Skip to content

Commit

Permalink
Use Github Actions CodeQL tests
Browse files Browse the repository at this point in the history
IB-7528

Signed-off-by: Raul Metsma <raul@metsma.ee>
  • Loading branch information
metsma committed Jan 13, 2023
1 parent 3692eac commit 8b4e776
Show file tree
Hide file tree
Showing 23 changed files with 309 additions and 109 deletions.
50 changes: 47 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,6 @@ on: [push, pull_request]
permissions:
contents: read
env:
RUN_TESTS: ALL
BUILD_NUMBER: ${{ github.run_number }}
MAKEFLAGS: -j3
jobs:
Expand All @@ -24,7 +23,7 @@ jobs:
run: |
brew update
brew install doxygen boost xsd || brew link --overwrite xsd
brew unlink xerces-c python@3.10
brew unlink xerces-c python@3.10 python@3.11
- name: Cache
uses: actions/cache@v3
id: cache
Expand Down Expand Up @@ -52,7 +51,7 @@ jobs:
run: sudo ln -s $PWD/cache/* /Library/
- name: Build macOS
if: matrix.target == 'osx'
run: ./build-library.sh all pkcs11sign zipdebug embedlibs pkgbuild
run: ./build-library.sh test pkcs11sign zipdebug embedlibs pkgbuild
- name: Build ${{ matrix.target }}
if: matrix.target != 'osx'
run: |
Expand Down Expand Up @@ -251,3 +250,48 @@ jobs:
--form version=master \
--form description="Github Actions CI build" \
https://scan.coverity.com/builds?project=$PROJECTNAME
codeql:
name: Run CodeQL tests
if: github.repository == 'open-eid/libdigidocpp'
runs-on: ubuntu-20.04
permissions:
security-events: write
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Install dependencies
run: sudo apt update -qq && sudo apt install --no-install-recommends -y cmake vim-common xsdcxx libxml-security-c-dev zlib1g-dev curl ca-certificates
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: cpp
queries: +security-and-quality
- name: Build
run: |
cmake -B build -S . \
-DSWIG_EXECUTABLE=NOTFOUND \
-DBoost_INCLUDE_DIR=NOTFOUND \
-DDOXYGEN_EXECUTABLE=NOTFOUND \
-DBUILD_TOOLS=NO
cmake --build build
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
upload: False
output: sarif-results
- name: Filter results
uses: advanced-security/filter-sarif@develop
with:
patterns: |
-src/json.hpp
-src/minizip/*
-build/src/xml/*
-**:cpp/poorly-documented-function
input: sarif-results/cpp.sarif
output: sarif-results/cpp.sarif
- name: Upload results
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: sarif-results/cpp.sarif
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@
## Building
[![Build Status](https://github.com/open-eid/libdigidocpp/workflows/CI/badge.svg?branch=master)](https://github.com/open-eid/libdigidocpp/actions)
[![Coverity Scan Build Status](https://scan.coverity.com/projects/727/badge.svg)](https://scan.coverity.com/projects/727)
[![LGTM alerts](https://img.shields.io/lgtm/alerts/g/open-eid/libdigidocpp.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/open-eid/libdigidocpp/alerts/)

### Ubuntu, Fedora

Expand Down
22 changes: 12 additions & 10 deletions build-library.sh
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,6 @@ case "$@" in
-DCMAKE_C_COMPILER_WORKS=yes \
-DCMAKE_CXX_COMPILER_WORKS=yes \
-DCMAKE_OSX_SYSROOT=${SYSROOT} \
-DIOS=YES \
-DFRAMEWORK=off \
-DUSE_KEYCHAIN=off \
-DSWIG_EXECUTABLE=NOTFOUND \
Expand All @@ -97,17 +96,20 @@ case "$@" in
export MACOSX_DEPLOYMENT_TARGET
esac

rm -rf ${TARGET}
mkdir -p ${TARGET}
cd ${TARGET}
cmake \
cmake --fresh -B ${TARGET} -S . \
-DCMAKE_BUILD_TYPE="RelWithDebInfo" \
-DCMAKE_INSTALL_PREFIX=${TARGET_PATH} \
-DCMAKE_OSX_ARCHITECTURES="${ARCHS// /;}" \
-DOPENSSL_ROOT_DIR=${TARGET_PATH} \
-DXercesC_ROOT=${TARGET_PATH} \
${CMAKEARGS} \
..
make
sudo make ${@:2}
cd ..
${CMAKEARGS}
cmake --build ${TARGET} --target all

while test $# -gt 0; do
case "$1" in
android*|*ios*|*mac*|*osx*) ;;
install*) sudo cmake --build ${TARGET} --target $1 ;;
*) cmake --build ${TARGET} --target $1 ;;
esac
shift
done
2 changes: 1 addition & 1 deletion build.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ foreach($platform in @("x86", "x64")) {
"-DXSD_EXECUTABLE=$xsd/bin/xsd.exe" `
"-DSIGNCERT=$sign" `
"-DCROSSSIGNCERT=$crosssign" `
$cmakeext -B $buildpath -S $libdigidocpp "&&" $cmake --build $buildpath --target install
$cmakeext -B $buildpath -S $libdigidocpp "&&" $cmake --build $buildpath --target check install
}
}

Expand Down
1 change: 1 addition & 0 deletions debian/rules
Original file line number Diff line number Diff line change
Expand Up @@ -4,3 +4,4 @@ include /usr/share/cdbs/1/class/cmake.mk
DEB_CMAKE_EXTRA_FLAGS = \
-DCMAKE_INSTALL_SYSCONFDIR="/etc" \
-DCMAKE_INSTALL_LIBDIR="lib/$(DEB_HOST_MULTIARCH)"
DEB_MAKE_CHECK_TARGET = test
21 changes: 21 additions & 0 deletions patches/vcpkg-ports/xerces-c/disable-tests.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4254f89..aa08565 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -175,10 +175,16 @@ install(
COMPONENT "development")

# Process subdirectories
+if(NOT DISABLE_DOC)
add_subdirectory(doc)
+endif()
add_subdirectory(src)
+if(NOT DISABLE_TESTS)
add_subdirectory(tests)
+endif()
+if(NOT DISABLE_SAMPLES)
add_subdirectory(samples)
+endif()

# Display configuration summary
message(STATUS "")
78 changes: 78 additions & 0 deletions patches/vcpkg-ports/xerces-c/portfile.cmake
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
vcpkg_from_github(
OUT_SOURCE_PATH SOURCE_PATH
REPO apache/xerces-c
REF v3.2.4
SHA512 0da61e000e871c045fb6e546cabba244eb6470a7a972c1d1b817ba5ce91c0d1d12dfb3ff1479d8b57ab06c49deefd1c16c36dc2541055e41a1cdb15dbd769fcf
HEAD_REF master
PATCHES
disable-tests.patch
remove-dll-export-macro.patch
)

set(DISABLE_ICU ON)
if("icu" IN_LIST FEATURES)
set(DISABLE_ICU OFF)
endif()
if ("xmlch-wchar" IN_LIST FEATURES)
set(XMLCHTYPE -Dxmlch-type=wchar_t)
endif()

vcpkg_configure_cmake(
SOURCE_PATH ${SOURCE_PATH}
PREFER_NINJA
OPTIONS
-DDISABLE_TESTS=ON
-DDISABLE_DOC=ON
-DDISABLE_SAMPLES=ON
-DCMAKE_DISABLE_FIND_PACKAGE_ICU=${DISABLE_ICU}
-DCMAKE_DISABLE_FIND_PACKAGE_CURL=ON
${XMLCHTYPE}
)

vcpkg_install_cmake()

vcpkg_copy_pdbs()

if(EXISTS ${CURRENT_PACKAGES_DIR}/cmake)
vcpkg_fixup_cmake_targets(CONFIG_PATH cmake TARGET_PATH share/xercesc)
else()
vcpkg_fixup_cmake_targets(CONFIG_PATH lib/cmake/XercesC TARGET_PATH share/xercesc)
endif()

file(READ ${CURRENT_PACKAGES_DIR}/share/xercesc/XercesCConfigInternal.cmake _contents)
string(REPLACE
"get_filename_component(_IMPORT_PREFIX \"\${_IMPORT_PREFIX}\" PATH)\nget_filename_component(_IMPORT_PREFIX \"\${_IMPORT_PREFIX}\" PATH)\nget_filename_component(_IMPORT_PREFIX \"\${_IMPORT_PREFIX}\" PATH)"
"get_filename_component(_IMPORT_PREFIX \"\${_IMPORT_PREFIX}\" PATH)\nget_filename_component(_IMPORT_PREFIX \"\${_IMPORT_PREFIX}\" PATH)"
_contents
"${_contents}"
)
file(WRITE ${CURRENT_PACKAGES_DIR}/share/xercesc/XercesCConfigInternal.cmake "${_contents}")

file(READ ${CURRENT_PACKAGES_DIR}/share/xercesc/XercesCConfig.cmake _contents)
file(WRITE ${CURRENT_PACKAGES_DIR}/share/xercesc/XercesCConfig.cmake "include(CMakeFindDependencyMacro)\nfind_dependency(Threads)\n${_contents}")

configure_file(
${CMAKE_CURRENT_LIST_DIR}/vcpkg-cmake-wrapper.cmake
${CURRENT_PACKAGES_DIR}/share/xercesc
@ONLY
)

file(REMOVE_RECURSE
"${CURRENT_PACKAGES_DIR}/debug/include"
"${CURRENT_PACKAGES_DIR}/debug/share"
)

# Handle copyright
file(INSTALL ${SOURCE_PATH}/LICENSE DESTINATION ${CURRENT_PACKAGES_DIR}/share/${PORT} RENAME copyright)

vcpkg_fixup_pkgconfig()
if (VCPKG_TARGET_IS_WINDOWS AND NOT VCPKG_TARGET_IS_MINGW)
set(pc_file_release "${CURRENT_PACKAGES_DIR}/lib/pkgconfig/xerces-c.pc")
set(pc_file_debug "${CURRENT_PACKAGES_DIR}/debug/lib/pkgconfig/xerces-c.pc")
if(EXISTS "${pc_file_release}")
vcpkg_replace_string("${pc_file_release}" "-lxerces-c" "-lxerces-c_3")
endif()
if(EXISTS "${pc_file_debug}")
vcpkg_replace_string("${pc_file_debug}" "-lxerces-c" "-lxerces-c_3D")
endif()
endif()
27 changes: 27 additions & 0 deletions patches/vcpkg-ports/xerces-c/remove-dll-export-macro.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
diff --git a/src/xercesc/util/XercesDefs.hpp b/src/xercesc/util/XercesDefs.hpp
index 8071260..cd6bd68 100644
--- a/src/xercesc/util/XercesDefs.hpp
+++ b/src/xercesc/util/XercesDefs.hpp
@@ -133,7 +133,7 @@ typedef XMLUInt32 UCS4Ch;
// The DLL_EXPORT flag should be defined on the command line during the build of a DLL
// configure conspires to make this happen.

-#if defined(DLL_EXPORT)
+#if defined(XERCES_DLL_EXPORT)
#if defined(XERCES_BUILDING_LIBRARY)
#define XMLUTIL_EXPORT XERCES_PLATFORM_EXPORT
#define XMLPARSER_EXPORT XERCES_PLATFORM_EXPORT
diff --git a/src/xercesc/util/Xerces_autoconf_config.hpp.cmake.in b/src/xercesc/util/Xerces_autoconf_config.hpp.cmake.in
index e849e08..69fe3bf 100644
--- a/src/xercesc/util/Xerces_autoconf_config.hpp.cmake.in
+++ b/src/xercesc/util/Xerces_autoconf_config.hpp.cmake.in
@@ -85,9 +85,6 @@
#define XERCES_PLATFORM_EXPORT @XERCES_PLATFORM_EXPORT@
#define XERCES_PLATFORM_IMPORT @XERCES_PLATFORM_IMPORT@
#define XERCES_TEMPLATE_EXTERN @XERCES_TEMPLATE_EXTERN@
-#ifdef XERCES_DLL_EXPORT
-# define DLL_EXPORT
-#endif

// ---------------------------------------------------------------------------
// Include standard headers, if available, that we may rely on below.
4 changes: 4 additions & 0 deletions patches/vcpkg-ports/xerces-c/usage
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
The package xerces-c is compatible with built-in CMake targets:

find_package(XercesC REQUIRED)
target_link_libraries(main PRIVATE XercesC::XercesC)
8 changes: 8 additions & 0 deletions patches/vcpkg-ports/xerces-c/vcpkg-cmake-wrapper.cmake
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
_find_package(${ARGS})

if (APPLE)
if (TARGET XercesC::XercesC)
set_property(TARGET XercesC::XercesC APPEND PROPERTY INTERFACE_LINK_LIBRARIES "-framework CoreServices" "-framework CoreFoundation" curl)
list(APPEND XercesC_LIBRARIES "-framework CoreServices" "-framework CoreFoundation" curl)
endif()
endif()
18 changes: 18 additions & 0 deletions patches/vcpkg-ports/xerces-c/vcpkg.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
{
"name": "xerces-c",
"version": "3.2.4",
"description": "Xerces-C++ is a XML parser, for parsing, generating, manipulating, and validating XML documents using the DOM, SAX, and SAX2 APIs.",
"homepage": "https://github.com/apache/xerces-c",
"license": "Apache-2.0",
"features": {
"icu": {
"description": "ICU support",
"dependencies": [
"icu"
]
},
"xmlch-wchar": {
"description": "XMLCh type uses wchar_t"
}
}
}
Loading

0 comments on commit 8b4e776

Please sign in to comment.