simpler jobs

2 files changed, 40 insertions, 85 deletions

diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 00000000..9398df75
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,30 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [stable, dev]
+  pull_request:
+    branches: [stable, dev]
+
+jobs:
+  codeql:
+    name: Analyze
+    runs-on: ubuntu-latest
+    container:  # We use a previous image as it's expected to have all the dependencies
+      image: docker.io/aflplusplus/aflplusplus:dev
+    steps:
+      - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760
+        run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: cpp
+      - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process
+        env:
+          CC: gcc # These are symlinked to the version used in the container build
+          CXX: g++
+        run: make -i distrib # Best effort using -i
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml
index d4731775..0fd20dd7 100644
--- a/.github/workflows/container.yaml
+++ b/.github/workflows/container.yaml
@@ -1,4 +1,4 @@
-name: Build, test, CodeQL and push container image
+name: Container
 on:
   push:
     branches:
@@ -11,102 +11,29 @@ on:
       - dev # No need for stable-pull-request, as that equals dev-push
 
 jobs:
-  build-amd64:
-    name: Build amd64 image
+  build-and-test-amd64:
+    name: Build and test amd64 image
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v3
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2
-      - name: Login to GitHub Container Registry # Container cache registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
       - name: Build amd64
         uses: docker/build-push-action@v3
         with:
           context: .
-          platforms: linux/amd64
-          tags: ghcr.io/${{ github.actor }}/aflplusplus:amd64
-          push: true
-          cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64,mode=max
-          cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64
-
-  build-arm64:
-    name: Build arm64 image
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
-      - name: Login to GitHub Container Registry # Container cache registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
-        with:
-          platforms: arm64
-      - name: Build arm64
-        uses: docker/build-push-action@v3
-        with:
-          context: .
-          platforms: linux/arm64
-          tags: ghcr.io/${{ github.actor }}/aflplusplus:arm64
-          push: true
-          cache-to: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64,mode=max
-          cache-from: type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64
-
-  test-amd64:
-    name: Test amd64 image
-    runs-on: ubuntu-latest
-    needs: build-amd64
-    container:
-      image: ghcr.io/${{ github.actor }}/aflplusplus:amd64
-    steps:
+          tags: aflplusplus:amd64
+          load: true
+          cache-to: type=gha,mode=max
       - name: Test amd64
-        working-directory: /AFLplusplus
-        run: |
-          apt-get update
-          apt-get install -y libcmocka-dev
-          make -i tests
-
-  codeql-amd64:
-    name: CodeQL Analyze amd64 compiled code
-    runs-on: ubuntu-latest
-    needs:
-      - build-amd64
-    container:
-      image: ghcr.io/${{ github.actor }}/aflplusplus:amd64
-    steps:
-      - name: Fix for using external repo in container build # https://github.com/actions/checkout/issues/760
-        run: git config --global --add safe.directory /__w/AFLplusplus/AFLplusplus
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
-        with:
-          languages: cpp
-      - name: Build AFLplusplus # Rebuild because CodeQL needs to monitor the build process
-        env:
-          CC: gcc # These are symlinked to the version used in the container build
-          CXX: g++
-        run: make -i distrib # Best effort using -i
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        run: docker run --rm aflplusplus:amd64 bash -c "apt-get update && apt-get install -y libcmocka-dev && make -i tests"
 
   push:
-    name: Push amd64 and arm64 image
+    name: Build and push amd64 and arm64 image
     runs-on: ubuntu-latest
     needs:
-      - test-amd64
-      - build-arm64
+      - build-and-test-amd64
     if: ${{ github.event_name == 'push' && github.repository == 'AFLplusplus/AFLplusplus' }}
     steps:
       - name: Checkout
@@ -138,6 +65,4 @@ jobs:
           platforms: linux/amd64,linux/arm64
           push: true
           tags: ${{ steps.push-tags.outputs.PUSH_TAGS }}
-          cache-from: | # TODO: From COPY line on is not cached
-            type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:amd64
-            type=registry,ref=ghcr.io/${{ github.actor }}/aflplusplus/cache:arm64
+          cache-from: type=gha