Skip to content

Bump step-security/harden-runner from 2.9.1 to 2.10.1 #457

Bump step-security/harden-runner from 2.9.1 to 2.10.1

Bump step-security/harden-runner from 2.9.1 to 2.10.1 #457

Workflow file for this run

name: Test
on:
push:
branches: main
pull_request:
branches: main
env:
GTEST_OUTPUT: "xml:test_results"
BUILDCMD: "colcon build --event-handlers console_direct+ --executor sequential --packages-up-to ad_rss ad_rss_map_integration --cmake-args -DBUILD_HARDENING=ON -DBUILD_TESTING=ON -DBUILD_PYTHON_BINDING=ON -DPYTHON_BINDING_VERSION=${PYTHON_BINDING_VERSION} && colcon test --event-handlers console_direct+ --packages-select ad_rss ad_rss_map_integration && colcon test-result"
permissions:
contents: read
jobs:
build-test:
strategy:
matrix:
include:
- os: ubuntu-20.04
compiler: gcc9
EXTRA_PACKAGES: ""
CC: ""
CXX: ""
PYTHON_BINDING_VERSION: "3.8"
- os: ubuntu-20.04
compiler: clang10
EXTRA_PACKAGES: clang-10
CC: /usr/bin/clang-10
CXX: /usr/bin/clang++-10
PYTHON_BINDING_VERSION: "3.10"
- os: ubuntu-22.04
compiler: gcc11
EXTRA_PACKAGES: ""
CC: ""
CXX: ""
PYTHON_BINDING_VERSION: "3.10"
- os: ubuntu-22.04
compiler: clang14
EXTRA_PACKAGES: clang-14
CC: /usr/bin/clang-14
CXX: /usr/bin/clang++-14
PYTHON_BINDING_VERSION: "3.10"
name: ${{ matrix.os }}, ${{ matrix.compiler }}, python-${{ matrix.PYTHON_BINDING_VERSION }}
runs-on: ${{ matrix.os }}
env:
PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
egress-policy: audit
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: recursive
- name: Install Dependencies
run: bash .github/workflows/install_dependencies.sh
- name: Build and Test
env:
CC: ${{ matrix.CC }}
CXX: ${{ matrix.CXX }}
run: |
sudo apt-get install ${EXTRA_PACKAGES}
rm -rf log build install
eval CC=${CC} CXX=${CXX} ${BUILDCMD}