20260615-linuxkm-fixes #5407
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Arduino CI Build (1 of 4) wolfssl | |
| # | |
| # Test fetches wolfssl-examples/Arduino and uses local, latest github master branch wolfssl | |
| # | |
| # These 4 workflows across 3 repos are interdependent for the current $REPO_OWNER: | |
| # | |
| # THIS Arduino CI Build 1: https://github.com/$REPO_OWNER/wolfssl # /.github/workflows/arduino.yml | |
| # - Builds Arduino library from local clone of wolfssl master branch | |
| # - Fetches examples from https://github.com/$REPO_OWNER/wolfssl-examples | |
| # | |
| # Arduino CI Build 2: https://github.com/$REPO_OWNER/wolfssl-examples # /.github/workflows/arduino-release.yml | |
| # - Tests examples based on latest published release of Arduino library, NOT latest on wolfssl github. | |
| # - Should be identical to Arduino CI Build 3 in every way but wolfssl install. | |
| # - Copies only compile script from wolfssl-examples | |
| # - Builds local examples | |
| # - No other repos used | |
| # | |
| # Arduino CI Build 3: https://github.com/$REPO_OWNER/wolfssl-examples # /.github/workflows/arduino.yml | |
| # - Fetches current wolfSSL from https://github.com/$REPO_OWNER/wolfssl | |
| # - Creates an updated Arduino library | |
| # - Compiles local examples | |
| # - Contains the source of `compile-all-examples.sh` and respective board-list.txt | |
| # | |
| # Arduino CI Build 4: https://github.com/$REPO_OWNER/Arduino-wolfssl # /.github/workflows/arduino.yml | |
| # - Assembles and installs an updated Arduino wolfssl library from LOCAL wolfssl master source | |
| # - Copies only compile script copied from wolfssl-examples | |
| # - Builds local examples | |
| # - No other repos used | |
| # | |
| # | |
| # ** NOTE TO MAINTAINERS ** | |
| # | |
| # Consider using winmerge or similar tool to keep the 4 arduino[-release].yml files in relative sync. | |
| # Although there are some specific differences, most of the contents are otherwise identical. | |
| # | |
| # See https://github.com/wolfSSL/Arduino-wolfSSL | |
| # | |
| # To test locally: | |
| # cd [your WOLFSSL_ROOT], e.g. cd /mnt/c/workspace/wolfssl-$USER | |
| # [optional checkout] e.g. git checkout tags/v5.8.4-stable | |
| # pushd ./IDE/ARDUINO | |
| # export ARDUINO_ROOT="$HOME/Arduino/libraries" | |
| # ./wolfssl-arduino.sh INSTALL | |
| # cd [your WOLFSSL_EXAMPLES_ROOT] e.g. /mnt/c/workspace/wolfssl-examples-$USER | |
| # | |
| # START OF COMMON SECTION | |
| on: | |
| push: | |
| branches: [ 'release/**' ] | |
| paths: | |
| # Specific to this Arduino CI Build (1 of 4) | |
| - '.github/workflows/arduino.yml' | |
| - 'examples/configs/user_settings_arduino.h' | |
| - 'IDE/ARDUINO/**' | |
| - 'src/**' | |
| - 'wolfcrypt/**' | |
| - 'wolfssl/**' | |
| pull_request: | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| branches: [ '**' ] | |
| paths: | |
| - '.github/workflows/arduino.yml' | |
| - 'examples/configs/user_settings_arduino.h' | |
| - 'IDE/ARDUINO/**' | |
| - 'src/**' | |
| - 'wolfcrypt/**' | |
| - 'wolfssl/**' | |
| workflow_dispatch: | |
| concurrency: | |
| # Same branch push cancels other jobs. Other PR branches untouched | |
| group: ${{ github.workflow }}-${{ github.ref_name }} | |
| cancel-in-progress: true | |
| # END OF COMMON SECTION | |
| jobs: | |
| build: | |
| if: ${{ (github.repository_owner == 'wolfssl') && (github.event_name != 'pull_request' || github.event.pull_request.draft == false) }} | |
| runs-on: ubuntu-24.04 | |
| # Teensy is allowed to fail: its board index lives at pjrc.com, which is | |
| # chronically unreachable from GitHub Actions runner egress IPs (DNS | |
| # timeouts / connection refused). A pjrc.com outage should not block PRs | |
| # on the 11 other boards. Track persistent red here and revisit if pjrc.com | |
| # access stabilizes or we mirror the index ourselves. | |
| continue-on-error: ${{ matrix.fqbn == 'teensy:avr:teensy40' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| fqbn: | |
| # Each matrix entry passes its FQBN to compile-all-examples.sh, which looks up | |
| # build settings for that single board in board_list.txt (fetched at runtime from | |
| # wolfssl-examples). When ADDING a board here, the FQBN must also exist in: | |
| # https://github.com/wolfSSL/wolfssl-examples/blob/master/Arduino/sketches/board_list.txt | |
| # Removing a board from this matrix does NOT require any wolfssl-examples change; | |
| # board_list.txt is the broader "supported boards" catalog, not the CI matrix. | |
| # | |
| # Matrix is intentionally trimmed: boards sharing a vendor:arch core also share | |
| # toolchain and headers, so additional boards in the same core mostly re-exercise | |
| # variant pin maps rather than wolfSSL code. Kept boards bracket the memory | |
| # envelope (uno=2KB RAM, mega=8KB RAM) and cover each distinct toolchain/ISA. | |
| - arduino:avr:uno # smallest AVR (2KB RAM, 32KB flash) | |
| - arduino:avr:mega # largest AVR (8KB RAM, 256KB flash) | |
| - arduino:samd:mkr1000 # Cortex-M0+ representative | |
| - arduino:mbed_edge:edge_control | |
| - arduino:mbed_portenta:envie_m7 # Cortex-M7 Portenta | |
| - arduino:renesas_uno:unor4wifi # Renesas RA4M1 | |
| - arduino:sam:arduino_due_x # Cortex-M3 | |
| - esp32:esp32:esp32 # Xtensa LX6 | |
| - esp32:esp32:esp32s3 # Xtensa LX7 | |
| - esp32:esp32:esp32c3 # RISC-V representative | |
| - esp8266:esp8266:generic | |
| - teensy:avr:teensy40 | |
| # Dropped (redundant within same core): | |
| # arduino:avr:{ethernet,leonardoeth,nano,yun} - same toolchain as uno | |
| # arduino:samd:{mkrfox1200,arduino_zero_native,tian} - same toolchain as mkr1000 | |
| # arduino:mbed_portenta:portenta_x8 - same core as envie_m7 | |
| # esp32:esp32:esp32s2 - Xtensa LX7, covered by s3 | |
| # esp32:esp32:{esp32c6,esp32h2} - RISC-V, covered by c3 | |
| # | |
| # Not yet supported, not in standard library | |
| # - esp32:esp32:nano_nora | |
| # End strategy matrix | |
| env: | |
| REPO_OWNER: ${{ github.repository_owner }} | |
| steps: | |
| - name: Free disk space | |
| run: | | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /usr/local/lib/android | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf /opt/hostedtoolcache/CodeQL | |
| sudo apt-get clean | |
| df -h | |
| - name: Checkout Repository | |
| uses: actions/checkout@v5 | |
| - name: Install Arduino CLI | |
| run: | | |
| # Script to fetch and run install.sh from arduino/arduino-cli | |
| # The install script will test to see if the recently installed apps in the path | |
| # So set it up in advance: | |
| mkdir -p "${PWD}/bin" | |
| echo "${PWD}/bin" >> $GITHUB_PATH | |
| # Sets the install directory to a consistent path at the repo root. | |
| ROOT_BIN="$GITHUB_WORKSPACE/bin" | |
| # Ensures that BINDIR exists before the installer runs | |
| mkdir -p "$ROOT_BIN" | |
| # Save as a global environment variable | |
| echo "$ROOT_BIN" >> "$GITHUB_PATH" | |
| # Download and run install script from Arduino: | |
| # -S show errors; -L follow redirects; -v Verbose | |
| set +e # don't abort on error | |
| set -o pipefail | |
| curl -vSL --retry 5 --retry-delay 10 \ | |
| https://raw.githubusercontent.com/arduino/arduino-cli/master/install.sh \ | |
| | sh -x | |
| rc=$? | |
| c_rc=${PIPESTATUS[0]} # curl's exit code | |
| s_rc=${PIPESTATUS[1]} # sh's exit code | |
| set -e # restore default abort-on-error | |
| # If there was a curl error, we have our own local copy that is more reliable and can add our own debugging | |
| if [ "$rc" -ne 0 ]; then | |
| echo "Primary install failed: curl=$c_rc, sh=$s_rc. Falling back..." >&2 | |
| echo "Using local copy of arduino_install.sh" | |
| pushd ./Arduino/sketches | |
| chmod +x ./arduino_install.sh | |
| # Mimic curl install, does not use current directory: | |
| BINDIR="$ROOT_BIN" sh -x ./arduino_install.sh | |
| popd | |
| else | |
| echo "Alternative install script not needed." | |
| fi | |
| - name: Confirm Arduino CLI Install | |
| run: arduino-cli version | |
| - name: Derive CORE_ID (vendor:arch from FQBN) | |
| run: | | |
| CORE_ID="$(echo '${{ matrix.fqbn }}' | cut -d: -f1-2)" | |
| echo "CORE_ID=$CORE_ID" >> "$GITHUB_ENV" | |
| # Third-party board_manager index for the cores that need one. Scoped | |
| # to the one CORE_ID that uses it: arduino-cli re-reads every index on | |
| # each call and fails if any is unreachable, so an unconditional URL | |
| # would make all jobs depend on pjrc.com / esp8266.com. Used only on | |
| # the online-install fallback; the ghcr bundle already carries it. | |
| case "$CORE_ID" in | |
| teensy:avr) echo "BM_URL=https://www.pjrc.com/teensy/package_teensy_index.json" >> "$GITHUB_ENV" ;; | |
| esp8266:esp8266) echo "BM_URL=https://arduino.esp8266.com/stable/package_esp8266com_index.json" >> "$GITHUB_ENV" ;; | |
| *) echo "BM_URL=" >> "$GITHUB_ENV" ;; | |
| esac | |
| # Restore the core + toolchain + shared libraries from the prebuilt ghcr | |
| # bundle (arduino-cores-image), falling back to `arduino-cli core install` | |
| # when it is unavailable. Replaces the old per-core actions/cache layer. | |
| - name: Install Arduino core and libraries | |
| uses: ./.github/actions/install-arduino-core | |
| with: | |
| core-id: ${{ env.CORE_ID }} | |
| board-manager-url: ${{ env.BM_URL }} | |
| - name: Set Job Environment Variables | |
| run: | | |
| # Script to assign some common environment variables after everything is installed | |
| ICON_OK=$(printf "\xE2\x9C\x85") | |
| ICON_FAIL=$(printf "\xE2\x9D\x8C") | |
| echo "GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..")" >> "$GITHUB_ENV" | |
| echo "ARDUINO_ROOT=$(realpath "$HOME/Arduino/libraries")" >> "$GITHUB_ENV" | |
| # Show predefined summary: | |
| echo "GITHUB_WORKSPACE = $GITHUB_WORKSPACE" | |
| # Show assigned build:env values (e.g. "wolfssl", "gojimmpi" or other owners): | |
| echo "REPO_OWNER = $REPO_OWNER" | |
| echo "GITHUB_ENV=$GITHUB_ENV" | |
| # Show our custom values: | |
| echo "GITHUB_WORK = $GITHUB_WORK" | |
| echo "ARDUINO_ROOT = $ARDUINO_ROOT" | |
| # WOLFSSL_EXAMPLES_ROOT is the repo root, not example location | |
| echo "WOLFSSL_EXAMPLES_ROOT = $WOLFSSL_EXAMPLES_ROOT" | |
| - name: Get wolfssl-examples | |
| run: | | |
| # Fetch Arduino examples from the wolfssl-examples repo | |
| echo "Start pwd:" | |
| pwd | |
| # we're typically in $GITHUB_WORKSPACE=/home/runner/work/wolfssl/wolfssl | |
| # goto /home/runner/work to fetch wolfssl-examples | |
| echo "Current pwd for wolfssl-examples clone fetch: $(pwd)" | |
| GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..") | |
| echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" | |
| # Typically /home/runner/work | |
| echo "GITHUB_WORK=$GITHUB_WORK" | |
| pushd "$GITHUB_WORK" | |
| echo "Updated pwd for wolfssl-examples clone fetch: $(pwd)" | |
| git clone --depth 1 https://github.com/$REPO_OWNER/wolfssl-examples.git wolfssl-examples-publish | |
| cd ./wolfssl-examples-publish | |
| echo "WOLFSSL_EXAMPLES_ROOT=$(pwd)" | |
| echo "Path for wolfssl-examples-publish: $(pwd)" | |
| popd # GITHUB_WORK | |
| # ** END ** Get wolfssl-examples | |
| - name: Install wolfSSL Arduino library | |
| run: | | |
| # Run the local wolfssl-arduino.sh install script to install wolfssl Arduino library. | |
| echo "Installing wolfSSL Arduino library (no cache hit)." | |
| rm -rf "$ARDUINO_ROOT/wolfssl" | |
| # Methods of installing Arduino library: | |
| # 1) arduino-cli lib install "wolfSSL" | |
| # 2) manual copy of files (typical of the Arduino-wolfssl repo) | |
| # 3) run ./wolfssl-arduino.sh INSTALL (typical of the wolfssl repo) | |
| echo "Current pwd for wolfssl-examples clone fetch: $(pwd)" | |
| GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..") | |
| echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" | |
| # Typically /home/runner/work | |
| echo "GITHUB_WORK=$GITHUB_WORK" | |
| pwd | |
| pushd ./IDE/ARDUINO | |
| # Set default ARDUINO_ROOT to Arduino library. | |
| export ARDUINO_ROOT="$HOME/Arduino/libraries" | |
| export WOLFSSL_EXAMPLES_ROOT="$GITHUB_WORK/wolfssl-examples-publish" | |
| echo "ARDUINO_ROOT: $WOLFSSL_EXAMPLES_ROOT" | |
| echo "WOLFSSL_EXAMPLES_ROOT: $WOLFSSL_EXAMPLES_ROOT" | |
| bash ./wolfssl-arduino.sh INSTALL # Install wolfSSL library | |
| popd | |
| # ** END ** Install wolfSSL Arduino library | |
| - name: List installed Arduino libraries | |
| run: arduino-cli lib list | |
| - name: Get compile-all-examples.sh | |
| run: | | |
| # Fetch compile script FROM THE CURRENT OWNER. | |
| # This repo is Arduino-wolfssl; we'll fetch the script from the wolfssl-examples for the same repository owner. | |
| echo "Repository owner: $REPO_OWNER" | |
| echo "Current directory: $PWD" | |
| echo "Current pwd for wolfssl-examples clone fetch: $PWD" | |
| WOLFSSL_EXAMPLES_DIRECTORY="$ARDUINO_ROOT/wolfssl/examples" | |
| THIS_BOARD_LIST="board_list.txt" | |
| echo "WOLFSSL_EXAMPLES_DIRECTORY=$WOLFSSL_EXAMPLES_DIRECTORY" | |
| # Fetch script and board list into WOLFSSL_EXAMPLES_DIRECTORY | |
| echo "Fetching board_list.txt from REPO_OWNER=$REPO_OWNER" | |
| curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/board_list.txt" \ | |
| -o "$WOLFSSL_EXAMPLES_DIRECTORY/$THIS_BOARD_LIST" | |
| # Check if the first line is "404: Not Found" - which would indicate the curl path above is bad. | |
| FILE="$WOLFSSL_EXAMPLES_DIRECTORY/board_list.txt" | |
| # Ensure the file exists | |
| if [[ ! -f "$FILE" ]]; then | |
| echo "File not found: $FILE" | |
| exit 1 | |
| fi | |
| # Check if the first line is "404: Not Found" | |
| if [[ $(head -n 1 "$FILE") == "404: Not Found" ]]; then | |
| echo "The first line is '404: Not Found'" | |
| exit 1 | |
| fi | |
| # Fetch the compile script from repo: https://github.com/[$USER]/wolfssl-examples/ | |
| echo "Fetching compile-all-examples.sh from REPO_OWNER=$REPO_OWNER" | |
| curl -L "https://raw.githubusercontent.com/$REPO_OWNER/wolfssl-examples/master/Arduino/sketches/compile-all-examples.sh" \ | |
| -o "$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh" | |
| # Check if the first line is "404: Not Found" - which would indicate the curl path above is bad. | |
| FILE="$WOLFSSL_EXAMPLES_DIRECTORY/compile-all-examples.sh" | |
| # Ensure the file exists | |
| if [[ ! -f "$FILE" ]]; then | |
| echo "File not found: $FILE" | |
| exit 1 | |
| fi | |
| # Check if the first line is "404: Not Found" | |
| if [[ $(head -n 1 "$FILE") == "404: Not Found" ]]; then | |
| echo "The first line is '404: Not Found'" | |
| exit 1 | |
| fi | |
| pushd "$WOLFSSL_EXAMPLES_DIRECTORY" | |
| echo "Current directory: $PWD" | |
| echo "Current directory $PWD" | |
| echo "Contents:" | |
| ls -al | |
| find ./ -type f | sort | |
| # ensure we can execute the script here (permissions lost during curl fetch) | |
| chmod +x ./compile-all-examples.sh | |
| echo "Found compile script: $(ls -al ./compile-all-examples.sh ./$THIS_BOARD_LIST)" | |
| popd | |
| # ** END ** Get compile-all-examples.sh | |
| # This will fail with Arduino published wolfSSL v5.7.6 and older | |
| # as the examples moved. See https://github.com/wolfSSL/wolfssl/pull/8514 | |
| # | |
| - name: Compile Arduino Sketches for Various Boards | |
| run: | | |
| # Call the compile-all-examples.sh script to compile all the examples for each of the fqbn names in the local copy of board_list.txt | |
| echo "Current directory: $PWD" | |
| echo "ARDUINO_ROOT: $ARDUINO_ROOT" | |
| WOLFSSL_EXAMPLES_DIRECTORY="$ARDUINO_ROOT/wolfssl/examples" | |
| echo "WOLFSSL_EXAMPLES_DIRECTORY: $WOLFSSL_EXAMPLES_DIRECTORY" | |
| # Limit the number of jobs to 1 to avoid running out of memory | |
| export ARDUINO_CLI_MAX_JOBS=1 | |
| echo "Change directory to Arduino examples..." | |
| pushd "$WOLFSSL_EXAMPLES_DIRECTORY" | |
| chmod +x ./compile-all-examples.sh | |
| # The script expects all the examples to be in the current directory. | |
| # Along with ./board_list.txt from examples repo | |
| echo "Current directory: $PWD" | |
| echo "Calling ./compile-all-examples.sh" | |
| bash ./compile-all-examples.sh ./board_list.txt "${{ matrix.fqbn }}" | |
| popd | |
| # End Compile Arduino Sketches for Various Boards | |
| - name: Cleanup to Save Disk Space | |
| if: always() | |
| run: | | |
| echo "Disk usage before cleanup:" | |
| df -h | |
| echo "" | |
| echo "Cleaning up build artifacts and temporary files..." | |
| # Clean up Arduino build artifacts | |
| find ~/Arduino -name "*.hex" -delete 2>/dev/null || true | |
| find ~/Arduino -name "*.elf" -delete 2>/dev/null || true | |
| find ~/Arduino -name "*.bin" -delete 2>/dev/null || true | |
| find ~/Arduino -name "build" -type d -exec rm -rf {} + 2>/dev/null || true | |
| rm -rf ~/.arduino15/packages/esp32/tools || true | |
| rm -rf ~/.arduino15/packages/esp32/hardware || true | |
| rm -rf ~/.espressif || true | |
| # Clean up staging directories | |
| rm -rf ~/.arduino15/staging/* || true | |
| rm -rf ~/.cache/arduino/* || true | |
| # Clean up git clone of wolfssl-examples | |
| GITHUB_WORK=$(realpath "$GITHUB_WORKSPACE/../..") | |
| rm -rf "$GITHUB_WORK/wolfssl-examples-publish" || true | |
| # Clean up any temporary files in workspace | |
| find "$GITHUB_WORKSPACE" -name "*.o" -delete 2>/dev/null || true | |
| find "$GITHUB_WORKSPACE" -name "*.a" -delete 2>/dev/null || true | |
| echo "" | |
| echo "Disk usage after cleanup:" | |
| df -h |