Skip to content
This repository was archived by the owner on Aug 7, 2025. It is now read-only.
Test

Bump step-security/harden-runner from 2.11.0 to 2.12.2 (#371) #753

Sign in to view logs

Bump step-security/harden-runner from 2.11.0 to 2.12.2 (#371)

Bump step-security/harden-runner from 2.11.0 to 2.12.2 (#371) #753

Workflow file for this run

.github/workflows/build_test.yml at 88debf8
name: Test
on:
push:
branches: main
pull_request:
branches: main
env:
GTEST_OUTPUT: "xml:test_results"
BUILDCMD: "colcon build --event-handlers console_direct+ --executor sequential --packages-up-to ad_rss ad_rss_map_integration --cmake-args -DBUILD_HARDENING=ON -DBUILD_TESTING=ON -DBUILD_PYTHON_BINDING=ON -DPYTHON_BINDING_VERSION=${PYTHON_BINDING_VERSION} && colcon test --event-handlers console_direct+ --packages-select ad_rss ad_rss_map_integration && colcon test-result"
permissions:
contents: read
jobs:
build-test:
strategy:
matrix:
include:
- os: ubuntu-22.04
compiler: gcc11
EXTRA_PACKAGES: ""
CC: ""
CXX: ""
PYTHON_BINDING_VERSION: "3.10"
- os: ubuntu-22.04
compiler: clang14
EXTRA_PACKAGES: clang-14
CC: /usr/bin/clang-14
CXX: /usr/bin/clang++-14
PYTHON_BINDING_VERSION: "3.11"
- os: ubuntu-24.04
compiler: gcc13
EXTRA_PACKAGES: ""
CC: ""
CXX: ""
PYTHON_BINDING_VERSION: "3.12"
- os: ubuntu-24.04
compiler: clang18
EXTRA_PACKAGES: clang-18
CC: /usr/bin/clang-18
CXX: /usr/bin/clang++-18
PYTHON_BINDING_VERSION: "3.13"
name: ${{ matrix.os }}, ${{ matrix.compiler }}, python-${{ matrix.PYTHON_BINDING_VERSION }}
runs-on: ${{ matrix.os }}
env:
PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
with:
egress-policy: audit
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: recursive
- name: Install Dependencies
run: bash .github/workflows/install_dependencies.sh
- name: Build and Test
env:
CC: ${{ matrix.CC }}
CXX: ${{ matrix.CXX }}
run: |
sudo apt-get install ${EXTRA_PACKAGES}
rm -rf log build install
source ad-rss-build-venv/bin/activate
eval CC=${CC} CXX=${CXX} ${BUILDCMD}