security/tpm: prepare API for multiple active banks #534
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dasharo Checks | |
| on: | |
| push: | |
| jobs: | |
| check-upstream-status: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| # Checkout pull request HEAD commit instead of merge commit | |
| # See: https://github.com/actions/checkout#checkout-pull-request-head-commit-instead-of-merge-commit | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| # This should be enough, no need to have ~60000 commits | |
| fetch-depth: 2000 | |
| - uses: actions/setup-python@v3 | |
| - uses: pre-commit/action@v3.0.1 | |
| with: | |
| extra_args: check-upstream-status --hook-stage pre-push | |
| lint: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| # Checkout pull request HEAD commit instead of merge commit | |
| # See: https://github.com/actions/checkout#checkout-pull-request-head-commit-instead-of-merge-commit | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| # Top commit is enough | |
| fetch-depth: 1 | |
| - name: Standard lint tests | |
| run: util/lint/lint lint-stable | |
| - name: Extended lint tests | |
| run: util/lint/lint lint-extended | |
| check-defconfigs: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| # Checkout pull request HEAD commit instead of merge commit | |
| # See: https://github.com/actions/checkout#checkout-pull-request-head-commit-instead-of-merge-commit | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| # Top commit is enough | |
| fetch-depth: 1 | |
| - name: Verify defconfigs are up-to-date | |
| run: | | |
| # Start with the list of Dasharo boards, indicated by CONFIG_DASHARO | |
| boards=( $(grep -l 'CONFIG_DASHARO=y' configs/config.*) ) | |
| # Update all of them before reporting anything | |
| for c in $(printf "%s\n" "${boards[@]}" | sort); do | |
| make savedefconfig DOTCONFIG="$c" | |
| mv defconfig "$c" | |
| done | |
| # Print all the differences at once and fail or do nothing | |
| git diff --exit-code | |
| - name: Verify update capsules support in defconfigs | |
| run: .github/scripts/capsule-lint.sh |