[patch-axel-ci-test-2] CI testing #88
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright 2021, Proofcraft Pty Ltd | |
# | |
# SPDX-License-Identifier: BSD-2-Clause | |
# camkes-vm-examples hardware builds and runs | |
# | |
# See camkes-vm-hw/builds.yml in the repo seL4/ci-actions for configs. | |
name: HW | |
on: | |
# needs PR target for secrets access; guard by requiring label | |
pull_request_target: # !! dummy | |
types: [opened, reopened, synchronize, labeled] | |
# downgrade permissions to read-only as you would have in a standard PR action | |
permissions: | |
contents: read | |
# To reduce the load (especiually on the machine queue) we cancel any older runs | |
# of this workflow for the current PR. Such runs exist, if there were new pushes | |
# to the PR's branch without waiting for the workflow to finish. As a side | |
# effect, pushing new commits now becomes a convenient way to cancel all the | |
# older runs, e.g. if they are stuck and would only be stopped by the timeout | |
# eventually. | |
# Note that we could do the concurrency handling at a finer level, and only wrap | |
# the actual run on the hardware. But there seems not much gain in letting the | |
# older builds run, as these are usually obsolete with new pushes also. | |
concurrency: | |
group: ${{ github.workflow }}-pr-${{ github.event.number }} | |
cancel-in-progress: true | |
jobs: | |
code: | |
name: Freeze Code | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'push' || | |
github.event_name == 'pull_request_target' && | |
github.event.action != 'labeled' && | |
(contains(github.event.pull_request.labels.*.name, 'hw-build') || | |
contains(github.event.pull_request.labels.*.name, 'hw-test')) || | |
github.event_name == 'pull_request_target' && | |
github.event.action == 'labeled' && | |
(github.event.label.name == 'hw-build' || | |
github.event.label.name == 'hw-test') }} | |
outputs: | |
xml: ${{ steps.repo.outputs.xml }} | |
steps: | |
- id: repo | |
uses: seL4/ci-actions/repo-checkout@master | |
with: | |
manifest_repo: camkes-vm-examples-manifest | |
manifest: master.xml | |
sha: ${{ github.event.pull_request.head.sha }} | |
build: | |
name: Build | |
needs: code | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: true | |
matrix: | |
march: [nehalem, armv7a, armv8a] | |
steps: | |
- uses: axel-h/ci-actions/camkes-vm@patch-axel-7 | |
with: | |
xml: ${{ needs.code.outputs.xml }} | |
march: ${{ matrix.march }} | |
- name: Upload images | |
uses: actions/upload-artifact@v4 | |
with: | |
name: images-${{ matrix.march }} | |
path: '*-images.tar.gz' | |
run: | |
name: Hardware | |
runs-on: ubuntu-latest | |
needs: [build] | |
if: ${{ github.repository_owner == 'seL4' && | |
(github.event_name == 'push' || | |
github.event_name == 'pull_request_target' && | |
github.event.action != 'labeled' && | |
contains(github.event.pull_request.labels.*.name, 'hw-test') || | |
github.event_name == 'pull_request_target' && | |
github.event.action == 'labeled' && | |
github.event.label.name == 'hw-test') }} | |
strategy: | |
fail-fast: true | |
matrix: | |
march: [nehalem, armv7a, armv8a] | |
steps: | |
- name: Get machine queue | |
uses: actions/checkout@v4 | |
with: | |
repository: seL4/machine_queue | |
path: machine_queue | |
- name: Download image | |
uses: actions/download-artifact@v4 | |
with: | |
name: images-${{ matrix.march }} | |
- name: Run | |
uses: axel-h/ci-actions/camkes-vm-hw@patch-axel-7 | |
with: | |
march: ${{ matrix.march }} | |
index: $${{ strategy.job-index }} | |
env: | |
HW_SSH: ${{ secrets.HW_SSH }} |