feat(judge): use bwrap to limit program. Thanks to @HeRaNo #498
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CPack - DEB - Debian | |
on: | |
# push代码时触发workflow | |
push: | |
# 忽略README.md | |
paths-ignore: | |
- "README.md" | |
- "LICENSE" | |
- "BUILD.md" | |
# pull_request时触发workflow | |
pull_request: | |
# 忽略README.md | |
paths-ignore: | |
- "README.md" | |
- "LICENSE" | |
- "BUILD.md" | |
release: | |
types: [published] | |
jobs: | |
check_commit_msg: | |
outputs: | |
commit_message: ${{ steps.get_message.outputs.message }} | |
name: Check if the workflow has been disabled. | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Get commit message | |
id: get_message | |
run: | | |
echo "message=$(git log --format=%B -n 1 ${{ github.event.after }})" >> $GITHUB_OUTPUT | |
linux: | |
strategy: | |
fail-fast: false | |
matrix: | |
#distro: [stable, testing, sid] | |
build_type: [Release, RelWithDebInfo] | |
distro: [testing, sid] | |
needs: check_commit_msg | |
if: ${{ !contains( needs.check_commit_msg.outputs.commit_message, 'NO_DEB') }} | |
name: Debian ${{ matrix.distro }} | |
runs-on: ubuntu-latest | |
container: debian:${{ matrix.distro }} | |
steps: | |
- name: Install git | |
run: | | |
apt-get update | |
apt-get install -y git | |
- name: Get the version | |
id: get_version | |
shell: bash | |
run: echo "VERSION=$(echo $GITHUB_REF | cut -d / -f 3)" >> $GITHUB_OUTPUT | |
- name: Checking out sources | |
uses: actions/checkout@v4 | |
with: | |
submodules: "recursive" | |
- name: Install build dependencies | |
run: | | |
apt-get install -y build-essential ninja-build qtbase5-dev qttools5-dev cmake pkgconf bash libspdlog-dev | |
- name: Build | |
run: | | |
mkdir build | |
cd build | |
cmake .. -GNinja -DEMBED_TRANSLATIONS=OFF -DEMBED_DOCS=OFF -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} -DBUILD_DEB=ON -DLEMON_BUILD_INFO="Build for Debian" -DLEMON_BUILD_EXTRA_INFO="Build on $(uname -sr)" | |
cmake --build . --target package --parallel $(nproc) | |
- name: Get package name | |
shell: bash | |
id: get_package | |
run: | | |
echo "NAME=$(basename build/LemonLime-*.deb)" >> $GITHUB_OUTPUT | |
- name: Upload artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: LemonLime-${{ steps.get_version.outputs.VERSION }}-debian-${{ matrix.distro }}-${{ matrix.build_type }}.deb | |
path: build/${{ steps.get_package.outputs.NAME }} | |
- name: Upload binaries to release | |
uses: svenstaro/upload-release-action@v1-release | |
if: startsWith(github.event.ref, 'refs/tags/') | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: build/${{ steps.get_package.outputs.NAME }} | |
asset_name: LemonLime-${{ steps.get_version.outputs.VERSION }}-debian-${{ matrix.distro }}-${{ matrix.build_type }}.deb | |
tag: ${{ github.ref }} | |
overwrite: true |