Build: for now, don't error on RWX loadable segments #23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pull-request | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
cross-build-pull-request: | |
runs-on: ubuntu-20.04 | |
container: vathpela/efi-ci:${{ matrix.distro }}-x64 | |
name: ${{ matrix.distro }} ${{ matrix.efiarch }} cross-build | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- arch: amd64 | |
efiarch: aa64 | |
gccarch: aarch64 | |
makearch: aarch64 | |
distro: f39 | |
- arch: amd64 | |
efiarch: aa64 | |
gccarch: aarch64 | |
makearch: aarch64 | |
distro: f38 | |
- arch: amd64 | |
efiarch: arm | |
gccarch: arm | |
makearch: arm | |
distro: f39 | |
- arch: amd64 | |
efiarch: arm | |
gccarch: arm | |
makearch: arm | |
distro: f38 | |
- arch: amd64 | |
efiarch: arm | |
gccarch: arm | |
makearch: arm | |
distro: f37 | |
- arch: amd64 | |
efiarch: x64 | |
gccarch: x86_64 | |
makearch: x86_64 | |
distro: f39 | |
- arch: amd64 | |
efiarch: x64 | |
gccarch: x86_64 | |
makearch: x86_64 | |
distro: f38 | |
- arch: amd64 | |
efiarch: x64 | |
gccarch: x86_64 | |
makearch: x86_64 | |
distro: f37 | |
- arch: amd64 | |
efiarch: ia32 | |
gccarch: x86_64 | |
makearch: ia32 | |
distro: f39 | |
- arch: amd64 | |
efiarch: ia32 | |
gccarch: x86_64 | |
makearch: ia32 | |
distro: f38 | |
- arch: amd64 | |
efiarch: ia32 | |
gccarch: x86_64 | |
makearch: ia32 | |
distro: f37 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
# otherwise we are testing target branch instead of the PR branch (see pull_request_target trigger) | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
submodules: recursive | |
- name: Work around github/git ownership weirdness | |
id: ignore-directory-ownership | |
run: | | |
git config --global --add safe.directory /__w/certwrapper/certwrapper | |
- name: Update submodules on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: update-submodules | |
run: | | |
make update | |
- name: Make a build directory for ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: builddir | |
run: | | |
rm -rf build-${{ matrix.distro }}-${{ matrix.efiarch }} | |
mkdir build-${{ matrix.distro }}-${{ matrix.efiarch }} | |
cd build-${{ matrix.distro }}-${{ matrix.efiarch }} | |
- name: Do the build on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: build | |
run: | | |
pwd | |
cd build-${{ matrix.distro }}-${{ matrix.efiarch }} | |
make TOPDIR=.. -f ../Makefile CROSS_COMPILE=${{ matrix.gccarch }}-linux-gnu- ARCH=${{ matrix.makearch }} PREFIX=/usr DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true VENDOR_DB_FILE=../data/testdb.esl all | |
- name: Install on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: install | |
run: | | |
pwd | |
cd build-${{ matrix.distro }}-${{ matrix.efiarch }} | |
make TOPDIR=.. -f ../Makefile CROSS_COMPILE=${{ matrix.gccarch }}-linux-gnu- ARCH=${{ matrix.makearch }} PREFIX=/usr DESTDIR=/destdir EFIDIR=test install | |
echo 'results:' | |
find /destdir -type f | |
build-pull-request-intel: | |
runs-on: ubuntu-20.04 | |
container: vathpela/efi-ci:${{ matrix.distro }}-x64 | |
name: ${{ matrix.distro }} ${{ matrix.efiarch }} build | |
strategy: | |
matrix: | |
include: | |
- arch: amd64 | |
efiarch: x64 | |
makearch: x86_64 | |
distro: f39 | |
- arch: amd64 | |
efiarch: x64 | |
makearch: x86_64 | |
distro: f38 | |
- arch: amd64 | |
efiarch: x64 | |
makearch: x86_64 | |
distro: f37 | |
- arch: amd64 | |
efiarch: x64 | |
makearch: x86_64 | |
distro: centos9 | |
- arch: amd64 | |
efiarch: ia32 | |
makearch: ia32 | |
distro: f39 | |
- arch: amd64 | |
efiarch: ia32 | |
makearch: ia32 | |
distro: f38 | |
- arch: amd64 | |
efiarch: ia32 | |
makearch: ia32 | |
distro: f37 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
with: | |
# otherwise we are testing target branch instead of the PR branch (see pull_request_target trigger) | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
submodules: recursive | |
- name: Work around github/git ownership weirdness | |
id: ignore-directory-ownership | |
run: | | |
git config --global --add safe.directory /__w/certwrapper/certwrapper | |
- name: Update submodules on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: update-submodules | |
run: | | |
make update | |
- name: Do 'make clean' on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: clean | |
run: | | |
make ARCH=${{ matrix.makearch }} PREFIX=/usr DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true clean | |
- name: Do the build on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: build | |
run: | | |
make ARCH=${{ matrix.makearch }} PREFIX=/usr DESTDIR=/destdir EFIDIR=test ENABLE_SHIM_HASH=true VENDOR_DB_FILE=data/testdb.esl all | |
- name: Install on ${{ matrix.distro }} for ${{ matrix.efiarch }} | |
id: install | |
run: | | |
make ARCH=${{ matrix.makearch }} PREFIX=/usr DESTDIR=/destdir EFIDIR=test install | |
echo 'results:' | |
find /destdir -type f |