diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fc2a184f0d..856360254a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -6,9 +6,9 @@ name: Gating # events but only for the main branch on: push: - branches: [ '*' ] + branches: [ maint-1.3 ] pull_request: - branches: [ main, maint-1.3 ] + branches: [ maint-1.3 ] # A workflow run is made up of one or more jobs that can run sequentially or in parallel @@ -21,7 +21,7 @@ jobs: strategy: matrix: - os: [ubuntu-20.04, ubuntu-latest] + os: [ubuntu-22.04] # Steps represent a sequence of tasks that will be executed as part of the job steps: @@ -51,10 +51,10 @@ jobs: ctest --output-on-failure build-fedora: - name: Build, Test on Fedora Latest (Container) + name: Build, Test on Fedora 40 (Container) runs-on: ubuntu-latest container: - image: fedora:latest + image: fedora:40 steps: - name: Install Deps run: dnf install -y cmake git dbus-devel GConf2-devel libacl-devel libblkid-devel libcap-devel libcurl-devel libgcrypt-devel libselinux-devel libxml2-devel libxslt-devel libattr-devel make openldap-devel pcre2-devel perl-XML-Parser perl-XML-XPath perl-devel python3-devel python3-dbusmock rpm-devel swig bzip2-devel gcc-c++ libyaml-devel xmlsec1-devel xmlsec1-openssl-devel hostname bzip2 lua rpm-build which strace python3-pytest @@ -65,120 +65,10 @@ jobs: - name: Build working-directory: ./build run: | - cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DWITH_PCRE2=True ../ - make all - - name: Test - working-directory: ./build - run: | - export $(dbus-launch) - ctest --output-on-failure - - build-fedora-nss: - name: Build with NSS, Test on Fedora Latest (Container) - runs-on: ubuntu-latest - container: - image: fedora:latest - steps: - - name: Install Deps - run: dnf install -y cmake git dbus-devel GConf2-devel libacl-devel libblkid-devel libcap-devel libcurl-devel nss-devel libselinux-devel libxml2-devel libxslt-devel libattr-devel make openldap-devel pcre2-devel perl-XML-Parser perl-XML-XPath perl-devel python3-devel python3-dbusmock rpm-devel swig bzip2-devel gcc-c++ libyaml-devel xmlsec1-devel xmlsec1-openssl-devel hostname bzip2 lua rpm-build which strace python3-pytest - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - name: Build - working-directory: ./build - run: | - cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DWITH_PCRE2=True -DWITH_CRYPTO=nss ../ + cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo ../ make all - name: Test working-directory: ./build run: | export $(dbus-launch) ctest --output-on-failure - - build-macos: - # The type of runner that the job will run on - name: Build, Test on macOS Latest - runs-on: macos-latest - - # Steps represent a sequence of tasks that will be executed as part of the job - steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v3 - - # Runs a single command using the runners shell - - name: Install Deps - run: | - # Unlink and re-link to prevent errors when GitHub Mac runner images - # install Python outside of Brew: - brew list -1 | grep python | while read formula; do brew unlink $formula; brew link --overwrite $formula; done - brew update - brew install doxygen - brew install opendbx - brew install pkg-config - brew install popt - brew install swig - brew install libxmlsec1 - brew install openssl - brew install pcre2 - - # Runs a set of commands using the runners shell - - name: Build - run: | - cd $GITHUB_WORKSPACE/build - cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo -DWITH_PCRE2=True -DENABLE_PROBES=False ../ - make all - - - name: Test - run: | - cd $GITHUB_WORKSPACE/build - echo "Tests are so broken for macOS :(" - build-windows: - name: Build on Windows - runs-on: windows-latest - env: - VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite" - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Checkout vcpkg - uses: actions/checkout@v3 - with: - path: ${{ github.workspace }}/vcpkg - repository: microsoft/vcpkg - fetch-depth: 1 - - - name: Bootstrap vcpkg - shell: pwsh - run: "${{ github.workspace }}\\vcpkg\\scripts\\bootstrap.ps1 -disableMetrics" - - - name: Export GitHub Actions cache environment variables - uses: actions/github-script@v7 - with: - script: | - core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || ''); - core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || ''); - - - name: Install Deps - run: "${{ github.workspace }}\\vcpkg\\vcpkg.exe install curl libxml2 libxslt bzip2 pcre pthreads zlib getopt-win32 xmlsec --triplet x64-windows" - - - name: Configure - working-directory: ./build - run: cmake -DCMAKE_BUILD_TYPE=Release -DENABLE_PYTHON3=FALSE -DCMAKE_TOOLCHAIN_FILE=${{ github.workspace }}/vcpkg/scripts/buildsystems/vcpkg.cmake .. - - - name: Build - run: cmake --build . --config Release - working-directory: ./build - - - name: Package - run: cpack - working-directory: build - - - name: Upload Artifacts - uses: actions/upload-artifact@v4 - with: - name: openscap-win64 - path: |- - build\OpenSCAP*.msi - build\OpenSCAP*.msi.sha512 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 07c829a5a5..345f67dcef 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -2,7 +2,7 @@ name: "CodeQL" on: push: - branches: [ 'maint-1.3', 'maint-1.2', 'master' ] + branches: [ 'maint-1.3' ] pull_request: # The branches below must be a subset of the branches above branches: [ 'maint-1.3' ] @@ -54,6 +54,6 @@ jobs: make all - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 with: category: "/language:${{matrix.language}}" diff --git a/.packit.yaml b/.packit.yaml index e16f647f94..634e2ffab7 100644 --- a/.packit.yaml +++ b/.packit.yaml @@ -15,7 +15,6 @@ jobs: trigger: pull_request metadata: targets: - - fedora-all-x86_64 - centos-stream-8-x86_64 - centos-stream-9-x86_64 @@ -23,7 +22,6 @@ jobs: trigger: pull_request metadata: targets: - - fedora-all-x86_64 - centos-stream-8-x86_64 - centos-stream-9-x86_64