1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
|
name: next
on:
push:
branches-ignore:
- 'master'
# keep as path to test exclusions
- 'ci/ignore-master'
env:
SHELLCHECK_VERSION: v0.10.0
SHELLCHECK_SHA256: 6c881ab0698e4e6ea235245f22832860544f17ba386442fe7e9d629f8cbedf87
NEWT_VERSION: 0.52.24
NEWT_SHA256: 5ded7e221f85f642521c49b1826c8de19845aa372baf5d630a51774b544fbdbb
jobs:
codestyle:
name: Code style
runs-on: ubuntu-24.04
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Install Checkcode dependencies
run: |
pip install flake8 pycodestyle doc8 Pygments
- name: Install recent shellcheck
run: |
wget -q https://github.com/koalaman/shellcheck/releases/download/$SHELLCHECK_VERSION/shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz
echo "$SHELLCHECK_SHA256 shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz" | sha256sum -c
tar -xJf shellcheck-$SHELLCHECK_VERSION.linux.x86_64.tar.xz
sudo cp shellcheck-$SHELLCHECK_VERSION/shellcheck /usr/local/bin/
- name: Check code
run: scripts/checkcode.sh .
perform_tests:
name: Modern Python
runs-on: ubuntu-24.04
strategy:
matrix:
python-version: ["3.9", "3.10", "3.11", "3.12", "3.13", "3.14"]
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: PyTest
uses: ./.github/actions/perform-tests
with:
python-version: ${{ matrix.python-version }}
build_containers:
name: Build, test and deploy container images
needs:
- codestyle
- perform_tests
runs-on: ubuntu-24.04
permissions:
id-token: write
packages: write
contents: read
attestations: write
strategy:
matrix:
image-name: ["kas", "kas-isar"]
distro-release: ["debian-bookworm", "debian-trixie"]
steps:
- name: Check out repo
uses: actions/checkout@v4
- name: Set up docker build
uses: ./.github/actions/docker-init
with:
deploy-user: ${{ github.actor }}
deploy-token: ${{ secrets.GITHUB_TOKEN }}
image-name: ${{ matrix.image-name }}
distro-release: ${{ matrix.distro-release }}
- name: Build ${{ matrix.image-name }} image
uses: docker/build-push-action@v6
with:
context: /home/runner/kas-clone
target: ${{ matrix.image-name }}
platforms: linux/amd64
build-args: |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }}
DEBIAN_TAG=${{ env.DEBIAN_TAG }}
outputs: type=docker,rewrite-timestamp=true
tags: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next-${{ matrix.distro-release }}
- name: Test ${{ matrix.image-name }} image
env:
KAS_CONTAINER_IMAGE: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next-${{ matrix.distro-release }}
KAS_CLONE_DEPTH: 1
run: |
cd image-tests/${{ matrix.image-name }}
../../kas-container build kas.yml
if [ "${{ matrix.image-name }}" = "kas" ]; then
../../kas-container build kas-buildtools.yml
fi
[ -d build/tmp ]
echo "Test kas clean"
../../kas-container clean kas.yml
! [ -d build/tmp/deploy ]
[ -d build/sstate-cache ] && [ -d build/downloads ]
[ -d poky ] || [ -d isar ]
echo "Test kas purge"
../../kas-container purge kas.yml
! [ -d poky ] && ! [ -d isar ] && ! [ -d build ]
# kas only: build oe-core nodistro example
if [[ "${{ matrix.image-name }}" == "kas" ]]; then
echo "Test oe-core nodistro"
../../kas-container build ../../examples/oe-core-nodistro.yml
fi
- name: Complete build and deploy ${{ matrix.image-name }} image
if: github.ref == 'refs/heads/next'
uses: docker/build-push-action@v6
id: push
with:
context: /home/runner/kas-clone
target: ${{ matrix.image-name }}
platforms: linux/amd64,linux/arm64
build-args: |
SOURCE_DATE_EPOCH=${{ env.SOURCE_DATE_EPOCH }}
DEBIAN_TAG=${{ env.DEBIAN_TAG }}
provenance: false
outputs: type=registry,rewrite-timestamp=true
tags: |
${{ matrix.distro-release == env.DISTRO_LATEST_RELEASE && format('ghcr.io/{0}/{1}:next', github.repository, matrix.image-name) || '' }}
ghcr.io/${{ github.repository }}/${{ matrix.image-name }}:next-${{ matrix.distro-release }}
annotations: ${{ env.DOCKER_METADATA_OUTPUT_ANNOTATIONS }}
- name: Attest ${{ matrix.image-name }} image
if: github.ref == 'refs/heads/next'
uses: actions/attest-build-provenance@v1
with:
subject-name: ghcr.io/${{ github.repository }}/${{ matrix.image-name }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
cleanup_ghcr_containers:
name: cleanup untagged ${{ matrix.image-name }} containers
if: github.ref == 'refs/heads/next'
runs-on: ubuntu-24.04
needs: build_containers
permissions:
packages: write
strategy:
matrix:
image-name: ["kas", "kas-isar"]
steps:
- uses: dataaxiom/ghcr-cleanup-action@98b4022383d6ddb70ccbf6a378b4d8c67a60f066 #v1.0.13
with:
dry-run: false
validate: true
package: kas/${{ matrix.image-name }}
token: ${{ secrets.GITHUB_TOKEN }}
|
