Skip to content

port verbose option over to ebg_set_opt #193

port verbose option over to ebg_set_opt

port verbose option over to ebg_set_opt #193

Workflow file for this run

#
# EFI Boot Guard
#
# Copyright (c) Siemens AG, 2021-2023
#
# Authors:
# Claudius Heine <[email protected]>
# Jan Kiszka <[email protected]>
#
# This work is licensed under the terms of the GNU GPL, version 2. See
# the COPYING file in the top-level directory.
#
# SPDX-License-Identifier: GPL-2.0
#
name: CI
on:
push:
branches-ignore:
- coverity_scan
jobs:
build:
runs-on: ubuntu-22.04
strategy:
matrix:
target:
- amd64
- i386
- arm64
- arm
- riscv64
- cppcheck
steps:
- name: Checkout
uses: actions/checkout@v3
with:
submodules: recursive
- name: Install amd64 dependencies
if: ${{ matrix.target == 'amd64' || matrix.target == 'cppcheck' }}
run: |
sudo apt-get update
sudo apt-get install --no-install-recommends \
autoconf-archive gcc-multilib gnu-efi libpci-dev check \
bats libarchive-zip-perl
- name: Install i386 dependencies
if: ${{ matrix.target == 'i386' }}
run: |
sudo dpkg --add-architecture i386
sudo rm -f /etc/apt/sources.list.d/ubuntu-toolchain-r-ubuntu-test-jammy.list
sudo apt-get update
sudo apt-get install --no-install-recommends \
autoconf-archive gcc-multilib gnu-efi \
libpci-dev:i386 check:i386
- name: Install arm64 dependencies
if: ${{ matrix.target == 'arm64' }}
run: |
sudo dpkg --add-architecture arm64
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
deb [arch=arm64] http://ports.ubuntu.com/ jammy main restricted
deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates main restricted
deb [arch=arm64] http://ports.ubuntu.com/ jammy universe
deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates universe
deb [arch=arm64] http://ports.ubuntu.com/ jammy multiverse
deb [arch=arm64] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
autoconf-archive gcc-aarch64-linux-gnu libc6-dev-arm64-cross \
gnu-efi:arm64 libpci-dev:arm64 check:arm64 \
qemu-user-static
- name: Install arm dependencies
if: ${{ matrix.target == 'arm' }}
run: |
sudo dpkg --add-architecture armhf
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
deb [arch=armhf] http://ports.ubuntu.com/ jammy main restricted
deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates main restricted
deb [arch=armhf] http://ports.ubuntu.com/ jammy universe
deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates universe
deb [arch=armhf] http://ports.ubuntu.com/ jammy multiverse
deb [arch=armhf] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
autoconf-archive gcc-arm-linux-gnueabihf libc6-dev-armhf-cross \
gnu-efi:armhf libpci-dev:armhf check:armhf \
qemu-user-static
- name: Install riscv64 dependencies
if: ${{ matrix.target == 'riscv64' }}
run: |
sudo dpkg --add-architecture riscv64
sudo sed -i 's/^deb /deb [arch=amd64] /g' /etc/apt/sources.list
sudo sh -c "cat <<EOF > /etc/apt/sources.list.d/ports.list
deb [arch=riscv64] http://ports.ubuntu.com/ jammy main restricted
deb [arch=riscv64] http://ports.ubuntu.com/ jammy-updates main restricted
deb [arch=riscv64] http://ports.ubuntu.com/ jammy universe
deb [arch=riscv64] http://ports.ubuntu.com/ jammy-updates universe
deb [arch=riscv64] http://ports.ubuntu.com/ jammy multiverse
deb [arch=riscv64] http://ports.ubuntu.com/ jammy-updates multiverse
EOF"
sudo apt-get update
sudo apt-get install --no-install-recommends \
autoconf-archive gcc-riscv64-linux-gnu libc6-dev-riscv64-cross \
gnu-efi:riscv64 libpci-dev:riscv64 check:riscv64 \
qemu-user-static
- name: Install cppcheck
if: ${{ matrix.target == 'cppcheck' }}
run: |
sudo apt-get update
sudo apt-get install --no-install-recommends cppcheck
- name: Prepare build
run: |
autoreconf -fi
mkdir -p build
- name: Build amd64
if: ${{ matrix.target == 'amd64' }}
run: |
pushd build >/dev/null
../configure
make check -j $(nproc)
sudo make install
time bats --tap ../tests
popd >/dev/null
- name: Build i386
if: ${{ matrix.target == 'i386' }}
run: |
cd build
export PKG_CONFIG_DIR=
export PKG_CONFIG_PATH=/usr/lib/i386-linux-gnu/pkgconfig
export PKG_CONFIG_LIBDIR=/usr/lib/i386-linux-gnu
../configure --with-gnuefi-lib-dir=/usr/lib32 CFLAGS=-m32 \
host_alias=i586-linux
make check -j $(nproc)
- name: Build arm64
if: ${{ matrix.target == 'arm64' }}
run: |
cd build
../configure --host=aarch64-linux-gnu \
PKG_CONFIG=/usr/bin/aarch64-linux-gnu-pkg-config
make check -j $(nproc)
- name: Build arm
if: ${{ matrix.target == 'arm' }}
run: |
cd build
../configure --host=arm-linux-gnueabihf \
PKG_CONFIG=/usr/bin/arm-linux-gnueabihf-pkg-config
make check -j $(nproc)
- name: Build riscv64
if: ${{ matrix.target == 'riscv64' }}
run: |
cd build
../configure --host=riscv64-linux-gnu \
PKG_CONFIG=/usr/bin/riscv64-linux-gnu-pkg-config
make check -j $(nproc)
- name: Run cppcheck
if: ${{ matrix.target == 'cppcheck' }}
run: |
./configure
ignore=""
ignore+=" -i tests/fff"
suppress=""
# Justified suppressions:
# Does not belong to the project
suppress+=" --suppress=*:/usr/include/*"
suppress+=" --suppress=*:/usr/include/bits/*"
# Function 'efi_main' is called by efi:
suppress+=" --suppress=unusedFunction:main.c"
suppress+=" --suppress=unusedFunction:kernel-stub/main.c"
# Some functions are defined for API only
suppress+=" --suppress=unusedFunction:utils.c"
suppress+=" --suppress=unusedFunction:env/env_api.c"
suppress+=" --suppress=unusedFunction:env/fatvars.c"
suppress+=" --suppress=unusedFunction:tools/tests/test_environment.c"
suppress+=" --suppress=unusedFunction:env/env_api_fat.c"
# Some functions are used by linker wrapping
suppress+=" --suppress=unusedFunction:tools/tests/test_probe_config_file.c"
suppress+=" --suppress=unusedFunction:tools/tests/test_ebgenv_api.c"
# False positive on init_array iteration
suppress+=" --suppress=comparePointers:main.c"
# False positive on constructors, first hit
suppress+=" --suppress=unusedFunction:drivers/watchdog/amdfch_wdt.c"
# False positive, noreturn is not recognized
suppress+=" --suppress=nullPointerRedundantCheck:kernel-stub/main.c"
# Avoid noise regarding Ignore* fields
suppress+=" --suppress=unusedStructMember:kernel-stub/main.c"
# Not applicable because of API requirements
suppress+=" --suppress=constParameter:drivers/watchdog/ipc4x7e_wdt.c"
suppress+=" --suppress=constParameter:kernel-stub/initrd.c"
enable="--enable=warning \
--enable=style \
--enable=performance \
--enable=portability \
--enable=unusedFunction"
includes="-I . \
-I include \
-I /usr/include \
-I /usr/include/linux \
-I /usr/include/efi \
-I /usr/include/efi/x86_64 \
-I /usr/include/x86_64-linux-gnu \
-I /usr/lib/gcc/x86_64-linux-gnu/9/include"
cpp_conf="-U__WINT_TYPE__ -U__GNUC__"
# Exit code '1' is returned if arguments are not valid or if no input
# files are provided. Compare 'cppcheck --help'.
cppcheck -f -q --error-exitcode=2 $enable $suppress $ignore \
$cpp_conf $includes .