Vendor DVD CI #102
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Vendor DVD CI | |
| on: | |
| pull_request: {} | |
| push: | |
| branches: | |
| - main | |
| schedule: | |
| # Run weekly (04:45 AM UTC on Thursdays) to catch failures based on | |
| # external changes. | |
| - cron: '45 04 * * 4' | |
| workflow_dispatch: {} | |
| jobs: | |
| main: | |
| name: Mock inputs | |
| runs-on: ubuntu-22.04 | |
| defaults: | |
| run: | |
| # Note: does not apply to actions. | |
| working-directory: vendor-dvd | |
| steps: | |
| - name: Check out sources | |
| uses: actions/checkout@v4 | |
| - name: Run shellcheck | |
| run: | | |
| shellcheck --version | |
| shellcheck *.sh tests/*.sh ../boot-dvd/internal/vars.sh | |
| - name: Make ISO using mock inputs | |
| run: ./make-iso.sh | |
| env: | |
| USE_MOCK_INPUTS: '1' | |
| - name: Check mock ISO | |
| run: ./tests/test-mock-iso.sh | |
| entrust: | |
| name: Real inputs | |
| runs-on: ubuntu-22.04 | |
| defaults: | |
| run: | |
| # Note: does not apply to actions. | |
| working-directory: vendor-dvd | |
| steps: | |
| - name: Check out sources | |
| uses: actions/checkout@v4 | |
| - name: Check if CI passed in prior run | |
| uses: actions/cache@v3 | |
| id: vendor-dvd-passed | |
| with: | |
| path: passed | |
| key: vendor-dvd-passed-${{ runner.os }}-${{ hashFiles('vendor-dvd/**') }} | |
| - name: Authenticate to Google Cloud | |
| if: steps.vendor-dvd-passed.outputs.cache-hit != 'true' | |
| uses: google-github-actions/auth@v1 | |
| with: | |
| credentials_json: '${{ secrets.GCP_SERVICE_ACCOUNT }}' | |
| - name: Download inputs from Google Cloud Storage | |
| if: steps.vendor-dvd-passed.outputs.cache-hit != 'true' | |
| run: | | |
| mkdir -p inputs | |
| gcloud storage cp \ | |
| 'gs://ncipher-nshield-firmware/2023-08 v13.4 codesafe firmware secworld/Codesafe_Lin64-13.4.3.iso.zip' \ | |
| 'gs://ncipher-nshield-firmware/2023-08 v13.4 codesafe firmware secworld/SecWorld_Lin64-13.4.4.iso.zip' \ | |
| 'gs://ncipher-nshield-firmware/2023-08 v13.4 codesafe firmware secworld/nShield_HSM_Firmware-13.4.4.iso.zip' \ | |
| inputs/ | |
| - name: Make ISO using real inputs | |
| if: steps.vendor-dvd-passed.outputs.cache-hit != 'true' | |
| run: ./make-iso.sh | |
| - name: Make dummy file for cache | |
| if: steps.vendor-dvd-passed.outputs.cache-hit != 'true' | |
| run: echo 1 > ../passed |