Best practices for company global compile flags

We have been using cmake for years, and I’m trying to modernize our cmake. One issue that has come up is what about company global flags. We have a company policy that all internally written code is compiled with -Wall -Werror (and a bunch of other warnings). Obviously those flags do not apply to third party code so they cannot be put in the toolchain file (we have no native builds, though there is a docker emulation environment we cross compile to is very similar to native).

Currently what we have is a company global .cmake file that we include in our top level CMakeLists.txt which changes CMAKE_CXX_FLAGS to add those flags. This file checks which build is active and sets the correct flags and also loads project specific flags (for warnings we are trying to get into the company policy but can’t because some other repository isn’t updated yet) This is against Effective Modern CMake and so I’ve been trying to come up with a better way.

I finally came up with this answer: create more toolchain files. They still manipulate CMAKE_CXX_FLAGS, but that is what toolchain files are for. When you build you use a toolchain file in your repository (We have script that activates the toolchain and then calls cmake so this change won’t affect any user habits), which in turn includes the company toolchain.cmake for that compiler which includes the company global tool chain which finally includes the cross compile toolchain that already exists.

The above is somewhat convoluted though. Which brings up two questions: First, is it actually any better than what we had before. Second, if it is better, how do I convince others in my company? (the more conservative developers see modern cmake as a different style until proven otherwise which is hard to do without implementing it)

I realize I’m asking for a subjective opinion and not everybody will agree. Your reason for your disagreements will be interesting.

From your description the flags are specific to the company and not the toolchain. If they are not tool specific I think it would make more sense to define them in a configuration, like Debug. Project specific flags can be appended to that list.