mirror of
https://github.com/OpenVPN/openvpn.git
synced 2026-05-28 04:03:29 -04:00
GHA: Pin dependencies
Done by renovate. Updates will also be handled by renovate. This makes the builds slightly more deterministic and removes some potential supply-chain attack vectors. GitHub: #610 Change-Id: I92dfbc3a0cc347a51892600bf02b501295ce612b Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> Acked-by: Yuriy Darnobyt <yura.uddr@gmail.com> Message-Id: <20240927093205.22981-1-frank@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg29461.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This commit is contained in:
Frank Lichtenheld
Gert Doering
parent
a8cc97f94f
commit
2ad9325d1b
2 changed files with 25 additions and 25 deletions
44
.github/workflows/build.yaml
vendored
44
.github/workflows/build.yaml
vendored
|
|
@ -13,7 +13,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y uncrustify
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
with:
|
||||
path: openvpn
|
||||
- name: Show uncrustify version
|
||||
|
|
@ -27,7 +27,7 @@ jobs:
|
|||
- name: Show changes on standard output
|
||||
run: git diff
|
||||
working-directory: openvpn
|
||||
- uses: actions/upload-artifact@v4
|
||||
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
|
||||
with:
|
||||
name: uncrustify-changes.patch
|
||||
path: 'openvpn/uncrustify-changes.patch'
|
||||
|
|
@ -49,22 +49,22 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y mingw-w64 unzip cmake ninja-build build-essential wget python3-docutils man2html-base
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
|
||||
- name: Restore from cache and install vcpkg
|
||||
uses: lukka/run-vcpkg@v11.5
|
||||
uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5
|
||||
with:
|
||||
vcpkgGitCommitId: 8d3649ba34aab36914ddd897958599aa0a91b08e
|
||||
vcpkgJsonGlob: '**/mingw/vcpkg.json'
|
||||
|
||||
- name: Run CMake with vcpkg.json manifest
|
||||
uses: lukka/run-cmake@v10.7
|
||||
uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8
|
||||
with:
|
||||
configurePreset: mingw-${{ matrix.arch }}
|
||||
buildPreset: mingw-${{ matrix.arch }}
|
||||
buildPresetAdditionalArgs: "['--config Debug']"
|
||||
|
||||
- uses: actions/upload-artifact@v4
|
||||
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
|
||||
with:
|
||||
name: openvpn-mingw-${{ matrix.arch }}
|
||||
path: |
|
||||
|
|
@ -72,7 +72,7 @@ jobs:
|
|||
${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/*.dll
|
||||
!${{ github.workspace }}/out/build/mingw/${{ matrix.arch }}/Debug/test_*.exe
|
||||
|
||||
- uses: actions/upload-artifact@v4
|
||||
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
|
||||
with:
|
||||
name: openvpn-mingw-${{ matrix.arch }}-tests
|
||||
path: |
|
||||
|
|
@ -91,9 +91,9 @@ jobs:
|
|||
name: "mingw unittest ${{ matrix.test }} - ${{ matrix.arch }} - OSSL"
|
||||
steps:
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: Retrieve mingw unittest
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
|
||||
with:
|
||||
name: openvpn-mingw-${{ matrix.arch }}-tests
|
||||
path: unittests
|
||||
|
|
@ -165,7 +165,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html libcmocka-dev python3-docutils libtool automake autoconf ${SSLPKG} ${PKCS11PKG}
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: autoconf
|
||||
run: autoreconf -fvi
|
||||
- name: configure
|
||||
|
|
@ -195,7 +195,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev libcap-ng-dev libnl-genl-3-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf libmbedtls-dev
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: autoconf
|
||||
run: autoreconf -fvi
|
||||
- name: configure
|
||||
|
|
@ -256,7 +256,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: brew install openssl@1.1 openssl@3 lzo lz4 man2html cmocka libtool automake autoconf libressl
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: autoconf
|
||||
run: autoreconf -fvi
|
||||
- name: configure
|
||||
|
|
@ -280,27 +280,27 @@ jobs:
|
|||
|
||||
runs-on: windows-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: lukka/get-cmake@v3.30.1
|
||||
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- uses: lukka/get-cmake@070a0507a7abe157ef918deec391da1be197d2d1 # v3.30.3
|
||||
|
||||
- name: Install rst2html
|
||||
run: python -m pip install --upgrade pip docutils
|
||||
|
||||
- name: Restore artifacts, or setup vcpkg (do not install any package)
|
||||
uses: lukka/run-vcpkg@v11.5
|
||||
uses: lukka/run-vcpkg@5e0cab206a5ea620130caf672fce3e4a6b5666a1 # v11.5
|
||||
with:
|
||||
vcpkgGitCommitId: 8d3649ba34aab36914ddd897958599aa0a91b08e
|
||||
vcpkgJsonGlob: '**/windows/vcpkg.json'
|
||||
|
||||
- name: Run CMake with vcpkg.json manifest (NO TESTS)
|
||||
uses: lukka/run-cmake@v10.7
|
||||
uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8
|
||||
if: ${{ matrix.arch == 'arm64' }}
|
||||
with:
|
||||
configurePreset: win-${{ matrix.arch }}-release
|
||||
buildPreset: win-${{ matrix.arch }}-release
|
||||
|
||||
- name: Run CMake with vcpkg.json manifest
|
||||
uses: lukka/run-cmake@v10.7
|
||||
uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8
|
||||
if: ${{ matrix.arch != 'arm64' }}
|
||||
with:
|
||||
configurePreset: win-${{ matrix.arch }}-release
|
||||
|
|
@ -308,7 +308,7 @@ jobs:
|
|||
testPreset: win-${{ matrix.arch }}-release
|
||||
testPresetAdditionalArgs: "['--output-on-failure']"
|
||||
|
||||
- uses: actions/upload-artifact@v4
|
||||
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
|
||||
with:
|
||||
name: openvpn-msvc-${{ matrix.arch }}
|
||||
path: |
|
||||
|
|
@ -348,7 +348,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
|
||||
- name: "libressl: checkout"
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
with:
|
||||
path: libressl
|
||||
# versioning=semver-coerced
|
||||
|
|
@ -369,7 +369,7 @@ jobs:
|
|||
- name: "ldconfig"
|
||||
run: sudo ldconfig
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: autoconf
|
||||
run: autoreconf -fvi
|
||||
- name: configure
|
||||
|
|
@ -410,7 +410,7 @@ jobs:
|
|||
- name: Install dependencies
|
||||
run: sudo apt update && sudo apt install -y liblzo2-dev libpam0g-dev liblz4-dev linux-libc-dev man2html clang libcmocka-dev python3-docutils python3-jinja2 python3-jsonschema libtool automake autoconf pkg-config libcap-ng-dev libnl-genl-3-dev
|
||||
- name: "mbedtls: checkout"
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
with:
|
||||
path: mbedtls
|
||||
submodules: true
|
||||
|
|
@ -424,7 +424,7 @@ jobs:
|
|||
run: sudo make install DESTDIR=/usr
|
||||
working-directory: mbedtls
|
||||
- name: Checkout OpenVPN
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
- name: autoconf
|
||||
run: autoreconf -fvi
|
||||
- name: configure
|
||||
|
|
|
|||
6
.github/workflows/coverity-scan.yml
vendored
6
.github/workflows/coverity-scan.yml
vendored
|
|
@ -13,7 +13,7 @@ jobs:
|
|||
steps:
|
||||
- name: Check submission cache
|
||||
id: check_submit
|
||||
uses: actions/cache/restore@v4
|
||||
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
|
||||
with:
|
||||
path: |
|
||||
cov-int
|
||||
|
|
@ -25,7 +25,7 @@ jobs:
|
|||
|
||||
- name: Checkout OpenVPN
|
||||
if: steps.check_submit.outputs.cache-hit != 'true'
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
|
||||
|
||||
- name: Download Coverity Build Tool
|
||||
if: steps.check_submit.outputs.cache-hit != 'true'
|
||||
|
|
@ -65,7 +65,7 @@ jobs:
|
|||
|
||||
- name: Cache submission
|
||||
if: steps.check_submit.outputs.cache-hit != 'true'
|
||||
uses: actions/cache/save@v4
|
||||
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
|
||||
with:
|
||||
path: |
|
||||
cov-int
|
||||
|
|
|
|||
Loading…
Reference in a new issue