forked from seL4/camkes-vm-examples
-
Notifications
You must be signed in to change notification settings - Fork 0
107 lines (99 loc) · 3.56 KB
/
test-hw.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Copyright 2021, Proofcraft Pty Ltd
#
# SPDX-License-Identifier: BSD-2-Clause
# camkes-vm-examples hardware builds and runs
#
# See camkes-vm-hw/builds.yml in the repo seL4/ci-actions for configs.
name: HW
on:
# needs PR target for secrets access; guard by requiring label
pull_request_target: # !! dummy
types: [opened, reopened, synchronize, labeled]
# downgrade permissions to read-only as you would have in a standard PR action
permissions:
contents: read
# To reduce the load (especiually on the machine queue) we cancel any older runs
# of this workflow for the current PR. Such runs exist, if there were new pushes
# to the PR's branch without waiting for the workflow to finish. As a side
# effect, pushing new commits now becomes a convenient way to cancel all the
# older runs, e.g. if they are stuck and would only be stopped by the timeout
# eventually.
# Note that we could do the concurrency handling at a finer level, and only wrap
# the actual run on the hardware. But there seems not much gain in letting the
# older builds run, as these are usually obsolete with new pushes also.
concurrency:
group: ${{ github.workflow }}-pr-${{ github.event.number }}
cancel-in-progress: true
jobs:
code:
name: Freeze Code
runs-on: ubuntu-latest
if: ${{ github.event_name == 'push' ||
github.event_name == 'pull_request_target' &&
github.event.action != 'labeled' &&
(contains(github.event.pull_request.labels.*.name, 'hw-build') ||
contains(github.event.pull_request.labels.*.name, 'hw-test')) ||
github.event_name == 'pull_request_target' &&
github.event.action == 'labeled' &&
(github.event.label.name == 'hw-build' ||
github.event.label.name == 'hw-test') }}
outputs:
xml: ${{ steps.repo.outputs.xml }}
steps:
- id: repo
uses: seL4/ci-actions/repo-checkout@master
with:
manifest_repo: camkes-vm-examples-manifest
manifest: master.xml
sha: ${{ github.event.pull_request.head.sha }}
build:
name: Build
needs: code
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
march: [armv8a]
steps:
- uses: axel-h/ci-actions/camkes-vm@patch-axel-11a
with:
xml: ${{ needs.code.outputs.xml }}
march: ${{ matrix.march }}
- name: Upload images
uses: actions/upload-artifact@v4
with:
name: images-${{ matrix.march }}
path: '*-images.tar.gz'
run:
name: Hardware
runs-on: ubuntu-latest
needs: [build]
if: ${{ github.repository_owner == 'seL4' &&
(github.event_name == 'push' ||
github.event_name == 'pull_request_target' &&
github.event.action != 'labeled' &&
contains(github.event.pull_request.labels.*.name, 'hw-test') ||
github.event_name == 'pull_request_target' &&
github.event.action == 'labeled' &&
github.event.label.name == 'hw-test') }}
strategy:
fail-fast: true
matrix:
march: [armv8a]
steps:
- name: Get machine queue
uses: actions/checkout@v4
with:
repository: seL4/machine_queue
path: machine_queue
- name: Download image
uses: actions/download-artifact@v4
with:
name: images-${{ matrix.march }}
- name: Run
uses: axel-h/ci-actions/camkes-vm-hw@patch-axel-11a
with:
march: ${{ matrix.march }}
index: $${{ strategy.job-index }}
env:
HW_SSH: ${{ secrets.HW_SSH }}