[Policy V2] Add tools to support key & policy auto generation and auto update td info into tcb_mapping.json #1488
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: [push, pull_request] | |
| name: Format and Clippy | |
| env: | |
| AS: nasm | |
| AR: llvm-ar | |
| CC: clang | |
| RUST_TOOLCHAIN: 1.83.0 | |
| permissions: | |
| contents: read | |
| jobs: | |
| clippy: | |
| name: Clippy | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| security-events: write | |
| actions: read | |
| steps: | |
| - name: Checkout sources | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| submodules: recursive | |
| # Install first since it's needed to build NASM | |
| - name: Install LLVM and Clang | |
| uses: KyleMayes/install-llvm-action@98e68e10c96dffcb7bfed8b2144541a66b49aa02 # v2.0.8 | |
| with: | |
| version: "10.0" | |
| directory: ${{ runner.temp }}/llvm | |
| - name: Install libtinfo5 | |
| run: sudo apt-get update -y && sudo apt-get install libtinfo5 -y | |
| - name: install NASM | |
| uses: ilammy/setup-nasm@72793074d3c8cdda771dba85f6deafe00623038b # v1.5.2 | |
| - name: Install toolchain with clippy available | |
| uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7 | |
| with: | |
| profile: minimal | |
| toolchain: ${{ env.RUST_TOOLCHAIN }} | |
| override: true | |
| components: clippy | |
| - name: Install required cargo | |
| run: cargo install clippy-sarif sarif-fmt | |
| - name: Preparation Work | |
| run: bash sh_script/preparation.sh | |
| - name: Run rust-clippy for result collection | |
| run: | |
| cargo clippy | |
| --features stack-guard,virtio-vsock,virtio-serial,vmcall-interrupt | |
| --message-format=json | clippy-sarif | tee rust-clippy-results.sarif | sarif-fmt | |
| continue-on-error: true | |
| - name: Upload analysis results to GitHub | |
| uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v3.29.5 | |
| with: | |
| sarif_file: rust-clippy-results.sarif | |
| wait-for-processing: true | |
| - name: Run rust-clippy | |
| run: cargo clippy --features stack-guard,virtio-vsock,virtio-serial,vmcall-interrupt | |
| rustfmt: | |
| name: Format | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| # Install first since it's needed to build NASM | |
| - name: Install LLVM and Clang | |
| uses: KyleMayes/install-llvm-action@98e68e10c96dffcb7bfed8b2144541a66b49aa02 # v2.0.8 | |
| with: | |
| version: "10.0" | |
| directory: ${{ runner.temp }}/llvm | |
| - name: Install libtinfo5 | |
| run: sudo apt-get update -y && sudo apt-get install libtinfo5 -y | |
| - name: install NASM | |
| uses: ilammy/setup-nasm@72793074d3c8cdda771dba85f6deafe00623038b # v1.5.2 | |
| - name: Checkout sources | |
| uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 | |
| with: | |
| submodules: recursive | |
| - name: Install toolchain with rustfmt available | |
| uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7 | |
| with: | |
| profile: minimal | |
| toolchain: ${{ env.RUST_TOOLCHAIN }} | |
| override: true | |
| components: rustfmt | |
| - name: Preparation Work | |
| run: bash sh_script/preparation.sh | |
| - name: Run cargo check | |
| uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3 | |
| with: | |
| command: check | |
| - name: Run cargo fmt | |
| uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3 | |
| with: | |
| command: fmt | |
| args: -- --check |