forked from tock/tock
-
Notifications
You must be signed in to change notification settings - Fork 0
178 lines (147 loc) · 7.06 KB
/
treadmill-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
# Licensed under the Apache License, Version 2.0 or the MIT License.
# SPDX-License-Identifier: Apache-2.0 OR MIT
# Copyright Tock Contributors 2024.
# This workflow contains all Treadmill-based hardware CI jobs.
#
# Treadmill is a distributed hardware testbed developed within the Tock OS
# project. For more information on Treadmill, have a look at its documentation
# [1] or repository [2].
#
# This workflow is based on the Treadmill GitHub Actions integration guide [3].
# In addition, it features the ability to run multiple Treadmill jobs and
# test-execute stages through GitHub Action's job matrices, and uses a GitHub
# environment to allow deployments with access to secrets for select PRs.
#
# [1]: https://book.treadmill.ci/
# [2]: https://github.com/treadmill-tb/treadmill
# [3]: https://book.treadmill.ci/user-guide/github-actions-integration.html
name: treadmill-ci
env:
TERM: xterm # Makes tput work in actions output
# Controls when the action will run. Triggers the workflow on pull request and
# merge group checks:
#
# KEEP IN SYNC WITH `environment:` ATTRIBUTE BELOW:
on:
push:
branches:
- master
# Add any additional branches you want to include
# - dev/test_ci_branch
# Pull requests from forks will not have access to the required GitHub API
# secrets below, even if they are using an appropriate deployment environment
# and the workflow runs have been approved according to this environment's
# rules. We don't know whether this is a bug on GitHub's end or deliberate.
#
# Either way, for now we disable this workflow to run on PRs until we have
# an API proxy that securely performs these GitHub API calls (adding runners
# and starting Treadmill jobs with those runner registration tokens), which
# allows this workflow to run without access to repository secrets.
#
# However, because GitHub's merge queues don't allow to differentiate required
# checks for *entering* the merge queue from those that are required to *pass*
# it, we also can't disable this trigger entirely. Instead, we use a selector
# to avoid running any actual checks on this trigger, while still technically
# succeeding for PRs.
pull_request:
merge_group: # Run CI for the GitHub merge queue
# Manually dispatch for a specific branch (will require approval
# through the treadmill-ci-merged environment:
workflow_dispatch:
inputs:
tock-kernel-ref:
description: 'Ref (revision/branch/tag) of the upstream Tock repo to test'
required: true
default: 'master'
libtock-c-ref:
description: 'Ref (revision/branch/tag) of the upstream libtock-c repo to test'
required: true
default: 'master'
tests-json:
description: 'tests-json value passed to HWCI workflow (if empty, output from hwci-determine-tests step is used)'
required: false
permissions:
contents: read
jobs:
hwci-determine-tests:
runs-on: ubuntu-latest
# Don't run on a pull request, as explained above.
if: github.event_name != 'pull_request'
outputs:
hwci-tests-json: ${{ steps.determine-tests.outputs.hwci-tests-json }}
steps:
- name: Checkout the tock/tock repository
uses: actions/checkout@v4
with:
# Checkout the repository at the commit that triggered the workflow
repository: tock/tock
ref: ${{ github.sha }}
path: tock-tock
- name: Checkout the tock-hardware-ci repository
uses: actions/checkout@v4
with:
repository: tock/tock-hardware-ci
# Change this in accordance with the two other `tock-hardware-ci` refs
# referenced below in the reusable workflow's parameters:
ref: 'main'
path: tock-hardware-ci
- name: Analyze changes to determine relevant tests
id: determine-tests
run: |
# Ensure Python dependencies are installed
python3 -m pip install --user --upgrade pip
# Run the select_tests.py script
python3 tock-hardware-ci/hwci/select_tests.py \
--repo-path tock-tock \
--hwci-path tock-hardware-ci/hwci \
--output selected_tests.json
echo "Selected HWCI tests:"
cat selected_tests.json
# Output the tests JSON
hwci_tests_json=$(cat selected_tests.json | jq -c '.')
echo "hwci-tests-json=${hwci_tests_json}" >> "$GITHUB_OUTPUT"
hwci-treadmill-dispatch:
needs: [hwci-determine-tests]
# This checks whether there is at least one test to run, see
# https://github.com/orgs/community/discussions/27125#discussioncomment-3254720
#
# Don't run on a pull request, as explained above.
if: github.event_name != 'pull_request' && (fromJSON(needs.hwci-determine-tests.outputs.hwci-tests-json)[0] != null || github.event_name == 'workflow_dispatch')
# The main tock-hardware-ci workflow is imported from another repository. It
# can be reused across multiple Tock repositories such as the kernel,
# libtock-c, and libtock-rs.
uses: tock/tock-hardware-ci/.github/workflows/treadmill-ci.yml@main
with:
# Only run on a specific repository, as others will not have the right
# environments set up and secrets configured. Forks may want to change
# this parameter.
repository-filter: 'tock/tock'
# Provide access to the required Treadmill secrets by running in the
# appropriate environment (depending on the `on:` triggers above)
job-environment: ${{ (github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch') && 'treadmill-ci' || 'treadmill-ci-merged' }}
# Reference for tock-hardware-ci repo, change if you want a specific test
# suite. In this case, you should also update the branch reference in the
# "uses" line above.
tock-hardware-ci-ref: 'main'
# Test the tock kernel revision that triggered this workflow:
tock-kernel-ref: ${{ github.event_name == 'workflow_dispatch' && inputs.tock-kernel-ref || github.sha }}
# Use the latest upstream libtock-c library:
libtock-c-ref: ${{ github.event_name == 'workflow_dispatch' && inputs.libtock-c-ref || 'master' }}
# Pass the selected tests:
tests-json: ${{ (github.event_name == 'workflow_dispatch' && inputs.tests-json != '') && inputs.tests-json || needs.hwci-determine-tests.outputs.hwci-tests-json }}
secrets: inherit
# We cannot depend on *all* test-execute jobs of hwci-treadmill-dispatch as
# required checks for pull requests and merge queues. Thus, we run another
# single dummy step here that waits for all the hwci-treadmill-dispatch jobs
# to complete and report success.
#
# We also use this to report a "dummy" success value for the "pull_request"
# trigger, as explained in the comment of the "on:" parameters above.
hwci-report-success:
needs: [hwci-determine-tests, hwci-treadmill-dispatch]
if: always()
runs-on: ubuntu-latest
steps:
- name: Fail if any of the 'hwci-treadmill-dispatch' jobs failed
if: github.event_name != 'pull_request' && contains(needs.*.result, 'failure')
run: exit 1