tillitis-key/.github/workflows/ci.yaml
2024-07-09 16:01:47 +02:00

153 lines
4.1 KiB
YAML

name: ci
on:
push:
branches:
- 'main'
pull_request: {}
# allow manual runs:
workflow_dispatch: {}
jobs:
check-firmware:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: check indentation in firmware C code
working-directory: hw/application_fpga
run: |
make -C fw/tk1 checkfmt
make -C fw/testfw checkfmt
- name: run static analysis on firmware C code
working-directory: hw/application_fpga
run: |
make check
- name: compile firmware and testfw
working-directory: hw/application_fpga
run: make firmware.bin testfw.bin
check-verilog:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: lint verilog using verilator
working-directory: hw/application_fpga
run: make lint
- name: run testbench
working-directory: hw/application_fpga
run: make tb
build-other-firmwares:
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: compile ch552 firmware
working-directory: hw/usb_interface/ch552_fw
run: make
- name: compile tp1 firmware
working-directory: hw/boards/tp1/firmware
run: ./build.sh
build-bitstream:
outputs:
commit_sha: ${{ github.sha }}
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: checkout
uses: actions/checkout@v4
with:
# fetch-depth: 0
persist-credentials: false
- name: fix
# https://github.com/actions/runner-images/issues/6775
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
- name: make production test gateware
working-directory: hw/production_test/application_fpga_test_gateware
run: make
- name: make application FPGA gateware
working-directory: hw/application_fpga
run: make all
- name: Cache binaries
uses: actions/cache@v4
with:
path: |
hw/application_fpga/application_fpga.bin
hw/application_fpga/firmware.bin
key: build-${{ github.run_number }}-${{ github.sha }}-${{ github.run_attempt }}
check-hashes:
needs: build-bitstream
runs-on: ubuntu-latest
container:
image: ghcr.io/tillitis/tkey-builder:4
steps:
- name: Checkout
uses: actions/checkout@v4
with:
persist-credentials: false
- name: Retrieve binaries from cache
uses: actions/cache@v4
with:
path: |
hw/application_fpga/application_fpga.bin
hw/application_fpga/firmware.bin
key: build-${{ github.run_number }}-${{ needs.build-bitstream.outputs.commit_sha }}-${{ github.run_attempt }}
- name: check matching hashes for firmware.bin & application_fpga.bin
working-directory: hw/application_fpga
run: make check-binary-hashes
# TODO? first deal with hw/boards/ and hw/production_test/
# - name: check for SPDX tags
# run: ./LICENSES/spdx-ensure