Daily #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Daily | |
permissions: read-all | |
on: | |
# Run on user request | |
workflow_dispatch: | |
inputs: | |
upload_sdl: | |
description: 'Trigger SDL Upload' | |
required: false | |
default: false | |
type: boolean | |
docker_opts: | |
description: 'extra options for docker build' | |
required: false | |
default: '' | |
type: string | |
# Run on schedule | |
schedule: | |
# daily at 8:00 UTC (1:00 MST) | |
- cron: '0 8 * * *' | |
concurrency: | |
# Cancel any existing jobs related to the target branch | |
group: nightly-ci-${{ github.ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
lint: | |
if: true | |
uses: ./.github/workflows/lint.yml | |
with: | |
docker_opts: ${{ inputs.docker_opts }} | |
scorecard: | |
if: true | |
uses: ./.github/workflows/scorecard.yml | |
hadolint: | |
if: true | |
uses: ./.github/workflows/hadolint.yml | |
with: | |
output_prefix: lib- | |
trivy: | |
if: true | |
uses: ./.github/workflows/trivy.yml | |
with: | |
output_prefix: lib- | |
ip-leak-scan: | |
if: true | |
name: IP Leak Scan | |
uses: ./.github/workflows/ipldt.yml | |
secrets: inherit | |
with: | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
source-malware-scan: | |
if: true | |
uses: ./.github/workflows/mcafee.yml | |
secrets: inherit | |
with: | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
coverity: | |
if: true | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
uses: ./.github/workflows/coverity.yml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
output_prefix: lib- | |
extra_opts: --report | |
docker_opts: ${{ inputs.docker_opts }} | |
linux-build: | |
if: true | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: linux | |
build_type: release | |
artifact_name: linux-release-build | |
run_tests: true | |
no_artifacts: false | |
docker_opts: ${{ inputs.docker_opts }} | |
windows-build: | |
if: true | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: windows | |
build_type: release | |
artifact_name: windows-release-build | |
run_tests: true | |
no_artifacts: false | |
docker_opts: ${{ inputs.docker_opts }} | |
windows-malware-scan: | |
if: true | |
needs: [windows-build] | |
uses: ./.github/workflows/mcafee.yml | |
secrets: inherit | |
with: | |
artifact_name: windows-release-build | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
linux-malware-scan: | |
if: true | |
needs: [linux-build] | |
uses: ./.github/workflows/mcafee.yml | |
secrets: inherit | |
with: | |
artifact_name: linux-release-build | |
output_prefix: lib- | |
windows-sscb: | |
if: true | |
needs: [windows-build] | |
uses: ./.github/workflows/sscb.yml | |
with: | |
os: windows | |
artifact_name: windows-release-build | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
linux-sscb: | |
if: true | |
needs: [linux-build] | |
uses: ./.github/workflows/sscb.yml | |
with: | |
os: linux | |
artifact_name: linux-release-build | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
bdba: | |
if: true | |
needs: | |
- linux-build | |
- windows-build | |
uses: ./.github/workflows/bdba.yml | |
with: | |
output_prefix: lib- | |
version: ${{ github.ref_name }} | |
pattern: "*-release-build" | |
docker_opts: ${{ inputs.docker_opts }} | |
secrets: inherit | |
sdl: | |
if: ${{ github.event.inputs.upload_sdl == 'true' }} | |
needs: | |
- linux-build | |
- windows-build | |
- summary | |
- setup-variables | |
uses: ./.github/workflows/sdl.yml | |
with: | |
SUMMARY_ARTIFACT: lib-release-summary | |
label: ${{ needs.setup-variables.outputs.lib_version }} | |
SDLE_PROJECT: ${{vars.SDLE_ID}} | |
SDLE_USER: ${{vars.SDLE_API_USER}} | |
output_prefix: lib- | |
docker_opts: ${{ inputs.docker_opts }} | |
secrets: | |
SDLE_API_KEY: ${{ secrets.SDLE_API_KEY }} | |
# This job configures variables that are useful for other jobs. Other jobs | |
# that depend on this one can access the variables via | |
# needs.setup-variables.outputs.<variable-name> | |
setup-variables: | |
if: true | |
uses: ./.github/workflows/setup-variables.yml | |
secrets: inherit | |
ref-build: | |
if: true | |
needs: setup-variables | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: ${{ matrix.os }} | |
build_type: release | |
artifact_name: ${{ matrix.os }}-ref-build | |
run_tests: false | |
no_artifacts: false | |
ref: ${{ needs.setup-variables.outputs.last_release_ref }} | |
docker_opts: ${{ inputs.docker_opts }} | |
diff-report: | |
if: true | |
needs: [linux-build, windows-build, ref-build] | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [windows, linux] | |
uses: ./.github/workflows/diff.yml | |
with: | |
report_name: ${{ matrix.os }}-lib-diff-report | |
left: ${{ matrix.os }}-ref-build | |
right: ${{ matrix.os }}-release-build | |
linux-tools-build: | |
if: true | |
needs: [linux-build, setup-variables] | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: linux | |
build_type: release | |
artifact_name: linux-tools-build | |
run_tests: false | |
no_artifacts: false | |
repository: ${{ vars.TOOLS_REPO }} | |
ref: ${{ needs.setup-variables.outputs.tools_ref }} | |
dependent_artifact: linux-release-build | |
docker_opts: ${{ inputs.docker_opts }} | |
secrets: | |
token: ${{ secrets.TOOLS_REPO_TOKEN }} | |
windows-tools-build: | |
if: true | |
needs: [windows-build, setup-variables] | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: windows | |
build_type: release | |
artifact_name: windows-tools-build | |
run_tests: false | |
no_artifacts: false | |
repository: ${{ vars.TOOLS_REPO }} | |
ref: ${{ needs.setup-variables.outputs.tools_ref }} | |
dependent_artifact: windows-release-build | |
docker_opts: ${{ inputs.docker_opts }} | |
secrets: | |
token: ${{ secrets.TOOLS_REPO_TOKEN }} | |
windows-acceptance: | |
if: true | |
needs: [windows-build, windows-tools-build, setup-variables] | |
strategy: | |
fail-fast: false | |
matrix: | |
gpu: | |
- gen12.5 | |
config: | |
- release | |
os: | |
- windows | |
uses: ./.github/workflows/acceptance.yml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
build_type: ${{ matrix.config }} | |
lib_artifact: ${{ matrix.os }}-${{ matrix.config }}-build | |
tools_artifact: windows-tools-build | |
gpu: ${{ matrix.gpu }} | |
distro_family: windows | |
distro_version: 11 | |
test_ref: ${{ needs.setup-variables.outputs.test_ref }} | |
docker_opts: ${{ inputs.docker_opts }} | |
linux-acceptance: | |
if: true | |
needs: [linux-build, linux-tools-build, setup-variables] | |
strategy: | |
fail-fast: false | |
matrix: | |
gpu: | |
- gen12.5 | |
distro: | |
- family: ubuntu | |
version: 22.04 | |
config: | |
- release | |
os: | |
- linux | |
uses: ./.github/workflows/acceptance.yml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
build_type: ${{ matrix.config }} | |
lib_artifact: ${{ matrix.os }}-${{ matrix.config }}-build | |
tools_artifact: linux-tools-build | |
gpu: ${{ matrix.gpu }} | |
distro_family: ${{ matrix.distro.family }} | |
distro_version: ${{ matrix.distro.version }} | |
test_ref: ${{ needs.setup-variables.outputs.test_ref }} | |
docker_opts: ${{ inputs.docker_opts }} | |
distro-tests: | |
if: true | |
needs: [linux-build, linux-tools-build, setup-variables] | |
strategy: | |
fail-fast: false | |
matrix: | |
distro: | |
- family: rhel | |
version: 8.6 | |
- family: sles | |
version: 15.4 | |
gpu: | |
- gen12.5 | |
os: | |
- linux | |
config: | |
- release | |
uses: ./.github/workflows/acceptance.yml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
build_type: ${{ matrix.config }} | |
lib_artifact: ${{ matrix.os }}-${{ matrix.config }}-build | |
tools_artifact: linux-tools-build | |
gpu: ${{ matrix.gpu }} | |
distro_family: ${{ matrix.distro.family }} | |
distro_version: ${{ matrix.distro.version }} | |
test_ref: ${{ needs.setup-variables.outputs.test_ref }} | |
docker_opts: ${{ inputs.docker_opts }} | |
debug-build: | |
if: true | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
config: | |
- debug | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: ${{ matrix.os }} | |
build_type: ${{ matrix.config }} | |
artifact_name: ${{ matrix.os }}-${{ matrix.config }}-build | |
run_tests: true | |
docker_opts: ${{ inputs.docker_opts }} | |
tools-debug-build: | |
if: true | |
needs: [debug-build, setup-variables] | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
uses: ./.github/workflows/cmake.yml | |
with: | |
os: ${{ matrix.os }} | |
build_type: debug | |
artifact_name: ${{ matrix.os }}-tools-debug-build | |
run_tests: false | |
no_artifacts: false | |
repository: ${{ vars.TOOLS_REPO }} | |
ref: ${{ needs.setup-variables.outputs.tools_ref }} | |
dependent_artifact: ${{ matrix.os }}-debug-build | |
docker_opts: ${{ inputs.docker_opts }} | |
secrets: | |
token: ${{ secrets.TOOLS_REPO_TOKEN }} | |
debug-acceptance: | |
if: true | |
needs: | |
- setup-variables | |
- debug-build | |
- tools-debug-build | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
gpu: | |
- gen12.5 | |
uses: ./.github/workflows/acceptance.yml | |
secrets: inherit | |
with: | |
os: ${{ matrix.os }} | |
build_type: debug | |
lib_artifact: ${{ matrix.os }}-debug-build | |
tools_artifact: ${{ matrix.os }}-tools-debug-build | |
gpu: ${{ matrix.gpu }} | |
distro_family: ${{ matrix.os == 'linux' && 'ubuntu' || 'windows' }} | |
distro_version: ${{ matrix.os == 'linux' && '22.04' || '11'}} | |
test_ref: ${{ needs.setup-variables.outputs.test_ref }} | |
docker_opts: ${{ inputs.docker_opts }} | |
experimental-off: | |
if: true | |
uses: ./.github/workflows/cmake.yml | |
strategy: | |
fail-fast: false | |
matrix: | |
os: | |
- windows | |
- linux | |
with: | |
os: ${{ matrix.os }} | |
build_type: release | |
run_tests: true | |
no_artifacts: true | |
configure_options: >- | |
-DBUILD_EXPERIMENTAL=OFF | |
docker_opts: ${{ inputs.docker_opts }} | |
linux-performance: | |
if: true | |
needs: | |
- linux-build | |
- ref-build | |
uses: ./.github/workflows/performance.yml | |
with: | |
image: ${{ vars.PERF_DOCKER_IMAGE }} | |
ref_lib_artifact: linux-ref-build | |
lib_artifact: linux-release-build | |
artifact_name: linux-performance | |
summary: | |
if: "always()" | |
needs: | |
- hadolint | |
- trivy | |
- ip-leak-scan | |
- source-malware-scan | |
- coverity | |
- windows-malware-scan | |
- linux-malware-scan | |
- windows-sscb | |
- linux-sscb | |
- bdba | |
- diff-report | |
- windows-acceptance | |
- linux-acceptance | |
- distro-tests | |
- linux-performance | |
uses: ./.github/workflows/summary.yml | |
with: | |
output_prefix: lib- |