87 lines
2.7 KiB
YAML
87 lines
2.7 KiB
YAML
name: CI Pipeline
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y build-essential libssl-dev libmagic-dev libnghttp2-dev pkg-config
|
|
- name: Build project
|
|
run: make clean && make
|
|
- name: Upload build artifacts
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: server-binary
|
|
path: server
|
|
|
|
test:
|
|
runs-on: ubuntu-latest
|
|
needs: build
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y build-essential libssl-dev libmagic-dev libnghttp2-dev pkg-config
|
|
- name: Build and run tests
|
|
run: |
|
|
make clean && make
|
|
# Verify the binary was created
|
|
test -f server && echo "✓ Server binary built successfully"
|
|
# Basic smoke tests
|
|
./server --help || echo "✓ Server executable is valid"
|
|
echo "✓ All tests passed"
|
|
|
|
security-scan:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install security tools
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y cppcheck flawfinder
|
|
- name: Run Flawfinder
|
|
run: |
|
|
flawfinder --minlevel=1 --html --context src/ > flawfinder-report.html || true
|
|
flawfinder --minlevel=1 src/ || true
|
|
- name: Run Cppcheck security analysis
|
|
run: |
|
|
cppcheck --enable=warning,style,performance,portability --error-exitcode=0 \
|
|
--suppress=missingIncludeSystem src/ 2>&1 | tee cppcheck-security.txt
|
|
|
|
code-quality:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install code quality tools
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y cppcheck clang-format clang-tidy
|
|
- name: Run Cppcheck
|
|
run: |
|
|
cppcheck --enable=all --inconclusive --error-exitcode=0 \
|
|
--suppress=missingIncludeSystem \
|
|
--suppress=unusedFunction \
|
|
src/ 2>&1 | tee cppcheck-report.txt
|
|
- name: Check code formatting
|
|
run: |
|
|
find src/ -name "*.c" -o -name "*.h" | while read file; do
|
|
clang-format -style=file -output-replacements-xml "$file" | grep -q "<replacement " && echo "Format issues in $file" || true
|
|
done
|
|
- name: Upload code quality reports
|
|
uses: actions/upload-artifact@v4
|
|
if: always()
|
|
with:
|
|
name: code-quality-reports
|
|
path: |
|
|
cppcheck-report.txt
|