Skip to content

Bump step-security/harden-runner from 2.10.2 to 2.10.3 #506

Bump step-security/harden-runner from 2.10.2 to 2.10.3

Bump step-security/harden-runner from 2.10.2 to 2.10.3 #506

Workflow file for this run

name: svdconv
on:
workflow_call:
push:
branches:
- main
paths:
- '.github/workflows/svdconv.yml'
- '.github/workflows/unit_test_results.yml'
- '.github/matrix_includes_svdconv.json'
- 'CMakeLists.txt'
- 'tools/svdconv/**'
- 'libs/xml**'
- '!**/docs/**/*'
- '!**/*.md'
pull_request:
paths:
- '.github/workflows/svdconv.yml'
- '.github/workflows/unit_test_results.yml'
- '.github/matrix_includes_svdconv.json'
- 'CMakeLists.txt'
- 'tools/svdconv/**'
- 'libs/xml**'
- '!**/docs/**/*'
- '!**/*.md'
release:
types: [published]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
setup:
uses: Open-CMSIS-Pack/devtools/.github/workflows/shared_setup_env.yml@main
with:
run_if: ${{ fromJSON((github.event_name == 'pull_request') || (github.event_name == 'workflow_dispatch') || (github.event_name == 'release' && startsWith(github.ref, 'refs/tags/tools/svdconv/')) || ((github.event.schedule != '') && (!github.event.repository.private))) }}
matrix_prep:
needs: setup
uses: Open-CMSIS-Pack/devtools/.github/workflows/shared_matrix_prep.yml@main
with:
workflow_name: svdconv
build:
needs: [ setup, matrix_prep ]
runs-on: ${{ matrix.runs_on }}
timeout-minutes: 15
strategy:
fail-fast: true
matrix: ${{ fromJson(needs.matrix_prep.outputs.matrix) }}
steps:
- name: Harden Runner
if: ${{ !github.event.repository.private }}
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
egress-policy: audit
- name: Checkout devtools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: recursive
fetch-depth: 0
- name: Build svdconv
uses: Open-CMSIS-Pack/devtools-build-action@f447c00e0c2a58681faacce9312ead5813f93888 # arm64
with:
target: svdconvdist
arch: ${{ matrix.arch }}
- name: Archive svdconv binary
if: ${{ github.event_name != 'release' || (needs.setup.outputs.nightly == 'true')}}
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: svdconv-${{ matrix.target }}-${{ matrix.arch }}
path: ./build/tools/svdconv/SVDConv/svdconv-*-${{ matrix.target }}-${{ matrix.arch }}.*
retention-days: ${{ needs.setup.outputs.retention_days }}
if-no-files-found: error
- name: Attach svdconv binary to release
if: ${{ github.event_name == 'release' }}
uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
tag: ${{ github.ref }}
overwrite: true
file_glob: true
file: build/tools/svdconv/SVDConv/svdconv-*-${{ matrix.target }}-${{ matrix.arch }}.*
test:
needs: [ setup, matrix_prep ]
runs-on: ${{ matrix.runs_on }}
timeout-minutes: 15
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.matrix_prep.outputs.matrix) }}
steps:
- name: Harden Runner
if: ${{ !github.event.repository.private }}
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
egress-policy: audit
- name: Checkout devtools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: recursive
# https://github.com/Open-CMSIS-Pack/devtools-build-action
- name: Build SVDConvUnitTests
uses: Open-CMSIS-Pack/devtools-build-action@f447c00e0c2a58681faacce9312ead5813f93888 # arm64
with:
arch: ${{ matrix.arch }}
build_type: Debug
target: SVDConvUnitTests
- name: Run svdconv unit tests
if: (matrix.arch != 'arm64')
run: |
ctest -V -R SVDConvUnitTests
working-directory: ./build
# https://github.com/Open-CMSIS-Pack/devtools-build-action
- name: Build SvdConvIntegTests
uses: Open-CMSIS-Pack/devtools-build-action@f447c00e0c2a58681faacce9312ead5813f93888 # arm64
with:
arch: ${{ matrix.arch }}
build_type: Debug
target: SvdConvIntegTests
- name: Run svdconv integ tests
if: matrix.arch != 'arm64'
run: |
ctest -V -R SvdConvIntegTests
working-directory: ./build
- name: Archive unit test results
if: always() && (matrix.arch != 'arm64')
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: unit_test_result_svdconv-${{ matrix.target }}-${{ matrix.arch }}
path: ./build/test_reports/svdconvunittests-*.xml
if-no-files-found: error
retention-days: ${{ needs.setup.outputs.retention_days }}
- name: Archive integration test results
if: always() && (matrix.arch != 'arm64')
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: integ_test_result_svdconv-${{ matrix.target }}-${{ matrix.arch }}
path: ./build/test_reports/svdconvintegtests-*.xml
if-no-files-found: error
retention-days: ${{ needs.setup.outputs.retention_days }}
coverage:
if: |
(github.event_name == 'pull_request') ||
(github.event_name == 'workflow_dispatch') ||
(github.event_name == 'push') ||
(github.event_name == 'release' && startsWith(github.ref, 'refs/tags/tools/svdconv/')) ||
((github.event.schedule != '') && (!github.event.repository.private))
env:
lcov_base: https://github.com/linux-test-project/lcov/releases/download/v1.15/
lcov_installer: lcov-1.15.tar.gz
runs-on: ubuntu-22.04
timeout-minutes: 15
steps:
- name: Harden Runner
if: ${{ !github.event.repository.private }}
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
egress-policy: audit
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install \
lcov
- name: Checkout devtools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
submodules: recursive
# https://github.com/Open-CMSIS-Pack/devtools-build-action
- name: Build SVDConvUnitTests
uses: Open-CMSIS-Pack/devtools-build-action@f447c00e0c2a58681faacce9312ead5813f93888 # arm64
with:
add_cmake_variables: -DCOVERAGE=ON
arch: amd64
build_type: Debug
target: SVDConvUnitTests
# https://github.com/Open-CMSIS-Pack/devtools-build-action
- name: Build SvdConvIntegTests
uses: Open-CMSIS-Pack/devtools-build-action@f447c00e0c2a58681faacce9312ead5813f93888 # arm64
with:
add_cmake_variables: -DCOVERAGE=ON
arch: amd64
build_type: Debug
target: SvdConvIntegTests
- name: Run svdconv tests
run: |
ctest -V -C Debug -R SVDConvUnitTests
ctest -V -C Debug -R SvdConvIntegTests
working-directory: ./build
- name: Get retention days
id: var
run: |
echo "retention_days=$(echo '${{ (!github.event.repository.private && (github.event_name == 'push' || github.event.schedule != '')) && '7' || '1' }}')" >> $GITHUB_OUTPUT
- name: Archive unit test results
if: (github.event_name == 'push')
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: unit_test_report_svdconv-linux-amd64
path: ./build/test_reports/svdconvunittests-*.xml
if-no-files-found: error
retention-days: ${{ steps.var.outputs.retention_days }}
- name: Archive integration test results
if: (github.event_name == 'push')
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: integ_test_report_svdconv-linux-amd64
path: ./build/test_reports/svdconvintegtests-*.xml
if-no-files-found: error
retention-days: ${{ steps.var.outputs.retention_days }}
# Needs to be removed once the bug is resolved
# lcov reporting 1.14 on 1.15 version
# https://groups.google.com/g/linux.debian.bugs.dist/c/a9SZGCENJ2s?pli=1
- name: Setup lcov1.15
run: |
wget -q ${{ env.lcov_base }}/${{ env.lcov_installer }}
tar -xvf ${{ env.lcov_installer }}
working-directory: ./build/tools/svdconv
- name: Generate coverage report
run: |
lcov-1.15/bin/lcov --rc lcov_branch_coverage=1 --rc geninfo_no_exception_branch=1 --rc lcov_branch_coverage=1 -c --directory . --output-file full_coverage.info
lcov-1.15/bin/lcov --rc lcov_branch_coverage=1 --rc geninfo_no_exception_branch=1 --rc lcov_branch_coverage=1 -e full_coverage.info \
'*/tools/svdconv/SVDConv/include/*' \
'*/tools/svdconv/SVDConv/src/*' \
'*/tools/svdconv/SVDGenerator/include/*' \
'*/tools/svdconv/SVDGenerator/src/*' \
'*/tools/svdconv/SVDModel/include/*' \
'*/tools/svdconv/SVDModel/src/*' \
-o coverage_svdconv.info
genhtml coverage_svdconv.info --output-directory coverage_svdconv --branch-coverage
working-directory: ./build/tools/svdconv
- name: Upload Report to Codecov
if: ${{ !github.event.repository.private }}
uses: Wandalen/wretry.action@ffdd254f4eaf1562b8a2c66aeaa37f1ff2231179 # v3.7.3
with:
action: codecov/codecov-action@v4
with: |
files: ./build/tools/svdconv/coverage_svdconv.info
fail_ci_if_error: true
flags: svdconv-cov
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
attempt_limit: 3
attempt_delay: 5000
- name: Archive coverage report
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: coverage-report-svdconv
path: |
./build/tools/svdconv/coverage_svdconv/
./build/tools/svdconv/coverage_svdconv.info
retention-days: ${{ steps.var.outputs.retention_days }}
if-no-files-found: error
release:
if: |
github.event_name == 'release' &&
startsWith(github.ref, 'refs/tags/tools/svdconv/')
needs: [ build, test, coverage ]
runs-on: ubuntu-22.04
timeout-minutes: 15
steps:
- name: Checkout devtools
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Create distribution folders
run: |
mkdir -p tools/svdconv/distribution/
- name: Download coverage report
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: coverage-report-svdconv
path: tools/svdconv/distribution/coverage/
- name: Zip distribution folder
run: zip -r svdconv.zip *
working-directory: tools/svdconv/distribution
- name: Attach zip archive to release assets
uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: tools/svdconv/distribution/svdconv.zip
tag: ${{ github.ref }}
overwrite: true
asset_name: svdconv.zip
test-results-preparation:
name: "Publish Tests Results"
needs: [ test ]
runs-on: ubuntu-22.04
steps:
- name: Harden Runner
if: ${{ !github.event.repository.private }}
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
with:
egress-policy: audit
- name: Event File
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
with:
name: Event File svdconv
path: ${{ github.event_path }}