CI: Only push containers if on main branch #286
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| push: | |
| branches-ignore: | |
| - "gh-readonly-queue/**" | |
| pull_request: | |
| merge_group: | |
| workflow_dispatch: | |
| name: Osiris CI | |
| env: | |
| CARGO_TERM_COLOR: always | |
| TERM: xterm-256color | |
| jobs: | |
| container: | |
| name: Build Container | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| outputs: | |
| container_name: ${{ steps.set_output.outputs.container_name }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set container name as output | |
| id: set_output | |
| run: | | |
| BRANCH=$(echo "${GITHUB_REF}" | sed 's|refs/heads/||' | tr '[:upper:]' '[:lower:]') | |
| REPO=$(echo "${GITHUB_REPOSITORY}" | tr '[:upper:]' '[:lower:]') | |
| CONTAINER_NAME="ghcr.io/${REPO}/devcontainer:${BRANCH//\//-}" | |
| echo "container_name=$CONTAINER_NAME" >> $GITHUB_OUTPUT | |
| echo "container_without_tag=ghcr.io/${REPO}/devcontainer" >> $GITHUB_OUTPUT | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: .devcontainer | |
| file: .devcontainer/Dockerfile | |
| push: ${{ github.ref == 'refs/heads/main' }} | |
| tags: ${{ steps.set_output.outputs.container_name }} | |
| cache-from: | | |
| type=registry,ref=${{ steps.set_output.outputs.container_name }}-cache | |
| type=registry,ref=${{ steps.set_output.outputs.container_without_tag }}:main-cache | |
| cache-to: type=registry,ref=${{ steps.set_output.outputs.container_name }}-cache,mode=max | |
| test: | |
| name: Testing | |
| needs: [container] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ${{ needs.container.outputs.container_name }} | |
| permissions: | |
| contents: read | |
| issues: write | |
| pull-requests: write | |
| packages: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Set testing config | |
| run: just config load test_def --no-confirm | |
| - name: Run test coverage | |
| run: just cov | |
| - name: Report code coverage | |
| uses: xarantolus/github-actions-report-lcov@v5 | |
| with: | |
| coverage-files: lcov.info | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| update-comment: true | |
| fmt: | |
| name: Check formatting | |
| needs: [container] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ${{ needs.container.outputs.container_name }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Check formatting for all Cargo manifests | |
| run: just fmt --check | |
| kani: | |
| name: Kani verification | |
| needs: [container] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ${{ needs.container.outputs.container_name }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Set testing config | |
| run: just config load test_def --no-confirm | |
| - name: Run Kani | |
| run: just verify | |
| build-stm32-l4r5zi-def: | |
| name: Build for the STM32 Nucleo L4R5ZI | |
| needs: [container] | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ${{ needs.container.outputs.container_name }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Set stm32l4r5zi config | |
| run: just config load stm32l4r5zi_def --no-confirm | |
| - name: Build | |
| run: just build thumbv7em-none-eabi |