diff options
Diffstat (limited to 'meta-raspberrypi/.github')
17 files changed, 527 insertions, 0 deletions
diff --git a/meta-raspberrypi/.github/actions/docker-build/action.yml b/meta-raspberrypi/.github/actions/docker-build/action.yml new file mode 100644 index 0000000000..35fac92c24 --- /dev/null +++ b/meta-raspberrypi/.github/actions/docker-build/action.yml @@ -0,0 +1,47 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: "Build a docker image" + +inputs: + docker_image: + required: true + description: "The name of the docker image" + id: + required: true + description: "Namespace for the image" + +runs: + using: "composite" + steps: + - name: Build the ${{ inputs.docker_image }} docker image + shell: bash + # We run this unconditinally even if the change doesn't touch the + # relevant docker files because there is a chance that another PR (or + # something else) rebuilt the local image. For example if the first + # version of the PR included change for the relevant docker image but a + # subsequent push to the PR branch dropped them. In this way we rebuild + # the image to avoid using the changes from the previous push. + run: | + cd .github/workflows/docker-images/ + # We build a temporary image namespaced by the PR number so we can + # handle multiple runners on the same host using the same docker + # storage. + tries=3 + n=1 + until [ "$n" -gt "$tries" ]; do + echo "Building the docker image ${{ inputs.docker_image }}-${{ inputs.id }}... try $n..." + if docker build . -f "${{ inputs.docker_image }}/Dockerfile" -t "${{ inputs.docker_image }}-${{ inputs.id }}"; then + # This can fail if a dangling images cleaning job runs in + # parallel. So we try this a couple of times to minimize + # conflict. This is because while building, docker creates a + # untagged image first (dangling) before tagging it at the end. + # If between these two operations a dangling cleanup happens, + # build fails. + break + fi + n=$((n+1)) + done + [ "$n" -lt "$tries" ] + echo "Temporary image built in ${{ inputs.docker_image }}." diff --git a/meta-raspberrypi/.github/actions/docker-clean-dangling/action.yml b/meta-raspberrypi/.github/actions/docker-clean-dangling/action.yml new file mode 100644 index 0000000000..90595c864d --- /dev/null +++ b/meta-raspberrypi/.github/actions/docker-clean-dangling/action.yml @@ -0,0 +1,18 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: "Cleanup dangling docker images" + +runs: + using: "composite" + steps: + - name: Cleanup dangling images + shell: bash + run: | + echo -n "Cleanup dangling images... " + if ! docker rmi $(docker images --filter "dangling=true" -q --no-trunc) > /dev/null 2>&1; then + echo "no dangling images found." + else + echo "done." + fi diff --git a/meta-raspberrypi/.github/actions/docker-clean-image/action.yml b/meta-raspberrypi/.github/actions/docker-clean-image/action.yml new file mode 100644 index 0000000000..dfc18d97ef --- /dev/null +++ b/meta-raspberrypi/.github/actions/docker-clean-image/action.yml @@ -0,0 +1,19 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: "Cleanup docker storage" + +inputs: + docker_image: + required: true + description: "The name of the docker image" + +runs: + using: "composite" + steps: + - name: Cleanup temporary image + shell: bash + run: | + echo "Cleanup ${{ inputs.docker_image }} image..." + docker rmi "${{ inputs.docker_image }}" || true diff --git a/meta-raspberrypi/.github/workflows/cancel-redundant-workflows.yml b/meta-raspberrypi/.github/workflows/cancel-redundant-workflows.yml new file mode 100644 index 0000000000..45a74436a2 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/cancel-redundant-workflows.yml @@ -0,0 +1,23 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: Cancel redundant workflows + +on: + workflow_run: + workflows: + - "Builds" + - "Compliance" + - "Yocto Compatible" + types: + - requested + +jobs: + cancel-redundant-workflows: + runs-on: [self-hosted, Linux] + steps: + - uses: styfle/cancel-workflow-action@0.9.1 + with: + all_but_latest: true + workflow_id: ${{ github.event.workflow.id }} diff --git a/meta-raspberrypi/.github/workflows/compliance.yml b/meta-raspberrypi/.github/workflows/compliance.yml new file mode 100644 index 0000000000..35e47310a0 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/compliance.yml @@ -0,0 +1,47 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: Compliance + +on: + pull_request: + +jobs: + dco: + name: DCO + runs-on: [self-hosted, Linux] + steps: + - name: Checkout the code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Build a temporary DCO image + uses: ./.github/actions/docker-build + with: + docker_image: dco-check + id: ${{ github.event.number }} + - name: Do DCO check + run: | + docker run --rm -v "$GITHUB_WORKSPACE:/work:ro" \ + --env "BASE_REF=$GITHUB_BASE_REF" \ + "dco-check-${{ github.event.number }}" + - name: Cleanup temporary docker image + uses: ./.github/actions/docker-clean-image + with: + docker_image: dco-check-${{ github.event.number }} + if: always() + - name: Cleanup dangling docker images + uses: ./.github/actions/docker-clean-dangling + if: always() + reuse: + name: reuse + runs-on: [self-hosted, Linux] + steps: + - name: Checkout the code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Do reuse check + continue-on-error: true + uses: fsfe/reuse-action@v1 diff --git a/meta-raspberrypi/.github/workflows/docker-images/README.md b/meta-raspberrypi/.github/workflows/docker-images/README.md new file mode 100644 index 0000000000..86cfddc191 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/README.md @@ -0,0 +1,21 @@ +<!-- +SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> + +SPDX-License-Identifier: MIT +--> + +# Docker images for CI + +Each directory contains the files for a docker image. + +## Building an image + +When building a docker image, the build context is expected to be where this +`README.md` file resides. This means that building the images will require +passing the appropriate `-f` argument. + +Here is an example for building the `dco-check` image: + +``` +docker build . -f dco-check/Dockerfile -t dco-check +``` diff --git a/meta-raspberrypi/.github/workflows/docker-images/dco-check/Dockerfile b/meta-raspberrypi/.github/workflows/docker-images/dco-check/Dockerfile new file mode 100644 index 0000000000..89901ae6ed --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/dco-check/Dockerfile @@ -0,0 +1,13 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +FROM christophebedard/dco-check:latest + +# Run under normal user called 'ci' +RUN useradd --create-home --uid 1000 --shell /usr/bin/bash ci +USER ci + +COPY ./dco-check/entrypoint.sh / +COPY ./utils.sh / +ENTRYPOINT ["/entrypoint.sh"] diff --git a/meta-raspberrypi/.github/workflows/docker-images/dco-check/README.md b/meta-raspberrypi/.github/workflows/docker-images/dco-check/README.md new file mode 100644 index 0000000000..bf5324170a --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/dco-check/README.md @@ -0,0 +1,16 @@ +<!-- +SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> + +SPDX-License-Identifier: MIT +--> + +# Docker image for DCO checks + +This image provides the environment and the logic of running a DCO check +against a repository. + +## Configuration + +The `entrypoint.sh` script assumes at runtime that the repository to be checked +is available under `/work`. This path is to be populated via bind mounts when +running the container. diff --git a/meta-raspberrypi/.github/workflows/docker-images/dco-check/entrypoint.sh b/meta-raspberrypi/.github/workflows/docker-images/dco-check/entrypoint.sh new file mode 100755 index 0000000000..135d410c6e --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/dco-check/entrypoint.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +set -e + +# shellcheck disable=SC1091 +. /utils.sh + +GIT_REPO_PATH="/work" + +[ -n "$BASE_REF" ] || + error "DCO checks needs to know the target branch. Make sure that is set in BASE_REF." +[ -d "$GIT_REPO_PATH/.git" ] || + error "Can't find a git checkout under $GIT_REPO_PATH ." +cd "$GIT_REPO_PATH" +dco-check \ + --verbose \ + --default-branch "origin/$BASE_REF" diff --git a/meta-raspberrypi/.github/workflows/docker-images/utils.sh b/meta-raspberrypi/.github/workflows/docker-images/utils.sh new file mode 100644 index 0000000000..66bdb09f39 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/utils.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +_log() { + _level="$1" + _msg="$2" + echo "[$_level] $_msg" +} + +error() { + _msg="$1" + _log "ERR" "$1" + exit 1 +} + +warn() { + _msg="$1" + _log "WRN" "$1" + exit 1 +} + +log() { + _msg="$1" + _log "LOG" "$1" +} diff --git a/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/Dockerfile b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/Dockerfile new file mode 100644 index 0000000000..87221b9e79 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/Dockerfile @@ -0,0 +1,39 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +FROM ubuntu:20.04 + +ARG DEBIAN_FRONTEND="noninteractive" +RUN apt-get update -qq +RUN apt-get install -y eatmydata + +# Yocto/OE build host dependencies +# Keep this in sync with +# https://git.yoctoproject.org/poky/tree/documentation/poky.yaml +RUN eatmydata apt-get install -qq -y \ + gawk wget git diffstat unzip texinfo gcc build-essential chrpath \ + socat cpio python3 python3-pip python3-pexpect xz-utils debianutils \ + iputils-ping python3-git python3-jinja2 libegl1-mesa libsdl1.2-dev \ + pylint3 xterm python3-subunit mesa-common-dev zstd liblz4-tool + +# en_US.UTF-8 is required by the build system +RUN eatmydata apt-get install -qq -y locales \ + && echo "en_US.UTF-8 UTF-8" > /etc/locale.gen \ + && locale-gen +ENV LANG en_US.utf8 + +RUN eatmydata apt-get clean && rm -rf /var/lib/apt/lists/* + +# Have bash as shell +RUN echo "dash dash/sh boolean false" | debconf-set-selections \ + && dpkg-reconfigure dash + +# Run under normal user called 'ci' +RUN useradd --create-home --uid 1000 --shell /usr/bin/bash ci +USER ci +WORKDIR /home/ci + +COPY ./yocto-builder/entrypoint-yocto-check-layer.sh / +COPY ./yocto-builder/entrypoint-build.sh / +COPY ./utils.sh / diff --git a/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/README.md b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/README.md new file mode 100644 index 0000000000..6336fb88af --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/README.md @@ -0,0 +1,16 @@ +<!-- +SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> + +SPDX-License-Identifier: MIT +--> + +# Docker image for builds + +This defines the docker image for running Yocto/OE based operations/builds. It +privides multiple scripts for driving different operations. + +## Configuration + +The `entrypoint` scripts assumes at runtime that the repository to drive the +operation against is available under `/work`. This path is to be populated via +bind mounts when running the container. diff --git a/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-build.sh b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-build.sh new file mode 100755 index 0000000000..a98fa2a190 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-build.sh @@ -0,0 +1,61 @@ +#!/bin/sh + +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +set -ex + +# shellcheck disable=SC1091 +. /utils.sh + +META_RASPBERRYPI_PATH="/work" + +[ -n "$BASE_REF" ] || + error "Target branch is needed. Make sure that is set in BASE_REF." +[ -d "$META_RASPBERRYPI_PATH/.git" ] || + error "Can't find a git checkout under $META_RASPBERRYPI_PATH ." +[ -n "$MACHINE" ] || + error "Machine to be used for build not provided." +[ -n "$IMAGE" ] || + error "Image to build not provided." + +TEMP_DIR="$(mktemp -d)" +cd "$TEMP_DIR" + +REPOS=" \ + git://git.yoctoproject.org/poky.git \ +" +for repo in $REPOS; do + log "Cloning $repo on branch $BASE_REF..." + git clone --depth 1 --branch "$BASE_REF" "$repo" +done + +# shellcheck disable=SC1091,SC2240 +. ./poky/oe-init-build-env build + +# Build configuration +printf "\n# ------ ci ------\n" >> conf/local.conf +[ -z "$SSTATE_DIR" ] || echo SSTATE_DIR = \""$SSTATE_DIR"\" >> conf/local.conf +[ -z "$DL_DIR" ] || echo DL_DIR = \""$DL_DIR"\" >> conf/local.conf +[ -z "$DISTRO" ] || echo DISTRO = \""$DISTRO"\" >> conf/local.conf +cat <<EOCONF >>conf/local.conf +BB_NUMBER_THREADS = "6" +PARALLEL_MAKE = "-j 6" +DISTRO_FEATURES:append = " systemd" +VIRTUAL-RUNTIME_init_manager = "systemd" +DISTRO_FEATURES_BACKFILL_CONSIDERED:append = " sysvinit" +VIRTUAL-RUNTIME_initscripts = "systemd-compat-units" +EOCONF + +# Add the BSP layer +bitbake-layers add-layer "$META_RASPBERRYPI_PATH" + +# Log configs for debugging purposes +for f in 'conf/local.conf' 'conf/bblayers.conf'; do + printf "\n------ %s ------\n" "$f" + cat "$f" +done + +# Fire! +MACHINE="$MACHINE" bitbake "$IMAGE" diff --git a/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-yocto-check-layer.sh b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-yocto-check-layer.sh new file mode 100755 index 0000000000..474a24ed2f --- /dev/null +++ b/meta-raspberrypi/.github/workflows/docker-images/yocto-builder/entrypoint-yocto-check-layer.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +set -ex + +# shellcheck disable=SC1091 +. /utils.sh + +GIT_REPO_PATH="/work" + +[ -n "$BASE_REF" ] || + error "Target branch is needed. Make sure that is set in BASE_REF." +[ -d "$GIT_REPO_PATH/.git" ] || + error "Can't find a git checkout under $GIT_REPO_PATH ." + +TEMP_DIR="$(mktemp -d)" +cd "$TEMP_DIR" + +REPOS=" \ + git://git.yoctoproject.org/poky.git \ +" +for repo in $REPOS; do + log "Cloning $repo on branch $BASE_REF..." + git clone --depth 1 --branch "$BASE_REF" "$repo" +done + +# shellcheck disable=SC1091,SC2240 +. ./poky/oe-init-build-env build +yocto-check-layer --with-software-layer-signature-check --debug \ + "$GIT_REPO_PATH" diff --git a/meta-raspberrypi/.github/workflows/mirror.yml b/meta-raspberrypi/.github/workflows/mirror.yml new file mode 100644 index 0000000000..11bb185c15 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/mirror.yml @@ -0,0 +1,22 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: Mirrors + +on: [ push, delete, create ] + +concurrency: + group: git-mirror-me + +jobs: + yocto-mirror: + name: Yocto Git Mirror + runs-on: [self-hosted, Linux] + steps: + - uses: agherzan/git-mirror-me-action@v1.0.0 + env: + SSH_PRIVATE_KEY: ${{ secrets.YOCTO_META_RASPBERRYPI_SSH_PRIVATE_KEY }} + SSH_KNOWN_HOSTS: ${{ secrets.YOCTO_META_RASPBERRYPI_SSH_KNOWN_HOSTS }} + with: + destination-repository: "git@push.yoctoproject.org:meta-raspberrypi" diff --git a/meta-raspberrypi/.github/workflows/yocto-builds.yml b/meta-raspberrypi/.github/workflows/yocto-builds.yml new file mode 100644 index 0000000000..2d35b9f781 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/yocto-builds.yml @@ -0,0 +1,66 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: Builds + +on: + pull_request: + +jobs: + build: + strategy: + fail-fast: true + matrix: + machine: + - raspberrypi + - raspberrypi0-2w-64 + - raspberrypi0-2w + - raspberrypi0 + - raspberrypi0-wifi + - raspberrypi2 + - raspberrypi3-64 + - raspberrypi3 + - raspberrypi4-64 + - raspberrypi4 + - raspberrypi-cm3 + - raspberrypi-cm + image: [core-image-base] + distro: [poky] + runs-on: [self-hosted, Linux] + name: ${{ matrix.machine }}/${{ matrix.image }}/poky/systemd + env: + DL_DIR: /var/lib/ci/yocto/downloads + SSTATE_DIR: /var/lib/ci/yocto/sstate + steps: + - name: Checkout the code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Build a temporary yocto-builder image + uses: ./.github/actions/docker-build + with: + docker_image: yocto-builder + id: ${{ github.event.number }} + - name: Build the image + run: | + docker run --rm \ + -v "$GITHUB_WORKSPACE:/work:ro" \ + -v "$DL_DIR:$DL_DIR:rw" \ + -v "$SSTATE_DIR:$SSTATE_DIR:rw" \ + --env "BASE_REF=$GITHUB_BASE_REF" \ + --env "MACHINE=${{ matrix.machine }}" \ + --env "DISTRO=${{ matrix.distro }}" \ + --env "IMAGE=${{ matrix.image }}" \ + --env "DL_DIR=$DL_DIR" \ + --env "SSTATE_DIR=$SSTATE_DIR" \ + "yocto-builder-${{ github.event.number }}" \ + /entrypoint-build.sh + - name: Cleanup temporary docker image + uses: ./.github/actions/docker-clean-image + with: + docker_image: yocto-builder-${{ github.event.number }} + if: always() + - name: Cleanup dangling docker images + uses: ./.github/actions/docker-clean-dangling + if: always() diff --git a/meta-raspberrypi/.github/workflows/yocto-layer.yml b/meta-raspberrypi/.github/workflows/yocto-layer.yml new file mode 100644 index 0000000000..3d5baf8397 --- /dev/null +++ b/meta-raspberrypi/.github/workflows/yocto-layer.yml @@ -0,0 +1,37 @@ +# SPDX-FileCopyrightText: Andrei Gherzan <andrei.gherzan@huawei.com> +# +# SPDX-License-Identifier: MIT + +name: Yocto Compatible + +on: + pull_request: + +jobs: + yocto-check-layer: + name: Validate with yocto-check-layer + runs-on: [self-hosted, Linux] + steps: + - name: Checkout the code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Build a temporary yocto-builder image + uses: ./.github/actions/docker-build + with: + docker_image: yocto-builder + id: ${{ github.event.number }} + - name: Run yocto-check-layer + run: | + docker run --rm -v "$GITHUB_WORKSPACE:/work:ro" \ + --env "BASE_REF=$GITHUB_BASE_REF" \ + "yocto-builder-${{ github.event.number }}" \ + /entrypoint-yocto-check-layer.sh + - name: Cleanup temporary docker image + uses: ./.github/actions/docker-clean-image + with: + docker_image: yocto-builder-${{ github.event.number }} + if: always() + - name: Cleanup dangling docker images + uses: ./.github/actions/docker-clean-dangling + if: always() |