name: build
on: [push, pull_request]
jobs:
  build:
    runs-on: ubuntu-latest
    container:
      image: quay.io/fedora/fedora:rawhide
      options: --security-opt seccomp=unconfined
    steps:
      - uses: actions/checkout@v3
      - run: dnf install --nogpgcheck -y git-core checkpolicy policycoreutils-devel make m4 findutils
      - run: git clone --depth=1 https://github.com/containers/container-selinux.git /tmp/container-selinux
      - run: cp /tmp/container-selinux/container.* policy/modules/contrib
      - run: make -j $(nproc) policy
      - run: make -j $(nproc) validate
      - run: make -j $(nproc) container.pp