Bump step-security/harden-runner from 2.10.1 to 2.10.2 #4118
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
- release/* | |
pull_request: | |
branches: | |
- main | |
- release/* | |
concurrency: | |
# Cancel any workflow currently in progress for the same PR. | |
# Allow running concurrently with any other commits. | |
group: build-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
permissions: read-all | |
jobs: | |
build-windows: | |
name: WinUser | |
needs: [] | |
strategy: | |
fail-fast: false | |
matrix: | |
config: ['Debug', 'Release'] | |
plat: [windows, uwp] # TODO: Support gamecore_console | |
os: ['windows-2022'] | |
arch: [x86, x64, arm64] | |
tls: [schannel, openssl, openssl3] | |
static: ['', '-Static'] | |
exclude: | |
# OpenSSL doesn't support arm64 | |
- tls: openssl | |
arch: arm64 | |
# OpenSSL3 doesn't support arm64 | |
- tls: openssl3 | |
arch: arm64 | |
# TODO: FIX: OpenSSL3 build fails with UWP | |
- plat: uwp | |
tls: openssl3 | |
# TODO: FIX: Static builds fail with UWP | |
- plat: uwp | |
static: '-Static' | |
uses: ./.github/workflows/build-reuse-win.yml | |
with: | |
config: ${{ matrix.config }} | |
plat: ${{ matrix.plat }} | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
tls: ${{ matrix.tls }} | |
static: ${{ matrix.static }} | |
build-windows-kernel: | |
name: WinKernel | |
needs: [] | |
strategy: | |
fail-fast: false | |
matrix: | |
config: ['Debug', 'Release'] | |
plat: [winkernel] | |
os: ['windows-2022'] | |
arch: [x64, arm64] | |
tls: [schannel] | |
uses: ./.github/workflows/build-reuse-winkernel.yml | |
with: | |
config: ${{ matrix.config }} | |
plat: ${{ matrix.plat }} | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
tls: ${{ matrix.tls }} | |
build-ubuntu-cross-compile: | |
name: UbuntuArm | |
needs: [] | |
strategy: | |
fail-fast: false | |
matrix: | |
config: ['Debug', 'Release'] | |
plat: [linux] | |
os: ['ubuntu-20.04', 'ubuntu-22.04', 'ubuntu-24.04'] | |
arch: [arm, arm64] | |
tls: [openssl, openssl3] | |
static: ['', '-Static'] | |
uses: ./.github/workflows/build-reuse-unix.yml | |
with: | |
config: ${{ matrix.config }} | |
plat: ${{ matrix.plat }} | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
tls: ${{ matrix.tls }} | |
static: ${{ matrix.static }} | |
build-ubuntu: | |
name: Ubuntu | |
needs: [] | |
strategy: | |
fail-fast: false | |
matrix: | |
config: ['Debug', 'Release'] | |
plat: [linux, android] | |
os: ['ubuntu-20.04', 'ubuntu-22.04', 'ubuntu-24.04'] | |
arch: [x86, x64] | |
tls: [openssl, openssl3] | |
systemcrypto: ['', '-UseSystemOpenSSLCrypto'] | |
static: ['', '-Static'] | |
clang: ['', '-Clang'] | |
codecheck: ['', '-CodeCheck'] | |
xdp: ['', '-UseXdp'] | |
exclude: | |
# Android doesn't support x86 | |
- plat: android | |
arch: x86 | |
# Android doesn't use system crypto | |
- plat: android | |
systemcrypto: '-UseSystemOpenSSLCrypto' | |
# TODO: android to support ubuntu-24.04 | |
- plat: android | |
os: 'ubuntu-24.04' | |
# No openssl3 system crypto on ubuntu-20.04 | |
- plat: linux | |
os: 'ubuntu-20.04' | |
tls: 'openssl3' | |
systemcrypto: '-UseSystemOpenSSLCrypto' | |
# No openssl system crypto on ubuntu-22.04 | |
- plat: linux | |
os: 'ubuntu-22.04' | |
tls: 'openssl' | |
systemcrypto: '-UseSystemOpenSSLCrypto' | |
# No openssl system crypto on ubuntu-24.04 | |
- plat: linux | |
os: 'ubuntu-24.04' | |
tls: 'openssl' | |
systemcrypto: '-UseSystemOpenSSLCrypto' | |
# linux xdp is for ubuntu24.04 only for now | |
- plat: android | |
xdp: "-UseXdp" | |
- os: 'ubuntu-20.04' | |
xdp: "-UseXdp" | |
- os: 'ubuntu-22.04' | |
xdp: "-UseXdp" | |
- arch: x86 | |
xdp: "-UseXdp" | |
# Android doesn't use Clang | |
- plat: android | |
clang: '-Clang' | |
# Android doesn't use CodeCheck | |
- plat: android | |
codecheck: '-CodeCheck' | |
# No need to combine SystemCrypto and CodeCheck | |
- systemcrypto: '-UseSystemOpenSSLCrypto' | |
codecheck: '-CodeCheck' | |
# No need to combine Static and CodeCheck | |
- static: '-Static' | |
codecheck: '-CodeCheck' | |
# No need to combine Clang and CodeCheck | |
- clang: '-Clang' | |
codecheck: '-CodeCheck' | |
# Release builds fail with CodeCheck | |
- config: 'Release' | |
codecheck: '-CodeCheck' | |
# Static build can't dynamically link to libcrypto | |
- systemcrypto: '-UseSystemOpenSSLCrypto' | |
static: '-Static' | |
uses: ./.github/workflows/build-reuse-unix.yml | |
with: | |
config: ${{ matrix.config }} | |
plat: ${{ matrix.plat }} | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
tls: ${{ matrix.tls }} | |
systemcrypto: ${{ matrix.systemcrypto }} | |
static: ${{ matrix.static }} | |
clang: ${{ matrix.clang }} | |
codecheck: ${{ matrix.codecheck }} | |
xdp: ${{ matrix.xdp }} | |
build-darwin: | |
name: MacOs | |
needs: [] | |
strategy: | |
fail-fast: false | |
matrix: | |
config: ['Debug', 'Release'] | |
plat: [macos, ios] | |
os: ['macos-13'] | |
arch: [x64, arm64] | |
tls: [openssl, openssl3] | |
static: ['', '-Static'] | |
uses: ./.github/workflows/build-reuse-unix.yml | |
with: | |
config: ${{ matrix.config }} | |
plat: ${{ matrix.plat }} | |
os: ${{ matrix.os }} | |
arch: ${{ matrix.arch }} | |
tls: ${{ matrix.tls }} | |
static: ${{ matrix.static }} | |
build-nuget: | |
name: Build Nuget Package | |
needs: [build-windows] | |
strategy: | |
fail-fast: false | |
matrix: | |
vec: [ | |
{ plat: "uwp", tls: "openssl", arg: "-UWP" }, | |
{ plat: "windows", tls: "openssl" }, | |
{ plat: "windows", tls: "schannel" }, | |
] | |
runs-on: windows-2022 | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
- name: Download Build Artifacts | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 | |
with: | |
name: Release-${{ matrix.vec.plat }}-windows-2022-x86-${{ matrix.vec.tls }} | |
path: artifacts | |
if_no_artifact_found: ignore | |
- name: Download Build Artifacts | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 | |
with: | |
name: Release-${{ matrix.vec.plat }}-windows-2022-x64-${{ matrix.vec.tls }} | |
path: artifacts | |
if_no_artifact_found: ignore | |
- name: Download Build Artifacts | |
uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 | |
with: | |
name: Release-${{ matrix.vec.plat }}-windows-2022-arm64-${{ matrix.vec.tls }} | |
path: artifacts | |
if_no_artifact_found: ignore | |
- name: Build Package | |
shell: pwsh | |
run: scripts/package-nuget.ps1 -Tls ${{ matrix.vec.tls }} ${{ matrix.vec.arg }} -GHA | |
- name: Upload build artifacts | |
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 | |
with: | |
name: Nuget-Release-${{ matrix.vec.plat }}-windows-2022-arm64-${{ matrix.vec.tls }} | |
path: artifacts/dist/*.nupkg | |
Complete: | |
name: Build Complete | |
if: always() | |
needs: [build-windows, build-windows-kernel, build-ubuntu-cross-compile, build-ubuntu, build-darwin, build-nuget] | |
runs-on: ubuntu-latest | |
permissions: {} # No need for any permissions. | |
steps: | |
- name: Decide whether the needed jobs succeeded or failed | |
uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe | |
with: | |
jobs: ${{ toJSON(needs) }} |