Commit Graph

79 Commits

Author SHA1 Message Date
naveen
155c9a2070 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
2022-06-17 08:33:40 +03:00
YAMAMOTO Takashi
ade753488e .github/gcc.json: Fix space/tab inconsistency 2022-04-12 13:43:06 +08:00
Xiang Xiao
0f82eccc4f .github/workflows/check.yml: Enable Change-ID check explicitly
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2022-04-09 22:06:54 +02:00
Abdelatif Guettouche
44075893a7 build.yml: Use v2 of the download-artifact action.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
2022-02-25 09:43:41 -03:00
Abdelatif Guettouche
d437921f82 docker_linux.yml: Use docker actions to build docker.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
2022-02-25 09:43:41 -03:00
YAMAMOTO Takashi
2d6774536e .github/workflows/build.yml: Enable the "run" step in testbuild.sh 2022-02-22 13:30:57 +08:00
Gustavo Henrique Nihei
41c727f251 Revert "ci: Freeze pipenv version for avoiding issue on documentation generation"
This reverts commit 57cba0e088.
2022-01-06 00:27:23 +01:00
Gustavo Henrique Nihei
1d26d75e66 ci: Bump github/super-linter version to V4
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-12-21 11:56:45 -06:00
Gustavo Henrique Nihei
3eec9fcb9b ci: Use GitHub Actions concurrency for cancelling duplicate jobs
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-12-17 11:24:08 -06:00
Gustavo Henrique Nihei
ad4a42189f ci: Use actions/checkout@v2 on build-html job
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-11-08 21:37:24 -06:00
Gustavo Henrique Nihei
57cba0e088 ci: Freeze pipenv version for avoiding issue on documentation generation
Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-11-08 18:53:18 +01:00
Gustavo Henrique Nihei
13bf6f0fc2 github: Update links to Docker Linux image
GitHub's Docker registry has been replaced by the Container registry.

Signed-off-by: Gustavo Henrique Nihei <gustavo.nihei@espressif.com>
2021-09-02 08:46:30 +08:00
Xiang Xiao
b3e1d1c3df tools/ci: Remove sim01.dat and sim02.dat
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2021-05-16 21:03:22 -07:00
Xiang Xiao
09a0ed111c tools/ci: Rename sim0x.dat to sim-0x.dat to align with arm-xx.dat
To avoid the build break sim0x.dat will remove in the upcoming patch

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2021-05-16 10:39:16 -07:00
Matias N
f44675879c CI: ensure docker is rebuilt on corresponding workflow changes 2021-04-22 17:35:50 -07:00
Matias N
238fa3bae2 CI: fix docker image name 2021-04-22 15:21:54 -07:00
Christian Clauss
15932fa9ea Lint Python code with flake8 and isort 2021-04-10 08:36:29 -07:00
Brennan Ashton
3428d159ba ci: lint only changed files 2021-04-06 13:30:20 -03:00
Brennan Ashton
15b99d1f4b CI: Migrate ci tooling from testing repository to main os repo 2021-04-05 01:22:48 -05:00
Brennan Ashton
1fab9ad6da Add black linter for python 2021-04-04 23:29:27 -05:00
Xiang Xiao
42489759fe build: Replace sim with sim01 and sim02
follow up nuttx-testing repo change:
commit 08d766faef84e43112b70a08f6f0c54654482024
Author: Xiang Xiao <xiaoxiang@xiaomi.com>
Date:   Sun Apr 4 04:21:57 2021 +0800

    Split sim.dat to sim00.dat and sim01.dat

    to speed up the macOS build

    Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2021-04-04 05:16:44 -05:00
Matias N
9e311518c9 CI: adapt to testlist changes 2021-04-03 08:46:06 -05:00
Matias N
8b7463870e CI: add action to cancel redundant jobs 2021-03-30 22:43:00 -05:00
Matias N
a813f79c41 CI: remove linkcheck when building docs
We're running linkcheck and ignoring errors but this still slows CI build
and can even make it fail due to timeout. The linkcheck is useful for local
manual test but not really for CI.
2021-03-22 19:48:53 -07:00
Brennan Ashton
0d8dc13b67 CI: Only use approved GitHub Actions 2020-12-29 22:56:39 +01:00
Brennan Ashton
570aa3cdac CI: Allow builds to pass even if final artifact upload fails
We are seeing higher cases of artifact upload failures
in github.  Other projects are also seeing this as has been
reported at https://github.com/actions/upload-artifact/issues/116

There is a fix that was just merged in the base library:
https://github.com/actions/toolkit/pull/675

So Hopefully we can revert this before too long.

Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-12-23 10:32:31 +01:00
Abdelatif Guettouche
8313c2a3dc .github/SECURITY.md: Fix a typo.
Signed-off-by: Abdelatif Guettouche <abdelatif.guettouche@espressif.com>
2020-12-17 01:11:35 -08:00
Brennan Ashton
0edb162ba7 Add project GitHub Security Policy page
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-12-17 00:31:58 -06:00
John Bampton
ca6b11b425 feat: add a GitHub action to lint the YAML files
Lint some YAML
Add a `.yamllint` config file
2020-12-15 09:52:04 -06:00
Brennan Ashton
5d872e09e6 Remove depricated usage of set-env in GitHub
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-11-08 19:38:59 -08:00
Xiang Xiao
96d1f018c4 build.yml: Switch avr-mips-riscv-x86-xtensa.dat to other.dat
Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2020-10-29 01:06:57 -07:00
Brennan Ashton
162da1169e CI: Store artifacts durring build
Add new option -A is added to tools/testbuild.sh that will take the
created build executable and store it in a folder for the config
that generated it under $ARTIFACTDIR which can be set via an
environment variable or defaulted to $(TOPDIR)/buildartifacts

This is also helpful for local testing because you can now run
tools/testbuild.sh -A sim.dat and have all of the simulation
targets generated without having to rebuild along the way.

In the GitHub Actions workflow the artifacs are uploaded
two two bundles one for macOS and one for Linux

Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-10-28 11:32:21 -07:00
Brennan Ashton
bfe1e2c148 ci: Don't fail the build due to linkcheck failure
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-10-27 01:20:05 -07:00
Brennan Ashton
23cd1e030e Docs: Fix broken links and references in docs
Also add to the CI a problem matcher to better report issues

Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-10-22 10:22:11 -03:00
Bhindhiya
73f0530912 Add Renesas pre-check 2020-09-30 18:22:16 +08:00
Matias N
7d16090d11 Fix testbuild.sh to actually fail when using -x. Leave -x out for CI
so that we detect all possible build errors for a job.
2020-09-13 10:29:13 -07:00
Matias N
dbf58162db CI: remove use of source cache, use artifacts instead 2020-09-11 12:54:37 -07:00
Brennan Ashton
3d07d453e0 CI: Disable keeping ccache across builds
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-09-11 10:03:15 +08:00
Brennan Ashton
7549e2e9de CI: Enable ccache for Linux and MacOS builds 2020-09-06 11:10:21 +08:00
Brennan Ashton
6d3269a69d CI: Fix check patch to handle renames / deletes
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-09-03 20:05:57 -03:00
Brennan Ashton
74aec1c424 CI: Move fetch of tags back to source stage now that cache is faster
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-09-03 10:10:41 +08:00
Brennan Ashton
572be4d74d Docs: Clean up installation requirements and only support pipenv
Signed-off-by: Brennan Ashton <bashton@brennanashton.com>
2020-09-02 17:12:32 -03:00
Matias N
4276d6254a rename doc/ -> Documentation/ 2020-08-24 10:29:55 -07:00
Matias N
5e1dab36c6 sphinx doc 2020-08-24 10:29:55 -07:00
Brennan Ashton
1a90a933df Revert "REMOVE ME: Force build of AVR in test"
This reverts commit f27fbe856d.
2020-07-19 16:55:15 -03:00
Brennan Ashton
f27fbe856d REMOVE ME: Force build of AVR in test 2020-07-19 15:49:13 -03:00
Ouss4
f66ead9ca3 Update the boards matrix to add AVR builds. 2020-07-19 10:57:54 -03:00
Brennan Ashton
0430c6ccc8 Add problem matching for gcc and nxstyle to github actions 2020-06-11 00:52:55 +08:00
liuhaitao
b94a7698d9 Revert "CI: use 'git diff $commits' as a whole patchset to do checkpatch"
This reverts commit 350131d00e.

If one PR is on a former master code base, using 'git diff $commits' would result in
abnormal checkpatch report sometimes. So revert it anyway.
2020-05-09 14:10:34 +08:00
liuhaitao
350131d00e CI: use 'git diff $commits' as a whole patchset to do checkpatch
So avoid the duplicate print logs sometimes and rename file not opened
issue.

Signed-off-by: liuhaitao <liuhaitao@xiaomi.com>
2020-05-08 17:44:43 +08:00