Skip to content

Commit 9e86856

Browse files
committed
try this
1 parent 36b1a8a commit 9e86856

2 files changed

Lines changed: 4 additions & 56 deletions

File tree

.github/workflows/build.yml

Lines changed: 1 addition & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -54,62 +54,10 @@ jobs:
5454
echo "matrix=$(cat matrix.json)" >> "${GITHUB_OUTPUT}"
5555
outputs:
5656
matrix: "${{ steps.capture-matrix.outputs.matrix }}"
57-
build-only:
58-
name: "build ${{ matrix.builds.version }} ${{ matrix.builds.flavor }}"
59-
needs: matrix
60-
# lower perms, since this is not a job that needs to publish
61-
permissions:
62-
contents: read
63-
packages: read
64-
strategy:
65-
fail-fast: false
66-
matrix: ${{ fromJSON(needs.matrix.outputs.matrix) }}
67-
runs-on: "${{ matrix.builds.runner }}"
68-
env:
69-
KERNEL_PUBLISH: "${{ inputs.publish }}"
70-
KERNEL_VERSION: "${{ matrix.builds.version }}"
71-
KERNEL_SRC_URL: "${{ matrix.builds.source }}"
72-
FIRMWARE_URL: "${{ matrix.builds.firmware_url }}"
73-
FIRMWARE_SIG_URL: "${{ matrix.builds.firmware_sig_url }}"
74-
KERNEL_FLAVOR: "${{ matrix.builds.flavor }}"
75-
KERNEL_TAGS: "${{ join(matrix.builds.tags, ',') }}"
76-
KERNEL_ARCHITECTURES: "${{ join(matrix.builds.architectures, ',') }}"
77-
steps:
78-
- name: Harden the runner (Audit all outbound calls)
79-
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
80-
with:
81-
egress-policy: audit
82-
83-
- name: checkout repository
84-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
85-
with:
86-
submodules: recursive
87-
- name: install cosign
88-
uses: sigstore/cosign-installer@3454372f43399081ed03b604cb2d021dabca52bb # v3.8.2
89-
- name: docker setup linux-kernel-oci
90-
run: sudo python3 ./hack/build/docker-setup.py
91-
- name: docker setup buildx
92-
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3
93-
- name: docker login ghcr.io
94-
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3
95-
with:
96-
registry: ghcr.io
97-
username: "${{github.actor}}"
98-
password: "${{secrets.GITHUB_TOKEN}}"
99-
- name: generate docker script
100-
run: "./hack/build/generate-docker-script.sh"
101-
- name: upload docker script
102-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
103-
with:
104-
name: "build-${{ matrix.builds.version }}-${{ matrix.builds.flavor }}.sh"
105-
path: "docker.sh"
106-
compression-level: 0
107-
- name: run docker script
108-
run: sh -x docker.sh
10957
build-publish:
11058
# this job will publish images, and needs higher perms.
11159
# It may not be invoked by another workflow, only invoked directly
112-
if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch'
60+
if: github.event_name =! 'workflow_call'
11361
name: "build ${{ matrix.builds.version }} ${{ matrix.builds.flavor }}"
11462
needs: matrix
11563
# Higher perms, since this is publish

.github/workflows/test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,9 +4,9 @@ on:
44
push:
55
branches:
66
- main
7-
permissions:
8-
contents: read
9-
packages: read
7+
# permissions:
8+
# contents: read
9+
# packages: read
1010
# env:
1111
# TEST_MATRIX_SPEC: "only-latest:flavor=host,zone,zone-nvidiagpu"
1212
jobs:

0 commit comments

Comments
 (0)