JDM170/build
1
0
Fork 0
mirror of https://github.com/armbian/build synced 2025-09-24 19:47:06 +07:00
Code Issues Packages Projects Releases Wiki Activity

Several small fixes to CI scripting (#3905)

Browse Source 
* Restore permission to make script work

We need to rework this, but until then things has to work.

* Permission issuers

* We don't try to cancel previous as it doesn't work

* Update

* Renaming, remove deprecated

* Add comments

* Prevent running scorecard on forks

* Update
This commit is contained in:
Igor Pečovnik
2022-06-18 23:53:45 +02:00
committed by GitHub
parent df2d09c8a2
commit 1cccbf481e
14 changed files with 80 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/build-test-image-docker.yml → .github/workflows/build-deskktop-pr.yml vendored
View File

@@ -1,9 +1,14 @@
name: Build desktop images at PR
name: Build Desktops at PR
#
# Generates supported desktops for uefi-arm64, uefi-x86 and rpi4 if label "desktop is set"
#
on:
workflow_dispatch:
pull_request:
types: [ready_for_review]
pull_request_review:
types: [submitted]
@@ -12,9 +17,11 @@ permissions:
jobs:
Maintain:
Maintain:
permissions:
contents: none
if: ${{ github.repository_owner == 'Armbian' && contains( github.event.pull_request.labels.*.name, 'Desktop :desktop_computer:') }}
uses: armbian/scripts/.github/workflows/build-test-image-docker.yml@master

12
.github/workflows/build-images.yml vendored
View File

@@ -1,4 +1,8 @@
name: Build Images
#
# Generates beta, stable or RC images. You can select build runners. By default it generates all images, but you can build images only for one target
# Images are placed at www.arnmbian.com and nighly beta also at https://github.com/armbian/build/releases/tag/latest
#
on:
@@ -6,7 +10,9 @@ on:
- cron: "30 2 */2 * *"
workflow_dispatch:
inputs:
choice:
type: choice
description: Build targets
@@ -14,16 +20,19 @@ on:
- beta
- stable
- rc
runner:
type: choice
description: Build runners for CLI
options:
- small
- ubuntu-latest
sourcerepo:
description: Source repository
required: false
default: 'nightly'
advanced:
description: 'Single board (grep -w tinkerboard |)'
required: false
@@ -33,7 +42,7 @@ jobs:
Cancel:
name: "Cancel currently active"
if: ${{ github.repository_owner == 'Armbian' }}
if: ${{ github.repository_owner == 'Armbian' && github.event.schedule == '' }}
runs-on: small
steps:
- uses: n1hility/cancel-previous-runs@v2
@@ -64,6 +73,7 @@ jobs:
steps:
- run: |
echo "Env: ${{ github.event.inputs.choice }}"
echo "Env: ${{ github.event.inputs.runner }}"
echo "Env: ${{ github.event.inputs.sourcerepo }}"

15
.github/workflows/build-kernel-on-merge-request.yml → .github/workflows/build-kernel-pr.yml vendored
View File

@@ -1,4 +1,8 @@
name: Build at pull request
name: Build Kernels at PR
#
# Generates kernels at PR if their code, patches or config was changed in any way. Packages are uploaded as Github action build artefakts
# Build starts if review is requested or if PR is marked for review
#
on:
workflow_dispatch:
@@ -7,14 +11,9 @@ on:
paths-ignore:
- .github/workflows
permissions:
contents: read
jobs:
Check:
permissions:
contents: none
name: Checking
if: ${{ success() && github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/check-for-changes.yml@master
@@ -24,8 +23,6 @@ jobs:
runner: small
Build:
permissions:
contents: none
needs: Check
if: ${{ success() && github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/build-kernel.yml@master
@@ -46,8 +43,6 @@ jobs:
KNOWN_HOSTS_UPLOAD: ${{ secrets.KNOWN_HOSTS_UPLOAD }}
jobsend:
permissions:
contents: none
name: Cleanup
needs: [Build]
runs-on: "small"

9
.github/workflows/build-train.yml vendored
View File

@@ -1,4 +1,8 @@
name: Build train
#
# Generates kernels at push if their code, patches or config was changed in any way. If those conditions are met, then it also rebuild
# desktops, firmware, u-boot, update repository and increment nighlty build version.
#
on:
workflow_dispatch:
@@ -226,7 +230,7 @@ jobs:
# Store build hashes for future comparission #
# #
##########################################################################################
Deploycheck:
permissions:
contents: none
@@ -318,8 +322,7 @@ jobs:
##########################################################################################
Bump:
permissions:
contents: none
needs: [apt-armbian-com,beta-armbian-com,sync-servers]
if: ${{ success() && github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/update-version.yml@master

4
.github/workflows/build-u-boot.yml vendored
View File

@@ -1,4 +1,8 @@
name: Build u-boot & BSP
#
# Manually generates u-boot & BSP packages
#
on:
workflow_dispatch:

5
.github/workflows/bump-version.yml vendored
View File

@@ -1,4 +1,7 @@
name: Bump version
name: Bump Version
#
# Manually bump version of nightly builds
#
on:
workflow_dispatch:

21
.github/workflows/cleanup.yml vendored Normal file
View File

@@ -0,0 +1,21 @@
name: Clean Workflow Logs
on:
workflow_dispatch:
inputs:
days_old:
description: "The amount of days old to delete"
default: "7"
required: false
jobs:
clean-logs:
if: ${{ github.repository_owner == 'Armbian' }}
runs-on: ubuntu-latest
steps:
- uses: igorjs/gh-actions-clean-workflow@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
owner: ${{ github.repository_owner }}
repo: ${{ github.event.repository.name }}
days_old: ${{ github.event.inputs.days_old }}

5
.github/workflows/lint-scripts-on-merge-request.yml → .github/workflows/lint-scripts-pr.yml vendored
View File

@@ -1,4 +1,7 @@
name: Lint scripts
name: Lint On Scripts
#
# Run ShellCheck on all scripts and generates report as build artefact
#
on:
workflow_dispatch:

5
.github/workflows/rebase.yml vendored
View File

@@ -1,4 +1,9 @@
name: Automatic Rebase
#
# If you comment "/rebase" to the PR this action rebase the PR
#
on:
issue_comment:
types: [created]

3
.github/workflows/scorecard.yml vendored
View File

@@ -1,4 +1,4 @@
name: Scorecards supply-chain security
name: Scorecards Security Scan
on:
# Only the default branch is supported.
branch_protection_rule:
@@ -13,6 +13,7 @@ permissions: read-all
jobs:
analysis:
if: ${{ github.repository_owner == 'Armbian' }}
name: Scorecards analysis
runs-on: ubuntu-latest
permissions:

3
.github/workflows/smoke-tests.yml vendored
View File

@@ -1,4 +1,7 @@
name: Smoke tests on DUTs
#
# Runs varios tests with latest nighly codebase on a real hardware
#
on:
workflow_dispatch:

2
.github/workflows/build-cache.yml → .github/workflows/update-cache.yml vendored
View File

@@ -1,4 +1,4 @@
name: Rootfs Caches
name: Update Rootfs Cache
on:
workflow_dispatch:

7
.github/workflows/update-docker.yml vendored
View File

@@ -1,4 +1,7 @@
name: Update Docker
#
# Update Docker images we use for building CI
#
on:
workflow_dispatch:
@@ -15,7 +18,7 @@ jobs:
contents: none
if: ${{ github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/update-docker-image.yml@master
secrets:
CR_PAT: ${{ secrets.CR_PAT }}
@@ -23,7 +26,7 @@ jobs:
permissions:
contents: none
needs: Docker
if: ${{ github.repository_owner == 'Armbian' }}
if: ${{ github.repository_owner == 'Armbian' }}
uses: armbian/scripts/.github/workflows/build-test-image-docker.yml@master
with:

37
.github/workflows/update-repository.yml vendored
View File

@@ -1,37 +0,0 @@
name: Update Repository
on:
workflow_dispatch:
permissions:
contents: read
jobs:
apt-armbian-com:
permissions:
contents: none
uses: armbian/scripts/.github/workflows/update-repository.yml@master
with:
KEY_ID: 'repository'
secrets:
KEY_REPOSITORY: ${{ secrets.KEY_REPOSITORY }}
USER_REPOSITORY: ${{ secrets.USER_REPOSITORY }}
HOST_REPOSITORY: ${{ secrets.HOST_REPOSITORY }}
KNOWN_HOSTS_REPOSITORY: ${{ secrets.KNOWN_HOSTS_REPOSITORY }}
beta-armbian-com:
permissions:
contents: none
uses: armbian/scripts/.github/workflows/update-repository.yml@master
with:
KEY_ID: 'repository-beta'
secrets:
KEY_REPOSITORY: ${{ secrets.KEY_REPOSITORY_BETA }}
USER_REPOSITORY: ${{ secrets.USER_REPOSITORY }}
HOST_REPOSITORY: ${{ secrets.HOST_REPOSITORY }}
KNOWN_HOSTS_REPOSITORY: ${{ secrets.KNOWN_HOSTS_REPOSITORY }}