Add Sarif reporter (#1178) #40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Ubuntu 26.04 (arm64) CI | |
| env: | |
| CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| on: | |
| push: | |
| branches: ["main"] | |
| tags: ["**"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| build-and-test: | |
| runs-on: ubuntu-24.04-arm | |
| strategy: | |
| matrix: | |
| LLVM_VERSION: [17, 18, 19, 20, 21, 22] | |
| name: Ubuntu 26.04 - LLVM ${{ matrix.LLVM_VERSION }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: ./.github/actions/detect-package-metadata | |
| - uses: ./.github/actions/setup-bazel-cache | |
| with: | |
| BUILDBUDDY_API_KEY: ${{ secrets.BUILDBUDDY_API_KEY }} | |
| PLATFORM: ubuntu-26.04-arm64 | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build, test, package | |
| uses: devcontainers/ci@v0.3 | |
| with: | |
| imageName: ghcr.io/mull-project/internal-ubuntu-arm64_26.04-llvm-${{ matrix.LLVM_VERSION }}-ci | |
| configFile: ./.devcontainer/ubuntu_26.04-llvm-${{ matrix.LLVM_VERSION }}/devcontainer.json | |
| runCmd: | | |
| set -e | |
| mkdir -p packages | |
| bazel test //... | |
| bazel build //:mull_packages --stamp | |
| mv -v bazel-bin/Mull-*.deb packages/ | |
| - name: Publish package | |
| uses: devcontainers/ci@v0.3 | |
| if: env.CLOUDSMITH_API_KEY != null | |
| with: | |
| imageName: ghcr.io/mull-project/internal-ubuntu-arm64_26.04-llvm-${{ matrix.LLVM_VERSION }}-ci | |
| configFile: ./.devcontainer/ubuntu_26.04-llvm-${{ matrix.LLVM_VERSION }}/devcontainer.json | |
| push: never | |
| env: CLOUDSMITH_API_KEY | |
| runCmd: | | |
| bazel run publish --stamp && exit 0 | |
| max_attempts=3 | |
| attempt=1 | |
| until [ "$attempt" -ge "$max_attempts" ] | |
| do | |
| echo "Attempt $attempt failed. Retrying..." | |
| attempt=$((attempt+1)) | |
| bazel run publish --stamp && exit 0 | |
| done | |
| echo "All $max_attempts attempts failed." | |
| exit 1 | |
| - name: Move package | |
| run: | | |
| mkdir -p /tmp/packages | |
| sudo mv -v packages/Mull-*.deb /tmp/packages/ | |
| - uses: ./.github/actions/attach-package | |
| with: | |
| GH_API_KEY: ${{ secrets.GITHUB_TOKEN }} | |
| smoke-test: | |
| needs: [build-and-test] | |
| if: ${{ !cancelled() && needs.build-and-test.result == 'success' }} | |
| runs-on: ubuntu-24.04-arm | |
| name: Smoke test | |
| container: | |
| image: ubuntu:26.04 | |
| steps: | |
| - name: Determine Cloudsmith repo | |
| id: metadata | |
| run: | | |
| if [ "${{ github.event_name }}" = "pull_request" ]; then | |
| echo "cs_repo=testing" >> $GITHUB_OUTPUT | |
| elif echo "${{ github.ref }}" | grep -q "^refs/tags/"; then | |
| echo "cs_repo=stable" >> $GITHUB_OUTPUT | |
| else | |
| echo "cs_repo=nightly" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Install prerequisites | |
| run: apt-get update && apt-get install -y curl ca-certificates | |
| - name: Setup Cloudsmith repo | |
| run: | | |
| curl -1sLf 'https://dl.cloudsmith.io/public/mull-project/mull-${{ steps.metadata.outputs.cs_repo }}/setup.deb.sh' | bash | |
| - name: Install and test all mull packages | |
| run: | | |
| for version in 17 18 19 20 21 22; do | |
| echo "=== Testing LLVM $version ===" | |
| apt-get install -y mull-$version | |
| runner_version=$(mull-runner-$version --version) | |
| echo "$runner_version" | |
| if echo "$runner_version" | grep -q '{STABLE_'; then | |
| echo "ERROR: mull-runner-$version contains unexpanded stamp variable" | |
| exit 1 | |
| fi | |
| reporter_version=$(mull-reporter-$version --version) | |
| echo "$reporter_version" | |
| if echo "$reporter_version" | grep -q '{STABLE_'; then | |
| echo "ERROR: mull-reporter-$version contains unexpanded stamp variable" | |
| exit 1 | |
| fi | |
| done |