1 files changed, 62 insertions, 0 deletions

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000..0765ada
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,62 @@
+name: Build, test, security
+on:
+  push:
+    branches-ignore:
+      - main
+jobs:
+  Clone-repo:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: recursive
+      - uses: actions/upload-artifact@v3
+        with:
+          name: source-code
+          path: .
+
+  SAST-Unit-tests:
+    runs-on: ubuntu-latest
+    needs: Clone-repo
+    steps:
+      - uses: actions/download-artifact@v3
+        with:
+          name: source-code
+          path: .
+      - run: make tests
+
+  SAST-clang:
+    runs-on: ubuntu-latest
+    needs: Clone-repo
+    steps:
+      - uses: actions/download-artifact@v3
+        with:
+          name: source-code
+          path: .
+      - run: make static-analysis
+
+  SAST-flawfinder:
+    runs-on: ubuntu-latest
+    needs: Clone-repo
+    steps:
+      - uses: actions/download-artifact@v3
+        with:
+          name: source-code
+          path: .
+      - run: sudo apt-get install -y flawfinder
+      - run: make security-analysis
+
+  Build:
+    runs-on: ubuntu-latest
+    needs: [ SAST-Unit-tests, SAST-clang, SAST-flawfinder ]
+    steps:
+      - uses: actions/download-artifact@v3
+        with:
+          name: source-code
+          path: .
+      - name: Build server and browser
+        run: make dev
+      - uses: actions/upload-artifact@v3
+        with:
+          name: dev-build-files
+          path: ./build