diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index c0f53980..2291ece0 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -6,7 +6,7 @@ name: PR -on: [pull_request] +on: [pull_request, workflow_call] jobs: gitlint: @@ -26,3 +26,9 @@ jobs: runs-on: ubuntu-latest steps: - uses: seL4/ci-actions/bashisms@master + + style: + name: Style + runs-on: ubuntu-latest + steps: + - uses: seL4/ci-actions/style@master diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index f5f34368..9388e929 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -10,6 +10,7 @@ on: branches: - master pull_request: + workflow_call: jobs: check: @@ -25,9 +26,3 @@ jobs: - uses: seL4/ci-actions/link-check@master with: exclude: '/node_modules/' - - style: - name: Style - runs-on: ubuntu-latest - steps: - - uses: seL4/ci-actions/style@master diff --git a/.github/workflows/sel4bench-pr.yml b/.github/workflows/sel4bench-pr.yml new file mode 100644 index 00000000..a986d096 --- /dev/null +++ b/.github/workflows/sel4bench-pr.yml @@ -0,0 +1,123 @@ +# Copyright 2022, Proofcraft Pty Ltd +# +# SPDX-License-Identifier: BSD-2-Clause + +# Build and run sel4bench on pull requests, on label request + +name: seL4Bench-HW + +on: + workflow_call: + +# intended to run on +# pull_request_target: +# types: [opened, reopened, synchronize, labeled] + +# downgrade permissions to read-only as you would have in a standard PR action +permissions: + contents: read + +# To reduce the load (especiually on the machine queue) we cancel any older runs +# of this workflow for the current PR. Such runs exist, if there were new pushes +# to the PR's branch without waiting for the workflow to finish. As a side +# effect, pushing new commits now becomes a convenient way to cancel all the +# older runs, e.g. if they are stuck and would only be stopped by the timeout +# eventually. +# Note that we could do the concurrency handling at a finer level, and only wrap +# the actual run on the hardware. But there seems not much gain in letting the +# older builds run, as these are usually obsolete with new pushes also. +concurrency: + group: ${{ github.workflow }}-pr-${{ github.event.number }} + cancel-in-progress: true + +jobs: + code: + name: Freeze Code + runs-on: ubuntu-latest + if: ${{ github.event_name == 'pull_request_target' && + github.event.action != 'labeled' && + contains(github.event.pull_request.labels.*.name, 'hw-bench') || + github.event_name == 'pull_request_target' && + github.event.action == 'labeled' && + github.event.label.name == 'hw-bench' }} + outputs: + xml: ${{ steps.repo.outputs.xml }} + steps: + - id: repo + uses: seL4/ci-actions/repo-checkout@master + with: + manifest_repo: sel4bench-manifest + manifest: master.xml + sha: ${{ github.event.pull_request.head.sha }} + + build: + name: Build + needs: code + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + march: [armv7a, armv8a, nehalem, rv64imac] + steps: + - name: Build + uses: seL4/ci-actions/sel4bench@master + with: + xml: ${{ needs.code.outputs.xml }} + march: ${{ matrix.march }} + - name: Upload images + uses: actions/upload-artifact@v4 + with: + name: images-${{ matrix.march }} + path: '*-images.tar.gz' + + hw-run: + name: HW Benchmark + if: ${{ github.repository_owner == 'seL4' }} + runs-on: ubuntu-latest + needs: [build] + strategy: + fail-fast: false + matrix: + platform: + - sabre + - imx8mm_evk + - odroid_c2 + - odroid_xu4 + - am335x_boneblack + - tx1 + - tx2 + - hifive + include: + - platform: pc99 + req: skylake + - platform: pc99 + req: haswell3 + steps: + - name: Get machine queue + uses: actions/checkout@v4 + with: + repository: seL4/machine_queue + path: machine_queue + - name: Get march + id: plat + uses: seL4/ci-actions/march-of-platform@master + with: + platform: ${{ matrix.platform }} + - name: Download image + uses: actions/download-artifact@v4 + with: + name: images-${{ steps.plat.outputs.march }} + - name: Run + uses: seL4/ci-actions/sel4bench-hw@master + with: + platform: ${{ matrix.platform }} + req: ${{ matrix.req }} + index: $${{ strategy.job-index }} + env: + HW_SSH: ${{ secrets.HW_SSH }} + - name: Upload results + uses: actions/upload-artifact@v4 + with: + # funky expression below is to work around lack of ternary operator + name: sel4bench-results-${{ matrix.platform }}${{ matrix.req != '' && format('-{0}', matrix.req) || '' }} + path: '*.json' diff --git a/.github/workflows/sel4test-hw.yml b/.github/workflows/sel4test-hw.yml new file mode 100644 index 00000000..1a9f21b1 --- /dev/null +++ b/.github/workflows/sel4test-hw.yml @@ -0,0 +1,116 @@ +# Copyright 2021, Proofcraft Pty Ltd +# +# SPDX-License-Identifier: BSD-2-Clause + +# sel4test hardware builds and runs +# +# See sel4test-hw/builds.yml in the repo seL4/ci-actions for configs. + +name: seL4Test-HW + +on: + workflow_call: + +# intended to run on +# pull_request_target: +# types: [opened, reopened, synchronize, labeled] +# needs PR target for secrets access; guard by requiring label + +# downgrade permissions to read-only as you would have in a standard PR action +permissions: + contents: read + +# To reduce the load (especiually on the machine queue) we cancel any older runs +# of this workflow for the current PR. Such runs exist, if there were new pushes +# to the PR's branch without waiting for the workflow to finish. As a side +# effect, pushing new commits now becomes a convenient way to cancel all the +# older runs, e.g. if they are stuck and would only be stopped by the timeout +# eventually. +# Note that we could do the concurrency handling at a finer level, and only wrap +# the actual run on the hardware. But there seems not much gain in letting the +# older builds run, as these are usually obsolete with new pushes also. +concurrency: + group: ${{ github.workflow }}-pr-${{ github.event.number }} + cancel-in-progress: true + +jobs: + hw-build: + name: HW Build + runs-on: ubuntu-latest + if: ${{ github.event_name == 'push' || + github.event_name == 'pull_request_target' && + github.event.action != 'labeled' && + (contains(github.event.pull_request.labels.*.name, 'hw-build') || + contains(github.event.pull_request.labels.*.name, 'hw-test')) || + github.event_name == 'pull_request_target' && + github.event.action == 'labeled' && + (github.event.label.name == 'hw-build' || + github.event.label.name == 'hw-test') }} + strategy: + fail-fast: false + matrix: + # There is no "rv32imac" hardware yet. + march: [armv7a, armv8a, nehalem, rv64imac] + compiler: [gcc, clang] + steps: + - name: Build + uses: seL4/ci-actions/sel4test-hw@master + with: + march: ${{ matrix.march }} + compiler: ${{ matrix.compiler }} + sha: ${{ github.event.pull_request.head.sha }} + - name: Upload images + uses: actions/upload-artifact@v4 + with: + name: images-${{ matrix.march }}-${{ matrix.compiler }} + path: '*-images.tar.gz' + - name: Upload kernel.elf files + uses: actions/upload-artifact@v4 + with: + name: kernel.elf-${{ matrix.march }}-${{ matrix.compiler }} + path: '*-kernel.elf' + + the_matrix: + name: Matrix + needs: hw-build + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.matrix.outputs.matrix }} + steps: + - id: matrix + uses: seL4/ci-actions/sel4test-hw-matrix@master + + hw-run: + name: HW Run + runs-on: ubuntu-latest + needs: the_matrix + if: ${{ github.repository_owner == 'seL4' && + (github.event_name == 'push' || + github.event_name == 'pull_request_target' && + github.event.action != 'labeled' && + contains(github.event.pull_request.labels.*.name, 'hw-test') || + github.event_name == 'pull_request_target' && + github.event.action == 'labeled' && + github.event.label.name == 'hw-test') }} + strategy: + fail-fast: false + matrix: ${{ fromJson(needs.the_matrix.outputs.matrix) }} + steps: + - name: Get machine queue + uses: actions/checkout@v4 + with: + repository: seL4/machine_queue + path: machine_queue + - name: Download image + uses: actions/download-artifact@v4 + with: + name: images-${{ matrix.march }}-${{ matrix.compiler }} + - name: Run + uses: seL4/ci-actions/sel4test-hw-run@master + with: + platform: ${{ matrix.platform }} + compiler: ${{ matrix.compiler }} + mode: ${{ matrix.mode }} + index: $${{ strategy.job-index }} + env: + HW_SSH: ${{ secrets.HW_SSH }} diff --git a/.github/workflows/sel4test-sim.yml b/.github/workflows/sel4test-sim.yml new file mode 100644 index 00000000..3986adc6 --- /dev/null +++ b/.github/workflows/sel4test-sim.yml @@ -0,0 +1,35 @@ +# Copyright 2021, Proofcraft Pty Ltd +# +# SPDX-License-Identifier: BSD-2-Clause + +# sel4test simulation runs +# +# See sel4test-sim/builds.yml in the repo seL4/ci-actions for configs. + +name: seL4Test-Sim + +on: + workflow_call: + +# To reduce the load we cancel any older runs of this workflow for the current +# PR. Such runs exist, if there were new pushes to the PR's branch without +# waiting for the workflow to finish. As a side effect, pushing new commits now +# becomes a convenient way to cancel all the older runs, e.g. if they are stuck +# and would only be stopped by the timeout eventually. +concurrency: + group: ${{ github.workflow }}-pr-${{ github.event.number }} + cancel-in-progress: true + +jobs: + sim: + name: Simulation + runs-on: ubuntu-latest + strategy: + matrix: + march: [armv7a, armv8a, nehalem, rv32imac, rv64imac] + compiler: [gcc, clang] + steps: + - uses: seL4/ci-actions/sel4test-sim@master + with: + march: ${{ matrix.march }} + compiler: ${{ matrix.compiler }}