diff --git a/.github/workflows/c-cpp.yml b/.github/workflows/c-cpp.yml index 4170353..67ef4cc 100644 --- a/.github/workflows/c-cpp.yml +++ b/.github/workflows/c-cpp.yml @@ -8,6 +8,50 @@ on: branches: [ main, develop ] pull_request: branches: [ main, develop ] + - name: Install dependencies + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y \ + build-essential \ + libssl-dev \ + libmagic-dev \ + libnghttp2-dev \ + pkg-config \ + file \ + cppcheck \ + clang-format \ + clang-tidy \ + flawfinder || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache \ + build-base \ + openssl-dev \ + file-dev \ + nghttp2-dev \ + zlib-dev \ + pkgconf \ + file \ + cppcheck \ + clang-extra-tools || true + elif command -v dnf >/dev/null 2>&1; then + $SUDO dnf -y install \ + gcc gcc-c++ make \ + openssl-devel \ + file-devel \ + libnghttp2-devel \ + pkgconf-pkg-config \ + file \ + cppcheck \ + clang-tools-extra \ + flawfinder || true + else + echo "No supported package manager found; skipping install" + fi jobs: build: @@ -25,6 +69,31 @@ jobs: run: | echo "Checking for required build tools..." which gcc || echo "WARNING: gcc not found" + - name: Ensure test dependencies + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y \ + build-essential \ + libssl-dev \ + libmagic-dev \ + libnghttp2-dev \ + pkg-config \ + file || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache \ + build-base \ + openssl-dev \ + file-dev \ + nghttp2-dev \ + zlib-dev \ + pkgconf \ + file || true + fi which make || echo "WARNING: make not found" echo "Include path: $C_INCLUDE_PATH" echo "Looking for magic.h..." @@ -76,6 +145,19 @@ jobs: runs-on: ubuntu-latest steps: + - name: Install code quality tools + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y cppcheck clang-format || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache cppcheck clang-extra-tools || true + fi + - name: Checkout repository uses: actions/checkout@v4 @@ -107,6 +189,20 @@ jobs: runs-on: ubuntu-latest steps: + - name: Install security tools + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y flawfinder cppcheck || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + # flawfinder may not be available on Alpine repos; install cppcheck + $SUDO apk add --no-cache cppcheck || true + fi + - name: Checkout repository uses: actions/checkout@v4 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 147f6f0..4ed5776 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,6 +16,31 @@ jobs: C_INCLUDE_PATH: /usr/include:/usr/local/include LIBRARY_PATH: /usr/lib:/usr/local/lib:/usr/lib/x86_64-linux-gnu steps: + - name: Install build dependencies + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y \ + build-essential \ + libssl-dev \ + libmagic-dev \ + libnghttp2-dev \ + pkg-config \ + file || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache \ + build-base \ + openssl-dev \ + file-dev \ + nghttp2-dev \ + zlib-dev \ + pkgconf \ + file || true + fi - uses: actions/checkout@v4 - name: Build project run: make clean && make INCLUDES="-I/usr/include -I/usr/local/include" || make INCLUDES="-I/usr/include -I/usr/local/include" @@ -32,6 +57,31 @@ jobs: C_INCLUDE_PATH: /usr/include:/usr/local/include LIBRARY_PATH: /usr/lib:/usr/local/lib:/usr/lib/x86_64-linux-gnu steps: + - name: Ensure test dependencies + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y \ + build-essential \ + libssl-dev \ + libmagic-dev \ + libnghttp2-dev \ + pkg-config \ + file || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache \ + build-base \ + openssl-dev \ + file-dev \ + nghttp2-dev \ + zlib-dev \ + pkgconf \ + file || true + fi - uses: actions/checkout@v4 - name: Build and run tests run: | @@ -45,6 +95,18 @@ jobs: security-scan: runs-on: ubuntu-latest steps: + - name: Install security tools + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y flawfinder cppcheck || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache cppcheck || true + fi - uses: actions/checkout@v4 - name: Run Flawfinder run: | @@ -58,6 +120,18 @@ jobs: code-quality: runs-on: ubuntu-latest steps: + - name: Install code quality tools + run: | + set -e + SUDO="" + if [ "$(id -u)" -ne 0 ]; then SUDO="sudo"; fi + if command -v apt-get >/dev/null 2>&1; then + $SUDO apt-get update -o Acquire::ForceIPv4=true || true + $SUDO apt-get install -y cppcheck clang-format clang-tidy || true + elif command -v apk >/dev/null 2>&1; then + $SUDO apk update || true + $SUDO apk add --no-cache cppcheck clang-extra-tools || true + fi - uses: actions/checkout@v4 - name: Run Cppcheck run: |