64add326f6
Restrict the GitHub token permissions only to the required ones, i.e. just read-only access to the code. This is done in order to reduce the potential harm in case of a malicious pull request, see GitHub blog post at https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com> Closes #22574.
272 lines
9.3 KiB
YAML
272 lines
9.3 KiB
YAML
# CI workflow cross-building wxMSW under Linux.
|
|
name: MSW cross-builds
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '.github/ISSUE_TEMPLATE/**'
|
|
- '.github/workflows/ci.yml'
|
|
- '.github/workflows/ci_cmake.yml'
|
|
- '.github/workflows/ci_mac.yml'
|
|
- '.github/workflows/ci_msw.yml'
|
|
- '.github/workflows/docs_update.yml'
|
|
- 'build/tools/appveyor*.bat'
|
|
- 'distrib/**'
|
|
- 'docs/**'
|
|
- 'interface/**'
|
|
- 'include/msvc/**'
|
|
- 'include/wx/gtk/**'
|
|
- 'include/wx/osx/**'
|
|
- 'locale/**'
|
|
- 'src/gtk/**'
|
|
- 'src/osx/**'
|
|
- '*.md'
|
|
- '*.yml'
|
|
- 'wxwidgets.props'
|
|
pull_request:
|
|
branches:
|
|
- master
|
|
paths-ignore:
|
|
- '.github/ISSUE_TEMPLATE/**'
|
|
- '.github/workflows/ci.yml'
|
|
- '.github/workflows/ci_cmake.yml'
|
|
- '.github/workflows/ci_mac.yml'
|
|
- '.github/workflows/ci_msw.yml'
|
|
- '.github/workflows/docs_update.yml'
|
|
- 'build/tools/appveyor*.bat'
|
|
- 'distrib/**'
|
|
- 'docs/**'
|
|
- 'interface/**'
|
|
- 'include/msvc/**'
|
|
- 'include/wx/gtk/**'
|
|
- 'include/wx/osx/**'
|
|
- 'locale/**'
|
|
- 'src/gtk/**'
|
|
- 'src/osx/**'
|
|
- '*.md'
|
|
- '*.yml'
|
|
- 'wxwidgets.props'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
msw-cross-build:
|
|
# Set up this job to run in a Debian Sid container because it has recent
|
|
# versions of MinGW and Wine and is simpler to test with locally than the
|
|
# bespoke container used by GitHub Actions by default.
|
|
runs-on: ubuntu-latest
|
|
container: debian:testing-slim
|
|
name: ${{ matrix.name }}
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- name: wxMSW 64 bits
|
|
configure_flags: --enable-stl --disable-compat30
|
|
- name: wxMSW 32 bits
|
|
triplet: i686-w64-mingw32
|
|
env:
|
|
wxCONFIGURE_FLAGS: ${{ matrix.configure_flags }}
|
|
|
|
# Default to 64-bit build.
|
|
HOST_TRIPLET: ${{ matrix.triplet || 'x86_64-w64-mingw32' }}
|
|
|
|
# While our tests should run in any locale natively, it seems that Wine
|
|
# requires the locale encoding to be UTF-8 for Unicode file names to work
|
|
# correctly, so set the locale explicitly for it.
|
|
LC_ALL: C.UTF-8
|
|
|
|
# Run all commands as the normal user, created by the first step below.
|
|
#
|
|
# Note that the Bash options used here are the same as for the default
|
|
# shell used by GitHub Actions to minimize any surprises.
|
|
defaults:
|
|
run:
|
|
shell: /usr/bin/setpriv --reuid=runner --regid=adm --clear-groups --inh-caps=-all bash --noprofile --norc -eo pipefail {0}
|
|
|
|
steps:
|
|
- name: Set up container user
|
|
# Specify the default shell explicitly to override the default value above.
|
|
shell: bash
|
|
run: |
|
|
apt-get -q -o=Dpkg::Use-Pty=0 update
|
|
apt-get -q -o=Dpkg::Use-Pty=0 -y install sudo
|
|
|
|
# Create a user with the same UID/GID and name as the existing user
|
|
# outside of the container and allow it using sudo without password.
|
|
useradd --home-dir $HOME --no-create-home --gid adm --uid 1001 runner
|
|
|
|
echo 'runner ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/runner
|
|
|
|
- name: Install prerequisites
|
|
run: |
|
|
packages="git make wine x11-xserver-utils"
|
|
|
|
case "${HOST_TRIPLET}" in
|
|
x86_64-w64-mingw32)
|
|
packages="$packages g++-mingw-w64-x86-64 wine64 xvfb"
|
|
winerun=wine64
|
|
;;
|
|
|
|
i686-w64-mingw32)
|
|
sudo dpkg --add-architecture i386
|
|
sudo apt-get -q -o=Dpkg::Use-Pty=0 update
|
|
packages="$packages g++-mingw-w64-i686 wine32 libgl1:i386 xvfb:i386"
|
|
winerun=wine
|
|
;;
|
|
|
|
*)
|
|
echo "Unknown host triplet \"${HOST_TRIPLET}\"."
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
sudo DEBIAN_FRONTEND=noninteractive apt-get -q -o=Dpkg::Use-Pty=0 -y install $packages
|
|
|
|
echo "wxTEST_RUNNER=${winerun}" >> $GITHUB_ENV
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
with:
|
|
submodules: 'recursive'
|
|
|
|
- name: Install CCache
|
|
uses: hendrikmuhs/ccache-action@578e14bc3f06099346125f52ed0008433eccbedf
|
|
with:
|
|
key: ${{ matrix.name }}
|
|
|
|
- name: System and environment setup
|
|
run: |
|
|
normal_uid=`id --user`
|
|
|
|
# The checkout actions runs as root and there doesn't seem to be any
|
|
# way to change this, so just adjust the owner after checkout.
|
|
sudo chown -R $normal_uid $GITHUB_WORKSPACE
|
|
|
|
# Add the directories containing MinGW and wx DLLs to Wine path.
|
|
winepath="$(winepath --windows $(dirname $(${HOST_TRIPLET}-g++ -print-libgcc-file-name)))"
|
|
winepath="${winepath};$(winepath --windows $(pwd)/lib)"
|
|
echo "WINEPATH=${winepath}" >> $GITHUB_ENV
|
|
|
|
cpu_count=`nproc`
|
|
((cpu_count++))
|
|
echo "wxMAKE_ARGS=-k -j$cpu_count" >> $GITHUB_ENV
|
|
|
|
echo "wxMAKEFILE_ERROR_CXXFLAGS=-Werror -Wno-error=cpp" >> $GITHUB_ENV
|
|
|
|
echo "PATH=/usr/lib/ccache:$PATH" >> $GITHUB_ENV
|
|
|
|
- name: Configure
|
|
run: |
|
|
./configure --host=${HOST_TRIPLET} --disable-sys-libs --disable-optimise --disable-debug_info $wxCONFIGURE_FLAGS || rc=$?
|
|
|
|
if [ -n "$rc" ]; then
|
|
echo '*** Configuring failed, contents of config.log follows: ***'
|
|
echo '-----------------------------------------------------------'
|
|
cat config.log
|
|
echo '-----------------------------------------------------------'
|
|
exit $rc
|
|
fi
|
|
|
|
- name: Build
|
|
run: |
|
|
make $wxMAKE_ARGS "CXXFLAGS=$wxMAKEFILE_ERROR_CXXFLAGS"
|
|
|
|
- name: Build samples
|
|
run: |
|
|
make $wxMAKE_ARGS "CXXFLAGS=$wxMAKEFILE_ERROR_CXXFLAGS" samples
|
|
|
|
- name: Build tests
|
|
working-directory: tests
|
|
run: |
|
|
make $wxMAKE_ARGS failtest
|
|
make $wxMAKE_ARGS "CXXFLAGS=$wxMAKEFILE_ERROR_CXXFLAGS"
|
|
|
|
- name: Launch Xvfb
|
|
run: |
|
|
echo 'Launching Xvfb...'
|
|
sudo mkdir /tmp/.X11-unix
|
|
sudo chmod 1777 /tmp/.X11-unix
|
|
Xvfb :10 -screen 0 1600x1200x24 &
|
|
num_tries=1
|
|
while true; do
|
|
if xset -d :10 -q >/dev/null 2>&1; then
|
|
echo 'Xvfb has become available.'
|
|
# Trying to use it immediately can still result in errors
|
|
# when creating the windows, somehow, so give it some time
|
|
# to settle.
|
|
sleep 3
|
|
break
|
|
fi
|
|
|
|
if [[ $num_tries -gt 10 ]]; then
|
|
echo 'Timed out waiting for Xvfb'
|
|
exit 1
|
|
fi
|
|
|
|
((num_tries++))
|
|
echo "Still waiting for Xvfb (attempt #$num_tries)"
|
|
sleep 3
|
|
done
|
|
echo 'Xvfb is running on display :10'
|
|
echo 'DISPLAY=:10' >> $GITHUB_ENV
|
|
|
|
- name: Run non-GUI tests
|
|
working-directory: tests
|
|
run: |
|
|
# Some tests are currently failing under Wine while they pass under
|
|
# native MSW, just skip running them until they can be dealt with.
|
|
|
|
# As soon as we specify the tests to exclude explicitly, we also need
|
|
# to exclude the tests that are not run by default, so start with this.
|
|
excluded_tests=('~[.]')
|
|
|
|
# There is 1 day difference in creation time under Wine somehow.
|
|
excluded_tests+=('~wxFileName::SetTimes')
|
|
|
|
# Closing the file fails for unknown reason under Wine.
|
|
excluded_tests+=('~FileFunctions::Error')
|
|
|
|
# Sporadic failures due to extra events.
|
|
excluded_tests+=('~wxFileSystemWatcher::EventCreate')
|
|
|
|
# The test fails (even with wxTEST_RUNNER-related changes) and hangs.
|
|
excluded_tests+=('~ExecTestCase')
|
|
|
|
# Wine WinHTTP implementations seems buggy, there are many errors.
|
|
excluded_tests+=('~[webrequest]')
|
|
|
|
$wxTEST_RUNNER ./test "${excluded_tests[@]}"
|
|
|
|
- name: Run GUI tests
|
|
working-directory: tests
|
|
run: |
|
|
# Same as for the non-GUI test above, except many more GUI tests fail
|
|
# under Wine.
|
|
excluded_gui_tests=('~[.]')
|
|
|
|
excluded_gui_tests+=('~BitmapComboBoxTestCase') # TextChangeEvents
|
|
excluded_gui_tests+=('~ClippingBoxTestCase*')
|
|
excluded_gui_tests+=('~ComboBoxTestCase') # TextChangeEvents
|
|
excluded_gui_tests+=('~DatePickerCtrlTestCase') # Range
|
|
excluded_gui_tests+=('~wxEnhMetaFileDC::GetTextExtent')
|
|
excluded_gui_tests+=('~ExecTestCase')
|
|
excluded_gui_tests+=('~wxFont::GetSet')
|
|
excluded_gui_tests+=('~GraphicsPathTestCaseGDIPlus')
|
|
excluded_gui_tests+=('~ImageList*')
|
|
excluded_gui_tests+=('~RadioButton::Focus')
|
|
excluded_gui_tests+=('~SettingsTestCase') # GetFont fails
|
|
excluded_gui_tests+=('~SliderTestCase') # Thumb
|
|
excluded_gui_tests+=('~TransformMatrixTestCase*')
|
|
excluded_gui_tests+=('~TreeCtrlTestCase') # LabelEdit
|
|
excluded_gui_tests+=('~TextCtrlTestCase') # many sub-tests
|
|
excluded_gui_tests+=('~wxTextCtrl::InitialCanUndo')
|
|
excluded_gui_tests+=('~[wxWebView]')
|
|
excluded_gui_tests+=('~Window::PositioningBeyondShortLimit')
|
|
excluded_gui_tests+=('~XRC::LoadURL')
|
|
|
|
$wxTEST_RUNNER ./test_gui "${excluded_gui_tests[@]}"
|