From ade564f0d254ebf74e93e0bcccb01ce046379e42 Mon Sep 17 00:00:00 2001 From: Anna Bridge Date: Thu, 21 Apr 2022 16:49:19 +0100 Subject: [PATCH] GitHub actions: Update checkout version and use safe.directory --- .github/workflows/basic_checks.yml | 40 ++++++++++--------- .../workflows/docker_management.publish.yml | 40 +++++++++---------- .github/workflows/docker_management.test.yml | 16 ++++---- 3 files changed, 50 insertions(+), 46 deletions(-) diff --git a/.github/workflows/basic_checks.yml b/.github/workflows/basic_checks.yml index 3da472d6fd..7295c424e6 100644 --- a/.github/workflows/basic_checks.yml +++ b/.github/workflows/basic_checks.yml @@ -18,16 +18,17 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 - - - name: license check + - + name: license check run: | set -x mkdir -p SCANCODE - + git config --global --add safe.directory "$GITHUB_WORKSPACE" + git diff --name-only --diff-filter=d origin/${GITHUB_BASE_REF} \ | ( grep '.\(c\|cpp\|h\|hpp\|py\)$' || true ) echo $? @@ -56,11 +57,12 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - - + - name: "include check" run: | + git config --global --add safe.directory "$GITHUB_WORKSPACE" ! git grep '^#include\s["'"']mbed.h['"'"]$' -- '*.c' '*.h' '*.cpp' '*.hpp' \ ':!*platform_mbed.h' ':!*TESTS/*' ':!TEST_APPS/' ':!UNITTESTS/' \ ':!*tests/*' ':!*targets/*' ':!*TARGET_*' ':!*unsupported/*' @@ -72,9 +74,9 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - - + - name: spell checks run: | ./tools/test/ci/doxy-spellchecker/spell.sh drivers @@ -83,7 +85,7 @@ jobs: ./tools/test/ci/doxy-spellchecker/spell.sh rtos ./tools/test/ci/doxy-spellchecker/spell.sh connectivity/netsocket - - + - name: doxygen run: | mkdir BUILD @@ -104,7 +106,7 @@ jobs: # that do end with .s find -name "*.s" | tee BUILD/badasm | sed -e "s/^/Bad Assembler file name found: /" && [ ! -s BUILD/badasm ] - + style-check: runs-on: ubuntu-latest @@ -113,22 +115,24 @@ jobs: steps: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 - - + - name: astyle checks run: | + git config --global --add safe.directory "$GITHUB_WORKSPACE" git diff --name-only --diff-filter=d origin/${GITHUB_BASE_REF} \ | ( grep '.*\.\(c\|cpp\|h\|hpp\)$' || true ) \ | ( grep -v -f .astyleignore || true ) \ | while read file; do astyle -n --options=.astylerc "${file}"; done git diff --exit-code --diff-filter=d --color - - + - name: "UTF-8 Check" run: | + git config --global --add safe.directory "$GITHUB_WORKSPACE" # Make sure we're not introducing any text which is not UTF-8 encoded git diff origin/${GITHUB_BASE_REF} -U0 | ( grep -a '^+' || true ) | ( ! grep -axv '.*' ) @@ -139,11 +143,11 @@ jobs: strategy: matrix: python-version: [ '3.5', '3.6', '3.7' ] - + steps: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - uses: actions/setup-python@v2 @@ -153,12 +157,12 @@ jobs: - name: install dependencies run: | - pip install -r requirements.txt + pip install -r requirements.txt pip install mock==2.0.0 attrs==19.1.0 pytest==3.3.0 'pylint>=1.9,<2' 'hypothesis>=3,<4' 'coverage>=4.5,<5' - name: pytest run: | - # PYTHONPATH=. + # PYTHONPATH=. coverage run -a -m pytest tools/test python tools/test/pylint.py coverage run -a tools/project.py -S | sed -n '/^Total/p' @@ -173,7 +177,7 @@ jobs: - name: Checkout repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 diff --git a/.github/workflows/docker_management.publish.yml b/.github/workflows/docker_management.publish.yml index 8a043b05f6..d70d036aff 100644 --- a/.github/workflows/docker_management.publish.yml +++ b/.github/workflows/docker_management.publish.yml @@ -3,7 +3,7 @@ name: Publish or Update docker image for mbed-os-5.15 on: push: - branches: + branches: - mbed-os-5.15 paths: @@ -11,14 +11,14 @@ on: - docker_images/mbed-os-env/** - .github/workflows/docker_management.publish.yml - # manual trigger when needed - workflow_dispatch: + # manual trigger when needed + workflow_dispatch: jobs: prepare-tags: runs-on: ubuntu-latest steps: - - + - name: Extract branch name shell: bash run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" @@ -26,11 +26,11 @@ jobs: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 - - + - name: Set UUID id: generate-uuid uses: filipstefansson/uuid-action@v1 @@ -39,7 +39,7 @@ jobs: # dev-tag is temporary for testing purpose. This should be considered as unstable. # dated-tag is created for versioning purpose # prod-tag-latest could be used by customers, CI etc for keeping up to date - - + - name: Get build information shell: bash run: | @@ -50,27 +50,27 @@ jobs: echo ${{ steps.extract_branch.outputs.branch }}-latest > build_info/prod_tag_latest echo ${{ steps.extract_branch.outputs.branch }} > build_info/mbed_os_version echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]' > build_info/repository_owner - - - - name: Archive information + + - + name: Archive information uses: actions/upload-artifact@v2 with: name: build-info path: build_info - + build-container: runs-on: ubuntu-latest needs: prepare-tags steps: - - + - name: unarchive artefacts uses: actions/download-artifact@v2 with: name: build-info - - - + + - name: Get build info from archive shell: bash id: build_info @@ -86,13 +86,13 @@ jobs: echo "PROD TAG is $value" value=`cat repository_owner` echo "::set-output name=REPO_OWNER::$value" - - + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - + - name: Login to ghcr.io - uses: docker/login-action@v1 + uses: docker/login-action@v1 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -100,7 +100,7 @@ jobs: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Build docker containers @@ -113,9 +113,9 @@ jobs: file: ./docker_images/mbed-os-env/Dockerfile tags: ghcr.io/${{ steps.build_info.outputs.REPO_OWNER }}/mbed-os-env:${{ steps.build_info.outputs.DOCKER_PROD_TAG_LATEST }} - # as docker tags are reused, copy also to a "fixed tag" + # as docker tags are reused, copy also to a "fixed tag" # for troubleshooting purpose if needed - - + - name: copy tag to fixed tag run: | docker run quay.io/skopeo/stable --src-creds=${{ github.repository_owner }}:${{ secrets.GITHUB_TOKEN }} --dest-creds=${{ github.repository_owner }}:${{ secrets.GITHUB_TOKEN }} copy --all docker://ghcr.io/${{ steps.build_info.outputs.REPO_OWNER }}/mbed-os-env:${{ steps.build_info.outputs.DOCKER_PROD_TAG_LATEST }} docker://ghcr.io/${{ steps.build_info.outputs.REPO_OWNER }}/mbed-os-env:${{ steps.build_info.outputs.DOCKER_PROD_TAG_DATED }} diff --git a/.github/workflows/docker_management.test.yml b/.github/workflows/docker_management.test.yml index c15877c4bc..529a6a09c5 100644 --- a/.github/workflows/docker_management.test.yml +++ b/.github/workflows/docker_management.test.yml @@ -1,4 +1,4 @@ -name: Build and test docker image +name: Build and test docker image # This workflow is triggered when Dockerfile related or github action itself changes are made in a PR # The workflow is quite simple - builds and test the image. Release of newer version is done only when PR is merged. @@ -21,14 +21,14 @@ jobs: platform: [linux/amd64] steps: - - + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 # use mbed-os-5.15 branch of blinky - - + - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: repository: ARMmbed/mbed-os-example-blinky path: mbed-os-example-blinky @@ -42,10 +42,10 @@ jobs: rm -rf mbed-os - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: path: mbed-os-example-blinky/mbed-os - + - name: Build container uses: docker/build-push-action@v2 @@ -56,8 +56,8 @@ jobs: file: ./mbed-os-example-blinky/mbed-os/docker_images/mbed-os-env/Dockerfile load: true tags: mbed-os-env:a_pr_test - - - + + - name: test the container id: test uses: addnab/docker-run-action@v2