Skip to content

Commit

Permalink
Actionlint workflow checking (#516)
Browse files Browse the repository at this point in the history
* Actionlint workflow checking

Integrate Actionlint to check GitHub workflows for errors as part of CI. It also fixes issues highlighted in other workflows, primarily the `checkout` version and missing property.

Signed-off-by: JP Lomas <[email protected]>

* Update CODEOWNERS

Signed-off-by: JP Lomas <[email protected]>

---------

Signed-off-by: JP Lomas <[email protected]>
  • Loading branch information
jplomas authored Sep 12, 2024
1 parent 8abfecd commit 38aaf69
Show file tree
Hide file tree
Showing 7 changed files with 36 additions and 20 deletions.
2 changes: 1 addition & 1 deletion .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@
/oqs-template/generate.yml @baentsch @bhess @feventura
/CMakeLists.txt @baentsch @thb-sb
/.circleci/config.yml @baentsch @thb-sb
/.github/workflows @baentsch @thb-sb
/.github/workflows @baentsch @thb-sb @jplomas
/oqsprov/oqs_sig.c @baentsch @feventura
/scripts/oqsprovider-pkcs12gen.sh @iyanmv
14 changes: 14 additions & 0 deletions .github/workflows/check_workflows.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: Check GitHub workflows

on: [pull_request, push, workflow_call]

jobs:
workflowcheck:
name: Check validity of GitHub workflows
runs-on: ubuntu-latest
container: openquantumsafe/ci-ubuntu-latest:latest
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Ensure GitHub actions are valid
run: actionlint -shellcheck "" # run *without* shellcheck
2 changes: 1 addition & 1 deletion .github/workflows/coding_style.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
run: apt-get update && apt-get install -y clang-format

- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4

- name: Check coding style using clang-format
run: ./scripts/do_code_format.sh
8 changes: 4 additions & 4 deletions .github/workflows/linux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:
LIBOQS_BRANCH: "main"
steps:
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Full build
run: OQSPROV_CMAKE_PARAMS=${{ matrix.cmake-params}} ./scripts/fullbuild.sh
- name: Enable sibling oqsprovider for testing
Expand Down Expand Up @@ -53,7 +53,7 @@ jobs:
LIBOQS_BRANCH: "main"
steps:
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Full build
run: OPENSSL_BRANCH=${{ matrix.ossl-branch }} ./scripts/fullbuild.sh
- name: Enable sibling oqsprovider for testing
Expand Down Expand Up @@ -103,7 +103,7 @@ jobs:
OPENSSL_BRANCH: "openssl-3.1"
steps:
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4

- name: Install dependencies
run: apt-get update && apt-get install -y clang llvm ninja-build git cmake libclang-14-dev libclang-common-14-dev
Expand Down Expand Up @@ -177,7 +177,7 @@ jobs:

steps:
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4

- name: Install dependencies
run: apt-get update && apt-get install -y ninja-build git cmake nodejs gcc-aarch64-linux-gnu libc6-dev-arm64-cross qemu-user
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/macos.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@ jobs:
MAKE_PARAMS: -j 4
steps:
- name: Checkout provider
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Checkout openssl
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: openssl/openssl
path: openssl
- name: checkout liboqs
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/standalone.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
- name: Install prerequisites
run: brew install liboqs
- name: Checkout oqsprovider code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Build and test oqsprovider
# try this only if brew'd liboqs knows about ML-KEM:
run: |
Expand Down Expand Up @@ -46,7 +46,7 @@ jobs:
- name: Update container
run: apt update && apt install -y cmake ninja-build gcc libssl-dev git
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Full build
run: LIBOQS_BRANCH=main ./scripts/fullbuild.sh
- name: Test
Expand Down
20 changes: 11 additions & 9 deletions .github/workflows/windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ jobs:
platform:
- arch: win64
oqsconfig: -DOQS_ALGS_ENABLED=STD
# empty `config` property here to prevent actionlint error (property "config" is not defined in object type) on line 62 below
config:
# - arch: win32
# config: --strict-warnings no-fips enable-quic
runs-on: ${{matrix.os}}
Expand All @@ -29,17 +31,17 @@ jobs:
MAKE_PARAMS: -j 4
steps:
- name: Checkout provider
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Checkout openssl
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: openssl/openssl
path: openssl
# TODO: Revert ref tag once openssl master doesn't crash any more
ref: openssl-3.3.0
- name: checkout liboqs
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
Expand Down Expand Up @@ -126,15 +128,15 @@ jobs:
with:
path: c:\openssl32
key: ${{ runner.os }}-msvcopenssl32
- uses: actions/checkout@v3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Checkout OpenSSL master
if: steps.cache-openssl32.outputs.cache-hit != 'true'
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: openssl/openssl
path: openssl
- uses: actions/checkout@v3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
Expand Down Expand Up @@ -240,15 +242,15 @@ jobs:
with:
path: c:\openssl32n
key: ${{ runner.os }}-msvcopenssl32n
- uses: actions/checkout@v3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Checkout OpenSSL master
if: steps.cache-openssl32n.outputs.cache-hit != 'true'
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: openssl/openssl
path: openssl
- uses: actions/checkout@v3
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
with:
set-safe-directory: true
repository: open-quantum-safe/liboqs
Expand Down

0 comments on commit 38aaf69

Please sign in to comment.