Skip to content

[patch-axel-ci-test] #41

[patch-axel-ci-test]

[patch-axel-ci-test] #41

Workflow file for this run

# Copyright 2021, Proofcraft Pty Ltd
#
# SPDX-License-Identifier: BSD-2-Clause
# camkes-vm-examples hardware builds and runs
#
# See camkes-vm-hw/builds.yml in the repo seL4/ci-actions for configs.
name: HW
on:
# needs PR target for secrets access; guard by requiring label
pull_request_target: # !! dummy
types: [opened, reopened, synchronize, labeled]
# downgrade permissions to read-only as you would have in a standard PR action
permissions:
contents: read
# To reduce the load (especiually on the machine queue) we cancel any older runs
# of this workflow for the current PR. Such runs exist, if there were new pushes
# to the PR's branch without waiting for the workflow to finish. As a side
# effect, pushing new commits now becomes a convenient way to cancel all the
# older runs, e.g. if they are stuck and would only be stopped by the timeout
# eventually.
# Note that we could do the concurrency handling at a finer level, and only wrap
# the actual run on the hardware. But there seems not much gain in letting the
# older builds run, as these are usually obsolete with new pushes also.
concurrency:
group: ${{ github.workflow }}-pr-${{ github.event.number }}
cancel-in-progress: true
env:
IS_LABEL_BUILD: ${{ (github.event.action == 'labeled' &&
github.event.label.name == 'hw-build') ||
(github.event.action != 'labeled' &&
contains(github.event.pull_request.labels.*.name, 'hw-build')) }}
IS_LABEL_RUN: ${{ (github.event.action == 'labeled' &&
github.event.label.name == 'hw-test') ||
(github.event.action != 'labeled' &&
contains(github.event.pull_request.labels.*.name, 'hw-test')) }}
jobs:
code:
name: Freeze Code
runs-on: ubuntu-latest
if: ${{ fromJSON(env.IS_LABEL_BUILD) || fromJSON(env.IS_LABEL_RUN) }}
outputs:
xml: ${{ steps.repo.outputs.xml }}
steps:
- id: repo
uses: seL4/ci-actions/repo-checkout@master
with:
manifest_repo: camkes-vm-examples-manifest
manifest: master.xml
sha: ${{ github.event.pull_request.head.sha }}
build:
name: Build
needs: [code]
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
march: [armv8a]
steps:
- uses: axel-h/ci-actions/camkes-vm@patch-axel-9
with:
xml: ${{ needs.code.outputs.xml }}
march: ${{ matrix.march }}
- name: Upload images
uses: actions/upload-artifact@v4
with:
name: images-${{ matrix.march }}
path: '*-images.tar.gz'
run:
name: Hardware
runs-on: ubuntu-latest
if: ${{ fromJSON(env.IS_LABEL_RUN) && github.repository_owner == 'seL4' }}
needs: [build]
strategy:
fail-fast: true
matrix:
march: [armv8a]
steps:
- name: Get machine queue
uses: actions/checkout@v4
with:
repository: seL4/machine_queue
path: machine_queue
- name: Download image
uses: actions/download-artifact@v4
with:
name: images-${{ matrix.march }}
- name: Run
uses: axel-h/ci-actions/camkes-vm-hw@patch-axel-9
with:
march: ${{ matrix.march }}
index: $${{ strategy.job-index }}
env:
HW_SSH: ${{ secrets.HW_SSH }}