-
Notifications
You must be signed in to change notification settings - Fork 18
161 lines (160 loc) · 4.72 KB
/
push.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#
# Copyright 2023, Colias Group, LLC
#
# SPDX-License-Identifier: BSD-2-Clause
#
name: "CI"
on:
push:
branches:
- main
pull_request:
workflow_dispatch:
jobs:
check-licenses:
name: Check licenses
runs-on: ubuntu-latest
steps:
- uses: seL4/ci-actions/license-check@master
check-source:
name: Check source
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Check source
run: make check-source
check-dependencies:
name: Check dependencies
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Check dependencies
run: make check-dependencies
run-sel4test:
name: Run sel4test
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
arch: [aarch64, aarch32, riscv64, riscv32, x86_64, ia32]
steps:
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Build and check
run: make run-sel4test-for SEL4TEST_ARCH=${{ matrix.arch }}
run-other-tests:
name: Run other tests
runs-on: ubuntu-latest
steps:
- name: Prepare to maximize build space
run: sudo mkdir /nix
- name: Maximize build space
uses: easimon/maximize-build-space@master
with:
build-mount-path: /nix
root-reserve-mb: 8192
remove-dotnet: 'true'
remove-android: 'true'
remove-haskell: 'true'
remove-codeql: 'true'
remove-docker-images: 'true'
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Run tests
run: make run-fast-tests
build-docs:
name: Build docs
runs-on: ubuntu-latest
steps:
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Build docs
run: make html-links
build-everything:
name: Build everything
runs-on: ubuntu-latest
needs: [check-licenses, check-source, run-sel4test, run-other-tests, build-docs]
steps:
- name: Prepare to maximize build space
run: sudo mkdir /nix
- name: Maximize build space
uses: easimon/maximize-build-space@master
with:
build-mount-path: /nix
root-reserve-mb: 8192
remove-dotnet: 'true'
remove-android: 'true'
remove-haskell: 'true'
remove-codeql: 'true'
remove-docker-images: 'true'
- uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- uses: cachix/cachix-action@v12
with:
name: coliasgroup
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
- uses: actions/checkout@v3
- name: Build everything
run: make everything
- name: Expose docs
run: make html
- name: Upload Pages artifact
if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
uses: actions/upload-pages-artifact@v2
with:
path: out/html
check-kani-proofs:
name: Check Kani proofs
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Check Kani proofs
run: make -C hacking/kani/docker check
deploy-docs:
name: Deploy docs
if: github.ref == format('refs/heads/{0}', github.event.repository.default_branch)
needs: [check-dependencies, build-everything, check-kani-proofs]
permissions:
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
runs-on: ubuntu-latest
steps:
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v2