Commit Graph

53 Commits

Author SHA1 Message Date
neilnaveen 356c1f8336 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>
2022-06-07 14:32:11 +01:00
Behdad Esfahbod aef92b2846 [ci] Better compiler specification in configs-build job 2022-06-05 00:45:38 -06:00
Khaled Hosny c8810277bb Update Coverity settings 2022-04-22 02:22:29 +02:00
Khaled Hosny 392f201047 [ci] Pin gcovr to version 5.0
Fixes https://github.com/harfbuzz/harfbuzz/issues/3540
2022-04-21 13:59:08 -06:00
Khaled Hosny 924dd71de3
Merge pull request #3423 from harfbuzz/revert-ci-msvc
Revert "[ci] Downgrade pip on MSVC jobs"
2022-02-25 04:31:24 +02:00
Behdad Esfahbod d12c51e6e6 [ci] Rename configs-ci to configs-build
Since it doesn't run any tests.
2022-02-15 14:31:59 -06:00
Behdad Esfahbod b2f5131029 [ci] Add configs-ci.yml to test different configs
Fixes https://github.com/harfbuzz/harfbuzz/issues/2884
2022-02-12 21:22:30 -06:00
Khaled Hosny e045dbf617 [ci] Upgrade pip on MSVC job
To avoid bad pre-installed version.
2022-02-10 04:06:20 +02:00
Khaled Hosny 02a737e532 Revert "[ci] Downgrade pip on MSVC jobs"
This reverts commit c4cf5ddb27.
2022-02-08 21:45:42 +02:00
Khaled Hosny c4cf5ddb27 [ci] Downgrade pip on MSVC jobs
Turns out, pip 22.0 is the source of the breakage:
https://github.com/mesonbuild/meson/issues/9955#issuecomment-1030843844
https://github.com/pypa/pip/issues/10875
2022-02-06 18:13:16 +02:00
Khaled Hosny 3160789701 [ci] windows-2016 image is going away in a bit
https://github.com/actions/virtual-environments/issues/4312

windows-latest is the same as windows-2019, but we are using explicit
windows-2019 image for when they become different.
2021-11-24 02:05:28 +02:00
David Korczynski de9424172d [ci] Add CIFuzz integration
Add CIFuzz integration, which will run the fuzzers for a short amount
of time when a PR is submitted on Github.

Signed-off-by: David Korczynski <david@adalogics.com>
2021-10-27 10:01:41 -07:00
Khaled Hosny 671f1d149a [ci] meson 0.55.0 didn’t work for harfbuzz
https://github.com/mesonbuild/meson/issues/7437
2021-09-17 06:12:14 -06:00
Khaled Hosny f1b20b5a14 [ci] Ragel subproject requires meson 0.55.0 2021-09-17 06:12:14 -06:00
Khaled Hosny 835fc1376f [ci] Build ragel on the Linux CI job
To make sure we don’t accidentally break this option.
2021-09-17 06:12:14 -06:00
Khaled Hosny 7e9ac8fea2 [meson] Require ragel 6.10
Ragel 7 is also not stable from upstream's point of view.

This uses “version” argument find_program(), which was introduced in
meson 0.52.0, so I raised the minimum required meson version
accordingly.
2021-09-14 18:46:33 -06:00
Garret Rieger f3e031539f Revert "[ci] Bin FontTools version due to recent COLRv1 changes"
This reverts commit 163748b505.
2021-07-28 11:36:34 -06:00
Khaled Hosny 163748b505 [ci] Bin FontTools version due to recent COLRv1 changes
Should be reverted once HarfBuzz updated to match FontTools.
2021-07-26 23:32:48 +02:00
Khaled Hosny 2c7ef0db0b [ci] Generate only XML coverage data
That is the one we are uploading, and HTML coverage seems broken on
macOS.
2021-07-13 13:23:53 +02:00
Khaled Hosny f6c9fcfd3e [ci] Add macOS GitHub workflow
To collect codecov coverage on macOS as well (hopefully it will run the
macOS-specific tests).
2021-07-13 01:12:43 +02:00
Khaled Hosny fa432a121e Rename various references to master branch 2021-06-05 04:18:52 +02:00
Khaled Hosny c571a96eb0 [ci] Disable Chafa on jobs that enables all auto features
No suitable versions are available on these setups.
2021-04-26 12:13:10 -06:00
Khaled Hosny cad753e20f [ci] Use known working Ubuntu version
GitHub Actions seems to be moving ubuntu-latest from ubuntu-18.04 to
ubuntu-20.04, but gcovr is broken for us in the new version.
2021-03-16 01:11:12 +02:00
Khaled Hosny ff86c72e09 [ci] Avoid duplicate builds on pull requests
Don’t run GitHub Actions on pushing to branches other than master. This
was already the case for the linux-ci workflow.
2021-03-16 01:11:12 +02:00
Khaled Hosny 07315d9c83 [ci] Don’t install meson from its master branch
We are testing Harfbuzz not meson!
2021-03-15 22:45:25 +02:00
Behdad Esfahbod 7099a6dca1 [atomic] Remove old Intel primitives implementation 2021-02-20 15:20:06 -07:00
Khaled Hosny fb1b29cee4 [ci] Fix msys2 breakage
What package manger randomly changes package names without fallback!
2021-01-17 23:11:18 +02:00
Khaled Hosny 296e9d7f33 [ci] Install fonttools using pip on msys2
Hopefully fixes the broken package.
2020-12-23 01:23:54 +02:00
Ebrahim Byagowi 8586bad2bd
[ci] don't install rustc on linux-ci
https://github.com/harfbuzz/harfbuzz/pull/2610/checks?check_run_id=930572217
2020-07-31 09:28:51 +04:30
Ebrahim Byagowi 5f9ff04fb0 Add comparison against ttf-parser 2020-07-30 16:18:17 +04:30
Ebrahim Byagowi 7bab6087bf
[ci] Install meson's master
As https://github.com/mesonbuild/meson/issues/7437
2020-07-29 08:49:01 +04:30
Ebrahim Byagowi 11ae45f6eb
[ci] Don't run cov-analyze
https://stackoverflow.com/a/59353318
2020-07-22 17:52:16 +04:30
Christoph Reiter d058e56cf1 [ci] Update to msys2/setup-msys2@v2
This update introduces better error handling and package caching by default.
2020-07-20 23:46:52 +04:30
Ebrahim Byagowi ae8a71dfb8
[ci] minor, use --auto-features=enabled 2020-07-20 20:16:15 +04:30
Ebrahim Byagowi f65a8a33b6
[ci] run cov-analyze
apparently we have to run that also ourselves, let's see
2020-07-19 18:13:48 +04:30
Christoph Reiter 93aea76a25 Fix the GHA msvc build
Use the 'ilammy/msvc-dev-cmd' action for setting up the msvc env,
so we can use powershell everywhere.

Remove a directory from PATH which was interfering with the meson build
by providing an unrelated pkg-config.exe.
2020-07-18 19:52:45 +02:00
Ebrahim Byagowi 3a46ae5127 Use GitHub Actions for msvc bots 2020-07-18 19:15:53 +02:00
Ebrahim Byagowi 8cbdb6fa41 [meson] Don't enable benchmark under the conditions ever
As we don't want to make headache for packagers as we don't want to
enable it when --auto-features=enabled is used.
2020-07-15 13:33:00 +04:30
Christoph Reiter 8e7a9b6eeb msys2-ci: clean up 2020-07-15 12:11:49 +04:30
Christoph Reiter 9a4d590eee CI: Port MSYS2 jobs from appveyor to github actions 2020-07-15 12:11:49 +04:30
Ebrahim Byagowi 2c1d699409
[ci] use clang for cov-build
to be honest this is done as a let's see what
happens move but the background is coverity
reveals more things for Firefox project and there
should be an interesting reason for it.
2020-07-13 20:26:57 +04:30
Ebrahim Byagowi 9ab7525a06
[ci] use a fixed version of meson in gh actions bot
a patch is uploaded to fix the issue with b_coverage in meson upstream thus let's revive our bot at least for now
2020-07-13 01:15:36 +04:30
Ebrahim Byagowi 702847aadd [meson] Turn benchmark to a feature 2020-06-29 12:54:58 +04:30
Ebrahim Byagowi 95b1081be4 Add performance benchmark for shaping, get extents and draw 2020-06-25 01:30:07 +04:30
Ebrahim Byagowi a4955e21fd
[ci] install gobject-instrospection on linux ci 2020-06-18 08:59:49 +04:30
Ebrahim Byagowi 5293fdba23
[ci] Move docs deployment from autotools to meson 2020-06-04 02:38:27 +04:30
Ebrahim Byagowi 8ba8980222
[ci] enable experimental apis in coverity scan 2020-04-28 20:14:17 +04:30
Ebrahim Byagowi d63ee13a2a
[ci] enable more on coverity 2020-04-28 20:01:11 +04:30
Ebrahim Byagowi 39976ee660
[ci] install fonttools in linux-ci bot 2020-04-28 18:50:33 +04:30
Ebrahim Byagowi 1801489b49
[ci] Add coverity scan bot 2020-04-28 18:47:39 +04:30