Skip to content

CI/CD - Added Snyk C/C++ Scanning Job #1835

CI/CD - Added Snyk C/C++ Scanning Job

CI/CD - Added Snyk C/C++ Scanning Job #1835

Workflow file for this run

# SPDX-License-Identifier: BSD-3-Clause
# Copyright (c) Contributors to the OpenEXR Project.
#
# GitHub Actions workflow file
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions
name: CI
# Skip the run on *.md changes and on changes to the website, *except*
# for "website/src", since that code needs validation. There's a
# separate workflow for with website. Also, no need to run on changes
# to the bazel setup.
on:
push:
branches-ignore:
- RB-2.*
tags-ignore:
- v1.*
- v2.*
paths:
- '**'
- '!**.md'
- '!website/**'
- 'website/src/**'
- '!bazel/**'
- '!src/wrappers/**'
pull_request:
branches-ignore:
- RB-2.*
tags-ignore:
- v1.*
- v2.*
paths:
- '**'
- '!**.md'
- '!website/**'
- 'website/src/**'
- '!bazel/**'
- '!src/wrappers/**'
permissions:
contents: read
jobs:
# Linux jobs run in Docker containers, so the latest OS version is OK. macOS
# and Windows jobs need to be locked to specific virtual environment
# versions to mitigate issues from OS updates, and will require maintenance
# as OS versions are retired.
#
# GH Actions (Free plan) supports 20 concurrent jobs, with 5 concurrent macOS
# jobs. This workflow tries to utilize (but not exceed) that budget to
# promote timely CI.
# ---------------------------------------------------------------------------
# Linux
# ---------------------------------------------------------------------------
# TODO: Add ARM build. Add sanitize build.
linux:
name: 'Linux ${{ matrix.label }}VFXP-${{ matrix.vfx-cy }} centos7
<${{ matrix.compiler-desc }},
C++${{ matrix.cxx-standard }},
config=${{ matrix.build-type }},
shared=${{ matrix.build-shared }},
threads=${{ matrix.threads-enabled }}>'
# GH-hosted VM. The build runs in CentOS 7 'container' defined below.
runs-on: ubuntu-latest
container:
# DockerHub: https://hub.docker.com/u/aswf
# Source: https://github.com/AcademySoftwareFoundation/aswf-docker
image: aswf/ci-openexr:${{ matrix.vfx-cy }}
strategy:
matrix:
build: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10]
include:
# -------------------------------------------------------------------
# VFX CY2023 - GCC
# -------------------------------------------------------------------
# Shared, Release
- build: 1
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc11.2.1
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# Shared, Release, Threads OFF
- build: 2
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc11.2.1
label:
threads-enabled: 'OFF'
vfx-cy: 2023
exclude-tests:
# Shared, Debug
- build: 3
build-type: Debug
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc11.2.1
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# Static, Release
- build: 4
build-type: Release
build-shared: 'OFF'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc11.2.1
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# Shared, Release, C++14
- build: 5
build-type: Release
build-shared: 'ON'
cxx-standard: 14
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc11.2.1
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# -------------------------------------------------------------------
# VFX CY2023 - Clang 15.0
# -------------------------------------------------------------------
# Release
- build: 6
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: clang++
cc-compiler: clang
compiler-desc: clang15.0
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# -------------------------------------------------------------------
# VFX CY2023 - Clang 14.0
# -------------------------------------------------------------------
# Release
- build: 7
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: clang++
cc-compiler: clang
compiler-desc: clang14.0
label:
threads-enabled: 'ON'
vfx-cy: 2023
exclude-tests:
# -------------------------------------------------------------------
# VFX CY2022 - GCC, Release
# -------------------------------------------------------------------
# Shared, Release
- build: 8
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc9.3.1
label:
threads-enabled: 'ON'
vfx-cy: 2022
exclude-tests:
# -------------------------------------------------------------------
# VFX CY2021 - GCC, Release
# -------------------------------------------------------------------
# Shared, Release
- build: 9
build-type: Release
build-shared: 'ON'
cxx-standard: 17
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc9.3.1
label:
threads-enabled: 'ON'
vfx-cy: 2021
exclude-tests:
# -------------------------------------------------------------------
# VFX CY2020 - GCC, Release
# -------------------------------------------------------------------
# Shared, Release
- build: 10
build-type: Release
build-shared: 'ON'
cxx-standard: 14
cxx-compiler: g++
cc-compiler: gcc
compiler-desc: gcc6.3.1
label:
threads-enabled: 'ON'
vfx-cy: 2020
exclude-tests:
env:
CXX: ${{ matrix.cxx-compiler }}
CC: ${{ matrix.cc-compiler }}
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Create build directories
run: |
mkdir _install
mkdir _build
mkdir _examples
- name: Install help2man
run: yum install -y help2man
- name: Configure
run: |
cmake .. \
-DCMAKE_INSTALL_PREFIX=../_install \
-DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
-DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
-DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }} \
-DCMAKE_VERBOSE_MAKEFILE:BOOL='OFF' \
-DBUILD_SHARED_LIBS=${{ matrix.build-shared }} \
-DOPENEXR_INSTALL_TOOLS='ON' \
-DOPENEXR_INSTALL_DOCS='ON' \
-DOPENEXR_RUN_FUZZ_TESTS='OFF' \
-DOPENEXR_ENABLE_THREADING=${{ matrix.threads-enabled }}
working-directory: _build
- name: Build
run: |
cmake --build . \
--target install \
--config ${{ matrix.build-type }}
working-directory: _build
- name: Validate
run: |
share/ci/scripts/linux/validate_openexr_libs.sh _install
- name: Examples
run: |
# Make sure we can build the examples when configured as a
# standalone application linking against the just-installed
# OpenEXR library.
cmake ../src/examples \
-DCMAKE_PREFIX_PATH=../../_install \
-DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
-DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
-DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }}
cmake --build . \
--config ${{ matrix.build-type }}
# Confirm the examples program runs
./bin/OpenEXRExamples
working-directory: _examples
- name: Test
run: |
ctest -T Test ${{ matrix.exclude-tests }} \
-C ${{ matrix.build-type }} \
--timeout 7200 \
--output-on-failure \
-VV
working-directory: _build
# ---------------------------------------------------------------------------
# macOS
# ---------------------------------------------------------------------------
# TODO: Add ARM64/x86_64 (universal 2) build
macos:
name: 'Mac VFXP-${{ matrix.vfx-cy }} macos-${{ matrix.osver }}
<${{ matrix.compiler-desc }},
C++${{ matrix.cxx-standard }},
config=${{ matrix.build-type }},
shared=${{ matrix.build-shared }},
cxx=${{ matrix.cxx-standard }},
threads=${{ matrix.threads-enabled }}>'
runs-on: macos-${{ matrix.osver }}
strategy:
matrix:
build: [1, 2, 3, 4, 5]
include:
# -------------------------------------------------------------------
# VFX CY2023 - C++17 - MacOS 11.0
# -------------------------------------------------------------------
# Shared, Release
- build: 1
build-type: Release
build-shared: 'ON'
threads-enabled: 'ON'
compiler-desc: AppleClang11.0
cxx-standard: 17
osver: 11.0
exclude-tests:
vfx-cy: 23
# Shared, Release, Threads OFF
- build: 2
build-type: Release
build-shared: 'ON'
threads-enabled: 'OFF'
compiler-desc: AppleClang11.0
cxx-standard: 17
osver: 11.0
exclude-tests:
vfx-cy: 23
# Static, Release
- build: 3
build-type: Release
build-shared: 'OFF'
threads-enabled: 'ON'
compiler-desc: AppleClang11.0
cxx-standard: 17
osver: 11.0
exclude-tests:
vfx-cy: 23
# Shared, Debug
- build: 4
build-type: Debug
build-shared: 'ON'
threads-enabled: 'ON'
compiler-desc: AppleClang11.0
cxx-standard: 17
osver: 11.0
exclude-tests:
vfx-cy: 23
# -------------------------------------------------------------------
# VFX CY2023 - C++17 - MacOS 12
# -------------------------------------------------------------------
# Shared, Release
- build: 5
build-type: Release
build-shared: 'ON'
threads-enabled: 'ON'
compiler-desc: AppleClang11.0
cxx-standard: 17
osver: 12.0
exclude-tests:
vfx-cy: 23
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Create build directories
run: |
mkdir _install
mkdir _build
mkdir _examples
- name: Configure
run: |
cmake .. \
-DCMAKE_INSTALL_PREFIX=../_install \
-DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
-DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
-DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }} \
-DCMAKE_VERBOSE_MAKEFILE:BOOL='OFF' \
-DBUILD_SHARED_LIBS=${{ matrix.build-shared }} \
-DOPENEXR_INSTALL_TOOLS='ON' \
-DOPENEXR_INSTALL_DOCS='OFF' \
-DOPENEXR_RUN_FUZZ_TESTS='OFF'
working-directory: _build
- name: Build
run: |
cmake --build . \
--target install \
--config ${{ matrix.build-type }}
working-directory: _build
- name: Examples
run: |
# Make sure we can build the examples when configured as a
# standalone application linking against the just-installed
# OpenEXR library.
cmake ../src/examples \
-DCMAKE_PREFIX_PATH=../../_install \
-DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
-DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
-DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }}
cmake --build . \
--config ${{ matrix.build-type }}
# Confirm the examples program runs
./bin/OpenEXRExamples
working-directory: _examples
- name: Test
run: |
ctest -T Test ${{matrix.exclude-tests }} \
-C ${{matrix.build-type}} \
--timeout 7200 \
--output-on-failure \
-VV
working-directory: _build
# ---------------------------------------------------------------------------
# Windows
# ---------------------------------------------------------------------------
# TODO: Debug mode is catatonically slow under windows
windows:
name: 'Windows VFXP-${{ matrix.vfx-cy }}
<${{ matrix.compiler-desc }},
config=${{ matrix.build-type }},
shared=${{ matrix.build-shared }},
cxx=${{ matrix.cxx-standard }},
threads=${{ matrix.threads-enabled }}>'
runs-on: windows-${{ matrix.osver }}
strategy:
matrix:
build: [1, 2, 3, 4, 5]
include:
# -------------------------------------------------------------------
# VFX CY2023 - C++17 - Windows 2022 runner - MSVC 2022 (17.5)
# -------------------------------------------------------------------
# Shared, Release
- build: 1
build-type: Release
build-shared: 'ON'
threads-enabled: 'ON'
compiler-desc: msvc17.5
cxx-standard: 17
vfx-cy: 2023
exclude-tests: ''
osver: 2022
# Shared, Release, Threads OFF
- build: 2
build-type: Release
build-shared: 'ON'
threads-enabled: 'OFF'
compiler-desc: msvc17.5
cxx-standard: 17
vfx-cy: 2023
exclude-tests: ''
osver: 2022
# Static, Release
- build: 3
build-type: Release
build-shared: 'OFF'
threads-enabled: 'ON'
compiler-desc: msvc17.5
cxx-standard: 17
vfx-cy: 2023
exclude-tests: ''
osver: 2022
# -------------------------------------------------------------------
# VFX CY2022 - C++17 - Windows 2019 runner - MSVC 2019 (16.11)
# -------------------------------------------------------------------
# Shared, Release
- build: 4
build-type: Release
build-shared: 'ON'
threads-enabled: 'ON'
compiler-desc: msvc16.11
cxx-standard: 17
vfx-cy: 2022
exclude-tests: ''
osver: 2019
# Static, Release
- build: 5
build-type: Release
build-shared: 'OFF'
threads-enabled: 'ON'
compiler-desc: msvc16.11
cxx-standard: 17
vfx-cy: 2022
exclude-tests: ''
osver: 2019
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Create build directories
run: |
mkdir _install
mkdir _build
mkdir _examples
shell: bash
## - name: Install Dependences
## run: |
## share/ci/scripts/windows/install_python.ps1 ${{ matrix.python-version }} $HOME
## share/ci/scripts/windows/install_boost.ps1 ${{ matrix.boost-version }} $HOME 3.8
## share/ci/scripts/windows/install_zlib.ps1 ${{ matrix.zlib-version }} $HOME
## shell: powershell
- name: Configure
run: |
cmake .. \
-DCMAKE_INSTALL_PREFIX=../_install \
-DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
-DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
-DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }} \
-DCMAKE_VERBOSE_MAKEFILE:BOOL='OFF' \
-DBUILD_SHARED_LIBS=${{ matrix.build-shared }} \
-DOPENEXR_INSTALL_TOOLS='ON' \
-DOPENEXR_INSTALL_DOCS='OFF' \
-DOPENEXR_RUN_FUZZ_TESTS='OFF'
shell: bash
working-directory: _build
- name: Build
run: |
cmake --build . \
--target install \
--config ${{ matrix.build-type }}
shell: bash
working-directory: _build
## - name: Examples
## run: |
## # Make sure we can build the examples when configured as a
## # standalone application linking against the just-installed
## # OpenEXR library.
## cmake ../src/examples \
## -DCMAKE_PREFIX_PATH=../../_install \
## -DCMAKE_BUILD_TYPE=${{ matrix.build-type }} \
## -DCMAKE_CXX_STANDARD=${{ matrix.cxx-standard }} \
## -DCMAKE_CXX_FLAGS=${{ matrix.cxx-flags }}
## cmake --build . \
## --config ${{ matrix.build-type }}
## # Confirm the examples program runs
## ./bin/OpenEXRExamples
## shell: bash
## working-directory: _examples
- name: Test
run: |
ctest -T Test ${{ matrix.exclude-tests }} \
-C ${{ matrix.build-type }} \
--timeout 7200 \
--output-on-failure \
-VV
shell: bash
working-directory: _build