From ca317b6b87edc9851e0c590d1e0110ef0802d25a Mon Sep 17 00:00:00 2001 From: Chuck Walbourn Date: Mon, 29 Jul 2024 20:15:54 -0700 Subject: [PATCH] Added GitHub Actions for build and security analysis (#196) --- .github/workflows/codeql.yml | 63 ++++++++++++ .github/workflows/main.yml | 91 ++++++++++++++++++ .github/workflows/msbuild.yml | 62 ++++++++++++ .github/workflows/msbuildex.yml | 117 +++++++++++++++++++++++ .github/workflows/msvc.yml | 60 ++++++++++++ .github/workflows/test.yml | 98 +++++++++++++++++++ CMakePresets.json | 30 +++--- build/DirectXMath-GitHub-CMake-Dev17.yml | 2 +- build/DirectXMath-GitHub-CMake.yml | 4 +- build/DirectXMath-GitHub-Dev17.yml | 25 +---- build/DirectXMath-GitHub-MinGW.yml | 2 + build/DirectXMath-GitHub-WSL.yml | 2 + build/DirectXMath-GitHub.yml | 25 +---- build/DirectXMath-SDL.yml | 2 +- 14 files changed, 524 insertions(+), 59 deletions(-) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/main.yml create mode 100644 .github/workflows/msbuild.yml create mode 100644 .github/workflows/msbuildex.yml create mode 100644 .github/workflows/msvc.yml create mode 100644 .github/workflows/test.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..923be1c --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,63 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: "CodeQL" + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/*.yml + schedule: + - cron: '34 18 * * 6' + +jobs: + analyze: + name: Analyze (C/C++) + runs-on: windows-latest + timeout-minutes: 360 + permissions: + security-events: write + packages: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: 'Install Ninja' + run: choco install ninja + + - uses: ilammy/msvc-dev-cmd@v1 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: c-cpp + build-mode: manual + + - name: 'Configure CMake' + working-directory: ./Tests/headertest + run: cmake --preset=x64-Debug + + - name: 'Build' + working-directory: ./Tests/headertest + run: cmake --build out\build\x64-Debug + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:c-cpp" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..9265d47 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,91 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: 'CMake (Windows)' + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/*.yml + +jobs: + build: + runs-on: ${{ matrix.os }} + + strategy: + fail-fast: false + + matrix: + os: [windows-2019, windows-2022] + build_type: [x64-Debug, x64-Release, x64-Debug-Clang, x64-Release-Clang] + arch: [amd64] + include: + - os: windows-2019 + build_type: x86-Debug + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Release + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Debug-Clang + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Release-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Debug + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Release + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Debug-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Release-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: arm64-Debug + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64-Release + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64ec-Debug + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64ec-Release + arch: amd64_arm64 + + steps: + - uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: 'Install Ninja' + run: choco install ninja + + - uses: ilammy/msvc-dev-cmd@v1 + with: + arch: ${{ matrix.arch }} + + - name: 'Configure CMake' + working-directory: ${{ github.workspace }} + run: cmake --preset=${{ matrix.build_type }} + + - name: 'Build' + working-directory: ${{ github.workspace }} + run: cmake --build out\build\${{ matrix.build_type }} diff --git a/.github/workflows/msbuild.yml b/.github/workflows/msbuild.yml new file mode 100644 index 0000000..ee76839 --- /dev/null +++ b/.github/workflows/msbuild.yml @@ -0,0 +1,62 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: MSBuild + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/* + +permissions: + contents: read + +jobs: + build: + runs-on: windows-${{ matrix.vs }} + + strategy: + fail-fast: false + + matrix: + vs: [2019, 2022] + build_type: [Debug, Release, 'NI Debug', 'NI Release'] + platform: [x86, x64, ARM64] + exclude: + - vs: 2019 + platform: ARM64 + + steps: + - uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: Add MSBuild to PATH + uses: microsoft/setup-msbuild@v2 + + - name: Build math3 + working-directory: ${{ github.workspace }}/Tests/math3 + run: msbuild /m /p:Configuration="${{ matrix.build_type }}" /p:Platform=${{ matrix.platform }} ./math3_${{ matrix.vs }}.sln + + - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release') + name: Build shmath + working-directory: ${{ github.workspace }}/Tests/shmath + run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./shmath_${{ matrix.vs }}.sln + + - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release') + name: Build xdsp + working-directory: ${{ github.workspace }}/Tests/xdsp + run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./XDSPTest_${{ matrix.vs }}.sln diff --git a/.github/workflows/msbuildex.yml b/.github/workflows/msbuildex.yml new file mode 100644 index 0000000..3128553 --- /dev/null +++ b/.github/workflows/msbuildex.yml @@ -0,0 +1,117 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: 'MSBuild (Extended)' + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/* + +permissions: + contents: read + +jobs: + build: + runs-on: windows-${{ matrix.vs }} + + strategy: + fail-fast: false + + matrix: + include: + - vs: 2019 + platform: x86 + build_type: 'AVX Debug' + - vs: 2019 + platform: x64 + build_type: 'AVX Debug' + - vs: 2022 + platform: x86 + build_type: 'AVX Debug' + - vs: 2022 + platform: x64 + build_type: 'AVX Debug' + - vs: 2019 + platform: x86 + build_type: 'AVX2 Debug' + - vs: 2019 + platform: x64 + build_type: 'AVX2 Debug' + - vs: 2022 + platform: x86 + build_type: 'AVX2 Debug' + - vs: 2022 + platform: x64 + build_type: 'AVX2 Debug' + - vs: 2019 + platform: x86 + build_type: 'x87 Debug' + - vs: 2022 + platform: x86 + build_type: 'x87 Debug' + - vs: 2019 + platform: x86 + build_type: 'AVX Release' + - vs: 2019 + platform: x64 + build_type: 'AVX Release' + - vs: 2022 + platform: x86 + build_type: 'AVX Release' + - vs: 2022 + platform: x64 + build_type: 'AVX Release' + - vs: 2019 + platform: x86 + build_type: 'AVX2 Release' + - vs: 2019 + platform: x64 + build_type: 'AVX2 Release' + - vs: 2022 + platform: x86 + build_type: 'AVX2 Release' + - vs: 2022 + platform: x64 + build_type: 'AVX2 Release' + - vs: 2019 + platform: x86 + build_type: 'x87 Release' + - vs: 2022 + platform: x86 + build_type: 'x87 Release' + + steps: + - uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: Add MSBuild to PATH + uses: microsoft/setup-msbuild@v2 + + - name: Build math3 + working-directory: ${{ github.workspace }}/Tests/math3 + run: msbuild /m /p:Configuration="${{ matrix.build_type }}" /p:Platform=${{ matrix.platform }} ./math3_${{ matrix.vs }}.sln + + - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release') + name: Build shmath + working-directory: ${{ github.workspace }}/Tests/shmath + run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./shmath_${{ matrix.vs }}.sln + + - if: (matrix.build_type == 'Debug') || (matrix.build_type == 'Release') + name: Build xdsp + working-directory: ${{ github.workspace }}/Tests/xdsp + run: msbuild /m /p:Configuration=${{ matrix.build_type }} /p:Platform=${{ matrix.platform }} ./XDSPTest_${{ matrix.vs }}.sln diff --git a/.github/workflows/msvc.yml b/.github/workflows/msvc.yml new file mode 100644 index 0000000..418a92e --- /dev/null +++ b/.github/workflows/msvc.yml @@ -0,0 +1,60 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: Microsoft C++ Code Analysis + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/*.yml + schedule: + - cron: '34 20 * * 6' + +permissions: + contents: read + +jobs: + analyze: + permissions: + contents: read + security-events: write + actions: read + name: Analyze + runs-on: windows-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: Configure CMake + working-directory: ./Tests/headertest + run: cmake -B out + + - name: Initialize MSVC Code Analysis + uses: microsoft/msvc-code-analysis-action@v0.1.1 + id: run-analysis + with: + cmakeBuildDirectory: ./Tests/headertest/out + buildConfiguration: Debug + ruleset: NativeRecommendedRules.ruleset + + # Upload SARIF file to GitHub Code Scanning Alerts + - name: Upload SARIF to GitHub + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: ${{ steps.run-analysis.outputs.sarif }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..2be320b --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,98 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. +# +# http://go.microsoft.com/fwlink/?LinkID=615560 + +name: 'CTest (Windows)' + +on: + push: + branches: [ "main" ] + pull_request: + branches: [ "main" ] + paths-ignore: + - '*.md' + - LICENSE + - '.nuget/*' + - build/*.yml + +jobs: + build: + runs-on: ${{ matrix.os }} + timeout-minutes: 20 + + strategy: + fail-fast: false + + matrix: + os: [windows-2019, windows-2022] + build_type: [x64-Debug, x64-Release, x64-Debug-Clang, x64-Release-Clang] + arch: [amd64] + include: + - os: windows-2019 + build_type: x86-Debug + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Release + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Debug-Clang + arch: amd64_x86 + - os: windows-2019 + build_type: x86-Release-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Debug + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Release + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Debug-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: x86-Release-Clang + arch: amd64_x86 + - os: windows-2022 + build_type: arm64-Debug + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64-Release + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64ec-Debug + arch: amd64_arm64 + - os: windows-2022 + build_type: arm64ec-Release + arch: amd64_arm64 + + steps: + - uses: actions/checkout@v4 + + - name: Clone test repository + uses: actions/checkout@v4 + with: + repository: walbourn/directxmathtest + path: Tests + ref: main + + - name: 'Install Ninja' + run: choco install ninja + + - uses: ilammy/msvc-dev-cmd@v1 + with: + arch: ${{ matrix.arch }} + + - name: 'Configure CMake' + working-directory: ${{ github.workspace }} + run: cmake --preset=${{ matrix.build_type }} -DBUILD_TESTING=ON + + - name: 'Build' + working-directory: ${{ github.workspace }} + run: cmake --build out\build\${{ matrix.build_type }} + + - if: (matrix.build_type == 'x64-Release') || (matrix.build_type == 'x86-Release') + timeout-minutes: 10 + name: 'Test' + working-directory: ${{ github.workspace }} + run: ctest --preset=${{ matrix.build_type }} diff --git a/CMakePresets.json b/CMakePresets.json index 7b94cb2..6c92670 100644 --- a/CMakePresets.json +++ b/CMakePresets.json @@ -150,14 +150,14 @@ } }, - { "name": "x64-Debug" , "description": "MSVC for x64 (Debug) - SSE/SSE2", "inherits": [ "base", "x64", "Debug", "MSVC" ] }, - { "name": "x64-Release" , "description": "MSVC for x64 (Release) - SSE/SSE2", "inherits": [ "base", "x64", "Release", "MSVC" ] }, - { "name": "x86-Debug" , "description": "MSVC for x86 (Debug) - SSE/SSE2", "inherits": [ "base", "x86", "Debug", "MSVC" ] }, - { "name": "x86-Release" , "description": "MSVC for x86 (Release) - SSE/SSE2", "inherits": [ "base", "x86", "Release", "MSVC" ] }, - { "name": "arm-Debug" , "description": "MSVC for ARM (Debug) - ARM-NEON", "inherits": [ "base", "ARM", "Debug", "MSVC" ] }, - { "name": "arm-Release" , "description": "MSVC for ARM (Release) - ARM-NEON", "inherits": [ "base", "ARM", "Release", "MSVC" ] }, - { "name": "arm64-Debug" , "description": "MSVC for ARM64 (Debug) - ARM-NEON", "inherits": [ "base", "ARM64", "Debug", "MSVC" ] }, - { "name": "arm64-Release", "description": "MSVC for ARM64 (Release) - ARM-NEON", "inherits": [ "base", "ARM64", "Release", "MSVC" ] }, + { "name": "x64-Debug" , "description": "MSVC for x64 (Debug) - SSE/SSE2", "inherits": [ "base", "x64", "Debug", "MSVC" ] }, + { "name": "x64-Release" , "description": "MSVC for x64 (Release) - SSE/SSE2", "inherits": [ "base", "x64", "Release", "MSVC" ] }, + { "name": "x86-Debug" , "description": "MSVC for x86 (Debug) - SSE/SSE2", "inherits": [ "base", "x86", "Debug", "MSVC" ] }, + { "name": "x86-Release" , "description": "MSVC for x86 (Release) - SSE/SSE2", "inherits": [ "base", "x86", "Release", "MSVC" ] }, + { "name": "arm-Debug" , "description": "MSVC for ARM (Debug) - ARM-NEON", "inherits": [ "base", "ARM", "Debug", "MSVC" ] }, + { "name": "arm-Release" , "description": "MSVC for ARM (Release) - ARM-NEON", "inherits": [ "base", "ARM", "Release", "MSVC" ] }, + { "name": "arm64-Debug" , "description": "MSVC for ARM64 (Debug) - ARM-NEON", "inherits": [ "base", "ARM64", "Debug", "MSVC" ] }, + { "name": "arm64-Release" , "description": "MSVC for ARM64 (Release) - ARM-NEON", "inherits": [ "base", "ARM64", "Release", "MSVC" ] }, { "name": "arm64ec-Debug" , "description": "MSVC for ARM64EC (Debug) - ARM-NEON", "inherits": [ "base", "ARM64EC", "Debug", "MSVC" ], "environment": { "CXXFLAGS": "/arm64EC" } }, { "name": "arm64ec-Release", "description": "MSVC for ARM64EC (Release) - ARM-NEON", "inherits": [ "base", "ARM64EC", "Release", "MSVC" ], "environment": { "CXXFLAGS": "/arm64EC" } }, @@ -169,12 +169,14 @@ { "name": "arm64-Release-Clang", "description": "Clang/LLVM for AArch64 (Release) - ARM-NEON", "inherits": [ "base", "ARM64", "Release", "Clang" ], "environment": { "CXXFLAGS": "--target=arm64-pc-windows-msvc" } } ], "testPresets": [ - { "name": "x64-Debug" , "configurePreset": "x64-Debug" }, - { "name": "x64-Release" , "configurePreset": "x64-Release" }, - { "name": "x86-Debug" , "configurePreset": "x86-Debug" }, - { "name": "x86-Release" , "configurePreset": "x86-Release" }, - { "name": "arm64-Debug" , "configurePreset": "arm64-Debug" }, - { "name": "arm64-Release", "configurePreset": "arm64-Release" }, + { "name": "x64-Debug" , "configurePreset": "x64-Debug" }, + { "name": "x64-Release" , "configurePreset": "x64-Release" }, + { "name": "x86-Debug" , "configurePreset": "x86-Debug" }, + { "name": "x86-Release" , "configurePreset": "x86-Release" }, + { "name": "arm64-Debug" , "configurePreset": "arm64-Debug" }, + { "name": "arm64-Release" , "configurePreset": "arm64-Release" }, + { "name": "arm64ec-Debug" , "configurePreset": "arm64ec-Debug" }, + { "name": "arm64ec-Release", "configurePreset": "arm64ec-Release" }, { "name": "x64-Debug-Clang" , "configurePreset": "x64-Debug-Clang" }, { "name": "x64-Release-Clang" , "configurePreset": "x64-Release-Clang" }, diff --git a/build/DirectXMath-GitHub-CMake-Dev17.yml b/build/DirectXMath-GitHub-CMake-Dev17.yml index 8ab68a3..b7b051e 100644 --- a/build/DirectXMath-GitHub-CMake-Dev17.yml +++ b/build/DirectXMath-GitHub-CMake-Dev17.yml @@ -3,7 +3,7 @@ # # http://go.microsoft.com/fwlink/?LinkID=615560 -# Builds the library and test suite using CMake. +# Builds the library and test suite using CMake with VS Generator (GitHub Actions covers Ninja) schedules: - cron: "0 0 * * *" diff --git a/build/DirectXMath-GitHub-CMake.yml b/build/DirectXMath-GitHub-CMake.yml index a9c8c74..385fa73 100644 --- a/build/DirectXMath-GitHub-CMake.yml +++ b/build/DirectXMath-GitHub-CMake.yml @@ -3,7 +3,7 @@ # # http://go.microsoft.com/fwlink/?LinkID=615560 -# Builds the library and test suite using CMake. +# Builds the library and test suite using CMake using VS Generator (GitHub Actions covers Ninja). schedules: - cron: "0 0 * * *" @@ -20,6 +20,7 @@ trigger: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' pr: @@ -30,6 +31,7 @@ pr: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' resources: diff --git a/build/DirectXMath-GitHub-Dev17.yml b/build/DirectXMath-GitHub-Dev17.yml index 5bdceaf..4f19ded 100644 --- a/build/DirectXMath-GitHub-Dev17.yml +++ b/build/DirectXMath-GitHub-Dev17.yml @@ -12,32 +12,15 @@ schedules: include: - main -trigger: - branches: - include: - - main - paths: - exclude: - - '*.md' - - LICENSE - - CMake* - - '.nuget/*' - - build/*.cmake - - build/*.in - +# GitHub Actions handles MSBuild for CI/PR +trigger: none pr: branches: include: - main paths: - exclude: - - '*.md' - - LICENSE - - CMake* - - '.nuget/*' - - build/*.cmake - - build/*.in - drafts: false + include: + - build/*-GitHub-Dev17.yml resources: repositories: diff --git a/build/DirectXMath-GitHub-MinGW.yml b/build/DirectXMath-GitHub-MinGW.yml index 7c6d08a..406314e 100644 --- a/build/DirectXMath-GitHub-MinGW.yml +++ b/build/DirectXMath-GitHub-MinGW.yml @@ -20,6 +20,7 @@ trigger: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' pr: @@ -30,6 +31,7 @@ pr: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' drafts: false diff --git a/build/DirectXMath-GitHub-WSL.yml b/build/DirectXMath-GitHub-WSL.yml index f10b318..9372484 100644 --- a/build/DirectXMath-GitHub-WSL.yml +++ b/build/DirectXMath-GitHub-WSL.yml @@ -20,6 +20,7 @@ trigger: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' pr: @@ -30,6 +31,7 @@ pr: exclude: - '*.md' - LICENSE + - '.github/*' - '.nuget/*' drafts: false diff --git a/build/DirectXMath-GitHub.yml b/build/DirectXMath-GitHub.yml index 47a0f30..cc170f1 100644 --- a/build/DirectXMath-GitHub.yml +++ b/build/DirectXMath-GitHub.yml @@ -12,32 +12,15 @@ schedules: include: - main -trigger: - branches: - include: - - main - paths: - exclude: - - '*.md' - - LICENSE - - CMake* - - '.nuget/*' - - build/*.cmake - - build/*.in - +# GitHub Actions handles MSBuild for CI/PR +trigger: none pr: branches: include: - main paths: - exclude: - - '*.md' - - LICENSE - - CMake* - - '.nuget/*' - - build/*.cmake - - build/*.in - drafts: false + include: + - build/DirectXMath-GitHub.yml resources: repositories: diff --git a/build/DirectXMath-SDL.yml b/build/DirectXMath-SDL.yml index 9c29d64..c07df34 100644 --- a/build/DirectXMath-SDL.yml +++ b/build/DirectXMath-SDL.yml @@ -12,8 +12,8 @@ schedules: include: - main +# GitHub Actions handles CodeQL and PREFAST for CI/PR trigger: none - pr: branches: include: