diff --git a/.github/workflows/create-comment-kernel-testing.yml b/.github/workflows/create-comment-kernel-testing.yml new file mode 100644 index 0000000000..28cea9dfa3 --- /dev/null +++ b/.github/workflows/create-comment-kernel-testing.yml @@ -0,0 +1,54 @@ +# NOTE: This has read-write repo token and access to secrets, so this must +# not run any untrusted code. +# see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ +name: Comment with Kernel testing resulsts on pull requests + +on: + workflow_run: + workflows: ["Drivers CI Build"] + types: + - completed + +jobs: + upload: + runs-on: ubuntu-latest + if: github.event.workflow_run.event == 'pull_request' + steps: + - name: 'Download artifact' + uses: actions/github-script@v7.0.1 + with: + script: | + var artifacts = await github.rest.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: ${{github.event.workflow_run.id }}, + }); + var matchArtifact = artifacts.data.artifacts.filter((artifact) => { + return artifact.name == "pr" + })[0]; + var download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: 'zip', + }); + var fs = require('fs'); + fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data)); + + - name: 'Unpack artifact' + run: unzip pr.zip + + - name: 'Comment on PR' + uses: actions/github-script@v7.0.1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + var fs = require('fs'); + var issue_number = Number(fs.readFileSync('./NR')); + var comment_body = fs.readFileSync('./COMMENT'); + await github.rest.issues.createComment({ + owner: context.repo.owner, + repo: context.repo.repo, + issue_number: issue_number, + body: comment_body.toString('utf8') + }); \ No newline at end of file diff --git a/.github/workflows/create-comment.yml b/.github/workflows/create-comment.yml index 8960d6d449..008729c71a 100644 --- a/.github/workflows/create-comment.yml +++ b/.github/workflows/create-comment.yml @@ -1,7 +1,7 @@ # NOTE: This has read-write repo token and access to secrets, so this must # not run any untrusted code. # see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ -name: Comment on the pull request +name: Comment with Perf diff on pull requests on: workflow_run: diff --git a/.github/workflows/drivers_ci.yml b/.github/workflows/drivers_ci.yml index a25aabe734..04ffeac9bb 100644 --- a/.github/workflows/drivers_ci.yml +++ b/.github/workflows/drivers_ci.yml @@ -334,4 +334,43 @@ jobs: with: # Use real branch's HEAD sha, not the merge commit libsversion: ${{ github.event.pull_request.head.sha }} - secrets: inherit \ No newline at end of file + secrets: inherit + + kernel-tests-upload: + needs: kernel-tests-dev + if: github.event_name == 'pull_request' && (needs.paths-filter.outputs.driver == 'true' || needs.paths-filter.outputs.libscap == 'true' || needs.paths-filter.outputs.libpman == 'true') + runs-on: ubuntu-latest + steps: + - name: Download X64 matrix + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: matrix_X64 + path: matrix_X64 + + - name: Download ARM64 matrix + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: matrix_ARM64 + path: matrix_ARM64 + + - name: Save PR info + run: | + mkdir -p ./pr + echo ${{ github.event.number }} > ./pr/NR + touch ./pr/COMMENT + echo "# X64 kernel testing matrix" >> ./pr/COMMENT + echo "$(head -n $(grep -n -v -m1 '^|' matrix_X64/matrix.md | awk -F':' '{ print $1 }') matrix_X64/matrix.md)" >> ./pr/COMMENT + echo "" > ./pr/COMMENT + echo "# ARM64 kernel testing matrix" >> ./pr/COMMENT + echo "$(head -n $(grep -n -v -m1 '^|' matrix_ARM64/matrix.md | awk -F':' '{ print $1 }') matrix_ARM64/matrix.md)" >> ./pr/COMMENT + echo Uploading PR info... + cat ./pr/COMMENT + echo "" + + - name: Upload PR info as artifact + uses: actions/upload-artifact@v4 + with: + name: pr + path: pr/ + retention-days: 1 + if-no-files-found: warn \ No newline at end of file