Skip to content

Bump step-security/harden-runner from 2.4.1 to 2.5.0 (#3783) #947

Bump step-security/harden-runner from 2.4.1 to 2.5.0 (#3783)

Bump step-security/harden-runner from 2.4.1 to 2.5.0 (#3783) #947

Workflow file for this run

name: Build
on:
workflow_dispatch:
push:
branches:
- main
- release/*
pull_request:
branches:
- main
- release/*
concurrency:
# Cancel any workflow currently in progress for the same PR.
# Allow running concurrently with any other commits.
group: build-${{ github.event.pull_request.number || github.sha }}
cancel-in-progress: true
permissions: read-all
jobs:
build-windows:
name: WinUser
needs: []
strategy:
fail-fast: false
matrix:
config: ['Debug', 'Release']
plat: [windows, uwp] # TODO: Support gamecore_console
os: ['windows-2019', 'windows-2022']
arch: [x86, x64, arm64]
tls: [schannel, openssl, openssl3]
static: ['', '-Static']
xdp: ['', '-UseXdp']
exclude:
# OpenSSL doesn't support arm64
- tls: openssl
arch: arm64
# OpenSSL3 doesn't support arm64
- tls: openssl3
arch: arm64
# TODO: FIX: OpenSSL3 build fails with UWP
- plat: uwp
tls: openssl3
# TODO: FIX: Static builds fail with UWP
- plat: uwp
static: '-Static'
# XDP not supported in UWP
- plat: uwp
xdp: '-UseXdp'
# XDP only supports x64 currently
- arch: x86
xdp: '-UseXdp'
# XDP only supports x64 currently
- arch: arm64
xdp: '-UseXdp'
uses: ./.github/workflows/build-reuse-win.yml
with:
config: ${{ matrix.config }}
plat: ${{ matrix.plat }}
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
tls: ${{ matrix.tls }}
static: ${{ matrix.static }}
xdp: ${{ matrix.xdp }}
build-windows-kernel:
name: WinKernel
needs: []
strategy:
fail-fast: false
matrix:
config: ['Debug', 'Release']
plat: [winkernel]
os: ['windows-2019', 'windows-2022']
arch: [x64, arm64]
tls: [schannel]
uses: ./.github/workflows/build-reuse-winkernel.yml
with:
config: ${{ matrix.config }}
plat: ${{ matrix.plat }}
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
tls: ${{ matrix.tls }}
build-ubuntu-cross-compile:
name: UbuntuArm
needs: []
strategy:
fail-fast: false
matrix:
config: ['Debug', 'Release']
plat: [linux]
os: ['ubuntu-20.04', 'ubuntu-22.04']
arch: [arm, arm64]
tls: [openssl, openssl3]
static: ['', '-Static']
uses: ./.github/workflows/build-reuse-unix.yml
with:
config: ${{ matrix.config }}
plat: ${{ matrix.plat }}
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
tls: ${{ matrix.tls }}
static: ${{ matrix.static }}
build-ubuntu:
name: Ubuntu
needs: []
strategy:
fail-fast: false
matrix:
config: ['Debug', 'Release']
plat: [linux, android]
os: ['ubuntu-20.04', 'ubuntu-22.04']
arch: [x86, x64]
tls: [openssl, openssl3]
systemcrypto: ['', '-UseSystemOpenSSLCrypto']
static: ['', '-Static']
clang: ['', '-Clang']
codecheck: ['', '-CodeCheck']
exclude:
# Android doesn't support x86
- plat: android
arch: x86
# Android doesn't use system crypto
- plat: android
systemcrypto: '-UseSystemOpenSSLCrypto'
# No openssl3 system crypto on ubuntu-20.04
- plat: linux
os: 'ubuntu-20.04'
tls: 'openssl3'
systemcrypto: '-UseSystemOpenSSLCrypto'
# No openssl system crypto on ubuntu-22.04
- plat: linux
os: 'ubuntu-22.04'
tls: 'openssl'
systemcrypto: '-UseSystemOpenSSLCrypto'
# Android doesn't use Clang
- plat: android
clang: '-Clang'
# Android doesn't use CodeCheck
- plat: android
codecheck: '-CodeCheck'
# No need to combine SystemCrypto and CodeCheck
- systemcrypto: '-UseSystemOpenSSLCrypto'
codecheck: '-CodeCheck'
# No need to combine Static and CodeCheck
- static: '-Static'
codecheck: '-CodeCheck'
# No need to combine Clang and CodeCheck
- clang: '-Clang'
codecheck: '-CodeCheck'
# Release builds fail with CodeCheck
- config: 'Release'
codecheck: '-CodeCheck'
# Static build can't dynamically link to libcrypto
- systemcrypto: '-UseSystemOpenSSLCrypto'
static: '-Static'
uses: ./.github/workflows/build-reuse-unix.yml
with:
config: ${{ matrix.config }}
plat: ${{ matrix.plat }}
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
tls: ${{ matrix.tls }}
systemcrypto: ${{ matrix.systemcrypto }}
static: ${{ matrix.static }}
clang: ${{ matrix.clang }}
codecheck: ${{ matrix.codecheck }}
build-darwin:
name: MacOs
needs: []
strategy:
fail-fast: false
matrix:
config: ['Debug', 'Release']
plat: [macos, ios]
os: ['macos-12']
arch: [x64, arm64]
tls: [openssl, openssl3]
static: ['', '-Static']
uses: ./.github/workflows/build-reuse-unix.yml
with:
config: ${{ matrix.config }}
plat: ${{ matrix.plat }}
os: ${{ matrix.os }}
arch: ${{ matrix.arch }}
tls: ${{ matrix.tls }}
static: ${{ matrix.static }}
build-nuget:
name: Build Nuget Package
needs: [build-windows]
strategy:
fail-fast: false
matrix:
vec: [
{ plat: "uwp", tls: "openssl", arg: "-UWP" },
{ plat: "windows", tls: "openssl" },
{ plat: "windows", tls: "schannel" },
{ plat: "windows", tls: "openssl", xdp: "-UseXdp", arg: "-XDP" },
{ plat: "windows", tls: "schannel", xdp: "-UseXdp", arg: "-XDP" },
]
runs-on: windows-2022
steps:
- name: Checkout repository
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
- name: Download Build Artifacts
uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615
with:
name: Release-${{ matrix.vec.plat }}-windows-2022-x86-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}
path: artifacts
if_no_artifact_found: ignore
- name: Download Build Artifacts
uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615
with:
name: Release-${{ matrix.vec.plat }}-windows-2022-x64-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}
path: artifacts
if_no_artifact_found: ignore
- name: Download Build Artifacts
uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615
with:
name: Release-${{ matrix.vec.plat }}-windows-2022-arm64-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}
path: artifacts
if_no_artifact_found: ignore
- name: Build Package
shell: pwsh
run: scripts/package-nuget.ps1 -Tls ${{ matrix.vec.tls }} ${{ matrix.vec.arg }} -GHA
- name: Upload build artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
with:
name: Nuget-Release-${{ matrix.vec.plat }}-windows-2022-arm64-${{ matrix.vec.tls }}${{ matrix.vec.xdp }}
path: artifacts/dist/*.nupkg