Merge pull request #4267 from GabrielPavaloiu/grant-remove-upcalls #31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Licensed under the Apache License, Version 2.0 or the MIT License. | |
# SPDX-License-Identifier: Apache-2.0 OR MIT | |
# Copyright Tock Contributors 2024. | |
# This workflow contains all Treadmill-based hardware CI jobs. | |
# | |
# Treadmill is a distributed hardware testbed developed within the Tock OS | |
# project. For more information on Treadmill, have a look at its documentation | |
# [1] or repository [2]. | |
# | |
# This workflow is based on the Treadmill GitHub Actions integration guide [3]. | |
# In addition, it features the ability to run multiple Treadmill jobs and | |
# test-execute stages through GitHub Action's job matrices, and uses a GitHub | |
# environment to allow deployments with access to secrets for select PRs. | |
# | |
# [1]: https://book.treadmill.ci/ | |
# [2]: https://github.com/treadmill-tb/treadmill | |
# [3]: https://book.treadmill.ci/user-guide/github-actions-integration.html | |
name: treadmill-ci | |
env: | |
TERM: xterm # Makes tput work in actions output | |
# Controls when the action will run. Triggers the workflow on pull request and | |
# merge group checks: | |
# | |
# KEEP IN SYNC WITH `environment:` ATTRIBUTE BELOW: | |
on: | |
push: | |
branches: | |
- master | |
# Add any additional branches you want to include | |
# - dev/test_ci_branch | |
# Pull requests from forks will not have access to the required GitHub API | |
# secrets below, even if they are using an appropriate deployment environment | |
# and the workflow runs have been approved according to this environment's | |
# rules. We don't know whether this is a bug on GitHub's end or deliberate. | |
# Either way, for now we disable this workflow to run on PRs until we have | |
# an API proxy that securely performs these GitHub API calls (adding runners | |
# and starting Treadmill jobs with those runner registration tokens), which | |
# allows this workflow to run without access to repository secrets. | |
#pull_request: | |
merge_group: # Run CI for the GitHub merge queue | |
permissions: | |
contents: read | |
jobs: | |
determine-tests: | |
runs-on: ubuntu-latest | |
outputs: | |
hwci-tests-json: ${{ steps.determine-tests.outputs.hwci-tests-json }} | |
steps: | |
- name: Checkout the tock/tock repository | |
uses: actions/checkout@v4 | |
with: | |
# Checkout the repository at the commit that triggered the workflow | |
repository: tock/tock | |
ref: ${{ github.sha }} | |
path: tock-tock | |
- name: Checkout the tock-hardware-ci repository | |
uses: actions/checkout@v4 | |
with: | |
repository: tock/tock-hardware-ci | |
# Change this in accordance with the two other `tock-hardware-ci` refs | |
# referenced below in the reusable workflow's parameters: | |
ref: 'main' | |
path: tock-hardware-ci | |
- name: Analyze changes to determine relevant tests | |
id: determine-tests | |
run: | | |
# Ensure Python dependencies are installed | |
python3 -m pip install --user --upgrade pip | |
# Run the select_tests.py script | |
python3 tock-hardware-ci/hwci/select_tests.py \ | |
--repo-path tock-tock \ | |
--hwci-path tock-hardware-ci/hwci \ | |
--output selected_tests.json | |
echo "Selected HWCI tests:" | |
cat selected_tests.json | |
# Output the tests JSON | |
hwci_tests_json=$(cat selected_tests.json | jq -c '.') | |
echo "hwci-tests-json=${hwci_tests_json}" >> "$GITHUB_OUTPUT" | |
treadmill-ci: | |
needs: [determine-tests] | |
# This checks whether there is at least one test to run, see | |
# https://github.com/orgs/community/discussions/27125#discussioncomment-3254720 | |
if: fromJSON(needs.determine-tests.outputs.hwci-tests-json)[0] != null | |
# The main tock-hardware-ci workflow is imported from another repository. It | |
# can be reused across multiple Tock repositories such as the kernel, | |
# libtock-c, and libtock-rs. | |
uses: tock/tock-hardware-ci/.github/workflows/treadmill-ci.yml@main | |
with: | |
# Only run on a specific repository, as others will not have the right | |
# environments set up and secrets configured. Forks may want to change | |
# this parameter. | |
repository-filter: 'tock/tock' | |
# Provide access to the required Treadmill secrets by running in the | |
# appropriate environment (depending on the on: triggers above) | |
job-environment: ${{ github.event_name == 'pull_request' && 'treadmill-ci' || 'treadmill-ci-merged' }} | |
# Use the latest upstream Tock hardware CI tests and userspace components: | |
libtock-c-ref: 'master' | |
# Reference for tock-hardware-ci repo, change if you want a specific test | |
# suite. In this case, you should also update the branch reference in the | |
# "uses" line above. | |
tock-hardware-ci-ref: 'main' | |
# Test the tock kernel revision that triggered this workflow | |
tock-kernel-ref: ${{ github.sha }} | |
# Pass the selected tests | |
tests-json: ${{ needs.determine-tests.outputs.hwci-tests-json }} | |
secrets: inherit |