Azreyo
bcdeedb91e
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
116 lines
3.7 KiB
YAML
116 lines
3.7 KiB
YAML
name: CI Pipeline
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y build-essential libssl-dev libmagic-dev libnghttp2-dev pkg-config
|
|
- name: Build project
|
|
run: make clean && make
|
|
- name: Upload build artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: server-binary
|
|
path: server
|
|
|
|
test:
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y build-essential libssl-dev libmagic-dev libnghttp2-dev pkg-config
|
|
- name: Build and run tests
|
|
run: |
|
|
make clean && make
|
|
# Verify the binary was created
|
|
test -f server && echo "✓ Server binary built successfully"
|
|
# Basic smoke tests - verify it's a valid ELF executable
|
|
file server | grep -q "ELF.*executable" && echo "✓ Server executable is valid"
|
|
echo "✓ All tests passed"
|
|
|
|
security-scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install security tools
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y cppcheck flawfinder
|
|
- name: Run Flawfinder
|
|
run: |
|
|
flawfinder --minlevel=1 --html --context src/ > flawfinder-report.html || true
|
|
flawfinder --minlevel=1 src/ || true
|
|
- name: Run Cppcheck security analysis
|
|
run: |
|
|
cppcheck --enable=warning,style,performance,portability --error-exitcode=0 \
|
|
--suppress=missingIncludeSystem src/ 2>&1 | tee cppcheck-security.txt
|
|
|
|
code-quality:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install code quality tools
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y cppcheck clang-format clang-tidy
|
|
- name: Run Cppcheck
|
|
run: |
|
|
cppcheck --enable=all --inconclusive --error-exitcode=0 \
|
|
--suppress=missingIncludeSystem \
|
|
--suppress=unusedFunction \
|
|
src/ 2>&1 | tee cppcheck-report.txt
|
|
- name: Check code formatting
|
|
run: |
|
|
find src/ -name "*.c" -o -name "*.h" | while read file; do
|
|
clang-format -style=file -output-replacements-xml "$file" | grep -q "<replacement " && echo "Format issues in $file" || true
|
|
done
|
|
- name: Upload code quality reports
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: code-quality-reports
|
|
path: |
|
|
cppcheck-report.txt
|
|
|
|
docker-build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Build Docker image
|
|
run: |
|
|
docker build -t carbon-server:test .
|
|
- name: Test Docker container startup
|
|
run: |
|
|
# Start container in background
|
|
docker run -d --name carbon-test -p 8080:8080 carbon-server:test
|
|
# Wait for server to start
|
|
sleep 5
|
|
# Check if container is running
|
|
docker ps | grep carbon-test
|
|
# Test HTTP endpoint
|
|
curl -f http://localhost:8080/ || exit 1
|
|
# Check logs for errors
|
|
docker logs carbon-test
|
|
# Stop container
|
|
docker stop carbon-test
|
|
docker rm carbon-test
|
|
echo "✓ Docker container started and responded successfully"
|