-
Notifications
You must be signed in to change notification settings - Fork 12
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
.github/workflows/build: Workflow to test project build
This Github Worflow builds each freertos-pkcs11-psa repository commit/PR against https://github.com/aws/amazon-freertos repository (into which it's included as a submodule). Required "grafting" is performed to ensure that the revision-under-test of freertos-pkcs11-psa is built (instead of the current submodule revision as recorded in amazon-freertos). With such setup (main repo with submodules), it can be anticipated that some changes may need to be coordinated across repositories (i.e. applied at the same time for successful build), so there's a support to build against arbitrary amazon-freertos revision (including a PR branch), not just master HEAD (default). To achieve that, a freertos-pkcs11-psa PR should include file "amazon-freertos.rev" in the top directory, containing revision or branch name to build against (e.g "pull/NNN/head" for PRs). The build is performed for cypress/CY8CKIT_064S0S2_4343W, which is currently the only platform in amazon-freertos which uses freertos-pkcs11-psa. It's anticipated that more build platforms will be added, as they appear in amazon-freertos. (For example, it would be nice to add QEMU-emulated platform, to not just build a sample, but also run it.) Signed-off-by: Paul Sokolovsky <[email protected]>
- Loading branch information
Showing
2 changed files
with
140 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,102 @@ | ||
#!/bin/sh | ||
# | ||
# Build checked out freertos-pkcs11-psa submodule against amazon-freertos tree. | ||
# | ||
# Copyright (c) 2020 Linaro Limited | ||
# | ||
# Based on instructions: | ||
# https://docs.aws.amazon.com/freertos/latest/userguide/getting_started_cypress_psoc64.html | ||
# | ||
# This script assumes: | ||
# 1. A particular revision of the freertos-pkcs11-psa repo was cloned under | ||
# "freertos-pkcs11-psa" subdirectory. | ||
# 2. The gnuarmemb toolchain is already in the PATH. | ||
# | ||
# This script is supposed to be usable both as part of Github Workflow and | ||
# for local testing/debugging, please keep it such. | ||
|
||
set -ex | ||
|
||
# Set to 1 to clone just minimal set of git submodules required for the | ||
# build. Mostly useful for local testing (as submodule set changes over | ||
# upstream revisions). | ||
OPTIMIZE_SUBMODULES=0 | ||
|
||
SOURCE_REPO=https://github.com/aws/amazon-freertos | ||
REPO_SUBDIR=amazon-freertos | ||
|
||
git clone -q $SOURCE_REPO $REPO_SUBDIR | ||
|
||
cd $REPO_SUBDIR | ||
|
||
# Allow to override amazon-freertos's revision/branch to build against | ||
# (e.g., to build against a particular amazon-freertos PR, if which case | ||
# the file content should be "pull/NNN/head"). | ||
if [ -f ../freertos-pkcs11-psa/amazon-freertos.rev ]; then | ||
REV=$(cat ../freertos-pkcs11-psa/amazon-freertos.rev) | ||
git fetch origin $REV:$REV || true | ||
git checkout $REV | ||
fi | ||
|
||
if [ $OPTIMIZE_SUBMODULES -eq 0 ]; then | ||
git submodule update --recursive --init | ||
else | ||
git submodule update --recursive --init \ | ||
freertos_kernel \ | ||
libraries/coreHTTP \ | ||
libraries/coreJSON \ | ||
libraries/coreMQTT \ | ||
libraries/device_defender_for_aws \ | ||
libraries/device_shadow_for_aws_iot_embedded_sdk \ | ||
libraries/jobs_for_aws \ | ||
libraries/3rdparty/lwip \ | ||
libraries/3rdparty/mbedtls \ | ||
libraries/3rdparty/pkcs11 \ | ||
libraries/abstractions/pkcs11/corePKCS11 | ||
fi | ||
|
||
# Remove freertos-pkcs11-psa submodule dir, as cloned from amazon-freertos. | ||
rm -rf libraries/abstractions/pkcs11/psa | ||
|
||
# Instead, graft pre-cloned CI submodule clone. | ||
#mv ../freertos-pkcs11-psa libraries/abstractions/pkcs11/psa | ||
ln -s $PWD/../freertos-pkcs11-psa libraries/abstractions/pkcs11/psa | ||
|
||
ls -l libraries/abstractions/pkcs11 | ||
ls -l libraries/abstractions/pkcs11/psa/ | ||
|
||
# To build images to completion, we need firmware signing keys. The | ||
# sample keys used to be in the repo, but were removed. As a quick | ||
# workaround, just revert the removal commit. TODO: Perhaps, (pre)generate | ||
# our own test keys. | ||
# Revert doesn't go thru completely due to some submodule foo, but the | ||
# needed files are put into the working tree, so we just ignore error. | ||
git revert 287ed79eb6137443133d2a7200bc5591c02a8973 || true | ||
|
||
if [ -d .venv ]; then | ||
. .venv/bin/activate | ||
else | ||
python3 -m venv .venv | ||
. .venv/bin/activate | ||
python3 -m pip install cysecuretools | ||
fi | ||
|
||
which cysecuretools | ||
cysecuretools version | ||
|
||
cd projects/cypress/CY8CKIT_064S0S2_4343W/mtb/aws_demos | ||
rm -rf build | ||
|
||
cmake -DVENDOR=cypress -DBOARD=CY8CKIT_064S0S2_4343W -DCOMPILER=arm-gcc -DBUILD_CLONE_SUBMODULES=OFF \ | ||
-S ../../../../.. -B build | ||
|
||
cmake --build build | ||
|
||
echo "=== Build results ===" | ||
ls -l build/*.hex | ||
echo "===" | ||
|
||
# Dump submodule status after the build, to double-check that the build | ||
# process didn't re-cloned upstream revision of freertos-pkcs11-psa | ||
# (-DBUILD_CLONE_SUBMODULES=OFF should ensure that). | ||
git submodule status |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: freertos-pkcs11-psa CI | ||
|
||
on: | ||
push: | ||
pull_request: | ||
|
||
jobs: | ||
build: | ||
name: Build cypress/CY8CKIT_064S0S2_4343W | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Clone | ||
uses: actions/checkout@v1 | ||
- name: Install gnuarmemb | ||
run: | | ||
mkdir -p ~/bin | ||
mkdir -p ~/opt | ||
cd .. | ||
wget -q https://armkeil.blob.core.windows.net/developer/Files/downloads/gnu-rm/9-2019q4/RC2.1/gcc-arm-none-eabi-9-2019-q4-major-x86_64-linux.tar.bz2 | ||
tar -xaf gcc-arm-none-eabi-9-2019-q4-major-x86_64-linux.tar.bz2 -C ~/opt/ | ||
#echo "::add-path::~/bin:~/opt/gcc-arm-none-eabi-9-2019-q4-major/bin" | ||
#echo "::add-path::~/opt/gcc-arm-none-eabi-9-2019-q4-major/bin" | ||
echo "~/opt/gcc-arm-none-eabi-9-2019-q4-major/bin" >> $GITHUB_PATH | ||
- name: Check gnuarmemb version | ||
run: | | ||
echo $PATH | ||
arm-none-eabi-gcc --version | ||
- name: Run build | ||
run: | | ||
set -x | ||
pwd | ||
ORGDIR=$PWD | ||
ls -l | ||
git describe --always | ||
git log --oneline -n 5 | ||
cd .. | ||
ls -l | ||
$ORGDIR/.github/workflows/build.sh |