From 38fb1c804715537ff916d4ccf041a6aa446a9582 Mon Sep 17 00:00:00 2001 From: Willy-JL Date: Tue, 7 Mar 2023 22:23:19 +0000 Subject: [PATCH] Update workflows --- .github/workflows/build.yml | 112 ++----------------------- .github/workflows/check_submodules.yml | 7 +- .github/workflows/lint.yml | 27 ++++++ .github/workflows/lint_c.yml | 47 ----------- .github/workflows/lint_python.yml | 33 -------- .github/workflows/pvs_studio.yml | 93 -------------------- .github/workflows/sonarqube.yaml | 38 +++++---- sonar-build | 4 +- 8 files changed, 61 insertions(+), 300 deletions(-) create mode 100644 .github/workflows/lint.yml delete mode 100644 .github/workflows/lint_c.yml delete mode 100644 .github/workflows/lint_python.yml delete mode 100644 .github/workflows/pvs_studio.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 708b40b88..715070b83 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,10 +1,10 @@ -name: 'Build' +name: 'Build artifact' on: push: branches: - dev - - "release*" + - main tags: - '*' pull_request: @@ -12,17 +12,11 @@ on: env: TARGETS: f7 DEFAULT_TARGET: f7 - FBT_TOOLCHAIN_PATH: /home/runner/work jobs: - main: + build: runs-on: ubuntu-latest steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - name: 'Checkout code' uses: actions/checkout@v3 @@ -30,78 +24,24 @@ jobs: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - - name: 'Get commit details' - id: names - run: | - if [[ ${{ github.event_name }} == 'pull_request' ]]; then - TYPE="pull" - elif [[ "${{ github.ref }}" == "refs/tags/"* ]]; then - TYPE="tag" - else - TYPE="other" - fi - python3 scripts/get_env.py "--event_file=${{ github.event_path }}" "--type=$TYPE" - echo random_hash=$(openssl rand -base64 40 | shasum -a 256 | awk '{print $1}') >> $GITHUB_OUTPUT - echo "event_type=$TYPE" >> $GITHUB_OUTPUT - - - name: 'Make artifacts directory' - run: | - rm -rf artifacts - rm -rf map_analyser_files - mkdir artifacts - mkdir map_analyser_files - - - name: 'Bundle scripts' - run: | - tar czpf artifacts/flipper-z-any-scripts-${SUFFIX}.tgz scripts debug - - name: 'Build the firmware' run: | set -e for TARGET in ${TARGETS}; do TARGET="$(echo "${TARGET}" | sed 's/f//')"; \ - ./fbt TARGET_HW=$TARGET copro_dist updater_package \ - ${{ startsWith(github.ref, 'refs/tags') && 'DEBUG=0 COMPACT=1' || '' }} - done - - - name: 'Move upload files' - run: | - set -e - for TARGET in ${TARGETS}; do - mv dist/${TARGET}-*/* artifacts/ + ./fbt TARGET_HW=$TARGET updater_package done - name: "Check for uncommitted changes" run: | git diff --exit-code - - name: 'Bundle resources' - run: | - tar czpf "artifacts/flipper-z-any-resources-${SUFFIX}.tgz" -C assets resources - - - name: 'Bundle core2 firmware' - run: | - cp build/core2_firmware.tgz "artifacts/flipper-z-any-core2_firmware-${SUFFIX}.tgz" - - - name: 'Copy map analyser files' - run: | - cp build/f7-firmware-*/firmware.elf.map map_analyser_files/firmware.elf.map - cp build/f7-firmware-*/firmware.elf map_analyser_files/firmware.elf - cp ${{ github.event_path }} map_analyser_files/event.json - - name: 'Updater artifact' uses: actions/upload-artifact@v3 with: name: updater path: | - artifacts/f7-* - - - name: 'Firmware artifact' - uses: actions/upload-artifact@v3 - with: - name: firmware - path: | - artifacts + dist/${{ env.DEFAULT_TARGET }}-* # - name: 'Find Previous Comment' # if: ${{ github.event.pull_request }} @@ -110,7 +50,7 @@ jobs: # with: # issue-number: ${{ github.event.pull_request.number }} # comment-author: 'github-actions[bot]' - # body-includes: 'Compiled firmware for commit' + # body-includes: 'Compiled firmware:' # - name: Artifact info # id: artifact-info @@ -125,44 +65,6 @@ jobs: # comment-id: ${{ steps.fc.outputs.comment-id }} # issue-number: ${{ github.event.pull_request.number }} # body: | - # **Compiled firmware for commit `${{steps.names.outputs.commit_sha}}`:** + # **Compiled firmware:** # - [📦 Update package](${{steps.artifact-info.outputs.artifacts[0].archive_download_url}}) # edit-mode: replace - - compact: - if: ${{ !startsWith(github.ref, 'refs/tags') }} - runs-on: ubuntu-latest - steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ] - then - git submodule status \ - || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - - - name: 'Checkout code' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - submodules: true - ref: ${{ github.event.pull_request.head.sha }} - - - name: 'Get commit details' - run: | - if [[ ${{ github.event_name }} == 'pull_request' ]]; then - TYPE="pull" - elif [[ "${{ github.ref }}" == "refs/tags/"* ]]; then - TYPE="tag" - else - TYPE="other" - fi - python3 scripts/get_env.py "--event_file=${{ github.event_path }}" "--type=$TYPE" - - - name: 'Build the firmware' - run: | - set -e - for TARGET in ${TARGETS}; do - TARGET="$(echo "${TARGET}" | sed 's/f//')"; \ - ./fbt TARGET_HW=$TARGET DEBUG=0 COMPACT=1 fap_dist updater_package - done diff --git a/.github/workflows/check_submodules.yml b/.github/workflows/check_submodules.yml index d1a1a64c3..fa9820335 100644 --- a/.github/workflows/check_submodules.yml +++ b/.github/workflows/check_submodules.yml @@ -4,7 +4,7 @@ on: push: branches: - dev - - "release*" + - main tags: - '*' pull_request: @@ -13,11 +13,6 @@ jobs: check_protobuf: runs-on: ubuntu-latest steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - name: 'Checkout code' uses: actions/checkout@v3 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 000000000..d1c615fc5 --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,27 @@ +name: 'Lint code formatting' + +on: + push: + branches: + - dev + - main + tags: + - '*' + pull_request: + +env: + SET_GH_OUTPUT: 1 + +jobs: + lint: + runs-on: ubuntu-latest + steps: + + - name: 'Checkout code' + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.sha }} + + - name: 'Check code formatting' + run: ./fbt lint lint_py diff --git a/.github/workflows/lint_c.yml b/.github/workflows/lint_c.yml deleted file mode 100644 index 25d6e8983..000000000 --- a/.github/workflows/lint_c.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: 'Lint C/C++ with clang-format' - -on: - push: - branches: - - dev - - "release*" - tags: - - '*' - pull_request: - -env: - TARGETS: f7 - FBT_TOOLCHAIN_PATH: /home/runner/work - SET_GH_OUTPUT: 1 - -jobs: - lint_c_cpp: - runs-on: ubuntu-latest - steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - - - name: 'Checkout code' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} - - - name: 'Check code formatting' - id: syntax_check - run: ./fbt lint - - - name: Report code formatting errors - if: failure() && steps.syntax_check.outputs.errors && github.event.pull_request - uses: peter-evans/create-or-update-comment@v1 - with: - issue-number: ${{ github.event.pull_request.number }} - body: | - Please fix following code formatting errors: - ``` - ${{ steps.syntax_check.outputs.errors }} - ``` - You might want to run `./fbt format` for an auto-fix. diff --git a/.github/workflows/lint_python.yml b/.github/workflows/lint_python.yml deleted file mode 100644 index a4cf4febb..000000000 --- a/.github/workflows/lint_python.yml +++ /dev/null @@ -1,33 +0,0 @@ -name: 'Python Lint' - -on: - push: - branches: - - dev - - "release*" - tags: - - '*' - pull_request: - -env: - FBT_TOOLCHAIN_PATH: /home/runner/work - SET_GH_OUTPUT: 1 - -jobs: - lint_python: - runs-on: ubuntu-latest - steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - - - name: 'Checkout code' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} - - - name: 'Check code formatting' - run: ./fbt lint_py diff --git a/.github/workflows/pvs_studio.yml b/.github/workflows/pvs_studio.yml deleted file mode 100644 index 65a8b6150..000000000 --- a/.github/workflows/pvs_studio.yml +++ /dev/null @@ -1,93 +0,0 @@ -name: 'Static C/C++ analysis with PVS-Studio' - -on: - push: - branches: - - dev - - "release*" - tags: - - '*' - pull_request: - -env: - TARGETS: f7 - DEFAULT_TARGET: f7 - FBT_TOOLCHAIN_PATH: /runner/_work - -jobs: - analyse_c_cpp: - if: ${{ !github.event.pull_request.head.repo.fork }} - runs-on: [self-hosted, FlipperZeroShell] - steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - - - name: 'Checkout code' - uses: actions/checkout@v3 - with: - fetch-depth: 0 - ref: ${{ github.event.pull_request.head.sha }} - - - name: 'Get commit details' - id: names - run: | - if [[ ${{ github.event_name }} == 'pull_request' ]]; then - TYPE="pull" - elif [[ "${{ github.ref }}" == "refs/tags/"* ]]; then - TYPE="tag" - else - TYPE="other" - fi - python3 scripts/get_env.py "--event_file=${{ github.event_path }}" "--type=$TYPE" - - - name: 'Supply PVS credentials' - run: | - pvs-studio-analyzer credentials ${{ secrets.PVS_STUDIO_CREDENTIALS }} - - - name: 'Convert PVS-Studio output to html and detect warnings' - id: pvs-warn - run: | - WARNINGS=0 - ./fbt COMPACT=1 PVSNOBROWSER=1 firmware_pvs || WARNINGS=1 - echo "warnings=${WARNINGS}" >> $GITHUB_OUTPUT - - - name: 'Upload report' - if: ${{ !github.event.pull_request.head.repo.fork && (steps.pvs-warn.outputs.warnings != 0) }} - uses: prewk/s3-cp-action@v2 - with: - aws_s3_endpoint: "${{ secrets.PVS_AWS_ENDPOINT }}" - aws_access_key_id: "${{ secrets.PVS_AWS_ACCESS_KEY }}" - aws_secret_access_key: "${{ secrets.PVS_AWS_SECRET_KEY }}" - source: "./build/f7-firmware-DC/pvsreport" - dest: "s3://${{ secrets.PVS_AWS_BUCKET }}/${{steps.names.outputs.branch_name}}/${{steps.names.outputs.default_target}}-${{steps.names.outputs.suffix}}/" - flags: "--recursive --acl public-read" - - - name: 'Find Previous Comment' - if: ${{ !github.event.pull_request.head.repo.fork && github.event.pull_request && (steps.pvs-warn.outputs.warnings != 0) }} - uses: peter-evans/find-comment@v2 - id: fc - with: - issue-number: ${{ github.event.pull_request.number }} - comment-author: 'github-actions[bot]' - body-includes: 'PVS-Studio report for commit' - - - name: 'Create or update comment' - if: ${{ !github.event.pull_request.head.repo.fork && github.event.pull_request && (steps.pvs-warn.outputs.warnings != 0) }} - uses: peter-evans/create-or-update-comment@v1 - with: - comment-id: ${{ steps.fc.outputs.comment-id }} - issue-number: ${{ github.event.pull_request.number }} - body: | - **PVS-Studio report for commit `${{steps.names.outputs.commit_sha}}`:** - - [Report](https://pvs.flipp.dev/${{steps.names.outputs.branch_name}}/${{steps.names.outputs.default_target}}-${{steps.names.outputs.suffix}}/index.html) - edit-mode: replace - - - name: 'Raise exception' - if: ${{ steps.pvs-warn.outputs.warnings != 0 }} - run: | - echo "Please fix all PVS warnings before merge" - exit 1 - diff --git a/.github/workflows/sonarqube.yaml b/.github/workflows/sonarqube.yaml index 5d0ee1eef..bbdacf51b 100644 --- a/.github/workflows/sonarqube.yaml +++ b/.github/workflows/sonarqube.yaml @@ -1,33 +1,36 @@ -name: SonarCloud +name: 'SonarCloud' + on: workflow_dispatch: pull_request: types: [opened, synchronize, reopened] + +env: + TARGETS: f7 + DEFAULT_TARGET: f7 + jobs: - build: - name: Build and analyze + analyze: runs-on: ubuntu-latest env: SONAR_SCANNER_VERSION: 4.7.0.2747 SONAR_SERVER_URL: "https://sonarcloud.io" BUILD_WRAPPER_OUT_DIR: "$HOME/.sonar/build_wrapper_output" # Directory where build-wrapper output will be placed FBT_NO_SYNC: "true" - TARGETS: f7 - DEFAULT_TARGET: f7 steps: - - name: 'Decontaminate previous build leftovers' - run: | - if [ -d .git ]; then - git submodule status || git checkout "$(git rev-list --max-parents=0 HEAD | tail -n 1)" - fi - - uses: actions/checkout@v2 + + - name: 'Checkout code' + uses: actions/checkout@v3 with: + submodules: 'recursive' # FBT_NO_SYNC is on, get submodules now fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - submodules: 'recursive' + ref: ${{ github.event.pull_request.head.sha }} + - name: Set up JDK 11 uses: actions/setup-java@v1 with: java-version: 11 + - name: Download and set up sonar-scanner env: SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip @@ -36,6 +39,7 @@ jobs: curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }} unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/ echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH + - name: Download and set up build-wrapper env: BUILD_WRAPPER_DOWNLOAD_URL: ${{ env.SONAR_SERVER_URL }}/static/cpp/build-wrapper-linux-x86.zip @@ -43,10 +47,16 @@ jobs: curl -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip ${{ env.BUILD_WRAPPER_DOWNLOAD_URL }} unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/ echo "$HOME/.sonar/build-wrapper-linux-x86" >> $GITHUB_PATH + - name: Run build-wrapper run: | - mkdir $HOME/.sonar/build_wrapper_output - build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} ./sonar-build + mkdir ${{ env.BUILD_WRAPPER_OUT_DIR }} + set -e + for TARGET in ${TARGETS}; do + TARGET="$(echo "${TARGET}" | sed 's/f//')"; \ + build-wrapper-linux-x86-64 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }} ./sonar-build "./fbt TARGET_HW=$TARGET updater_package" + done + - name: Run sonar-scanner env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/sonar-build b/sonar-build index 8dc9bf0dd..3cf736dcd 100755 --- a/sonar-build +++ b/sonar-build @@ -1,4 +1,4 @@ #!/bin/bash pushd . -./fbt updater_package -popd \ No newline at end of file +$1 +popd