name: build
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    container:
      image: fedora:rawhide
      options: --security-opt seccomp=unconfined
    steps:
      - uses: actions/checkout@v2
      - run: dnf install --nogpgcheck -y git-core checkpolicy policycoreutils-devel make m4 findutils
      - run: git clone --depth=1 https://github.com/containers/container-selinux.git /tmp/container-selinux
      - run: cp /tmp/container-selinux/container.* policy/modules/contrib
      - run: make -j $(nproc) policy
      - run: make -j $(nproc) validate
      - run: make -j $(nproc) container.pp
  build-rpm:
    runs-on: ubuntu-latest
    container:
      image: fedora:rawhide
      options: --security-opt seccomp=unconfined
    steps:
      - run: dnf install --nogpgcheck -y make git-core rpm-build 'dnf-command(builddep)'
      - uses: actions/checkout@v2
      - run: make -C .copr srpm outdir="$PWD"
      - name: Store the SRPM as an artifact
        uses: actions/upload-artifact@v2
        with:
          name: srpm
          path: "*.src.rpm"
      - run: |
          if grep -q rawhide /etc/os-release; then
            tag=rawhide
          else
            tag='f$releasever-build'
          fi
          dnf builddep --nogpgcheck --repofrompath "koji,https://kojipkgs.fedoraproject.org/repos/$tag/latest/\$arch/" -y --srpm *.src.rpm
      - run: rpmbuild --define "_topdir $PWD/rpmbuild" -rb *.src.rpm
      - name: Store binary RPMs as artifacts
        uses: actions/upload-artifact@v2
        with:
          name: rpms
          path: rpmbuild/RPMS