From faec4ee39d0249a755a3fc4d7571042fb48076b1 Mon Sep 17 00:00:00 2001 From: pthierry Date: Wed, 31 Jul 2024 10:41:03 +0200 Subject: [PATCH 1/5] gh: removing private README badges --- README.md | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/README.md b/README.md index 01f6c612..a81adb6b 100644 --- a/README.md +++ b/README.md @@ -2,15 +2,7 @@ ## Current project state -![Build-n-test](https://git.orange.ledgerlabs.net/outpost/sentry-kernel/actions/workflows/build.yml/badge.svg) -![Quality](https://git.orange.ledgerlabs.net/outpost/sentry-kernel/actions/workflows/codequal.yml/badge.svg) - -[![Quality Gate Status](https://sonarqube.orange.ledgerlabs.net/api/project_badges/measure?branch=main&project=sentry-kernel&metric=alert_status&token=cb81b19de8549e9c2701899ecba06d9526bf5513)](https://sonarqube.orange.ledgerlabs.net/dashboard?id=sentry-kernel&branch=main) -[![Reliability Rating](https://sonarqube.orange.ledgerlabs.net/api/project_badges/measure?branch=main&project=sentry-kernel&metric=reliability_rating&token=cb81b19de8549e9c2701899ecba06d9526bf5513)](https://sonarqube.orange.ledgerlabs.net/dashboard?id=sentry-kernel&branch=main) -[![Security Rating](https://sonarqube.orange.ledgerlabs.net/api/project_badges/measure?branch=main&project=sentry-kernel&metric=security_rating&token=cb81b19de8549e9c2701899ecba06d9526bf5513)](https://sonarqube.orange.ledgerlabs.net/dashboard?id=sentry-kernel&branch=main) -[![Technical Debt](https://sonarqube.orange.ledgerlabs.net/api/project_badges/measure?branch=main&project=sentry-kernel&metric=sqale_index&token=cb81b19de8549e9c2701899ecba06d9526bf5513)](https://sonarqube.orange.ledgerlabs.net/dashboard?id=sentry-kernel&branch=main) -[![Vulnerabilities](https://sonarqube.orange.ledgerlabs.net/api/project_badges/measure?branch=main&project=sentry-kernel&metric=vulnerabilities&token=cb81b19de8549e9c2701899ecba06d9526bf5513)](https://sonarqube.orange.ledgerlabs.net/dashboard?id=sentry-kernel&branch=main) - +TBD ## About From 404fa50e5dbeac5b4f9f71f8eb8334242d09f7af Mon Sep 17 00:00:00 2001 From: pthierry Date: Wed, 31 Jul 2024 10:43:08 +0200 Subject: [PATCH 2/5] ci: fixing actions path --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 71ba2eea..858c2c1d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -91,7 +91,7 @@ jobs: targets: thumbv7m-none-eabi,thumbv7em-none-eabi,thumbv7em-none-eabihf components: clippy,rustfmt - name: Setup C toolchain - uses: embedded-devops/action-setup-compiler@main + uses: outpost-os/action-setup-compiler@v1 with: compiler: ${{ env.compiler }} triple: arm-none-eabi @@ -217,7 +217,7 @@ jobs: run: | defconfig configs/stm32f429i_disc1_debug_defconfig - name: Meson Doc - uses: embedded-devops/action-meson@main + uses: outpost-os/action-meson@v1 with: actions: '["prefetch", "setup"]' options: '-Dconfig=.config -Ddts=dts/examples/stm32f429i_disc1_debug.dts -Ddts-include-dirs=dts -Dwith_doc=true -Dwith_uapi=false -Dwith_idle=false' From 8efaca30f1dca81de1e977a7bc3bcc4021c0319b Mon Sep 17 00:00:00 2001 From: pthierry Date: Wed, 31 Jul 2024 10:57:42 +0200 Subject: [PATCH 3/5] ci: add git safe directory for dunamai --- .github/workflows/build.yml | 15 +++++++++++++++ .github/workflows/proof.yml | 6 ++++++ 2 files changed, 21 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 858c2c1d..e6e46361 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -100,6 +100,11 @@ jobs: with: fetch-depth: 0 fetch-tags: true + set-safe-directory: true + - name: set safe dir for dunami (to be removed) + run: | + git config --global --add safe.directory '*' + shell: bash - name: deploy local deps run: | pip install --upgrade pip @@ -159,6 +164,11 @@ jobs: with: fetch-depth: 0 fetch-tags: true + set-safe-directory: true + - name: set safe dir for dunami (to be removed) + run: | + git config --global --add safe.directory '*' + shell: bash - name: deploy local deps run: | pip install -r requirements.txt @@ -210,12 +220,17 @@ jobs: with: fetch-depth: 0 fetch-tags: true + set-safe-directory: true - name: deploy local deps run: | pip install -r requirements.txt - name: defconfig run: | defconfig configs/stm32f429i_disc1_debug_defconfig + - name: set safe dir for dunami (to be removed) + run: | + git config --global --add safe.directory '*' + shell: bash - name: Meson Doc uses: outpost-os/action-meson@v1 with: diff --git a/.github/workflows/proof.yml b/.github/workflows/proof.yml index 4ae41ef7..da690321 100644 --- a/.github/workflows/proof.yml +++ b/.github/workflows/proof.yml @@ -55,12 +55,18 @@ jobs: with: ref: ${{ github.ref }} fetch-depth: 0 + set-safe-directory: true + - name: Install local deps run: | pip3 install -r requirements.txt - name: defconfig run: | defconfig configs/nucleo_u5a5_autotest_defconfig + - name: set safe dir for dunami (to be removed) + run: | + git config --global --add safe.directory '*' + shell: bash - name: Meson Build uses: outpost-os/action-meson@main with: From 11aa87d95f59f442ebe100bbc08a2695839cdde0 Mon Sep 17 00:00:00 2001 From: pthierry Date: Wed, 31 Jul 2024 11:49:55 +0200 Subject: [PATCH 4/5] ci: proof: adding opam bin path to GITHUB_PATH --- .github/workflows/proof.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/proof.yml b/.github/workflows/proof.yml index da690321..4eabe407 100644 --- a/.github/workflows/proof.yml +++ b/.github/workflows/proof.yml @@ -27,6 +27,7 @@ jobs: opam init --compiler 4.14.1 --disable-sandboxing --yes --confirm-level=yes eval $(opam env) opam install --yes --confirm-level=yes frama-c + echo "$HOME/.opam/default/bin/frama-c" >> $GITHUB_PATH - name: Clone cross-files uses: actions/checkout@v4 with: From c70288d329232bcc9244d9941dc51d7d0d667e0d Mon Sep 17 00:00:00 2001 From: pthierry Date: Wed, 31 Jul 2024 12:17:53 +0200 Subject: [PATCH 5/5] ci: using ubuntu release frama-C package make proof workflow manual while not yet having clean image --- .github/workflows/proof.yml | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) diff --git a/.github/workflows/proof.yml b/.github/workflows/proof.yml index 4eabe407..23d46412 100644 --- a/.github/workflows/proof.yml +++ b/.github/workflows/proof.yml @@ -1,9 +1,7 @@ name: Sentry kernel proof on: - pull_request: - branches: - - main + workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -21,13 +19,7 @@ jobs: - name: install prerequisites pkg uses: outpost-os/action-install-pkg@v1 with: - packages: 'dtc|device-tree-compiler,curl,lld,opam,why3,graphviz,libgmp-dev,libgtksourceview-3.0-dev' - - name: install frama-C - run: | - opam init --compiler 4.14.1 --disable-sandboxing --yes --confirm-level=yes - eval $(opam env) - opam install --yes --confirm-level=yes frama-c - echo "$HOME/.opam/default/bin/frama-c" >> $GITHUB_PATH + packages: 'dtc|device-tree-compiler,curl,lld,opam,why3,graphviz,frama-c-base,z3' - name: Clone cross-files uses: actions/checkout@v4 with: @@ -77,7 +69,6 @@ jobs: - name: run framaC run: | why3 config detect - frama-c -wp-detect cd builddir && meson test --suite proof - name: Meson postcheck if: failure()