zlib1g-dev
- run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH
- name: Installing sccache
run: |
(cd /tmp && curl -OL https://github.com/mozilla/sccache/releases/download/0.2.13/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz)
mkdir -p "$HOME/.cargo/bin"
(cd "$HOME/.cargo/bin" && tar xvf /tmp/sccache-0.2.13-x86_64-unknown-linux-musl.tar.gz --strip-components=1 --wildcards '*/sccache')
echo "RUSTC_WRAPPER=sccache" >> $GITHUB_ENV
- name: Install cbindgen
run: |
cd $HOME/.cargo/bin
curl -OL https://github.com/eqrion/cbindgen/releases/download/v0.24.3/cbindgen
chmod 755 cbindgen
- uses: actions/checkout@v3.3.0
with:
fetch-depth: 0
# The action above is supposed to do this for us, but it doesn't appear to stick.
- run: /usr/bin/git config --global --add safe.directory /__w/suricata/suricata
- run: git fetch
- run: git clone https://github.com/OISF/libhtp -b 0.5.x
- name: Building all commits
run: |
echo "Building commits from ${GITHUB_BASE_REF}."
for rev in $(git rev-list --reverse origin/${GITHUB_BASE_REF}...); do
git checkout $rev
echo "Building rev ${rev}" | tee -a build_log.txt
./autogen.sh >> build_log.txt 2>&1
CC="sccache gcc" ./configure --enable-unittests >> build_log.txt 2>&1
if ! make -j2 >> build_log.txt 2>&1; then
echo "::error ::Failed to build rev ${rev}"
tail -n 50 build_log.txt
exit 1
fi
make -ik distclean > /dev/null
done
- run: sccache -s
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
name: Uploading build log
if: always()
with:
name: build_log
path: build_log.txt