Skip to content

Merge pull request #4179 from mateir-7/pio-final #12

Merge pull request #4179 from mateir-7/pio-final

Merge pull request #4179 from mateir-7/pio-final #12

Workflow file for this run

# Licensed under the Apache License, Version 2.0 or the MIT License.
# SPDX-License-Identifier: Apache-2.0 OR MIT
# Copyright Tock Contributors 2024.
# This workflow contains all Treadmill-based hardware CI jobs.
#
# Treadmill is a distributed hardware testbed developed within the Tock OS
# project. For more information on Treadmill, have a look at its documentation
# [1] or repository [2].
#
# This workflow is based on the Treadmill GitHub Actions integration guide [3].
# In addition, it features the ability to run multiple Treadmill jobs and
# test-execute stages through GitHub Action's job matrices, and uses a GitHub
# environment to allow deployments with access to secrets for select PRs.
#
# [1]: https://book.treadmill.ci/
# [2]: https://github.com/treadmill-tb/treadmill
# [3]: https://book.treadmill.ci/user-guide/github-actions-integration.html
name: treadmill-ci
env:
TERM: xterm # Makes tput work in actions output
# Controls when the action will run. Triggers the workflow on pull request and
# merge group checks:
#
# KEEP IN SYNC WITH `environment:` ATTRIBUTE BELOW:
on:
push:
branches:
- master
# Pull requests from forks will not have access to the required GitHub API
# secrets below, even if they are using an appropriate deployment environment
# and the workflow runs have been approved according to this environment's
# rules. We don't know whether this is a bug on GitHub's end or deliberate.
# Either way, for now we disable this workflow to run on PRs until we have
# an API proxy that securely performs these GitHub API calls (adding runners
# and starting Treadmill jobs with those runner registration tokens), which
# allows this workflow to run without access to repository secrets.
#pull_request:
merge_group: # Run CI for the GitHub merge queue
permissions:
contents: read
jobs:
test-prepare:
runs-on: ubuntu-latest
# Do not run job on forks
if: github.repository == 'tock/tock'
# This provides access to the secrets required below:
# - for `treadmill-ci`: after approval by certain persons or GH teams
# - for `treadmill-ci-merged`: without approval, on merge queue branches
# and the master branch
#
# KEEP IN SYNC WITH `on:` EVENTS ABOVE:
environment: ${{ github.event_name == 'pull_request' && 'treadmill-ci' || 'treadmill-ci-merged' }}
outputs:
tml-job-ids: ${{ steps.treadmill-job-launch.outputs.tml-job-ids }}
tml-jobs: ${{ steps.treadmill-job-launch.outputs.tml-jobs }}
steps:
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Checkout Treadmill repository
uses: actions/checkout@v4
with:
repository: treadmill-tb/treadmill
# treadmill-tb/treadmill main as of Oct 1, 2024, 3:05 PM EDT
ref: 'c82f4d7ebddd17f8275ba52139e64e04623f30cb'
path: treadmill
- name: Cache Treadmill CLI compilation artifacts
id: cache-tml-cli
uses: actions/cache@v4
with:
path: treadmill/target
key: ${{ runner.os }}-tml-cli
- name: Compile the Treadmill CLI binary
run: |
pushd treadmill
cargo build --package tml-cli
popd
echo "$PWD/treadmill/target/debug" >> "$GITHUB_PATH"
# - uses: actions/checkout@v4
# with:
# path: tock
# - name: Analyze changes and determine types of tests to run
# run: |
# echo "TODO: implement this!"
- name: Generate a token to register new just-in-time runners
id: generate-token
uses: actions/create-github-app-token@v1
with:
app-id: ${{ vars.TREADMILL_GH_APP_CLIENT_ID }}
private-key: ${{ secrets.TREADMILL_GH_APP_PRIVATE_KEY }}
- name: Create GitHub just-in-time runners and enqueue Treadmill jobs
id: treadmill-job-launch
env:
GH_TOKEN: ${{ steps.generate-token.outputs.token }}
TML_API_TOKEN: ${{ secrets.TREADMILL_API_TOKEN }}
# Currently, all tests run only on hosts attached to an nRF52840DK
DUT_BOARD: nrf52840dk
# A Raspberry Pi OS netboot (NBD) image with a GitHub Actions
# self-hosted runner pre-configured.
#
# For the available images see
# https://book.treadmill.ci/treadmillci-deployment/images.html
IMAGE_ID: 5f4b61324c27472b5354cd11229a0936320148cd6e852fbf05e1b7ff5b4598e6
# Limit the supervisors to hosts that are compatible with this
# image. This is a hack until we introduce "image sets" which define
# multiple images for various supervisor hosts, but otherwise behave
# identically:
HOST_TYPE: nbd-netboot
HOST_ARCH: arm64
run: |
# When we eventually launch tests on multiple hardware platforms in
# parallel, we need to supply different SUB_TEST_IDs here:
SUB_TEST_ID="0"
# This runner ID uniquely identifies the GitHub Actions runner we're
# registering and allows us to launch test-execute jobs on this exact
# runner (connected to the exact board we want to run tests on).
RUNNER_ID="tml-gh-actions-runner-${GITHUB_REPOSITORY_ID}-${GITHUB_RUN_ID}-${GITHUB_RUN_ATTEMPT}-${SUB_TEST_ID}"
# Obtain a new just-in-time runner registration token:
RUNNER_CONFIG_JSON="$(gh api \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
/repos/${{ github.repository }}/actions/runners/generate-jitconfig \
-f "name=$RUNNER_ID" \
-F "runner_group_id=1" \
-f "labels[]=$RUNNER_ID" \
-f "work_folder=_work")"
echo "Generated configuration for runner $(echo "$RUNNER_CONFIG_JSON" | jq -r '.runner.name')"
# Generate a set of job paramters that includes the GitHub runner
# registration token and a script that shuts down the host once the
# runner has run through successfully:
TML_JOB_PARAMETERS="{\
\"gh-actions-runner-encoded-jit-config\": {\
\"secret\": true, \
\"value\": \"$(echo "$RUNNER_CONFIG_JSON" | jq -r '.encoded_jit_config')\" \
}, \
\"gh-actions-runner-exec-stop-post-sh\": {\
\"secret\": false, \
\"value\": \"if [ \\\"\$SERVICE_RESULT\\\" = \\\"success\\\" ]; then tml-puppet job terminate; fi\" \
}\
}"
echo "Enqueueing treadmill job:"
TML_JOB_ID_JSON="$(tml job enqueue \
"$IMAGE_ID" \
--tag-config "board:$DUT_BOARD;host-type:$HOST_TYPE;host-arch:$HOST_ARCH" \
--parameters "$TML_JOB_PARAMETERS" \
)"
TML_JOB_ID="$(echo "$TML_JOB_ID_JSON" | jq -r .job_id)"
echo "Enqueued Treadmill job with ID $TML_JOB_ID"
# Pass the job IDs and other configuration data into the outputs of
# this step, such that we can run test-execute job instances for each
# Treadmill job we've started:
echo "tml-job-ids=[ \
\"$TML_JOB_ID\" \
]" >> "$GITHUB_OUTPUT"
echo "tml-jobs={ \
\"$TML_JOB_ID\": { \
\"runner-id\": \"$RUNNER_ID\", \
} \
}" >> "$GITHUB_OUTPUT"
test-execute:
needs: test-prepare
strategy:
matrix:
tml-job-id: ${{ fromJSON(needs.test-prepare.outputs.tml-job-ids) }}
runs-on: ${{ fromJSON(needs.test-prepare.outputs.tml-jobs)[matrix.tml-job-id].runner-id }}
steps:
- name: Print Treadmill Job Context and Debug Information
run: |
echo "Treadmill job id: ${{ matrix.tml-job-id }}"
echo "GitHub Actions Runner ID: ${{ fromJSON(needs.test-prepare.outputs.tml-jobs)[matrix.tml-job-id] }}"
echo "Network configration:"
ip address
echo "Attached USB devices:"
lsusb
echo "Parameters:"
ls /run/tml/parameters
- uses: actions/checkout@v4
- uses: actions-rust-lang/setup-rust-toolchain@v1
- name: Build the Tock kernel
run: |
pushd boards/nordic/nrf52840dk
unset RUSTFLAGS
make
popd
# TODO: this job runs on the Treadmill host, with access to the target
# board. Add additional test & testing scripts.