Initial commit
This commit is contained in:
@@ -0,0 +1,23 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
name: Cancel redundant workflows
|
||||
|
||||
on:
|
||||
workflow_run:
|
||||
workflows:
|
||||
- "Builds"
|
||||
- "Compliance"
|
||||
- "Yocto Compatible"
|
||||
types:
|
||||
- requested
|
||||
|
||||
jobs:
|
||||
cancel-redundant-workflows:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: styfle/cancel-workflow-action@0.10.0
|
||||
with:
|
||||
all_but_latest: true
|
||||
workflow_id: ${{ github.event.workflow.id }}
|
||||
@@ -0,0 +1,47 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
name: Compliance
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
dco:
|
||||
name: DCO
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Build a temporary DCO image
|
||||
uses: ./.github/actions/docker-build
|
||||
with:
|
||||
docker_image: dco-check
|
||||
id: ${{ github.event.number }}
|
||||
- name: Do DCO check
|
||||
run: |
|
||||
docker run --rm -v "$GITHUB_WORKSPACE:/work:ro" \
|
||||
--env "BASE_REF=$GITHUB_BASE_REF" \
|
||||
"dco-check-${{ github.event.number }}"
|
||||
- name: Cleanup temporary docker image
|
||||
uses: ./.github/actions/docker-clean-image
|
||||
with:
|
||||
docker_image: dco-check-${{ github.event.number }}
|
||||
if: always()
|
||||
- name: Cleanup dangling docker images
|
||||
uses: ./.github/actions/docker-clean-dangling
|
||||
if: always()
|
||||
reuse:
|
||||
name: reuse
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Do reuse check
|
||||
continue-on-error: true
|
||||
uses: fsfe/reuse-action@v1
|
||||
@@ -0,0 +1,21 @@
|
||||
<!--
|
||||
SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
|
||||
# Docker images for CI
|
||||
|
||||
Each directory contains the files for a docker image.
|
||||
|
||||
## Building an image
|
||||
|
||||
When building a docker image, the build context is expected to be where this
|
||||
`README.md` file resides. This means that building the images will require
|
||||
passing the appropriate `-f` argument.
|
||||
|
||||
Here is an example for building the `dco-check` image:
|
||||
|
||||
```
|
||||
docker build . -f dco-check/Dockerfile -t dco-check
|
||||
```
|
||||
@@ -0,0 +1,13 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
FROM christophebedard/dco-check:latest
|
||||
|
||||
# Run under normal user called 'ci'
|
||||
RUN useradd --create-home --uid 1000 --shell /usr/bin/bash ci
|
||||
USER ci
|
||||
|
||||
COPY ./dco-check/entrypoint.sh /
|
||||
COPY ./utils.sh /
|
||||
ENTRYPOINT ["/entrypoint.sh"]
|
||||
@@ -0,0 +1,16 @@
|
||||
<!--
|
||||
SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
|
||||
# Docker image for DCO checks
|
||||
|
||||
This image provides the environment and the logic of running a DCO check
|
||||
against a repository.
|
||||
|
||||
## Configuration
|
||||
|
||||
The `entrypoint.sh` script assumes at runtime that the repository to be checked
|
||||
is available under `/work`. This path is to be populated via bind mounts when
|
||||
running the container.
|
||||
+29
@@ -0,0 +1,29 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
set -e
|
||||
|
||||
# shellcheck disable=SC1091
|
||||
. /utils.sh
|
||||
|
||||
GIT_REPO_PATH="/work"
|
||||
|
||||
[ -n "$BASE_REF" ] ||
|
||||
error "DCO checks needs to know the target branch. Make sure that is set in BASE_REF."
|
||||
[ -d "$GIT_REPO_PATH/.git" ] ||
|
||||
error "Can't find a git checkout under $GIT_REPO_PATH ."
|
||||
cd "$GIT_REPO_PATH"
|
||||
|
||||
# The GitHub runner user and the container user might differ making git error
|
||||
# out with:
|
||||
# error: fatal: detected dubious ownership in repository at '/work'
|
||||
# Avoid this as the security risk is minimum here while guarding the git hooks
|
||||
# via PRs.
|
||||
git config --global --add safe.directory /work
|
||||
|
||||
dco-check \
|
||||
--verbose \
|
||||
--default-branch "origin/$BASE_REF"
|
||||
@@ -0,0 +1,28 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
_log() {
|
||||
_level="$1"
|
||||
_msg="$2"
|
||||
echo "[$_level] $_msg"
|
||||
}
|
||||
|
||||
error() {
|
||||
_msg="$1"
|
||||
_log "ERR" "$1"
|
||||
exit 1
|
||||
}
|
||||
|
||||
warn() {
|
||||
_msg="$1"
|
||||
_log "WRN" "$1"
|
||||
exit 1
|
||||
}
|
||||
|
||||
log() {
|
||||
_msg="$1"
|
||||
_log "LOG" "$1"
|
||||
}
|
||||
@@ -0,0 +1,39 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
FROM ubuntu:20.04
|
||||
|
||||
ARG DEBIAN_FRONTEND="noninteractive"
|
||||
RUN apt-get update -qq
|
||||
RUN apt-get install -y eatmydata
|
||||
|
||||
# Yocto/OE build host dependencies
|
||||
# Keep this in sync with
|
||||
# https://git.yoctoproject.org/poky/tree/documentation/poky.yaml
|
||||
RUN eatmydata apt-get install -qq -y \
|
||||
gawk wget git diffstat unzip texinfo gcc build-essential chrpath \
|
||||
socat cpio python3 python3-pip python3-pexpect xz-utils debianutils \
|
||||
iputils-ping python3-git python3-jinja2 libegl1-mesa libsdl1.2-dev \
|
||||
pylint3 xterm python3-subunit mesa-common-dev zstd liblz4-tool
|
||||
|
||||
# en_US.UTF-8 is required by the build system
|
||||
RUN eatmydata apt-get install -qq -y locales \
|
||||
&& echo "en_US.UTF-8 UTF-8" > /etc/locale.gen \
|
||||
&& locale-gen
|
||||
ENV LANG en_US.utf8
|
||||
|
||||
RUN eatmydata apt-get clean && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Have bash as shell
|
||||
RUN echo "dash dash/sh boolean false" | debconf-set-selections \
|
||||
&& dpkg-reconfigure dash
|
||||
|
||||
# Run under normal user called 'ci'
|
||||
RUN useradd --create-home --uid 1000 --shell /usr/bin/bash ci
|
||||
USER ci
|
||||
WORKDIR /home/ci
|
||||
|
||||
COPY ./yocto-builder/entrypoint-yocto-check-layer.sh /
|
||||
COPY ./yocto-builder/entrypoint-build.sh /
|
||||
COPY ./utils.sh /
|
||||
@@ -0,0 +1,16 @@
|
||||
<!--
|
||||
SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
|
||||
SPDX-License-Identifier: MIT
|
||||
-->
|
||||
|
||||
# Docker image for builds
|
||||
|
||||
This defines the docker image for running Yocto/OE based operations/builds. It
|
||||
privides multiple scripts for driving different operations.
|
||||
|
||||
## Configuration
|
||||
|
||||
The `entrypoint` scripts assumes at runtime that the repository to drive the
|
||||
operation against is available under `/work`. This path is to be populated via
|
||||
bind mounts when running the container.
|
||||
Vendored
Executable
+62
@@ -0,0 +1,62 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
set -ex
|
||||
|
||||
# shellcheck disable=SC1091
|
||||
. /utils.sh
|
||||
|
||||
META_RASPBERRYPI_PATH="/work"
|
||||
|
||||
[ -n "$BASE_REF" ] ||
|
||||
error "Target branch is needed. Make sure that is set in BASE_REF."
|
||||
[ -d "$META_RASPBERRYPI_PATH/.git" ] ||
|
||||
error "Can't find a git checkout under $META_RASPBERRYPI_PATH ."
|
||||
[ -n "$MACHINE" ] ||
|
||||
error "Machine to be used for build not provided."
|
||||
[ -n "$IMAGE" ] ||
|
||||
error "Image to build not provided."
|
||||
|
||||
TEMP_DIR="$(mktemp -d)"
|
||||
cd "$TEMP_DIR"
|
||||
|
||||
REPOS=" \
|
||||
git://git.yoctoproject.org/poky.git \
|
||||
"
|
||||
for repo in $REPOS; do
|
||||
log "Cloning $repo on branch $BASE_REF..."
|
||||
git clone --depth 1 --branch "$BASE_REF" "$repo"
|
||||
done
|
||||
|
||||
# shellcheck disable=SC1091,SC2240
|
||||
. ./poky/oe-init-build-env build
|
||||
|
||||
# Build configuration
|
||||
printf "\n# ------ ci ------\n" >> conf/local.conf
|
||||
[ -z "$SSTATE_DIR" ] || echo SSTATE_DIR = \""$SSTATE_DIR"\" >> conf/local.conf
|
||||
[ -z "$DL_DIR" ] || echo DL_DIR = \""$DL_DIR"\" >> conf/local.conf
|
||||
[ -z "$DISTRO" ] || echo DISTRO = \""$DISTRO"\" >> conf/local.conf
|
||||
cat <<EOCONF >>conf/local.conf
|
||||
BB_NUMBER_THREADS = "6"
|
||||
PARALLEL_MAKE = "-j 6"
|
||||
DISTRO_FEATURES:append = " systemd"
|
||||
VIRTUAL-RUNTIME_init_manager = "systemd"
|
||||
DISTRO_FEATURES_BACKFILL_CONSIDERED:append = " sysvinit"
|
||||
VIRTUAL-RUNTIME_initscripts = "systemd-compat-units"
|
||||
LICENSE_FLAGS_ACCEPTED = "synaptics-killswitch"
|
||||
EOCONF
|
||||
|
||||
# Add the BSP layer
|
||||
bitbake-layers add-layer "$META_RASPBERRYPI_PATH"
|
||||
|
||||
# Log configs for debugging purposes
|
||||
for f in 'conf/local.conf' 'conf/bblayers.conf'; do
|
||||
printf "\n------ %s ------\n" "$f"
|
||||
cat "$f"
|
||||
done
|
||||
|
||||
# Fire!
|
||||
MACHINE="$MACHINE" bitbake "$IMAGE"
|
||||
Vendored
Executable
+33
@@ -0,0 +1,33 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
set -ex
|
||||
|
||||
# shellcheck disable=SC1091
|
||||
. /utils.sh
|
||||
|
||||
GIT_REPO_PATH="/work"
|
||||
|
||||
[ -n "$BASE_REF" ] ||
|
||||
error "Target branch is needed. Make sure that is set in BASE_REF."
|
||||
[ -d "$GIT_REPO_PATH/.git" ] ||
|
||||
error "Can't find a git checkout under $GIT_REPO_PATH ."
|
||||
|
||||
TEMP_DIR="$(mktemp -d)"
|
||||
cd "$TEMP_DIR"
|
||||
|
||||
REPOS=" \
|
||||
git://git.yoctoproject.org/poky.git \
|
||||
"
|
||||
for repo in $REPOS; do
|
||||
log "Cloning $repo on branch $BASE_REF..."
|
||||
git clone --depth 1 --branch "$BASE_REF" "$repo"
|
||||
done
|
||||
|
||||
# shellcheck disable=SC1091,SC2240
|
||||
. ./poky/oe-init-build-env build
|
||||
yocto-check-layer --with-software-layer-signature-check --debug \
|
||||
"$GIT_REPO_PATH"
|
||||
+22
@@ -0,0 +1,22 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
name: Mirrors
|
||||
|
||||
on: [ push, delete, create ]
|
||||
|
||||
concurrency:
|
||||
group: git-mirror-me
|
||||
|
||||
jobs:
|
||||
yocto-mirror:
|
||||
name: Yocto Git Mirror
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: agherzan/git-mirror-me-action@11f54c7186724daafbe5303b5075954f1a19a63e
|
||||
env:
|
||||
GMM_SSH_PRIVATE_KEY: ${{ secrets.YOCTO_META_RASPBERRYPI_SSH_PRIVATE_KEY }}
|
||||
GMM_SSH_KNOWN_HOSTS: ${{ secrets.YOCTO_META_RASPBERRYPI_SSH_KNOWN_HOSTS }}
|
||||
GMM_DST_REPO: "ssh://git@push.yoctoproject.org/meta-raspberrypi"
|
||||
GMM_DEBUG: "1"
|
||||
@@ -0,0 +1,88 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
---
|
||||
|
||||
name: Builds
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
strategy:
|
||||
fail-fast: true
|
||||
matrix:
|
||||
machine:
|
||||
- raspberrypi
|
||||
- raspberrypi0-2w-64
|
||||
- raspberrypi0-2w
|
||||
- raspberrypi0
|
||||
- raspberrypi0-wifi
|
||||
- raspberrypi2
|
||||
- raspberrypi3-64
|
||||
- raspberrypi3
|
||||
- raspberrypi4-64
|
||||
- raspberrypi4
|
||||
- raspberrypi-cm3
|
||||
- raspberrypi-cm
|
||||
- raspberrypi-armv7
|
||||
- raspberrypi-armv8
|
||||
image: [rpi-test-image]
|
||||
distro: [poky]
|
||||
runs-on: [self-hosted, Linux]
|
||||
name: ${{ matrix.machine }}/${{ matrix.image }}/poky/systemd
|
||||
env:
|
||||
DL_DIR: /var/lib/ci/yocto/downloads
|
||||
SSTATE_DIR: /var/lib/ci/yocto/sstate
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Define Yocto build files
|
||||
id: changed-files-specific
|
||||
uses: tj-actions/changed-files@v24
|
||||
with:
|
||||
files: |
|
||||
.github/actions/**
|
||||
.github/workflows/docker-images/yocto-builder/**
|
||||
.github/workflows/docker-images/*.sh
|
||||
.github/workflows/yocto-builds.yml
|
||||
classes/**
|
||||
conf/**
|
||||
dynamic-layers/**
|
||||
files/**
|
||||
lib/**
|
||||
recipes-**
|
||||
wic/**
|
||||
- name: Build a temporary yocto-builder image
|
||||
uses: ./.github/actions/docker-build
|
||||
with:
|
||||
docker_image: yocto-builder
|
||||
id: ${{ github.event.number }}
|
||||
if: steps.changed-files-specific.outputs.any_changed == 'true'
|
||||
- name: Build the image
|
||||
run: |
|
||||
docker run --rm \
|
||||
-v "$GITHUB_WORKSPACE:/work:ro" \
|
||||
-v "$DL_DIR:$DL_DIR:rw" \
|
||||
-v "$SSTATE_DIR:$SSTATE_DIR:rw" \
|
||||
--env "BASE_REF=$GITHUB_BASE_REF" \
|
||||
--env "MACHINE=${{ matrix.machine }}" \
|
||||
--env "DISTRO=${{ matrix.distro }}" \
|
||||
--env "IMAGE=${{ matrix.image }}" \
|
||||
--env "DL_DIR=$DL_DIR" \
|
||||
--env "SSTATE_DIR=$SSTATE_DIR" \
|
||||
"yocto-builder-${{ github.event.number }}" \
|
||||
/entrypoint-build.sh
|
||||
if: steps.changed-files-specific.outputs.any_changed == 'true'
|
||||
- name: Cleanup temporary docker image
|
||||
uses: ./.github/actions/docker-clean-image
|
||||
with:
|
||||
docker_image: yocto-builder-${{ github.event.number }}
|
||||
if: always()
|
||||
- name: Cleanup dangling docker images
|
||||
uses: ./.github/actions/docker-clean-dangling
|
||||
if: always()
|
||||
@@ -0,0 +1,57 @@
|
||||
# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com>
|
||||
#
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
---
|
||||
|
||||
name: Yocto Compatible
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
yocto-check-layer:
|
||||
name: Validate with yocto-check-layer
|
||||
runs-on: [self-hosted, Linux]
|
||||
steps:
|
||||
- name: Checkout the code
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Define Yocto build files
|
||||
id: changed-files-specific
|
||||
uses: tj-actions/changed-files@v24
|
||||
with:
|
||||
files: |
|
||||
.github/actions/**
|
||||
.github/workflows/docker-images/yocto-builder/**
|
||||
.github/workflows/docker-images/*.sh
|
||||
.github/workflows/yocto-builds.yml
|
||||
classes/**
|
||||
conf/**
|
||||
dynamic-layers/**
|
||||
files/**
|
||||
lib/**
|
||||
recipes-**
|
||||
wic/**
|
||||
- name: Build a temporary yocto-builder image
|
||||
uses: ./.github/actions/docker-build
|
||||
with:
|
||||
docker_image: yocto-builder
|
||||
id: ${{ github.event.number }}
|
||||
if: steps.changed-files-specific.outputs.any_changed == 'true'
|
||||
- name: Run yocto-check-layer
|
||||
run: |
|
||||
docker run --rm -v "$GITHUB_WORKSPACE:/work:ro" \
|
||||
--env "BASE_REF=$GITHUB_BASE_REF" \
|
||||
"yocto-builder-${{ github.event.number }}" \
|
||||
/entrypoint-yocto-check-layer.sh
|
||||
if: steps.changed-files-specific.outputs.any_changed == 'true'
|
||||
- name: Cleanup temporary docker image
|
||||
uses: ./.github/actions/docker-clean-image
|
||||
with:
|
||||
docker_image: yocto-builder-${{ github.event.number }}
|
||||
if: always()
|
||||
- name: Cleanup dangling docker images
|
||||
uses: ./.github/actions/docker-clean-dangling
|
||||
if: always()
|
||||
Reference in New Issue
Block a user