mirror of
https://github.com/curl/curl.git
synced 2026-04-13 12:41:42 +08:00
9618c337d1
The `cpp` CodeQL job is adding a cache entry for each run on the master
branch. One for Linux, another for Windows. Size: 68MB + 180MB = 248MB.
In one week we got 50+ such entries, almost filling the available cache
space.
Following the recommendation in an open issue thread, this patch tries
to disable this cache. Since it only affects master, the effect can only
be verified after merging.
The latest cache is picked up in PRs. The performance impact is also to
be seen after merge.
Bug: https://github.com/curl/curl/pull/18528#issuecomment-3288950880
Ref: https://github.com/github/codeql-action/pull/1172
Ref: https://github.com/github/codeql-action/issues/2030
Ref: https://github.com/github/codeql-action/issues/2885#issuecomment-2879069087
Follow-up to cc50f05370 #18528
Closes #18613
133 lines
4.5 KiB
YAML
133 lines
4.5 KiB
YAML
# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
#
|
|
# SPDX-License-Identifier: curl
|
|
|
|
name: 'CodeQL'
|
|
|
|
'on':
|
|
push:
|
|
branches:
|
|
- master
|
|
- '*/ci'
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
- 'winbuild/**'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- '.circleci/**'
|
|
- 'appveyor.*'
|
|
- 'packages/**'
|
|
- 'plan9/**'
|
|
- 'projects/**'
|
|
- 'tests/data/**'
|
|
- 'winbuild/**'
|
|
schedule:
|
|
- cron: '0 0 * * 4'
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
gha_python:
|
|
name: 'GHA and Python'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
security-events: write # To create/update security events
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'initialize'
|
|
uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3
|
|
with:
|
|
languages: actions, python
|
|
queries: security-extended
|
|
|
|
- name: 'perform analysis'
|
|
uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3
|
|
|
|
c:
|
|
name: 'C'
|
|
runs-on: ${{ matrix.platform == 'Linux' && 'ubuntu-latest' || 'windows-2022' }}
|
|
permissions:
|
|
security-events: write # To create/update security events
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform: [Linux, Windows]
|
|
env:
|
|
MATRIX_PLATFORM: '${{ matrix.platform }}'
|
|
steps:
|
|
- name: 'install prereqs'
|
|
if: ${{ matrix.platform == 'Linux' }}
|
|
timeout-minutes: 5
|
|
run: |
|
|
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list
|
|
sudo apt-get -o Dpkg::Use-Pty=0 update
|
|
sudo rm -f /var/lib/man-db/auto-update
|
|
sudo apt-get -o Dpkg::Use-Pty=0 install libpsl-dev libbrotli-dev libidn2-dev libssh2-1-dev libc-ares-dev \
|
|
libnghttp2-dev libldap-dev heimdal-dev librtmp-dev libgnutls28-dev libwolfssl-dev
|
|
/home/linuxbrew/.linuxbrew/bin/brew install gsasl libnghttp3 libngtcp2 mbedtls rustls-ffi
|
|
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
|
|
with:
|
|
persist-credentials: false
|
|
|
|
- name: 'initialize'
|
|
uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3
|
|
with:
|
|
languages: cpp
|
|
build-mode: manual
|
|
trap-caching: false
|
|
|
|
- name: 'build'
|
|
timeout-minutes: 10
|
|
shell: bash
|
|
run: |
|
|
if [ "${MATRIX_PLATFORM}" = 'Windows' ]; then
|
|
cmake -B . -DBUILD_SHARED_LIBS=OFF \
|
|
-DCMAKE_VS_GLOBALS=TrackFileAccess=false \
|
|
-DCURL_USE_SCHANNEL=ON -DCURL_USE_LIBPSL=OFF -DUSE_WIN32_IDN=ON
|
|
cmake --build . --verbose
|
|
src/Debug/curl.exe --disable --version
|
|
else
|
|
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
|
|
|
|
# MultiSSL
|
|
export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix mbedtls)/lib/pkgconfig:$(brew --prefix rustls-ffi)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
|
|
cmake -B _bld1 -G Ninja -DENABLE_DEBUG=ON \
|
|
-DCURL_USE_GNUTLS=ON -DCURL_USE_MBEDTLS=ON -DCURL_USE_RUSTLS=ON -DCURL_USE_WOLFSSL=ON \
|
|
-DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON -DENABLE_ARES=ON
|
|
cmake --build _bld1 --verbose
|
|
cmake --build _bld1 --verbose --target curlinfo
|
|
cmake --build _bld1 --verbose --target servers
|
|
cmake --build _bld1 --verbose --target tunits
|
|
cmake --build _bld1 --verbose --target curl-examples-build
|
|
|
|
# HTTP/3
|
|
export PKG_CONFIG_PATH; PKG_CONFIG_PATH="$(brew --prefix libnghttp3)/lib/pkgconfig:$(brew --prefix libngtcp2)/lib/pkgconfig:$(brew --prefix gsasl)/lib/pkgconfig"
|
|
cmake -B _bld2 -G Ninja \
|
|
-DCURL_USE_OPENSSL=ON -DOPENSSL_ROOT_DIR="$(brew --prefix openssl)" -DUSE_NGTCP2=ON \
|
|
-DUSE_LIBRTMP=ON -DCURL_USE_GSASL=ON -DCURL_USE_GSSAPI=ON -DUSE_SSLS_EXPORT=ON
|
|
cmake --build _bld2 --verbose
|
|
cmake --build _bld2 --verbose --target servers
|
|
|
|
_bld1/src/curl --disable --version
|
|
_bld2/src/curl --disable --version
|
|
fi
|
|
|
|
- name: 'perform analysis'
|
|
uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3
|