Git-Mirrors
/
tillitis-key
mirror of https://github.com/tillitis/tillitis-key1.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CI: Divide into separate jobs. 

- Gives a better overview of CI and the different checks, without going
  into the logs too deeply.
- Cache: use a unique key for each run, and remove 'restore key' since it
  could potentially retrieve the wrong bitstream. The stragegy should be
  to fail if a cache is not present, not fetch a bitstream from a
  different build.
This commit is contained in:
dehanj 2024-04-19 09:37:41 +02:00
parent d7b8bb26a9
commit a5e30f1203
No known key found for this signature in database
GPG Key ID: 3707A9DBF4BB8F1A
1 changed files with 64 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
.github/workflows/ci.yaml vendored
View File

@ -10,7 +10,7 @@ on:
workflow_dispatch: {}
jobs:
ci:
check-firmware:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
@ -26,7 +26,7 @@ jobs:
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: check indentation of our firmware C code
- name: check indentation in firmware C code
working-directory: hw/application_fpga
run: |
make -C fw/tk1 checkfmt
@ -37,10 +37,46 @@ jobs:
run: |
make check
- name: compile firmware and testfw
working-directory: hw/application_fpga
run: make firmware.bin testfw.bin
check-verilog:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: lint verilog using verilator
working-directory: hw/application_fpga
run: make lint
build-other-firmwares:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: compile ch552 firmware
working-directory: hw/boards/mta1-usb-v1/ch552_fw
run: make
@ -49,15 +85,28 @@ jobs:
working-directory: hw/boards/tp1/firmware
run: ./build.sh
build-bitstream:
outputs:
commit_sha: ${{ github.sha }}
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: make production test gateware
working-directory: hw/production_test/application_fpga_test_gateware
run: make
- name: compile firmware and testfw
working-directory: hw/application_fpga
run: make firmware.bin testfw.bin
# doing this last as it takes long time
- name: make application FPGA gateware
working-directory: hw/application_fpga
run: make all
@ -68,16 +117,10 @@ jobs:
path: |
hw/application_fpga/application_fpga.bin
hw/application_fpga/firmware.bin
key: ${{ runner.os }}-build-${{ github.sha }}
restore-keys: ${{ runner.os }}-build-
# TODO? first deal with hw/boards/ and hw/production_test/
# - name: check for SPDX tags
# run: ./LICENSES/spdx-ensure
key: build-${{ github.run_number }}-${{ github.sha }}-${{ github.run_attempt }}
check-hashes:
needs: ci
needs: build-bitstream
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
@ -93,9 +136,13 @@ jobs:
path: |
hw/application_fpga/application_fpga.bin
hw/application_fpga/firmware.bin
key: ${{ runner.os }}-build-${{ needs.build.outputs.commit_sha }}
restore-keys: ${{ runner.os }}-build-
key: build-${{ github.run_number }}-${{ needs.build-bitstream.outputs.commit_sha }}-${{ github.run_attempt }}
- name: check matching hashes for firmware.bin & application_fpga.bin
working-directory: hw/application_fpga
run: make check-binary-hashes
# TODO? first deal with hw/boards/ and hw/production_test/
# - name: check for SPDX tags
# run: ./LICENSES/spdx-ensure