Skip to content

Forbid empty filter mask access rules in ControlInterfaceAccess #2205

Forbid empty filter mask access rules in ControlInterfaceAccess

Forbid empty filter mask access rules in ControlInterfaceAccess #2205

Workflow file for this run

name: Build
on:
pull_request:
push:
branches:
- main
- release-**
workflow_dispatch:
workflow_call:
env:
CARGO_TERM_COLOR: always
concurrency:
group: "build-${{ github.head_ref || github.ref }}"
cancel-in-progress: true
jobs:
build_and_system_tests_linux_amd64:
name: Build and run system tests Linux amd64
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --privileged
steps:
- uses: actions/checkout@v4.1.1
- name: Build debug
run: cargo build
- name: Prepare system tests
run: |
mkdir -p target/robot_tests_result
chown vscode target/robot_tests_result
- name: Run system tests in pull request verification
if: ${{ github.event_name == 'pull_request' }}
run: |
SYSTEM_TEST_EXCLUDE_TAG="non_execution_during_pull_request_verification"
echo "Run is a PR verification, system tests tagged with '$SYSTEM_TEST_EXCLUDE_TAG' are NOT executed and skipped."
su vscode -c "tools/run_robot_tests.sh --exclude $SYSTEM_TEST_EXCLUDE_TAG tests"
- name: Run all system tests
if: ${{ github.event_name != 'pull_request' }}
run: |
echo "Event name is '${{ github.event_name }}', all system tests are executed."
su vscode -c "tools/run_robot_tests.sh tests"
- uses: actions/upload-artifact@v4.3.3
if: success() || failure()
with:
name: robot-tests-result
path: target/robot_tests_result
unit_tests_and_code_checks_linux_amd64:
name: Run unit tests Linux amd64
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --privileged
steps:
- uses: actions/checkout@v4.1.1
- name: Run unit tests
run: RUST_LOG=debug cargo nextest run
- name: Run clippy code checks
run: just clippy
- name: Prevent docker.io images in test
run: just check-test-images
- name: Check copyright headers
run: just check-copyright-headers
# If the next step fails, then a license used by a new dependency is currently
# not part of the whitelist in deny.toml. If the new license fits to the project
# then it should be added to the whitelist otherwise the dependency needs to be
# removed.
- name: Check licenses
run: just check-licenses
- name: Create license report
run: |
mkdir -p build
cargo about generate about.hbs > build/licenses.html
- uses: actions/upload-artifact@v4.3.3
with:
name: licenses
path: build/licenses.html
# We check advisories only for PRs in order to have stable builds on main.
# Remember that new advisories can pop up every time without changing the code.
- name: Check advisories for pull requests
if: ${{ github.event_name == 'pull_request' }}
run: just check-advisories
code_coverage_linux_amd64:
name: Create code coverage report
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --privileged
steps:
- uses: actions/checkout@v4.1.1
- name: Create code coverage html report
run: |
rustup component add llvm-tools-preview
just coverage
- uses: actions/upload-artifact@v4.3.3
with:
name: code-coverage
path: target/llvm-cov/html
build_linux_amd64_debian_package:
name: Build Linux amd64 debian package
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --privileged
steps:
- uses: actions/checkout@v4.1.1
- name: Build linux-amd64 release-mode
run: |
cargo build --release
mkdir -p dist/
cp target/x86_64-unknown-linux-musl/release/ank target/x86_64-unknown-linux-musl/release/ank-server target/x86_64-unknown-linux-musl/release/ank-agent dist/
- uses: actions/upload-artifact@v4.3.3
with:
name: ankaios-linux-amd64-bin
path: dist/
- name: Build linux-amd64 debian package
run: |
cargo deb -p ank --target x86_64-unknown-linux-musl
- uses: actions/upload-artifact@v4.3.3
with:
name: ankaios-linux-amd64-deb
path: target/x86_64-unknown-linux-musl/debian/ankaios*.deb
build_linux_arm64:
# currently there is no arm64 github built-in runner available
# however, there is an issue in progress on the github runner repo
# requesting the support for arm64: https://github.com/actions/runner-images/issues/5631
# if arm64 variants will be released we can switch to an arm64 image and save the longer built time for cross platform build
# and in addition, tests for arm64 can be enabled in this job, too
name: Build Linux arm64 debian package
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --user root
steps:
- uses: actions/checkout@v4.1.1
- name: Build linux-arm64 release-mode
run: |
cargo build --target aarch64-unknown-linux-musl --release
mkdir -p dist/
cp target/aarch64-unknown-linux-musl/release/ank target/aarch64-unknown-linux-musl/release/ank-server target/aarch64-unknown-linux-musl/release/ank-agent dist/
- uses: actions/upload-artifact@v4.3.3
with:
name: ankaios-linux-arm64-bin
path: dist/
- name: Build linux-arm64 debian package
run: |
cargo deb -p ank --target aarch64-unknown-linux-musl
- uses: actions/upload-artifact@v4.3.3
with:
name: ankaios-linux-arm64-deb
path: target/aarch64-unknown-linux-musl/debian/ankaios*.deb
requirements:
name: Build requirements tracing
runs-on: ubuntu-latest
container:
image: ghcr.io/eclipse-ankaios/devcontainer-base:0.10.2
options: --user root
steps:
- uses: actions/checkout@v4.1.1
- run: |
just trace-requirements dist/req_tracing_report.html
- uses: actions/upload-artifact@v4.3.3
with:
name: requirement-tracing-report
path: dist/