backport the security patch of CVE-2024-1638 #90148
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Footprint Delta | |
| on: pull_request | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| footprint-delta: | |
| runs-on: | |
| group: zephyr-runner-v2-linux-x64-4xlarge | |
| if: github.repository == 'zephyrproject-rtos/zephyr' | |
| container: | |
| image: ghcr.io/zephyrproject-rtos/ci-repo-cache:v0.26.5.20231213 | |
| options: '--entrypoint /bin/bash' | |
| strategy: | |
| fail-fast: false | |
| env: | |
| ZEPHYR_SDK_INSTALL_DIR: /opt/toolchains/zephyr-sdk-0.16.3 | |
| ZEPHYR_TOOLCHAIN_VARIANT: zephyr | |
| steps: | |
| - name: Apply container owner mismatch workaround | |
| run: | | |
| # FIXME: The owner UID of the GITHUB_WORKSPACE directory may not | |
| # match the container user UID because of the way GitHub | |
| # Actions runner is implemented. Remove this workaround when | |
| # GitHub comes up with a fundamental fix for this problem. | |
| git config --global --add safe.directory ${GITHUB_WORKSPACE} | |
| - name: Print cloud service information | |
| run: | | |
| echo "ZEPHYR_RUNNER_CLOUD_PROVIDER = ${ZEPHYR_RUNNER_CLOUD_PROVIDER}" | |
| echo "ZEPHYR_RUNNER_CLOUD_NODE = ${ZEPHYR_RUNNER_CLOUD_NODE}" | |
| echo "ZEPHYR_RUNNER_CLOUD_POD = ${ZEPHYR_RUNNER_CLOUD_POD}" | |
| - name: Update PATH for west | |
| run: | | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: checkout | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| fetch-depth: 0 | |
| - name: west setup | |
| run: | | |
| west init -l . || true | |
| west config --global update.narrow true | |
| west update 2>&1 1> west.update.log || west update 2>&1 1> west.update.log | |
| - name: Detect Changes in Footprint | |
| env: | |
| BASE_REF: ${{ github.base_ref }} | |
| run: | | |
| export ZEPHYR_BASE=${PWD} | |
| git config --global user.email "[email protected]" | |
| git config --global user.name "Github Actions" | |
| git remote -v | |
| git rebase origin/${BASE_REF} | |
| git checkout -b this_pr | |
| west update | |
| west build -b frdm_k64f tests/benchmarks/footprints -t ram_report | |
| cp build/ram.json ram2.json | |
| west build -b frdm_k64f tests/benchmarks/footprints -t rom_report | |
| cp build/rom.json rom2.json | |
| git checkout origin/${BASE_REF} | |
| west update | |
| west build -p always -b frdm_k64f tests/benchmarks/footprints -t ram_report | |
| west build -b frdm_k64f tests/benchmarks/footprints -t rom_report | |
| cp build/ram.json ram1.json | |
| cp build/rom.json rom1.json | |
| git checkout this_pr | |
| ./scripts/footprint/fpdiff.py ram1.json ram2.json | |
| ./scripts/footprint/fpdiff.py rom1.json rom2.json |