diff options
| author | Colin Watson <cjwatson@debian.org> | 2020-04-17 20:57:34 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2020-04-18 09:48:21 +0100 |
| commit | df7226c4b684fd229dc046388225c69ded877721 (patch) | |
| tree | e69014e1ee868c4ec178b8a36baae7de31786beb /.github/workflows | |
| parent | f794345c2d734f593da8ed7754e5dbb5809c688d (diff) | |
| parent | 75073d0a8478441cc97a6efa10b566c5fb1dac81 (diff) | |
Update upstream source from tag 'upstream/1.4.0'
Update to upstream version '1.4.0'
with Debian dir 64889867df57bd13ea0cb964223697d378d391ce
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/cifuzz_oss.yml | 23 | ||||
| -rw-r--r-- | .github/workflows/scan.yml | 36 |
2 files changed, 59 insertions, 0 deletions
diff --git a/.github/workflows/cifuzz_oss.yml b/.github/workflows/cifuzz_oss.yml new file mode 100644 index 0000000..cbb334c --- /dev/null +++ b/.github/workflows/cifuzz_oss.yml | |||
| @@ -0,0 +1,23 @@ | |||
| 1 | name: CIFuzz | ||
| 2 | on: [pull_request] | ||
| 3 | jobs: | ||
| 4 | Fuzzing: | ||
| 5 | runs-on: ubuntu-latest | ||
| 6 | steps: | ||
| 7 | - name: Build Fuzzers | ||
| 8 | uses: google/oss-fuzz/infra/cifuzz/actions/build_fuzzers@master | ||
| 9 | with: | ||
| 10 | oss-fuzz-project-name: 'libfido2' | ||
| 11 | dry-run: false | ||
| 12 | - name: Run Fuzzers | ||
| 13 | uses: google/oss-fuzz/infra/cifuzz/actions/run_fuzzers@master | ||
| 14 | with: | ||
| 15 | oss-fuzz-project-name: 'libfido2' | ||
| 16 | fuzz-seconds: 600 | ||
| 17 | dry-run: false | ||
| 18 | - name: Upload Crash | ||
| 19 | uses: actions/upload-artifact@v1 | ||
| 20 | if: failure() | ||
| 21 | with: | ||
| 22 | name: artifacts | ||
| 23 | path: ./out/artifacts | ||
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml new file mode 100644 index 0000000..008961b --- /dev/null +++ b/.github/workflows/scan.yml | |||
| @@ -0,0 +1,36 @@ | |||
| 1 | name: static code analysis | ||
| 2 | |||
| 3 | on: | ||
| 4 | push: | ||
| 5 | schedule: | ||
| 6 | - cron: '0 0 * * 1' | ||
| 7 | |||
| 8 | env: | ||
| 9 | SCAN_IMG: | ||
| 10 | yes-docker-local.artifactory.in.yubico.org/static-code-analysis/c:v1 | ||
| 11 | SECRET: ${{ secrets.ARTIFACTORY_READER_TOKEN }} | ||
| 12 | |||
| 13 | jobs: | ||
| 14 | build: | ||
| 15 | runs-on: ubuntu-latest | ||
| 16 | |||
| 17 | steps: | ||
| 18 | - uses: actions/checkout@master | ||
| 19 | |||
| 20 | - name: Scan but do not fail on warnings | ||
| 21 | run: | | ||
| 22 | if [ "${SECRET}" != "" ]; then | ||
| 23 | docker login yes-docker-local.artifactory.in.yubico.org/ \ | ||
| 24 | -u svc-static-code-analysis-reader \ | ||
| 25 | -p ${{ secrets.ARTIFACTORY_READER_TOKEN }} | ||
| 26 | docker pull ${SCAN_IMG} | ||
| 27 | docker run -v${PWD}:/k -e COMPILE_DEPS="${COMPILE_DEPS}" \ | ||
| 28 | -e PROJECT_NAME=${GITHUB_REPOSITORY#Yubico/} -t ${SCAN_IMG} | ||
| 29 | fi | ||
| 30 | continue-on-error: true | ||
| 31 | |||
| 32 | - uses: actions/upload-artifact@master | ||
| 33 | if: failure() | ||
| 34 | with: | ||
| 35 | name: suppression_files | ||
| 36 | path: suppression_files | ||