Enable the ability to change the sandboxee's malloc implementation. T… #699
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: fedora-cmake | |
on: [push, pull_request] | |
env: | |
BUILD_TYPE: Release | |
jobs: | |
build: | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- container: fedora:38 | |
compiler: gcc | |
compiler-version: 11 # Only used in cache action so far | |
ignore-errors: true # Stack trace test fails on Fedora (issue #118) | |
runs-on: ubuntu-latest | |
continue-on-error: ${{ matrix.ignore-errors }} | |
env: | |
RUN_CMD: docker exec --tty ${{matrix.compiler}}-build-container | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Cache dependencies | |
uses: actions/cache@v3 | |
with: | |
key: ${{matrix.container}}-${{matrix.compiler}}${{matrix.compiler-version}} | |
path: | | |
${{github.workspace}}/build/_deps | |
- name: Prepare container | |
# Note: For the sandbox tests to work, we need a privileged, unconfined | |
# container that retains its capabilities. | |
run: | | |
docker run --name ${{matrix.compiler}}-build-container \ | |
--tty \ | |
--privileged \ | |
--cap-add ALL \ | |
--security-opt apparmor:unconfined \ | |
-v $GITHUB_WORKSPACE:$GITHUB_WORKSPACE \ | |
-e TERM=dumb \ | |
-e BUILD_TYPE \ | |
-e GITHUB_WORKSPACE \ | |
-d ${{matrix.container}} \ | |
sleep infinity | |
- name: Install build tools | |
run: | | |
$RUN_CMD dnf update -y --quiet | |
$RUN_CMD dnf install -y --quiet \ | |
git make automake patch glibc-static libstdc++-static cmake \ | |
ninja-build python3 python3-pip clang-devel libcap-devel | |
- name: Create Build Environment | |
run: | | |
$RUN_CMD pip3 install --progress-bar=off absl-py 'clang>=13,<14' | |
$RUN_CMD cmake -E make_directory $GITHUB_WORKSPACE/build | |
- name: Configure CMake | |
run: | | |
$RUN_CMD cmake \ | |
-S $GITHUB_WORKSPACE \ | |
-B $GITHUB_WORKSPACE/build \ | |
-G Ninja \ | |
-DCMAKE_BUILD_TYPE=$BUILD_TYPE | |
- name: Build | |
run: | | |
$RUN_CMD cmake \ | |
--build $GITHUB_WORKSPACE/build \ | |
--config $BUILD_TYPE | |
- name: Test | |
run: | | |
$RUN_CMD ctest \ | |
--test-dir $GITHUB_WORKSPACE/build \ | |
-C $BUILD_TYPE \ | |
--output-on-failure \ | |
-R SapiTest |