format/payload: Allow verifying signatures without an unpadded size #688
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
# This allows a subsequently queued workflow run to interrupt previous runs, but | |
# only in pull requests. | |
concurrency: | |
group: '${{ github.workflow }} @ ${{ github.head_ref || github.sha }}' | |
cancel-in-progress: true | |
jobs: | |
build: | |
runs-on: ${{ matrix.artifact.os }} | |
env: | |
CARGO_TERM_COLOR: always | |
# https://github.com/rust-lang/rust/issues/78210 | |
RUSTFLAGS: -C strip=symbols -C target-feature=+crt-static | |
TARGETS: ${{ join(matrix.artifact.targets, ' ') || matrix.artifact.name }} | |
ANDROID_API: ${{ matrix.artifact.android_api }} | |
strategy: | |
fail-fast: false | |
matrix: | |
artifact: | |
- os: ubuntu-latest | |
name: x86_64-unknown-linux-gnu | |
- os: windows-latest | |
name: x86_64-pc-windows-msvc | |
- os: macos-latest | |
name: universal-apple-darwin | |
targets: | |
- aarch64-apple-darwin | |
- x86_64-apple-darwin | |
combine: lipo | |
# ubuntu-latest is not 24.04 yet and 22.04's qemu-user-static segfaults. | |
- os: ubuntu-24.04 | |
name: aarch64-linux-android31 | |
targets: | |
- aarch64-linux-android | |
android_api: '31' | |
steps: | |
- name: Check out repository | |
uses: actions/checkout@v4 | |
with: | |
# For git describe | |
fetch-depth: 0 | |
- name: Install qemu-user-static | |
if: ${{ contains(matrix.artifact.name, 'android') }} | |
shell: bash | |
run: | | |
sudo apt-get -y update | |
sudo apt-get -y install qemu-user-static | |
- name: Set Android temporary directory | |
if: ${{ contains(matrix.artifact.name, 'android') }} | |
shell: bash | |
run: | | |
echo "TMPDIR=/tmp" >> "${GITHUB_ENV}" | |
- name: Install cargo-android | |
shell: bash | |
run: | | |
cargo install \ | |
--git https://github.com/chenxiaolong/cargo-android \ | |
--tag v0.1.1 | |
- name: Get version | |
id: get_version | |
shell: bash | |
run: | | |
echo -n 'version=' >> "${GITHUB_OUTPUT}" | |
git describe --always \ | |
| sed -E "s/^v//g;s/([^-]*-g)/r\1/;s/-/./g" \ | |
>> "${GITHUB_OUTPUT}" | |
- name: Install toolchains | |
shell: bash | |
run: | | |
for target in ${TARGETS}; do | |
rustup target add "${target}" | |
done | |
- name: Cache Rust dependencies | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: ${{ matrix.artifact.name }} | |
- name: Clippy | |
shell: bash | |
run: | | |
for target in ${TARGETS}; do | |
cargo android \ | |
clippy --release --workspace --features static \ | |
--target "${target}" | |
done | |
- name: Build | |
shell: bash | |
run: | | |
for target in ${TARGETS}; do | |
cargo android \ | |
build --release --workspace --features static \ | |
--target "${target}" | |
done | |
- name: Tests | |
shell: bash | |
run: | | |
for target in ${TARGETS}; do | |
cargo android \ | |
test --release --workspace --features static \ | |
--target "${target}" | |
done | |
- name: End to end tests | |
shell: bash | |
run: | | |
for target in ${TARGETS}; do | |
cargo android \ | |
run --release -p e2e --features static \ | |
--target "${target}" \ | |
-- test -a -c e2e/e2e.toml | |
done | |
- name: Create output directory | |
shell: bash | |
run: | | |
rm -rf target/output | |
case "${{ matrix.artifact.combine }}" in | |
lipo) | |
mkdir target/output | |
cmd=(lipo -output target/output/avbroot -create) | |
for target in ${TARGETS}; do | |
cmd+=("target/${target}/release/avbroot") | |
done | |
"${cmd[@]}" | |
;; | |
'') | |
ln -s "${TARGETS}/release" target/output | |
;; | |
*) | |
echo >&2 "Unsupported combine argument" | |
exit 1 | |
;; | |
esac | |
# This is done to ensure a flat directory structure. The upload-artifact | |
# action no longer allows multiple uploads to the same destination. | |
- name: Copy documentation to target directory | |
shell: bash | |
run: cp LICENSE README.md target/output/ | |
- name: Archive executable | |
uses: actions/upload-artifact@v4 | |
with: | |
name: avbroot-${{ steps.get_version.outputs.version }}-${{ matrix.artifact.name }} | |
path: | | |
target/output/LICENSE | |
target/output/README.md | |
target/output/avbroot | |
target/output/avbroot.exe |