Merge pull request #439 from opengrep/dm/fix-intrafile-flag #1021
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build-test-core-x86 | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - linux/** | |
| paths-ignore: | |
| - '**.md' | |
| pull_request: | |
| branches: | |
| - main | |
| paths-ignore: | |
| - '**.md' | |
| workflow_call: null | |
| workflow_dispatch: null | |
| # concurrency: | |
| # group: ${{ github.workflow }}-${{ github.ref }} | |
| # cancel-in-progress: ${{ github.event_name == 'push' }} | |
| jobs: | |
| build-core: | |
| strategy: | |
| matrix: | |
| ocaml_version: ["5.3.0"] | |
| container: | |
| image: ocamlpro/ocaml:${{ matrix.ocaml_version }} | |
| # NOTE: Can also match the UID between Alpine and Ubuntu users, removing `--user root`. | |
| # See: https://github.com/actions/checkout/issues/956. | |
| # But this suggest to run as root: https://docs.github.com/en/enterprise-server@3.12/actions/sharing-automations/creating-actions/dockerfile-support-for-github-actions#user | |
| options: --user root | |
| runs-on: ubuntu-latest | |
| # env: | |
| # HOME: /home/ocaml # NOTE: Pointless? | |
| steps: | |
| - name: Make checkout speedy | |
| run: git config --global fetch.parallel 50 | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Configure git safedir properly | |
| run: git config --global --add safe.directory $(pwd) | |
| - name: Add system packages | |
| run: | | |
| # gnu tar and zstd needed for cache, see: | |
| # https://github.com/actions/cache/issues/580 | |
| apk add --no-cache build-base zip bash libffi-dev \ | |
| libpsl-static zstd-static libidn2-static \ | |
| libunistring-static tar zstd | |
| - name: Set GHA cache for OPAM | |
| uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # ratchet:actions/cache@v4 | |
| with: | |
| key: ${{ runner.os }}-${{ runner.arch }}-v1-opam-${{ matrix.ocaml_version }}-${{ hashFiles('opam/*.opam') }} | |
| path: _opam | |
| - name: Create switch | |
| run: | | |
| if [ ! -d "_opam" ]; then | |
| opam switch --no-install create . ocaml-system | |
| else | |
| echo "OPAM switch already exists, skipping creation." | |
| fi | |
| eval $(opam env) | |
| opam exec -- ocaml -version | |
| # TODO: Remove `opam update` to make it faster, it's not needed | |
| # for these images since they are frequently updated. | |
| - name: Install dependencies | |
| run: | | |
| eval $(opam env) | |
| # TODO: Try without the scripts/build-static-libcurl.sh part, | |
| # in which case we can embed the new apk deps into the previous | |
| # step and just execute the second command. | |
| make install-deps-ALPINE-for-semgrep-core | |
| make install-deps-for-semgrep-core | |
| - name: Build opengrep-core | |
| run: | | |
| opam exec -- make core | |
| - name: Test opengrep-core | |
| run: | | |
| opam exec -- make core-test | |
| - name: Make artifact for bin/opengrep-core | |
| run: | | |
| mkdir artifacts | |
| cp bin/opengrep-core artifacts/ | |
| tar czf artifacts.tgz artifacts | |
| - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # ratchet:actions/upload-artifact@v4 | |
| with: | |
| name: opengrep-core-x86 | |
| path: artifacts.tgz | |
| build-musllinux-x86: | |
| needs: | |
| - build-core | |
| container: quay.io/pypa/musllinux_1_2_x86_64 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Make checkout speedy | |
| run: git config --global fetch.parallel 50 | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # ratchet:actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - run: | | |
| apk update | |
| apk add --no-cache zip python3 py3-pip py3-virtualenv python3-dev gcc musl-dev | |
| - uses: actions/download-artifact@b14cf4c92620c250e1c074ab0a5800e37df86765 # ratchet:actions/download-artifact@v4 | |
| with: | |
| name: opengrep-core-x86 | |
| - run: | | |
| tar xf artifacts.tgz | |
| cp artifacts/opengrep-core cli/src/semgrep/bin | |
| python3 -m venv venv | |
| . venv/bin/activate | |
| ./scripts/build-wheels.sh | |
| - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # ratchet:actions/upload-artifact@v4 | |
| with: | |
| name: musllinux-x86-wheel | |
| path: cli/dist.zip | |
| build-test-manylinux-x86: | |
| needs: | |
| - build-core | |
| # - build-musllinux-x86 # NOTE: This is not really necessary. | |
| uses: ./.github/workflows/build-test-manylinux.yml |